October 8th, 2013
Is your home WiFi network secure? Unfortunately, there’s a lot of bad information out there that convinces users that they’ve secured their home network, when in actuality it’s still as vulnerable as ever.
Eric Geier, of CIO, set out to debunk some popular myths regarding WiFi security in a recent article. The items on this list have been proven to be inconsequential for protecting you against potential threats.
You’ll find many individuals across the web suggesting you stop broadcasting your wireless router’s name, known as its SSID, or Service Set Identifier. This is to keep your network invisible from those you want to keep out. However, it will still be visible to most users and the SSID is easy to discover for hackers. Plus, trying to stay invisible can make you a target as criminals believe there may be valuable data on your network that you’re trying to conceal.
MAC stands for Media Access Control. A MAC address is an alphanumeric code used to uniquely identify each device on your network. You’re able to configure your router to only allow certain MAC addresses access to your network. In theory, this would keep out unwanted network users, even if they have your network’s password. However, hackers have tools to easily see the list of accepted MAC addresses and can then change their device’s address to match one of those. This makes MAC address filtering little more than a time waster.
In addition to the MAC address, each device on your network has a unique Internet Protocol, or IP, address. Your router issues an IP address to each device when they join the network. By changing configuration so your router only has a limited number of IP addresses to issue, you should be able to limit how many users your network can possibly have. Hackers are able to scan for IP addresses being used by your network, however. They can then assign an acceptable one to their device and by pass this security measure.
Another myth is that reducing the power of your wireless router will make it harder to be accessed by anyone outside your home. The theory is that since the WiFi network won’t be visible from as far away, not as many people will be able to penetrate it. Hackers use high-powered antennas, however. So, having a low powered router will only limit your use of your network.
If you’d like to truly secure your network, consider encryption and firewalls. Coupled with regularly updated antivirus software, this is the best way to keep your network and computer safe. For help improving the cyber security at your home or office, contact Geek Rescue at 918-369-4335.
October 7th, 2013
As previously mentioned, antivirus programs can’t be expected to fully protect your computer. Hackers produce hundreds of thousands of new malware every day and even the most up to date security software can’t possibly keep up.
That’s why it’s important to do your part and keep your machine out of harms way as much as possible. Shay Colson, of Information Space, has some tips on how to avoid malware and other potential threats online.
Just as in the forest it’s important to watch where you step, online it’s important to watch where you click. Most malware is downloaded to a computer when the user clicks on something they shouldn’t have. Particularly when you’re on a less reputable website, it’s important to avoid clicking on ads or links as much as possible. Also, make sure any security software you have installed is up to date. That way, if you do encounter malware, you’ll have the best chance of having it detected before it does any real damage.
The simple solution for making all of your accounts online more secure is to improve your password. Make sure it is 8-characters or longer and includes both upper and lowercase letters, numbers and symbols. Some advocate using your least secure passwords for throwaway accounts, medium passwords for social media, but if you want to avoid a potential hacking, use unique, strong passwords for each account. Using all of those different passwords can get confusing, so it’s also a good idea to use a password manager.
Almost everyone makes purchases online. It’s a good idea to use a credit card, rather than a debit card, however, since it’s easier to dispute fraudulent charges on a credit card. Most eCommerce sites give you the option to save payment information for your next purchase. This is a time saver, but it puts your account information at risk. It’s much better to enter your card number each time than have it available to anyone who gains access to your account.
Your mobile device also has access to sensitive data. Keep it safe by utilizing the lock screen. As seen with an iOS bug that allowed users to bypass the fingerprint scanner, or Android’s notoriously easily hacked lock, this doesn’t fully protect your device. However, it offers some protection and is easy to use. Also, be sure to enable services to remotely disable and wipe your phone in case it’s stolen. Both Apple and Android offer this service. It’s extremely useful in keeping your data out of a criminal’s hands.
These tips keep your information safe without installing additional security software. However, you should always have antivirus programs and other security in place. To improve the security on any of your devices, contact Geek Rescue at 918-369-4335. We also remove viruses and other malware from infected machines.
October 7th, 2013
It seems like everyday there’s a new story about a major company or website that’s been hacked or attacked by malware. Many times, as Steve Johnson of the San Jose Mercury News reports, these attacks stem from initial infections that slip past security software and remain undetected for days, weeks or even months.
The New York Times recently encountered 45 pieces of malware that had remained on their computers for about 4-months. Only one of those was detected by their antivirus protection. Security company Kaspersky reported that a global malware attack that stole individual’s data had eluded antivirus software for five years.
Globally, an estimated $8.4-billion is expected to be spent on antivirus software alone this year. So why doesn’t it offer better protection?
The reason is in the sheer volume of malware being produced. Kaspersky finds 200-thousand new pieces of malware every day, which means there are likely several thousand more being produced each day that avoid detection. That number is up significantly from only 700 piece of malware daily in 2006 and 7-thousand in 2011.
Keeping antivirus programs updated protects you from known threats, which means you’re safe from the majority of the malware that’s out there. However, there are varieties of malware that have been produced, but not yet discovered that pose a significant threat.
In addition to the unknown malware is new techniques by hackers that disables antivirus products all together. Security software is continually getting smarter to protect against these hacks, but it’s an uphill battle.
One way security is improving is to expand the capabilities of antivirus programs. Rather than scanning systems for known malware, they’re able to scan for suspicious behavior from any program, whether it is suspected of being malware or not.
Unfortunately, creating malware is a big, lucrative business. Security software will always be behind the curve in keeping up with new ways for hackers to attack your computer. To stay safe, it’s important to practice safe surfing. Be careful of what you download to your computer, don’t open emails you suspect to be spam and don’t click suspicious looking links.
Even though antivirus programs can’t offer impenetrable security, it is still vital to have updated security in place. To improve the security for your computer at home or at the office, call Geek Rescue at 918-369-4335. If you think you’ve already been infected with malware, we fix that too.
October 4th, 2013
A troubling trend is growing for the creators of malware. More and more malicious programs with legitimately signed digital certificates are being discovered. As Ellen Messmer, of Tech World, reports, this makes malware more likely to slip past security provisions and infect a computer or network.
Security company McAfee starting seeing a significant amount of malware with legitimate certificates in 2010 when they accounted for about 1.3-percent of all malware. That has risen steadily to more than 6-percent now. That actually signifies a huge increase in the sheer number of malware with legitimate certificates since the amount of pieces of malware is estimated to double each year.
This is a problem for mobile users as well. About 24-percent of all malware for Android devices has a legitimate certificate.
These certificates are used to verify that the programs they’re attached to come from a reputable source. There are only a few companies able to sign these certificates and, in the past, many malware programs were using fake or stolen certificates. Now, it seems that hackers have been increasingly successful at obtaining legitimate certificates and using them for multiple pieces of malware.
Many of these certificates were seen attached to malware used in a specifically targeted attack. Hackers knew the type of security being used and used a certificate that would allow the malware to be undetected.
An option available to deal with this growing threat would be to a service in place that would check the “reputation” of a certificate. Those that are being used to by a large number of programs would alert the system to the possibility of malware. As one security expert notes, however, that would only force hackers to obtain a new certificate for each piece of malware, not stop the threat entirely.
Using safe browsing techniques and being extremely cautious about what you download to your computer are the best tactics to take to keep you safe from malware infection. To improve your security, or to check and clean any malware currently on your machine, contact Geek Rescue at 918-369-4335.
October 3rd, 2013
A new threat is emerging for both desktop and mobile internet users. It’s called malvertising and, as Adam Greenberg reports for SC Magazine, is a way to spread malware to unsuspecting users through online advertising.
These malicious ads are placed individually by hackers on otherwise legitimate websites. The hackers must convince companies through email and by using false identities to agree to put up the malvertising. When visitors to the site click the ads, it downloads malware onto their machine.
The criminals are specifically targeting sites with a lot of traffic and security experts estimate each malicious ad averages about 100-thousand views before it’s taken down. Users have to actually click the ads to be affected, but with so many views there’s the potential for a large number of users to be infected with malware. These threats are fairly widespread also with an estimated 10-billion malicious advertisements seen in 2012.
Because hackers are using fraudulent credentials, it’s difficult, or nearly impossible, to track them down even after an ad is found to contain malware. The key to stopping these attacks is for companies to be more judicious in selecting the ads they place on their websites. Asking about corporate and individual identities behind these ads before allowing them on a site is vital to avoiding potential headaches down the road.
Be aware that, while there are some legitimate advertisers who will contact you directly to place ads on your website, there are others who are attempting to spread malware. A safe option is to use PPC ads from a trusted source like Google or Bing.
For users, clicking on ads is a natural part of the web surfing experience, but some caution is needed. Clicking only on ads from reputable companies doesn’t always keep you safe, but it is a start. If your computer is infected with malware, call or come by Geek Rescue and we’ll clean it. Call us at 918-369-4335.
October 3rd, 2013
When there’s a major event that captures the attention of the media, you can bet that a related scam will be developed quickly. The royal baby’s birth was one of the latest historic events to be taken advantage of by cyber criminals. As Anand Muralidharan reports at the Symantec blog, spam emails related to the government shutdown is the current threat.
You may be curious to know how the government shutdown can be misappropriated for use by spammers. The answer is that it requires some creativity. The spam emails that have been reported so far have claimed to offer vehicles at half-price for the duration of the shutdown. The emails bear no markings from car manufacturers or car lots, but offer a link to follow for half-priced 2013 model cars and trucks.
Many of these emails are able to slip past spam filters. This may be in part due to their changing email header, or subject.
“Get half-off our autos for each day the US Govt is shut down”
“Get half off MSRP on new autos for each day of govt. shutdown”
These email subjects, or something similar, should alert you that the message is spam and the link will likely take you to a malicious website.
That no official brand logo or company name is used makes these emails much easier to spot and avoid. This likely won’t be the only government shutdown related scam appearing in your inbox, however. And the longer the shutdown lasts, the more opportunities for scams.
Being aware that scams like this are out there makes you less likely to become a victim. Always be cautious of unsolicited emails from untrusted senders.
If you’d like to upgrade your spam filters, or improve the overall security on your computer, call Geek Rescue at 918-369-4335.
October 2nd, 2013
Your Facebook profile is an appealing target for cyber criminals. With access to your profile, they immediately have access to all of your friends also. A hacked Facebook account has led to the hacker asking for money from Facebook friends, posting malicious links on friends’ walls and other suspect behavior.
Andy O’Donnell, of About, notes that you’re usually not the first to find out you’ve been hacked. A friend may text you to ask about an odd status update or message. When you try to sign into your account, either you’ll notice that someone else has been posting messages as you, or you’ll be locked out completely. If you believe you’re account has been hacked, follow these steps.
- Go to facebook.com/hacked, which is the Facebook Account Compromise Reporting page.
- Click ‘My Account is Compromised.”
- You’ll be taken to the ‘Identify Your Account’ page where you’ll be asked to enter your email address, phone number, or your name and the name of a Facebook friend.
- Follow the on-screen instructions.
Once you’ve re-gained access to your account, you’ll want to un-do anything that the hacker did. First, change your password. Take this opportunity to make it stronger by using upper and lowercase letters, numbers and symbols. Check your apps page to delete any suspicious apps the hacker may have added. Be sure to tell all of your friends that your account was hacked so they don’t follow any links the hacker may have sent them.
After you’ve taken care of any issues on Facebook’s site, take some time to think about how your account was compromised. Malware on your computer can result in hacked accounts, so a full-scan of your hard drive may be in order.
If you believe your computer is infected with malware, call Geek Rescue at 918-369-4335. We remove malicious programs like malware, Trojans and viruses from any device and have security options to help protect you from future attacks.
October 1st, 2013
Facebook officially launched Graph Search to all users, which makes it possible to search for, well, anything that’s ever been posted on Facebook. Every comment, status update, check-in, photo and more can be turned up by a simple search. For those who have had a Facebook account for nearly a decade, you might not want people to easily be able to see what your 20 year old self was saying.
Ashley Feinberg, of Lifehacker, posted a privacy guide that let’s you lock down your old posts so they’re not available to just anyone. This way, you won’t have to go through and individually select privacy for each and every status update and comment you’ve made on Facebook.
- Click the ‘Privacy Shortcuts’ icon, which looks like a padlock in front of three lines and is located in the top right corner of any Facebook page.
- Click the ‘See More Options’ link at the bottom of the drop down menu.
- Now click ‘Limit Past Posts’, which is found on the far right about half way down.
- You’ll encounter a warning from Facebook that anyone who isn’t your friend won’t be able to see your old posts. Click ‘Limit Old Posts’.
- Facebook will again ask you if you’re sure. Click ‘Confirm’.
Just like that you’ve made it impossible for strangers to unearth your old Facebook posts. There’s still the problem of friends coming across something embarrassing you may have posted in your younger days. If you’re worried about that possibility, find the specific post by searching for it yourself, or going to the year on your timeline it occurs, if you remember of course. Then you can adjust the privacy settings for that specific post and make it visible to only you.
Privacy on any social media platform is important because cyber criminals are able to use personal information against you. What you share on Facebook helps them hack into other online accounts, or target you in a spear phishing scam.
Be careful about what you are sharing online. For help improving the security on your computer, or mobile device, contact Geek Rescue at 918-369-4335.
October 1st, 2013
Fort Disco sounds like an oddly themed night club, but it’s actually a dangerous form of malware that targets users of WordPress and Joomla. Lucian Constantin, of ComputerWorld, reports that the malware has also been documented attacking POP3 email and FTP servers.
Fort Disco is described as a brute force password guessing form of malware. This means that it infects a machine, then attempts to hack into the user’s accounts by trying random passwords. That’s where the term brute force comes in. There’s no finesse used to break into accounts. Instead, password after password is tried until the malware gains access to the account.
Security experts estimate that Fort Disco has infected more than 25-thousand Windows users and successfully hacked into more than 6-thousand WordPress, Joomla and DataLife Engine accounts.
Once the malware infects a machine, it’s able to communicate with its creator to get instructions on what accounts to attack. Since it is hosted on a user’s machine, email accounts and even FTP credentials are also at risk.
Brute force password attacks against content management systems aren’t rare, but Fort Disco is a unique way to hack those accounts. This malware is easily distributed across a large number of computers, and puts multiple accounts in harms way.
As with all types of malware, there are multiple ways it can infect your computer. To stay safe, be extremely cautious what websites you visit, what you download to your computer and what emails you open. Since Fort Disco has been seen hacking email accounts, it’s likely that a number of spam emails containing the malware are being sent.
If your computer is infected, or if you’d like to improve the security on your machine, contact Geek Rescue at 918-369-4335.
October 1st, 2013
A botnet is a way for cyber criminals to use your computer to perform tasks like sending spam emails, spreading malware and other fraudulent uses. Infected computers will be able to communicate and form an entire network of zombie machines, which are all under the control of hackers.
Tom Espiner, of the BBC, reports that security company Symantec recently disabled 500-thousand infected computers that were acting as part of a botnet. The ZeroAccess botnoet, used for advertising and online currency fraud, was previously made up of 1.9-million machines.
The ZeroAccess botnet uses people’s computers to execute click fraud. Online advertisements generate income for websites that host them based on how many users click on them. This botnet used zombie machines to generate false clicks, which made them money.
By disabling 500-thousand of the infected machines, the hackers will lose about a quarter of their income. However, the identity and location of these criminals is unknown so experts warn that they’ll be working to restore their numbers quickly.
Symantec initially stepped in to take down the ZeroAccess botnet when it noticed an updated form of the Trojan program, which ZeroAccess installs on infected machines, being distributed. This malware made it more difficult to disrupt the botnet’s communications. Symantec felt they needed to act now, before updated malware made it impossible to disable any infected computers.
Perhaps the most troubling part of a botnet is that most users won’t know their computer is being used by a third-party. Infected computers will experience a decrease in performance. Your computer will be slower because a portion of its resources are being used as part of the botnet.
It’s also a good idea to check the sent messages folder in your email. If there are messages that you didn’t write being sent from your email address, you’ve got a problem and may be part of a botnet.
If you’re experiencing computer trouble or want to upgrade your cyber security, contact Geek Rescue at 918-369-4335.
