Defense Against Crime


Spotting a FAKE e-mail from PayPal.

Filed under: Cyber Crimes,Phishing — peppereyes @ 11:00 AM
Tags: ,

Phishing takes on many forms.  One method used by cybercriminals is to send an official-looking e-mail from a financial institution you may use.  Some of these are Bank Of America, Wells Fargo, PayPal, and others.
The goal is to get you to panic and click on their link and enter your login credentials so that they can capture them so that they can then log into your account and cause mischief.

They way they get you to panic is by either saying that something is wrong with your account and it will be closed or deleted unless you verify or that some random amount has been withdrawn from your account.

First, I will say that if your financial institution has a way to send you a notification for large transactions, please turn this on.

Secondly, If your financial institution has Multi-Factor Authentication, please turn it on so that it’s harder for a hacker to access your account.

With all the rash of data breaches, you need to take advantage of every security countermeasure available.

Now the other day I received this e-mail in my inbox.


For all-purpose, this LOOKS like a real e-mail from Paypal.  EXCEPT for the links.

One of the easiest ways to discover that this is a Phishing e-mail is to hover your mouse over the links.

The links are not to PayPal .com but they are linked to

You should always validate links before you click on them.


  • Verify the e-mail
  • Log into your account by typing the URL in a browser to verify your account has NOT been hacked, or that no money was removed.
  • If you want to you can report the e-mail
  • Delete it and make it as spam.

Onyx Knight Enterprises is dedicated to providing you useful and informative data to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  In today’s society, being equipped mentally and physically is no longer an option. – Victor Swindell


Password Correct..Access Granted

In this digital age, almost all of us are using a computer to access messages, social media cyber thief-hackernetworks, manage some aspects of our financial life, some other aspect of personal computer usage that puts aspects of our lives open to someone who has the key. I usually tell people not to hide their residence keys in obvious places, like under the welcome mat. The same common sense should be used is hiding the digital keys to the virtual residences of our lives. How safe would you feel is a crook has the keys to your house? The same sense of security should be taken when it comes to wanting to secure. One of the sad things is that we can unknowingly tell clues about our lives online in places like Facebook, or blogs, or that a thief can use to help him figure out possible passwords. If any of you have seen the 1983 movie War Games, you may remember that the Hacker was able to gain access to the system, by figuring out that the programmer used the name of his dead son as his backdoor password.

To highlight the necessity of securing your digital life should be news story accounts of security breaches at Abbot Labs,  IBM, Sony, Booz Allen Hamilton, Fox News, NBC, New York Times, Apple, Microsoft, Facebook, Twitter, Linkedin, the US Government and hundreds of other companies. These stories have exposed how insecure or unprepared these major websites and companies, to which consumers like you and I entrust their personal information really are. While we expect some level of security at a corporation, ultimately, your security is your responsibility. Unfortunately one of the side effects of this is that these stories have exposed, is just how helpless we can be. Close examination of a sample set of 40,00 username and passwords out of a sample size of over a million have revealed some interesting results.

Some analysis results:

  1. The analysis showed about 50% of the passwords are less than eight characters long. Eight characters are considered, the minimum length you should even consider when choosing a strong password.  (These passwords only take less than a minute  for a PC to crack) 2. Only 4@ percent of the passwords analyzed used at least makes use at least three of the four character types (Upper case letters, lower case letters, numbers, special characters like #|*. The vast majority only used one character type, such as all lowercase letters or all numbers.  (These passwords only take about 3 days for a PC to crack) 3.. Over 33% of the analyzed were not a random character like “qp}Edhg!13evTOI” rather than “ILikeSpock”. These analyzed passwords could be found in a common password dictionary. The most frequent passwords use included: Seinfeld, password, 123456, purple, princess, Maggie, peanut, shadow, ginger, Michael, Buster, sunshine, trigger, cookie, George, summer, Taylor, Bosco, abc123, Ashley, and bailey.  (most of these take less than a second for a PC to crack, ‘IlikeSpock’ takes about a year) 4. 67% of users had the exact same username/email and password on different systems used the same password on both systems. BAD BAD BAD

6 Simple Rules for some great passwords

  • NEVER choose passwords less than 8 characters long and that is made up solely of numbers or letters. Use letters of different cases, mixtures of digits and letters, and/or non-alphanumeric characters. The longer a password the better so strive for passwords over 8 characters long. If some systems limit the numbers of characters. It’s doesn’t have to be complex as “Picard-Delta-47-Alpha-21” or “173467321476C32789777643T732V73117888732476789764376” which would take a PC 14 octillion  years and 6 vigintillion years to crack respectively
  • Randomness is also key to a great password. NEVER choose a password based upon personal data like your name, birthday your username, or other information that one could easily discover about you from such sources as searching the internet.
  • Create a list of 10-12 such as Qy#i1827Vbsg12348()17w passwords that are random and use a password management program like 1Password or LastPass, or create and remember a password recipe or simple padding pattern.
  • NEVER choose a password that is a word (English, German, or otherwise), proper name, the name of a TV shows, or anything else that one would expect a clever person to put in a “dictionary” of passwords. Especially if it can be found it’s something you’re found of like ‘Hello Kitty’, ‘Disney’, etc
  • NEVER choose a password that is a simple transformation of a word, such as putting a punctuation mark at the beginning or end of a word, converting the letter “l” to the digit “1”, writing a word backward, etc. For example, “password,123” is not a good password, since adding “,123” is a common, simple transformation of a word. Neither is using password where you have substituted the number zero for the letter “o”
  • NEVER EVER EVER use the same password for all your logins (have at least 5).

How to Make Up a Great Password

Passwords should contain a mix of the following sets

  1. lowercase letters
  2. uppercase letters
  3. Numbers
  4. special characters !,#,$,+,%,~ etc
  5. Should be longer than 8 Characters
    1. Example the Password 1@Tf%s&E9Tewhich is based on the numbers 1-2-3-4-5-6-7-8-9-10 would take a PC 4 Thousand years to hack.

Password Levels

  • Level One – contains at least one of the character sets
  • Level Two – contains at least two of the character sets
  • Level Three- contains at least three of the character sets
  • Lever Four-contains all four character sets
  • You can Include some simple substitution like 3 for ‘e’, zero for the letter ‘O’, 1 for ‘I’, 7 to T, 2 for S

Example of how to create a good password

  1. Think of two unrelated things you like computer & socks books & dogs autumn & chocolate OR a phrase from one of your favorite movies or tv shows
  2. Join the words with a non-alphabetic character or two. (#,+,|,!..etc.)
  3. Make at least one change (for example, uppercase a letter or add another character) to one of the words (preferably not just at the very beginning or end of the password).
  • Some example passwords generated using this method:
    • C0mput3r%socks
    • B00ks #dogs
    • Autumn|choc0lat3
    • Gen3sis_Doggi3
    • 76TltbpWa110ccah# – (Seventy-six trombones led the big parade With a hundred and ten cornets close at hand.)
    • 2bo!2b_TitQ – -(To Be or Not To Be The Question)
    • I106mtC_wgaftog_hap0c_1dawws -It’s 106 miles to Chicago, we got a full tank of gas, half a pack of cigarettes, it’s dark… and we’re wearing sunglasses. Read more: Music Man – Seventy-six Trombones Lyrics | MetroLyrics
  • Books like the Bible have a great resource to create passwords as it has over 31,173 verses you can use. You can use Bible verses to create passwords like Joshua24I5$, 54Isa1ah17 *, Pr0v3rbs9_8%, J8hn316*
  • Convert from the Arabic-Hindu Number system into the Hexadecimal System so that you can say BacktoTheFuture1151955 and make it Back#T0#Th3#Future_1193D3

Biometric passwords – There is an increase of computers gives you the ability to use biometric data such as facial recognition, fingerprint, retina pattern or voice print data to generate a unique password based on your data. However, there have also been reported as successful hacks for these methods.   An example of this would we be the Apple fingerprint lock, which was able to be bypassed the week it was released.

Second Key Authentication: Many systems like Facebook, Google, Yahoo, Hotmail, PayPal, and even financial institutions offer second key authentication. In this method, you give the institutions your mobile phone number. When you attempt to login, the system sends a special random access code to the users’ mobile phone. To complete a log in the user must type in this code. Which means they have to have your phone.

Personal Info Authentication: Many systems ask the user to select personal info questions to set up their user accounts such as the color of your first car, or mother’s maiden name, or best friend. These questions are to help users in case they have forgotten your password.  Be careful what info you select! Some information is public information or can be gathered from your Facebook profile.  For example, if your question is ‘Name of the High School you attended?’ and you are a member of the Eric Erickson High School group on facebook, then it’s not hard to answer this question.  What I can suggest is giving easy to nonsense answers like the J3di Acad3my. For example for all your selected questions, put in the name of your favorite something (recording artist, fruit, book, author).  I mean if you select mother’s maiden name as your question, and typed in Mayberry.  it is highly improbable that anyone trying to hack your account will guess that.


Most computer security professionals recommend changing your Internet passwords and account login information at least once every three to six months. Though some debate if it is necessary, however, if you want to be safe change it at least once a year, like a month before or after your birthday and make it an annual reminder on your calendar. It may be safe for you to wait longer; it just depends on your computer habits, and how and where you surf the web. I recommend changing all your passwords at a minimum of once a year, perhaps the day after your birthday, or on New Year’s day, or the first day of spring (spring cleaning). Changing all of your Internet passwords can be a time-consuming and even an exasperating task, especially if you have lots of online accounts. But it is a sure way to guarantee a modicum level of safety; however, it is not the only safety precaution that should be considered for your login information. Whether you bank online or you are just sending a few simple emails, secure passwords are essential. You’ve heard of problems caused by hackers, who use your account to do illegal activity. There have been incidents of people not only hacking into people’s e-mail, or Facebook accounts but sending vicious messages.


You should avoid writing down your password or giving it to others. You should especially avoid writing it down and leaving it in a non-secured place such as on a post-it on your monitor or a piece of paper in your desk. If you absolutely must write something down (because you suffer from CRS), we suggest doing the following:

  • Don’t write down the entire password, but rather a hint that would allow you (but nobody else) to reconstruct it.
  • Keep whatever is written down in two places like a small notebook or other places that only you have access to and where you would immediately notice if it was missing or someone else gained access to it. (like in the movie Ghost)
  • Keep a list of 10 to 12 passwords of length 10 to 20 characters that you only use for 1 year, and then create new ones each year
  • Treat the not book like the One Ring – Keep it secret -Keep it Safe


There are several great websites that will examine your password and tell you how strong that is. Such sites include


However remember that hackers have tools as well, so you should have as many security measures to help reduce your chances of being hacked. Many sites link PayPal, Google, Facebook, Twitter and more have code key authentication features. You can turn these on, and when you (or anyone else) attempts to log in to your account, a numeric code is sent to your cell phone, and you need to type in that code to log in.  Sometimes it’s a hassle, especially if you lose or don’t have your phone with you.




Microsoft Tech Support Refund Scam

I just received a robotic voice call claiming to be from Microsoft Support Refund Department. They said they were closing and wanted me to call them back at 888-376-4805.
This was so that I could get my refund. (I never paid for MS Support)

This is obviously a scam… most companies that owe me a refund..just mail me a check.

This is the link to the Microsoft site about this

Onyx Knight Enterprises is dedicated to providing you useful and informative data to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  In today’s society, being equipped mentally and physically is no longer an option. – Victor Swindell


Porn Site Phishing Scam

Filed under: Cyber Crimes,Phishing,SCAM ALERT — peppereyes @ 9:19 AM
Tags: , ,

We have seen instances of a new (recycled) phishing campaign claiming to have hacked into your computer and possessing a video of it.Surprised business man with computer

of you watching video on adult sites. Now they want to share this will all your friends on social media.

This is how the scam goes: A criminal reaches out to you via email and purports to have hacked your computer and gotten access to your webcam, where they recorded videos of you watching pornography. The email also contains a real password you’ve used in the past, one revealed in one of the many data breaches that have occurred over the last several years from many sites like Equifax,eBay, Home Depot, Yahoo, Target, Adobe, Heartland Payment, JP Morgan, Adult Frind finder, in an attempt to lend credence to the scammer’s claim. The criminal then threatens to expose the victim to everyone in their contacts within 24 hours if a Bitcoin ransom is not paid.

Here is an example of one of the emails [grammatical errors left intact]:

Good Morning my friend. I represent the group of web criminals in Iran. I use this mail address because we think that you will check it. Few times ago my team put the virus on web-site with porn and as far as you clicked on a play button your system started shooting your screen and activating camera to capture you self-abusing. Eventually I mean you understand what compromising evidence Ive earned. Moreover, this software made your device act as dedicated server with plenty of functions like keylogger, parser etc. To sum up, my software picked all data, especially all your contacts from messengers, e-mails, social networks. If you wanna make me silent you must make a transaction of 260 dollars with bitcoin. 1K2auXQEKz7Ro8cRa2xr3bAPV2n6KT5vi1 You must use it as usual credit card number. If you send bitcoins nobody will see your shame. Watch youtube manuals about methods of buing BTC… I can offer you this exchanger:  If you have a problem with this, you can search comfortable ATM for bitcoin at coin atm radar. I give you no more than twenty four hours since you read our message to pay. You can complain cops, but they can not find us I use bot network, and of course we live abroad. If you want us to show proofs we will share it to seven mates from your data after that you will be given their contacts. So you will ask them if something strange was received about you. For some questions just reply. Dont be fullish, AmAZinGcRackeR$.

Don’t fall for this scam…….

  • Remember:
    Don’t open suspicious emails, click links contained in such emails, or post sensitive information online, and never provide usernames, passwords, or personal information in answer to any unsolicited request. Hover over a link with your mouse to verify the destination prior to clicking on the link.
  • Don’t click on links in emails that are suspicious. Instead, type the name of the company into your web browser and see if you can vet the sender. If they’re legit, contact them via customer service.
  • Get creative when it comes to passwords. Strong passwords should be largely indecipherable to other people. The FTC says this: “Substitute numbers for some words or letters. The Books like the Bible have a great resource to create passwords as it has over 31,173 verses you can use. You can use Bible verses to create passwords like Joshua24I5$, 54Isa1ah17* ,Pr0v3rbs9_8%, J8hn316*STOP –And for God’s sake if you are watching internet porn you may have a porn addition…GET HELP!

Phishing is one of the most common ways that hackers and cyber thieves use to get your password. It was how Russian hackers infiltrated the Democratic National Committee and many big businesses — using sophisticated attacks to target people and trick them into giving up their passwords. However, these attacks are not just reserved for politicians or big business, they will target you.

They can pop up during tax season and natural disaster, in coordinated attempts to get everyday people to type in their passwords on an imposter website. Security keys add an extra level of protection because even if hackers were successful in stealing your password through phishing, they wouldn’t be able to grab your security key. Security keys would also be able to warn you if you were visiting a phishing website. is dedicated to providing you with the best and most affordable self-defense products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for self-protection, home security, business security, purchase our high-quality discount self-defense products and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option. Victor Swindell of is a division of Onyx Knight Enterprises.



How to Spot Phishing E-mail!

I was looking in my Hotmail account today and saw this e-mail. It was obvious to me that


Beware the mail in your in-box

it was fake, but you may not be sure when you get these type of e-mails.  These types of e-mail only purpose is to get your information.

  1. The first tell-tale sign is I don’t have a USAA account.
  2. Look at the email it ends in ‘.de’ which mean it came from Germany.
  3. Companies use their own company name in their e-mail. for example, if the e-mail came from ‘bankofamerica’, then the e-mail would come from
  4. It is addressed to DEAR CUSTOMER, not to me specifically.  A company doing business with me knows my name.  When my insurance company email’s me. It has my name.
  5. It creates a sense of urgency. One of the best ways to get customer’s information is to create a sense of urgency, that if you don’t ‘act now’ something bad will happen.
  6. They always want you to click their link.  If you remember what hover your mouse over a link it will show you in the bottom left side of your computer window..where the link is going.  Once again it’s not going to’s going to Germany.


What you can do

  1.  DELETE IT – and mark it as spam.
  2. If you do have an account at the institution this is from.  Go to your web browser and type in the URL of the company and log in.  DO NOT USE THE LINK IN THE E-MAIL.  and make sure all is OK with your account. Self-Defense Products Store is dedicated to providing you with the best and most affordable self-defense products, survival and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high-quality discount self-defense products. Survival kits and arm yourself with the knowledge about self-defense and security products and information on the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option.

Next Page »

Create a free website or blog at

%d bloggers like this: