We are in need of donated Christmas decorations to decorate our lawn and porch such as children’s sleighs, artificial topiaries and poinsettias. Please conatact Carol at 207-713-5888 or camashaw@myfairpoint.net. Food, music, gift baskets and raffles will be part of this event.

DEAR SUN SPOTS: The United States Office of Personnel Management is sending out letters to persons who were allegedly compromised by a cyber attack. The letter purports that though protection is somewhat provided, the 25-digit pin number provided should be used to sign up for additional protection.

My question: If they already have my name, address, etc., why don’t they just provide the additional protection without additional contact? Is this notification legit? — Just Wondering.

ANSWER: Lisa Weintraub Schifferle, attorney for the Division of Consumer & Business Education at the Federal Trade Commission, wrote:

“You just got an email saying your information was exposed in the OPM data breach. Wondering whether the email is the real deal or not? Here are a few things to look for:

“OPM will be sending most breach notifications by email between June 8 and June 19. The email will come from this address: opmcio@csid.com. If you get an email about the breach from a different address, then it’s a scam. Don’t click on any links or provide any personal information.

“The real email from opmcio@csid.com will include your name, your PIN, a button to ‘enroll now’ and information about the CSID Protector Plus program. If you prefer, rather than clicking the ‘enroll now’ button, you can go directly to CSID’s website to enter your PIN and enroll.

“Here’s what to expect on CSID’s website: First, they’ll ask for your PIN or the last four digits of your Social Security number to make sure you are who you say you are. Next, if you choose to enroll in CSID’s services you’ll be asked to provide additional personal information.

“OPM will not call you about the breach. If you get a phone call saying it’s OPM, then it’s a scam. Don’t provide any personal information. CSID, not OPM, is making all contacts about this breach. The contacts will be by email or U.S. mail, not by phone.

“If you’re still unsure whether the email you got is real, check OPM’s website for more information and updates. If you think you’ve been tricked by a phishing email or a fake call, then file a complaint with the FTC and forward the email to spam@uce.gov.”

DEAR SUN SPOTS: If there is anyone in the Farmington-Jay area who is able to make copies of a CD, I would appreciate a call at 207-897-3555. Thank you. — No Name via mail.

ANSWER: Sun Spots knows of businesses that do CD duplication in other towns, but not the two you mentioned. Let’s hope someone calls you and offers that service. Good luck!

Use the QR code to go to Sun Spots online for additional information and links. This column is for you, our readers. It is for your questions and comments. There are only two rules: You must write to the column and sign your name (we won’t use it if you ask us not to). Please include your phone number. Letters will not be returned or answered by mail, and telephone calls will not be accepted. Your letters will appear as quickly as space allows. Address them to Sun Spots, P.O. Box 4400, Lewiston, ME 04243-4400. Inquiries can be emailed to sunspots@sunjournal.com, tweeted @SJ_SunSpots or posted on the Sun Spots facebook page at facebook.com/SunJournalSunSpots. This column can also be read online at sunjournal.com/sunspots. We’ve joined Pinterest at http://pinterest.com/sj_sunspots.

Copy the Story Link