Is Free Stuff Really Free?

Today’s post is all about free stuff.

Free stuff you can find on the Internet, that is.

You can get almost anything for free on the Internet these days.

Sample products, domain names, subscriptions, even coffee and chequing accounts. Many whole websites and services are even free.

But is any of this free stuff really, truly, free? With no strings attached?

For the most part, NO!

Why? Well, at the end of the day someone has to pay for this stuff you’re getting for free.

There are costs associated with making the material, and then costs associated with putting that material on the internet for you to get. Which, depending on how substantial the material is, and how popular the place you’re getting it from is, the cost can be substantial.

Whatever it is you’re getting might be free as in you don’t have to open up your wallet and hand over some of your hard-earned cash, but you are still going to have tdo give up something in exchange for whatever you’re getting.

So, how does this work? Here are a few ways you might end up paying for the free stuff you get online.

The first one is..


Ad revenue

If you’re part of the generation that is used to sitting down to read the newspaper every day, you’re familiar with how all this started.

Ads are put up on the website and you have to put up with them while using whatever it is you came to use.

These ads generate revenue for the website every time you view a page on the website.

While most advertisements are fairly innocuous, advertising technology is quickly moving towards enhanced ways of figuring out what it is you like so they can show you ads for products and services you are most likely to buy.

You have to ask yourself here, is dealing with the ads worth it for what you’re getting? How about the possibility they may be tracking you?

The second is..


Giving contact information

A business needs customers, but nobody is going to freely give up their contact information and ask to be contacted about products and services they could buy, right?

I mean, how many phone calls have you picked up, discovered its a telemarketer on the other end and been excited about it?

One avenue for businesses to solve this problem is to give something away for free, in exchange for your contact information and your acceptance that they can contact you at a later date to advertise their products and services for you to buy.

Ever been asked online “to download this or that just enter your email address!” ?

This is exactly what is happening. In exchange for the free download, you’ve handing over your contact information.

The third is..


It could be a scam

I think its worth mentioning here, that if it sounds too good to be true, it probably is. As I mentioned above, its expensive to give away free stuff.

Ever get invited to a survey which claims that every participant that completes it will get an iPad? If that were true, not only would thousands of people complete the survey, but the company offering it would go out of business quickly due to the number of iPads they would need to purchase.

Next time you see something for free that just seems way too good, take a second and think to yourself: Is this too good? How does the company pay for this?



Giving Personal Information

The last way I wanted to highlight is similar to collecting contact information, however instead of just contact information, they ask for way more.

Ever seen an online quiz that needs to know your name, address, and income or a contest ballot that wants to know your address and occupation?

That kind of information that gets a little more personal than just how to contact you if you win.


Bottom line..

So, what I’m trying to get at in this episode is not to scare you and Im not saying that you shouldn’t give out information at all. I’m just saying that you should be careful to who and when you give it out.

While this may seem like nothing, the next time you enter your information for something free, consider these two things:

They could sell your information, or make it available to customers in some way, which means you could get even more unsolicited advertisements and emails from many third parties.
They could loose your information. Either through a hack or by accident, which means your information could get into the hands of a third party which could have sinister intentions.

Make sure that whichever company you’re giving it to is reputable and has some protections in place to protect the information you give them.

Not only that but consider if the information you’re providing is worth the benefit of whatever you’re getting in return.

Are they asking for your name, address, phone number, social status, salary and social insurance number all in return for a ballot for in contest, but the chances of winning are 1 in 50,000,000, for example?

Ask yourself if that much exposure is worth that chance of winning.


This week’s challenge

This week’s challenge is pretty simple. Think about everywhere you’ve submitted your information online in exchange for something free. Can you think of anywhere where it might have not been worth it? Going forward, is there anything you might do differently when it comes to giving up your information?


Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?

Email Looking a Little Phishy? 7 Things To Look For..

You might be wondering,

“Where the heck did this guy learn English?! He can’t even spell fish right! And what does that have to do with online security?”

It has a lot to do with it, actually.

No, I didn’t mis-spell “Fishing” in the title.

“Phishing” starting with the P-H instead of an “F” is when a spammer, impersonating another person or an organization sends emails to people maliciously, in an attempt to trick them into doing things like:

  • Hand over usernames, passwords, banking details, or other information
  • download malicious files or viruses,
  • pay or transfer money through fake invoices, fake ransom requests, etc.


If the name sounds funny, thats because it is! It’s meant to be a play on the fact that spammers are trying to lure you in just like a fish so you’ll give them what they want.

Just like how you’d lure a fish into biting down on the hook you’re dangling in the water, a phishing email is meant to get you on a spammers hook.

To convince you that you really do have to give them your bank information, or enter your username and password.

But these types of attacks are really nothing to joke about.

They try to not only look as legitimate as they can, but also instill fear, curiosity and play on our desire to do the right thing.

The scary part is, these types of emails aren’t always that easy to detect! Spammers like to craft their emails to impersonate popular online services and brands to get you to enter in your usernames or passwords and banking details.

So, how do you detect a phishing email? Here are 7 characteristics you can check for. These aren’t exhaustive, as spammers are always trying to change up their methods, but they are a good starting point.


Fact Check

Is this a company you actually do business with? Is this someone who you normally receive this type of email from? Did you actually order something for which you are expecting a confirmation?

If the email seems like its completely out of the blue, it very well might be.


The “From:” address

Check the from address carefully. Spammers often try to register domain names that look very similar to the organization they’re impersonating. Others will make the name look credible, but the email address its coming from will be something different.

Ask yourself: does it make sense that I’d receive an email from this address? Have I received email from this address before?


Bad grammar and spelling

If the email is full of bad grammar and spelling, then this should be a red flag. Any email that comes from a corporate business will sound professional, and will have been checked for grammar and spelling multiple times before being sent out.

Also, now many corporations have either removed salutations altogether, or will greet you in a manner consistent with your region and with your proper name.

If your email starts with “Salutations user” and you don’t know anyone who would say that or “hello first [email protected]” or “Dear Member” this should be a red flag.


A weird link

Phishing emails commonly include a link of some kind. They want to get you to go to another page and enter your details, such as usernames and passwords.

If there is such a link in the email, hover your cursor over it but don’t click it!

This will show you the actual URL. If the URL displayed in the email is different than the URL that pops up when you hover your cursor over the link, its probably a phishing email.

In addition, if the URL that pops up doesn’t look quite right, like its a misspelling of the legitimate domain name, it is completely unrecognizable, or the real domain name looks like part of another domain name such as:, then its probably a phishing email.


A sense of immediate urgency

Spammers don’t want to wait around. Part of their game is the sense of urgency. They want you to act without thinking and feel like there is no time to do anything but to do as they ask.

Sometimes they’ll build this sense of urgency by saying that “Your account is going to be suspended” or “your free gift is going to expire” or “the authorities will be contacted”, or other threatening language.

Don’t fall for this game. Take a moment to think if the threat is practical.

In addition, most government agencies don’t use email as their first means of contacting you.


It sounds too good to be true

Did you win the lottery, but didn’t buy a ticket? How about a long-lost relative that you’ve never heard of wants to give you millions of dollars? Maybe that new smartphone you wanted is now 99% off?

If it sounds like it might be too good to be true, it probably is.


Trust your gut

If all else fails, and you’re not too sure, or if it just feels “off”, Don’t open the email, click on any links or open any attachments.

What do I do if I get an email that doesn’t seem right?

Check with the person or company who supposedly sent it if they actually did send it.

If its a company, call their customer service line or get to their website the way you normally do, and ask if the email you received was legitimate.

If its a person, call them on the phone or in another manner that you can verify you’re actually talking to them and not someone attempting to impersonate them.

But, don’t try to verify the email via a reply email.

If the attacker already has access to their inbox, it’s really easy for them to reply with “yes, of course it’s me!”.


This Week’s Challenge

This week’s challenge is to think about these characteristics and the emails you’ve received lately and see if these characteristics apply. Can you find any that stand out as phishing emails?


Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?

Two Simple Tips to Remembering Passwords

If you do a number of things online, then you usually have a number of passwords.


As I’m sure you have all experienced, this can sometimes be frustrating and annoying when you can’t remember the password you need for the specific place you’re trying to login.


You’ve probably also heard that you should be using a unique password for every login you have, which is true, but have you ever heard how to manage all those passwords?


Using multiple passwords is great, but it’s not going to happen if you can’t manage all those passwords.


Us as humans are instinctively going to choose whatever path makes life easier. If that means using one password instead of 10, or 10 really simple passwords instead of complex ones, many of us will take that tradeoff.


So, How can we make remembering passwords easier?


There are two tricks to doing this effectively:

  • Putting them all in one place, somewhere that isn’t your brain.
  • Putting them on a medium that works best for you.


Yup, that’s it.


Let’s break it down:


Putting them all in one place allows you to know where they all are, and have one thing to keep safe. If they were all in separate places, then you have to remember where those places are… And keep all those places safe… and then we’re back to square one.


Choose a medium that works with your life. There is nothing saying your passwords have to be stored on your computer. Or any electronic device for that matter. The idea here is that if remembering passwords isn’t severely routine-altering, and is something you can easily add to your day, then you’re more likely to stick with it.


So how can we put this into practice?


Here are a couple of examples:


Someone who is tech savvy, takes their phone everywhere, and is used to looking things up electronically should try a password manager.


This is a piece of software that lives on your computer or your phone which stores all your passwords. Then, you only need to remember one password to access the manager and select the password you want to use.


There is one catch though. If you forget the password to your manager, all your passwords saved in it are gone! You can’t get them back.


If you don’t work on a computer all day, or prefer to lookup information in books and references, try relatively low-tech idea. A notebook!


A few years ago I wouldn’t have ever suggested using a notebook, but it’s becoming a more appealing option just because its not digital. It can’t be hacked like a computer can.


A Word of Caution..


In using a notebook however, passwords should be written without an obvious reference to what site they’re for or the username that goes with them. This makes it difficult for anyone who finds your notebook to understand, hence making it more secure than just a notebook of usernames and passwords.


The notebook should also be hidden well, or even locked in a safe (if you happen to own one!).


And because I know someone will mention this: No, sticky notes on your monitor or under the keyboard are not OK!


Of course, at the end of the day its important to pick something that will work for you and that you can manage. If you write everything down in a notebook and then hide it so well you can’t find it, its not going to help much is it?


This Weeks Challenge


How do you remember all the passwords you need? If the answer to that question is by using only one password, then this weeks challenge is now that you know a few ways to keep track of multiple passwords, can you consider changing each password to being unique and using a password manager to keep track of them?


If you do use unique passwords then this weeks challenge is to consider how you could keep track of them. If you’re a rockstar already keeping track of them easily then consider taking them one step further and make them more complex! If you don’t understand what I mean about more complex, don’t worry. I’ll have another episode on complex passwords later on.

Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?

People Need Cyber Security, Too

In this post I wanted to talk about why.

Not Why as in the meaning of life, but why as in why do we need cyber security?

With the whole world around us becoming more and more connected, the people who want to con us for their own benefit are becoming more and more sophisticated and what you need to do to be cyber secure is constantly changing.

They Target Whomever

There also isn’t any discrimination among who these people con either. They target whomever will help them fulfill their goals, regardless of whether that is a big business, a small business or individual people.

Because of this, everyone needs to learn not just how to install a firewall and antivirus, but how to think cyber secure so that as our connected world changes and evolves, you can change and adapt your cyber security to stand a better chance at keeping yourself and your information safe without becoming overwhelmed both at work and at home.


Everyone Should Think Cyber Secure

Though, through my own experience, it seems most people don’t know how to think cyber secure. This really shows in a Pew Research Survey done in 2016 (Click Here to have a look at the survey results at Pew Research). They asked 1,055 online adults 13 questions about cyber security. The typical respondent was only able to answer five.


This means that everyone needs a little help. Not everyone is going to be able to only answer two questions, but everyone might have one thing they aren’t completely sure about.


And that’s why I wanted to start this podcast and decided to call it Think Cyber Secure.


Follow Along With Us

If you follow along with me, my goal is to give you some actionable tips to not only be cyber secure today, but also  be cyber secure tomorrow and into the future by learning how to think cyber secure and how to adapt and shift as the cyber security world changes.

Today’s Challenge

How do you protect your computer and your information? See if you can find one area or opportunity that you think you might need to improve.

Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?

Introducing Think Cyber Secure

Hello and welcome to Think Cyber Secure!

Whether you’re only on the Internet to update your social media and to read the news, or if you use it every day as a blogger, podcaster, video creator or a business owner or anything else and you want to learn how to keep yourself safe and secure while being online every day, then this is the blog for you.

My name is Derek and I’m going to deconstruct and decode the world of online security and privacy to reveal the fundamentals of what you need to know so you can make smart decisions about what you do, where you go and what you post online.

We’re going to dissect and decode the world of online security and privacy and translate the geek-speak to provide real tips that you can use to protect yourself and your business from the threats out there today.

I wanted to start this site for two reasons.

One is that every day our lives are becoming more integrated with the Internet, which is making the Internet itself more of a real risk to us as individuals and small businesses. Not just big corporations.

just as we automatically assess and take care of our own personal security throughout our everyday real-world lives, we now need to do the same with our digital lives as well.

The second being that some years of working in cybersecurity and teaching family and friends about online security and safety, I’ve realized that not everyone knows what they can do to protect themselves. With those that do know, some don’t know how, or even where to begin.

The Goal

My goal is to teach you how to be able to think cyber secure. To understand your digital security just like you understand your real-world security. To make decisions in a safe and secure way no matter what you’re doing online.

It’s going to be a great journey, to make sure you stay with me, hit that subscribe button so that you don’t miss an episode! I’ll be back with a new episode every week.

Be Sure to Subscribe!

Be sure to check out the website, and visit the Facebook page and give it a like, it’s ThinkCyberSecure.

Want to reach out? Not a problem, email using the contact page. And follow on Twitter, @thnkcybersecure

Before I go, I have one thing for you to do. Leave a comment or send me an email and let me know what you want to hear. Is there a topic you want me to tackle? Or a problem you’re having? Let me know.

Until next week, we’ll see you later.

Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?
Share via
Copy link
Powered by Social Snap