<html><head></head><body><div class="ydpf3010648yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:13px;"><div></div>
<div dir="ltr" data-setdir="false">Stan -- </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">I assume all your devices, especially that Smart TV, have their own internal security, receive signed firmware updates only, and do not do WiFi "over the air" updates. And that all devices are using WPA2 or WPA3 encryption. I also assume that WPS (WiFi Protected Setup, which can bypass your network security and has known malicious exploits) is turned off in your router and on all connected devices.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">If any of these conditions was not met, you may have your answer right there. </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Otherwise, somewhere, somehow you may have clicked on something else which was not genuine, or downloaded and installed a malicious app into the smart TV. Without auditing your Smart TV and your network in person,we can't offer anything more definite or more specific. </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Hiding the network SSID no longer works for providing extra security. Hackers know how to unhide hidden networks these days. </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">There are security appliances you can buy for $$$ but these really are leveraging the same security measures we can apply for ourselves. We can limit the number of open ports in our routers and modems, but this is a bit more tedious and technical than many of us want to do for ourselves. Some home network security suites include port stealthing. Most of these apps cost subscription money. </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">-- Bob Primak </div><div dir="ltr" data-setdir="false"><br></div><div><br></div>
</div><div id="yahoo_quoted_6057383425" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Monday, October 17, 2022 at 12:05:20 PM EDT, Stan Rose <stan_rose@alum.mit.edu> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div id="yiv2077652845"><div><div>I am usually extremely careful in recognizing and avoiding scams but was caught by one last month, and not by an email, text message or web pop up.</div><div><br clear="none"></div><div>We were about to watch a movie on Amazon Prime via the Prime Video app on our Sony Smart TV. When we started the app, a very real looking message came up on the TV that we needed to renew our Prime subscription. It gave an 800 number to call to expedite renewal. When I called that number, the person offered a 2 year discount for $190 instead of the usual $119 per year.</div><div><br clear="none"></div><div>After giving him the card info, the TV went through the normal process of asking me to enter it's displayed code into my phone's prime video app. That all looked normal.</div><div><br clear="none"></div><div>After that, I checked if my Prime subscription was extended the promised 2 years and saw it wasn't. It was only then that I rememberd I had renewed my subscription in April so it had not expired. I called Chase and they reversed the charge and have subsequently been told they made the refund permanent.</div><div><br clear="none"></div><div>I guess I was sucked in by believing this couldn't happen on the TV but now I know it can. I don't know how they did it, but they did. I thought I had done everything to protect my network, such as changing the WiFi SSID and password and even changing the normal 192.168.1.1 address to something else. I've changed the password on all Iot devices.</div><div><br clear="none"></div><div>Anyone know how they pulled that off?</div><div><br clear="none"></div><div>Stan</div><div><br clear="none"><div class="yiv2077652845gmail_quote"><div id="yiv2077652845yqt89384" class="yiv2077652845yqt5312766750"><div dir="ltr" class="yiv2077652845gmail_attr">On Mon, Oct 17, 2022 at 12:51 AM Robert Primak <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:bobprimak@yahoo.com" target="_blank" href="mailto:bobprimak@yahoo.com">bobprimak@yahoo.com</a>> wrote:<br clear="none"></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204);" class="yiv2077652845gmail_quote"><div><div style="font-family:Helvetica, Arial, sans-serif;font-size:13px;"><div style="font-family:Helvetica, Arial, sans-serif;"></div>
<div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;">There are also scams very similar to this one revolving around hurricane relief from Ian. There was one billionnaire who did pledge direct relief to homeowners affected by Ian, but I think that was Elon Musk, andf it was not in the form of free Internet, though he also is offering that for a few areas of SW FL. </div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;">You have to be very careful about everything these days. None of these charitable foundatiuons will use email as their first method of contact, out of the blue. Nor a phone call, especially to a cell phone. If it looks too good to be ture, check with the original source. Use an independent direct link or contact method. And don't be in a rush -- there is never so much time pressure that you can't use some well-known method to verify an offer. Or a threat. </div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;">That said, I have had to deal with a couple of truly insider scams in recent years. Some of these problems originated with actual fraudulent accounts opened with my personal information, probably obtained through data leaks from places I should have been able to trust, like in one instance, a medical billing service. Yeah sure, they apologized, paid and offered credit monitoring -- but the damages were already done. </div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;">Be safe out there! </div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;">-- Bob Primak </div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div><div dir="ltr" style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div><div style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div>
</div><div id="yiv2077652845m_3216857231903204993yahoo_quoted_6117285019">
<div style="font-family:Helvetica, Arial, sans-serif;font-size:13px;color:rgb(38,40,42);">
<div style="font-family:Helvetica, Arial, sans-serif;">
On Sunday, October 16, 2022 at 10:09:14 PM EDT, <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:carllazarus@comcast.net" target="_blank" href="mailto:carllazarus@comcast.net" style="font-family:Helvetica, Arial, sans-serif;">carllazarus@comcast.net</a>> wrote:
</div>
<div style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div>
<div style="font-family:Helvetica, Arial, sans-serif;"><br clear="none"></div>
<div style="font-family:Helvetica, Arial, sans-serif;"><div id="yiv2077652845m_3216857231903204993yiv7713810109" style="font-family:Helvetica, Arial, sans-serif;"><div style="font-family:Helvetica, Arial, sans-serif;"><div style="font-family:Helvetica, Arial, sans-serif;"><p style="font-family:Helvetica, Arial, sans-serif;">Here is a new scam. I received an email that says I am pre-qualified for the Scott Mackenzie Foundation relief fund, and there is an email address I am to contact for more details. I think they meant Mackenzie Scott, ex-wife of Jeff Bezos, but you can’t get everything right. Her foundation is giving grants to many causes, but I doubt they are getting ready to give me money.</p><p style="font-family:Helvetica, Arial, sans-serif;"> </p><p style="font-family:Helvetica, Arial, sans-serif;">-- Carl</p><p style="font-family:Helvetica, Arial, sans-serif;"> </p><p style="font-family:Helvetica, Arial, sans-serif;">Carl Lazarus</p><p style="font-family:Helvetica, Arial, sans-serif;">H: 617-964-7241</p><p style="font-family:Helvetica, Arial, sans-serif;"><a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:carllazarus@comcast.net" target="_blank" href="mailto:carllazarus@comcast.net" style="font-family:Helvetica, Arial, sans-serif;">carllazarus@comcast.net</a></p><p style="font-family:Helvetica, Arial, sans-serif;"> </p></div></div></div>===============================================<br clear="none">::The Lexington Computer and Technology Group Mailing List::<br clear="none">Reply goes to sender only; Reply All to send to list.<br clear="none">Send to the list: <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:LCTG@lists.toku.us" target="_blank" href="mailto:LCTG@lists.toku.us" style="font-family:Helvetica, Arial, sans-serif;">LCTG@lists.toku.us</a> Message archives: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://lists.toku.us/pipermail/lctg-toku.us/" style="font-family:Helvetica, Arial, sans-serif;">http://lists.toku.us/pipermail/lctg-toku.us/</a><br clear="none">To subscribe: email <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:lctg-subscribe@toku.us" target="_blank" href="mailto:lctg-subscribe@toku.us" style="font-family:Helvetica, Arial, sans-serif;">lctg-subscribe@toku.us</a> To unsubscribe: email <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:lctg-unsubscribe@toku.us" target="_blank" href="mailto:lctg-unsubscribe@toku.us" style="font-family:Helvetica, Arial, sans-serif;">lctg-unsubscribe@toku.us</a><br clear="none">Future and Past meeting information: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://LCTG.toku.us" style="font-family:Helvetica, Arial, sans-serif;">http://LCTG.toku.us</a><br clear="none">List information: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://lists.toku.us/listinfo.cgi/lctg-toku.us" style="font-family:Helvetica, Arial, sans-serif;">http://lists.toku.us/listinfo.cgi/lctg-toku.us</a><br clear="none">This message was sent to <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:bobprimak@yahoo.com." target="_blank" href="mailto:bobprimak@yahoo.com." style="font-family:Helvetica, Arial, sans-serif;">bobprimak@yahoo.com.</a><br clear="none">Set your list options: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://lists.toku.us/options.cgi/lctg-toku.us/bobprimak@yahoo.com" style="font-family:Helvetica, Arial, sans-serif;">http://lists.toku.us/options.cgi/lctg-toku.us/bobprimak@yahoo.com</a><br clear="none"></div>
</div>
</div></div>===============================================<br clear="none">
::The Lexington Computer and Technology Group Mailing List::<br clear="none">
Reply goes to sender only; Reply All to send to list.<br clear="none">
Send to the list: <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:LCTG@lists.toku.us" target="_blank" href="mailto:LCTG@lists.toku.us">LCTG@lists.toku.us</a> Message archives: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://lists.toku.us/pipermail/lctg-toku.us/">http://lists.toku.us/pipermail/lctg-toku.us/</a><br clear="none">
To subscribe: email <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:lctg-subscribe@toku.us" target="_blank" href="mailto:lctg-subscribe@toku.us">lctg-subscribe@toku.us</a> To unsubscribe: email <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:lctg-unsubscribe@toku.us" target="_blank" href="mailto:lctg-unsubscribe@toku.us">lctg-unsubscribe@toku.us</a><br clear="none">
Future and Past meeting information: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://LCTG.toku.us">http://LCTG.toku.us</a><br clear="none">
List information: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://lists.toku.us/listinfo.cgi/lctg-toku.us">http://lists.toku.us/listinfo.cgi/lctg-toku.us</a><br clear="none">
This message was sent to <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:rosesta@gmail.com" target="_blank" href="mailto:rosesta@gmail.com">rosesta@gmail.com</a>.<br clear="none">
Set your list options: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://lists.toku.us/options.cgi/lctg-toku.us/rosesta@gmail.com">http://lists.toku.us/options.cgi/lctg-toku.us/rosesta@gmail.com</a><br clear="none">
</blockquote></div></div></div>-- <br clear="none"><div dir="ltr" class="yiv2077652845gmail_signature">Stan Rose<br clear="none"><br clear="none"><a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:stan_rose@alum.mit.edu" target="_blank" href="mailto:stan_rose@alum.mit.edu">stan_rose@alum.mit.edu</a></div>
</div></div></div>
</div>
</div></body></html>