October 22nd, 2014
A new Android ransomware threat is spreading fast thanks to it adapting to become a worm spread through text messaging. The Koler Android trojan was discovered by AdaptiveMobile in the United States and managed to affect hundreds of users in just one day. John E. Dunn of TechWorld explained how the Koler trojan is spreading so rapidly.
Koler began infecting victims who visited untrusted websites like porn and gambling sites. Many examples of mobile malware stays quarantined to those areas and never becomes a large scale problem for the general public. Koler, however, transformed into an SMS worm, which means it sends a shortened and disguised link via text message to everyone in an infected user’s contacts. That link appears to be from the user, which results in many of their contacts clicking on it and being infected themselves.
Those that click on the link are sent to a Dropbox page and asked to install a photo viewing app in order to see some photos that “someone” has uploaded of them. Agreeing to this download results in the Koler trojan to take quick effect.
Almost immediately, the user’s screen is blocked by a message supposedly from the FBI. A ransom is demanded to unlock the phone. Meanwhile, that same link is sent to the user’s contacts.
The good news is that if the default security options are enabled on your Android device, the download of the malware should be blocked because it stems from a third-party. However, many users have already discovered that their security settings aren’t configured correctly to protect them from a threat like this.
The make-up of this attack isn’t complicated, which means it’s also fairly straightforward to disable it. Dropbox has already been asked to remove the download from its servers and disable to link. Attackers could easily move their malicious files elsewhere and continue to victimize Android users, however.
If your device becomes infected by malware, Geek Rescue will fix it. Stop by or give us a call at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 16th, 2014
The latest version of the native operating system for Macs was officially released today. OS X Yosemite takes the place of OS X Mavericks as the latest and greatest operating system available. Overall, the functionality of Yosemite is similar enough to previous versions of OS X that it won’t feel foreign to everyday users. However, there are some key features and additions that you should be aware of. At Lifehacker, Thorin Klosowski published a list of what you need to know about OS X Yosemite. Here are the main points.
By pressing Command and spacebar, you’re able to open ‘Spotlight’, which isn’t new to Yosemite. But, it’s much more useful now than it was previously. In addition to using Spotlight to search your hard drive for applications and files, users are able to search the web, find content on iTunes, read the news, check for movies playing in local theaters and much more. Spotlight has become more of a one-stop feature to help users with whatever they’re currently doing.
Yosemite has turned iCloud into an easily accessible storage feature, which is probably closer to the way it was originally envisioned. Similar to Dropbox, users are able to upload just about anything to their iCloud account, then access it from their other devices. The simplicity and ease of access makes you wonder why this isn’t the way iCloud has always been.
- A Better Notification Center
How do you improve the Notification Center in Yosemite? By making it customizable with widgets. Head to ‘System Preferences’ to view a list of available extensions. Soon, third party extensions will also be available, which means your Notification Center can sync with extensions from Apps you’re already using. To add widgets, open the Notification Center and click ‘Edit’.
While the Mail app in Yosemite looks similar to what was featured in OS X Mavericks, it actually includes a number of handy extra features. You can now sign PDFs and other documents directly within the Mail app without adding a third party app. There’s also a ‘Markup’ button that allows you to make notes on images before you send them. Finally, send larger files via the Mail Drop feature. Instead of attaching large files directly to an email, Mail Drop uploads them to iCloud and sends them to your Contact.
With OS X Yosemite just being released, it may be wise to wait to upgrade. While a public beta version has been available for quite awhile, there are still bound to be some bugs in the days following this official release.
If you’re having issues with your Mac, or any other device, Geek Rescue is here to help. Stop by or give us a call at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 14th, 2014
You’ve likely heard warnings about using unsecured WiFi networks, but what have you done to protect yourself? According to a recent study conducted by Experian, most of us are making little to no effort to stay secure despite understanding the risks. More than a third of those responding admitted to logging into their bank account while on public WiFi and over half of respondents admit to entering credit card information to sites without checking to see if they’re secure. And yet, 9 out of 10 believe everyone should be more concerned about identity theft.
So, what can you do? At Private WiFi, Jared Howe listed some ways to keep your personal information secure in any situation.
Whether you regularly connect to public WiFi or you’re extremely careful, chances are the password to at least one of your online accounts will be compromised eventually. Password theft can occur in many different ways and it doesn’t always mean an individual user did anything wrong. That’s why it’s important to regularly change passwords and use unique passwords for each account. Changing your passwords protects you in case your log-in credentials were recently stolen and using different passwords for each account ensures that when one account is hacked, it doesn’t mean a criminal now has access to multiple accounts.
In order to infect your device with malware or trick you into giving up your personal information, cyber criminals have a variety of methods. You have to be cautious of links and attachments sent to you in an email. Downloading these attachments or following these links can infect your device. Sometimes, the websites those links point to are designed to persuade you to enter your information, however, which then allows criminals to use that information to hack into accounts or steal your identity.
Many users don’t use any kind of lock on their smartphone or tablet, but that makes your device more of a target. Even though most locking methods aren’t incredibly difficult for a knowledgeable individual to by-pass, just having one in place discourages many would be thieves. It’s also advisable to disable geotagging features.
If you find yourself needing to connect to public WiFi often, you should consider investing in a Virtual Private Network. A VPN encrypts the data transmitted between your device and the internet, which would otherwise be free to intercept on an unsecured network. There are many options available for effective VPNs.
Staying secure means investing time and money now in order to avoid catastrophe later. For help with security on any of your devices, or to recover from a malware infection, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 13th, 2014
Setting up an effective IT infrastructure is vital for any business, but protecting that infrastructure extends past the IT department. Teaching your employees how to protect themselves, and your company’s data, is also essential. At Tips 4 Tech, Allan Pratt lists some important tips your employees should know in order to keep your network secure.
It’s the most basic security tip out there, but many users still fail to implement effective passwords, which leads to easy exploitation of networks. Make sure you are educating your employees on basic password practices. For example, don’t re-use the same password over and over for multiple accounts. Also, be sure you’re using longer passwords that use upper and lowercase letters and numbers and symbols.
Chances are, all of your employees will be using a web browser at some point. It’s important they understand how to stay secure online and avoid accidentally infecting your entire network with malware. First, that means they understand the important of using a secure connection using HTTPS for accessing their webmail or other important actions that involves sensitive information. Second, warn them about links. URL’s can be shortened or disguised to hide what website they point to. It’s a common way to direct users to sites designed to steal data or infect them with malware. Be sure you’re helping your employees stay in front of common threats.
Email is a common way for malware to get into your network. Teach employees not to open emails from unknown senders. Also, explain the dangers of attachments and try to stop them from downloading any attachment that they weren’t expecting, even if it seems to be from a known contact. These two practices alone greatly cut down on the risks associated with email.
Creating regular back-ups of your data won’t stop a problem from happening, but it does make recovery much easier. If your employees are in the habit of backing up their work, a natural disaster or debilitating virus won’t knock you offline for long. This will also keep you from having to explain to your customers that their data was lost.
These basic tips help to keep your company’s data secure, but there are other provisions that will help safeguard your network.
For help with security and other IT solutions, call Geek Rescue at 918-369-4335.
For other business solutions, visit our parent company JD Young.
October 6th, 2014
A browser hijacking program does just what it’s name suggests it does. When you load your web browser of choice, the hijacker goes into effect and sends you to an alternate website than your chosen starting page. Often, this is an alternate search engine that allows malware developers to record your search and browsing habits, which helps them develop more effective malware. These search engines could also direct you to websites that infect your machine with malware without your knowledge. One of the most infamous browser hijackers is Snap.do, which is running a many users’ computers without them knowing it. At A Tech Journey, Anup Raman explained the most common way to remove Snap.do.
For most users infected with Snap.do, the program will appear in the list of programs installed on your computer, which means you can click on the uninstall option and get rid of it. Go to your ‘Control Panel’ and click on ‘Programs and Features’. A list of everything installed will come up that you can search for ‘Snap.do’, ‘Smart Bar’ or anything from developer ‘Resoft Ltd’. Once you’ve gone through the uninstall process, search your hard drive for ‘smartbar.installer.mini’, which is an executable file often found in the Downloads folder. Remove that file, then run a full anti-malware scan. Now that the program has been removed, you’ll want to load your preferred web browser and make changes there.
Mac users have a similar process for removing Snap.do. First, open the ‘Applications’ folder on the desktop. One of the applications listed should be ‘Snap.do’, which you can click on and drag to the trash. Now, empty the trash. That should remove the program from your computer, but you’ll still want to load your preferred web browser to remove it completely.
Before Snap.do is completely removed, you need to change the settings in your browser. For IE, open the browser and click on the gear icon in the top right corner. Select ‘Internet Options’ or ‘Tools’. Click to the ‘Advanced’ tab and click on the ‘Reset’ button. A new window will appear where you need to check the box next to “Delete personal settings” and then click ‘Reset’ again. Close the window, and hit ‘OK’ on the prompt that opens, then close the browser. When you open it again, Snap.do should be gone.
For Chrome, open the browser and click on the menu button. Hover over ‘Tools’ and select ‘Extensions’ from the menu. Snap.do should be listed here. Click on the trash icon on the right next to Snap.do then click the menu button again. This time, go to ‘Settings’ and select ‘Manage Search Engines’. Click ‘Make default’ next to whichever search engine you want to use, then click the ‘X’ next to Snap.do. Finally, go to ‘Settings’ one more time and under ‘On startup’, click the button next to ‘Open the New Tab page’. That should do it.
Open the browser and click on the ‘Firefox’ button in the top left corner then select ‘Help’. Depending on your operating system, you may be able to click on ‘Help’ from the menu bar. Go to ‘Troubleshooting Information’ then select ‘Reset Firefox’. A confirmation window will appear where you’ll need to select ‘Reset Firefox’ again. Your browser will close, then re-open with Snap.do removed.
These are the typical fixes for Snap.do and other browser hijacking programs. But, these methods won’t always completely remove the problem. In some cases, the malware is more complicated and will need additional work to remove.
For those complicated cases and for other IT problems, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 2nd, 2014
Having your smartphone or tablet stolen is certainly no fun, but device theft could actually have more than just one victim. There’s also the individual who later purchases the stolen device. Buying a stolen device also isn’t ideal and some users have actually bought devices online that are still locked from their previous user. While there are some precautions you can take to avoid buying a stolen device, Apple has a tool that helps you avoid those devices that have been locked by the previous user. Lucian Constantin has more at TechWorld.
For used iPads, iPhones and iPods, Apple offers a tool through iCloud called Activation Lock. Users don’t need to login themselves, so you don’t have to be a current Apple device owner to use the service. All you need is the serial number of the device, or the IMEI (International Mobile Station Equipment Identity). By inputting one of those numbers, you’ll be able to see the current Lock status of the device.
This tool has been available since the release of iOS 7 as part of the Find My iPhone feature. It wasn’t turned on by default, however, until iOS 8.
The ability to check Activation Lock status is important because hackers actually figured out how to fool devices that had been locked remotely by their owners. That would allow them to sell functioning devices, but that also means the business of stealing devices would continue to be profitable. By using Activation Lock, users are able to see if the owner locked the device, even if it had been hacked and unlocked later.
Simply by including Activation Lock in iOS 7, Apple saw a significant drop in iPhone thefts in both New York and California. By having it on by default in iOS 8 and publicizing it more widely, it could decrease device theft even more.
Apple has some extremely helpful tool for when your phone is stolen or lost, but when your device is broken or just having issues, bring it to Geek Rescue or call us at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.