Wed, 1 Feb 2017 00:00:00 +0700
(image) Choosing a solid security program to protect your computer and personal information has always been a challenge because there are so many options that get high marks.
Now, with all of the global issues and growing concerns about nationalism, there’s an additional issue that many users are contemplating when making a choice: where is the security software made?
Russia is just one of the many prominent players in the global security software industry, with many of the most popular programs from countries around the world:
AVG & Avast – Czech Republic, Bitdefender – Romania, ESET – Slovakia, F-Secure – Finland, Kaspersky – Russia, Panda – Spain, Sophos – UK & Trend Micro – Japan for example.
Does It Matter?
In general, just because a security program is owned by a company in another country does not mean it shouldn’t be trusted, especially since countries like Finland, Japan and the UK are clear allies.
In fact, in light of recent national security disclosures, some users are proclaiming that they are more comfortable with using a security program controlled by a foreign company.
It’s highly unlikely we’ll ever know what relationship or working agreement a particular company has with its own government, so you’ll have to decide if the lack of transparency is disconcerting or not.
We’ve been using and installing Trend Micro’s products for years and have no issue with it being a Japanese company (it was originally created in California and relocated when it acquired a Japanese firm in 1992).
Keep in mind that all of these companies are global players and any evidence that they are working with their own government to disclose user information would all but destroy their businesses.
Since we rely on our security programs to protect us, we have to allow them full access and control over our computers.
This means that they can scan every file we have and keep logs of those files and in some cases, send information back to the ‘mothership’ if you choose to participate in their ‘security networks’ as a contributor.
If for any reason you don’t trust a company with that level of intimacy, you shouldn’t use their software.
Kaspersky’s Credentials & Controversies
Anyone in the information security world knows Eugene Kaspersky and his very impressive credentials.
As a teenager, he was studying cryptography in school and by his mid-20’s, he created an anti-virus program to protect his own computer.
His company has also been responsible for uncovering some major cyber-threats over the years.
Unfortunately, since he is a Russian citizen with early ties to the KGB and its replacement (the FSB), he’s always had a cloud of uncertainty over him.
Most recently, a Kaspersky executive Ruslan Stoyanov, head of their investigation unit and a liaison to Russian security services was arrested and accused of treason by the Russian government. This has added more questions for some users that have the company’s software installed.
While Stoyanov himself is being accused, not the company, you’ll have to decide for yourself if you’re comfortable using their software based on your own evaluations.
Fri, 27 Jan 2017 00:00:00 +0700
(image) HP has extended it's massive recall of laptop batteries that was first announced in June of 2016.
In a statement from their recall notice, they explain: "HP continuously monitors issue reports and reported problems. Our monitoring showed that additional batteries should be included in the recall program. These additional batteries were sold with the same notebook products as communicated in the June 2016 battery recall. It is essential to recheck your battery, even if you did so previously and were informed that it was not affected. However if you have already received a replacement battery, you are not affected by this expansion.HP customers affected by this program will be eligible to receive a free replacement battery for each verified, recalled battery."
You can check to see if your HP laptop is part of the recall in one of two ways: using their utility or manually checking at this link: https://h30686.www3.hp.com/#tab=id2
Wed, 25 Jan 2017 00:00:00 +0700
(image) Many in the cyber-security business refer to tax season as ‘Christmas for Criminals’ because of the amount of sensitive personal information that will be in circulation.
The IRS reported a nearly 400% surge in phishing and malware incidents in the 2016 tax season and you can bet that number will be as high, if not higher this year.
Fraudulent returns continue to top the list of scams because electronic filing makes it so easy to file returns when a thief acquires your Social Security Number.
In fact, the problem has gotten so big that the IRS will be delaying refunds for all taxpayers until February 15th this year in order to give them more time to screen for fraud.
Start With Your Computer
One the easiest ways for thieves to steal your personal information is directly from your computer if you aren’t paying attention.
Programs designed to sneak in and silently monitor your keystrokes (a.k.a. keyloggers) or steal your e-mail credentials won’t announce themselves.
If your computer takes forever to startup or seems to be ‘stuck in the mud’ when you try to use the Internet, these are clear signs that unnecessary processes are running in the background of your computer.
Since you’ll be working with a lot of sensitive information via your computer, whether you’re preparing your own return or gathering info for a tax preparer, make sure your computer is free of any potential malware.
If you aren’t comfortable running through the various processes yourself, make sure you find someone you trust to do a thorough checkup/cleanup before you get started.
Don’t Send Sensitive Info Via Email
Email has replaced the fax machine for sending documents, but it’s one of the least secure methods of transferring sensitive information to your tax preparer.
Not only can your unprotected information be intercepted by others, a record of your sensitive information gets stored in your email program unless you remember to delete all your sent items.
Check with your tax professional as they should have a more secure method for you to share electronic documents.
Watch For Phishing and Phone Scams
One of the many known phishing messages pretends to be from the IRS asking you to update your e-file account to make sure you get your refund.
The IRS will NEVER send you an e-mail message or call you; they only communicate with taxpayers via U.S. Mail. You can report any IRS phishing scams by forwarding the message to [email protected]
File Early To Beat Fraudsters
Fraudulent tax returns continue to be a billion dollar expense for the Treasury Department, but one of the ways you can avoid becoming a victim is file as early as you can to beat them to the punch.
If they file a fraudulent claim before you, it can take an average of over 300 days for you to get the mess straightened out. If you believe you’re a victim of ID theft, the IRS Identity Protection Specialized Unit phone number is (800) 908-4490
Thu, 12 Jan 2017 00:00:00 +0700
(image) The ongoing game by scammers to convince people that their computer is infected has taken some seriously convincing turns in recent months.
One such version of the scam generates what appears to be an official Microsoft message complete with logos and color schemes and a robotic voice saying ‘critical alert’.
Here’s an example pop-up:
** ZEUS VIRUS DETECTED - YOUR COMPUTER HAS BEEN BLOCKED **
Error: Virus - Trojan Backdoor Hijack #365838d7f8a4fa5
IP: 108.XX.XX.XX Browser:Chrome ISP: Mci Communications Services inc. Dba Verizon Business
Please call computer system technician immediately on: 888-XXX-4963
Please do not ignore this safety alert. Your Microsoft System Has Been Compromised. If you close this page before calling us, your computer access will be disabled to prevent further damage and your data from being stolen.
Since this particular scheme attempts to keep you from doing anything else, calling the posted toll-free number to get help seems to be a rational response for those stricken with fear.
We’ve also seen this attempted scam posing as a warning from your Internet service provider (such as Cox or Century Link) because the scammers can easily determine who your ISP is.
Understanding some basic red flags will go a long way in helping you avoid this and all of the subsequent attempts to trick you that are certain to come.
Tip #1 – Be suspicious of toll-free numbers
Large technology companies have spent millions to prevent you from calling them for help.
It’s just not economically feasible for companies that have millions of users or in Microsoft’s case, over a billion, to pick up the phone whenever someone needs help.
With this in mind, any time you see any error message pop-up on your computer urging you to call a toll-free number, assume it’s a scam.
Tip #2 – Get to know your security software
Knowing what you have installed to protect you from Internet threats will go a long way to helping you quickly sniff out scams. Chances are, you have a third-party program installed to protect you, so take some time to understand what it looks like and how it alerts you.
Tip #3 – Real tech companies don’t answer the phone
Anyone that’s ever tried calling to speak to a human at any large organization is always met by an automated attendant system.
Call routing systems are necessary because call volumes are very high, so when you call a toll-free number for tech support and a real-live human answers, you should always be suspicious (especially if they have a foreign accent).
Tip #4 – Killing the fake message
It may appear that your computer has been locked down, but in most cases you can simply shut down the pop-up to regain control. Windows users can use the Task Manager (Ctrl-Alt-Del to access it) to end the fake task and Mac users can use the Force Quit option to kill the fake session (yes, this Microsoft pop-up can appear on Mac screens as well!).
If all else fails, manually shutdown your computer, then restart it and immediately run the security software you know you installed.
Wed, 21 Dec 2016 00:00:00 +0700
(image) As the threat of Ransomware grows, utilities that are specifically designed to protect users from becoming a victim are hitting the market.
Ransomware is malware that attempts to gain access to your computer with the intent of locking you out of your own personal files and demanding a ransom to unlock them.
The level of encryption being used by current versions of ransomware is so sophisticated that your only options are to pay the ransom or lose everything if you don’t have a separate off-site backup.
What RansomFree Does
The company that created this free tool examined the process that most of the known ransomware attacks follow and created special folders and files known as a ‘honeypot’ to detect threats.
The file structure of these dummy files is designed to be one of the first targets of an attack, which the program monitors in order to alert you of a potential attack.
This means that in order for the program to alert you, a small number of files will be sacrificed with the hope that it’s the files that they setup as the honeypot.
The Whack-A-Mole Problem
While RansomFree’s approach is unique and inventive, there’s a problem that the entire security industry has struggled with since the beginning of time; they’re all playing whack-a-mole.
Just as RansomFree was created by examining what ransomware programs typically do, malware authors can conversely see what RansomFree is doing and change up their scripts to avoid or delay detection.
There could eventually even be direct mitigation code that would attempt to disable the program if it becomes widely used, so as always, it’s a moving target.
What this should tell you is that no one layer of protection should ever be relied upon when it comes to the threat of ransomware.
Unlike a lot of other malicious activity floating around the Internet, ransomware has proven to be a solid moneymaker for cyber-crime syndicates, which ensures that they’ll continue to evolve their threats in order to side-step any and all security layers as they’re developed.
Just about every major anti-virus/Internet security program is including some form of ransomware detection and protection these days, so check to see what you might already have installed.
If you don’t have anything, installing RansomFree couldn’t hurt, but since we’ve established that just about any security program can potentially be thwarted, how you backup your critical files becomes your last line of defense.
If you have a backup that is out of reach of the ransomware, you’ll never have to pay the ransom.
Unfortunately, traditional local backups via an attached external hard drive will be of no value if you’re system is attacked because anything accessible to the computer is also encrypted.
The best backup schemes incorporate the 3-2-1 approach: 3 copies of your data on at least 2 different devices with 1 copy off-site.
The best and most cost effective defense against ransomware for most users is an online backup service such as Carbonite (https://goo.gl/XKum9f) because it’s not directly accessible during an attack and it’s automated.
Wed, 14 Dec 2016 00:00:00 +0700
(image) Whether you currently use a Yahoo email account, used to use one or have never used one, the announcement of 1 billion accounts being compromised in 2013 holds many lessons for everyone.
Yahoo says that no financial information was included in the breach, but username, email addresses, telephone numbers, hashed passwords, birth dates and in some cases answers to security questions were all part of the break in.
Why Email Hacks Are So Desirable
Your email account is the digital key to your kingdom for a variety of reasons, which is why they are so valuable to hackers.
Remember, whenever you (or a hacker) need to reset a forgotten password for just about any online account, the reset instructions get sent to your registered email account.
Another treasure trove is the accumulation of messages that you were sent when you initially signed up for any account, which is a quick way to know what other accounts can be compromised.
Lesson #1: Start getting in the habit of deleting sign-up, notification and reset email messages as soon as you are through with them.
Birthdays & Security Questions
Many sites ask for your birthday as a way to ensure you are old enough to meet their age requirements, but nothing says you have to give them your actual birthday.
Although Yahoo is moving away from security questions as a way to allow you to regain access to an account, the information gathered by the hackers can potentially be used elsewhere.
Questions such as ‘what was your high-school mascot’ are pretty easy to figure out depending on your profile on sites like Facebook and LinkedIn.
Lesson #2: Start lying more; don’t give your actual birthday or use actual researchable answers on security questions.
Additional Security Measures
If you haven’t figured it out already, virtually anything on the Internet is ‘hackable’ and it’s generally just a matter of time for any large online entity.
Setting up password fraud alerts through 2-factor authentication (https://goo.gl/0MhNLG) and using password management programs that ensure that no password is ever used on multiple sites are a good start.
Lesson #3: Assume that everyone you do business with online is going to be breached and act accordingly.
Spear-Phishing Made Easy
Spear-phishing refers to scam emails that are targeted at those that are known to use a specific service.
In this case, if you have a Yahoo email address, it’s pretty easy for scammers to send convincing but fake ‘password reset’ messages to you knowing that you actually have an account.
Lesson #4: Never click on any reset links unless you just asked for a reset message to be sent.
With all the large-scale breaches in the last couple of years, the likelihood is that any password that you’ve been using for years has been compromised.
There are lots of ‘known password’ databases that allow cyber-thieves to compare them to stolen hashed passwords, which is why one breach can lead to so many other accounts being compromised.
Lesson #5: If you’re still using a password that’s been in use for more than a couple of years, change it to something you’ve never used before.
Wed, 30 Nov 2016 00:00:00 +0700
(image) In the tech industry’s ongoing attempts to create better tools to protect consumers, they often come up with software that focuses in specific areas.
Trusteer Endpoint Protection (a.k.a Rapport) is a legitimate program that is specifically designed to help fight financial fraud and is often recommended by various banks for reducing the chances of fraud and identity theft when it comes to online transactions.
Originally developed in Israel in 2006, Trusteer was acquired by IBM in 2013 for an estimated $800 million so any concerns about it being a malware program can be put to rest.
Why Banks Recommend It
The program is specifically designed to prevent many known banking Trojan malware such as ZeuS, Silon, Torpig, SpyEye and others from attacking its users.
Malware designed to attack online banking transactions will attempt to steal login credentials so cyber-thieves can access online accounts or steal the identity of its victims.
They tend to use keyloggers, screen grabbing and phishing as a means of exploiting users, which is what Trusteer is specifically designed to help protect against.
As such, many banks recommend the free program as an extra layer of protection, because the banks have installed the protection on their side and it works best when both sides are using the same security system (thus the name ‘Endpoint’).
Banks are interested in both security and regulatory compliance, which the Trusteer platform provides, which is why so many have partnered with IBM to promote the program.
The Real World
If the only thing your computer needed to do was interact with your bank, Trusteer would be a no-brainer, but for most of us that’s not the real world.
Despite the fact that it’s designed to work as an added layer of protection to your primary security program, many users have reported a multitude of issues over the years.
Online complaints range from the initial installation process to incompatibility with other programs to a noticeable degradation in performance as well as a complicated removal procedure.
As with any security program, it can prevent you from operating your computer in a normal way because it blocks access to anything it perceives as a threat (false positives), which can be very frustrating.
Should You Use It?
As with any protection system, there is no ‘one-size-fits-all’ solution, so determining whether you should use the program or not requires some homework.
If your bank is pushing you to install the program, before doing so, I’d strongly recommend that you research the specific issues with whatever Internet security program you have installed by doing a search for ‘Trusteer issues with XXX” (where XXX is the name of your program).
Not only will you get information specifically from the support resources of the Internet security company, you’ll likely get user feedback on their experiences as well.
As an advanced search tip in Google, if you include –trusteer.com
at the end of your search query, the results will be filtered to exclude anything from Trusteer’s website so you’ll only get feedback from third parties.
Business users should do their experimenting on non-mission critical computers to avoid any compatibility disruptions to workflow.
Wed, 9 Nov 2016 00:00:00 +0700
(image) Ransomware is one of the fastest growing cyber-crimes because it’s working so well for organized crime rings around the world.
Victims of ransomware are essentially locked out of their own private files unless they are willing to pay a ransom to get the key that will unlock them.
Alarming Ransomware Statistics
According to one estimate, $209 million was paid in ransomware attacks in the first quarter of 2016 alone.
Another survey found that nearly 50% of professional organizations were victims of a ransomware attack in the past 12 months.
The average ransom demanded is just under $700, but as more businesses are being targeted, the ransom amounts are increasing.
To provide some perspective, the average ransom demand in 2015 was around $294
59% of infections come via email as either a malicious link or an infected email attachment.
Malicious social media links don’t account for a large percentage of the current attacks, but cyber security experts expect this approach to grow.
Protecting Yourself From Ransomware
Since this form of attack larger relies on tricking a human into clicking on a link or opening a malicious attachment, educating everyone in your household or business on ways to spot questionable email messages is a good start.
Since cyber-criminals have the ability to use Internet searches and social media to figure out who’s who in just about any business, it allows them to create very clever spear-phishing email messages that can fool employees that aren’t paying attention.
Bad grammar, missing punctuation and strange salutations are just a few of the things that everyone needs to be looking for in just about any message that prompts you to click on a link or open an attachment.
There is a free phishing security test business can use to test and educate their employees from a company called KnowBe4 (https://goo.gl/PGsyHz)
Parents need to understand that cyber-criminals set their traps where they know teenagers go to download free music, games, movies and programs that usually cost hundreds of dollars.
Make sure you have all your security updates installed and have a good off-site backup like Carbonite so you don’t ever have to pay the ransom to get your files back.
Options For Victims
If you become a victim of a ransomware attack, your options depend on what type of backup you employ.
Traditional backup devices that are attached to your computer when you’re attacked are also attacked, so unless you have a disconnected or off-site backup, you’ll either have to pay the ransom or lose everything and start over.
Fortunately, getting rid of the infection that allowed your files to be held hostage is pretty straight forward, but decrypting your compromised files is nearly impossible for most of today’s attacks.
If you do have a clean backup, you can either disinfect the system by booting to an uninfected device, like a flash drive or CD/DVD to run a scan with anti-virus/security programs or wipe the drive completely and reload everything from scratch.
Wed, 2 Nov 2016 00:00:00 +0700
(image) There are many lessons that can be learned from the recent high-profile email hacks to several public figures.
The most important lesson is that people, not security measures are the easiest to compromise.
The Weakest Link
As anyone in IT security will tell you, no matter how sophisticated the cyber-security system may be, the humans using the system are always the weakest link.
In most cases, hackers employ what’s called ‘social engineering’ to trick users into divulging critical information that allows them to be exploited.
In the Podesta case, a ‘spear-phishing’ email claiming the password had been stolen convinced both the users and the IT person that it was a legitimate warning from Google.
Spear-phishing refers to a more targeted exploit because the hackers know that you use a specific online service.
In this case, since the recipient’s email address ended with @gmail.com, they created a ‘stolen password’ alert that appeared to be from Google.
Tell Tale Signs
As with most phishing messages, a close examination of the punctuation and grammar would have tipped off an observant reader.
The lack of commas in appropriate places, the relative vagueness of the message and the fact that they ended the message with ‘Best, The Mail Team’ are clear red flags.
The reason social engineering tricks work so well is that the anxiety created by the message causes most people to focus on the salacious subject line and scary claims instead of the message in its entirety.
Another way to sniff out suspicious messages is to use the hover method as described in this video: https://youtu.be/-aay-00BCKE.
Thoroughly Read Messages
The IT person also fell for the fake message but in their defense, they replied with a specific link to use to change the password, which the frantic user didn’t use.
Instead, they went back to the original message and clicked on the button that said ‘Change Password’ which sent them right where the hackers wanted them.
Had they followed the instructions from the IT person, even though the message was a fake, they would not have been compromised.
Stolen Password Protection
Another important step that the IT person suggested in his response was to make sure that 2-step verification was turned on (https://goo.gl/SCa64p), which would have kept the hackers out even with the password.
2-step verification creates a second layer of protection in the event someone steals your password.
With it turned on, whenever the site detects a valid login from an unknown location or device, it sends a special code via text message to your smartphone.
Without the code, the person that has your password won’t be able to get in AND you will have been alerted that your password has been compromised.
Never Click Links
We’ve all heard the ‘never click links in email messages’ a million times, but cleverly crafted messages can scare people into taking immediate action.
Even when you think a warning is legitimate, avoid the links and manually type in the address of the service in question to see if the same warning comes up when you log in.
Wed, 5 Oct 2016 00:00:00 +0700
(image) With the recent story about FBI Director James Comey admitting to having tape over the top of his webcams at home, this question is making the rounds once again.
Comey isn’t the only one that has tape over his webcams. Another story that took the Internet by storm was a picture of Facebook Founder Mark Zuckerberg showing that he has tape over both the webcam and the microphone jack on his laptop.
How Possible Is A Webcam Hack?
The technical capability for a remote hacker to gain access to your webcam is absolutely a possibility, so putting tape over your webcam will keep them from being able to see or record anything if they do get in.
But I’ve always contended that just putting tape over your webcam is a little like sticking your head in the sand, if that’s all you do.
In order for a remote hacker to make use of your webcam, they generally start by gaining access to your computer, which gives them complete access to EVERYTHING on your computer.
Making sure you have solid security software installed and paying attention to changes in the performance and startup times of your computer are also critical to sniffing out hidden malware.
Both Mac and Windows users are potential victims of the many social engineering tricks used by malware creators to gain access to your system.
One of the more common tricks is to convince you that you need to update your video playback software in order to see a video, which often presents itself as a convincing but fake pop-up with a link.
If you’re serious about protecting access to your computer’s webcam, you can install special software that monitors, blocks and alerts you whenever a program is attempting to use your webcam.
Windows users can look into using Phrozen Software’s Who Stalks My Cam (https://goo.gl/W5DwIa) which offers free threat detection as well as the ability to setup automatic responses to detected threats.
It also offers the ability to create ‘Whitelists’ of approved programs so applications like Skype that you do want to use won’t be stopped in their tracks.
Mac users can install a free program called OverSight (https://goo.gl/TvcWb1) from the R&D Director at Synack, an information security firm.
The OverSight program will monitor both your Mac's mic and webcam, alerting you whenever the internal mic is activated or whenever a program is attempting to access your webcam.
Patrick Wardle, the author of the program and former NSA staffer recently discussed new ways malware could piggy-back on legitimate webcam sessions, so Mac users shouldn’t shrug off the threat as a Windows-only problem.
Most webcams have an LED that indicates that it’s in use, but some of the more sophisticated attacks can turn off the visual indicator or in the case of the recent proof-of-concept attack on the Mac, simply piggy-back onto legitimate sessions.
Remember, if a remote user can access your webcam, they can generally access everything on your computer, so don’t limit your concerns to the webcam.