This is a real life example of the risks we all take… we make no judgement, BUT….
Lauren got an email a couple of weeks ago from alejandracarolina1992 @ a popular general email address. It read:
Subject: Helping boot-it.org.uk’s users creating better, stronger passwords
Hi there ,
I was reading your page here: boot-it.org.uk/passwords/, when I saw you mentioned howsecureismypassword.net.
I’ve found this tool quite helpful, and I’ve used it to create a lot of passwords.
But I recently stumbled across a new tool that really changed my world.
Basically, I can enter a password I want, click the “fix” button, and it adds characters to it to make it stronger. So, it’s still like my original password (easy to remember), but with additional stuff to make it hard to hack. The passwords the tool creates just “make sense.” It’s hard to explain – you’ll see what I mean if you try it out. 🙂
Here it is: https://www.safetydetective.com/password-meter/
I’m pretty sure your readers would like to know they can finally create strong passwords that are easy to remember, if you decide to share this tool too ?
Looking forward to hearing from you soon,
Alejandra
So, it looks pretty straightforward and honest, but before accessing it, a couple of quick checks might be useful…
Firstly, is the domain valid. I went to: http://whois.domaintools.com/ and entered the domain safetydetective.com
The resuts of that were very straightforward and it looked OK.
Then I went to: Kaspersky Virusdesk and did the same. Again, the results looked fine.
Finally I went to Google’s Safe Browsing Site Status and entered the URL. Google didn’t find any problems with the site.
So, I then went to the website and this is what came up on my computer:
So I tried a different browser and got this:
So then I did a google site search for Alejandra by going to google.com and typing this into the search box: site: www.safetydetective.com alejandra and got this result:
Your search – site:www.safetydetective.com alejandra – did not match any documents.
- It does not appear that this person works or has a relationship with this website.
- So, this can only be a random person or fake person.
- Searching the name finds loads of Spanish speaking people, but the use of English in the email is very good.
- Using a portable device (phone or tablet) and looking at the website of these devices doesn’t flag up any issues.
- but the link page is asking you to put in your password details
- and the email address was not from the website
- however, I do have a very paranoid antivirus program
SO WHAT DO YOU DO?
- Best option: ignore it.
- Next best option: reply to the email from a non important email address (i.e. one that you don’t use for anything important and doesn’t link to any of your personal details) asking who they are.
- Least worst option: try the link on a device that doesn’t have any of your personal details on it
- Worst option: try the link
- Very worst option: try the link and put in a real password
- Whatever, run an antivirus and malware scan after you’ve done anything.
No comments yet.