How do you spot a Phish?

Phishing scams worry me.  Not because I'm afraid I'll fall for them and give up my private bank data to some jerk in Russia who works for the mob - or in Texas or China or wherever these guys are these days - but because these scams are becoming ever more common, more sophisticated, and harder to spot.  And as I work in a field that's striving to get more adult English language learners and lower-literate adults online, I worry about how well we are preparing our clients to be safe.  Do you know how to spot a phishing scam?  Do you know how to teach someone else to spot a phishing scam?  Not sure?  Here's a few tips using a phishing email that arrived in my inbox today (after getting past my pretty rigorous spam filter!).

Here's the original message.  Take a look and see if you can spot the red flags.  Then read on to see how many you saw.

Red Flag #1.  I don't know who the sender is.  I've never heard of Fulton Bank before.  Why would they be contacting me?  OK, you don't have access to my brain, so you probably didn't spot this one.  But did you look at the name and think "Who's Fulton Bank?"  Then you're on the right track.

What to teach?  Your students - even those with limited reading skills - need to learn to recognize the names of the legitimate businesses they do business with, and to be suspicious of emails that don't come from trusted businesses.

Red Flag #2:  They don't know me, either.  The message is addressed to "Dear Fulton Bank member" not "Dear Ms. Wetenkamp-Brandt."  Also, the "to" line in the message is blank - a red flag for Spam. 

What to teach?  Your students should be suspicious of email messages that address them as "customer" or "member" rather than using their proper name.

Red Flag #3:  They ask me to "confirm my profile," name, address, etc.  YIKES!  Of all the red flags in a phishing scam, this one is the most brilliant shade of crimson.

What to teach?  Your students need to know that no legitimate business will EVER send an email asking them to provide this kind of information.  EVER.  Under no circumstances should they ever respond to such an email, call a number provided in it, or click any link in the message.  If they do accidentally click the link, they should immediately close the browser.  The most important message is that they should never provide their personal information in response to an email request.

Red Flag #4:  The writing/language is less than professional.   Many phishing messages include spelling and grammar mistakes.  This one is pretty good (see what I mean about the scams becoming harder to spot?) but there are run-on sentences and generally it just doesn't have a professional tone.

What to teach?  Well, literacy.  Have your GED students ever asked you to provide a real-life use for all that practice with "authorial tone?"  Here's one!  This message lacks a professional tone - and it's a red flag that, yep, the message is a fake.

Red Flag #5:  When I point my mouse at the link in the message (note just point! not click!) the URL does not match the linked text, and it looks phishy!  OK, you get a pass if you didn't spot this one, because you don't have the original message and can't do it.  But, give yourself extra credit if you thought about doing it!  (And take a look at the image below to see what I saw.)

What to teach?  How to point a cursor at a hyperlink without clicking it, to see where the link leads.  How to read a URL and differentiate a legitimate business website address from a phishy one.  Yes, this is the hard part.  But it's a very important step in making our students safety-savvy.

Need resources to help you teach these concepts?  Here are two good videos that drive home the point:







Happy Browsing!  And don't get caught by anything phishy!

Create interactive online charts with iCharts

This free online tool allows you to upload your data and create charts and graphs with a few easy clicks - no programming required.

Next time you and your students are focused on chart reading for CASAS or TABE, think about making some of your own charts online. Your students will get to practice both their computer literacy skills and their chart-reading skills.

New Website for Minneapolis Public Schools Adult Education

Thanks to Nathan Syverson at Minneapolis ABE for sharing the following information:

Minneapolis Public Schools Adult Education has made a major update to its website and went live as of Thursday, July 14 2011. You can view the updated website at http://abe.mpls.k12.mn.us. This is a complete overhaul, featuring a new layout, a design refresh,  new content, and a reorganization of popular web resources.

Many readers of this blog use the following resources:

• The Online Activity List
• Bethany Gustafson's English for Work video series 
• MPS Adult Education's Touch Typing Curriculum.  

These can be found under the Students Section of the website.  There you can also find our Online Bookstore with a selection of books that we recommend to our ELL and GED students.

Also of note is our ABE Professionals section.  This is where we will post all of the materials we create that we wish to share with ABE and adult literacy professionals everywhere.  Do take a look from time to time, as it will be updated periodically.

Happy browsing!

Nathan Syverson

Minneapolis Public Schools Adult Education

Pic-Lits: picture-prompted writing

I found this little gem of a website this morning and am thoroughly enjoying it!

PicLits.com creates a mechanism for generating writing through providing striking images and drag-and-drop words to layer on them (you can also go freestyle and type in your own text if you prefer).

Here's the PicLit I made:

One small annoyance: their "blog this" feature isn't working so I had to make a screenshot of the image in order to share it here.  But tech glitches aside, this could be a really engaging activity for ESL and ABE students.  How many of us have heard our students say that they don't know what to write about or have no ideas?  A powerful picture speaks volumes.  Using PicLits, those stalled writers may find some inspiration!

This activity could also be done as a whole class on a SmartBoard if you are lucky enough to have one in your classroom.

Botnets, or What you don't know CAN hurt you

If you're online regularly enough to be reading this blog, you probably already know that there's some nasty stuff lurking on the Internet: viruses, worms, Trojans, and other malware.  Even if you don't know precisely what all these things are and how they work, you probably figure that you've got your bases covered with a good anti-virus program.  You know not to open unusual email attachments or get caught by too good to be true advertising (Click here to win a FREE iPAD!!!!).  But there's one security threat that you may not know about... and what you don't know can hurt you.  It's one of the hardest to prevent, hardest to detect, most widespread, and downright nasty pieces of work out there: a botnet.

Never heard of it?  A lot of people haven't.  And sadly, a lot of those people are probably infected.  So what is a botnet?

As defined by Google dictionary, a botnet is "a network of private computers infected with malicious software and controlled as a group without the owners' knowledge."  (The term botnet itself is shorthand for "robot network.")  If your computer is infected with botnet software, part of its memory and processing power are taken over (enslaved!) by a "bot master" who controls thousands or even millions of slave computers, known collectively as a botnet or zombie army.  The botnet is used to carry out cyber crime like sending vast amounts of spam email, attacking and bringing down legitimate websites, and capturing bank and credit card details.

Here's the worst of it: because the bot master has an interest in keeping your machine running and keeping its enslavement a secret, there is often little outward sign to you when your computer becomes infected.  The signals are there, but they aren't the major crashes and data losses that signal a virus infection.  You'll see your computer running slowly, you may be warned about suspicious activity, or occasionally your browser will lock up when you're online.  But generally you'll keep on working, oblivious, while the botnet does its dirty work in the background.

And the worst news of all?  Anti-virus software alone usually can't protect you from botnet infection.  So how can you protect yourself?

1)  Your computer needs a comprehensive security solution that includes anti-virus and anti-malware programs, and most importantly, a personal firewall.  (Not sure if you have a firewall?  Need to get one?  CNET's download.com has several good options.)

2)  Make sure Windows is up-to-date.

3)  Make sure your browser is up-to-date.

4)  Many botnets (including the largest ever detected, spanning millions of computers across 172 countries) are spread via portable devices like USB flash drives, so be careful where you put that thing!  Plugging your flash drive (or digital camera, smart phone, etc.) into a computer whose defenses you are unsure of is the cyber equivalent of unprotected sex or sharing dirty needles.  Sure, that computer might be clean, but there's no way to tell by just looking.  If you must use your flash drive on public computers or the computers of less-than-savvy web users, set your security software to scan your flash drive whenever you insert it in your home machine.

For another, somewhat humorous but enlightening take on botnets, watch this video from Symantec.  (Yes, they are selling you their product, but, hey, it's a good product and their videos are top-notch.)

Digital Photo Project: A Tech Mentoring Story

In my Technology Mentoring work, I have the great pleasure to work with ABE/ESL teachers around the state who are committed to making technology a part of their classrooms.  One of my current projects is working with Jan Olsen Stone's beginning ESL class at the MORE school in St. Paul.  Her class has been working on basic computer literacy (learning how to turn on the laptop computers, learning basic vocabulary like "double click" and "press Ctrl-Alt-Del," and using Google to search for websites and photos).  This week I worked with Jan to plan the next big step for the students - taking their own photos using digital cameras.

The first 90 minutes of the class was spent on learning vocabulary for the camera (lens, shutter button, focus, etc.) and how to use the cameras.  Students learned to make simple sentences like "The camera has a lens," and "Press the button to take a picture."  (A lesson which was periodically interrupted by tornado sirens.  Yikes!  Luckily, no tornadoes.  Whew!)  The second hour was spent on a field trip to the local Sears department store.  Each of the four small groups of students had one camera (all provided by teachers & class volunteers).  The students' task: take pictures of each other with items in the store they would like to know the names of.  You can see some of the results above and the full sets can be seen on the Jan's Class1 Flickr page.

After class, the teacher, class volunteer, and I downloaded all the pictures the students had taken and uploaded them to the Flickr site.  Now that the pictures are accessible, Jan has a wealth of content to mine for language lessons.  Here are some ideas we have for what she and the students will do with the photos:

• write a Language Experience Story about the field trip and illustrate it with a selection of photos
• use the photos to teach new vocabulary (the original purpose!) and grammar such as prepositions
• categorize items in the photos (clothing department - women's - shirts)
• students can copy and paste photos from the Flickr site into Word documents and write sentences to describe them.

Jan plans to continue to use digital photo projects throughout her summer school session.  Other photography assignment ideas for her students include:

• taking pictures of things that are a certain color
• taking pictures of things that surprised them or were new to them when they came to the U.S.
• taking pictures of places in the community (walking around the neighborhood)
• taking pictures of signs in the community (also a walking project)

Working with this class really reminded me that cameras provide a unique and powerful tool for prompting engagement with one's surroundings.  In our students' hands, they can give us such rich content for language learning.  I hope you'll think about trying something like this with your students too!

United Nations: Disconnecting People From the Internet Is a Violation of Human Rights

United Nations: Disconnecting People From the Internet Is a Violation of Human Rights

Well, there you have it: Internet access is officially a human right. It's an interesting position for the U.N. to take. In our cushy American setting, that might seem a little silly. Internet access is a human right? Really? When most people just use it for entertainment? But there has been quite a lot of controversy at the international level over whether individuals can claim that their rights have been violated when their governments cut off their Internet access in order to, for example, prevent them from organizing protests against said government. Seen in that context, this decision makes a lot more sense. It also makes me wonder if there have ever been similar discussions about other technologies. If Internet access is a right (based on the idea that people have a right to freedom of expression and opinion) is access to other information/communication technology, like cell phones, also a right? Would forcing cell phone providers to take their carrier signals down (like Egypt did during their recent revolution) also qualify as a violation of the populace's human rights? Very interesting stuff.

The world is changing, and fast! It's difficult for governments and educational institutions to keep pace.  Policies that govern technology use that were developed even 5 years ago often seem anachronistic.  In many ABE programs, we struggle just to get access to basic online resources like Gmail and streaming video.  5 or 10 years ago, these things may have been seen as an "extra" or something that schools shouldn't be providing because they were too entertainment-focused.  Now they are basic necessities for online learning and for full participation in adult life.  We need more flexible policies that allow instructors and learners to access the full range of opportunities provided by the Internet.  It's a human right.  Just ask the U.N.