December 15th, 2014
The holiday season is typically a busy season for hackers and malware developers. With increased activity online because of online shopping, ecards, emails and more holiday festivities, there are also increased opportunities to infect users with viruses or steal their information. A post at Spyware News details some common methods used to victimize users around the holidays in the past. Here are three to watch for this year.
Think about all the website you visit for the holidays. You may buy airline tickets, book a hotel and order gifts in one afternoon. You’ll also likely be checking you bank accounts during this spending spree. Unfortunately, cyber criminals know that there are millions of other people like you spending money online and they know you’re always looking for a great deal. That gives them the opportunity to make fake websites, or spoof legitimate sites like your bank, in order to infect your computer or steal your payment information. Spotting a fake site can be difficult, depending on how much time has gone into crafting it. An old version of the company’s logo, typos or a missing security step could clue you in. It’s also important to keep your browser and antivirus program updated since they can sometimes alert you to a suspicious website.
Spam coming to your inbox isn’t a problem specific to the holidays, but there are some scams that attempt to use your excitement for the season against you. Many users are directed to the fake websites mentioned above after receiving an email promising a great deal or telling them they’ve won a contest. As always, following links in your email is a risky business. Be especially wary of attachments because that’s a common method for delivering malware. It sounds easy enough to not open attachments, but they’ll be labeled with something enticing that will be difficult to resist.
Not everyone does all of their shopping online. There are still plenty of folks who go out to get their shopping done, but there are dangers there too. Free WiFi at department stores or coffee shops is a convenient way for you to use your smartphone while shopping, but they also allow those with a little know-how to monitor your activity and steal your information. Never make purchases or enter passwords while on a public, unsecured connection.
If you are online during the holidays this year, you’re likely to encounter at least one of these tactics. Staying safe involves have an updated antivirus program installed and being cautious with your activity.
If you do fall victim to one of these attacks, call Geek Rescue at 918-369-4335.
November 17th, 2014
Many users mistakenly believe they’re safe on a public WiFi connection or never consider their security at all. For example, if your smartphone is set to automatically connect to available networks, you could be putting your data at risk every time you walk into a business with complimentary WiFi. The risk isn’t from the websites or apps you use, but rather from others who are also connected to the same network. At Lifehacker, Whitson Gordon recently published some tips for how to stay safe while connected to free WiFi. Here’s what you need to know.
Many users have enabled the sharing of files or printers, but these settings leave the door open for anyone on a public network. Especially if you’re using a laptop that’s typically connected to your home or work network, you’ll want to go in and check the sharing settings if you’re planning to do some work on an unsecured network. If you’re using Windows, you can access these settings through the control panel. Go to ‘Network and Internet’, then ‘Network and Sharing Center’ and select ‘Advanced Sharing Settings’. On a Mac running OS X, go to ‘System Preferences’, then ‘Sharing’ to disable sharing options.
When you connect to an unsecure website over HTTP, data exchanged is transferred over your network in plain text, rather than being encrypted. This becomes a major issue when the data involved is sensitive like your log-in information or credit card number. That’s why it’s important to check in your browser’s address bar and see if HTTP or the more secure HTTPS. Most of the websites you visit regularly, like Google and Facebook, will automatically default to an HTTPS connection, but other sites can use one just by manually entering “HTTPS://” in front of their URL. This will encrypt the data being sent from your device to the website and back, but it isn’t completely foolproof. In most situations, it’s better to just wait until you’re on a more secure network to conduct any business that requires you to enter sensitive information.
This is probably both the simplest and most effective security tip. If you don’t want to worry about security and aren’t actively using the internet, turn off WiFi completely. If you have to work in a public space like the airport or a coffee shop, think about what you can do offline and try to finish those tasks first. If you have to use the internet, don’t leave your connection open once you’re done with it, or even if there’s a prolonged dormant time. Similarly, make sure to turn off automatic connections to networks in your mobile devices to avoid them connecting to unsecured networks without you knowing.
There are those who believe you’re never truly safe on a public network without using a virtual private network, but these tips will help keep you adequately secure in most situations.
For help improving the security on your devices, or for help removing malware and other problems, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
November 6th, 2014
Ransomware, forms of malware that lock down your device and demand a payment, or ransom, to release your files, have seemingly increased in usage in the past year, but the earliest forms of ransomware have been around for longer than that. The FBI virus began infecting computers several years ago and uses the same scare tactics seen in freshly minted ransomware. As reported in a post on Spyware News, the FBI virus has now been adapted and evolved to infect Android smartphones and tablets.
Common methods of infection stem from malicious email attachments, or false alerts on websites asking you to update Adobe Flash, Java or a similar program.
Once the malware infects your device, it quickly locks it so you can’t access any apps or files and displays an alert claiming to be from the FBI. The alert demands $300 to be paid within 48 hours.
Although seeing this type of warning is surprising and jarring, there are many clues that this is a hoax. Most notably, the warning is littered with typos and poor grammar, which is a common characteristic of malware and malicious emails.
While it can be extremely difficult to by-pass this malware, under no circumstances should you pay the fine asked for. There’s no guarantee that your device will be unlocked if you do and that money goes to prolong this threat. The FBI Android virus, in fact, doesn’t actually encrypt your files so removing the malware should fully restore your system. So, how do you remove it?
- First, turn off your device and restart in Safe mode. To do so, turn it on and hold the menu button with one of, or both of, the volume buttons, depending on your device.
- Once in Safe mode, go to Settings, and click on Apps or Application Manager. Find any suspicious apps you don’t recognize. The FBI virus typically disguises itself as a video player or an app called ‘ScarePackage’ or ‘BaDoink’. Uninstall the suspicious app.
- Restart the device to see if it has been restored.
If these steps don’t work, it’s not a lost cause. You’ll just need a little more expertise.
If you’ve been infected by the FBI virus or any other type of malware, Geek Rescue will help. Come by or give us a call at 918-369-4335.
For your business needs, visit our parent company JD Young.
November 3rd, 2014
It seems a new malware threat emerges practically every day, but most threats have a lot in common. They gain access to your device in a similar fashion and are fixed or bypassed in a similar fashion. A new threat reported on the Symantec blog, however, is unique. Trojan.Poweliks isn’t like other malware that exists as a file on an infected machine. Instead, this particular form of malware hides in the computer’s registry.
Trojan.Poweliks still infects computers the way most other forms of malware do. Users are commonly infected through spam emails, malicious links and exploit kits. Users have reported seeing emails claiming to alert them about a missed package delivery. Opening the email and downloading the attachment leaves them infected.
Once a machine is infected, the trojan disguises itself as a registry subkey. That means most users will never be able to find it.
While it’s hidden, the malware receives commands remotely from the attacker and can take all sorts of nasty actions to cripple your computer and monitor your activity.
Staying safe from these types of threats requires both intelligent web use and proper security tools in place. An updated antivirus tool will catch many of these threats, but if you’re among the first users infected, your antivirus won’t be able to recognize the latest form of malware. That’s why your first line of defense has to be to avoid where these threats are commonly found. Don’t download suspicious email attachments or follow links sent to your email. These practices will help keep you out of harm’s way.
If you’d like to improve the security on any of your devices, or need help getting rid of malware that’s infected your machine, call Geek Rescue at 918-369-4335.
October 22nd, 2014
A new Android ransomware threat is spreading fast thanks to it adapting to become a worm spread through text messaging. The Koler Android trojan was discovered by AdaptiveMobile in the United States and managed to affect hundreds of users in just one day. John E. Dunn of TechWorld explained how the Koler trojan is spreading so rapidly.
Koler began infecting victims who visited untrusted websites like porn and gambling sites. Many examples of mobile malware stays quarantined to those areas and never becomes a large scale problem for the general public. Koler, however, transformed into an SMS worm, which means it sends a shortened and disguised link via text message to everyone in an infected user’s contacts. That link appears to be from the user, which results in many of their contacts clicking on it and being infected themselves.
Those that click on the link are sent to a Dropbox page and asked to install a photo viewing app in order to see some photos that “someone” has uploaded of them. Agreeing to this download results in the Koler trojan to take quick effect.
Almost immediately, the user’s screen is blocked by a message supposedly from the FBI. A ransom is demanded to unlock the phone. Meanwhile, that same link is sent to the user’s contacts.
The good news is that if the default security options are enabled on your Android device, the download of the malware should be blocked because it stems from a third-party. However, many users have already discovered that their security settings aren’t configured correctly to protect them from a threat like this.
The make-up of this attack isn’t complicated, which means it’s also fairly straightforward to disable it. Dropbox has already been asked to remove the download from its servers and disable to link. Attackers could easily move their malicious files elsewhere and continue to victimize Android users, however.
If your device becomes infected by malware, Geek Rescue will fix it. Stop by or give us a call at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 14th, 2014
You’ve likely heard warnings about using unsecured WiFi networks, but what have you done to protect yourself? According to a recent study conducted by Experian, most of us are making little to no effort to stay secure despite understanding the risks. More than a third of those responding admitted to logging into their bank account while on public WiFi and over half of respondents admit to entering credit card information to sites without checking to see if they’re secure. And yet, 9 out of 10 believe everyone should be more concerned about identity theft.
So, what can you do? At Private WiFi, Jared Howe listed some ways to keep your personal information secure in any situation.
Whether you regularly connect to public WiFi or you’re extremely careful, chances are the password to at least one of your online accounts will be compromised eventually. Password theft can occur in many different ways and it doesn’t always mean an individual user did anything wrong. That’s why it’s important to regularly change passwords and use unique passwords for each account. Changing your passwords protects you in case your log-in credentials were recently stolen and using different passwords for each account ensures that when one account is hacked, it doesn’t mean a criminal now has access to multiple accounts.
In order to infect your device with malware or trick you into giving up your personal information, cyber criminals have a variety of methods. You have to be cautious of links and attachments sent to you in an email. Downloading these attachments or following these links can infect your device. Sometimes, the websites those links point to are designed to persuade you to enter your information, however, which then allows criminals to use that information to hack into accounts or steal your identity.
Many users don’t use any kind of lock on their smartphone or tablet, but that makes your device more of a target. Even though most locking methods aren’t incredibly difficult for a knowledgeable individual to by-pass, just having one in place discourages many would be thieves. It’s also advisable to disable geotagging features.
If you find yourself needing to connect to public WiFi often, you should consider investing in a Virtual Private Network. A VPN encrypts the data transmitted between your device and the internet, which would otherwise be free to intercept on an unsecured network. There are many options available for effective VPNs.
Staying secure means investing time and money now in order to avoid catastrophe later. For help with security on any of your devices, or to recover from a malware infection, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 6th, 2014
A browser hijacking program does just what it’s name suggests it does. When you load your web browser of choice, the hijacker goes into effect and sends you to an alternate website than your chosen starting page. Often, this is an alternate search engine that allows malware developers to record your search and browsing habits, which helps them develop more effective malware. These search engines could also direct you to websites that infect your machine with malware without your knowledge. One of the most infamous browser hijackers is Snap.do, which is running a many users’ computers without them knowing it. At A Tech Journey, Anup Raman explained the most common way to remove Snap.do.
For most users infected with Snap.do, the program will appear in the list of programs installed on your computer, which means you can click on the uninstall option and get rid of it. Go to your ‘Control Panel’ and click on ‘Programs and Features’. A list of everything installed will come up that you can search for ‘Snap.do’, ‘Smart Bar’ or anything from developer ‘Resoft Ltd’. Once you’ve gone through the uninstall process, search your hard drive for ‘smartbar.installer.mini’, which is an executable file often found in the Downloads folder. Remove that file, then run a full anti-malware scan. Now that the program has been removed, you’ll want to load your preferred web browser and make changes there.
Mac users have a similar process for removing Snap.do. First, open the ‘Applications’ folder on the desktop. One of the applications listed should be ‘Snap.do’, which you can click on and drag to the trash. Now, empty the trash. That should remove the program from your computer, but you’ll still want to load your preferred web browser to remove it completely.
Before Snap.do is completely removed, you need to change the settings in your browser. For IE, open the browser and click on the gear icon in the top right corner. Select ‘Internet Options’ or ‘Tools’. Click to the ‘Advanced’ tab and click on the ‘Reset’ button. A new window will appear where you need to check the box next to “Delete personal settings” and then click ‘Reset’ again. Close the window, and hit ‘OK’ on the prompt that opens, then close the browser. When you open it again, Snap.do should be gone.
For Chrome, open the browser and click on the menu button. Hover over ‘Tools’ and select ‘Extensions’ from the menu. Snap.do should be listed here. Click on the trash icon on the right next to Snap.do then click the menu button again. This time, go to ‘Settings’ and select ‘Manage Search Engines’. Click ‘Make default’ next to whichever search engine you want to use, then click the ‘X’ next to Snap.do. Finally, go to ‘Settings’ one more time and under ‘On startup’, click the button next to ‘Open the New Tab page’. That should do it.
Open the browser and click on the ‘Firefox’ button in the top left corner then select ‘Help’. Depending on your operating system, you may be able to click on ‘Help’ from the menu bar. Go to ‘Troubleshooting Information’ then select ‘Reset Firefox’. A confirmation window will appear where you’ll need to select ‘Reset Firefox’ again. Your browser will close, then re-open with Snap.do removed.
These are the typical fixes for Snap.do and other browser hijacking programs. But, these methods won’t always completely remove the problem. In some cases, the malware is more complicated and will need additional work to remove.
For those complicated cases and for other IT problems, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
October 2nd, 2014
Having your smartphone or tablet stolen is certainly no fun, but device theft could actually have more than just one victim. There’s also the individual who later purchases the stolen device. Buying a stolen device also isn’t ideal and some users have actually bought devices online that are still locked from their previous user. While there are some precautions you can take to avoid buying a stolen device, Apple has a tool that helps you avoid those devices that have been locked by the previous user. Lucian Constantin has more at TechWorld.
For used iPads, iPhones and iPods, Apple offers a tool through iCloud called Activation Lock. Users don’t need to login themselves, so you don’t have to be a current Apple device owner to use the service. All you need is the serial number of the device, or the IMEI (International Mobile Station Equipment Identity). By inputting one of those numbers, you’ll be able to see the current Lock status of the device.
This tool has been available since the release of iOS 7 as part of the Find My iPhone feature. It wasn’t turned on by default, however, until iOS 8.
The ability to check Activation Lock status is important because hackers actually figured out how to fool devices that had been locked remotely by their owners. That would allow them to sell functioning devices, but that also means the business of stealing devices would continue to be profitable. By using Activation Lock, users are able to see if the owner locked the device, even if it had been hacked and unlocked later.
Simply by including Activation Lock in iOS 7, Apple saw a significant drop in iPhone thefts in both New York and California. By having it on by default in iOS 8 and publicizing it more widely, it could decrease device theft even more.
Apple has some extremely helpful tool for when your phone is stolen or lost, but when your device is broken or just having issues, bring it to Geek Rescue or call us at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
September 19th, 2014
Most computer users have embraced their need for effective security tools, like firewalls and antivirus programs. Mobile device users have yet to fully understand the risks associated with their devices, however. This becomes a serious problem when those unescured devices are connected to businesses’ networks and gaining access to valuable data. As Teri Robinson reports for SC Magazine, the insecurity often stems from apps.
IT Research firm Gartner reports that three-quarters of mobile apps will fail to meet basic security standards. This isn’t a problem that’s likely to go away soon, either, as Gartner estimates that apps won’t begin to improve until 2016 at the earliest.
Businesses are continuing to embrace the use of third-party commercial apps and mobile computing. There are a number of benefits of doing so, but there are also inherent risks. Currently, most security tools available focus on on-premises access, rather than individuals accessing data remotely. As one CEO put it, “they are built to solve yesterday’s problems”.
In the case of apps, security is rarely the primary focus. Testing is likely done before the app hits the market, but it’s usually for usability and functionality.
In attacks exploiting insecure apps, companies’ servers are vulnerable, which allows for the loss of data that’s either critical to operations, or critical to customers.
Better testing and more intelligent security tools are needed to adequately protect servers from the uses employees have already put into action. In this case, the cart has come before the horse with mobile devices being used to access more data than they’re currently secured for.
At Geek Rescue, we have the capabilities necessary to handle any of your organization’s IT needs, including improving security. Give us a call at 918-392-0745.
For your other business solutions needs, visit our parent company JD Young.
September 18th, 2014
Now that iOS 8 is available to be downloaded on older devices, and with the iPhone 6 set to be released tomorrow, it’s time to identify the risks involved with the new operating system. Any new OS comes with some default settings that need to be changed to maximize the security and privacy of your device. At ZDNet, Zack Whittaker helps locate the settings that users should change immediately after adding iOS 8 to their phones and tablets.
- Location tracking in apps
You may have noticed that a number of apps request access to track your location even when it doesn’t seem to make any sense for them to do so. Even worse is that these apps often try to continue tracking your location when they’re not in use. In iOS 8, you’ll be prompted with a pop-up notification informing you that an app wants to track your location “even when you are not using the app”. In most cases, you’ll want to tap “Don’t Allow” when confronted with this pop-up. If you find out later that the app really does need your location, you can always change this selection in the app settings.
Another problematic characteristic of apps is their insistence that you give them access to your personal data like your contacts, email, photos and calendar. Social networking apps might use these to help you find friends who are also using the app. But others don’t have any real functionality tied to this data. Instead, the app simply uploads this information to their servers, which means this data is in another location where it can be stolen and used against you. To stop this, go to the ‘Settings’ menu and select ‘Privacy’. Then, you can go and select which apps have access to certain data on your device.
If you lose your phone, this feature is your best hope for finding it. This feature also allows you to lock or remotely erase your phone in the event of theft and your phone will send its location to Apple’s servers just before it powers down. To enable it, again head to the ‘Settings’ menu, then ‘iCloud’ and select ‘Find my iPhone’.
iOS 8 introduces the option to send voice and video messages through iMessage. Unfortunately, messages of any kind sent with iMessage are available to anyone with access to your device. That means if you keep messages saved forever, anyone could go back and read, listen or watch them. To prevent that, enable the option to have messages expire after a specified amount of time. Head to ‘Settings’, ‘Messages’ then ‘Keep Messages’ to see your options.
Most users don’t want advertisers to be able to track their location and data, but they can do just that through the Safari web browser if the right settings aren’t changed. While you aren’t likely to stop the practice altogether, you can limit the data collected by going to the ‘Settings’ menu, then ‘Privacy’ and ‘Advertising’. Enable ‘Limit Ad Tracking’ and use the ‘Reset Advertising Identifier’ option.
These are the settings most users will want to change immediately once they’ve either downloaded iOS 8 or purchased their new iPhone 6. These changes don’t make your device completely secure, but they do help.
If any of your devices are in need of a fix, bring them to Geek Rescue or call us at 918-369-4335.
For business solutions needs, visit our parent company JD Young.