Subscribe: Data Doctors Alerts
http://feeds.datadoctors.com/feeds/Alerts.xml
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
backup  computer  don  dots  file  files  information  lsquo  make  ndash  number  program  ransomware  security  users 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Data Doctors Alerts

Data Doctors Alerts



Virus, Bug & Recall Alerts



 



Is it true that if I enroll in the free Equifax protection program that I can't be part of a class action lawsuit?

Fri, 8 Sep 2017 00:00:00 +0700

(image) In what may be one of the most damaging data breaches to date, Equifax - one of the big three credit bureaus, announced that 143 million US based consumers may be affected by a data breach that occurred between May and July of this year.

What makes this breach so damaging is that the most sensitive personal information including Social Security numbers, birth dates and home addresses was part of the breach.

Equifax TrustID Premier Enrollment

In an effort to provide some level of protection to impacted consumers, Equifax has launched a special website (https://equifaxsecurity2017.com) to explain what has happened and to offer their ID theft and credit monitoring service for free to anyone that wants it.

Many have pointed out the irony of going to the very organization that couldn’t keep its data secure to protect you from further damage.

These types of ‘free’ services typically only last for a year, which doesn’t really do you any good in the long run since you can’t change your social security number very easily.

The ‘Terms of Use’ for TrustID Premier has a pretty common arbitration clause that includes:… A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION.  (You can read the entire statement at https://goo.gl/1ZtvgD.)

UPDATE: Equifax has updated their FAQ on this question with the following: The arbitration clause and class action wavier included in the TrustedID Premier Terms of Use applies to the free credit file monitoring and identity theft protection products, and not the cybersecurity incident.

Enrollment for the free one year subsciption ends on November 21, 2017

‘Pretexting’ Concerns

One of the most disconcerting aspects of this breach is that the sensitive information that was stolen is extremely useful for a form of ‘pretexting’ that could have nothing to do with your credit file.

Pretexting refers to the act of pretending to be someone in order to gain access to private or sensitive information.

In this case, your information could allow a perpetrator to pretend that they are you to convince your bank, utility, cellular provider even the IRS to change something like an email address or physical address because the typical information required to prove your identity is in the hands of the bad guys.

Tax Filing Concerns

Another big area of concern will be for the tax-filing season next year. The filing fraudulent tax returns has become a billion dollar problem and this breach just made it easy for this problem to grow.

Make a note in your calendar to file your tax return as quickly as you can next year to avoid the mess that’s created if a fraudulent return is filed before you file your real tax return.

Children’s Credit Files

ID thieves covet the Social Security number of children because it’s a lot less likely that anyone is monitoring the credit of a young child.  Whatever you decide to use to monitor your own credit files, don’t forget your children as well.

Credit Freeze

One of the best ways to lock down your credit file is to put a freeze on it with all 3 credit bureaus: https://goo.gl/kfKWw2




Should I be concerned about ransomware attacking my Mac?

Wed, 28 Jun 2017 00:00:00 +0700

(image) Ransomware continues to grow in popularity as a sort of ‘gold rush’ has been underway in the cyber underworld.

Hundreds of millions of dollars have been generated over the past couple of years with one security firm reporting that 64% of the victims they surveyed paid to get their files back.

Enterprising criminals are even posting ‘ready-to-go’ ransomware kits on the underground marketplace known as the ‘dark web’ with offers to split the revenue with users of their code.

The complexity of these attacks continues to grow as the security world and cyber-criminals face off in a high stakes game of ‘cat and mouse’.

The Bad News For Mac Users

All of the high profile ransomware attacks you’ve likely ever heard of have targeted Windows users, but some of the more recent code being made available via the dark web specifically targets all of the versions of the MacOS as well.

Since ransomware takes advantage of the user more than the operating system, there are few technical barriers to creating a Mac specific attack because the point of entry is getting the user to do something they shouldn’t do.

The most common attack vector for Macs so far has been through infected programs that are designed to bypass Apple’s built-in security (Xprotect and Gatekeeper).  These pre-made ransomware packages also claim to be able to bypass detection by at least 50 different anti-virus programs for both Mac and Windows.

The Good News

Unlike many of the Windows ransomware exploits that can compromise users through unpatched back-doors, clever phishing scams as well as rigged downloads, Mac users currently can only be exploited via a rigged download.

Despite the growing popularity of Mac computers, they still only account for roughly 7% of computers worldwide, so they still benefit from ‘security through obscurity’.

To further illustrate the difference in malware focus in general, one security firm puts the number that target Macs at roughly 450,000 while Windows has 23 million known threats.

From a practical standpoint, cyber thieves are always going to focus on the largest opportunity as they’re in it for the money.

Don’t Let Your Guard Down

Having said all that, everything is subject to change and having the ‘I have a Mac, so I don’t have to worry’ attitude is a bit misguided – there’s a reason why Apple stopped running the ‘we don’t get PC viruses’ commercials back in 2012.

Making sure you only get programs and apps from reputable sources, install the updates when Apple alerts you and keeping all your other Internet tools, such as your browser, Java and Adobe programs updated are important ongoing tasks.

Every computer user should also have a solid backup process - using an automated online backup service such as Carbonite (https://goo.gl/XKum9f) provides an extra layer of security that will save the day whether it’s ransomware, viruses, fire, flood or theft.

Cyber criminals know that Mac computers are more expensive and that Mac owners statistically tend to be on the higher end of the socioeconomic scale, so keep your guard up!




Q: Is it true that color laser printers print invisible dots to ID the printer on every page?

Wed, 7 Jun 2017 00:00:00 +0700

(image) The leaked top secret document that led to the arrest of government contractor Reality Winner has caused a long running privacy issue to resurface.

The hidden yellow dot ID pattern technology on some color laser printers has actually been around since Xerox developed it in the 90’s.

The primary reason for the dots is purportedly to help the Secret Service in counterfeiting cases.  Color copiers and laser printers became so good at reproducing colors that they become a tool for counterfeiters some time ago.

Not all color copiers and laser printers print the dots, but for obvious reasons, the printer manufacturers and law enforcement don’t generally acknowledge which printers do and which ones don’t.

Privacy Concerns

Privacy advocates such as The Electronic Frontier Foundation have been calling attention to this for almost a decade (https://goo.gl/4g8XGk). Their position is that your printer shouldn’t be another tool for government surveillance.

In the Reality Winner case, it’s believed to be what led to her arrest because the dots were easily viewed on the document published online by the Intercept (https://goo.gl/b3KlN9).


What Gets Tracked?

The yellow dots when decoded can indicate the make, model and serial number of the printer and in some cases, include the date and time.

With this information, law enforcement can potentially track down the owner of the printer by following the serial number from the manufacturer to the reseller and then to the purchaser.

Making The Dots Visible

By design, it’s nearly impossible to see the dots with the naked eye, so you’ll want a way to magnify any page that you want to inspect.

Using a microscope or magnifying glass with magnification power of 10x or better to view a blank part of a printed document should allow you to see the dots if they exist.

If you want to make it easier, use a bright blue LED flashlight in a dark room, which should turn the yellow dots a dark blue or black.

If you have a good quality scanner and a graphics program that can zoom and invert the colors, you can also find the pattern, which should repeat itself throughout the page.

List of Known Printers

The EFF has published a list of printers that they say do and do not display the tracking dots (https://goo.gl/UV3q9K), but it’s not up-to-date nor is it a complete list.

In some cases, the printer manufacturer will acknowledge the use of the tracking information in their documentation, but it’s not easy to find even if they do.

What Can You Do?

Technically speaking, setting your color laser to print in black and white won’t allow the yellow dots to be printed.

If you have to use color and are concerned about the tracking dots on a known printer, there is nothing you can do to stop them short of getting rid of the printer.

If you are overly concerned, switching to either a color inkjet or any type of black only printer will ensure that the tracking dots won’t be included. 




If I got hit by ransomware, should I pay the ransom?

Wed, 24 May 2017 00:00:00 +0700

(image) Ransomware is one of the fastest growing cyber-crimes because it’s one of the most profitable.  Unlike other malware that a hacker may or may not be able to monetize, ransomware is a direct path to getting paid through extortion.


The Ransomware Business Model

Today’s sophisticated ransomware scams are based on a proven business model that often times will even come with tech support websites to make sure you get your data back.

The criminals know that if word got out that paying the ransom did not result in getting your files back, no one would ever pay. 


There is no guarantee, however, that if you pay the ransom, you will get your files back as we don’t have any credible data to work with.  Most companies that have been hit with this attack don’t want the word to get out, much less admit that they paid the ransom but didn’t get their data back.

A couple of things are certain: paying the ransom is risky and absolutely encourages them to continue attacking others.

Before You Consider Paying

There are a number of steps you can take before you have to decide whether you should pay the ransom or not.


The easiest way to avoid having to pay the ransom is by having a solid backup that isn’t connected to your computer or company network.

If you do have an uninfected backup that can be restored, removing the infection and the encrypted files is pretty easy to do by anyone with even moderate technical skills.


Which Ransomware Do You Have?

If you don’t have a current backup, there may be tools available that can break the encryption if you were hit with one of the older or less sophisticated strains of ransomware that have been cracked.  


A website called https://NoMoreRansom.org has created a repository of keys and applications that may be able to decrypt your files.

To help determine which strain you’re infected with, you simply upload a couple of the encrypted files along with some of the details within the ransom demand note.

For security reasons, make sure to choose files that don’t contain any sensitive personal or corporate information (picture files are usually a good choice to use for the upload test).


Protection Tip

First and foremost in protecting against this growing threat is the proper backup strategy.

Unfortunately, a traditional external backup drive isn’t good enough because anything that’s connected to your computer or is available through a network share will be encrypted as well.


Even if you routinely disconnect your external hard drive when you aren’t backing up, you’re still not fully protected as this malware runs silently in the background so you could unknowingly overwrite your good files with encrypted files.


The best backup solution physically stores your files separate from your computer and incorporate ‘file versioning’, which means it keeps multiple copies of the same files as they are changed.


Incorporating a cloud-based backup such as Carbonite (https://goo.gl/XKum9f) provides the best protection against not only ransomware but fire, flood, theft and even employee sabotage. 




How can I check to see if my HP laptop has the key tracking problem?

Wed, 17 May 2017 00:00:00 +0700

(image) A recent discovery by Swiss security firm Modzero exposed a major security problem in a large number of HP laptops.  They found that an audio driver that was ‘listening’ for specific ‘hotkeys’ was also recording every keystroke and storing them in an unprotected log file.

Often referred to as ‘keylogging’, this type of activity is usually associated with nefarious programs that try to steal passwords or other sensitive credentials by recording all your keystrokes.

In HP’s case, there’s nothing indicating that anyone was remotely capturing the keystrokes contained in the log files; It’s more of a major mistake made by the company that provided HP with the software.

Who’s At Risk?

Conexant is a primary supplier of audio componentry to most of the major laptop manufactures as well as devices like Amazon’s Echo (Alexa), but this particular issues appears to be isolated to specific HP laptops.

They inadvertently left special debugging code active in the final driver provided to HP, which can potentially be exploited in a number of ways because every keystroke you make – even if you can’t see the character as you type – is being captured to this unprotected file.


It’s the digital equivalent of your computer ‘talking in its sleep’; any program that cares to ‘listen’ could make use of this extremely sensitive information.

Owners of any of HP’s Elite, EliteBook, ProBook or ZBook models from 2015 and 2016 should check their computers for the bug.


How to Check Your Laptop

The following steps may be a bit technical for some, but it’s too important to ignore, so make sure you get help from a trusted technical resource.

Different model laptops exhibit different behaviors, but many of the most common models will have created this log file in the following location: C:\Users\Public\MicTray.log.

If your computer has this log file and you can see data in it when you open the file, your computer has the problem.

If you see the file with no data in it, you’re still not in the clear as the debug output could still be exposing your keystrokes to other programs or it will be empty if you just logged into your computer.


To check for leaking keystrokes, you can run Microsoft’s DebugView while typing random characters on your keyboard to see what is being captured.  If you see any lines in DebugView that refers to ‘Mic target’, your computer is operating with the defective audio driver.


How to Kill the Keylogger

Both HP and Microsoft have released updates to fix the problem, so if you regularly keep your computer updated, you may have already fixed the problem.

HP laptop owners that want to make sure they have the updated audio driver can go to HP’s driver download page in the ‘Support’ section of their website.

This logging behavior goes back to October of 2016, so even if you have fixed the problem, your old backups could contain old log files. Make sure you search for and delete any instance of the MicTray.log file in any of your backups as well.




Should I be concerned about using Kaspersky's antivirus software since it's a Russian company?

Wed, 1 Feb 2017 00:00:00 +0700

(image) Choosing a solid security program to protect your computer and personal information has always been a challenge because there are so many options that get high marks.

Now, with all of the global issues and growing concerns about nationalism, there’s an additional issue that many users are contemplating when making a choice: where is the security software made?

Russia is just one of the many prominent players in the global security software industry, with many of the most popular programs from countries around the world:

AVG & Avast – Czech Republic, Bitdefender – Romania, ESET – Slovakia, F-Secure – Finland, Kaspersky – Russia, Panda – Spain, Sophos – UK  & Trend Micro – Japan for example.


Does It Matter?

In general, just because a security program is owned by a company in another country does not mean it shouldn’t be trusted, especially since countries like Finland, Japan and the UK are clear allies.

In fact, in light of recent national security disclosures, some users are proclaiming that they are more comfortable with using a security program controlled by a foreign company.

It’s highly unlikely we’ll ever know what relationship or working agreement a particular company has with its own government, so you’ll have to decide if the lack of transparency is disconcerting or not.  

We’ve been using and installing Trend Micro’s products for years and have no issue with it being a Japanese company (it was originally created in California and relocated when it acquired a Japanese firm in 1992).

Keep in mind that all of these companies are global players and any evidence that they are working with their own government to disclose user information would all but destroy their businesses.

Trust Matters

Since we rely on our security programs to protect us, we have to allow them full access and control over our computers.

This means that they can scan every file we have and keep logs of those files and in some cases, send information back to the ‘mothership’ if you choose to participate in their ‘security networks’ as a contributor.

If for any reason you don’t trust a company with that level of intimacy, you shouldn’t use their software.

Kaspersky’s Credentials & Controversies 

Anyone in the information security world knows Eugene Kaspersky and his very impressive credentials.

As a teenager, he was studying cryptography in school and by his mid-20’s, he created an anti-virus program to protect his own computer.

His company has also been responsible for uncovering some major cyber-threats over the years.

Unfortunately, since he is a Russian citizen with early ties to the KGB and its replacement (the FSB), he’s always had a cloud of uncertainty over him

Most recently, a Kaspersky executive Ruslan Stoyanov, head of their investigation unit and a liaison to Russian security services was arrested and accused of treason by the Russian government. This has added more questions for some users that have the company’s software installed.

While Stoyanov himself is being accused, not the company, you’ll have to decide for yourself if you’re comfortable using their software based on your own evaluations.




Where can I see if my HP laptop is part of the recall?

Fri, 27 Jan 2017 00:00:00 +0700

(image) HP has extended it's massive recall of laptop batteries that was first announced in June of 2016.

In a statement from their recall notice, they explain: "HP continuously monitors issue reports and reported problems. Our monitoring showed that additional batteries should be included in the recall program. These additional batteries were sold with the same notebook products as communicated in the June 2016 battery recall. It is essential to recheck your battery, even if you did so previously and were informed that it was not affected. However if you have already received a replacement battery, you are not affected by this expansion.HP customers affected by this program will be eligible to receive a free replacement battery for each verified, recalled battery."

You can check to see if your HP laptop is part of the recall in one of two ways: using their utility or manually checking at this link: https://h30686.www3.hp.com/#tab=id2




What tax scams should I be watching out for this year?

Wed, 25 Jan 2017 00:00:00 +0700

(image) Many in the cyber-security business refer to tax season as ‘Christmas for Criminals’ because of the amount of sensitive personal information that will be in circulation.

The IRS reported a nearly 400% surge in phishing and malware incidents in the 2016 tax season and you can bet that number will be as high, if not higher this year.

Fraudulent returns continue to top the list of scams because electronic filing makes it so easy to file returns when a thief acquires your Social Security Number.

In fact, the problem has gotten so big that the IRS will be delaying refunds for all taxpayers until February 15th this year in order to give them more time to screen for fraud.

Start With Your Computer

One the easiest ways for thieves to steal your personal information is directly from your computer if you aren’t paying attention.

Programs designed to sneak in and silently monitor your keystrokes (a.k.a. keyloggers) or steal your e-mail credentials won’t announce themselves.

If your computer takes forever to startup or seems to be ‘stuck in the mud’ when you try to use the Internet, these are clear signs that unnecessary processes are running in the background of your computer.

Since you’ll be working with a lot of sensitive information via your computer, whether you’re preparing your own return or gathering info for a tax preparer, make sure your computer is free of any potential malware.

If you aren’t comfortable running through the various processes yourself, make sure you find someone you trust to do a thorough checkup/cleanup before you get started.

Don’t Send Sensitive Info Via Email

Email has replaced the fax machine for sending documents, but it’s one of the least secure methods of transferring sensitive information to your tax preparer.

Not only can your unprotected information be intercepted by others, a record of your sensitive information gets stored in your email program unless you remember to delete all your sent items.

Check with your tax professional as they should have a more secure method for you to share electronic documents.

Watch For Phishing  and Phone Scams

One of the many known phishing messages pretends to be from the IRS asking you to update your e-file account to make sure you get your refund.

The IRS will NEVER send you an e-mail message or call you; they only communicate with taxpayers via U.S. Mail.  You can report any IRS phishing scams by forwarding the message to [email protected]

File Early To Beat Fraudsters

Fraudulent tax returns continue to be a billion dollar expense for the Treasury Department, but one of the ways you can avoid becoming a victim is file as early as you can to beat them to the punch.

If they file a fraudulent claim before you, it can take an average of over 300 days for you to get the mess straightened out. If you believe you’re a victim of ID theft, the IRS Identity Protection Specialized Unit phone number is (800) 908-4490




I got a message from Microsoft saying that my computer has been blocked because the Zeus virus was detected. Is this legit and what should I do?

Thu, 12 Jan 2017 00:00:00 +0700

(image) The ongoing game by scammers to convince people that their computer is infected has taken some seriously convincing turns in recent months.

One such version of the scam generates what appears to be an official Microsoft message complete with logos and color schemes and a robotic voice saying ‘critical alert’.

Here’s an example pop-up:

 ** ZEUS VIRUS DETECTED - YOUR COMPUTER HAS BEEN BLOCKED **

Error: Virus - Trojan Backdoor Hijack #365838d7f8a4fa5 

IP: 108.XX.XX.XX   Browser:Chrome  ISP: Mci Communications Services inc. Dba Verizon Business 

Please call computer system technician immediately on: 888-XXX-4963

Please do not ignore this safety alert. Your Microsoft System Has Been Compromised. If you close this page before calling us, your computer access will be disabled to prevent further damage and your data from being stolen. 

Since this particular scheme attempts to keep you from doing anything else, calling the posted toll-free number to get help seems to be a rational response for those stricken with fear.

We’ve also seen this attempted scam posing as a warning from your Internet service provider (such as Cox or Century Link) because the scammers can easily determine who your ISP is.

Understanding some basic red flags will go a long way in helping you avoid this and all of the subsequent attempts to trick you that are certain to come.

Tip #1 – Be suspicious of toll-free numbers

Large technology companies have spent millions to prevent you from calling them for help. 

It’s just not economically feasible for companies that have millions of users or in Microsoft’s case, over a billion, to pick up the phone whenever someone needs help.

With this in mind, any time you see any error message pop-up on your computer urging you to call a toll-free number, assume it’s a scam.

Tip #2 – Get to know your security software

Knowing what you have installed to protect you from Internet threats will go a long way to helping you quickly sniff out scams.  Chances are, you have a third-party program installed to protect you, so take some time to understand what it looks like and how it alerts you.

Tip #3 – Real tech companies don’t answer the phone

Anyone that’s ever tried calling to speak to a human at any large organization is always met by an automated attendant system.

Call routing systems are necessary because call volumes are very high, so when you call a toll-free number for tech support and a real-live human answers, you should always be suspicious (especially if they have a foreign accent). 

Tip #4 – Killing the fake message

It may appear that your computer has been locked down, but in most cases you can simply shut down the pop-up to regain control.  Windows users can use the Task Manager (Ctrl-Alt-Del to access it) to end the fake task and Mac users can use the Force Quit option to kill the fake session (yes, this Microsoft pop-up can appear on Mac screens as well!).

If all else fails, manually shutdown your computer, then restart it and immediately run the security software you know you installed.




Have you heard of RansomFree from Cybereason and would you recommend it?

Wed, 21 Dec 2016 00:00:00 +0700

(image) As the threat of Ransomware grows, utilities that are specifically designed to protect users from becoming a victim are hitting the market.

Ransomware is malware that attempts to gain access to your computer with the intent of locking you out of your own personal files and demanding a ransom to unlock them.

The level of encryption being used by current versions of ransomware is so sophisticated that your only options are to pay the ransom or lose everything if you don’t have a separate off-site backup.

What RansomFree Does

The company that created this free tool examined the process that most of the known ransomware attacks follow and created special folders and files known as a ‘honeypot’ to detect threats.

The file structure of these dummy files is designed to be one of the first targets of an attack, which the program monitors in order to alert you of a potential attack.

This means that in order for the program to alert you, a small number of files will be sacrificed with the hope that it’s the files that they setup as the honeypot.

The Whack-A-Mole Problem

While RansomFree’s approach is unique and inventive, there’s a problem that the entire security industry has struggled with since the beginning of time; they’re all playing whack-a-mole.

Just as RansomFree was created by examining what ransomware programs typically do, malware authors can conversely see what RansomFree is doing and change up their scripts to avoid or delay detection.

There could eventually even be direct mitigation code that would attempt to disable the program if it becomes widely used, so as always, it’s a moving target.

What this should tell you is that no one layer of protection should ever be relied upon when it comes to the threat of ransomware.

Unlike a lot of other malicious activity floating around the Internet, ransomware has proven to be a solid moneymaker for cyber-crime syndicates, which ensures that they’ll continue to evolve their threats in order to side-step any and all security layers as they’re developed.

Blended Protection

Just about every major anti-virus/Internet security program is including some form of ransomware detection and protection these days, so check to see what you might already have installed.

If you don’t have anything, installing RansomFree couldn’t hurt, but since we’ve established that just about any security program can potentially be thwarted, how you backup your critical files becomes your last line of defense.

If you have a backup that is out of reach of the ransomware, you’ll never have to pay the ransom.

Unfortunately, traditional local backups via an attached external hard drive will be of no value if you’re system is attacked because anything accessible to the computer is also encrypted.

The best backup schemes incorporate the 3-2-1 approach: 3 copies of your data on at least 2 different devices with 1 copy off-site.

The best and most cost effective defense against ransomware for most users is an online backup service such as Carbonite (https://goo.gl/XKum9f) because it’s not directly accessible during an attack and it’s automated.