I’ve become a little more security conscious (make that crazy) these days with the proliferation of sophisticated scams and hackers. I want to set up a private home network so that when I connect to the internet via my service (Spectrum, these days), the data is already encrypted on the PHN before it gets to Spectrum.
I have what I consider sensitive information on my PC and I would prefer to make hacking it as difficult as possible (financial spreadsheets, passwords, bank account information, etc.). I access banks and my broker from this PC (and yes, I always use 2-factor authentication). My crypto coins (all $12.86 of it) is kept on my cell phone.
Has anyone created a private home network? If so, can you recommend a book or web site that shows you how to set one up (preferably in Private Home Networks for Dummies step-by-step style). Just saying.
Or, despite being a tightwad, should I just bite the bullet and hire someone who knows what they’re doing?
Just a thought, don’t keep passwords and account information on your computer? Every time that “helpful” window pops up asking if I want the computer to store a password I just typed, I refuse. Some day, someone is going to crack the file where the browser stores that information, but my little spiral notebook can’t be hacked remotely.
“don’t keep passwords and account information on your computer? Every time that “helpful” window pops up asking if I want the computer to store a password I just typed, I refuse.”
I follow the same protocol as you, but it’s still not “safe”. All of us can be certain that our SS# has been correlated with our name ( thanks, DOGE ), which can then easily be cross referenced to our address. With all of that, the hackers/thieves are in a strong position to do some damage. 2-factor authentication is a nice safety feature, but I have little doubt that hackers/thieves will figure out how to hijack your phone number, at least mobile #'s anyways.
I think it was intercst who had his IRA account hacked and woke up to find a huge chunk had been taken out without his permission or acknowledged approval. Luckily for him, he made regular log-ins to his account and caught it in time.
So I follow that protocol, also, regular log-ins to verify nothing has changed.
I’ve seen phone cloning or SIM cloning hijacking alerts several times. Apparently though… It’s not (yet) widespread?
Here a .gov site calls it Port Out Scam :
{ phone number?
Text messages are often used by banks, businesses, and payment services to verify your identity when you login or request updates to your account. This practice is often referred to as two-factor authentication. Savvy scammers know that by hijacking your mobile phone number they can assume your identity, intercept security protocols sent to your phone, and gain access to your financial and social media accounts.
The Porting-Out Scam: How It’s Done
One way to hijack your phone number is through a port-out scam. Mobile phone numbers can legally be ported from one provider to the next when you switch your phone service. Phone companies have established safeguards to protect this process, such as having account holders set up a PIN or a password they must provide when calling about their account.
To work around these protections scammers will gather personal information about their target online, combing through social media posts, or purchasing information from cyber thieves or hackers. With the right combination of personal information, such as address, birth date, PINs or passwords, and the last four digits of Social Security numbers, they may be able to con the victim’s phone company into believing the request to port out the number is from the authorized account holder. }
Ralph, great info, thanks for posting it.
I have gotten a few texts that wanted me to click on link embedded in text, under the pretext of the text originating from 1 of the financial service companies that I use. I never click on the text link. I go onto home computer and log in directly to the site. There has never been any type of issue or alert notification on the site, so I know the text was a scam.
Have also gotten “alerts” from Amazon about unauthorized charges, click on this link to deal with. Again, log in directly to Amazon account, and no false charges are there.
100% expect this to get worse, because of DOGE access to everything.
Thanks for the suggestion. I looked into it. Basically, a Private Home Network is considered a little more secure than a VPN. Also, every article I’ve read suggests not using free VPNs because they tend to track information to sell (no free lunch). NordVPN seemed to be highly rated, but it costs $$.
If I am unable to figure how to set up a secure PHN, I will probably go with the VPN option.
Nothing is 100% secure. I just hope the crooks keep going after the low hanging fruit first.
The big factor in the ACATs transfer theft was the fact that I check my US postal mailbox daily, and found that someone had opened a brokerage account with a Denver firm in my name. I immediately called them and got the Denver firm to close the account. Vanguard still let almost $900,000 leave my account, but the money got locked up once it arrived in Denver, and the hackers never got their hands on it. Make sure to check your physical mail.
I use ExpressVPN, yes it costs but it keeps my whole family safe. The company I used to work for had us use one at work all the time. Don’t use the free ones. Basically what it does is tunnel from your device directly through to wherever you are going to. Nobody can see inside the tunnel.
Yep that is true. You never know what will be broke. So I use 3FA and VPN’s but I can only try to be safe.
I got a piece of mail Saturday saying I have $900 in collection via PayPal. I have gotten two texts saying the same thing and ignored them, because, I figured “scam.”
PayPal has access to one of my credit cards, so there is no reason why I would have $900 worth of “something I bought and didn’t pay for”. More than that, I logged into my PayPal account and there is nothing I have purchased in the past 3 years (as far as they will let me see) that conforms to the $914 they say is “overdue.”
Weird that they would text me via phone, and also mail me at home, so more investigation is in order. I still think it’s a scam, but you never know. Maybe I was drunk one day and bought something, then bribed a PayPal employee to remove any trace of it, and not charge my card besides. I need Dick Tracy to help.
His 1Password account got hacked that gave them full access to both his personal and company systems…
I’ve had somebody manage to open a bank account in my name, I managed to catch it after seeing unusual activity in my email account.
“ An “email subscription bomb” or “subscription bombing” is a cyberattack where attackers flood an email inbox with numerous, often legitimate-looking, subscription confirmation emails to overwhelm the user and potentially mask malicious activity or critical alerts”
At first I thought it was normal spam but when each email thanked me for creating an account on their site, I tested one. I found an email from a company I knew and went directly to their site and did a “reset email” with the account name mentioned, not my email address. I received the reset email.
I kept filing away each email as I wanted to keep them but their were too many to deal with.. when I got to the bottom, I found 3 emails from a credit union confirming my new account. When I called them when the CU, they confirmed that an account had been open in my name with all my personal information (SS# likely leaked National Data Public breach). They did say that they had access to my email account as the forms were signed after they sent to my email.
My email security settings show no unusual access from locations and only from my personal devises in my possession. But I found my phone was hacked, had a usual phone number added to my account as well as an eSIM added that I never setup. That is still a mystery. I had recently changed to an Android and not sure how they were able to confirm a second phone number to my gmail account or add an eSIM. I ended up factory resetting the phone and going back to Apple.
So far haven’t seen any impact, managed to the bank account closed and locked every credit agency I could.
Chiming in, I’ve used PIA VPN for many years and have been happy with that service. It works flawlessly and is plenty fast. I hired someone to set my home up as a network years ago. The server computer was running linux and all my computers were windows. No longer on that system since I essentially have one desktop that I use at home and one tablet when traveling…doc
I get those pretty much daily (usually several of them). My e-mail system shows me where the original e-mail was sent–and it is always some weird domain outside the US (i.e., .jp, .de, .it, etc). So DELETE.
