Why you should care about the Yahoo breach


User names and passwords were not the only thing crooks stole during the massive Yahoo breach.  They also snagged the answers to challenge-questions for 500 million users.   If you ever used Yahoo mail, you are affected.

Challenge-question answers can be used by crooks to reset account passwords and gain access, sometimes without your knowledge.

Using the same answers to challenge questions at different web sites is common.   How many answers can there be to “Name of your first pet?” or “What’s your favorite color?”

Now the crooks may have the ability to gain access to your other accounts, not just at Yahoo.   

State Bank offers the following tips:

  1. Replace your challenge questions with text message authentication. With this method a code is sent by text to your phone, which must be entered to access your account.
  2. Some providers offer a mobile app that generates an access code. Use that option, as it provides better protection than a text message. 
  3. As always, be on guard for phishing E-mail and be careful what you click. If you get an E-mail from someone you haven’t heard from in a while, call the person before you click on any link or attachment to make sure he or she really sent it.

This is serious, folks.   The breach appears to have started late 2014.  Crooks have a long head start.

Read More

Topics: Fraud, Scam, Education

Help Desk Scam

Ransom Ware starts with Fake Windows Tech Support Call

"Your Windows computer is sending out error messages and we suspect that it has been hacked by the Chinese government".

That's what the fellow with an Indian accent told me when I answered my land line phone. He passed me on to his tech support team when I feigned concern over the matter.

"To prove that you have been hacked", the next person said, "press Windows + R on your keyboard (opens the Run dialogue box), type "eventvwr" and press the Enter key". That launched the Event Viewer that lists the warnings and errors generated inside a Windows PC. There are always a lot.

"Click on the Application link on the left", he said. The center window immediately filled up with a list of warnings. "There! Proof that you've been hacked. You must let me help you fix your PC".

The fellow urged me to type the following web addresses into the same Run dialogue box: He supplied me with a different address ( when I told him that Team Viewer site was unresponsive.

Both Teamviewer and Ammyy are legitimate websites that allow remote administrators to take control of a computer for diagnostic and repair purposes. In legitimate business situations, the user goes to the site and Joins a remote Control Session. This gives the remote administrator complete control of the user's computer, including the ability to install programs, erase files or browse the hard drive.

But this was not a legitimate call. It was an attempt to get my credit card money to remove a non-existent virus. Worse, the tech support imposter could have opened a backdoor to my computer to extract more money in the future. The caller cursed at me in a very un-Microsoft way when he realized that I was not taking the bait.

Ignore calls that your computer is sending out error messages. Microsoft employees do not make such calls and even if they did, they don't track error logs. Moreover, errors and warnings that appear in the Event Viewer are completely normal for any Windows PC and are not caused by viruses. The error-message scam has been going on for years by Windows tech-support imposters in an attempt to take your money. Don't be fooled.


Read More

Topics: Help Desk Scam, Fraud, Scam, Windows Tech Support Call, Windows

Scam of The Day

The scam: Consumers are being victimized by con-men who claim that personal bills will be paid by the Federal Government through a new economic development program from President Obama. There is no such program.

Read More

Topics: Fraudulent Charges, Con-men, Credit Card Fraud, Scamers, Security, Fraud, Scam

About SBSU

Hometown banking was established in southern Utah with the opening of State Bank of Southern Utah in 1957.

Hometown banking is important because people who live and work in southern Utah make the decisions. Bank employees and officers understand the banking needs of area residents because they are affected by the same economic climate. Find out what hundreds already know - hometown banking is better.

Visit us at

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all