Avoiding Internet &Telephone Con Artists-Part 2

This article deals with the ever increasing risk of being “conned” out of your money by Internet thieves.Part one can be found on this blog under November 2014.

With the growth in the use of Ipad, mobile, and tablet use to access the internet many technology users have grown use to not having anti-virus software to combat virus and spyware attacks. What is forgotten is that these anti-virus products also provided security against two of the most common methods of attacking internet users. The thieves have switched to using these methods to target these non laptop/desktop users.  These attacks are launched via fake websites, and fake emails. Both methods work extremely well and I’ve seen numerous cases of people being conned out of money by these methods. I will deal with the fake email this month and fake websites next month.

The Fake Email.

How it works:

1. You receive an email which can appear to come from your email provider, a friend, Microsoft, your bank or any of a number of institutions or individuals you deal with.
2. You are invited to open, click the link or visit the website.
3. The email may contain a warning that some action will be taken unless you do.
4. The email may contain information on something that has been purchased via your credit card, itunes, or paypal and invite you to cancel the transaction if it is not you.
5.  The email may appear to be from a friend or some other social media organization such as Facebook.

How To Avoid This Scam:

1. Do not open it, click the link, visit the site or in any way with the message or email.
2. If you are worried visit the site independently of the message taking special care to ensure you are actually on the correct site (check the full address in the address bar)
3. If you believe your device or email is compromised contact a professional and do not proceed.

Many of you will be purchasing new internet devices this Christmas other than traditional desktop and laptops. Do not make the mistake that these devices guarantee your safety from thieves. To quote an old adage “there is more than one way to skin a cat!”

Stay alert, stay safe!

Avoiding Internet &Telephone Con Artists

This month’s article deals with the ever increasing risk of being “conned” out of your money by Internet thieves. I’ve written about this several times before but some of the newer cons deserve that I revisit the subject.

The Telephone Con

How it works:

1. You receive a call on your landline or mobile from someone claiming to be from Microsoft or some other technology company. The caller may identify himself as from “windows” or an anti-virus company.
2. The caller tells you that your computer has been identified as having a problem. The problem described can be anything from “being ready to crash” to “having been involved in a criminal act”.
3. The caller offers to connect with your computer or directs you to a website for
4. Further assistance.
5. Once you allow this you are prompted by either the caller or the website or your computer that you need to pay an amount to fix the issue. The amount is always under €100.
6. You, the victim, enters you bank account or credit account details on the website or gives them to the individual.
7. You realize later you have been scammed as money has disappeared from your account. The amounts range from €300 up to €3,000.

How To Avoid This Scam:

1. Do not engage in any way with this individual simply hang up the phone.
2. Assume all such calls are scams and if you need clarification contact a known computer technician for advice.
3. Never visit the site offered, and never allow access to your computer.

Who They Are:

1. These conmen (it seems to be mostly men) are organized criminal gangs located in countries outside the jurisdiction of Interpol (and consequently the Guards).

2. They are using freely available internet telephone directories which lists your name and telephone number.

3. They are using low cost internet calling services such as skype to contact you. You will notice the quality of the telephone call will sometimes be poor.

4. The will try repeatedly, using different methods, to get you to give them access to your computer or compromise the security on your computer.

5. The will, if they can, also use email as a second tier attack on you.

Stay alert, stay safe!

Busting Computer Myths – Part 3

This month’s article continues on the topic of Computer Myths and Rumours. Part 1&2 are available on this blog.

I use A Tablet/Ipad So I am Safe From Attack

Truth or Myth: Myth.  This is a common myth and one which seems to be catching out large groups of internet users. Before the arrival of the tablet/ipad technology the primary methods of attack were via email, via websites, application downloads, illegal music and video sites, and phone scamming. With the change in the way apps are delivered to tablets/ipads the scammers are now moving to different methods of attack with a good deal of success. The Achilles heel of the tablet/ipad is the internet and the degree to which these devices rely on it for storage. Cloud based email systems such as hotmail and gmail provide a relatively easy way for scammers to gain access to your data. Once they have done that they can launch attacks on your bank accounts and your friends. This is by far the most common attack I see on tablet/ipad users.

Prevention Tips: Make sure all passwords on all cloud based accounts are unique and not similar. My article from June 2014 outlines some good password tips.

Employ two step verification on the gmail and hotmail accounts to prevent unauthorized access.

Do not store sensitive information on your tablet/ipad or on the cloud and if you must ensure it is encrypted to the highest level possible.

Never give out passwords to unknown people and do not accept calls from people claiming to be from Microsoft or your anti-virus company.

Never reply to emails requesting password changes unless you have initiated the change.

I Don’t Need To Backup All My Information Is On The Cloud

Truth or Myth: Myth. Reliance on the cloud for backup is not a good idea and you should always maintain a backup of your data on your own external device where possible. On tablets/ipads this will mean copying the data to your desktop/laptop if you have one! If you don’t have a pc or laptop then ensure your keep the data on the cloud in at least two different locations. As with your email use strong passwords and change the password frequently.  When it comes to technology “plan to fail, don’t fail to plan” for the day when your device is hacked or just simply dies.

Busting Computer Myths – Part 2

This month’s article continues on the topic of Computer Myths and Rumours. Part 1 is available on this blog under August 2014. You can subscribe to this blog by visiting my website at www.reidyonline.com/blogspot.htm

Addons/Toolbars Have Not Effect On My Browser

Truth or Myth?: Myth. Toolbars, add-ons, and extensions to your browser are one of the easiest ways for hackers, conmen, and cyber criminals to gain access to your computer. Once installed this software can be used for a variety of purposes but ultimately it is aimed at your wallet. These add-ons can appear to be legitimate and promise, as usual, some wonderful benefit. The rule of thumb for all such software is to refuse to install it and if you think one of these apps has made it on to your device seek professional advice.

Anti-Virus Software Will Protect Me From Viruses/Malware

Truth or Myth: Myth.  This is one of the most common myth’s and leads to a false sense of security when browsing the web and or reading email. I sell and support what I consider to be the best professional anti-virus software available but despite it’s excellent track record I would never tell anyone that it is a 100% defence against viruses/Malware. The reason is simple: You cannot guarantee any product against future threats. Virus/Malware writers spend their time trying to come up with new software that can bypass anti-virus software. Thus even the best anti-virus software available cannot always be ahead of the virus writers. Your Anti-virus software is just one component in the defence of your computer. You are by far the most important component in defending your computer.. Where you browse, how you browse, what you download, and what emails you open all affect the potential for virus/Malware infections.

To Reduce The Chances of Virus.Malware infection :

• Stop and think before you click a link, open an email, or click yes to allow a program to run on your computer. If you are not sure do not proceed!!

Next month I’ll expand and explore other Myths and Rumours.

Busting Computer Myths

This month I will be addressing some of the common computer myths and rumours I hear from customer arriving with broken or infected computers. You will probably recognize most of them but some may be new to you. Either way here is my two pennies worth on common computer myths.

The Exploding Email

This annoyance usually arrives in your inbox with a warning about a circulating email with a particular subject. It warns you if you open the email message it will immediately wipe your hard drive. It is usually accompanied by a story telling how this has happened to a friend. The email requests you to pass the warning on to all your friends so they don’t become a victim.

Truth or Myth?: Myth. These emails are just junk and are designed to harvest email addresses for spammers or are just a myth that goes viral. Delete them, don’t reply and don’t forward to your friends.

Free Speedup Software/Cleanup Software

Usually offered from a website you have visited or after you’ve been surfing on new sites. The advert promises to heal all the woes on your computer including speeding it up with some “magic” software. You download it and it immediately identifies hundreds of errors and offers to fix them.

Truth or Myth?: Myth. This software is what is termed junkware, or in simple language rubbish software which does absolute nothing to your computer. In actuality most of this genre of software will cause your computer to go even slower over time.

Coupled with this is the fact a good portion of this software provides a gateway to your system for other junkware apps. It is not unusual for me to see six or more of these programs installed on a computer. This software can also lead to more serious issues as it can be used to install stealth apps which can steal your information or turn your machine into a slave for cyber criminals.

Addons/Toolbars Have Not Effect on Your Browser

Truth or Myth?: Myth. These add-on apps for browsers are a curse and in my opinion the cost in performance on your surfing far outweighs the benefit of installing them. Next Month I’ll discuss these and other myths in more detail.

Protect Your Internet Identity

Increasingly with the growth in the use of smart phones, tablets, and ipads the internet criminal community has changed their methods of stealing your money. Prior to the Smartphone/ipad era, criminals, for the most part, relied on spyware and viruses to infect your computer and steal the necessary information.  These methods are still widely used but others are now being employed to get at your identity if you are a Smartphone/tablet/Ipad user.

The Achilles Heel of The Cloud

Hotmail, Facebook, Gmail, Dropbox, Picassa the list is endless when it comes to cloud computing. These “free” applications come with a hidden price and danger that most people are simply oblivious to. The Danger? Once a criminal gets your password all of the information stored on the cloud can be used to both steal your identity and your money. The security of these applications has been increased but most people do not use these features. Do you use two step confirmation on your hotmail account? If the answer is no or what is it? – this illustrates my point. These applications simply put are not safe and the more information you put on them the easier it will be to steal your identity if you get hacked.

How Criminals Get Your Passwords

The top methods used to get your passwords are:

• Fake versions of legitimate Websites (banking site, facebook site or email site)
• Bin surfing or shoulder surfing computer users (ebay was hacked using a legitimate password stolen from an ebay employee)
• Fake email requests to change your password.
• Brute force attacks on your account (Automated programs which try often used passwords to guess your account)
• Guessing passwords based on profiles on Facebook, online dating and other social media sites
• Fake wireless access points (more on this next month)
• Infecting Web kiosk and internet café computers with viruses or stealth key logging software.
• Virus and spyware infections on personal computers (Avoid the “free” anti-virus solutions like the plague or you’ll regret it)

How to Reduce the Risk

• Maintain a high level of password security and use two step verification where available.(see last months article on passwords)
• When out and about don’t access banking or email from unknown or free wireless access points.
• Don’t use web café for accessing your email or banking sites

Ebay Hacked – Change Your Passwords

eBay has revealed that it’s online servers have been hacked and the personal details of 15 million British users (that would include the Republic of Ireland) have been stolen. Another press release has stated that all 233 million eBay users personal details and passwords are now in the hands of hackers. Ebay has urged anyone using the site to change their password but in my opinion you need to do much more than this. This article outlines some basic security practices you should employ to ensure that when a site you are using is hacked it has a minimal effect on your security.

Managing Passwords

Protecting your passwords is probably the most important thing you can do with regard to your internet security. I say passwords because you should NOT use the same password on more than one site.

This is key to maintaining your security as once a hacker gets access to your data on any site their first ‘port of call’ will be your email account. If the password is the same you’ve just given them everything they need to scam or steal from you.

Storing Passwords

 I do not recommend storing your password list on your computer or a usb key or flash drive. Use the old fashioned method – buy a copy book and keep them completely off your computer. When writing them down ensure you do not make it too obvious what the password is for. Keep the list secure, and keep a copy outside the house.  If you must store the passwords on your computer you should employ an encryption program such as Truecrypt(click here to visit Truecrypt site) to create an encrypted area on the machine or usb device for the password list. Because of space limitations I cannot address use of encryption here but may do so in a future article.

Changing Passwords

Change your passwords at regular intervals and never reuse a password either on the same account or another account.

Password Format

You should ensure your password contains upper and lowercase letters numbers and extended characters. Don’t use personal information such as your date of birth as this is easily guessed. For example say we want a password of tin can alley. This is how you might actually create this password  tiN*caN#alleY@4026. Note the use of upper and lower case letters, extended characters *#@ and numeric characters. Avoid use of similar items across passwords and do not reuse numeric codes. Remember the hacker will have one of your passwords and will be working from that premise.

A Very Nasty Virus Coming Your Way

It was bound to happen and now it has. The nastiest computer virus I have ever encountered has hit Ireland and it’s coming your way. This is no ordinary virus in fact it’s revolutionary and it will set a trend which is likely to continue. It’s reported that one group of four individuals controlling it netted 27 million dollars from victims between October 15 to December 18, 2013.

Say hello to Cryptolocker potentially the nastiest virus to hit Windows computers to date.

What This Virus Does

This virus is different very different because it does one thing and one thing only, it secretly encrypts data files including documents and spreadsheets with a password and then demands a ransom of between 300 and 500 dollars. If you don’t pay there is no way to get your files back and you get a time limit after which the virus controller will delete the password to your files meaning they are gone forever. Even if you do pay the ransom you may not get the password to unlock your files.  Removing the virus from your computer is possible but it is not possible to unencrypt your files. 

What Files It Targets

The virus and variants are known to encrypt documents, spreadsheets, Outlook email and a host of other files. The virus will search and encrypt files on your local computer, network shares, usb connected devices and cloud storage if connect via a drive letter.

Infection Method

Currently the virus is known to spread via email messages which either contain the virus loader or else invite you to click a website link where the virus will automatically download and execute on your computer. The email will come from what appears to be legitimate source or it may come from a friend who has recently had their email hacked.

Defending And Preparing For It

There is only one viable defence for this virus, Frequent offline backups of your important data. To protect the backup disconnect it from the computer after the backup otherwise if you get infected the virus will encrypt it also. Do not rely on your anti-virus software to protect you. The risk to your data is simply too great.

Wikipedia article on this virus Click Here 

Oliver Reidy is a computer technician and has been in the industry since 1981.You can contact him via email at help.desk@reidyonline.com or at the telephone numbers listed on this page.

The End of Windows XP - Part 2

This is the second article in the series The End of Windows XP and will deal with replacing, should you so wish, your XP Computer. I’ve put up a series of webpages dealing with how to secure your XP computer post April 8^th which you can find at www.reidyonline.com/endofxp.htm

Replacing Your PC

Before you rush out to the store and plonk down a wad of cash on a new desktop or laptop you should take the time to consider if this is really necessary. The end of XP support from Microsoft does not mean you have to replace your computer provided you take the steps to protect it correctly. Having said that if you decide it’s time for a new pc you need to proceed with caution.

What’s Available and What NOT To Buy.

In the shops you’ll find laptops and a few desktops all running Windows 8. I do not recommend buying a pc with windows 8 unless you like to get upset. As an operating system it is just dreadful. Windows 7 Professional is still available but you will have to buy online and it appears only to be available on the higher priced models.

Processors

A good solid processor is the intel I5 coupled with 8 gig or more of ram. Don’t skimp on ram as windows, in all it’s variants, needs lots of it to run efficiently.

Disk Space

For the vast majority of users a 500 gig drive is more than enough space unless you plan to store your entire movie collection on your pc. You can save a few bob by selecting a model with a 500 gig drive.

Laptop Desktop or Tablet

I’m still a fan of desktops and believe they offer the best roi (return on investment) for the consumer. Tablets are good at what they do but will not meet all the needs of a traditional xp computer user.

Software

If you are an office user you may need to figure in the cost of a new office system which is not cheap. Gone are the days of cd’s for office. You’ll have to download it from the website and if you’ve got a poor connection this can be very time consuming. If the download fails you can purchase a dvd from Microsoft but they will charge you extra for it.

The End of Windows XP

Microsoft has announced that from the 8^th of April 2014 windows xp will no longer be supported and is officially obsolete. Microsoft is also ending support for Office 2003 on that date. This article outlines what steps you may need to take if your computer is currently running XP and also what impact the end of XP support may have on your system. You can read what Microsoft has to say by visiting Visit http://www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx

.

Steps You Need To Do Before April 8th

Audit Your PC

If you are running a small business on your xp computer you should audit the machine to see what programs, other than Microsoft office, you are using. Payroll, accounting packages, anti-virus packages, etc will all be impacted by the end of support from Microsoft.  Once you have a list then you should contact the suppliers to see if they will continue to support the software on xp after April. If they are not you’ll need to decide if you can continue without support and updates from them after that date. Bear in mind that many accounting and payroll packages require updating each year after the budget.

Decide Your Response

Based on the results of your audit you’ll need to decide to either maintain your xp computer or purchase a replacement.

Maintaining Your XP System

There are a number of solutions available if you need to continue to run xp applications after April. All of the solutions I have looked at require technical assistance and should not be attempted by non qualified personnel.

In the industry the primary fear is that once Microsoft stops providing support and updates the hackers and virus writers will search for any remaining weak spots in XP and use them to attack xp computers. This is a real threat and is not to be taken likely and without the correct solution there is a real chance your xp machine will be compromised.

Browsers and Java.

Many of you will be users of Java for online banking and Revenue on line. If Sun decides to stop providing updates for Java on xp you will be unable to use these sites. Likewise if sites such as your online banking require you to have a version of internet explorer greater than version 8 you will not be able to use these sites.

Replacing Your XP Computer

Next month I’ll deal with the issue of replacing your xp computer before the April deadline.

Beware Wolves Bearing Gifts

This is the first in a series of articles dealing with the every growing threat posed to you by the internet. It seems like every day now I hear of some unfortunate soul who has been scammed in one way or another by someone on the internet. Protecting yourself from their clutches involves some work on your behalf but if you follow the advice contained in this series of articles the chances of them getting into your wallet will be seriously reduced. “Knowledge is Power” so take the time to read these articles.

Fake Websites
Fake websites rely on our inherent tendency not to fully read what we see on our computer screens. As creatures of habit if the screen appears to be something familiar we automatically assume it is legitimate. Internet thieves depend on this flaw to fool you into thinking you are visiting one of your regular websites.
Fake websites pretending to be :Banking sites, Hotmail, Gmail and Paypal come on line everyday.

 To get you to visit the fake site the scammers rely on two primary methods:
Fake emails and fake links within emails.

How To Avoid Fake Websites
1.    Do Not respond to an email asking you to reset or change your password to any of the websites where you transact money or your gmail or hotmail accounts.
2.    Do not accept any telephone calls where the caller claims they work for Microsoft or some other computer company and they have detected a problem on your computer. No computer company will ever call you in this manner. Do not engage or talk with these individuals – hang up!
3.    Suspect all emails which tell you that something is wrong with your online accounts and never click on any link within these emails or respond to the email. Delete it.
4.    If you get a email telling you a friend has been injured, is in jail, needs your assistance, or is in hospital ignore it. Call the friend if you need assurance. Internet thieves once they have hacked an email will immediately send out these types of emails to all contacts in the hacked address book.
5.    Always check the address of the website at the top of the screen before your login. A favourite tactic of thieves is to download spyware to your computer and change your favourites in your internet browser to point at fake websites.