October 3rd, 2013
When there’s a major event that captures the attention of the media, you can bet that a related scam will be developed quickly. The royal baby’s birth was one of the latest historic events to be taken advantage of by cyber criminals. As Anand Muralidharan reports at the Symantec blog, spam emails related to the government shutdown is the current threat.
You may be curious to know how the government shutdown can be misappropriated for use by spammers. The answer is that it requires some creativity. The spam emails that have been reported so far have claimed to offer vehicles at half-price for the duration of the shutdown. The emails bear no markings from car manufacturers or car lots, but offer a link to follow for half-priced 2013 model cars and trucks.
Many of these emails are able to slip past spam filters. This may be in part due to their changing email header, or subject.
“Get half-off our autos for each day the US Govt is shut down”
“Get half off MSRP on new autos for each day of govt. shutdown”
These email subjects, or something similar, should alert you that the message is spam and the link will likely take you to a malicious website.
That no official brand logo or company name is used makes these emails much easier to spot and avoid. This likely won’t be the only government shutdown related scam appearing in your inbox, however. And the longer the shutdown lasts, the more opportunities for scams.
Being aware that scams like this are out there makes you less likely to become a victim. Always be cautious of unsolicited emails from untrusted senders.
If you’d like to upgrade your spam filters, or improve the overall security on your computer, call Geek Rescue at 918-369-4335.
October 2nd, 2013
Your Facebook profile is an appealing target for cyber criminals. With access to your profile, they immediately have access to all of your friends also. A hacked Facebook account has led to the hacker asking for money from Facebook friends, posting malicious links on friends’ walls and other suspect behavior.
Andy O’Donnell, of About, notes that you’re usually not the first to find out you’ve been hacked. A friend may text you to ask about an odd status update or message. When you try to sign into your account, either you’ll notice that someone else has been posting messages as you, or you’ll be locked out completely. If you believe you’re account has been hacked, follow these steps.
- Go to facebook.com/hacked, which is the Facebook Account Compromise Reporting page.
- Click ‘My Account is Compromised.”
- You’ll be taken to the ‘Identify Your Account’ page where you’ll be asked to enter your email address, phone number, or your name and the name of a Facebook friend.
- Follow the on-screen instructions.
Once you’ve re-gained access to your account, you’ll want to un-do anything that the hacker did. First, change your password. Take this opportunity to make it stronger by using upper and lowercase letters, numbers and symbols. Check your apps page to delete any suspicious apps the hacker may have added. Be sure to tell all of your friends that your account was hacked so they don’t follow any links the hacker may have sent them.
After you’ve taken care of any issues on Facebook’s site, take some time to think about how your account was compromised. Malware on your computer can result in hacked accounts, so a full-scan of your hard drive may be in order.
If you believe your computer is infected with malware, call Geek Rescue at 918-369-4335. We remove malicious programs like malware, Trojans and viruses from any device and have security options to help protect you from future attacks.
October 1st, 2013
Facebook officially launched Graph Search to all users, which makes it possible to search for, well, anything that’s ever been posted on Facebook. Every comment, status update, check-in, photo and more can be turned up by a simple search. For those who have had a Facebook account for nearly a decade, you might not want people to easily be able to see what your 20 year old self was saying.
Ashley Feinberg, of Lifehacker, posted a privacy guide that let’s you lock down your old posts so they’re not available to just anyone. This way, you won’t have to go through and individually select privacy for each and every status update and comment you’ve made on Facebook.
- Click the ‘Privacy Shortcuts’ icon, which looks like a padlock in front of three lines and is located in the top right corner of any Facebook page.
- Click the ‘See More Options’ link at the bottom of the drop down menu.
- Now click ‘Limit Past Posts’, which is found on the far right about half way down.
- You’ll encounter a warning from Facebook that anyone who isn’t your friend won’t be able to see your old posts. Click ‘Limit Old Posts’.
- Facebook will again ask you if you’re sure. Click ‘Confirm’.
Just like that you’ve made it impossible for strangers to unearth your old Facebook posts. There’s still the problem of friends coming across something embarrassing you may have posted in your younger days. If you’re worried about that possibility, find the specific post by searching for it yourself, or going to the year on your timeline it occurs, if you remember of course. Then you can adjust the privacy settings for that specific post and make it visible to only you.
Privacy on any social media platform is important because cyber criminals are able to use personal information against you. What you share on Facebook helps them hack into other online accounts, or target you in a spear phishing scam.
Be careful about what you are sharing online. For help improving the security on your computer, or mobile device, contact Geek Rescue at 918-369-4335.
October 1st, 2013
Fort Disco sounds like an oddly themed night club, but it’s actually a dangerous form of malware that targets users of WordPress and Joomla. Lucian Constantin, of ComputerWorld, reports that the malware has also been documented attacking POP3 email and FTP servers.
Fort Disco is described as a brute force password guessing form of malware. This means that it infects a machine, then attempts to hack into the user’s accounts by trying random passwords. That’s where the term brute force comes in. There’s no finesse used to break into accounts. Instead, password after password is tried until the malware gains access to the account.
Security experts estimate that Fort Disco has infected more than 25-thousand Windows users and successfully hacked into more than 6-thousand WordPress, Joomla and DataLife Engine accounts.
Once the malware infects a machine, it’s able to communicate with its creator to get instructions on what accounts to attack. Since it is hosted on a user’s machine, email accounts and even FTP credentials are also at risk.
Brute force password attacks against content management systems aren’t rare, but Fort Disco is a unique way to hack those accounts. This malware is easily distributed across a large number of computers, and puts multiple accounts in harms way.
As with all types of malware, there are multiple ways it can infect your computer. To stay safe, be extremely cautious what websites you visit, what you download to your computer and what emails you open. Since Fort Disco has been seen hacking email accounts, it’s likely that a number of spam emails containing the malware are being sent.
If your computer is infected, or if you’d like to improve the security on your machine, contact Geek Rescue at 918-369-4335.
October 1st, 2013
A botnet is a way for cyber criminals to use your computer to perform tasks like sending spam emails, spreading malware and other fraudulent uses. Infected computers will be able to communicate and form an entire network of zombie machines, which are all under the control of hackers.
Tom Espiner, of the BBC, reports that security company Symantec recently disabled 500-thousand infected computers that were acting as part of a botnet. The ZeroAccess botnoet, used for advertising and online currency fraud, was previously made up of 1.9-million machines.
The ZeroAccess botnet uses people’s computers to execute click fraud. Online advertisements generate income for websites that host them based on how many users click on them. This botnet used zombie machines to generate false clicks, which made them money.
By disabling 500-thousand of the infected machines, the hackers will lose about a quarter of their income. However, the identity and location of these criminals is unknown so experts warn that they’ll be working to restore their numbers quickly.
Symantec initially stepped in to take down the ZeroAccess botnet when it noticed an updated form of the Trojan program, which ZeroAccess installs on infected machines, being distributed. This malware made it more difficult to disrupt the botnet’s communications. Symantec felt they needed to act now, before updated malware made it impossible to disable any infected computers.
Perhaps the most troubling part of a botnet is that most users won’t know their computer is being used by a third-party. Infected computers will experience a decrease in performance. Your computer will be slower because a portion of its resources are being used as part of the botnet.
It’s also a good idea to check the sent messages folder in your email. If there are messages that you didn’t write being sent from your email address, you’ve got a problem and may be part of a botnet.
If you’re experiencing computer trouble or want to upgrade your cyber security, contact Geek Rescue at 918-369-4335.
September 30th, 2013
You’ve probably taken some precautions to make sure your computer is protected from malware, viruses and other potential security issues. But have you taken precautions to protect your router?
A recent post on NewsFactor notes that there are router-specific malware threats capable of reconfiguring it. A malware infected router is able to redirect users to malicious sites in order to steal data or infect them with more malware and viruses.
Imagine you are using your computer to check your bank balance. If your router is infected with malware, it could redirect you to a similar looking site that is actually designed to steal your log-in information. Minor differences will alert you that something is wrong, but you have to be looking for them. A slight difference in the way the site looks, or a missing option in the menu are tell-tale signs that this site isn’t legitimate.
Thankfully, most banking websites offer security specifically designed to alert you if you’re not on their official website. However, other websites don’t take the same precautions.
Your browser also has security tools available to help keep you safe in these situations. When the warning pops up that a website’s security certificate isn’t recognized, don’t ignore it. This is a warning that using this site puts your data at risk. If you see that warning, don’t use that website. If needed, contact the business directly by phone and ask them about their website.
To protect yourself, make sure your router is updated continuously. Newer models usually update automatically, but it’s worth checking to make sure. Also, use the password protection options. Not only should your router be password protected, but that password should be changed often and not easy to guess.
To find out how to improve the cyber security at your home or office, contact Geek Rescue at 918-369-4335.
September 30th, 2013
Creating an adequate, effective security infrastructure for your business is difficult. It becomes impossible, however, if you don’t take the time to consider where your weaknesses are.
Patrick Budmar, of ARN, reports that security experts estimate that 80-percent of IT security spending at an average company is focused on only 30-percent of the problem.
Firewalls, intrusion protection systems and endpoint security are noted as receiving the bulk of most security budgets. However, diverting funds to increase prevention and detection of threats is a more efficient practice.
Regardless of the amount of security software in place, there will be breaches and gaps in your security. That’s why experts recommend focusing more attention on monitoring data and constantly checking for abnormalities within your network. Many times, a security breach goes unnoticed for weeks or months at a time. This allows for an exponentially higher amount of damage than if the breach was detected immediately.
An audit of your company’s cyber security exposes the potential flaws. It also shows where more attention or funding is needed, and where funds can be diverted from. This way, you’re able to upgrade security by spending more intelligently, not necessarily by spending more.
Geek Rescue provides security audits and the tools needed to improve security. Call us at 918-369-4335 before an attack to avoid costly damage and data loss.
September 27th, 2013
You’ve heard how important robust cyber security is for your business. You’ve read the articles, you’ve seen the statistics and heard the urging from IT professionals. Unfortunately, for many small business owners, the warnings don’t truly sink in until after they become a victim of an attack.
Ericka Chickowski, of Dark Reading, writes that a cyber attack doesn’t have to solely be a negative on your company. It is costly and it could hurt your credibility with your customers and prevent you from offering your services for a time. But, it’s also a chance to learn a lesson and become stronger.
During the recovery process, it’s important for companies that have been victimized to take time to study why they became a target in the first place. The exploit is like a real-world audit of your security infrastructure and, unfortunately, your security failed. Take this opportunity to improve the holes and the day-to-day processes of your company.
Be sure to take this opportunity to address your entire security infrastructure, not just the part that was exploited. Your security likely doesn’t have only one flaw. And even if you find that the software in place is adequate, you may discover that you employees actions put data at risk.
You should also critique your recovery plan. Think about the company-wide actions after the attack took place and consider how they could be improved. Your goal should be to cut downtime and restore data as quickly and fully as possible.
If your security is breached, you definitely can’t afford to ignore it. Let it be a message to you that a more serious investment in cyber security is needed.
For a security audit, or to find out what your options are for improving security, contact Geek Rescue at 918-369-4335.
September 26th, 2013
Craigslist has long been known not only as a legitimate online marketplace, but also a potentially dangerous hub of scams and hackers. A report posted on the Symantec blog alerts that a current scam is harvesting phone numbers from Craigslist ads and texting them spam links.
The actual scam has nothing to do with Craigslist, but that seems to be where the hackers are getting phone numbers. From there, they send a text containing a link. However, the link won’t work on a smartphone.
Instead, users are prompted to use their PC and arrive at a page prompting them to install “GIMP Viewer”, which is legitimate open source software. If the user agrees, they aren’t taken to the actual GIMP site. Instead, they are taken to a fake site where GIMP software is installed with a number of other programs.
Hackers make money each time these additional programs are downloaded. For now, it doesn’t appear that any malware is included in the scam, but it could easily become part of it if criminals decide the current scam isn’t lucrative enough.
To avoid any similar scams, be wary of text messages from unknown sources. You certainly shouldn’t be agreeing to download anything to your phone or PC unless it comes from a trusted source. A link in an unsolicited text message would not be a trusted source.
To protect your smartphone and PC from future malware infections, contact Geek Rescue at 918-369-4335.
September 26th, 2013
Browser extensions enhance the capability of your web browser. There are a number of uses for browser extensions. Many are designed to improve security or boost productivity. Recently, more and more extensions have been made by hackers, however.
Lucian Constantin, of ComputerWorld, writes that malicious browser extensions are a growing concern among security experts. That’s because they are difficult to protect against.
Malicious extensions have been seen before. They’ve been used to hijack searches and show ads to users. Recently, an IT security consultant was able to create an extension with much more harmful capabilities.
This example malware was able to be controlled remotely. It’s able to bypass two-factor authentication, perform functions, such as downloading other malicious files or controlling the webcam and steal data.
Malicious extensions are a growing concern, but there are few options available to protect yourself from them. Many antivirus programs are unable to detect and remove this malware. Security extensions added to your browser are also powerless.
Your chosen web browser actually has a significant effect on how much at risk you are. Firefox users are considered to be the most vulnerable. This is because it allows for third party extensions to be added, which means hackers can convince users to install the malicious extensions themselves, or can use malware downloaded through other means to install them remotely.
Chrome users, on the other hand, are at a relatively low risk. Chrome only allows extensions to be added from their Web Store, which only contains extensions that have been approved by Google. This doesn’t mean that there can be no malicious extensions added to a Chrome browser. It just means it’s much more difficult than with Firefox.
Exercise caution when adding extension to your web browsers and make sure you understand what your security software does and does not protect against.
To improve the cyber security on your home computer or at the office, contact Geek Rescue at 918-369-4335.