I’ve just spent a good part of yesterday afternoon changing the passwords to my blogs and my online accounts like Twitter, Facebook, YouTube, and others. I’ve got a lot of accounts so this took some amount of time to complete. Was it a big pain in the tail? Yup. So why do I do it? Because it’s a good way to keep your information online secure. Lots of people are reporting that their Facebook and Twitter accounts are getting hacked and one way to avoid that is by frequently changing your passwords. Yes, it’s a pain, but it’s an even bigger pain cleaning up the mess caused by someone hacking into your account.

Another thing to remember. Don’t use the same username and passwords for everything. Yes, having everything the same makes it easier for you to remember your password. It also makes it a lot easier for a potential hacker to hack into all of your accounts.

You also want to make sure that you create a password that is harder from people to guess. Adding a combination of letters, numbers and symbols always helps. You can check out a previous post I did on how to create a secure password.

If you have a lot of passwords, you can try organizing them by using a password program like RoboForm if you are a PC user. I use a simple spreadsheet that I store on a thumb drive that I keep locked up. I only take out the thumb drive when I need to remember a password that I’ve forgotten. RoboForm also works on a thumb drive as well.

So, take some time to mix up the passwords to your online accounts. You’ll save yourself some heartache later.

I get these letters around the same time every year. If you own a domain name you’ve probably gotten these letters too. Letters from domain name companies that remind you that it’s time to renew your domain name…that it’s important to renew today or else you’ll lose your domain name forever. The trouble is that these letters usually aren’t from your domain registrar.

So what’s going on? What these “companies” do is they mail out official looking letters to people who own domain names and all of the letters contain some language about how your domain name is expiring and you need to renew your domain immediately. At best, they’re trying to trick you into switching your domain to a different registrar and usually at a much higher fee. For example, one of these companies would have me paying $30 per year per domain name! I only pay about $9 per year from my domain registrar.

At worst, they’re trying to sell you some type of non-existant service that has nothing to do with renewing your domain name at all. In this instance, the letter will talk about domain name registration, but if you look at the fine print, you’ll see that the “service” you’re signing up for is for “search engine optimization”, getting listed in a web directory, or something along those lines. So if you pay them money, you still haven’t renewed your domain name and you’re out the fee you paid the scammer.

So how do you avoid this scam? Here’s a few tips:

• Keep track of all your records- You should print out and keep any records that pertains to your domain name and your domain name registrar. A lot of people get confused because they don’t keep this information. Plus, know when your domain name is up for renewal and put a reminder for yourself on your calendar.

• Keep your contact information at your registrar up-to-date- In many cases, your registrar will email you when your domain name is up for renewal. Be sure that your contact information at your registrar is up to date so you won’t miss these reminders.

• Opt for automatic renewal- If you’re afraid that you might forget to renew your domain name, opt to have your registrar renew your domain name automatically. When it’s time for your domain name to be renewed, your domain registrar will bill the credit card they have on file for that particular domain name. Also if you know that you’re going to keep your domain name for a while, you can register it for more than a year at a time.

• Read the fine print- If you get one of these letters and you’re not sure if it’s from read the fine print very carefully. If the letter refers to “transferring and renewing” or “transferring your domain name” that means that they’re not your registrar. Throw these letters in the garbage.

• When in doubt, look up your Whois record- If you don’t know who your registrar is, look it up by finding your Whois record. Whois records are like property deeds for domain names. They have information on who owns a domain, what hosting company it resides on, and what domain company it is registered at. If the company name on the letter doesn’t match the registrar name on the Whois record…toss the letter. To check your Whois information go to: http://www.whois.sc/
  This information is free and readily available.

Here’s a couple more tips on how to avoid spam from your website. Some spammers will do what’s called a “directory harvest attack” (DHA). That is they’ll send spam by “guessing” at common versions or usernames combined with your domain name, such as jane@janepotmaker.com, jane.doe@janepotmaker.com, janedoe@janepotmaker.com, info@janepotmaker.com, or support@janepotmaker.com. When the spammer finally hits on an a valid email address, that is when an email address is not rejected because it doesn’t exist, they’ll add it to their list of spam email addresses.

So how do you avoid this version of spam harvesting?

1. Create a unique email address- If you can, try to stay away from some of the more common versions of email addresses such as:

• firstname.lastname@yourdomain
• firstinital.lastname@yourdomain
• firstname_lastname@yourdomain
• firstnamelastname@yourdomain
• firstnamelastinital@yourdomain
• info@yourdomain
• support@yourdomain
• sales@yourdomain

Try to create a email address that’s harder to guess…like an email address that contains a combination of letters and numbers, such as jdp081999@janepotmaker.com.

2. Turn off your “catch-all” email feature- If your hosting service offers what’s called a “catch-all” mail feature, which means that that email that’s addressed to anything ending with your domain name…make sure that it’s turned off. Since anything that’s addressed to your domain will be seen as valid, that means that leaving that feature on is just going to bring an avalanche of spam from spammers using the DHA technique. Turn it off!

I’ve been hip deep in code for the past few weeks. I am in full web design mode now as I’m trying to finish up the mass overhaul of my jewelry website. It’s a big job, I’ve outlined what’s wrong with my old site and how I plan to fix it in this video and this video. I’ll be releasing a couple more makeover videos as the launch date gets closer.

One minor update I’m doing to my website is that I’m changing the way that I display my email on my websites. On my old site, I simply have the web address out there with a simple “mailto:” link so that when someone clicks on my email address, they can send me an email straight from my website.

While it was quick and convienient for my visitors, the downside was that I now regularly get anywhere from 50 to 200 pieces of spam email a day at this address. Why? Because email spammers use these really evil little automated programs called “harvesting bots” that do nothing but crawl through web pages, forums, and other public pages on the Internet and gather email addresses that appear on those pages.

So if you post your email address as janepotmaker@janepotmakerdesigns.com on your website, one of those harvesting bots can visit your site, scoop up your email address and boom! Suddenly you’re a target for spammers.

Fortunately, there are several ways to fight this:

My mom passed along this tidbit to me…

Apparently there is a virus going around the Internet that’s passed along via email. The subject line of the email will say that you’ve received a postcard from a family member. It will then include a link to the fake postcard which is actually pointing to a malicious virus.

There are several variations on the subject line including:

• You’ve received a greeting card from a school-mate
• You’ve received a greeting card from a class-mate!
• You’ve received a greeting card from a partner

…and so on.

Find out more about this virus on the Urban Legends Reference Pages at:
http://www.snopes.com/computer/virus/postcard.asp

Plus, if you want to brush up on email safety, read my past post Avoiding Phising Scams for some basic email security tips