The Password Book

Home » Books » The Password Book

The Password BookThe Password Book
Updated: September 1, 2017


The Password Book: Internet Security & Passwords Made Easy
Most password books (or password organizers or password journals) are just that, mere places to write down websites and passwords. (This book does that.)

But that’s not enough! In today’s rough-and-tumble Internet – full of scammers, thieves, and scoundrels – you need more than just a “Password Book.” You need:

  • A book that provides scam education as to what scams are out there, how scams work, and how to be mentally savvy enough to avoid “being scammed.”
  • A book that helps you inventory and upgrade the security of each key Internet asset, especially the “big three” of your computer, your email, and your mobile phone.
  • And, a book that gives you a “password system” so that you can easily construct hard-to-guess passwords and have a framework for three tiers of security.That’s what this book does


The Password Book: Table of Contents

  1. Anatomy of a Scam – learn how scams work and how you can secure yourself against scams and online thievery.
  2. Common Scamfoolery – scam templates that explain the structure of scams.
  3. The Pledge of Paranoia – a fun, simple mantra to help you stay scam-free and secure online.
  4. How to Generate Strong Passwords – an easy system to generate strong passwords.
  5. Your Computer – simple steps to secure your computer.
  6. Your Email – simple steps to secure your email.
  7. Your Mobile Phone – simple steps to secure your mobile phone.
  8. Your Financial Accounts – simple steps to secure your bank accounts and credit cards.
  9. Facebook – simple steps to secure Facebook.
  10. Amazon – simple steps to secure Amazon.
  11. Your Password Generation System – a place to write down your password generation system.
  12. Your Passwords from A to Z – a place to write down your passwords.
  13. Appendix – Scam Resources – learn more about scams!

Excerpt from Chapter 1: Anatomy of a Scam
Let me start with a story, the anatomy of a scam perpetrated against my Mom. My Mom is a very smart woman, very involved in the community with literally hundreds of key friends and contacts in my home town of Tulsa, Oklahoma. She’s a prime target for scammers, however – she’s older, she’s affluent, and she has many friends, family, and colleagues who are also attractive “targets” in their own right. She also has an AOL email account, a dead give-away that someone is not a member of the technological cognoscenti!

On the morning of November 7, 2014, I received (as did everyone on my Mom’s AOL email contact list), the following email, under subject: “Sad News”:

I really hope you get this fast. I could not inform anyone about our trip, because it was impromptu. We had to be in Philippines for a Tour. The program was successful, but our journey has turned sour. We misplaced our wallets and cell phones on our way back to the hotel after we went for sight seeing. The wallet contains all the valuables we have. Now, our luggage is in custody of the hotel management pending when we make payment.

I am sorry if I am inconveniencing you, but I have only very few people to turn to now. I will be very grateful if I can get a short term loan of ($2,450) from you. This will enable me sort our hotel bills and get my sorry self back home. I will really appreciate whatever you can afford at this moment. I promise to refund it in full as soon as I return. Please let me know if you can be of any assistance.

Thanks

Since the scammers had seized control of my Mom’s AOL email, if you replied to her email, you then received instructions on how to wire her and my Dad the money, or if you expressed doubt, some back-and-forth with the scammers about their “problems” to reassure you that it was really her. To make matters worse, the scammers not only had control of her AOL email account but had deleted her email contacts after exploiting her account, making it very difficult for us, after we regained control, to send out a legitimate email to friends and family to warn would-be victims of this heartless “vacation problem” scam.

Let’s look at the anatomy of this scam, starting with the two steps:

  1. My Mom had been “phished,” meaning someone had tricked her into opening an email attachment or “reverifying” her AOL login and password so that the scammers could take control of her email.
  2. My Mom’s friends, family, and contacts were being “spearphished,” meaning the scammers were using a person that they knew (my Mom) to attempt to get them to do something they wanted (wire them money).

And let’s break this down further into the constituent elements common to all scams:

The Spoof. Both, first to my Mom, and then to her contacts, the scammers were pretending to be something or someone that they were not. They were “spoofing” – first, a “trustworthy” email sender and “trustworthy” website or attachment to which my Mom would mistakenly give her login and password, and second, doing the same thing to her contacts, pretending to be my Mom, after they had gotten control of her email.

The Confidence Game. Throughout, the scammers strove to increase the confidence of their intended victims, by emailing back people who asked questions (and in other such similar scams, even going so far as to converse on the phone). First the scammers spoof and then they build confidence.

The Keys. Your car or house has a physical key, but your email account, your mobile phone, your bank account online, your Facebook, Twitter, or LinkedIn, have virtual keys – your login, your password, and sometimes your two-step verification code. Scammers want these keys as means to an end – usually, but not always, money. In my Mom’s case, once they had the AOL login and password, they could use those Keys to work on their real targets, her friends and family.

The Ask. Scammers may start with getting your “keys” but their ultimately goal is to get money. To do this, they must ask for something. In my Mom’s case, first they asked her to click on something in an email and then to “reverify” her AOL login and password, and later they asked her contacts to send money urgently to the Philippines.

At the anatomical level, all scams share these elements in common: the Spoof, the Confidence Game, the Keys, and the Ask. There are simple scams and more complex scams (See Appendix A for a list of common scams), but they all share these elements in common.

Once you understand the “anatomy of a scam,” you can be on the look out for its constituent elements and thereby make yourself harder to fool.

~ Jason McDonald, Author
~ Publication Date: September, 2017