Malware Being Spread Through Online Ads

October 3rd, 2013

Advertising sign

A new threat is emerging for both desktop and mobile internet users. It’s called malvertising and, as Adam Greenberg reports for SC Magazine, is a way to spread malware to unsuspecting users through online advertising.

These malicious ads are placed individually by hackers on otherwise legitimate websites. The hackers must convince companies through email and by using false identities to agree to put up the malvertising. When visitors to the site click the ads, it downloads malware onto their machine.

The criminals are specifically targeting sites with a lot of traffic and security experts estimate each malicious ad averages about 100-thousand views before it’s taken down. Users have to actually click the ads to be affected, but with so many views there’s the potential for a large number of users to be infected with malware. These threats are fairly widespread also with an estimated 10-billion malicious advertisements seen in 2012.

Because hackers are using fraudulent credentials, it’s difficult, or nearly impossible, to track them down even after an ad is found to contain malware. The key to stopping these attacks is for companies to be more judicious in selecting the ads they place on their websites. Asking about corporate and individual identities behind these ads before allowing them on a site is vital to avoiding potential headaches down the road.

Be aware that, while there are some legitimate advertisers who will contact you directly to place ads on your website, there are others who are attempting to spread malware. A safe option is to use PPC ads from a trusted source like Google or Bing.

For users, clicking on ads is a natural part of the web surfing experience, but some caution is needed. Clicking only on ads from reputable companies doesn’t always keep you safe, but it is a start. If your computer is infected with malware, call or come by Geek Rescue and we’ll clean it. Call us at 918-369-4335.

Beware Government Shutdown Related Email Scams

October 3rd, 2013

Email scam sign

When there’s a major event that captures the attention of the media, you can bet that a related scam will be developed quickly. The royal baby’s birth was one of the latest historic events to be taken advantage of by cyber criminals. As Anand Muralidharan reports at the Symantec blog, spam emails related to the government shutdown is the current threat.

You may be curious to know how the government shutdown can be misappropriated for use by spammers. The answer is that it requires some creativity. The spam emails that have been reported so far have claimed to offer vehicles at half-price for the duration of the shutdown. The emails bear no markings from car manufacturers or car lots, but offer a link to follow for half-priced 2013 model cars and trucks.

Many of these emails are able to slip past spam filters. This may be in part due to their changing email header, or subject.

“Get half-off our autos for each day the US Govt is shut down”

“Get half off MSRP on new autos for each day of govt. shutdown”

These email subjects, or something similar, should alert you that the message is spam and the link will likely take you to a malicious website.

That no official brand logo or company name is used makes these emails much easier to spot and avoid. This likely won’t be the only government shutdown related scam appearing in your inbox, however. And the longer the shutdown lasts, the more opportunities for scams.

Being aware that scams like this are out there makes you less likely to become a victim. Always be cautious of unsolicited emails from untrusted senders.

If you’d like to upgrade your spam filters, or improve the overall security on your computer, call Geek Rescue at 918-369-4335.

What To Do If Your Facebook Account Is Hacked

October 2nd, 2013

Hacker

Your Facebook profile is an appealing target for cyber criminals. With access to your profile, they immediately have access to all of your friends also. A hacked Facebook account has led to the hacker asking for money from Facebook friends, posting malicious links on friends’ walls and other suspect behavior.

Andy O’Donnell, of About, notes that you’re usually not the first to find out you’ve been hacked. A friend may text you to ask about an odd status update or message. When you try to sign into your account, either you’ll notice that someone else has been posting messages as you, or you’ll be locked out completely. If you believe you’re account has been hacked, follow these steps.

  • Go to facebook.com/hacked, which is the Facebook Account Compromise Reporting page.
  • Click ‘My Account is Compromised.”
  • You’ll be taken to the ‘Identify Your Account’ page where you’ll be asked to enter your email address, phone number, or your name and the name of a Facebook friend.
  • Follow the on-screen instructions.

Once you’ve re-gained access to your account, you’ll want to un-do anything that the hacker did. First, change your password. Take this opportunity to make it stronger by using upper and lowercase letters, numbers and symbols. Check your apps page to delete any suspicious apps the hacker may have added. Be sure to tell all of your friends that your account was hacked so they don’t follow any links the hacker may have sent them.

After you’ve taken care of any issues on Facebook’s site, take some time to think about how your account was compromised. Malware on your computer can result in hacked accounts, so a full-scan of your hard drive may be in order.

If you believe your computer is infected with malware, call Geek Rescue at 918-369-4335. We remove malicious programs like malware, Trojans and viruses from any device and have security options to help protect you from future attacks.  

Apple iMessage Bug Has A Quick Fix

October 2nd, 2013

Apple with worm

It’s not a big surprise that some users are encountering problems after upgrading their iPhones to iOS7. Initially, there were concerns over ways to bypass the fingerprint scanner. Now, more and more users are complaining that they can’t send or receive messages with iMessage.

Matthew Panzarino, of TechCrunch, reports that Apple is working on an update that will fix the issue, but there’s a quick fix that might work for some users.

First, let’s get to the quick fix. According to an Apple support document, turning off iMessage, then using the Reset Network Settings function, then turning iMessage back on allows users to again send messages. This causes your iPhone to re-authenticate iMessage, but some users are already reporting that while this does allow you to send messages, it only works temporarily.

Apple released a statement about the errors some users are encountering and estimated that only a “fraction of a percent” of their users were affected. Whether or not that’s accurate, those that are affected are frustrated. They’re stuck without a fully functioning iPhone until Apple releases an update to fix the problem.

Once that update is released, it’s a good idea to back-up your phone’s data before installing it. When Apple patched their previous security related bug for iOS7, some users reported it crashed their smartphones. So, it’s better to be safe than sorry.

Luckily, if you do lose data from any of your devices, Geek Rescue helps restore it. We also fix broken devices and get rid of malware infections. If it boots up or turns on, we fix it. Call us at 918-369-4335.

These Tips Help Prevent Damage To Your Devices

October 2nd, 2013

Broken smartphone

After a few months of ownership, your new device will start to have some wear and tear. Scratches, or chipped corners are common. Max Knoblauch, of Mashable, writes that some of that wear and tear, as well as more serious damage, is avoidable. Here’s a list of ways to keep your gadgets looking newer for longer.

  • Don’t let laptops overheat

Laptops have fans built in to keep them cool. Those fans don’t work as well if the vents are covered by blankets, carpet, or even your lap. Using your laptop for long periods of time without proper ventilation causes a decrease in your battery life and can impact your computer’s performance. In some cases, laptops have even caught fire when overheated. 

  • Use a case

Most people have a protective case on their smartphones to protect when it’s inevitably dropped or falls on the ground. Fewer people put as much thought into how they transport tablets and laptops. There are bags and cases made specifically for transporting these items, yet many choose instead to throw them in backpacks with a number of other things. That’s how screens get broken and corners dented. 

  • Don’t stress out cords

Your phone charger, especially for Apple products, is surprisingly delicate. When you yank it out of the wall by the cord, or coil it too tightly when packing it, it tends to break. The same goes for headphones. Wrapping them too tightly around your mp3 player will cause them to stop working faster. Wrapping them while they’re still plugged in can even cause damage to your device’s headphone jack. 

  • Clean the right way

Screens get smudges and fingerprints on them. Naturally, you want to clean those off, but you have to be careful. Household cleaners eat away at your screen’s coating. There are products available for cleaning electronic devices. Usually, just using a dry rag will remove dust and smudges. 

  • Remember to create back-ups

This bit of routine maintenance won’t affect the look of your device. Backing-up your important data will keep you safe in case your device suddenly breaks down, however. Creating a back-up doesn’t take much time, but it’s something many continue to put off. Computers and smartphones often die sudden deaths, so having a back-up avoids a potential disaster. 

These simple tips help keep devices safe from day-to-day damage, but they won’t ever be invincible. If you have a broken screen or other damage to your device, bring it to Geek Rescue and we’ll fix it. Come by or call us at 918-369-4335.

Facebook’s Graph Search Is Here, Adjust Your Privacy Settings

October 1st, 2013

Private sign

Facebook officially launched Graph Search to all users, which makes it possible to search for, well, anything that’s ever been posted on Facebook. Every comment, status update, check-in, photo and more can be turned up by a simple search. For those who have had a Facebook account for nearly a decade, you might not want people to easily be able to see what your 20 year old self was saying.

Ashley Feinberg, of Lifehacker, posted a privacy guide that let’s you lock down your old posts so they’re not available to just anyone. This way, you won’t have to go through and individually select privacy for each and every status update and comment you’ve made on Facebook.

  • Click the ‘Privacy Shortcuts’ icon, which looks like a padlock in front of three lines and is located in the top right corner of any Facebook page. 
  • Click the ‘See More Options’ link at the bottom of the drop down menu.
  • Now click ‘Limit Past Posts’, which is found on the far right about half way down.
  • You’ll encounter a warning from Facebook that anyone who isn’t your friend won’t be able to see your old posts. Click ‘Limit Old Posts’.
  • Facebook will again ask you if you’re sure. Click ‘Confirm’.

Just like that you’ve made it impossible for strangers to unearth your old Facebook posts. There’s still the problem of friends coming across something embarrassing you may have posted in your younger days. If you’re worried about that possibility, find the specific post by searching for it yourself, or going to the year on your timeline it occurs, if you remember of course. Then you can adjust the privacy settings for that specific post and make it visible to only you. 

Privacy on any social media platform is important because cyber criminals are able to use personal information against you. What you share on Facebook helps them hack into other online accounts, or target you in a spear phishing scam.

Be careful about what you are sharing online. For help improving the security on your computer, or mobile device, contact Geek Rescue at 918-369-4335.

New Form Of Malware Threatens Multiple Accounts

October 1st, 2013

Malware

Fort Disco sounds like an oddly themed night club, but it’s actually a dangerous form of malware that targets users of WordPress and Joomla. Lucian Constantin, of ComputerWorld, reports that the malware has also been documented attacking POP3 email and FTP servers.

Fort Disco is described as a brute force password guessing form of malware. This means that it infects a machine, then attempts to hack into the user’s accounts by trying random passwords. That’s where the term brute force comes in. There’s no finesse used to break into accounts. Instead, password after password is tried until the malware gains access to the account.

Security experts estimate that Fort Disco has infected more than 25-thousand Windows users and successfully hacked into more than 6-thousand WordPress, Joomla and DataLife Engine accounts.

Once the malware infects a machine, it’s able to communicate with its creator to get instructions on what accounts to attack. Since it is hosted on a user’s machine, email accounts and even FTP credentials are also at risk.

Brute force password attacks against content management systems aren’t rare, but Fort Disco is a unique way to hack those accounts. This malware is easily distributed across a large number of computers, and puts multiple accounts in harms way.

As with all types of malware, there are multiple ways it can infect your computer. To stay safe, be extremely cautious what websites you visit, what you download to your computer and what emails you open. Since Fort Disco has been seen hacking email accounts, it’s likely that a number of spam emails containing the malware are being sent.

If your computer is infected, or if you’d like to improve the security on your machine, contact Geek Rescue at 918-369-4335.

Large Scale Botnet Take Down Highlights Looming Threat

October 1st, 2013

Zombie

A botnet is a way for cyber criminals to use your computer to perform tasks like sending spam emails, spreading malware and other fraudulent uses. Infected computers will be able to communicate and form an entire network of zombie machines, which are all under the control of hackers.

Tom Espiner, of the BBC, reports that security company Symantec recently disabled 500-thousand infected computers that were acting as part of a botnet. The ZeroAccess botnoet, used for advertising and online currency fraud, was previously made up of 1.9-million machines.

The ZeroAccess botnet uses people’s computers to execute click fraud. Online advertisements generate income for websites that host them based on how many users click on them. This botnet used zombie machines to generate false clicks, which made them money.

By disabling 500-thousand of the infected machines, the hackers will lose about a quarter of their income. However, the identity and location of these criminals is unknown so experts warn that they’ll be working to restore their numbers quickly.

Symantec initially stepped in to take down the ZeroAccess botnet when it noticed an updated form of the Trojan program, which ZeroAccess installs on infected machines, being distributed. This malware made it more difficult to disrupt the botnet’s communications. Symantec felt they needed to act now, before updated malware made it impossible to disable any infected computers.

Perhaps the most troubling part of a botnet is that most users won’t know their computer is being used by a third-party. Infected computers will experience a decrease in performance. Your computer will be slower because a portion of its resources are being used as part of the botnet.

It’s also a good idea to check the sent messages folder in your email. If there are messages that you didn’t write being sent from your email address, you’ve got a problem and may be part of a botnet.

If you’re experiencing computer trouble or want to upgrade your cyber security, contact Geek Rescue at 918-369-4335.