upworthy
Family

How to protect yourself from phishing, from experts who deal with it every day.

True
Mozilla

Ever wonder what it's like to be hacked? Sarah Jeong did. So naturally, she decided to ask someone to hack her.

Jeong isn't just a random thrill-seeker — she's a respected technology journalist and lawyer, and she knew exactly what she was getting into when she recruited her friend Cooper Quintin of the Electronic Frontier Foundation to help her out. She wrote about her experience in GQ.

All it took was a couple of hours and some readily available tools, and Jeong joined the approximately 12% of the population who have fallen for a hack.

But even before she was successfully hacked — and don't worry, we'll get to that! — both Jeong and Quintin discovered some important truths about the world of online safety and what it takes to infiltrate it.

Here are just a few lessons from experts that we can all benefit from:

[rebelmouse-image 19531566 dam="1" original_size="2048x1536" caption="Photo by Blogtrepreneur/Flickr." expand=1]Photo by Blogtrepreneur/Flickr.

1. Most hacking isn't done by master "Matrix" coders.

For most people, "hacking" tends to evoke one of two images: a stereotypically out-of-shape nerd in their parents' basement or a sleek, leather-clad cyberpunk in a Guy Fawkes mask who moonlights as an extra on a Wachowski movie.

But in reality, most of what we call "hacking" is actually "phishing."  In fact, last year, then-Secretary of Homeland Security Jeh Johnson said that phishing is the threat his department fears most.

[rebelmouse-image 19531567 dam="1" original_size="1024x559" caption="THIS IS NOT WHAT HACKERS LOOK LIKE. Except when they do, which is sometimes. Photo by Vincent Diamonte/Flickr." expand=1]THIS IS NOT WHAT HACKERS LOOK LIKE. Except when they do, which is sometimes. Photo by Vincent Diamonte/Flickr.

2. Phishing is a type of scam that disguises itself as something trustworthy.

It can be an email, phone call, or text message, and it then tricks you into giving up your passwords, credit card numbers, and more. All it takes are some clever social skills plus some free online tools used by information security professionals that, technically, anyone can use. (A little coding knowledge doesn't hurt, though.)

3. Many hackers are savvier than you might think.

It doesn't matter if you have the best anti-virus software installed on your computer and run daily checks for malware along with Ghostery and ad block to keep your online browsing extra-safe. Don't get me wrong — viruses and malware are still dangerous. But phishing isn't about computers. It's about people. And that's a lot harder to protect against.

"Phishing isn’t (just) about finding a person who is technically naive," Cory Doctorow, a sci-fi author, journalist, and technology activist told Locus magazine.  As savvy as he is, even he fell for a phishing hack back in 2010. "It’s about attacking the seemingly impregnable defenses of the technically sophisticated until you find a single, incredibly unlikely, short-lived crack in the wall."

"It’s a matter of being caught out in a moment of distraction and of unlikely circumstance." In other words, it can happen to anyone.

[rebelmouse-image 19531568 dam="1" original_size="1200x624" caption="Smile! I'm stealing your identity! Image via Pixnio." expand=1]Smile! I'm stealing your identity! Image via Pixnio.

4. The terrible typos and grammar in some phishing schemes are intentional.

You're probably familiar with the classic "Nigerian prince" phishing scheme, where some kind of foreign dignitary emails you and offers you a ton of money to help facilitate the transfer of their new bajillion-dollar inheritance. You also probably know that these emails are famously riddled with grammatical errors and totally implausible premises.

What you might not know, however, is that these "mistakes" are done on purpose in order to target the most gullible people. That way, reports Business Insider, the scammers don't have to waste their time trying to persuade rational skeptics to give up their bank account information.

[rebelmouse-image 19531569 dam="1" original_size="1280x852" caption="Photo by Nate Grigg/Flickr." expand=1]Photo by Nate Grigg/Flickr.

5. To hack a specific person, all a hacker needs is social media.

You know those silly memes where you find your "porn star name" (or whatever) by using the name of your first pet and the street you grew up on?

Now think about those security questions you had to answer for your online bank account — things like, oh, the name of your first pet, the street you grew up on, or your mom's maiden name.

Yeah. See the connection there? If a hacker wants to social-engineer their way into your bank account, all they need to do is poke around your public accounts to find those little bits of information. These targeted attacks are called "spearphishing," and they're why Doctorow recommends that people "only use Facebook to convince your friends to communicate with you somewhere other than Facebook."

[rebelmouse-image 19531571 dam="1" original_size="1280x856" caption="Image from Pixabay." expand=1]Image from Pixabay.

6. Be careful what you open — even when it's sent by someone you know.

Jeong was hacked after she clicked on a malicious link made to look like it was sent from someone she knew.

To hack her, Quintin just had to scour Jeong's online presence until he found an acquaintance who could plausibly email her. He made a fake email address — using that person's real-life profile picture and everything — and that was all it took to get Jeong to give up her information.

Fake Google Docs scams, like the one she fell for, are increasingly common. In these cases, the target receives a phishing email that looks like a standard invitation to Google Docs sent from a trustworthy source — except that both the sender and the link are actually malicious frauds. This link will bring you to a landing page that resembles the standard Google password screen or bank login page you thought you were clicking on, and the hacker can use that to capture whatever password or personal information you enter into the false form.

7. Double-check your URLs.

Always make sure you're really on the website that you think you are before you enter any sensitive information.

How do you tell the difference? Generally speaking, the domain name should look like "[blank].google.com" or "bankofamerica.com/[blank]." If it's something hyphenated like "accounts-drive-google.com" or "boa-accounts-login.com," well, you should probably think twice about it.

(Another helpful tip is to look for SSL certificates, which usually appear as a lock or green text in your browser bar — but even that's not totally reliable.)

[rebelmouse-image 19531572 dam="1" original_size="1280x850" caption="What is real? What is fake? Image from Pixabay." expand=1]What is real? What is fake? Image from Pixabay.

8. You should definitely use two-step authentication.

I hate to break it to you, but your p@$$w0rd probably isn't very safe. The least you can do, according to CNET, is turn on two-step authentication. That way, every time you log in to an unfamiliar device, you'll get a text message with a secret code just to make sure it's you — because even if someone gets your password, they probably don't have your phone, too.

Unless they, um, literally walked into the AT&T store and charmed a sales rep into changing your phone number over to their phone. Which happens.

9. And use a password manager.

If you want to be extra extra safe, use a password manager such as LastPass, then set up a DiceWare password like "correct horse battery staple" (or some of these other great ones recommended by the Intercept) that are incredibly easy to remember but next-to-impossible for hackers or computers to crack.

[rebelmouse-image 19531573 dam="1" original_size="1280x959" caption="Image from Pixabay." expand=1]Image from Pixabay.

10. Remember the greatest flaw in your internet security is the trusting nature of other people.

A trusting customer service rep can easily compromise you without realizing it. Your friend who mentions you on Facebook can do the same.

Heck, my wife has a fairly gender-ambiguous name, and I can tell you from personal experience how easy it is to call up the bank and pretend I'm her — even when I have to charm my way around a security question about her high school mascot. Which, yes, I've done.

As Jeong wrote, "Successful social engineers are not just perfectly capable of interacting with human beings — they are talented manipulators who take advantage of our willingness to trust our colleagues, friends, and family."

"You can turn your digital life into Fort Knox and still be undone by an overly trusting salesperson behind a desk."

[rebelmouse-image 19531574 dam="1" original_size="1280x851" caption="Basic rule: Always look over your shoulder. Photo by Arthur Harry Chaudary/Wikimedia Commons." expand=1]Basic rule: Always look over your shoulder. Photo by Arthur Harry Chaudary/Wikimedia Commons.

There's no way to protect yourself from every possible online vulnerability. But that doesn't mean you shouldn't try!

As we've seen, the power of the internet can used for good or evil. All it takes is one trusting click, and even the savviest security professionals can find themselves compromised.

The best you can do is be smart and pay attention. A tiny bit of paranoid skepticism will save you a lot of time, stress, and energy in the long run, and that'll free you up to enjoy all the wonderful things that the internet has to offer. Trust me.

Pop Culture

Mom leaves a 'heartbreaking' gift to flight passengers sitting next to her baby

"That's a mom trying so hard."

@callmebelly/TikTok

An excellent reminder to show kindness and patience.

Listening to a baby cry during a flight might be aggravating, but it’s nothing compared to the moans, groans, and eyerolls that the baby's parents must endure from other passengers when it happens. No matter what tips and tricks are used to try to soothe a little one’s temperament while 30,000 miles in the air, crying is almost inevitable. So, while having to ease their own child’s anxiety, moms and dads also must suffer being the pariah of the trip. What a nightmare.

Recently, one mom was apparently trying so hard to avoid upsetting her fellow flight members that she went above and beyond to essentially apologize ahead of time if her baby began to cry on its first flight. It was a gesture that, while thoughtful, had folks really feeling for how stressed that poor mom must be.

In a clip posted to his TikTok, one of the passengers—Elliot—explained that the mom handed out small care packages to those nearby.

“She’s already so busy and took the time to make these bags for everyone,” Elliot said, before panning the camera to reveal a Ziplock bag full of candy, along with a note that made him “want to cry.”

The note read: “It’s my first flight. I made a deal to be on my best behaviour—but I can’t make any guarantees. I might cry if I get scared or if my ears start to hurt. Here are some treats to make your flight enjoyable. Thank you for being patient with us. Have a great flight.”

@callmebelly♬ BIRDS OF A FEATHER - Billie Eilish

Like Elliot, those who watched the video felt some ambivalence at the well intentioned act. Many felt remorse that she would feel the need to appease people in this way.

“This is so sweet but also … kind of breaks my heart that we live in a world in which parents feel the need to do that.”

“Because jerk people have shamed parents into believing that they need to apologize for their kids' absolutely normal behavior. What a gem of a mom.”

“You know that sweet mom worried about this trip so much.”

“That poor mom probably spent nights awake … nervous about that flight, thinking of ways to keep strangers happy.”

"That's a mom trying so hard."

Many rallied behind the mom, arguing that making others feel more comfortable with her child being on board was in no way her responsibility.

“No mom should be apologizing. Adults can control their emotions … babies not …. Hugging this mom from a distance.”

“Dear new parents: no you don’t have to do this. Your babies have the right to exist. We all know babies cry. We know you try your best.”

Luckily, there are just as many stories of fellow passengers being completely compassionate towards parents with small children—from simply choosing to throw on their headphones during a tantrum (instead of throwing one themselves) to going out of their way to comfort a baby (and taking the load of a parent in the process). These little acts of kindness make more of an impact than we probably realize. Perhaps if we incorporated more of this “it takes a village” mindset, flying could be a little bit more pleasant for everyone involved.

From Your Site Articles
travel
Joy

Teenage boy has perfect response when arrogant teacher refuses to believe his real name

He tried to explain his name and she gave him detention.

via Canva/Photos

A teenager has a real problem with his teacher.

As Dale Carnegie once wrote in “How to Win Friends and Influence People,” “A person’s name is to that person, the sweetest, most important sound in any language.” Understandably, people grow very attached to their names to the point that some studies suggest that names play a significant role in our destinies. In fact, people born with the last name Carpenter are more likely to become carpenters when they grow up.

So, it's no wonder people are sensitive about how others pronounce their names. When someone says your name wrong, it can feel very invalidating and make it look like they don't care. That’s probably why many people enjoyed a teenager's tale of getting sweet revenge on an arrogant teacher who refused to say his name correctly.

“My parents named me a shortened version of a posh-sounding name. For the sake of the story, let's say they called me Alex, which is short for Alexander. When this woman called my name, she would always use Alexander. I brought up to her that it was not my name multiple times and asked her to please call me Alex, as that's what my parents called me,” a Redditor shared on the Petty Revenge forum.

“She would always get angry and tell me, ‘Don’t be stupid, no one is named Alex. Your name is Alexander. Alex is just what you want to be called.’ No matter how much I insisted, she refused. At one point, she gave me a detention for asking her to call me my correct name,” he continued.

names, teacher, studentA teacher being stern with her student.via Canva/Photos

The name dispute got so heated that “Alex” was eventually sent to detention for arguing with his teacher. “When I told my parents I was supposed to have a detention for asking my teacher to call me the right name, they were unhappy. So they gave me a trump card to use against her: my birth certificate,” “Alex” wrote.

The next day, the teacher called him Alexander during roll call, but this time, he had the perfect ammunition to fight back: a legal document. “The next day, when she called my name, I once again told her that it wasn't my name. She threatened me with another detention, so I pulled out the birth certificate, put it down on her desk, and said, ‘My birth certificate says my name is Alex, so that's what you will call me. Thanks,’" "Alex" recalled. “The look on her face was priceless, and she started calling me my actual name for the rest of the time I was in her class.”


A person in the comments shared a similar story; this time, it was with the name Joey. “I know someone who on their birth certificate is Joey. The exact same thing happened to him. The teacher kept calling him Joseph, but he refused to answer. After a week, she called his mom and said something along the lines of: tell your son when someone calls him by his proper name, he needs to respond and not be disrespectful to his teacher. The mom questioned what name she was calling him, and she told her. Well, that mother went up one side of her and down the other. Why would I call him Joseph if we would call him Joey? We named him Joey, and that’s what is on his birth certificate. This was back in the ‘80s.”

It’s strange that the teacher went out of her way to call the kid the name she preferred over his wishes. Even if his real name was Alexander, what’s wrong with referring to someone by their chosen name? Brandishing his birth certificate as “Alex” may have felt like sweet revenge for the teenager, but it also shows the teacher and the class an important lesson on why it's important to listen to others.

From Your Site Articles
names
Science

Innovative farm in Virginia can grow 4 million pounds of strawberries on less than one acre

This method uses 97 percent less land and up to 90 percent less water than conventional farming.

Photo credit: Canva

A new way to grow strawberries with less land, less water, and more berries.

Strawberry farm harvests aren't something most of us calculate on a regular basis (or ever at all), but the numbers from a strawberry farm in Richmond, Virginia, are staggering enough to make it worth an old-school word problem. If the average American eats 8 pounds of strawberries a year, and an average strawberry farm yields approximately 20,000 pounds of berries per acre, how many people could a 200-acre strawberry field feed?

I won't make you do the math. The answer is 500,000 people. But what if a crop that size, providing enough strawberries for half a million people, could be grown on just one acre instead of 200? It's possible. You just have to go—or rather grow—up, up, up.

Indoor vertical farm company Plenty Unlimited knows a lot about growing up. In fact, it's their entire business model. Instead of the sprawling fields that traditional farming methods require, vertical farms have a much smaller land footprint, utilizing proprietary towers for growing. Plenty has used vertical farming methods to grow greens such as lettuce, kale, spinach and more for years, but now it boasts a vertical berry farm that can yield a whopping 4 million pounds of strawberries on a little less than an acre.

Growing indoors means not being at the mercy of weather or climate inpredictability (barring a storm taking out your building), which is wise in the era of climate change. Unlike a traditional greenhouse which still uses the sun for light, Plenty's indoor vertical farms make use of the latest technology and research on light, pinpointing the wavelengths plants need from the sun to thrive and recreating them with LED lights. Plenty farms also don't use soil, as what plants really need is water and nutrients, which can be provided without soil (and with a lot less water than soil requires). Being able to carefully control water and nutrients means you can more easily control the size, taste and uniformity of the berries you’re growing.

If that sounds like a lot of control, it is. And that idea might freak people out. But when a highly controlled environment means not having to use pesticides and using up to 90% less water than traditional farming, it starts to sound like a solid, sustainable farming innovation.

Plenty even uses AI in its strawberry farm, according to its website:

“Every element of the Plenty Richmond Farm–including temperature, light and humidity–is precisely controlled through proprietary software to create the perfect environment for the strawberry plants to thrive. The farm uses AI to analyze more than 10 million data points each day across its 12 grow rooms, adapting each grow room’s environment to the evolving needs of the plants – creating the perfect environment for Driscoll’s proprietary plants to thrive and optimizing the strawberries’ flavor, texture and size.”

Plenty even has its own patent-pending method of pollinating the strawberry flowers that doesn’t require bees. Even just the fact that this enormous crop of strawberries will be coming from Virginia is notable, since the vast majority of strawberries in the U.S. are grown in California.

strawberry fieldTraditional strawberry farming takes up a lot of land.Photo credit: Canva

Plenty's Richmond farm is currently growing strawberries exclusively for Driscoll’s.

“Partnering with Plenty for the launch of the Richmond Farm allows us to bring our premium strawberries closer to consumers in the Northeast, the largest berry consumption region in the U.S.,” Driscoll’s CEO Soren Bjorn said in a press release. “By combining our 100 years of farming expertise and proprietary varieties along with Plenty’s cutting-edge technology, we can deliver the same consistent flavor and quality our customers love — now grown locally. This new innovative farm is a powerful step forward in continuing to drive category growth in new ways for our customers and consumers.”

Is Plenty’s model the farm of the future? Perhaps it’s one option, at least. The more we grapple with the impact of climate change and outdated, unsustainable farming practices, the more innovative ideas we’ll need to feed the masses. If they can get 4 million pounds of strawberries out of an acre of land, what else is possible?

From Your Site Articles
agriculture
Education

'Supercommuter' mom takes a flight to work every day because it's cheaper than living there

She says a 40 minute flight is well worth it financially and emotionally.

Photo credit: Canva

Crazy that she ends up with MORE free time.

Would you commute to work on a plane every day to save money? For Racheal Kaur, a mom who lives in Malaysia, it was a no-brainer. In a recent interview with CNA Insider, Kaur shared how she takes a 40-minute flight from Penang to Kuala Lumpur every single day of the work week, and claimed that being a “supercommuter” isn’t only more cost effective, but also provides more work-life balance.

To get to work by 9am, Kaur gets up and out of the house well before dawn, leaving her house by 5am, and boarding on a plane by 5:55am and arrives in the city with a little over an hour to spare. She then flies for around 40 minutes (enjoying what she calls her “me time”) then repeats the process to get home. Every day, Monday through Friday.

While unconventional, Kaur told CNA Insider that this schedule actually has time to spend with her kids, aged 12 and 11, at night, and even “help with any last-minute homework,” which she feels is “everything” as her kids grow older.

- YouTubewww.youtube.com

From a cost perspective, Kaur apparently pays $223 a month for her current mortgage in Penang, whereas living in Kuala Lumpur would cost around $340 per month. And while Kaur pays out of pocket for her flight, she does receive a discount, and pays the equivalent of $11 USD a day. Overall things even out, and she’s even able to save money.

While this strategy can occasionally get tricker during busier times of the year, since commercial passengers take priority, Kaur assures that considering everything, it’s all “well worth it.”

Previously, Upworthy had highlighted another supercommuter—a student at Berkeley who flew from Los Angeles to the infamously expensive city of San Francisco for class three days a week, using various frequent flyer miles/points from credit card sign up bonuses he had accumulated over the years.

And while this strategy certainly works for some, it might not work for everyone. Steve Kass, a writer for Fast Company and fellow supercommuter, suggest to ask yourself the following questions before committing to the frequent flier lifestyle:

  • Can you handle less downtime?
  • Will it disrupt your sleep schedule?
  • Are you healthy enough to handle the physically demanding task of traveling?
  • Obvious, but important one: is this financially feasible long-term?
  • Do you love your job? If it’s rewarding, the sacrifice feels worth it, Kass says.
  • Can you see yourself doing this long term? If not, is there a deadline you can create for yourself?

And even if this ends up not being a viable option for you, stories like these are good reminders that you really can can forge a lifestyle that meets all your needs, especially if you conjure up a little creative thinking.

From Your Site Articles
work
Humor

DoorDash drivers are spilling the tea after mom finds out weird way her 12-year-old gets food

"We listen and we don't judge."

Photo credit: Canva

DoorDash drivers spill about teens' weird delivery instructions

Sometimes you want a little midnight snacky-snack and nothing in the house sounds good, so you DoorDash something tasty before bed. This is something that has become fairly normal in American society since the food delivery option has become available. But when people order a late night treat, they're typically waiting in close proximity to the front door so they can quickly grab their food.

But it seems that's not always the case for everyone that anxiously awaits their food delivery. Claudia Mercer recently learned that her 12-year-old son has been sneaking food through his bedroom window via DoorDash. The mom comes to this realization after reviewing her security footage only to see a car pull into her driveway and a man carrying a bag cut through her grass to get to her child hanging out of his bedroom window.

Mercer uploaded the video to social media where it has more than 700k views, and while her son's late night antics are certainly giggle worthy, the comment section was full of food delivery stories. DoorDashers flocked to the video to spill all the tea on their strange delivery requests.

@claudiamercer5♬ Stealthy mischief(1088178) - KBYS

If you've never ordered from DoorDash, you may not be aware that there's a section for instructions before you complete the order. The instructions box is supposed to be used to tell drivers to leave the food on the table instead of the welcome mat, or to place it inside the cooler next to the front door. But it turns out some people get a bit creative with their instructions when they're attempting to sneak food in their homes, offices or other venues where they don't want others to know.

These DoorDash drivers take their job as seriously as therapists take their HIPAA requirement. They are listening to the instructions given and not judging anything requested because whatever comes through that app is between you and your dasher. No need for the other folks around to know you're eating a second dinner, that's your business, DoorDash is just following directions.

Sneaking Gerry Dee GIF by CBCGiphy

One delivery person shares, "Delivered pizzas to a basket hanging from a second story window once. Cash and tip was in it so I sent them up."

Another DoorDasher writes, "Yep as a Dasher, I have delivered like that before. I had a kid that asked me to deliver it through his window because he didn’t want to eat with[sic] his mom was making for dinner."

Someone else laughs, "As a doordasher. I saw a kid jumped out of a window to come get his food, the directions read “turn off lights and do not get out of the car. Call when you get close” we listen and we don’t judge."

Delivery Dashing GIF by DoorDashGiphy

Seems like kids are sneaky little people as there seems to be a bit of a pattern here as one person admits, "I had a kid tell me how to avoid the camera and wait until his mom left. I felt like a private detective ninja."

Asking someone to fake being a relative is a next level request, "Once I had a kid make me pretend to be his aunt and drop off his food at school."

"I had to door dash for a family. wife told me to hide her milkshake. bc she didn't want to share it with her family. lol," one person shares.

Hungry Amazon Prime GIF by primevideoinGiphy

"I delivered to some teens a few weeks ago. They asked me to deliver to a window behind the bushes so their parents wouldn’t see," a driver adds.

Clearly the DoorDash drivers are only concerned about you getting your food no matter where they need to sneakily drop it off. Hide it under a bush, cool. Put it in the basket hanging from a rope from the second story, no problem. Drop it off behind the school close to the gate, absolutely. They are here to make sure you don't go hungry or have to eat your mom's broccoli casserole and they're doing it without judging. But if you have your dasher going through Indiana Jones level adventures to drop off food, maybe leave them an extra tip for their dedication to your order.

From Your Site Articles
doordash
Trending Stories