November 17th, 2014
Many users mistakenly believe they’re safe on a public WiFi connection or never consider their security at all. For example, if your smartphone is set to automatically connect to available networks, you could be putting your data at risk every time you walk into a business with complimentary WiFi. The risk isn’t from the websites or apps you use, but rather from others who are also connected to the same network. At Lifehacker, Whitson Gordon recently published some tips for how to stay safe while connected to free WiFi. Here’s what you need to know.
Many users have enabled the sharing of files or printers, but these settings leave the door open for anyone on a public network. Especially if you’re using a laptop that’s typically connected to your home or work network, you’ll want to go in and check the sharing settings if you’re planning to do some work on an unsecured network. If you’re using Windows, you can access these settings through the control panel. Go to ‘Network and Internet’, then ‘Network and Sharing Center’ and select ‘Advanced Sharing Settings’. On a Mac running OS X, go to ‘System Preferences’, then ‘Sharing’ to disable sharing options.
When you connect to an unsecure website over HTTP, data exchanged is transferred over your network in plain text, rather than being encrypted. This becomes a major issue when the data involved is sensitive like your log-in information or credit card number. That’s why it’s important to check in your browser’s address bar and see if HTTP or the more secure HTTPS. Most of the websites you visit regularly, like Google and Facebook, will automatically default to an HTTPS connection, but other sites can use one just by manually entering “HTTPS://” in front of their URL. This will encrypt the data being sent from your device to the website and back, but it isn’t completely foolproof. In most situations, it’s better to just wait until you’re on a more secure network to conduct any business that requires you to enter sensitive information.
This is probably both the simplest and most effective security tip. If you don’t want to worry about security and aren’t actively using the internet, turn off WiFi completely. If you have to work in a public space like the airport or a coffee shop, think about what you can do offline and try to finish those tasks first. If you have to use the internet, don’t leave your connection open once you’re done with it, or even if there’s a prolonged dormant time. Similarly, make sure to turn off automatic connections to networks in your mobile devices to avoid them connecting to unsecured networks without you knowing.
There are those who believe you’re never truly safe on a public network without using a virtual private network, but these tips will help keep you adequately secure in most situations.
For help improving the security on your devices, or for help removing malware and other problems, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
November 6th, 2014
Ransomware, forms of malware that lock down your device and demand a payment, or ransom, to release your files, have seemingly increased in usage in the past year, but the earliest forms of ransomware have been around for longer than that. The FBI virus began infecting computers several years ago and uses the same scare tactics seen in freshly minted ransomware. As reported in a post on Spyware News, the FBI virus has now been adapted and evolved to infect Android smartphones and tablets.
Common methods of infection stem from malicious email attachments, or false alerts on websites asking you to update Adobe Flash, Java or a similar program.
Once the malware infects your device, it quickly locks it so you can’t access any apps or files and displays an alert claiming to be from the FBI. The alert demands $300 to be paid within 48 hours.
Although seeing this type of warning is surprising and jarring, there are many clues that this is a hoax. Most notably, the warning is littered with typos and poor grammar, which is a common characteristic of malware and malicious emails.
While it can be extremely difficult to by-pass this malware, under no circumstances should you pay the fine asked for. There’s no guarantee that your device will be unlocked if you do and that money goes to prolong this threat. The FBI Android virus, in fact, doesn’t actually encrypt your files so removing the malware should fully restore your system. So, how do you remove it?
- First, turn off your device and restart in Safe mode. To do so, turn it on and hold the menu button with one of, or both of, the volume buttons, depending on your device.
- Once in Safe mode, go to Settings, and click on Apps or Application Manager. Find any suspicious apps you don’t recognize. The FBI virus typically disguises itself as a video player or an app called ‘ScarePackage’ or ‘BaDoink’. Uninstall the suspicious app.
- Restart the device to see if it has been restored.
If these steps don’t work, it’s not a lost cause. You’ll just need a little more expertise.
If you’ve been infected by the FBI virus or any other type of malware, Geek Rescue will help. Come by or give us a call at 918-369-4335.
For your business needs, visit our parent company JD Young.
November 3rd, 2014
It seems a new malware threat emerges practically every day, but most threats have a lot in common. They gain access to your device in a similar fashion and are fixed or bypassed in a similar fashion. A new threat reported on the Symantec blog, however, is unique. Trojan.Poweliks isn’t like other malware that exists as a file on an infected machine. Instead, this particular form of malware hides in the computer’s registry.
Trojan.Poweliks still infects computers the way most other forms of malware do. Users are commonly infected through spam emails, malicious links and exploit kits. Users have reported seeing emails claiming to alert them about a missed package delivery. Opening the email and downloading the attachment leaves them infected.
Once a machine is infected, the trojan disguises itself as a registry subkey. That means most users will never be able to find it.
While it’s hidden, the malware receives commands remotely from the attacker and can take all sorts of nasty actions to cripple your computer and monitor your activity.
Staying safe from these types of threats requires both intelligent web use and proper security tools in place. An updated antivirus tool will catch many of these threats, but if you’re among the first users infected, your antivirus won’t be able to recognize the latest form of malware. That’s why your first line of defense has to be to avoid where these threats are commonly found. Don’t download suspicious email attachments or follow links sent to your email. These practices will help keep you out of harm’s way.
If you’d like to improve the security on any of your devices, or need help getting rid of malware that’s infected your machine, call Geek Rescue at 918-369-4335.