I'm sure by now you have heard about the WannaCry ransomeware that has hit businesses in over 100 countries world wide. It encrypts your files and threatens to delete them unless you pay the ransom to have them decrypted.
1. Make sure you have a good backup of your files....
2. Update your operating system. If you are still running Windows XP, Microsoft released a special update for this exploit but there are no regular security updates. You should upgrade to Windows 10.
3. Install/update your anti-virus software.
4. NEVER, NEVER, NEVER open any unsolicited emails and NEVER, NEVER, NEVER, open attachments that you were not expecting.
It's getting ugly out there. Practice safe computing.
If there is one day that we are on our guard, it's April fools day. When it comes to scams, we should treat every day like it's April 1st. Here are some things to look out for regardless of the date.
That email from a friend or colleague. Does the email make sense? If your friend's contact list had been hijacked, hackers can send you messages that can direct you to a click on a link. The scammers can make the message seem very real but think about it. Does the email make se...nse. Verify with your friend but not by email. Use another communication medium.
Most email now is HTML (looks like a website with graphics and links). Is that link going to where it says it's going? Links can be spoofed. The link can say one thing but it actually going somewhere else. Hover your mouse over the link. Depending on which email client or browser you're using, there will be a small pop up, either at the link or at the bottom of the browser, that will show you the real destination of the link.
If you receive an email with an attachment that you are not expecting, DO NOT OPEN IT. Remember what happened to that curious feline.
Beware of bogus virus warnings. Telephone scammers will call you and try to scare you into giving them remote access to your computer. Web scammers will direct you to a website that looks very convincing and tries to extort money or to install malware or viruses.
When in doubt, call someone you trust. Do a google search in regard to the item in question. Call an IT professional. Any costs you accrue getting an answer will be far less than if your computer is compromised or all your digital memories disappear.
So go out and punk someone tomorrow but practice safe computing.
Attention all Android users. Have you installed the app 'Good Weather' recently? The Trojan posed as a legitimate app to get by the Google Play Store security. The bad app was only available for a short time but it is worth a new post.
Most people don't even look at the requested administration privileges when they install an app. This one will request a change to screen unlock password and the ability to lock the screen. It will then attempt to steal your banking passwords. It can intercept SMS messages. It can also lock your device and it cannot be unlocked until it receives an unlock command from the attacker.
If you installed this app recently, remove it. If you installed it prior to mid February, review the security settings. If anything looks strange, remove it. Practice Safe Computing.
If you are using Google Chrome, beware of a new scam just waiting to bait you and compromise your security. Here's how it works. You will receive dialog popup saying that a 'Font Wasn't Found". The box will have an update button. If you click the Update button, it will install not only malware that can trace your steps online but install ransomware software.
If you see the dialog, note the website you were just on, close your browser right away. As an added precaution, clear your cookies. Do not return to that website. If it is a corporate site, send an email informing them that their site has been compromised.
The dialog is pictured. Practice safe computing.
I'm sure you have all heard about the breach that Yahoo had. Since that breach, people have dropped their Yahoo account in favor of a Gmail account. If you have a Gmail account, read the attached article. Hackers are launching a new Phishing campaign that is very convincing. It is so good that professionals are being fooled. Please read the article. Forewarned is forearmed.
It's things like this that get my feathers ruffled. When your computer isn't working correctly and you need help, you want to turn to someone you can trust. When a major retailer abuses that trust it makes for a very long and expensive day. Take a look at the article below. Office Depot has let it's customers down. Chose your support wisely.
Special Warning for Windows 8 and 10 Users
Beware of a new scam that has been identified. This malware masquerades as Microsoft Security Essentials ( the built-in malware software from Microsoft ). The installer for this malware is introduced via a drive-by download from websites that have been compromised.
Once the malware is installed you will be presented with a false Blue Screen of Death (BSoD). This screen is usually presented when there is a problem with the hardware o...r severe issues with the operating system. The false screen is shown in this post and it has a phone number to call to resolve this issue. The real BSoD has no phone number.
Keep your anti virus and spyware software up to date. Be diligent and practice safe computing.
Is your TV secure?
As you may or may not have heard, a big portion of the Internet in the US and Canada was effectively shut down last Friday. Sites like Netflix, Spotify, PayPal, Twitter and others were inaccessible.
The attack was a Distributed Denial of Service (DDoS) attack. This is when a server is flooded with so many requests that it becomes overloaded and is unable to respond to legitimate requests. When the attack is on DNS servers, (the internet’s phone books) then... the result is websites that are unavailable.
The hackers used a ‘botnet’. A collection of computers that have been compromised by malware to allow the hackers to control them. These computers are then used to collectively stage the attack. This kind of attack isn’t new but what makes this more disconcerting is they used internet ready appliances.
The Internet of Things (IoT) is a system in your DVD player, your smart TV, your WiFi security cameras to name a few, to allow these items to communicate over a network or over the internet. These appliances were compromised and used in the cyberattack.
They were compromised because most people don’t think about security for these appliances. They use the plug ’n play approach and forget about it. You must take some time to secure these gadgets. Take as much time as you do to secure your social media account or your home network. Change default passwords. Use strong passwords. Store these strong passwords in a password manager. Make sure firewalls are properly setup. Make sure your WiFi network is secure and the password to your router has been changed. Keep your Anti Virus and Anti Spyware software up to date on your computers.
Convenience is a wonderful thing but don’t let it compromise our enjoyment of our online world. Take some time to secure your internet connected devices. This time it was just the inconvenience of not being able to watch your favourite show or listen to your music. Next time the breach could be much worse. Let’s not make it easy for the hackers. Security is everybody’s responsibility.
If you have an American Express card, please read this article below. This new phishing scam mimics correspondence from Amex so well, that it is fooling some that typically spot these types of scams.
Protect yourself. Always be skeptical when an unsolicited email requests your personal information. Please read the article below from Inc.
Familiar phone call: "I think I opened an email you told me not to open and now things aren't working right". I have posted on this subject before but it's worth repeating.
There are lots of scammers out there looking to part you with your money or just screw up your files for kicks. After opening an email from an unknown source, a client got a pop up on their screen that looked legit. It said it was from Microsoft and that their PC was experiencing problems and they should ...call the number below to be connected with a 'Microsoft Tech'. Well the client did just that.
We now have a mess on our hands because the client allowed the 'Tech' to connect remotely to their PC. If that wasn't bad enough, they left the 'Tech' unsupervised. Well the worse happened. Their server was compromised.
First of all, these kind of pop ups DO NOT exist in the real world. There is nothing in Windows that prompts you to call their technicians "UNSOLICITED". There are places within the help and support files with phone numbers to call for assistance but never unsolicited.
Second; if you receive an email from an unrecognizable source. Delete it! Don't let your curiosity get the best of you. Remember what curiosity did to the cat. You're risking your PC, all you photos or your business.
Be diligent. Use common sense and if there is a doubt, ask someone. Ask me in a message here. Ask the 13 year old kid down the street, but don't guess. This little fiasco will cost my client in many ways. It could have all been avoided with one phone call.
If you spend a lot of time at a computer, and you are experiencing headaches, back pain, eye strain and shoulder stiffness, your workstation may need an ergonomic overhaul. Here are the 4 steps to an ergonomic workstation as suggested by UCLA Ergonomics.
Step 1: Your Chair
- Push your hips as far back as they go in the chair
- Adjust the height so your feet are flat on the floor and your knees equal to or slightly lower, than your hips....
- Adjust the back of your chair to a 100-110 degree angle
- Adjust the armrests so your shoulders are relaxed
Step 2: Keyboard
- Pull up close to your keyboard
- Position the keyboard directly in front of your body
- Position the most used portion of your keyboard centered with your body. If you have a keyboard with a numeric keypad, center the letter portion in front of you not the entire keyboard.
- Do not use a wrist rest that is higher than your space key
- Make sure your wrists are straight when typing
Ste 3: Monitor
- Center the monitor directly in front of you above your keyboard
- Position the top of the monitor 2-3 inches above seated eye level
- Sit at least arm length away from the screen then adjust for your vision
- Place your monitor at right angles to windows to reduce glare
Step 4: Pauses and Breaks
- Take short breaks every 20-30 minutes
- Avoid eye fatigue by resting and refocusing your eyes periodically. Focus on something in the distance.
- Be aware of your shoulders. Make sure they are relaxed and not hunched up to your ears.
- Get up and walk around periodically
It has been reported that 32 million Twitter usernames and passwords are up for grabs on the Dark Web. Twitter says they were not hacked. So how did they get them? Stick with me because this has implications beyond Twitter.
Twitter confirmed that they were not hacked. This list was collected through exploiting third party flaws, badly protected websites and carefully crafted malware. If you have Twitter account, it would be in your best interest to change your password.
Here...'s the kicker. It's a proven fact that most people use the same or similar passwords for all their accounts. If the criminal element that would make use of this list have one password, they could easily try and get into your other accounts which may have the same password.
Change your passwords often. Use a password manager which can keep track of your multiple passwords. Be diligent. If you have had an account hacked, it is not a good feeling. If your identity is stolen, it could take months or years to straighten it all out. Keep your anti virus and malware software up to date.
Proactive is a lot cheaper than reactive.
As technology gets better so does the sophistication of the virus and malware writers. New version of ransomware was detected on May 24. This version infects users computers via malicious spam, malicious macros in Microsoft Office documents, and fake software installers.
If you get infected, it will try and distract you by putting up an innocent pop-up or dialog box while it communicates with the command and control server and begin the encryption. The pop-up will continue t...o appear while it's running.
Microsoft had noted in its alert that it targets 82 different file types but there have been some reports of as many as 121 different files extensions.
Be very suspicious of any email with attachments. If you didn't request it, don't open it. Update your anti virus and malware software and backup, Backup, BACKUP your data.
How safe do you feel on your cell phone. After seeing the battle between Apple and the FBI, you might think 'my phone is encrypted, I don't need to worry'. Well you do. Watch the video below. It's about 15 minutes but worth the view. It's a 60 minutes piece.
You must remember that your cell phone is basically a computer and any computer can be hacked. You must also be vigilant regarding talking to people about your technology. It is far easier to get the password from talking to someone then it is to hack. Social hacking is at an all time high.
Don't open emails that might be even slightly suspicious. Be careful. If you didn't request it, don't open it. Take a look. It's quite interesting.
Attention all Google Play Store users. A new strain of malware has been discovered in more than 100 apps in the Google Play Store.
These apps claim to provide photo editing, animated wallpapers and other functions. They will send personal information to a remote server. The link below will give all the information about this Trojan.
Install anti virus on your Android device. Google has been notified and they are pulling the infected apps. This is not the first time the Play... Store has been infected.
Practice safe computing. Be vigilant.
Adobe released a bulletin stating that a security flaw in Adobe Flash could leave your PC vulnerable to a hacker. If the bad guys exploit this flaw, they could take over your computer. It is recommended that you update your Flash. All platforms are affected; Windows, OS X, Linux, iOS, Android and Chrome OS. Below is the link to the original article. The download link for the update is listed there.