Color Changer App For Facebook Infects Thousands Of Users

August 12th, 2014


Have you ever thought that Facebook would look better in a different color than the traditional blue? Many users have had that thought and have attempted to add a Facebook app to their profile that would allow them to change the color of their personal Facebook experience. As Dave Smith reports for Business Insider, the Facebook Color Changer app is malware that sends everyone who clicks on it to a phishing website.

More than 10-thousand users have reportedly been affected by the color changer app. Users who click through to the malicious phishing site have their Facebook logins stolen so the scammers can spam their friends with more fake offers.

Additionally, some users have reported that the website they’re directed to also asks them to download other files. Differing reports say users are directed to download a video or another app. These files are also malicious but so far it’s unclear what kind of damage they’re capable of.

If you’ve mistakenly added the color changer app to your Facebook profile, or any other app that you need to remove, you can do so by visiting the Settings menu. That’s the one with the small lock icon in the top right corner. From there, click on ‘Apps’ in the menu on the left and find the apps you want to remove in the list. Click the ‘X’ by the app name and it will be removed.

In the case of the color changer app, you’ll also want to run a full virus scan of your computer and change your Facebook password.

If you’re still interested in changing the color of Facebook, there are more legitimate ways of doing it. If you’re using Chrome there are add-ons available that can change Facebook’s color scheme. Always do some research before adding extensions or apps of this nature, however, as they’re ripe targets for scams.

If your computer, or other device, has been infected with malware, call Geek Rescue at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

Malware Again Puts Credit Card Information At Risk

July 2nd, 2014

Close up of credit card numbers

In the fall of 2013, hackers infiltrated Target’s point-of-sale system and were able to steal credit card information from thousands of customers. That large scale attack prompted a re-evaluation of security by most companies to attempt to better protect customer data at its most vulnerable points. As Jaikumar Vijayan reports for Computer World, however, more businesses were recently victimized by a similar POS attack that compromised customers’ credit card information.

Information Systems and Supplies (ISS) provides POS systems to restaurants in the northwest. Recently, they informed customers that those systems may have been compromised, which may have led to the theft of customer’s credit card information.

The breach in security stems from attackers gaining access to ISS’s admin account, which allowed them to log-in remotely to ISS customer servers and PCs. Through remote access, data stealing malware was planted on the POS systems, which is capable of stealing the numbers of any credit card used between since the end of February.

It’s unclear exactly how hackers first gained access to the ISS admin account, but it’s believed to be fallout from a phishing scam.

One password was used to log-in to each POS system managed by ISS before this attack. Since learning of the breach, ISS has instituted unique passwords for each customer system.

This attack holds lessons for both individual users and businesses. This is an example of why reusing passwords, or using a single password to access an entire network, is dangerous. If one password is all that stands between an attacker and all of your most important data, you’re likely to suffer a catastrophic attack. It’s important to implement multiple passwords, two-factor authentication and other security measures.

Last year, nearly two-thirds of successful data breaches were caused by security vulnerabilities introduced by third party applications. Many businesses assume that third party software is secured and maintained by the vendor who supplies it, but that’s not always the case. Unfortunately, this mistrust leads to attacks that are able to use third party software to infiltrate an entire network.

At Geek Rescue, we offer support and service to both individuals and businesses. For help recovering from an attack or improving security to prevent one, call us at 918-369-4335.

Beware The Promise Of The ‘Heartbleed Removal Tool’

June 3rd, 2014

Phishing concept

About two months ago, the Heartbleed bug was the scourge of the internet. Since then, websites have scurried to update and patch the vulnerabilities that could potentially lead to the theft of their users’ data. As Jeremy Kirk of Computer World reports, the Heartbleed name is still being used to strike fear into users only now it’s in association with a phishing scam.

Security firm TrendMicro reports that spam emails are being distributed that promise a “Heartbleed removal tool”. Individuals who have some understanding of what Heartbleed is will understand that it isn’t a virus or malware that can simply be removed. But, others who are familiar with the name ‘Heratbleed’ but unfamiliar with any other details are being fooled.

The attachment to these emails, the supposed removal tool, is actually a keylogger, which is used to record the keystrokes of the user and sends them to the criminal who launched this attack.

Given the apparent misunderstanding of Heartbleed, this scam is already poorly constructed, but it falls apart even more when you consider the content of the email. While the body contains a warning about Heartbleed and urges users to run the attached removal tool, the subject line reads “Looking For Investment Opportunities from Syria”. A more spammy email subject has rarely been written and, of course, the subject and body don’t match.

These characteristics make this particular scam easy to spot for users and spam filters, but criminals trading on the Heartbleed name isn’t likely to stop anytime soon. Be wary of any email, even those purporting to be from legitimate companies, that advises you to protect yourself from Heartbleed. Don’t follow links in those emails and don’t download the attachments.

If your computer is infected by malware, Geek Rescue is here to help. Call us at 918-369-4335.

This Google Drive Phishing Scam Is Difficult To Spot

March 18th, 2014

Phishing with email symbol

Phishing scams are a common threat of the internet. If users aren’t careful, they can easily be tricked into giving away log-in credentials and other valuable information without even realizing they’re being scammed. At Gizmodo, Adam Clark Estes reports on one of the latest and trickiest phishing scams to hit the web.

The reason this scam is so tricky is because it manages to avoid some of the usual tell-tale signs of phishing. It begins with an unsolicited email arriving in your inbox. The email has the subject line “Documents” and contains a link to Google Drive. On the surface, receiving an email from someone you don’t know that’s called simply “Documents” sounds suspect. But, the Google Docs link is legitimate and points to a URL. What’s the harm in following the link and finding out if this document is really meant for you?

Unfortunately, that’s the thinking of many users. When you follow the provided Google Drive link, you land on an official looking Google log-in page. In fact, it’s an exact replica of an actual Google log-in page. The only difference is that it asks you to enter both your email and password, even if you’re already logged in to your Google account. Many users won’t think twice about entering their information, but noticing this subtle inconsistency is key to avoiding a scam.

Logging in to this spoofed page does take you to a legitimate Google document, but attackers already have your password.

This is another example of how online threats are becoming more intelligent and harder to avoid. For phishing scams like this one, it’s important to remember to avoid following links in your email. Many times, you can visit a website directly, rather than following a provided link. This way, you’ll be sure to land on the actual site rather than a malicious copy.

This scam uses Google Drive because users trust a page with Google’s recognizable logo and branding and because users can’t access a document in Drive without following the link. If you receive an email inviting you to view a file in Drive, be sure you verify who sent it before following the link.

If you’ve been the victim of an attack and need help recovering data, removing malware or improving security, call Geek Rescue at 918-369-4335.

Improve Security In Firefox With These Tips

February 3rd, 2014

Web address bar

More than a quarter of all internet users have Mozilla Firefox set as their primary web browser. Just like any other browser, however, there are some security concerns you need to understand. Andy O’Donnell at About recently published a few ways you can enhance the security in Firefox for a safer browsing experience.

  • Do Not Track

Most websites you visit track the actions you take while on their site and even after you leave. Usually, this isn’t connected to anything malicious. Instead, this data is used for marketing to offer you a more personalized experience. Many users would prefer not to be tracked for any reason, however, and Firefox has a handy tool for that. To enable ‘Do Not Track’, go to ‘Preferences’, choose ‘Privacy’ and check the box next to “Tell websites that I don’t want to be tracked.” This doesn’t guarantee that websites will never track you, but most legitimate websites obey your wishes.

  • Phishing and Malware protection

It’s easy to lose yourself while surfing the internet and wind up on a less than reputable website. You may not even know a website is malicious at the time, but there are many designed specifically to infect your computer with malware or steal your information. You can provide better protection against malware and phishing by enabling a couple of options in Firefox. From the ‘Preferences’ menu. click ‘Security’ and check “Block reported attack sites” and “Block reported web forgeries”. This checks each site you visit against a constantly updated list of known malicious sites. If you attempt to visit a site on the list, you’ll be blocked and kept safe.

  • Script protection

There are a number of attacks that use scripts on websites. There are also plenty of legitimate uses for scripts that developers use to enhance their sites. So, blocking them completely will limit how well legitimate sites you visit are able to function. Not blocking them at all leaves you open many common attacks. The best option is to use an add-on that blocks scripts on untrusted sites. There are many to choose from. To find them, go to Mozilla’s Add-on site and search “noscript”. Click the “Add to Firefox” button next to the add-on you wish to use and follow the on-screen instructions. The default for each site will be to block scripts, but when you visit a trusted site, you can choose to allow them so the website will work properly.

  • Pop-up blocker

Pop-up blockers have become so widely used that almost no one even tries to use pop-ups anymore. But, there are still some annoyances online if you don’t have a pop-up blocker in place. To enable it in Firefox, go to ‘Preferences’, choose ‘Content’ and check the “block pop-up windows” box. If you run into a site that need pop-ups allowed to function properly, you can always add it as an exception.

Regardless of which web browser you typically use, you need to know tips like these to make it as secure as possible. Additionally, it’s important to have other security tools in place, like an updated antivirus program.

If your computer or any other device has suffered an attack or malware infection, call Geek Rescue at 918-369-4335.

Protect Yourself From Phishing Attacks With These Tips

January 10th, 2014

Phishing with email symbol

Phishing attacks come through most of our emails on a daily basis. Thankfully, spam filters and other security measures keep us from having to regularly deal with them, but because criminals are always making these attacks more intelligent, some attacks do find their way to our inbox. Some are difficult to ignore since they capitalize on the latest news to make their message more believable. For example, the latest high-profile attacks on Target, Adobe and Snapchat are now being used by hackers as an excuse for why users need to divulge their information. As David King of IT Manager Daily writes, there are ways to protect yourself from these phishing scams. Here are the most important tactics to know.

  • Question Everything

Because each message is being crafted to fool users into thinking it’s legitimate, you can’t afford to trust any message you receive. Even messages from companies you have an account with that contain official looking logos can be spam or phishing scams. Checking the email address of the sender is effective for many messages. Often, a message claiming to be from a legitimate company is sent from an email address not associated with that business. But, criminals have started to overcome that hurdle also. Even emails that come from someone in your contacts list could be malicious. So, before downloading anything or responding with important information, ask yourself why the sender of the message would be taking these actions. If it seems at all suspicious, call the sender directly and ask about the email. Or, visit the company’s website and find a more direct way to send them information. Usually, it’s safe to assume that any legitimate business won’t ask for your financial information over email.

  • Attachments

Malicious files sent as attachments are a common way to convince users to download malware. Many users will even be suspicious of an email, but download the attachment in an attempt to gain more context as to what the message is about. Downloading and opening these files infects your computer. Don’t let your curiosity get the best of you. If a message seems suspicious, don’t visit any links included in it or download any files attached. Even if the message seems legitimate, don’t download a file unless you know exactly what it is. A good rule of thumb is if you aren’t expecting a file to be emailed to you, don’t download one.

  • Updates

Unfortunately, even the most intelligent users fall prey to phishing scams and malware infections. Even if you never download attachments, visit suspect websites or open suspicious emails, malware can still find its way onto your system. It’s better to plan for this event and never need the security provisions than to be caught without it. Be sure you have a trusted antivirus program in place and keep it regularly updated so it can recognize the latest threats. Update all of your applications and your operating system also to close potential security vulnerabilities.

Phishing scams allow hackers to infect your computer and steal important information. Follow these tips to keep yourself, and you identity safe.

If your computer is infected with malware or you’d like to improve the security on your network, call Geek Rescue at 918-369-4335.

Protect Yourself Against Keyloggers And Webcam Hijacking

December 11th, 2013

Protected on shield

Recent reports revealed that the FBI has been able to remotely activate webcams and log keystrokes without any evidence to users that they’re doing it. These tactics have been used to investigate crimes, but they reveal the capabilities of hackers. If the FBI has the ability to remotely access your webcam and log your keystrokes, then so do criminals. Mathew J. Schwartz of Information Week published some tips that help protect specifically against these kinds of threats.

  • Anti-keyloggers and antivirus 

Antivirus and anti-malware programs are important to your computer’s security, but they don’t protect against every threat. Most are unable to detect a keylogger. But, there are programs specifically designed to thwart a keyloggers attempts. These programs don’t identify and remove this type of malware. Instead, they encrypt or scramble your keystrokes so that no other program can record them. Even anti-keyloggers won’t completely protect you, but they’re useful against the most common keylogger malware.

  • Phishing attacks

Attacks through your email are the most common ways malware, like keyloggers or webcam hijackers, find there way onto your computer. To protect yourself, be extremely cautious about what emails you open, what links you follow and what attachments you download. Generally, if you’re not expecting an email, you don’t need to read it or download any attachments. It’s also important to keep your browser, operating system and antivirus software updated to protect against the latest threats.

  • Be protective of passwords

Too many users are willing to input passwords to their most valuable online accounts in low security situations. If you arrived at a site by clicking a link in your email, don’t put your password in. It’s possible that, even if the site looks legitimate, it’s a spoofed version of the actual site. Instead, put the URL into your browser yourself. If you’re using public or unsecured WiFi, it’s also not a good idea to log-in to any accounts. These networks allow hackers to easily intercept data, which means you could be handing them your log-in credentials. Wireless keyboards also pose a problem. Recent keyloggers have been able to intercept data from wireless keyboards.

  • Webcam undercover 

If you’re worried about remote activation of your webcam, which allows you to be photographed or recorded without your knowledge, there’s one surefire way to protect yourself. Cover your webcam. Hackers are able to activate your webcam without any of the notification lights coming on. So, you’ll never know for certain that you’re safe, unless the webcam is covered. The most popular method is to cover it with a bandage when you’re not using it. This way, no sticky film gets on the camera lens itself.

Hackers are continually evolving their tactics and, as technology improves, their capabilities increase.

If your computer is infected with malware, or you’d like to improve the security at home or at your business, contact Geek Rescue at 918-369-4335.

Phishing Scams Aren’t Always So Obvious

December 5th, 2013

Phishing concept

Phishing emails are a dangerous threat to anyone with an email address. Usually, there are some obvious signs that suggest a scam, but as Paul Ducklin of Naked Security explains, the absence of these signs doesn’t necessarily mean an email is legitimate.

The goal of most phishing scams is to steal your password for an online account. The email could contain a link that takes you to a legitimate looking log-in page. When you try to log-in, however, your information is sent directly to the criminal behind the scam. There are also emails containing malicious attachments. If you download and open the attachment, your computer will be infected with malware that could have a number of uses.

Some users believe that if an email with no link in the message, and either no attachment, or an attachment that shows no signs of malware after scanning with a security applicati0n, that email must be safe. But, criminals have other methods for stealing information.

Because most hackers know that users have become more cautious when opening links and attachments in emails, they’ve altered their tactics. An email may claim to be from a legitimate company and contain no links. It could have a clean attachment. However, the attachment may be a .pdf or word document containing a message and a link to a website. Many users are fooled into thinking that the link in the attachment is safer than if it had appeared in the body of an email, but that’s not the case. Usually, the link found in the attachment will also direct you to a malicious site used to steal your log-in credentials.

These sites designed created specifically to steal passwords are dangerous. Many are designed so that the ‘close’ button on the log-in box acts the same as the ‘submit’ button. This means that even if you decide at the last second not to log-in and try to close the log-in box, any information you put in will be sent anyway.

Unlike legitimate websites, these scam sites also don’t use ‘HTTPS’. That makes them more vulnerable to ‘sniffing’, or other parties being able to intercept any information you send through the site. So, not only does the criminal running the scam have your password, but anyone monitoring the activity on the site could too.

The best option for preventing yourself from becoming a victim of a phishing scam is to avoid them all together. If an email arrives in your inbox, make sure it’s from a trusted source. Check the sender’s address. Often, scam emails won’t be from the domain of the company they’re impersonating. Also, don’t download any attachments unless you know exactly what it is. Don’t follow links provided in emails. If you want to visit a site, enter it directly into your browser to be sure you’re visiting the legitimate site, not a spoof.

Web and spam filters and antivirus programs are also useful in keeping you safe in case you do click something you shouldn’t have. For help improving the security on your home PC or at the office, call Geek Rescue at 918-369-4335.

Hundreds Of Thousands Of New Malicious Websites Discovered In Past 30 Days

December 3rd, 2013

Hacker concept

As an internet user, you’re able to do more, access more and store more online than you’ve ever been able to before. Unfortunately, that makes your data more valuable to criminals than it has ever been before. Because of this, malicious tools used to steal your log-ins or personal information are rapidly on the rise. Tim Wilson, of Dark Reading, reports that over the past month there have nearly 344-thousand new malicious websites discovered. These websites vary in their design and goal, but all of them are being used by hackers to steal your identity, data or money or to infect your computer.

On average, this means there are about 11,500 new malicious website springing up every day, which significantly increases the likelihood that a typical user will stumble across one of these sites. About 173-thousand of these websites have been identified as malware distributors. These sites often download malware to your computer without any action being taken on your part, beyond simply loading the website. Many times this download will take place in the background, which means it could be weeks or months before you learn that you’ve been infected.

About 114-thousand of the malicious websites were labeled as phishing sites. These sites attempt to steal users log-ins and passwords. Usually, they’ll use the name and logo of a familiar site to attempt to fool visitors into thinking they’re on a trusted page. Most often in these examples, PayPal was used to gain access to accounts and steal users’ money. There has also been a rise of site designed to steal users’ Google log-ins. This is attributed to the fact that one Google log-in can give an individual access to Gmail, Google Drive and Calendar, Google+ and more.

These increasing threats illustrate the need for effective security on any device you use to access the internet. For help putting the proper security precautions in place at home or at your place of business, contact Geek Rescue at 918-369-4335. If you have a device that’s been infected with malware, bring it in to one of your convenient locations.

4 Common Sources Of Cyber Attacks And How To Avoid Them

November 29th, 2013

Cyber Attack road sign

There are a number of precautions you need to take in order to stay safe online. From firewalls to updated antivirus software, there are plenty of tools that can prevent a disastrous cyber attack or data breach. These tools still don’t guarantee your safety, however. Even with precautions in place, it’s important to understand where the majority of threats come from and avoid them altogether with safe surfing techniques. Ron Johnson, of Business2Community, listed some of the most common causes of security breaches and how to avoid them.

  • Public WiFi

Open WiFi networks are found nearly everywhere you go, but they’re far from secure. Any data you send over public WiFi is easily intercepted and stolen by a third party. This doesn’t mean you shouldn’t ever connect to public WiFi. It means you need to be extra careful about what sites you access while using this type of unsecured network. Viewing and reading websites likely won’t cause a problem, but don’t log-in to any online accounts or your password could be compromised.

  • Giving out passwords

Most users understand the dangers in giving other people their password, but sometimes even the most savvy users give out their log-in information without even thinking about it. For example, if you’re having difficulty with an account, a customer service representative might ask you for your password. This doesn’t necessarily mean they are going to misuse it, but it’s always a good idea to change passwords once you’ve told them to anyone, including a help desk. They might not always be as careful with your information as you would be. It’s also never a good idea to share accounts with others, even friends or family. If you want to allow another individual to access your account, change the password, give them the new log-in information, then change it again once they’re finished.

  • Untrusted downloads

Downloading anything should be a decision that every user is cautious of. Even seemingly trusted websites can be compromised and a file you download could end up infecting your system with malware. If you’re prompted to download an application, like a media player, go to that player’s official website to download. Be sure to scan every file downloaded with your antivirus program before opening. As for email attachments, don’t download them unless you were expecting a file to be sent to you and you know exactly what it is.

  • Phishing scams-

Speaking of email, phishing scams are a popular method for stealing your information and hacking into your online accounts. These scams have grown more sophisticated. Often, an email will appear to be from a legitimate website where you hold an account. It will claim there’s been a problem and you need to log-in immediately, or download software, or even put in credit card information. If you have any questions about the legitimacy of these emails, contact the website or business directly, by phone if possible. There’s never a time when a business will email and need your credit card information.

By learning some of these common hacker tactics, you’ll be able to be smarter about your online habits and avoid potential threats.

If you’d like to improve security at your home or business to further safeguard from malware, phishing scams, hacking and more, contact Geek Rescue at 918-369-4335.