Uploading a WordPress Plugin

Written: September 17, 2019

Most Plugins used in WordPress may simply be updated by noticing the little red circle icon with a white number inside of it, denoting how many updates are ready and clicking on it. Some Plugins don’t use the WordPress repository, so you have to manually install or update them which is normally a process like this:

  1. Download the .ZIP file to your computer
  2. In WordPress click on: Plugins> Add New
  3. Click on: Upload Plugin
  4. Click the button: Choose File
  5. Navigate your file system to find the .ZIP file
Choose File

I love finding new ways to save time by using fewer mouse clicks, so what I do instead of steps 4 and 5 above, is to visually locate the recently downloaded ZIP file in my Google Chrome browser, then drag and drop the ZIP file from the status bar of the browser into WordPress, landing on top of the button: Choose File


download the .ZIP file
Downloaded .ZIP file, in browser status
drop on top of choose file
Drag and Drop the .ZIP file onto Choose File

There you go, save a few mouse clicks, be more efficient.

Beware of GoDaddy Phishing Scheme

Written: September 9, 2019

Another quick alert to an email phishing scam just received today, because it actually looks pretty legitimate at first glance.


Official logo, proper phone number, but ah, that Customer ID is just my email. Scrolling down to see the rest of the email, it looks official enough.

Hovering the cursor over the Green button reveals an address not at all related to godaddy.com, so we know it’s a phishing scam.


Another clue that this email is not legit, is to click on the From address and look for an address with godaddy.com suffix:

So this phishing scam had all of the telltale signs of a fake:

Phishing scams lure you into clicking that link in the email, then you land on a bogus page that collects your real account identity. Be smarter than the identity thieves, and double-check all email before clicking any links.

Tags: ,

Is your Password Safe Enough?

Written: August 30, 2019

We all have online accounts and the process of providing a username and password is quite commonplace, but exactly how strong is your password? Just today on LinkedIn I received a message from a confirmed contact that is also freelance, and it talked about an opportunity, but somehow the message didn’t look quite right to me:


LinkedIn Message

First of all, we know each other, but the wording sounded formal and unlike the person. Secondly, the link was going to something on Amazon Web Services and the page just didn’t look legit:


First Suspect Page

Finally, clicking the link to Open File brought me to yet another insecure page, that was phishing for my Microsoft credentials:


Microsoft Phishing

At this point I was 100% certain that this was a phishing scam, but how did that message get sent within LinkedIn in the first place?

I did a quick text message to my freeleance contact and quickly confirmed that he did NOT send me a message on LinkedIn, rather a hacker had guessed his password and used his account to send out this message. My contact was able to change his LinkedIn password, thus securing control of his account and locking out the hacker.

Moral of the story? Well, if something in a LinkedIn message seems off, or not like the personality of your contact, then confirm before proceeding. When you confirm with your contact, use either email or text, not LinkedIn, because the hacker is logged into the victim’s account and will try to assure you that all is well, when in fact all is not well.

Tags: ,

Email scam – Navy Federal Credit Union

Written: August 22, 2019

Hackers often send me phishing email messages in order to trick me into clicking a link, then trying to login to their fake web page, stealing my login credentials in the process. So how do I keep safe from such attempts?

Just this morning I received an official-looking email, claiming to be from Navy Federal Credit Union.

Navy Federal Credit Union

This email has a beautiful layout, official logo, pleasant stock photo, even nice fonts, so at first glance it looks legitimate, but being suspicious I begin to notice the telltale signs of a phishing scam:

  1. Dear Member – a real company knows my first and last name, along with an account number. Both of those are missing.
  2. Grammar – try reading the first sentence, it’s totally disjointed, so English was not the first language of the hacker.

Clicking on the sender’s email address is always the defining identity test.

Navy email

OK, so even the sender’s email address is bogus, because shuttleplanet.com is not navyfederal.org. The final determination that this is a phishing scam is that pretty, Orange button that they really want me to click, so just hovering my cursor over it reveals that the link has nothing to do with navyfederal.org:

Navy link

There you have it, I know with 100% certainty that this is a phishing email, not a legitimate one, however the sender was clever in making this email appear to be real with use of a beautiful layout, nice fonts and official logo. So be wary of email messages that invite you to click a button or click a link, because it just may send you to a hacker site that steals your login credentials instead.


Blog Tags

Recent Posts

Blog Directory & Business Pages at OnToplist.com