Millions Of Google Accounts At Risk After Passwords Stolen

September 10th, 2014

Stolen password concept

Despite the inherent dangers, many users continue to use the same password over and over again for all of their online accounts. Doing so makes it significantly easier to break into those accounts and, when one account is compromised, it greatly increases the risk to other accounts as well. That issue is the reason that a recent theft of Gmail addresses and passwords could potentially lead to millions of compromised accounts. As Lucian Constantin reports for PC World, 5-million email addresses and accompanying passwords were dumped in plain text on an online forum, recently.

The Gmail addresses all have a corresponding password with them, but that password isn’t necessarily the password to the user’s Google account. Instead, it’s suspected that rather than hacking Google to steal this information, cyber criminals have hacked other sites over the span of months or even years to compile this list. By hacking other sites that require an email address to register, the criminals were able to compile a list of Gmail accounts with a possible password that that user has used in the past.

So, for those users who re-use passwords, an unknown number of people could now know both their Gmail address and the password they need to log into it. Thanks to Google’s all-inclusive nature of accounts, compromising an individual Gmail account could also mean compromising their Google+ page, YouTube account, Google Drive and any other Google service being used.

It’s unconfirmed how many of the 5-million addresses and passwords are valid, but it’s estimated that at least 60-percent could be used successfully. That means that about 3-million Gmail users have their log-in credentials available online in plain text. Even if you don’t re-use passwords, this still seems like an ideal time to change not only your Gmail password, but also your password to other important online accounts as well.

At Geek Rescue, we have the expertise to enhance security at home or at the office and on any type of internet-ready device. If you have questions or concerns regarding the security of your devices, call us at 918-369-4335.

For other business solutions, visit our parent company JD Young.

Google Is Offering To Replace Broken Nexus 5 Smartphones For Free

September 5th, 2014

Google building

Breaking your smartphone is a terrible experience. That’s especially true when your phone is fairly new. For some lucky Nexus 5 owners, a broken phone can be easily replaced at no cost. As Robert Sorokanich reports for Gizmodo, Google is offering to replace any broken Nexus 5 handsets for free, regardless of how the device was broken.

Google is calling this offer a “special exception” that’s only available to US customers. There’s been no word on why Google is willing to replace broken smartphones and they’ve actually been pretty quiet about the offer.

There are a couple of qualifiers to the deal. First, users must have bought their Nexus 5 through the Google Play Store. Those who have broken their device can then call Google to order a refurbished but otherwise new smartphone. Your credit card will be charged the full price for the replacement phone, but will be refunded once Google has received your broken phone.

The number to call is (855) 836- 3987.

Motorola and HTC have also offered free phone replacement deals in the past. Often, it’s a way to clear out back inventory for older devices. The Nexus 5 is in no way old, but it has been on the market for nearly a year, which means Google is likely trying to clear room for the next model.

If you qualify, this is an excellent opportunity to avoid having to either use a broken smartphone, or pay full price for a new one.

If you have a broken smartphone that doesn’t qualify for a free replacement, Geek Rescue is here to help. Call us at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

Study Reveals The Risk Involved With Chrome Extensions

August 21st, 2014

Risk knob turned towards high

Google’s Chrome browser includes a number of useful features itself, but it also offers the opportunity to add features and capabilities through extensions. There are thousands of options for extensions offering a variety of functionality. Not all of these extensions are trustworthy, however. At Tech World, Jeremy Kirk reports that about 10-percent of Chrome extensions examined by security researchers were deemed either malicious or suspicious.

Researchers began looking closely at extensions due to concerns that they are the next attacking point for cybercriminals because of the potentially valuable information available through compromised web browsers. After examining 48-thousand extensions, researchers found 130 that were outright malicious and another 4712 suspicious extensions.

The flagged extensions were capable of various misdeeds, including affiliate fraud, credential theft, advertising fraud and social network abuse.

Much like malicious apps, extensions are granted permissions that give them a great deal of power. Malicious extensions have been observed intercepting web requests from the browser and injecting JavaScript into web pages. Researchers hope that the results of this study help to make clear that extensions need to be more limited.

If you’ve installed a malicious extension, you also won’t know about it right away. The extensions are designed to stay dormant until you visit a specific type of website. Even then, a typical user may not notice any malicious or suspicious behavior.

Google has already reacted to these findings and is attempting to make it harder for unofficial extensions, like those found outside of their Web Store, to be installed. It’s likely more changes will be implemented soon so that Google can exert even more control over extensions.

While some of the flagged extensions weren’t harmful to users, they still displayed activity that was suspicious in nature, like changing ads on a site. Some of these extensions have been downloaded millions of times.

If you’ve installed any extensions from outside of Google’s Web Store, your safest option is to uninstall it immediately. If you feel your computer has been compromised and may still be infected by malware, call Geek Rescue at 918-369-4335.

For your business solution needs, visit our parent company JD Young.

Google Chrome Expanding Their Safe Browsing Service

August 15th, 2014

Google Chrome logos

Google’s Chrome browser has always been a leader in safe and secure browsing. If you’ve used Chrome before, you’ve likely been confronted with a warning that a page you’re trying to visit isn’t safe. You may have even seen a warning about a potentially malicious file attempting to be downloaded. On the Chrome blog, Google recently announced their latest addition to their Safe Browsing service, which expands its protection against suspicious downloads.

In current versions of Chrome, users are warned if a file they’re attempting to download contains warning signs that it might actually be malware. Starting soon, Chrome will automatically block malicious downloads. This will also now include downloads disguised as helpful that make “unexpected changes”. That refers to applications that change your browser’s homepage, or desktop, or add tool bars without your knowledge or consent.

When Chrome recognizes any of these types of files being downloaded, a warning will be shown informing the user that the download has been blocked. There’s certainly the possibility that a blocked download was actually legitimate, however, so users will have the option of restarting the download from their Downloads list.

Tools like this help keep malicious files off of your computer, but users shouldn’t rely on them completely. The best way to stay safe and secure is to stay away from low quality websites and to be cautious about downloading anything. These tools are a good safety net, but your browsing habits should be the first line of defense.

If any of your devices have been infected with malware, or just need a tune-up, call Geek Rescue at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

 

Clearing Your Browsers Cache

August 1st, 2014

Web browser

Waiting for a website to load is frustrating, which is why web browsers use a cache component. The cache stores bits of information from websites you’ve visited in the past so it can load them locally, rather than having to get them from the server again. However, using the cache isn’t always in your best interest. If a website has updated since you last visit, your cache may be loading an outdated version, or be unable to load the page completely. To prevent these cache errors, it’s recommended that you regularly clear it, as well as your cookies. A post at the Stott blog explains how to go about clearing your browser’s cache. Here are the details for the most popular browsers.

  • Internet Explorer

With IE open, click the gear icon in the top right corner. Then, find “Safety” in the menu and select “Delete browsing history”. This will bring up a window with a number of options. For this particular task, uncheck each option except “Temporary Internet files” and “website files” . Then click the “Delete” button and your cache will begin to be cleared. If it’s been awhile since this was done, it could take a few minutes before you can go back to using your browser as usual.

  • Google Chrome

With Chrome open, click the menu button in the top right corner. From that menu, select “Tools” then “Clear browsing data”. This brings up a menu allowing you to select what types of files you’d like to delete and also how far back you want to delete them. Select “beginning of time” if you want to start over completely fresh. Hit the “Clear browsing data” button when you’ve made your selections and then sit back and wait.

  • Firefox

In the Firefox browser, you’ll click the menu button and choose “Preferences”. This brings up a window where you’ll navigate to the “Advanced” tab, then click on “Network” and select “Clear Now” under the “Cached Web Content” section. Firefox also includes a feature that allows you to automatically clear the cache each time the browser is closed. To enable it, select the “Privacy” tab from the “Preferences” window. Then, in the “History” section, make sure it reads “Firefox will use custom settings for history.” Check the box next to “clear history when Firefox closes” then click the “Settings” button. This opens a window where you can select the type of files to be deleted. Check “Cache” and any other files you want to automatically delete and then click “OK”.

  • Safari

For Mac users with the Safari browser, there are a number of ways to clear your history. If you want to delete all files, go to “History”, select “Clear History” and click “Clear”. To set the history to delete automatically, go to the “Safari” menu, choose “Preferences” and click “General”. Choose the option you want under “Remove history items” and you’re done.

Clearing your web browser’s cache is routine but necessary maintenance.

For more serious issues, call Geek Rescue at 918-369-4335.

For business solutions, visit our parent company JD Young.

The Chrome Flaw That Costs Your Laptop Battery Life

July 16th, 2014

Laptop battery light

Does the browser you use really make a difference in the performance of your device? Depending on your device and the browser you’re using, yes it does. There have been a number of studies to determine which browser runs the fastest and which takes up the most resources. At Forbes, Ian Morris reports that Google’s Chrome browser actually has a significantly negative impact on the battery life of Windows laptops.

The reason can be traced back to the “system clock tick rate”. As soon as Chrome is opened, it sets the rate to 1.000ms. When Windows is sitting idle, that number should be 15.625ms.

Those numbers likely mean nothing to you, but here’s what they signify. To save power, your processor sleeps when it has nothing to do and wakes at predefined intervals. At Windows default idle rate, the processor wakes about 64 times each second. That sounds like a lot until you realize that with Chrome open, it wakes 1-thousand times each second. Microsoft reports that a clock tick rate of 1.000ms increases power consumption by “as much as 25-percent”.

Other browsers, like Internet Explorer, also adjust the system clock tick rate, but only when they need to. For example, if you’re streaming a video, IE will adjust to 1.000ms. For normal browsing that’s less taxing, the rate stays at 15.625ms. That means power consumption is only increased for certain tasks, as opposed to Chrome, which increases power consumption as soon as it’s opened and keeps it high until all Chrome windows are closed.

This is only an issue for machines running Windows. Mac and Linux machines use “tickless timers”, which make Chrome’s habits ineffective. Mac users have reported, however, that Chrome seems to take up more resources than other browsers.

For users hoping for a fix, don’t hold your breath. Google has known about this bug since 2010 and hasn’t made it a priority. Microsoft is also likely to invest in a fix since other browsers, their own included, don’t have this issue.

For the time being, it appears that Chrome users best option is to switch to an alternate browser if battery life is a concern.

At Geek Rescue, we solve your computer problems. Whatever the issue, call us for help at 918-369-4335.

Five Google Chrome Features You Should Be Using

June 27th, 2014

Google Chrome logos

Google’s Chrome is the most used browser with just over half of internet users choosing it. Oddly, many of those individuals use Chrome every day without knowing all of the features and capabilities it offers. All browsers have hidden features that typical users don’t take advantage of regularly. As Evan Dashevsky of PC Mag explains, Chrome is ripe with additional features that make browsing easier and more convenient. Here are five useful features you probably don’t know about.

  • Search Sites Directly

When you’re searching for information, the number of clicks and websites you have to visit can be exhausting. This trick helps you streamline that process. Any site that has a search bar included on it can be saved in your Chrome browser as a search engine. To do so, right click on the search bar and click ‘Add as search engine’. Now, if you’re searching for something you think might be on that site, you can simply type the name of the saved site in your address bar, press tab and enter your search term. Instead of searching Google, Chrome will search through the site you entered for your query. Since you can do this from any site or new tab, it saves you a few clicks.

  • Move Multiple Tabs

Most users have learned, many by accident, that they can move a tab from one Chrome window to another, create a new window with it or rearrange the order of tabs in a single window. What few realize is that you can actually move multiple tabs at once. To do so, hold shift and click on the tabs you want to move together. For Mac users, hold the command key.

  • View Images

If you’ve got an image file saved and you’re not sure what it is, Chrome can help with that too. Just drag the file into Chrome and it will display the image. It’s much quicker than some other alternatives, but there are no additional editing features. This is for viewing the image only.

  • Open Recently Closed Tabs

Most Chrome users take advantage of browsing in multiple tabs at once, which means most users have also accidentally closed a tab they immediately wanted back. Thankfully, Chrome includes a feature that acts like an Undo tool in a word processor. By pressing Control-Shift-T, you can regain your most recently closed tab. Keeping hit those keys and you can restore more tabs.

  • Omnibox Features

The address bar in Chrome is actually called the Omnibox, most likely because of all of the additional features built into it beyond just typing it URLs. For example, typing simple math equations into the Omnibox will produce the answer. It’s also capable of converting units, like telling you how many days a certain number of hours equates to. You can highlight text on a website and drag it directly into the Omnibox to search for that text. Also, the folded piece of paper or lock icon in the far left side of the Omnibox can be clicked to reveal information about the site you’re currently on like the cookies and permissions it uses.

At Geek Rescue, we know the tips and tricks needed to get the most out of your devices. For help with repairs, security and more, call us at 918-369-4335.

Mobile Malware Posing As Fake Apps With Trusted Names

May 19th, 2014

Play store icon on smartphone

It’s a well-known concern that Android users are much more at risk for malware infections than iOS users. Just a month ago, a fake antivirus app made the rounds in the official Google Play store and victimized a number of users. Google has since offered refunds to those who mistakenly downloaded the malicious app, but it seems they haven’t sufficiently protected against a similar threat reappearing. Lucian Constantin reports at Network World that the Google Play store and the app store for Windows Phones have both recently had malware hidden behind recognizable brand names identified in their stores.

It’s a fairly recent development, but it seems criminal developers are launching malicious apps with well-known company names to further confuse users. This is a well-known tactic of email scams and phishing websites.

One developer account launched malicous apps under the names Avira Antivirus, Mozilla Firefox, Google Chrome, Opera Mobile, Internet Explorer and Safari. The same developer also has a Kaspersky Mobile antivirus app complete with the company’s logo. When downloaded, the app will even simulate a scan of the device’s files.

Making these fake apps more believable, and more costly to users, is that they aren’t free. The Kaspersky Mobile app costs about $4. Most users instinctively trust paid apps more than free ones. A number of free apps have been reported to be malicious, but there’s an implied value tied to something that costs money. It’s also much more believable to pay money for a high quality, big name security app than to get it for nothing.

Some of these apps have been downloaded more than 10-thousand times and even made it onto the “Top Paid” apps list that helps them be further distributed.

Because there has been no sufficient changes made to the Android and Windows Phone app stores, it’s likely that these fake apps will continue to pop-up. However, since many of them steal the exact name of legitimate apps from recognized industry leaders, there’s also likely to be more pressure put on both Google and Microsoft to enhance security.

If you’ve mistakenly downloaded a malicious app, or are having any other kind of trouble with one of your devices, call Geek Rescue at 918-369-4335.

Millions Of Android Devices Still Vulnerable To Heartbleed

April 14th, 2014

Android phone leaking data concept

Last week, news of the Heartbleed bug, which threatens the integrity of HTTPS enabled websites worldwide, broke. In addition to a worry that important data sent between users and websites could be compromised and stolen, there is also a concern that mobile services could be vulnerable. Stephanie Mlot at PC Mag explains how Heartbleed threatens the security of Android users specifically.

Naturally, Google was among the most potentially costly sites should users fall victim to Heartbleed. Not only are Google’s services among the most used online, but they also have access to a lot of personal information that is extremely valuable to criminals. So, Google set out early to patch their services and protect their users.

So far, Google services Search, Gmail, YouTube, Wallet, Play, Apps, AdWords, Maps and Earth have all been patched.

For the Android crowd, every version of the mobile operating system is safe from Heartbleed save for Android 4.1.1. It’s unknown exactly how many users have this version installed on their devices, but some iteration of Android 4.1 is being used by more than a third of Android users. It’s estimated that the number of affected users is in the millions and devices affected include popular manufacturers Samsung and HTC.

A Google spokesperson stated that patching information is being distributed to manufacturers, but this slow process is one of the main issues regarding Android security. Unlike Apple, which can push updates and patches to all of its users directly, Android users must wait for each manufacturer to tailor patches to their specific environment. In cases like this one, that can leave users and data vulnerable to known exploits for days and even weeks.

Blackberry has released a statement informing users that a fix for their Android devices will be made available by the end of the week. Other manufacturers have been quiet, however.

The best option for users in the meantime is to assume that data can be stolen from their device. If your Android device uses the 4.1.1 operating system, which can be checked in the Settings menu under ‘About Phone’, don’t use your device to log-in to online accounts or to message personal information.

While users will have to wait for an official patch to protect themselves from Heartbleed, for any other problems with your Android device or other mobile devices, come by Geek Rescue or call us at 918-369-4335.

Internet Explorer Tops In Malware Blocking Test

April 3rd, 2014

Internet Explorer logo

Not all malware finds its way onto your computer in the same way. Some relies on tricking users into downloading malicious files disguised as something else. This is often referred to as socially engineered malware. The key to for protecting yourself is avoiding downloading it in the first place. As Antone Gonsalves reports at Network World, Internet Explorer users are at a distinct advantage in that sense.

NSS Labs recently tested the four most popular web browsers against common forms of socially engineered malware stemming from links found in an email, instant messages and other vehicles. Email attachments were excluded from this test. In those tests, IE was found to block 99.9-percent of malware.

The success of Microsoft’s browser is being attributed to a combination of “application reputation technology and URL filtering”. The next best browser, Google Chrome, was able to block only about 70-percent of malware. Mozilla Firefox and Apple Safari each failed to block more than 95-percent of the malware used in the test.

Application reputation technology is able to scan downloads for recognizable characteristics commonly found in malware. Chrome relies heavily on it to protect users, but Firefox and Safari use it at all.

In a previous test, Chrome performed better and blocked more than 83-percent of tested malware. Where IE relies more on URL filtering than application reputation, Chrome does the opposite. One potential reason for the drop in performance is a change in how strict the application reputation system is. Another possible reason is that attackers have been able to devise tactics that avoid detection.

While IE offers more initial security for this type of malware, your browser shouldn’t be your sole security tool. It’s advisable to have antivirus software and firewalls in place, working in tandem with your browser and other tools.

If your computer is infected with malware, or you’d like to explore better options for security, call Geek Rescue at 918-369-4335.