Ransomware Being Spread Through Fake Windows 10 Update

September 24th, 2015

Windows 10 update screen

Microsoft began rolling out Windows 10 as an update to customers on July 29th. Not even two months later, the first example of a Windows 10 update being used as a smokescreen to distribute malware has been spotted. Specifically, this scam convinces users they’re downloading the Windows 10 update, when in reality they’re adding CTB Locker to their hard drives, which is a nasty form of ransomware. Here’s what you need to know.

The scam starts with an email, as many of these types of scams do. This one appears to be directly from Microsoft at first glance. While the email address appears to be legitimate and the subject reads ‘Windows 10 Free Update’, there are a couple of giveaways that this offer isn’t on the level. Most notably, if you’re already a Windows user, Microsoft probably isn’t going to contact you via email to distribute your upgrade. Think about how Microsoft typically offers updates to your current operating system. Rather than emailing you each time a new update or patch is available, these new files are either downloaded automatically or you’re notified directly on your desktop. If you’ve been paying attention, you’ve probably seen a notification giving you the option to upgrade to Windows 10 already.

If users fail to recognize this and follow the emails offer, however, they’re directed to a site to download files purporting to be Windows 10. It’s unclear how official this download page looks, but this is a good reminder not to download anything by following an emailed link. If this were a legitimate offer from Microsoft, you should be able to go to their official website yourself and find a way to download the update. Instead, users in this scam are downloading ransomware and then installing it on their devices.

With CT Locker unleashed, users see a warning pop up that informs them that their files have been encrypted and a ransom is demanded in order to unlock them. This ransom is 2-bitcoins, or about $600 and users are given 96 hours to comply. After that period, files are presumably lost forever. In most cases, these files aren’t unlocked and the malware isn’t made dormant even when a payment is submitted.

These emails have been spotted by users in the US, Russia, India, France and a number of other countries. While this is the first instance of Windows 10 being used in a malware scam, it’s not likely to be the last. The Windows 10 update is a perfect opportunity for cyber criminals to use these types of scams while users are already expecting to download files.

If any of your devices have been infected with malware and viruses, or just aren’t working the way they should, stop by and see us at Geek Rescue near 61st and Memorial, or give us a call at 918-369-4335.

New Features Included in iOS 9

September 18th, 2015

iPhone on desk

Apple’s latest version of iOS became available earlier this week. If you’re still wondering whether or not it’s worth it to download iOS 9 for your Apple device, browse through this list of features compiled by Gizmodo. Here you can see a non-exhaustive list of what you can do with iOS 9 that was impossible with iOS 8.

  • Split screen

Now it’s easier than ever to use two apps at once. The Slide Over feature is designed for iPad users and brings up a second app as a sidebar. Just swipe your finger from the right edge of the screen in. For iPad Air 2 and iPad Pro users, Split View is available by tapping and dragging the app currently using Slide Over.

  • Go back

Android users have had the advantage of an always available Back button to return them to the previous screen or website. Now, Apple has introduced an easier way for their users to do the same thing. With iOS 9, a Back button is available in the top left corner of the screen at almost all times. Now, instead of double tapping the Home button, you can just hit Back to go between Apps.

  • Write on email attachments

When you open an email attachment, you can now draw or write on it using the Markup feature. When you open an attachment, look for the Markup button. If it’s not there, try pressing and holding on the attachment. Using this tool allows you to draw with your finger to highlight, edit or make notes.

  • Zoom in on video

In past versions of iOS, you could pinch and zoom images, but not video. Now, pinch and zoom almost anything. That’s not the only video upgrade either. Open Settings>>Photos & Camera>>Camera for alternative ways to choose video and slow-motion recording modes.

  • Block ads

Safari now supports mobile ad blockers, or Content Blockers as they’re referred to in Settings. These work similarly to ad-blockers that have been built into desktop browsers for years. This makes an even bigger impact on your phone where resources are constantly at a premium. The only catch is that Apple doesn’t supply a Content Blocker to users. You’ll have to go find and install one yourself.

  • Manage your battery

If you’re running low on battery, but you’re no where near a charger, this iOS 9 feature will be a lifesaver. Low Power Mode can be activated and add up to an hour to your battery life. By turning off some background processes, you’ll get to use your phone for longer and generally won’t notice much of a difference in performance. You can tell when Low Power Mode is on because your battery icon in the top right corner will turn yellow and you’ll see a percentage of the battery that’s left.

  • Read the news

To be fair, you could read the news just fine in iOS 8. However, iOS 9 is bundled with a brand new News app that offers some additional features to make reading the news easier. Content included is curated from carefully chosen partner publishers and articles are specifically formatted for your iOS device.

There are many additional features and capabilities you’ll get when you upgrade to iOS 9 too. If you experience any difficulties, bring your device to us at 61st and Memorial and we’d be happy to help. We’ll also keep your older devices running in case an upgrade isn’t in your near future.

Malware Subscribes Android Users To Premium SMS Services

September 10th, 2015

Play Store icon on smartphone

When you download an app for your smartphone, do you take the time to read the list of permissions? Most of us may quickly skim the permissions but ultimately fly by it like we do a new iTunes agreement. Doing so could leave your phone vulnerable to a variety of malware attacks and the latest threat to Android users is intelligent and could cost you hundreds of dollars.

It’s called Android.Trojan.MKero.A and it’s made its way into the official Google Play Store and infected legitimate, trusted apps. No one has been able to figure out how its infiltrated the Play Store, but it’s been found in at least 7 apps. The apps it has attached itself to are popular enough to have been downloaded up to 500-thousand times.

If you’re wondering if the Play Store has security in place to keep malware threats like this out, it does. This particular malware has eluded Google Bouncer, the app vetting system, however.

It’s purpose seems to be to silently subscribe victims to premium text messaging services. These can cost anywhere from 50-cents per message to more than a dollar. They require a few steps to ensure the user is aware of what they’re signing up for and notifications to alert the user they’ll begin getting charged. This malware threat is able to navigate all of that, however, to keep the user in the dark while the service begins.

First, the Trojan is able to use multiple steps to bypass CAPTCHAs, which are in place to prevent this type of fraud. Then, it claims administrative privileges, which a user agreed to when downloading the original app, to block notifications from the premium service. At this point, the costly messages can begin and, if the user isn’t quick to act, can add up quickly.

Google has been alerted to the presence of this malware in the Play Store, but no further announcement has been made. Back in March, Google implemented new procedures designed to keep malware out of the Play Store, but they’ve proven not to be enough in this specific instance.

When you download an app, be sure to carefully read the permissions and reconsider downloading if it requires giving the app administrative privileges. It’s also a good idea to install a trusted anti-virus app that can scan your device for malware already present.

If you’re worried your device is infected or just isn’t performing like it used to, bring it to us at Geek Rescue. We fix all kinds of devices with software and hardware issues. Stop by our shop at 61st and Memorial in Tulsa or call us at 918-369-4335.

3 Browsers That Offer Security and Privacy

September 2nd, 2015

Laptop with secure browser

There are a number of tools and tactics that are key to keeping your data safe online. Your choice of browser is your first line of defense. While all browsers claim to offer secure browsers, and many can be tweaked and upgraded to become more secure, there are a select few that are inherently considered secure browsers. With the security they bring, these browsers also offer little in the way of extra capabilities, tools or options so they aren’t for everyone. But, if you’re only consideration is security, consider these browsing options.

  • Epic Privacy Browser

With a name like Epic Privacy Browser, or Epic, for short, it better deliver a secure browsing experience. And it does by stripping out every possible extra feature. If you’re used to using Google’s Chrome browser, Epic will feel familiar, but it will also feel like a more minimalistic experience. To achieve its epic privacy label, this browser eliminates all cookies and trackers every time it’s closed. Searches are filtered through the Epic servers, which eliminates the possibility that an IP address can be connected to a search. It even uses SSL connections whenever possible to keep users safe on open Wi-Fi connections. The one notable downside is that Epic doesn’t include malware and anti-phishing protection that can be found on many other browsers. But for strictly private browsing without a risk of allowing your history or data to fall into the wrong hands, it’s tough to top Epic.

  • Comodo Dragon

In addition to a number of intriguing security and privacy settings, Comodo’s browser entry also allows you to easily pick up where you left off with Chrome or Firefox. With the Dragon browser, Chrome users can use many of the same plug-ins and import their bookmarks and saved passwords. Firefox users can do the same thing with Comodo’s Ice Dragon browser. This results in a secure browser that also brings a variety of options and features, which is a rarity. Some users have complained that the additional bells and whistles are excessive, however, and potentially open holes in the browser’s otherwise staunch security. As for the actual security features, Dragon has a tool to filter suspect URLs as they’re accessed and allows you to use their SecureDNS servers for the browser and other applications if you choose.

  • Tor

Arguable the most well-known browser out of this group, Tor is built on a modified Firefox browser and is available to Windows, Mac and Linux users. Much like the Epic browser, however, its focus is on privacy rather than security. There are no anti-malware tools and does not block plug-ins. But, through hidden relay servers, Tor is able to keep users almost entirely anonymous provided they stay on HTTPS connections. Tor also comes with a drop in performance from other browsers. Really, it’s only concern is privacy at all costs, and there are several associated costs. But, what it claims to do, it does quite well.

If your chief concern while surfing the internet is that someone will be able to track your movements, or steal information from you, these browsers do an excellent job of security. They don’t all keep you from downloading infected files, but by using these in conjunction with other tools and being intelligent about your online habits, you can stay safe from most threats.

At Geek Rescue, we offer a range of services that help you overcome problems with your various devices. From malware infections, to hardware issues, call us when your computer, tablet or smartphone is acting up and we’ll make it work again.

3 Holiday Related Attacks To Watch For

December 15th, 2014

Woman shopping online

The holiday season is typically a busy season for hackers and malware developers. With increased activity online because of online shopping, ecards, emails and more holiday festivities, there are also increased opportunities to infect users with viruses or steal their information. A post at Spyware News details some common methods used to victimize users around the holidays in the past. Here are three to watch for this year.

  • Fake websites

Think about all the website you visit for the holidays. You may buy airline tickets, book a hotel and order gifts in one afternoon. You’ll also likely be checking you bank accounts during this spending spree. Unfortunately, cyber criminals know that there are millions of other people like you spending money online and they know you’re always looking for a great deal. That gives them the opportunity to make fake websites, or spoof legitimate sites like your bank, in order to infect your computer or steal your payment information. Spotting a fake site can be difficult, depending on how much time has gone into crafting it. An old version of the company’s logo, typos or a missing security step could clue you in. It’s also important to keep your browser and antivirus program updated since they can sometimes alert you to a suspicious website.

  • Spam email

Spam coming to your inbox isn’t a problem specific to the holidays, but there are some scams that attempt to use your excitement for the season against you. Many users are directed to the fake websites mentioned above after receiving an email promising a great deal or telling them they’ve won a contest. As always, following links in your email is a risky business. Be especially wary of attachments because that’s a common method for delivering malware. It sounds easy enough to not open attachments, but they’ll be labeled with something enticing that will be difficult to resist.

  • Unsecured WiFi

Not everyone does all of their shopping online. There are still plenty of folks who go out to get their shopping done, but there are dangers there too. Free WiFi at department stores or coffee shops is a convenient way for you to use your smartphone while shopping, but they also allow those with a little know-how to monitor your activity and steal your information. Never make purchases or enter passwords while on a public, unsecured connection.

If you are online during the holidays this year, you’re likely to encounter at least one of these tactics. Staying safe involves have an updated antivirus program installed and being cautious with your activity.

If you do fall victim to one of these attacks, call Geek Rescue at 918-369-4335.

3 Tips For Keeping Data Secure On Public WiFi

November 17th, 2014

2 women using laptop in public

Many users mistakenly believe they’re safe on a public WiFi connection or never consider their security at all. For example, if your smartphone is set to automatically connect to available networks, you could be putting your data at risk every time you walk into a business with complimentary WiFi. The risk isn’t from the websites or apps you use, but rather from others who are also connected to the same network. At Lifehacker, Whitson Gordon recently published some tips for how to stay safe while connected to free WiFi. Here’s what you need to know.

  • Sharing

Many users have enabled the sharing of files or printers, but these settings leave the door open for anyone on a public network. Especially if you’re using a laptop that’s typically connected to your home or work network, you’ll want to go in and check the sharing settings if you’re planning to do some work on an unsecured network. If you’re using Windows, you can access these settings through the control panel. Go to ‘Network and Internet’, then ‘Network and Sharing Center’ and select ‘Advanced Sharing Settings’. On a Mac running OS X, go to ‘System Preferences’, then ‘Sharing’ to disable sharing options.

  • HTTPS

When you connect to an unsecure website over HTTP, data exchanged is transferred over your network in plain text, rather than being encrypted. This becomes a major issue when the data involved is sensitive like your log-in information or credit card number. That’s why it’s important to check in your browser’s address bar and see if HTTP or the more secure HTTPS. Most of the websites you visit regularly, like Google and Facebook, will automatically default to an HTTPS connection, but other sites can use one just by manually entering “HTTPS://” in front of their URL. This will encrypt the data being sent from your device to the website and back, but it isn’t completely foolproof. In most situations, it’s better to just wait until you’re on a more secure network to conduct any business that requires you to enter sensitive information.

  • Turn off WiFi

This is probably both the simplest and most effective security tip. If you don’t want to worry about security and aren’t actively using the internet, turn off WiFi completely. If you have to work in a public space like the airport or a coffee shop, think about what you can do offline and try to finish those tasks first. If you have to use the internet, don’t leave your connection open once you’re done with it, or even if there’s a prolonged dormant time. Similarly, make sure to turn off automatic connections to networks in your mobile devices to avoid them connecting to unsecured networks without you knowing.

There are those who believe you’re never truly safe on a public network without using a virtual private network, but these tips will help keep you adequately secure in most situations.

For help improving the security on your devices, or for help removing malware and other problems, call Geek Rescue at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

What Is The FBI Android Virus And How Do You Remove It?

November 6th, 2014

Virus shown on smartphone screen

Ransomware, forms of malware that lock down your device and demand a payment, or ransom, to release your files, have seemingly increased in usage in the past year, but the earliest forms of ransomware have been around for longer than that. The FBI virus began infecting computers several years ago and uses the same scare tactics seen in freshly minted ransomware. As reported in a post on Spyware News, the FBI virus has now been adapted and evolved to infect Android smartphones and tablets.

Common methods of infection stem from malicious email attachments, or false alerts on websites asking you to update Adobe Flash, Java or a similar program.

Once the malware infects your device, it quickly locks it so you can’t access any apps or files and displays an alert claiming to be from the FBI. The alert demands $300 to be paid within 48 hours.

Although seeing this type of warning is surprising and jarring, there are many clues that this is a hoax. Most notably, the warning is littered with typos and poor grammar, which is a common characteristic of malware and malicious emails.

While it can be extremely difficult to by-pass this malware, under no circumstances should you pay the fine asked for. There’s no guarantee that your device will be unlocked if you do and that money goes to prolong this threat. The FBI Android virus, in fact, doesn’t actually encrypt your files so removing the malware should fully restore your system. So, how do you remove it?

  • First, turn off your device and restart in Safe mode. To do so, turn it on and hold the menu button with one of, or both of, the volume buttons, depending on your device.
  • Once in Safe mode, go to Settings, and click on Apps or Application Manager. Find any suspicious apps you don’t recognize. The FBI virus typically disguises itself as a video player or an app called ‘ScarePackage’ or ‘BaDoink’. Uninstall the suspicious app.
  • Restart the device to see if it has been restored.

If these steps don’t work, it’s not a lost cause. You’ll just need a little more expertise.

If you’ve been infected by the FBI virus or any other type of malware, Geek Rescue will help. Come by or give us a call at 918-369-4335.

For your business needs, visit our parent company JD Young.

New Malware Threat Hides In Your Registry

November 3rd, 2014

Malware written on circuit board

It seems a new malware threat emerges practically every day, but most threats have a lot in common. They gain access to your device in a similar fashion and are fixed or bypassed in a similar fashion. A new threat reported on the Symantec blog, however, is unique. Trojan.Poweliks isn’t like other malware that exists as a file on an infected machine. Instead, this particular form of malware hides in the computer’s registry.

Trojan.Poweliks still infects computers the way most other forms of malware do. Users are commonly infected through spam emails, malicious links and exploit kits. Users have reported seeing emails claiming to alert them about a missed package delivery. Opening the email and downloading the attachment leaves them infected.

Once a machine is infected, the trojan disguises itself as a registry subkey. That means most users will never be able to find it.

While it’s hidden, the malware receives commands remotely from the attacker and can take all sorts of nasty actions to cripple your computer and monitor your activity.

Staying safe from these types of threats requires both intelligent web use and proper security tools in place. An updated antivirus tool will catch many of these threats, but if you’re among the first users infected, your antivirus won’t be able to recognize the latest form of malware. That’s why your first line of defense has to be to avoid where these threats are commonly found. Don’t download suspicious email attachments or follow links sent to your email. These practices will help keep you out of harm’s way.

If you’d like to improve the security on any of your devices, or need help getting rid of malware that’s infected your machine, call Geek Rescue at 918-369-4335.

Android Ransomware Spreading Quickly Through US Users

October 22nd, 2014

Android Smartphone malware

A new Android ransomware threat is spreading fast thanks to it adapting to become a worm spread through text messaging. The Koler Android trojan was discovered by AdaptiveMobile in the United States and managed to affect hundreds of users in just one day. John E. Dunn of TechWorld explained how the Koler trojan is spreading so rapidly.

Koler began infecting victims who visited untrusted websites like porn and gambling sites. Many examples of mobile malware stays quarantined to those areas and never becomes a large scale problem for the general public. Koler, however, transformed into an SMS worm, which means it sends a shortened and disguised link via text message to everyone in an infected user’s contacts. That link appears to be from the user, which results in many of their contacts clicking on it and being infected themselves.

Those that click on the link are sent to a Dropbox page and asked to install a photo viewing app in order to see some photos that “someone” has uploaded of them. Agreeing to this download results in the Koler trojan to take quick effect.

Almost immediately, the user’s screen is blocked by a message supposedly from the FBI. A ransom is demanded to unlock the phone. Meanwhile, that same link is sent to the user’s contacts.

The good news is that if the default security options are enabled on your Android device, the download of the malware should be blocked because it stems from a third-party. However, many users have already discovered that their security settings aren’t configured correctly to protect them from a threat like this.

The make-up of this attack isn’t complicated, which means it’s also fairly straightforward to disable it. Dropbox has already been asked to remove the download from its servers and disable to link. Attackers could easily move their malicious files elsewhere and continue to victimize Android users, however.

If your device becomes infected by malware, Geek Rescue will fix it. Stop by or give us a call at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

Four Reasons To Upgrade To OS X Yosemite

October 16th, 2014

Mac with OS X Yosemite

The latest version of the native operating system for Macs was officially released today. OS X Yosemite takes the place of OS X Mavericks as the latest and greatest operating system available. Overall, the functionality of Yosemite is similar enough to previous versions of OS X that it won’t feel foreign to everyday users. However, there are some key features and additions that you should be aware of. At Lifehacker, Thorin Klosowski published a list of what you need to know about OS X Yosemite. Here are the main points.

  • An Upgraded Spotlight

By pressing Command and spacebar, you’re able to open ‘Spotlight’, which isn’t new to Yosemite. But, it’s much more useful now than it was previously. In addition to using Spotlight to search your hard drive for applications and files, users are able to search the web, find content on iTunes, read the news, check for movies playing in local theaters and much more. Spotlight has become more of a one-stop feature to help users with whatever they’re currently doing.

  • iCloud Availability¬†

Yosemite has turned iCloud into an easily accessible storage feature, which is probably closer to the way it was originally envisioned. Similar to Dropbox, users are able to upload just about anything to their iCloud account, then access it from their other devices. The simplicity and ease of access makes you wonder why this isn’t the way iCloud has always been.

  • A Better Notification Center

How do you improve the Notification Center in Yosemite? By making it customizable with widgets. Head to ‘System Preferences’ to view a list of available extensions. Soon, third party extensions will also be available, which means your Notification Center can sync with extensions from Apps you’re already using. To add widgets, open the Notification Center and click ‘Edit’.

  • More Mail Features

While the Mail app in Yosemite looks similar to what was featured in OS X Mavericks, it actually includes a number of handy extra features. You can now sign PDFs and other documents directly within the Mail app without adding a third party app. There’s also a ‘Markup’ button that allows you to make notes on images before you send them. Finally, send larger files via the Mail Drop feature. Instead of attaching large files directly to an email, Mail Drop uploads them to iCloud and sends them to your Contact.

With OS X Yosemite just being released, it may be wise to wait to upgrade. While a public beta version has been available for quite awhile, there are still bound to be some bugs in the days following this official release.

If you’re having issues with your Mac, or any other device, Geek Rescue is here to help. Stop by or give us a call at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.