3rd Compass -> Group News and Articles -> Internet Cybersecurity

Internet Cybersecurity
Make Comment
Minister Ty Alexander
(Ty Huynh)
  8/28/2022
It has come to my attention that criminals and “spoofers” or scam artists are using the 3rdCompass.org name in fake emails that appear to come from 3rdcompass.org to try and get login credentials and other information. This is a common ploy used by spoofers, so as with any emails, text messages, phone calls, instant messaging, or social media messages, use caution when you are asked for personal information or logins, even when it appears the message is coming from the authentic source.

You may not know that it is relatively easy for email scammers to fake the sender in email addresses. This does not require the sender’s account to be stolen, but only needs special computer email server or sending programs. Using customized or hacked email sending programs is likely how the spoofers sent the emails spoofing 3rdcompass.org that I know about.

This ministry will never send messages asking you for personal information, passwords, or other login information, so pay no attention to any messages asking for personal details or security information.

Tips for Cybersecurity
  • No matter where or how you get a message (email, phone, social media, etc.), don’t assume the sender is who they say it is. User accounts are often hacked, taken over, and used to send messages, which do appear to come from the person or organization you know because their email or social media account was taken over by a hacker.

    Email messages, though, can be faked, as I noted, without need to take over the sender’s account or computers. These messages appear to come from the actual person or organization even though it didn’t. With the right technical resources, it is just as easy to send fake emails as it is for criminals to copy, print, and send an envelope and letter that appears to be from an official organization.
     
  • Always examine links in messages before you use them. Be especially suspicious with messages that tell you to use a link to login or enter other personal information. Without getting into complicated Internet link protocol, it can be difficult for a layperson to identify if the link actually goes to the official website, but if you know the official website name, it should be near the beginning of the link.

    For example, 3rdcompass.org will be in any links given by this ministry, such as
    http://3rdCompass.org/g?POSTS-BY-TOPIC
    The complete site name, including the dot before org or com, must be in the link. You do not need to worry about capitalization of letters, as website names are not case-sensitive, so 3rdcompass.org is the same as 3rdCompass.org. However, any text after a website name may be case-sensitive, but that is not important for this discussion.

    Spoofers also try to trick people by using an official website in their own links, such as
    amazon.validate.com/login
    This link appears to be related to amazon.com, but the link would actually go to a subdomain for a completely separate website named validate.com

    Spoofers also use website names that include an organization name or use misspellings or nearly identical spellings of an official website. Examples of this are:
    amazon-validate.com/login, amason.com/login, amazon.au, amazon.net
    But even if you know how a link should be structured, sometimes organizations use “shortcut” links that don’t show the organization’s website in the link, so you can’t tell where the link actually goes unless you use it. In this case, I would not use a link from a suspicious email or message, because simply clicking on or using a link can get your computer or phone hacked, as some computer viruses and malware can easily spread just from viewing a webpage or using a link that is infected.

    This is why I recommend using quality Internet security and virus protection on computers.
     
  • Use Internet security and virus/malware protection on computers, tablets, and phones.
     
  • Make sure your computer, phone, and tablet system updates are installed when they become available.
     
  • Use strong passwords for your logins that do not use birthdates or other easily guessed words or numbers. Instead, use concepts or memories that are personal to you but are not publicly known, so that you can remember them easily, such as a hobby, favorite food, memorable moment, etc.
     
  • Use stronger and different passwords for accounts related to banking and financial services.
     
  • Use different passwords and limit personal information for accounts with companies based in countries with questionable governing authority. For example, governments run by authoritarian dictatorship authority, like China, Russia, and Iran, who can easily get access to an organization’s database should not be given the same passwords or full personal details that you use for your other accounts.

    Customer data given to organizations based in countries with corrupt governments will be at risk in coming times of war.
     
  • There is no completely secure Internet storage or "cloud" storage. As someone who spent most of their life in computer systems engineering and Internet engineering, I know the security and integrity of Internet storage is only as good as the company, organization, or person can or will provide, even if they advertise secure and encrypted data storage.

    All computer systems can be hacked into, as there are often break-ins at major companies where hackers steal customer information. Companies that keep social security numbers and other identifying information are often targets for hackers seeking profit from identity theft. I’ve seen data theft at credit reporting organizations, banks, and even major computer companies that are leaders in computer security and Internet storage, like Microsoft.

    All files and information you send over the Internet, whether it is through an encrypted service, connection, or website or not encrypted, ends up on computers that may not be secure and which are under the control of the people operating them. This is why I never store confidential files or use cloud back-up for my computer and other digital files, like documents. Anyone with access to the computers where files are stored for Internet or cloud storage can access your files.

    So even if a website or service uses SSL encryption, where you see “https://” before the website name in your browser, will not ensure data protection. Connection encryption, like SSL, only encrypts the information as it goes from your computer to the computer that stores your files and information. How the information is secured on other end will depend entirely on the organization’s computer setup and security measures.

    In the same way, email or file encryption services can be a waste of money because there is no way to completely secure messages or data from the sender to the receiver unless the information stays entirely within secured connections and secured computers.

NOTICE: The Times of Israel flagged and NOTE on https: 12/8/2023
When I opened an article from a Times of Israel email link today, my Internet security software flagged and blocked a malicious attack.

The Norton security details for the attack are:
IPS Alert Name: Malicious Site: Malicious Domain Request 22
Attacking Computer: 34.74.68.195 port 443
Attacker URL: https://trackmaster.cc
Source Address: 34.74.68.195
Notes: Network traffic from https://trackmaster.cc matches the signature of a known attack
The attack appears to come from a 3rd Party domain called trackmaster.cc which The Times of Israel may or may not be working with. A hacker could have inserted code into their website(s) and/or into the website(s) that The Times of Israel uses, such as for advertising and consumer tracking services. I notified their tech department already, but anyone who frequents their website, timesofisrael.com or affliated websites should take notice.

Note about HTTPS: SSL secured services
This attack came from an https: SSL secured website, which is port 443 in the attack details. This highlights that just because a website is https: secured (where web browsers display a locked padlock next to the website URL address), does not mean they are 100% secure. https secured only means that communications between your computer and the website host computer is secured and encrypted so that a third-party (hacker) listening in on your network, the website host's network(s), and every network in between (like your Internet service provider's) cannot get an unencrypted view of what is being sent to you or back to the website host computer, though they can still steal the encrypted data stream and try to decode it, which is very unlikely without massive computer resources or a viable quantum computer, which does not exist, though advances are coming quickly.

HTTPS: also helps to ensure that a hacker in between you and the host cannot take over the connection and change what is being sent to you, such as by spoofing a login or personal information request page so that you reveal important security information to the hacker.

HTTPS: cannot secure or prevent malicious attacks that come from a compromised computer, like we see here at the timesofisrael.com or the third-party web services their website uses.

What this means is, https: encrypted and "padlocked" websites are only critical to have with sites that deal with personal information and important resources, like a bank or health care system. Websites like for a trusted company that many people do business with also need https: encryption so that hackers do not steal customer information or spoof the company. Other websites don't really need https: encryption otherwise, unless personal logins are used or they are an attractive target for criminals.

3rdCompass.org did not have https: encryption for most of its years of operation and never got compromised by hackers even though attacks were discovered, such as one that tried to remove anti-abortion articles from the website. Their attacks failed because of this website's existing security measures which do not need https: to work.

The attack coming from The Times of Israel, though, should give you warning to use good Internet security software, like I recommend, and be more cautious with any website. Hackers are infiltrating web host and internal company computers more and more, so I again recommend using passwords and giving information to websites appropriately (see above), like only using your longest, most unguessable passwords for financial websites and using less secure or less important passwords and limiting personal information at websites run by questionable companies or countries.

Data Breach Notice 1/24/2024
Yesterday I learned of a huge data breach affecting customers from many major companies, including X (formerly Twitter), LinkedIn, Snapchat, Venmo, Adobe, MySpace, Deezer, Telegram, Dropbox, Doordash, Canva, Snapchat[1.1]. The report noted 3.2 billion user records were compromised, and today, I got notice from Norton Internet Security of the same data breach, though they put the total at 26 billion user records[1.2] which includes important identifying information like names and passwords. The breach includes data from old breaches as well as new. No information was given about dating for the newer breaches. Both sources recommend changing your passwords.


References
[1.1] Brooke Kato. "‘Mother of all breaches’ data leak reveals 26 billion account records stolen from Twitter, LinkedIn, more". New York Post. 2024 Jan. 23. Retrieved 2024 Jan. 24.
<https://nypost.com/2024/01/23/lifestyle/extremely-dangerous-leak-reveals-26-billion-account-records-stolen-from-twitter-linkedin-more-mother-of-all-breaches>

[1.2] Norton Internet Security email notice. "Massive breach leaks 26 billion records from new and previous breaches". Gen Digital Inc. 2024 Jan. 24.


DonorView organization compromised 3/5/2024
Yesterday, I got a spoof email that appeared to come from this ministry at 3rdcompass.org. This is not something new as criminals have been impersonating companies and organizations for a long time. I first reported about criminals spoofing this ministry to steal information in 2022 and have seen further attempts since then with faked sender information that make it look like emails came from this ministry. I wouldn't give an update on that, but the latest spoof is very concerning.

It uses a link in the email that goes to a company at donorview.com. I did not use the link as using links from hackers and criminals is risky, but I investigated DonorView and saw they seem to be a legitimate company that hosts donation services for charities. Even though their website and company looked legitimate, I knew the content could still all be faked, so I looked for reviews for them and found some negative ones that seem to point to a predatory company that promises much success to customers but does little to nothing for them after they get paid.

This too isn't new or something I would report online. The big problem is DonorView is a company that is hosting donation services for charities and non-profits, so they have access to whatever information the charities' customers give, like personal and financial information. And since I got this spoof email pretending to be from 3rdcompass.org with a link to renew authentication that actually goes to a donorview.com web page when this ministry does NOT use DonorView services, it could mean DonorView was compromised by hackers or a bad employee, or DonorView itself is run by criminals.

Another possibility is that criminals made spoofs using donorview.com to try and implicate or smear them. Whatever the case, I did not talk to DonorView about this because they could be run by corrupt people. This was reported to the FBI, though, and they will investigate and take whatever actions are needed with DonorView.

So be careful with DonorView hosted services if you see them or notice a nonprofit using them. Let the nonprofit know about this spoof that appears linked to DonorView, as well, so they can talk to them about their services.

And finally, I will remind that this ministry will never send emails or other correspondence asking for your personal information, passwords, or to login, especially at any website that is not 3rdcompass.org.



3rd Compass -> Group News and Articles -> Internet Cybersecurity


 


HomeTopicsArticlesArticlesPre-DestinedAid & AdviceInfo & ContactAccount SubscribeGive

FacebookWordpressYouTube


Copyright © 2009-2024. Christ Hephzibah Church.
All Rights Reserved. See Terms of Service...

3rd Compass is the operational name
for Christ Hephzibah Church.

Please cite any references you make
to material on this website.
Use the Cite button at right or click here
to get standard reference text.
Go to page top
Go to page bottom
Make Text Larger
Reset Text Size
Make Text Smaller
Cite This Material