1. A reminder to be cautious and generally avoid installing any software you can download from the internet – including browser plugins, office plugins, and office documents that need special permissions. Attackers are finding popular tutorials, often video tutorials on YouTube, but using other sources as well, and even creating their own videos with instructions on solving computer issues, completing work in popular programs such as Excel, Word, Adobe, Chrome, Safari, Edge, and other programs. Some links start out as legitimate but take over old download sites. In other cases, they will create new lessons and publish them on YouTube. The downloads contain viruses & keyloggers along with legitimate programs, plugins, and other files, and if you follow the instructions, your computer will be infected.

2. 26 billion new records have been published online of account information from data breaches. The significant danger here is if you use the same password in multiple locations – e.g., if this data dump has your email address & password for CafePress, someone malicious will attempt to log into your email account and bank account with that same password. This is why you should use a unique password, at least for all important accounts, as well as 2FA (2 Factor or 2 Step Authentication).

You should never enter your password in any location except to log in, certainly not into some “password checker” online. However, a site has been set up to check to see if you have account information exposed in this latest breach, link below. You can enter your email address(es) into the system, and it will tell you if any login accounts are associated with that email. If so, you should change and stop using the password associated with that account, including if you reuse that same password at any other location.

Email account breach checker

Tom’s Guide: 26 billion records exposed online