19 Oct 2018 – Termly Email: Intro from Jen, Phishing/Bitcoin emails, How to help avoid thefts

Dear all –

Welcome to those of you who are new! Hello again to those I’ve met before (You all can skip point 0 if you like). :)  I thought I’d give you a little while to settle in before writing you an essay… (Important things below are in bold as a tl;dr.)

0 GENERAL INTRO) I’m Jen and I’m your Faculty Computer Geek. *waves* My office is on the first floor of the English faculty building (EFB), through the red door and down the corridor until you reach the kitchen. I’m on the right. Usually, you should go to your college IT Office for help, but for anything faculty-computing-related or, if your college IT office doesn’t have much time to help, you can come to me. I can’t guarantee I will be able to help with personal machines, but if I have any free time, I will at least try. I can also offer advice on purchasing new computers and also with software. Just drop me a line on computing@english.cam.ac.uk

You can find the Faculty’s IT Office web site at: <https://www.english.cam.ac.uk/computing/> (I try to keep it up-to-date, but often that’s dependent on how busy I am!) and we have an IT office Twitter on @FacEnglCO  It’s mostly mega-geeky retweeted content about Raspberry Pis, but occasionally I may tweet pictures of my cats. (I haven’t yet, but I MAY.)

I will try not to bother you too often with emails because I know you get a million of them, especially this time of year! However, there are a few things I wanted to be sure you know about and this is the easiest way to talk to all – a thousand of you? – without having to stand up on a stage.

Which, you know, I’m perfectly willing to do, but I’d have to manage to get you all in one place at the same time… ;)

Anyway: Important things. Yes. And sorry for the goofiness. (Not really…)

1: SCAMS AND PASSWORDS) I’ve just had a very interesting email in which the subject contained one of my old passwords that had been involved in a data breach several years ago. This message was trying to get me to buy bitcoins and send them to the sender’s account or they would *gasp* EMBARRASS ME WITH MY (fake) WEB HISTORY. And <sarcasm on> obviously, I should do it because they had my password<sarcasm off>. To be fair,  I recognised it as one of my old passwords and that was sort of scary, but the important thing is that I recognised it as an old one that I don’t use any more. This scam is a rehash of an old scam and can be safely ignored.

It does remind me of a resource you may not be aware of, though, and probably should be. It’s a web site called “Have I Been Pwned?” <https://haveibeenpwned.com/>   You go to the site and type in an email address and it will tell you if that email address has been involved in a data breach. Almost everyone’s has! Do not necessarily be worried if you get some hits on data breaches. The important thing is to look at the date of the breach and the email address you were using and, if you haven’t already, please change your password there and ANYWHERE else you may be using the same username/email and password combination. A breach can’t do much to hurt you if you don’t use that password anywhere any more.

A useful site, I’ve found, for helping to come up with a good password is called ‘Use a Passphrase’ <https://www.useapassphrase.com/> The really cool thing with this site is that you can safely type in any password and it will tell you how long it would take to crack it (the one in the scam email I got would have taken 16 milliseconds. Ahem. Times have changed).  It will also present – by default – a series of four words you can use as a passphrase. I just hit ‘generate new passphrase’ until I like what I see or it gives me an idea of something to try. For the geeky amongst you, it doesn’t transmit any data over the web: all the checking is done in your browser window, locally.

Another important thing to remember along this line is that if you ever get an email in your inbox that you’re uncertain about, you can always send it along to me and I’ll check it out for you. I will never be too busy for that, so don’t ever feel like you’re going to be a bother. :)

2: KEEPING YOUR STUFF FROM GETTING STOLEN) Every couple of years, someone has a laptop or bag or wallet stolen from either the English library or the social space downstairs because they think the building is a safe place and they leave their things alone. It’s important to remember that this is not the case, even in the library. It’s usually safe. It’s usually secure. But things slip through and we can’t vet everyone who comes through the door.

There are a couple of things you can do to protect your stuff, though: If you have a laptop, the library have a few laptop locks you can borrow and so do I here in the IT office. Even if you just put it around the leg of the table and lock it to your laptop, it’s still going to deter most opportunistic thieves. The second thing you can do here is: bother your neighbour. If you need to step away to grab a book really quickly or get a coffee, especially if you’re sitting by the big windows on the ground floor in the library, just ask your neighbour to keep an eye on your things for a minute. This is important: don’t just assume they will have noticed you and then notice if a stranger picks up your computer and walks away. Most people have tunnel vision when they’re concentrating. If you make yourself known, then that person WILL usually look up when someone walks up to your seat and they’ll notice if it isn’t you (and [don’t try this at home] please – pleasepleaseplease – don’t chase down a would be thief. Look hard at them. Get a description you can give to someone. Don’t try to rescue a laptop. Your life and health are worth much more!)

Last year and the year before, I believe we were theft-free. I like to think my reminder emails help. ;)

That’s it! Thanks for sticking with me. :)