Protect Yourself From Costly Identity Fraud

November 4th, 2013

Identity Theft infographic

Protecting your computer from viruses and malware is only part of the concern of cyber security. Identity theft, which often begins with data being stolen over unsecure networks, through malware, or phishing scams, is also a costly threat.

Peter Nguyen, of the HotSpot Shield blog, writes that the number of identity thefts in the US is constantly growing. Last year, there were 12.6-million victims, which is enough for an identity theft to happen every 3-seconds. The financial loss of the victims totaled almost $21-billion.

The included infographic covers the how and why of identity theft. It also gives a few tips for how to stay safe. In addition to some offline measures, like shredding documents containing personal information, monitoring your credit reports, and locking your mailbox, here are the most important online safety tips.

  • Beware public WiFi. When using an unsecured network at a coffee shop or other public place, limit your activity. Any transactions that require you to input financial information should wait. A firewall should be enabled on your device and you should turn off sharing of printers and files.
  • Use proper security on your home wireless router. The router is your first line of defense, so make sure WPA2 encryption is enabled and a strong password is required to log on.
  • Keep antivirus programs running in the background and keep them updated. Updating security software enables them to detect and protect against the latest threats.
  • Keep social media profiles private. Every social network gives you options for what you share with whom. Make sure strangers don’t have access to information like your birthday, family information, phone number and employment history.  This can all be used for identity fraud.
  • Use long, strong passwords. Many security experts suggest passwords longer than 6-characters and using both upper and lowercase letters, numbers and symbols.

To improve the security of your devices at home, or at your business, call Geek Rescue at 918-369-4335. We not only fix devices, we also help keep them safe.

 

How To Spot Each Variety Of Spam Email

October 18th, 2013

Spam email

Everyone has heard warnings about the dangers of spam. The term ‘spam’ is pretty general, however. The best way to stay protected from it is to understand what it looks like and avoid it.

A post on the All Spammed Up blog breaks down the different types of spam and the tell-tale signs of each.

  • Legitimate

Not all types of spam are malicious in nature. Some emails that end up in your spam filter are examples of overzealous marketing. They’re usually from a trusted company that you’ve given your email address to at one time or another. There’s a reason they’ve been marked as spam, however. That’s either because their marketing messages come far too often, or they offer little to no value. Whether these are arriving in your inbox or spam folder, you’ll probably want to unsubscribe.

  • Commercial 

This type of spam isn’t from reputable companies but is hocking some sort of product. Usually it’s supplements, education or financial services. They’re sent out in bulk and not personalized to a single user. Usually, you’ll even be able to tell that there’s a long list of email addresses listed as recipients. These are sent out by individuals who get money each time someone clicks the links in the emails or signs up for the products offered. The products are worthless, if they exist at all. If one of these arrives in your inbox, mark it as spam and move on.

  • Phishing

This type of spam email attempts to steal information from users. Many have malware attached to them, or direct you to a malicious website that will download malware to your machine. They use social engineering to convince you to give up information like account log-ins and passwords. There are more specific attempts called spear phishing, that target small groups of people in order to obtain specific information. These types of attacks will appear to know a great deal about you. In order to avoid these scams, it’s a good idea not to follow links provided in emails and never download attachments unless you are expecting them from a trusted source.

  • Spoofing

This is similar to phishing and can even be combined with a phishing scam. An email arrives claiming to be from a legitimate source that you have an account with, like Facebook, Verizon or even a credit card company. It usually tells you there’s a problem with your account and you need to log-in by following the link provided. This link will take you to a different site where your log-in information will be recorded and used to hack your account. Again, don’t follow links provided in emails. If you want to check out the legitimacy of an email, go to the source’s site directly, or call them. Also, check the sender’s email address. A representative of Facebook, for example, will have an email ending in @Facebook.com. Many of these scammers have email addresses like FacebookHelp@ccvs.com.

Knowing what to look for is key to avoiding email scams. Improving the security on your email and your computer are also important.

For help bolstering your cyber security, either at home or at the office, contact Geek Rescue at 918-369-4335.

Despite Reports, Spam Is Still A Growing Problem

October 15th, 2013

Globe covered in spam

Spam and other malicious email threats are a steadily growing problem, but some recent headlines suggest that spam email is actually on the decline. In a post on the All Spammed Up blog, the author notes that these headlines are inaccurate due to a flaw in their researching methods.

One reports claims that 68-percent of all email traffic in August was unsolicited, or spam, emails. That still looks like a daunting number, but it’s actually a decrease of more than 3-percent from previous months. These numbers aren’t wrong, but they only take into account spam emails that are caught by spam filters. As any experienced email user knows, there are still plenty of other threats that end up in their inbox.

In actuality, phishing scams went up by 10-times since August of 2012 and emails containing malicious attachments were 2.5 times higher. These threats are even more dangerous because they’re able to by-pass many spam filters and appear with trusted messages in the inbox.

Rather than email becoming safer, the true message is that spam is getting smarter. Hackers study the way typical spam filters work, then design their malicious emails to get around them. This will prompt an update to spam filters, which will be countered by a change in hackers tactics and on and on.

The other issue with claims that spam is on the decline is that it ignores spam outside of email. SMS spam sent to users’ smartphones is becoming more of a problem. Spam messages over social media like Facebook and Twitter has been a successful endeavor for hackers and is reportedly up 355-percent in the first half of 2013. These new threats don’t show that email is being forgotten by criminals, but instead shows that email is not the only target.

Spam and other malicious attacks are a profitable business so cyber criminals won’t be slowing down their efforts any time soon. For help improving the security on your computer, smartphone, tablet or other device, contact Geek Rescue.

Study Confirms Phishing Scams A Danger To All Users

October 10th, 2013

Phishing email warning

Phishing scams are attempts to trick users to give out personal information so hackers can then use it to break into accounts and steal their identities. Most phishing scams start with an email that directs users to a website where they’er asked for information like their phone number, physical address and even social security number or banking information. There are a number of tell-tale signs of a phishing email, which makes many people believe they could never fall for one. As Sam Narisi of IT Manager Daily reports, a recent study by the Polytechnic Institute of New York suggests otherwise.

The study consisted of 100 science and engineering students. The students were given a personality test and asked about their computer use and proficiency. The researchers then anonymously sent a phishing scam to their personal accounts. The email included the usual signs of a scam, including misspellings and other errors. Still, 17 students fell for it and willingly gave out personal information.

What this study uncovers is that everyone is at risk to become a victim of a phishing scam. Due to social engineering when developing these scams, and a carelessness by users, even the most educated individual could still be a victim.

This extends to other threats, like malware, that infect your system through careless user actions. When a user isn’t extremely cautious online, bad things happen. This is costly for users on their personal computers at home, but it’s a huge risk for businesses who have to safeguard their entire network from numerous careless users.

Education is a great place to start to protect yourself and your office. Knowing what to look for in a potential cyber threat is important, despite the results of the study. Additional security measures also need to be put in place, however, with the knowledge that, eventually, someone is going to click on the wrong link.

To improve the security on any of your devices, at home or at the office, contact Geek Rescue at 918-369-4335.

Growing Number Of Cyber Attacks From Social Media

September 25th, 2013

Unlike

It’s easy to understand why so many hackers are targeting social media for cyber attacks. Where else would you find such a high collection of unsuspecting people? Many users have grown wise to email attacks and have learned to avoid suspicious emails. Social media, however, is still seen by most as a safe place. Throw in that many users access social media on mobile phones, which often lack necessary security, and you have an irresistible target for hackers.

John P. Mello, of CIO, reports that these attacks claim victims using the trust of users against them. Similar tactics as previously seen in creating fake versions of legitimate websites, or sending phishing emails that appear to be from legitimate sources, have been adapted for social media. The trend is to take over an account with a large number of followers and credibility and use it to spread malicious links.

These attacks are difficult to avoid because they appear to be coming from a trusted source. You wouldn’t expect a Twitter account that you’ve followed for years to suddenly be directing you to a phishing site, or infecting you with malware.

This isn’t only a concern for individuals either. Businesses need to be aware of these threats to security also. Another reason that social media is so attractive to hackers is that so many users access social media on their company’s network. This means that if any of your employees encounter a hacked profile, they are putting your company’s data at risk.

There are a number of options for how to deal with these threats. Blocking social media sites is one. Educating employees about the risk and making sure they understand how to avoid these attacks is another.

To improve your company’s security, contact Geek Rescue at 918-369-4335. We offer security software that is capable of blocking potentially dangerous sites and catching malware before it infects your system.

Improve Email Security By Educating Users

September 24th, 2013

Email inbox

Studies have shown that phishing and malware attacks through email are effective because of uneducated users. Individuals who are unable to identify these malicious emails, or those who don’t fully understand the risk involved, are the ones most often victimized. For a business, this means that more education and security is needed so an employee doesn’t wreak havoc for the entire organization.

Jeff Orloff, of The Email Admin, suggests some ways to safeguard your business and convince employees that email security is an important issue.

  • Have A Written Policy

You can’t expect employees to follow the rules if those rules are only implied. To keep from having data stolen or malware infecting your network, write out a policy of email usage guidelines. Make sure every employee has a copy and understands it. 

  • Use Specific Examples

The idea of ‘that won’t happen to me’ is a difficult one to overcome in the context of cyber security. To do so, use specific examples from companies similar to yours in size and industry. Detail how they were attacked, why the attack was successful and what the end result was. Personalizing the attack to show how it would affect your employees is extremely helpful. 

  • Explain The Hows

With a set of rules in place and an understanding of what’s at stake, you can explain how an attack works and how to avoid them. Most employees won’t understand, and don’t need to know, the technical details of malware, but a basic understanding of a hacker’s motivations is helpful. Then, an explanation of what to look for in a typical malicious email. 

If you’re able to improve your users’ behavior, your security will improve exponentially. After all, it’s much easier to stop malware from getting in than it is to find it and delete it.

For help with your company’s cyber security, contact Geek Rescue at 918-369-4335. We offer security solutions to keep your business safe, which includes hosted email and spam filters.

Malware Threat Targets Android Devices Through Email

September 12th, 2013

Malware on smartphone

A new form of malware attack on Android phones has security experts on the look-out. This form of scareware infects your computer through a phishing email and malicious link.

Chris Brook, of ThreatPost, reports that the emails will appear to be from the United States Postal Service.

The message informs you that the USPS was unable to deliver your package because the postal code contains an error. You’re then prompted to print a label. When you follow the “Print The Label” link included in the email, a malicious Android Package File, or .apk, is downloaded to your device.

This particular scam seems poorly constructed. After all, most of us know when we’ve sent a package recently and understand that printing a label for a package that isn’t in our possession wouldn’t do much good. However, there are plenty of users who will click the link to try to gain more information, even if they haven’t sent a package in months. Hackers play on our curiosity and even thin attacks like this one will claim victims.

This form of malware has been used before. Security experts note that a previous scam using it in a scam that asks users to pay a subscription fee to keep their devices clear of malware. What’s noteworthy is the way the malware is being distributed. Cyber criminals are adjusting to the number of users who access their email on their Android devices and are attempting to exploit that fact.

This malware is reportedly even capable of intercepting both incoming and outgoing calls. It also is capable of changing file names to look more innocent. Instead of a suspicious .apk file, it will appear as a .zip file with a tantalizing name like vacationphotos.zip.

Android users should go into the settings on their device and disable the option to “allow installation of apps from unknown sources”. Users will also be able to enable a “Verify Apps” option, which will warn them before any potentially malicious app is downloaded.

These two options help keep your device safe, but you’ll also want dedicated security apps as well. To upgrade the security on any of your devices, or to rid them of existing infections, come by or contact Geek Rescue at 918-369-4335.

New iPhone Presents New Opportunity For Scam

September 10th, 2013

Apple iPhone

Apple plans to announce their newest models of the iPhone on September 10, which has millions eager to see their newest offering. Among those millions are cyber criminals looking to take advantage of the latest trend.

As Merianne Polintan writes for TrendMicro, phishing emails promising free, new iPhones have already begun to show up in some users inboxes. Most of these early occurrences were spotted in SouthEast Asia, but users in the US should also be on the lookout.

The iPhone phishing email looks like it’s sent to you from the Apple Store. The message tells you that your email has won in a drawing and you’re entitled to a new iPhone 5S. You’re then asked to log in at the link provided to claim your prize.

If you look closely at these emails, you’ll notice the tell-tale signs of a scam. For example, there are a number of spelling or grammatical errors. You’ll also likely find that although the sender is identified as “Apple Store”, the actual email address is probably not “@Apple.com”.

So, unfortunately, you didn’t win a new iPhone. By avoiding this scam, however, you will at least keep your identity from being stolen.

To improve the spam filter on your email or improve the security on any of your devices, contact Geek Rescue at 918-369-4335. We keep you safe from malware, viruses, phishing scams and spam emails.

Text Message Scams Threaten Your Smartphone

September 9th, 2013

Smartphone scam

You’ve probably heard of phishing and even spear phishing. But have you heard of smishing?

Criminals are using text messages, or SMS, to send phishing scams directly to your smartphone. Dubbed smishing by some, it’s another way for hackers to steal your money, information or monitor your activity.

Just like phishing and spear phishing, smishing relies on social engineering to play on your fears. Most smishing messages offer you money or gift cards, or claim to be your bank or credit card company.

About.com’s Andy O’Donnell published some tips to help you avoid becoming a victim of a smishing scam.

  • Know Your Bank’s Texting Policy

If your bank sends you a text regularly, it might be harder to decide when it isn’t legitimate. However, if you’ve never received a text from your bank before, you should be extremely wary when a text from a bank shows up on your phone. This goes for any accounts you have with any company. If a text comes to you, don’t respond to it. Instead, look up the customer service number for that business and contact them directly. 

  • Beware 4-digit Numbers

When an email-to-text service is used, a 4-digit number will usually be shown as the sender. Not all email-to-text users are malicious, but criminals use them to mask their actual location. If you get a text from someone without a typical phone number, be extra cautious.

  • Use The Text Alias Feature

If you seem to be getting a lot of spam texts, or just don’t want to worry about them, your phone provider likely offers a text alias feature. This allows you to use an alias number to send and receive text messages and you can then block texts from coming to your actual number. This alias will only be known to those you give it out to, so scammers won’t have access to it.

  • Block Internet Texts

As mentioned earlier, email-to text and other internet text relay services help scammers mask their identity and allows them to send a high volume of messages. Your cell phone provider will allow you to block all texts coming from these services. This will reduce the number of smishing texts you receive, but you might also miss out on legitimate texts from companies using these services.

 Putting additional security on your mobile device is another great way to ensure your safety. To find out more about mobile security, contact Geek Rescue at 918-369-4335. 

How To Spot and Avoid Phishing Emails

September 5th, 2013
How to Detect a Phishing Email
Explore more infographics like this one on the web’s largest information design community – Visually.

 

Phishing scams are producing some unbelievable statistics. 500-million phishing emails are sent every day. 250 computers are hacked each minute. These statistics are why it’s important to protect yourself not only with the latest security software, but also with an understanding of how to avoid the scams.

Phishing emails are attempts to gain access to your accounts or steal some information a hacker deems valuable. They often appear to be from reputable businesses and will ask you to respond with your account information or personal identifiable information. The best thing to do is not respond. Mark the email as spam and delete it.

Many phishing emails will end up in your spam folder. So, the first step in avoiding these scams is to trust your spam folder. Unless you find an email you were expecting to receive in the spam folder, it’s best to leave them alone. Even emails from your contacts could be malicious. There are numerous cases of an individual’s email being hacked and a malicious email being sent to their entire address book.

If a phishing email does end up in your inbox, be aware of the sender’s usual behavior. For example, your bank probably only sends out emails for specific reasons and never asks for your account information over email. If you receive a message that seems out of the ordinary from a company you do business with, it’s always better to call them to find out what’s going on. Be sure to look up the number for yourself also. Many times, a false number will be included in the phishing email.

Links and attachments are a popular way to attempt to infect your computer with malware, which then allows hackers to gain access to your accounts. Be wary of any links and attachments sent to you from unknown sources. If you’re expecting a file to be sent to you by a friend or coworker, it’s probably safe. But, if someone you don’t know sends you an email with an attachment, or even a friend sends you a link you don’t recognize, it’s better not to open them.

For help keeping phishing scams out of your inbox, call Geek Rescue at 918-369-4335. We offer state of the art spam filters and the latest in security software to keep you safe.