Tag Archives: Featured-Backing Up

Backblaze vs. Dropbox: Backing Up Our Backup Claims

Post Syndicated from Stephanie Doyle original https://www.backblaze.com/blog/backblaze-vs-dropbox-backing-up-our-backup-claims/


If you follow the Backblaze blog, you’ve likely come across some of our “How to Back Up Your Life” posts. We’re interested in helping you, our readers, design the best backup plan for your needs, regardless of what your setup is, what social networks you’re on, or if you’re on a Mac or a PC.

Of course, Dropbox has shown up in that content. We have several articles talking about the best ways to integrate with their platform, and some articles that just talk about how to deal with the differences between sync and backup.

How to Back Up Your Life

The guides in this series help you protect your content across many different platforms. We’re working on developing this list—please comment below if you’d like to see another platform covered.

Recently, we heard that Dropbox released a backup product and wrote an article comparing our two services. (We’re flattered that they consider Backblaze to be the gold standard to compare to!) We thought we’d take this opportunity to respond, mostly because we want our library of guides to include their new offering, and a little bit because, well, there were some interesting interpretations included in the article.

Without further ado, our thoughts on the differences between Backblaze and Dropbox backup.

Backup vs. Sync

Dropbox started out as a syncing service, which, as we’ve noted before, is not the same as a backup service. When you’re using a sync service, you can easily delete or change a file, save it, and then lose the one you actually wanted to keep. This is one of the big reasons you should back up, even if your files are synced.

Over the past several years, Dropbox has been expanding their offerings, including file transfer, document signing, and now backup. It makes a lot of sense if you want to be a leading file management system. But, does Dropbox Backup stack up as a functional, independent product—or is it more of an add-on they’re offering to their sync functionality?

A Quick Note on Citing Your Sources…

When I set out to write this article, I first wanted to see if the things Dropbox claims hold water—After all, innovation is about iteration, and you don’t change or get better if you believe your product is perfect. Maybe we could learn something.

I kept hearing about this product research they’d done:

Source: Dropbox Backup vs. Backblaze.

You know we at Backblaze love data, so I was curious—How did they collect this data? Who were these users? I couldn’t find much more information about it in the article. But, after some digging, I found this on their product page:

Source: Dropbox Backup page.

It makes sense that people who already use Dropbox would like a product similar to the one they’re paying for. But, do the rest of the claims of the article hold true?

Let’s Talk Pricing

Hey, price is definitely a part of my decision when I purchase services, and I’m sure it’s part of yours too. So, let’s get the big argument out of the way first.

Backblaze Personal Backup is $7 per month. That license includes an automatic, set-it-and-forget-it backup service, unlimited data storage, 30-day version history, and you can add one-year version history for just $2 per month or forever version history for $2 per month plus $0.005 per GB for anything over 10GB.

For argument’s sake, let’s grant that Dropbox also built a backup product that runs smoothly in the background. I haven’t personally tried it, but I’ve used Dropbox for file management, and it’s a great service.

Dropbox Backup has several tiers of payment. It’s also included in many of their other paid plans—so, in other words, if you’re already paying $12–$90+ per month for Dropbox, you can take advantage of Dropbox Backup. But, if you’re trying to purchase just Dropbox Backup, there are several tiers of licensing, and (like most SaaS companies) there are discounts for paying monthly versus yearly.

So, let’s try to compare apples to apples here. Say you only have $10 per month budgeted for your backup plan. Here’s what you’d get with Dropbox:

  • Year-long commitment – so no flexibility to cancel
  • 2,000GB data cap
  • 30-day version history

For the same $10 per month, here’s what you’d get with Backblaze:

  • Monthly commitment – flexibility to cancel
  • No data cap
  • One-year version history

For reference, in 2020 most consumers were storing around 500GB of data in their personal storage clouds, but, unsurprisingly, we store more data every year. According to experts, data storage is doubling about every four years. So, you can certainly expect those “running out of space” notifications to be pushing you to upgrade your Dropbox service, and probably sooner than you’d expect.

Speaking of Flexibility

Once you check out Dropbox’s Help docs, there are a few other things to note. Essentially, if you want to use Dropbox Backup, you have to turn off other syncing and backup services (except for OneDrive).

Source: How to Use Dropbox Backup.

In order for Dropbox Backup to work, you have to turn off iCloud and Google Backup/Sync services, both of which are super compatible with your mobile devices and which many many folks rely on (two billion Google customers can’t be wrong). And, what about business use cases? Say you’re an enterprise client who wants to work in G-Suite—Dropbox Backup is not your answer. To put it simply: Dropbox Backup works best if Dropbox is the product you also use to store your files in the cloud.

Backblaze, on the other hand, works with whatever other services you’re rocking. Many of the choices we’ve made are reflective of that, including our restoration process. Dropbox offers restoration in place—if you use Dropbox to manage your files already. Basically, when you restore in place, you’re making a change to the virtual environment of your files (their copy of your hard drive that lives in Dropbox), and then they send that back to your computer. If you use a different syncing service or are accessing a file from another device, well, you’re going through the same download/restore process as every other backup service.

Restores for All

Here’s another thing: It’s a main point in Dropbox’s article that we offer recovery via USB. They turn their noses up at delivering files via the mail—Why would you wait for that?

Well, if you’ve lived in areas with not-great internet, dealt with being the family IT hero, or have a ton of data that needs to be moved, you know that having many ways to restore is key. Sure, it’s easy to scoff at all things analog, “OMG a USB drive via the mail?!” But an external drive (in this example, a USB) comes in super handy when you’re not tech savvy or have a ton of data to move—anyone who’s had to migrate lots of files (at work or at home) knows that sometimes the internet is not as fast as moving data via external devices.

Sure, there are tech reasons rapid ingest devices matter. But these guys matter too.

And, of course, you can always restore files from the internet with your Backblaze Personal Backup account. That’s our front-line method in our Help docs, and we’ve built a Download Manager to make things more seamless for our customers. We’ve made updates to our mobile apps, and just as importantly, we offer Backblaze B2 Storage Cloud and Backblaze Business Backup products. That means that if you ever outgrow our Personal Backup services, we’ve got you covered.

To Sum Up

We’re always happy there are more backup options for consumers. A little Backblaze flame warms our hearts when we know peoples’ data is backed up. Of course, we’d love it if everyone used Backblaze, but we want people to back up their data, even if it’s with a competitor.

If you’re already a paying Dropbox user, this may be a great option for you. But, if you’re like the majority of people and need something that works, no matter where/how you store your files or what other services you use, Backblaze Personal Backup is still your easy, affordable, and proven option.

The post Backblaze vs. Dropbox: Backing Up Our Backup Claims appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

How to Download and Back Up Your Mastodon Account

Post Syndicated from Stephanie Doyle original https://www.backblaze.com/blog/how-to-download-and-back-up-your-mastodon-account/

Mastodon: Have you heard of it? As a social media platform, it’s unique in that it’s free, open-source, and crowdfunded. It doesn’t have ads, and it’s not owned by a corporation. When you set up an account on Mastodon, you select a server (called an “instance”) where your account lives. All of that can sound confusing to your average computer user, though it also makes it a favorite amongst the more tech-savvy users in the world.

The truth of Mastodon’s distributed servers is that it doesn’t really matter which server you choose to set up on. Since each server talks to every other server (just like email), you’ll be able to use the social network just like you would Twitter or any other microblogging platform. You can publish text posts (adorably called “toots”) and attach media such as pictures, audio, video, or polls. Mastodon lets you follow friends and discover new ones, and also uses hashtags to find communities or topics you may be interested in.

Also just any other social media site, you’ll want to back up all your posts. That’s what we’re going to talk about today. 

How Mastodon Works: The Nuts and Bolts

There are some people who want to host their own Mastodon server (if that’s you, it means that other accounts would be hosted on your server, and you’d be responsible for setting standards to moderate content). In that case, you may want to back up your Mastodon server data to Backblaze B2 Cloud Storage—or even use our always-hot storage to actively run your server like this Mastodon user who kept running out of storage and used Backblaze for a cost-effective storage solution.

Stay tuned: We’re planning on writing about this in the future.

But, if you’re just using your account like you would on any other social media platform—that is, you’re posting, finding friends, sharing cute pictures of dogs, etc.—you’ll want to make sure that your posts and memories are protected. There’s the normal run of data loss dangers: natural disasters, computer crashes, and so on. But also, since anyone can bring up their own Mastodon server, they can just as easily take them down. In that case, having a backup means that you can easily move your account to another server on the Mastodon platform without losing your toots.

Let’s talk about the best way to keep your data backed up with Backblaze Computer Backup.

Download Your Mastodon Data

Like most services that prioritize open sourcing, Mastodon has a fantastic documentation center. If you ever have questions, start there first (that’s what we did). To get started with your Mastodon back up, you’ll want to download your account information. After you log into your account, navigate to Settings > Export. The screen should look like this:

As you can see, there are lots of lists you can download straight from this screen. These include your block lists and mute lists—an excellent feature which means you can maintain your privacy settings if you need to move your account, or open a new account on a different server.

To get your toots as well as any uploaded media, like photos or videos, you simply click the button to request your archive. You can request this archive once every seven days.

Once you have that file, you can either upload a copy of it to Backblaze B2 (which is free for your first 10GB of storage), or, Backblaze Personal Backup (we’ve got a free trial there too, of course). Backblaze Personal Backup is super easy—just save that file natively on your computer so that it’s included in your always-running backup service.

While You’re At It…

We’ve gathered a handful of guides to help you protect your content across many different platforms. We’re working on developing this list—please comment below if you’d like to see another platform covered.

Why Back Up Your Mastodon Archive?

It’s always smart to protect your data with a 3-2-1 backup strategy. This means that you’ll have three copies of your data stored in two different local destinations with one copy kept off-site.

Taking your Mastodon archive file as an example, let’s see where those files would live to make sure we satisfy the 3-2-1 backup strategy:

  1. The downloaded copy of your Mastodon archive is saved to your personal computer.
  2. You also back up that archive on your external hard drive.
  3. You have a third copy of the file saved in your Backblaze account.

Especially if you’re using a sync service for the files on your computer, sometimes things get modified or deleted accidentally. When that happens, you can restore from the backup copy on your hard drive. If your hard drive crashes for some reason, then you also have another copy you can easily restore from your Backblaze account. Since it lives in the cloud, even if your computer and your hard drive are lost (say, in a natural disaster), you will still have another copy of your data you can use to get back online.

Even better: If you enable Extended Version History on your Backblaze Computer Backup account, you can see older versions of your file. That’s useful if you accidentally replace your Mastodon archive and there was something you needed, but got changed. They have the same name, right? It’d be an easy mistake to make and not notice until you need to restore. With Extended Version History, you’d just choose an earlier instance of the file, restore it, and then move that file back to your computer and hard drive.

Mastodon Users Are On Top of Back Up

Of course, you can always go above those minimum standards, as these folks were discussing in this Mastodon thread.

We’re not surprised that Mastodon users are talking about their intricate back up systems. Generally speaking, if you’re someone who is interested in or uses open-source tech, you know that it can be a double-edged sword. The community is constantly finding and fixing bugs, asking questions, and creating tech. It’s exciting and creative, but sometimes you have to do a bit more legwork to make things work well.

So, users on Mastodon know the risks when they choose to host their data on someone else’s server, and Mastodon gives you options for how to reconstitute your account if that happens. It’s one of the reasons we love Mastodon: they thought about how to back up when they built the platform.

And, because Mastodon is open source, “they” = users who are (often) also contributing to the code. Of course they’re having spirited debates about how to make their tech lives better and more secure—and we love to see it!

In Theory, It’s Easier to Lose Your Data on Mastodon

We said at the beginning of this article that it really doesn’t matter which server (“instance”) you choose to host your Mastodon account on—and it doesn’t, when you’re talking about interacting with the platform as a user.

The thing that is different about Mastodon is that because it runs on distributed servers, Mastodon is (in theory) more vulnerable than other networks to distributed denial of service (DDoS) attacks. If your server gets overloaded, it may result in you losing data.

A DDoS attack is like all these people shouting different questions at you at the same time and expecting answers—you’d crash and burn too.

Another thing to take note of is that Mastodon doesn’t have automatic updates. As a user, the onus is on you to check GitHub and to update accordingly. Since platform updates are often released to close security vulnerabilities, if you aren’t on top of this, you’re at risk of losing your data from a cyberattack.

This doesn’t mean that Mastodon as a social media site is less safe. In fact, because they automatically set up multi-factor authentication (MFA) and store less of your personal identifiable information, in some ways it’s safer than other platforms.

As long as you’re regularly backing up your Mastodon archive, you should be totally (“toot-ally”?) covered. Start your free trial with Backblaze Computer Backup, follow the steps we’ve set out above, and you’ll be all set.

The post How to Download and Back Up Your Mastodon Account appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

What’s the Diff: Image-Based Backup vs. File-Based Backup

Post Syndicated from Kari Rivas original https://www.backblaze.com/blog/whats-the-diff-image-based-backup-vs-file-based-backup/

When you’re planning your backup strategy, one important decision to make is whether to use image-based or file-based backups. Both methods have pros and cons and both are useful in different situations. Think of it like packing for a trip: Sometimes you need to take everything plus the kitchen sink (image-based), and sometimes you only need the essentials (file-based). It’s not a perfect metaphor, but it will make more sense once you understand the differences between these two backup types. Let’s dig in.

The TLDR: What’s the Difference Between Image-Based and File-Based Backups?

The short answer is this: An image-based backup (also known as a bare metal backup, which is a deeply cool name) is a backup of an entire machine or server, including the operating system (OS) and applications as well as all of the files. A file-based backup only includes the files. We’ll dig deeper into the implications of each below, but that should give you a good base of knowledge to start.

First, Some Basic Backup Best Practices

In addition to understanding the difference between file-based and image-based backups and when to use them, there are a few key elements of a backup strategy you should have in your playbook:

Want a Deeper Dive?

Check out “Server Backup: A Comprehensive Guide to Protecting The Data on Your Servers” for an in-depth look at creating a bulletproof backup strategy.

➔ Download the Guide

Why Is Your Backup Configuration Important?

Properly configuring your backups, including when to use file-based versus image-based backups, is important for a couple reasons. First, it enables you to optimize your cloud storage usage and costs. Image-based backups are typically larger than file-based backups, so they’ll cost more to store. File-based backups are smaller and cost less to store, but they’re also not as robust. Finding the right mix is important as you’re planning your cloud storage strategy.

It’s also important to properly configure your backups so that you can recover more effectively in the case of a disaster. Restoring from an image-based backup will allow you to bring your entire operation back online. Understanding how each type of backup works will help you decide which to use when (and when you should use both).

What Is a File-Based Backup?

A file-based backup, sometimes called a file backup or a file-level backup, is a backup of a single file, multiple files, or even all the files on your system. The biggest distinction from an image-based backup is that it does not include a backup of the OS.

When configuring a file-based backup, you can choose which files you want to back up. For instance, you might choose to back up only certain file types, like Word documents or databases. Or you might choose to back up a particular set of files for one department, such as accounting files.

To understand when to use a file-based backup, it helps to know the pros and cons. We’ll dig into those next.

Advantages of File-Based Backup

File-based backups are simple and straightforward—you just need to back up files versus the entire system. Advantages of this type of backup include:

  • More control over what gets backed up. You can choose specific files or folders that get backed up or sent to cloud storage.
  • More control over what you recover. You can be more granular when it comes to choosing which files you need to restore should you need to.
  • Less storage utilization and faster backups. Since file-based backups are typically smaller in size than image-based, they take up less storage space and can be faster to run.
  • Ability to customize. Some backup applications allow you to set customized backup cadences for different types of files. For example, you could back up accounting files daily, but other project files weekly. Or, you could back up all files on a specific schedule.

Disadvantages of File-Based Backup

There are two main disadvantages of file-based backups:

  • The files are saved, but not the applications that created them. If you need to restore files to a different machine, you need to make sure that machine has all of the appropriate applications to read and use the files.
  • File-based backups are very limited in a disaster recovery scenario. If you need to restore an entire environment after a natural disaster or a ransomware attack, you would need to recover all of your files, then spend additional time reconstructing your OS, reinstalling all of your applications, reconfiguring them, etc.

What Is an Image-Based Backup?

An image-based backup, also known as a bare metal backup, disk backup, disk image backup, or mirror backup, allows you to back up all of the volumes on your server, creating a copy of your whole system.

As opposed to a file-based backup, an image-based backup backs up your entire OS, including settings, applications, configurations, and executable programs.

An image-based backup is more robust, which makes it larger. That comes with some advantages and disadvantages as well.

Advantages of Image-Based Backup

Image-based backups are comprehensive. Going back to our packing metaphor, this is the kitchen sink method. Advantages of this type of backup include:

  • The ability to restore a server in its entirety. This is great when you need to protect your entire server, including the OS.
  • The flexibility to restore individual files or the entire system. With an image-based backup, you get the same restore capabilities as a file-based backup, but with the added option to restore the entire disk if needed.
  • Faster recoveries. If you need to meet specific recovery time objectives (RTOs), image-based backups can save you time. You don’t need to reinstall and patch the OS.

Disadvantages of Image-Based Backup

There are a few disadvantages of image-based backups, including:

  • More time-consuming and bandwidth-hogging during backup. Since you’re backing up everything, image-based backups are going to take longer and use more internet bandwidth when you’re saving them to cloud storage. Backing up after work hours is typically recommended.
  • More expensive to store. Image-based backups take up more cloud storage space and hence cost more to store.
  • Could be overkill for day-to-day recovery needs. When you only need to recover a file that’s accidentally been deleted or corrupted, you don’t need a full image-based backup.

Image-Based vs. File-Based: How to Choose?

Now that you know the difference between image-based and file-based backups, how do you know when to use each type? Here are a few basic guidelines.

Choose a file-based backup for the following scenarios:

  1. If you have a virtualized environment. When you can reimage a new OS quickly in a virtualized environment, you may not want or need to back up the full OS.
  2. To back up employee workstations. Employees will most often need to restore individual files, and a file-based backup will cover this use case. If you ever needed to do a full restore, chances are good that you can just reinstall the OS easily.

Choose an image-based backup for the following scenarios:

  1. For servers with mission-critical data. If you can’t function without it, you should do a full image-based backup.
  2. For anything that would take a long time to configure. In a recovery situation, you don’t want to be spending time reconfiguring settings and reinstalling applications.

Why Not Use Both? Optimizing for Cost and Utility

Rather than choosing between file-based or image-based, you could design a backup strategy that employs both. This allows you to manage your storage usage and costs while maximizing your ability to recover quickly. For example, you could consider doing an image-based backup monthly and file-based backups more frequently. Or you could do an image-based backup of your mission critical servers and file-based backups of employee workstations. The right combination will help you to keep your costs low while maintaining the fidelity of your environment in a disaster scenario.

Storing Backups in the Cloud

Whether you choose image-based or file-based backups, you need somewhere safe to store them. According to the 3-2-1 backup strategy, one of those copies should live off-site in a geographically distant location, and cloud storage is a great fit. Check out server backup solutions from Backblaze B2 to learn more about storing your image-based and file-based backups in the cloud.

The post What’s the Diff: Image-Based Backup vs. File-Based Backup appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

The Beginner’s Guide to Computer Backup with Backblaze

Post Syndicated from Stephanie Doyle original https://www.backblaze.com/blog/beginner-guide-to-computer-backup/

Wouldn’t it be great if computers never crashed? If laptops never got lost? If that cup of coffee never spilled across your keyboard? As much as we’d like to believe that our computers will always work and the data on them will always be safe and accessible, accidents happen. Regardless of how you’re using your computer, you’re storing data that needs to be backed up.

Whether you’ve accidentally deleted a synced file, have a social media presence that’s just too valuable to lose, are going back to school, or you want to make sure you’re protected from cyberattacks, having your data backed up means that your important information isn’t lost forever. So, let’s talk about how to get the most out of your Backblaze account.

1. Set Yourself Up for Success

Backblaze backs up all the files on your computer, including documents, photos, music, movies, and more. When you’re creating your account for the first time, that can take some time—longer than you might think depending on how much data you have and how fast your internet connection is. (If you think it will take a really long time, you should probably be considering Backblaze B2 and our Universal Data Migration solutions). It’s important that your computer is on and awake during that time period, so we suggest that you turn off your computer’s sleep mode during your initial backup.

2. Keep Your Account Secure

We’ve talked before about how to keep your passwords safe, but we just want to make sure it’s clear how important that is for your backups. When backups are your last line of defense—your only option for recovery—then it’s imperative that you use unique passwords and practice a 3-2-1 backup strategy.

Like Librarians, We Work Quietly

Backblaze works quietly in the background while you go about your normal computer life. Note that we’ll only backup a document that’s not actively open. So, make sure to close out your projects when you’re done for the night (or day).

3. Bring Your Drive to the Table

If you have external drives, it’s essential that you connect them to your computer to be backed up to your Backblaze account. In order to give us enough time to scan the whole drive, make sure that it’s plugged into your primary computer for at least four hours in a row, once every two weeks. Here’s some more information on using external hard drives with Backblaze.

4. Check In

Once a week, it’s a great idea to check that your backups are working properly. If they’re not, make sure that you have the most recent version of Backblaze, or you can always contact our Support Team to make sure everything is running smoothly.

And, once a month, it’s a good idea to try to restore files from your online account. This is especially important if you have external devices. It’s always good practice to double check that things are running well, but it also gives you an opportunity to make sure you’ve backed up your external drive successfully.

5. On Restoration: The Sooner, The Better

When you’ve lost data, make sure you restore your data ASAP. If you’re ever worried you may need data continuity, remember that you can easily enable Extended Version History for $2/month. That will give you the ability to restore any version of a file for one year—or forever—depending on what you need.

Remember that Backblaze offers lots of file restoration options. Of course, you can use our website, but you can also restore from your mobile device or even order a USB. (We know; old school.)

Backup and Beyond

We are big advocates of backing up, of course. Hey, it’s for good reason. We want our tech to be accessible to all types of users. We love when you tell your friends about us, or you can use us to help your family and friends. If we’re missing any good tips or you have questions for us, feel free to comment below, say hi on socials, or contact Support.

The post The Beginner’s Guide to Computer Backup with Backblaze appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Let’s Not Go Phishing Today: Tips for Home Computer Users

Post Syndicated from original https://www.backblaze.com/blog/lets-not-go-phishing-today-tips-for-home-computer-users/

Every so often, a family member or friend will ask me if an email they received is a phishing email. That’s part of my job as the unofficial family tech person. Email phishing and its cousins vishing (voice phishing) and smishing (text phishing), are still a serious problem for the average home computer user. While businesses are slowly implementing phishing detection tools—and, more importantly, user training—to help tackle the problem, home computer users are, for the most part, left to fend for themselves.

Our goal in this post is to provide a few tips and tricks for those oft-forgotten home computer users—your old-school neighbor, your unassuming grandma, or your friend who’s just not that tech savvy—in their effort to use their computer without losing their life savings by clicking on the wrong link.

You can scroll past the first few sections to the phishing tips we’ve prepared so that you can use to better understand and identify a phishing email. Or, continue reading to learn more about the phishing problem, why it matters, and then finish up with the phishing tips.

Why It Matters

Phishing is the use of social engineering techniques—tactics that use psychological manipulation like impersonating someone you know—to get you to take an action that can lead to your downloading a virus or malware, having your account credentials stolen, becoming an extortion victim, or some other malicious action.

While detection and blocking technology has advanced over the years, Dark Reading, a cyber security news site, estimates that up to one percent of all emails that make it to the end user’s mailbox are phishing emails. For home users, who typically have to rely on their internet service provider (referred to as an ISP) or their browser (like Chrome or Safari) to keep them safe, the number is probably higher. Still, 1% doesn’t sound like much—until you consider that to get to that point, these phishing emails are the best of the best. Suddenly, it starts to make sense as to why up to 70% of phishing emails are opened by the recipient.

Who Owns the Phishing Problem?

My friends and family are not creators or purveyors of technology; they are primarily users. Asking them to identify phishing emails by deciphering the email raw source or header is not in their wheelhouse, nor should it be. We take planes, trains, and automobiles without knowing much about how they work. It should be possible to safely receive and interact with an email without having to understand sender authentication or bone up on RFC 5322.

You as the family IT manager.

Back in 2005, when most of us first heard of phishing, we had a pretty good idea which businesses and people would contact us and how they would reach us. Today, nearly every company or organization we interact with has a website, an email subscription, an app, social media, and maybe a phone number or two. The daily number of messages we receive via email, phone, text, and so on has easily increased 10-fold (100-fold?) over that time. Do you really have any idea how many accounts you’ve created in your lifetime, and if so, how each of them reaches and interacts with you?

Making matters worse is the proliferation of data collection services—legitimate, shady, and illegal—which will sell personal information to nearly anyone with a purchase order, credit card, or better yet, the latest cryptocurrency. Personal data such as your name, address, last four digits of a credit card, and much more are readily available. As a result, a phishing email can use your name and provide additional personal details along the way in an effort to make you believe it is valid ← that’s social engineering at work.

What Can You Do?

For home computer users, the phishing problem may not be of your making, but you cannot rely on technology if you want to safely function in today’s highly connected world. Phishing uses some really crafty tactics (i.e. social engineering) to get you to believe that when you receive a message from the bad guys, it is okay to do what they are asking you to do. That means you have to be at your best when the incoming message chime rings.

To that end, below we’ve provided you with a little social engineering education in the form of some easy to remember tips you can use to ferret out a phish. We’ll use email in our examples, but the techniques can apply to most inbound communications you’ll receive. In addition, you don’t have to have any special technical superpowers, just some common sense and the ability to lower your FOMO (fear of missing out) threshold.

You can read the tips below, but we’ve also prepared a 20-minute Let’s Not Go Phishing Today webinar which provides a little more depth for each of these tips. You can read the tips below, watch the webinar, or both. The webinar is available on the Backblaze channel on BrightTALK. Keep in mind that you will need to register to watch.

Tip 1: No trust and not useful.

Situation You receive an email from a business, organization, or person. You are certain you do not know or trust the sender and you were not expecting to receive the email.
Example You receive an email to lower your mortgage interest rate from a bank you do not use. Oh, and you rent.
Considerations There are zero reasons to open this email. There is no upside here at all for you. Even if this is not phishing, it is most likely spam.
Disposition Delete the email while crooning, “But there ain’t no Coupe de Ville hiding at the bottom of a Cracker Jack box,” in the style of Meat Loaf (“Two Out of Three Ain’t Bad,” Bat Out of Hell, 1977).

Your on-stage moment is at 2:27.

Tip 2: No trust, but you’re not sure.

Okay, tip one was pretty simple. They get a little harder now.

Situation You receive an email from a business, organization, or person. You might know the sender, but you really weren’t expecting an email.
Example You receive an email and the sender name sounds familiar, but that’s it. Maybe you stopped by a store and provided your email to the clerk, maybe you bought a shirt from them two years ago, or maybe it’s just some advertisement you saw, but nothing is ringing a bell.
Considerations
  • Don’t open the email right away, let it sit in your inbox for a day or two to see if there is a follow up message or perhaps you remember something.
  • Often phishers will use time to pressure you into acting. Surely you would have remembered something so important, so don’t let time pressure you into doing something you shouldn’t. Trust yourself.
  • If you do open the email do not click on any of the links and do not call any phone numbers you may find in the email. Just read the email to see if anything jogs your memory.
Disposition
  • After a day or two, if nothing rings a bell, delete the email. If it was important, they’ll resend. Click delete.
  • If you think the email could be legit—Okay, really, just lower your FOMO threshold and click delete. I am sure that a bank in Ireland is not waiting to give you a million dollars if you call them.

Fun fact: $1 million in $1 bills weighs 1.1 tons. Say that three times fast!

Tip 3: Trust, but verify.

Situation You receive an email from a business, organization, or person. You know the sender, but you weren’t really expecting an email from them.
Example You receive a promotional email from a business. You are a customer of this business and even have an online account with them. You were not expecting the email, but the email makes you an offer that is interesting to you.
Considerations
  • You can receive promotional emails anytime, but they are more prevalent around holidays and marketing events like Cyber Monday. Phishers know this and will use this to their advantage to avoid detection.
  • A phisher can send out millions of emails in an attack spoofing a given business. If you have a relationship with that business, you are prime pickings. Do not assume that just because you are a customer, the email is legitimate.
  • A phisher can also send out very targeted emails using personal information they have collected from data breaches and other sources, both public and private. Just because an email has your name and other personal details, it does not mean it is legitimate.
  • If you decide to open the email do not click on any of the links and do not call any phone numbers you may find in the email. Read the email and see what they are asking you to do.
Disposition
  • If you think the promotional offer is legitimate, then open a new browser window and type in the URL to go to the website, or open the app on your phone/tablet for that business. You may have to sign in to your account, but the promotion should be available in one of those places. If the promotion is only available via the email, contact customer service for the business and ask. Remember to use the website or app to contact customer service, not any of the contact information provided in the email.
  • Sometimes, an offer is only available by clicking on a link in the email. In my opinion this is lazy marketing and puts you at risk. Let the business know this is not acceptable.

Spam or Phish?

The email described above could be just a spam email. Whether an email is spam or phishing can be confusing, but in general spam messages are just trying to sell you something and phishing emails have some harmful intent. That said, the same tips we are using for identifying a phishing email can be used to identify spam messages as well.

Tip 4: Trust, but still verify.

Situation You receive an email from a business, organization, or person. You know the sender and you were expecting the email.
Example You receive an email on the 10th of the month from your credit card company saying your statement is ready. They always send you this email on the 10th of the month. The email says you can click on the link to sign in to your account and view the statement.
Considerations
  • It is highly likely this is a legitimate email, but given this email concerns your financial affairs, being extra careful is imperative. Opening up a web browser and typing in the URL to go to the bank’s website to sign in there is safer. This also enforces the good behavior of not clicking on links in emails.
  • Many financial companies and health care providers are starting to maintain a list of messages they send you via email and/or text. You can log into your account to view the list to make sure that any message you received was actually sent by the provider—before you interact with the message. This is an excellent best practice and such businesses should be commended for thinking about their customer’s online safety and security.
Disposition Even if you think the email is legitimate, use a web browser to access your online account, or use their app to take the requested action.

Downloading Email Attachments?

Only download an attachment that you were expecting to receive, preferably after you were notified via another email—or better yet another method such as a text message. For example, you or whomever you’re interacting with may say, “Hey Monique, I’m going to email those pictures in a minute.” Downloading unsolicited or unexpected attachments is not recommended.

Think of email, text messaging, and voicemail as read-only services, especially when it comes to your financial and health information. This is sometimes really hard with text messages that encourage you to “click this link to…” and voicemail messages saying “call us back at a specific number.” Such messages offer convenience and help move things forward—and sometimes, they are the only way to get things done. At that point, you have to trust the vendor and your instincts.

What to Do When You’re Forced to Click

There are two common situations where you are forced to click a link in an email or message in order to move forward: email newsletters and two factor (2FA) or multifactor (MFA) authentication.

We’re this happy about 2FA security too.

Newsletters

Newsletters can deliver valuable information and often link to other content for additional details. The trouble is, those links are often obscured by tracking redirects used to count how many clicks the link gets—It’s a marketing thing. The average user has little hope of figuring out where the link is actually going, so they are faced with ignoring the information or clicking to the unknown. Let’s break down an example.

Situation You receive a newsletter from a company you do business with and have received newsletters from them before.
Example Backblaze sends you a customer newsletter. There’s an article on a new feature and you want to learn more. To do so you have to click on a link, but when you rollover the link (don’t click) it reads something like:
“https://hub.backblaze.com/xxt/XXt/R+000/xx-h-99/V88XHdW7_bXrN4b0ml7W7xsyK94Tmm-9N2x86z13q3phV1-WJV7CgHCJW7swZm-8j6kXwW6cD…” plus 50-60 more characters that are not displayed.
Considerations
  • It may seem it goes to the Backblaze website (backblaze.com), but without seeing the entire URL you can’t be sure. It could end with “.../bad-guys-website.com“, which would not take you to Backblaze.
  • Were you expecting this newsletter or at least have you gotten a newsletter from Backblaze before? If it is the first time, did you just sign up?
  • What is the intent of the newsletter? Providing information or asking for something? If the newsletter is asking you to sign in to your account for example, it is easy enough to open a new web browser window and sign in from there.
Disposition
  • This one is all about trust, timing, and clicks. Let’s assume you trust Backblaze as a good sender, the newsletter looks very Backblaze-y, and this is something you would expect. If you do click on the newsletter links, there are two primary things to consider.
    • First, if the link takes you to a sign up or sign in page, stop. Always open a new browser window, enter the URL to go to the site, and sign in from there.
    • Second, make sure the click takes you where you expected to go. If you get pop-ups for downloading a toolbar or extension, land on an unexpected webpage, or other unusual browser behavior (e.g. an automatic download), close the browser window and everything else on your system. Then, run a full antivirus scan immediately.
  • If you are not inclined to click on any links in newsletters, we understand. In our case most of the links on a Backblaze newsletter will go to our blog or our website. You can open a new browser window and find the content on the Backblaze website. This works for the many different newsletters you may get daily. That is: You can usually find the content directly versus clicking on the link.

Tell Us More…

The problem with not clicking on the links in newsletters and other similar communications is that marketing folks lose information about what is important to the recipients, but your peace of mind is more important. So, a healthy alternative is that you could send an email or post something on social media about what you like and what you don’t. Even visiting the pages and interacting with the articles the newsletter highlighted will help. Marketers get feedback, you give your opinion on good content, and you’re a little safer from phishing attacks.

2FA or MFA

More and more websites are requiring the use of two factor or multifactor authentication. Here are a couple of scenarios to help you deal with the messages you might receive.

Scenario 1

Situation Your bank’s website uses text message-based two factor authentication to confirm access to your accounts.
Example Using a browser, you log in to your bank’s website. A couple of seconds later, you receive the text on your phone with a code that you need to enter on the website.
Disposition By asking to log in to your bank, you expect to get the text which provides the authentication code. You’re good.

Scenario 2

Situation Your bank’s website uses two factor authentication to confirm access to your accounts. You believe it is text message-based authentication.
Example Using a browser, you log in to your bank’s website. A couple of seconds later, you receive an email asking to click a link to allow the log in to your account.
Considerations
  • This is one of those cases where you need to know how the bank will contact you for the second factor. It could be a text message with the code (like the first example above). It could also be by clicking the link in a test message, or through an authentication app on your phone, or by email message, or even by phone.
  • Given the timing of the events in this example, it is highly likely that you had set up email as your second factor. But, sometimes it is not that easy to tell, especially if there are several minutes before you get the authentication message—or worse, if you don’t get the message at all.
  • One way to make this easier on you is to try to use the same authentication method for each website. The trouble is that different companies support different methods and not others. In some cases, you may be able to find information on the bank’s website to determine the authentication method they use.
Disposition If you’re not sure of the authentication method that was set up, you can abandon the sign-in, then open a new browser window and start again. If you get the same authentication method, you can be reasonably confident you’re doing the right thing.

Moving Forward

Over the past couple of years, vendors involved with providing email, text, and voicemail services have gotten better at detecting and eliminating phishing, spam, and malware before it reaches you. That’s great. But the bad guys haven’t given up, and many would say they’ve gotten better.

These tips are a good starting point for improving your ability to stay safe using the internet, email, and your phone. There are many websites and resources where you can learn more and stay informed about phishing and other forms of malware. We listed a few below. You can click on the links, but (if you are a little paranoid at this point), you can search for “consumer phishing resources” or just “phishing resources” using your favorite search engine. Good luck, and stay safe.

Select Phishing Resources

  1. Knowbe4: The world’s first and largest new-school security awareness training and simulated phishing platform.
  2. Phishing.org: A project from KnowBe4 that is a resource for IT professionals to keep you up to date on the latest phishing threats. The Resources page has some free tools to help improve your phishing knowledge.
  3. Phishing info from the Federal Trade Commission.
  4. A phishing primer from the National Cybersecurity Alliance.

The post Let’s Not Go Phishing Today: Tips for Home Computer Users appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

How to Download and Back Up Your Twitter Account

Post Syndicated from Barry Kaufman original https://www.backblaze.com/blog/how-to-download-and-back-up-your-twitter-account/

If you’ve been following the news lately, you might be thinking now is a good time to start downloading and backing up your Twitter history.

It’s officially the Elon Age of Twitter, and subsequently, there have been a few people rumbling about leaving the platform following Musk’s firing of top executives and an alarming rise in hate speech. Needless to say, we’re sticking around—you might have stumbled upon this article from Twitter itself. We just can’t quit the little blue bird quite yet. But there is one thing we can do, and that’s help you download and back up your Twitter archive—most likely for free.

Whether you’re anti-Elon or you’re just worried that the folks who are good at building electric cars or spaceships might not know how to manage a social media algorithm, you can take a few easy steps to protect your treasured Twitter memories. Here’s how.

Downloading Your Twitter Data

The first step is to log in to your Twitter account on a web browser. Once logged in, click on the “More” section in the navigation bar. From there, a new navigation bar will appear. You should select the “Settings and Support” dropdown, followed by the “Settings and Privacy” tab to progress.

Under the “Your Account” section, you will find an area labeled “Download an archive of your data.” The function of this is pretty self-explanatory, but does lead to a further menu that allows you to request an archive of your Twitter data or Periscope data.

After requesting your archive you will receive a notification with a link when your archive is ready for download. This archive will consist of a ZIP file with data that Twitter has deemed most relevant or useful to you, including DMs, moments, profile media and any media you may have used in your Tweets such as gifs, photos, and videos.

Archive Your Twitter Data for Free

Once you download your Twitter data, you can then save a full archive copy in the cloud on Backblaze B2—for free if it’s under 10GB.

Click here to get started with Backblaze B2 Storage Cloud today.

Back Up Your Twitter Data (Not Free, But Super Easy)

In addition to an archive copy, it’s important to use a secure backup strategy so all of those Tweets and memories will be preserved and kept safe from accidental deletion, equipment failure, or disasters (whether they’re natural or Musk-made). This is where a 3-2-1 backup strategy comes in handy. Using a 3-2-1 approach means keeping one copy of your data locally, one copy on a different type of media like an external hard drive, and one off-site (the cloud is a great place to keep it!).

You’ll need to manually download your Twitter data periodically, but once you have it on your machine, you can ensure it’s backed up with Backblaze Computer Backup—it automatically backs up all of your files, including documents, photos, music, movies, and, yes, all of that Twitter data you downloaded.

Click here to sign up for a 15-day trial of Backblaze Computer Backup, and save those Tweets.

While You’re At It…

We’ve gathered a handful of guides to help you protect social content across many different platforms. We’re working on developing this list—please comment below if you’d like to see another platform covered.

The post How to Download and Back Up Your Twitter Account appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.