May 21st, 2014
A typical internet user has too many online accounts to manage a unique, strong password for each one. While passwords are still the primary form of security for many important online accounts, being able to realistically keep track of a different password for all of them, which is recommended, is nearly impossible. Ian Barker of Beta News published some tips on how to keep up with passwords when there are seemingly too many to manage.
A recent survey revealed that more than half of internet users have more than 20 active online, password protected accounts. Another 27-percent have between 11 and 20 online accounts. Can you keep 20 different passwords of varying length and using numbers, letters and symbols straight? For that matter, can you keep 11?
For most of us, the answer is a resounding ‘no’. This leads to bad habits. Reusing passwords is common. Using easy to guess passwords is too. This leads to accounts being compromised, which leads to identity theft and other serious problems.
One answer is to use a password manager. There are plenty of trustworthy managers available that will store all of your passwords behind one master password. Many managers even log you in automatically to your accounts. Less than half of internet users are using password managers, however.
The other option, and one that is much more realistic than keeping track of dozens of different passwords for different accounts, is to identify which accounts hold the most valuable information. Banking and credit card sites are obvious choices for your strongest passwords. Don’t overlook ecommerce sites that have your credit card information, address and other personal information stored on them. Also, consider how costly it would be for a criminal to gain access to your social media accounts. Finally, your primary email address, which likely is the destination for password reset messages from other accounts, is vital to protect properly.
Each of these accounts demands a long, strong, unique password to minimize the risk of it being hacked. Some, like email and social media, can even use two-factor authentication to up the security ante even more.
Other accounts, however, don’t need as much attention. An account for a message board, news site or other site where a username and password are the only information at risk don’t necessarily need strong, unique passwords. If these accounts are hacked, you won’t lose much.
For many users, concentrating solely on their most valuable online accounts limits the amount of important passwords to less than ten, which is much easier to manage.
If you’ve been the victim of an attack and need help recovering or help improving security at your home or business, call Geek Rescue at 918-369-4335.
May 6th, 2014
Once your computer is infected with malware, it can be a long, complicated process to remove it. An infected system is at risk for data loss and risks spreading the malware to other computers. The best security is to keep the infection from ever happening. To do that, you need to know where malware infections typically stem from. At Business New Daily, Sara Angeles lists the most common tactics taken by malware to infect users.
A decade ago, pop-up ads were common online and were a common way of spreading spyware and other malware. The use of pop-ups has significantly decreased over the years and online advertising has become much more legitimate. However, there are still plenty of malicious online advertisements that have the singular goal of infecting users. Sometimes referred to as malvertisements, online ads exist that are capable of infecting users without even a click. The display of these ads can be enough to install malware on your machine. Usually, these ads are found on less than reputable websites, but through an intelligent attack, they’ve been known to plant themselves on trusted sites from time to time.
The traits that make social media so popular are also the primary reasons why it’s often the route of attackers. Messages received on social media are trusted because they appear to be from a friend or recognized contact. There’s also the sheer number of users. An attacker has a better chance of seeing his malware spread to thousands or millions of users on social media than through other avenues. Facebook messages and Twitter DMs are common ways to spread malware, but there are also malicious Twitter accounts that tweet out spam and malicious website links.
Smartphones enjoyed a short period of safety from malware, but as the mobile audience has grown, so has the amount of malware targeting it. Android users are at a much higher risk of malware due to the operating systems open source nature, but iPhone users have seen their share of security scares also. Malicious apps that are either downloaded from a third party or infiltrate the official app store are usually to blame for a mobile malware infection. Malware can also be spread to mobile devices through text messages, emails or through infected websites.
Regardless of the number and effectiveness of security tools you have in place, an unsuspecting and uneducated user is likely to encounter plenty of malware. Even those that know not to click suspicious looking links or download apps from outside the official app store can be duped. Malware developers use social engineering to manipulate users and make links irresistible. They play off of current news stories and promise deals that are too good to be true. If it didn’t work, they’d stop doing it, but there’s no end to these tactics in sight.
Much like social media, nearly every internet user also has an email account. Malware is commonly spread as an attachment to spam messages that claim to be from a trusted business, website or government agency. Users who download these attachments have their computer infected with malware, and often end up spamming their entire address book with malware and malicious links. This is another problem as other users receive messages that appear to be from a friend and instinctively trust the contents.
Malware is becoming more intelligent. Recent attacks have been able to hide themselves from security tools or encrypt a user’s files.
If your device is infected with malware, bring it to Geek Rescue or call us at 918-369-4335.
April 30th, 2014
A popular method of attack for cyber criminals is to gain control of a legitimate email account and spam the user’s entire address book. This gives them a much better chance to infect more users as their spam emails appear to be from a trusted contact. This method is annoying when it’s highly targeted and affects only a few dozen email users. It becomes much more than an annoyance when potentially millions of users are affected. At CNN, Jose Pagliery reports on a hack on AOL that has potentially compromised millions of email accounts.
It’s not known yet exactly how many email users had their information stolen in this large scale attack on AOL. Currently, the company reports that only 2-percent of their email accounts have been observed spamming others. But, of their 120-million email account holders, anyone could be affected.
AOL also warns that it isn’t just the ability to spam your friends that’s at stake. The attack could also give hackers access to postal addresses, log-in credentials and answers to security questions.
This is such a large scale attack that everyone needs to be warned about it. With millions of contact lists at risk, nearly every email account in the US could be hit by AOL spam in the coming weeks.
There’s also the concern about abandoned AOL accounts being revived to send out spam. A significant number of AOL email accounts have been dormant for years. However, attackers are still able to gain access to these accounts and spam their contacts. Because this is a seldom used, and often forgotten about, account, it could take longer to mitigate the issue than an active account that a user checks every day.
AOL has successfully begun redirecting emails sent through these malicious methods into users’ Spam folders, but little else has been accomplished so far. All users with an AOL account, whether it’s being used currently or not, are advised to change their passwords as soon as possible. It’s also a good idea to change other important passwords that share commonalities with your AOL password.
If your computer or email has been the victim of an attack, or you’d like to learn about additional security and spam filter options, contact Geek Rescue at 918-369-4335.
April 24th, 2014
How can you be sure that an email from your bank is what it claims to be? That’s a vital question in the wake of news that the latest spam and malware threat commonly springs from emails resembling messages from banks such as Wells Fargo and Lloyds Bank. Malcolm James of the All Spammed Up blog reports that the way malware is hidden in these spam messages and the way it then attacks your machine is troubling.
The emails come with an attachment. This attachment actually features another file within it, which contains malware. It’s a bit confusing even to write, which means it’s difficult for spam filters and antivirus tools to catch. Users will see a .ZIP file that claims to be a secure message from the bank and even features password protection. When opened, however, the user’s computer is attacked by the Upatre Trojan.
Upatre is the root of the problem, but it doesn’t do any real damage itself. It’s job is to communicate with the attacker and download more harmful malware to your system. The Zeus banking trojan is the first malware to download. It’s designed to steal your online banking log-in credentials. The Necurs malware is also downloaded, which is able to attack and disable security tools. This allows for a load of other malware to infect and attack your machine.
While many attacks of this nature are centralized overseas, the use of Upatre targets the United States almost exclusively. About 97-percent of recorded attacks using the trojan have targeted American users.
One of the issues with this style of attack is that users may not know they’ve been infected with anything for some time. Considering banking passwords are at stake, that’s an extremely dangerous risk.
To stay safe, users must resist the urge to open suspicious looking emails. An email from your bank may not seem suspicious, but remember that banks and other legitimate businesses likely won’t attach a file to an email unless they’ve told you ahead of time what they’re sending. If you have questions about an email, call your bank directly and ask them rather than risking malware infections.
If your computer or other device has been infected with malware, call Geek Rescue at 918-369-4335.
April 11th, 2014
A common piece of advice is to keep applications updated, especially antivirus programs, to try to keep up with constantly evolving cyber threats. At Dark Reading, Tim Wilson reports on the recently released Websense 2014 Threat Report that finds advanced, targeted attacks are more prevalent than ever before. This means that relying on out of date malware definitions and failing to patch vulnerabilities quickly are more likely to cause users to become victims of an attack.
Websense reports preventing more than 4-billion attacks in 2013. Almost all of these attacks were intelligently designed to by-pass traditional security tools and pursue confidential data. The worry is that not only are the highly targeted, advanced attacks able to fool traditional security infrastructures, but attacks considered more common and able to affect users on a large scale are also using advanced tactics to avoid detection and prevention.
A common attack tactic is the use of malicious links, either on a website or included in an email. Clicking these links causes the download of malware, or directs users to phishing sites designed to steal log-in credentials or other important information. In 2013, 85-percent of these malicious links were found to be located on legitimate, trusted websites that had been compromised. This makes it exponentially more difficult to recognize and prevent this style of attack because the website being used isn’t designed as an attack site.
About one-third of all malicious executable files discovered in 2013 contained custom encryption of programs designed to remotely take control of a system or mine data from it.
There were also a reported 67-million exploit kits discovered throughout last year. An exploit kit is a way for developers with expertise to design an attack and sell it to others to be easily customized and launched at the target of their choosing. These kits make it easier for more criminals to launch an attack because it only takes money, rather than expertise.
The takeaway from the Websense report is that no user is safe. There are so many threats to your safety, you’re bound to run into one eventually. This report also speaks to the importance of being proactive in your security. Update and patch often and be looking for new ways to protect your network.
For help improving the security of your network at home or at the office, or for help recovering from an attack, call Geek Rescue at 918-369-4335.
March 31st, 2014
Email has become a tool that most of us check and use multiple times per day. Businesses run on email and it’s vital for many users to have constant access and an ability to quickly respond. Accessibility is one of the primary reasons that webmail has surged in popularity. Services like Gmail allow users to have access from virtually anywhere with very little downtime. As Alan Henry of LifeHacker explains, however, there are still some benefits to using desktop email clients like Microsoft Outlook.
While webmail is portable and mobile, it requires an internet connection even to read emails stored in your inbox. While there are fewer and fewer environments where you have to be without an internet connection, there are situations where you’re required to work without one. When that happens, desktop email has the advantage. With a platform like Outlook, you’ll be able to read old messages, organize your inbox and queue up responses to send once a connection is available. This helps you be productive in an otherwise unproductive environment or ensures that an email with valuable information is always available even when your internet connection is having issues.
Have you ever considered what would happen if your email account was suddenly deleted? If most users lose access to their account, they likely lose access to many contacts and vital information. That’s why it’s important to regularly back-up everything stored in your email and back-ups are much easier to create and manage yourself with desktop clients. You’re able to back-up messages stored in your inbox and sent folder, all of your contacts and even your folder structure. This way, if you need to change email provider’s or the unthinkable happens to your account, you’ll have everything you need to pick up where you left off.
To be clear, it’s certainly possible to encrypt webmail, but it usually requires handing at least some control over to a third party app or add-on. For the most secure encryption, you’ll want to store keys and generation tools yourself. To do that, you need a desktop email client. Email is constantly at risk to be hacked or messages intercepted. If you’re sending valuable information via email, you should at least be encrypting it. Effective encryption for desktop mail can be implemented quickly.
There are pros and cons to both webmail and desktop email so you’ll want to carefully diagnose how you regularly use email to help you decide which option is best for you.
Geek Rescue has all the email solutions you need. From hosting email, to setting up your office with Microsoft Exchange, to improving email security and fixing issues, we have the answers you need. Call us at 918-369-4335.
March 26th, 2014
The danger of a zero-day exploit is that users are left vulnerable to a known vulnerability while a manufacturer scrambles to patch it. This can sometimes result in weeks of known vulnerabilities being available to attackers. The latest zero-day reported involves Microsoft Word and would allow for remote code execution if exploited. A post at the Symantec blog explains the details of this issue.
Microsoft has alerted the public through a security advisory that the Word exploit exists, but have not yet released a patch that fixes it. In the advisory, they report that attacks, although limited, have been observed using this exploit in the wild. Those attacks have only exploited Word 2010, but other versions are considered vulnerable. Those versions include Word 2003 and 2007, Office for Mac 2011, Office Web Apps 2010 and Office Web Apps Server 2013.
Unfortunately, there have been no specific details released about how attackers are exploiting the vulnerability. The issue comes from opening a malicious .RTF file with Word. But, even previewing an .RTF file attached to an email in Outlook could allow an attacker access to a user’s system. So, the attack could stem from malicious email attachments, or it could stem from websites that trick users into downloading and opening a file.
There has been a temporary solution released through Microsoft’s FixIt tool, which makes it impossible for Word to open any .RTF document until a more permanent solution is found. Similarly, Outlook can be configured so that previews of attachments open as plain text, rather than through Word, which would also serve as a temporary solution, but could also be a safer way to operate from now on.
All Word and Outlook users are urged to watch for a patch that fixes this vulnerability and update as soon as it’s made available.
At Geek Rescue, we help help make your computer and your network as secure as possible. We also help you recover from attacks. Call us at 918-369-4335.
March 20th, 2014
There are a number of resources online to help you protect yourself from malware infections. From security tools to tips and best practices for avoiding malware, it’s fairly easy to learn how to create an effective security infrastructure for your home network. What happens if malware is still able to get through, however? At the BullGuard blog, Kirsten Dunlaevy published a list of helpful signs that your computer may have been infected. Here’s what you need to watch for.
We’ve all experienced the frustration of having your computer freeze while you’re in the middle of working on it. That could be a one-time problem, a compatibility issue with an application or it could hint at a malware infection. If you’re seeing a growing number of problems like freezes, sudden shut downs or restarts and applications not working properly, the most likely cause of your problems is malware.
The internet used to run on pop-ups, but most legitimate sites have stopped using them. Now, if you see pop-ups, it usually means you’re on a site that’s not trustworthy or that you’ve been infected with malware. Especially if you see pop-ups when you aren’t using a web browser, it’s likely that there malware hiding somewhere on your system.
- Suspicious email and social media messages
Even if your computer is absent of any other signs of malware, your email and social media profiles may tell a different story. Be sure to regularly check the “Sent” folder of your email to make sure that everything that appears there is actually messages you’ve sent. If you see messages with suspicious looking subjects, it’s likely that malware has been used to hack your email and spam your contacts. Similar problems can plague your social media profiles. Facebook and Twitter are particularly at risk.
If your computer has none of the above problems and seems to run normally, it doesn’t necessarily prove the absence of malware. As threats grow more intelligent, they’re increasingly able to hide evidence of their actions. Some malware tampers with antivirus applications to make it appear that your system is clean when it’s not. Or, malware can even trigger a false positive to make you feel secure after dealing with the supposed threat.
Keeping malware from infecting your computer starts with putting security tools in place and practicing smart, safe surfing online. Then, it’s important to stay vigilant and watch for signs of infections. Also, be aware of actions you take that could potentially lead to a malware infection.
If you’ve been infected with malware, or are just having issues with any of your devices for unknown reasons, call Geek Rescue at 918-369-4335.
March 18th, 2014
Phishing scams are a common threat of the internet. If users aren’t careful, they can easily be tricked into giving away log-in credentials and other valuable information without even realizing they’re being scammed. At Gizmodo, Adam Clark Estes reports on one of the latest and trickiest phishing scams to hit the web.
The reason this scam is so tricky is because it manages to avoid some of the usual tell-tale signs of phishing. It begins with an unsolicited email arriving in your inbox. The email has the subject line “Documents” and contains a link to Google Drive. On the surface, receiving an email from someone you don’t know that’s called simply “Documents” sounds suspect. But, the Google Docs link is legitimate and points to a google.com URL. What’s the harm in following the link and finding out if this document is really meant for you?
Unfortunately, that’s the thinking of many users. When you follow the provided Google Drive link, you land on an official looking Google log-in page. In fact, it’s an exact replica of an actual Google log-in page. The only difference is that it asks you to enter both your email and password, even if you’re already logged in to your Google account. Many users won’t think twice about entering their information, but noticing this subtle inconsistency is key to avoiding a scam.
Logging in to this spoofed page does take you to a legitimate Google document, but attackers already have your password.
This is another example of how online threats are becoming more intelligent and harder to avoid. For phishing scams like this one, it’s important to remember to avoid following links in your email. Many times, you can visit a website directly, rather than following a provided link. This way, you’ll be sure to land on the actual site rather than a malicious copy.
This scam uses Google Drive because users trust a page with Google’s recognizable logo and branding and because users can’t access a document in Drive without following the link. If you receive an email inviting you to view a file in Drive, be sure you verify who sent it before following the link.
If you’ve been the victim of an attack and need help recovering data, removing malware or improving security, call Geek Rescue at 918-369-4335.
February 7th, 2014
Many internet users believe that the key to avoiding a malware infection is to only visit legitimate websites and never open suspicious looking email or download attachments. While this is certainly going to keep users safe from a large amount of malware, it doesn’t keep them safe from all of it. This is evidenced by a recent exploit of a vulnerability in Adobe’s Flash player. As Lucian Constantin reports for PC World, this exploit infected victims with malware capable of stealing users’ log-in credentials for a variety of websites.
Security experts uncovered 11 exploit files targeting this vulnerability, which reveals that the same security flaw was being used by hackers in different ways. Some of the exploit files were designed to execute other files, one downloaded other malicious files and one was a trojan that steals log-in credentials saved in email and web browsers.
Experts found that each file was embedded within Microsoft Word .docx files and target Windows users specifically. Though one attack used malicious emails with a rigged .docx file as an attachment to infect users, most files were found in internet caches suggesting they were downloaded from websites.
These files have already been used in attacks against real-world users, as evidenced by Adobe’s use of the phrase “in the wild” to describe them. Since the vulnerability is known in the hacking community, expect more attacks to be rolled out exploiting it.
To their credit, Adobe scrambled to release a patch that would eliminate the Flash security flaw. This is version 18.104.22.168 for Windows and Mac users. If you haven’t updated Flash on your machine yet, be sure to do that as soon as possible.
If your computer has been infected with malware, bring it to Geek Rescue or call us at 918-369-4335.