January 10th, 2014
Phishing attacks come through most of our emails on a daily basis. Thankfully, spam filters and other security measures keep us from having to regularly deal with them, but because criminals are always making these attacks more intelligent, some attacks do find their way to our inbox. Some are difficult to ignore since they capitalize on the latest news to make their message more believable. For example, the latest high-profile attacks on Target, Adobe and Snapchat are now being used by hackers as an excuse for why users need to divulge their information. As David King of IT Manager Daily writes, there are ways to protect yourself from these phishing scams. Here are the most important tactics to know.
Because each message is being crafted to fool users into thinking it’s legitimate, you can’t afford to trust any message you receive. Even messages from companies you have an account with that contain official looking logos can be spam or phishing scams. Checking the email address of the sender is effective for many messages. Often, a message claiming to be from a legitimate company is sent from an email address not associated with that business. But, criminals have started to overcome that hurdle also. Even emails that come from someone in your contacts list could be malicious. So, before downloading anything or responding with important information, ask yourself why the sender of the message would be taking these actions. If it seems at all suspicious, call the sender directly and ask about the email. Or, visit the company’s website and find a more direct way to send them information. Usually, it’s safe to assume that any legitimate business won’t ask for your financial information over email.
Malicious files sent as attachments are a common way to convince users to download malware. Many users will even be suspicious of an email, but download the attachment in an attempt to gain more context as to what the message is about. Downloading and opening these files infects your computer. Don’t let your curiosity get the best of you. If a message seems suspicious, don’t visit any links included in it or download any files attached. Even if the message seems legitimate, don’t download a file unless you know exactly what it is. A good rule of thumb is if you aren’t expecting a file to be emailed to you, don’t download one.
Unfortunately, even the most intelligent users fall prey to phishing scams and malware infections. Even if you never download attachments, visit suspect websites or open suspicious emails, malware can still find its way onto your system. It’s better to plan for this event and never need the security provisions than to be caught without it. Be sure you have a trusted antivirus program in place and keep it regularly updated so it can recognize the latest threats. Update all of your applications and your operating system also to close potential security vulnerabilities.
Phishing scams allow hackers to infect your computer and steal important information. Follow these tips to keep yourself, and you identity safe.
If your computer is infected with malware or you’d like to improve the security on your network, call Geek Rescue at 918-369-4335.
January 7th, 2014
Browser hijacking refers to malware that’s capable of changing your browser’s settings without your knowledge. Often, your homepage or default search engine will be changed, new bookmarks or pop-ups added. Spotting the effects of browser hijacking malware is usually easy, but it’s best to avoid infection altogether. Mary Alleyne of Jupiter Support published a list of ways to avoid becoming a victim of hijackware.
- Effective Antivirus Programs
As with any malware, an up-to-date, trusted antivirus program is the key to stopping most infections. Anything you download, even if it’s from a seemingly trustworthy site, should be scanned before you open it. Many antivirus programs also offer constant scanning in the background that will alert you immediately if malware, viruses or trojans have infected your system.
Unfortunately, malware is updated and new pieces released at a rate too fast for antivirus programs to keep up with. This means that even the best antivirus programs can’t be relied on to catch every piece of malware. Since there’s always a chance that your computer will be infected with a browser hijacker or other malware, take precautions and make a plan for how you’ll recover. Back-up important data and look into other security software that will aide your antivirus program.
Most popular web browsers offer higher security if you’re willing to sacrifice some functionality. In Internet Explorer, these settings are available under ‘Internet Options’ on the ‘Security’ tab. While setting the security level to ‘High’ will prevent your browser from automatically executing some code, including activeX instructions that allow most browser hijackers to function, it will also prevent some websites from working properly. For trusted sites however, you’ll be able to add them to an exceptions list that restores full functionality to only those sites.
Almost all browser hijacking malware is specifically coded for one browser. This means that malware that works for IE won’t work for Firefox or Chrome and vice versa. The simplest way to avoid the problem if you’re infected with hijackware is to use a different browser. But, the problem won’t be fixed and shouldn’t be ignored. Switching browsers is a simple way to end the hijacking, but you’ll still want to try to get rid of the malware causing it.
More in-depth fixes like editing the ‘Hosts’ file for malicious entries and searching the registry for specific websites also help overcome browser hijacking malware, but require a little more expertise.
If your computer is infected with malware, Geek Rescue fixes it. Bring your device to us, or call us at 918-369-4335.
January 6th, 2014
The latest headlines making malware attack concerns Yahoo users. A security firm based in the Netherlands, Fox IT, reported over the weekend that Yahoo’s advertising servers were compromised. Faith Karimi and Joe Sutton of CNN report that malicious ads were shown to a number of users.
Users who visited Yahoo’s website between December 31st and January 3rd are at risk of a malware infection. Yahoo has publicly stated that users in North America, Latin America and Asia were not affected and most infections are limited to the UK, France and Romania.
Those users who were affected were served malicious ads directly from Yahoo thanks to an exploit kit that installed malware on Yahoo’s servers. Researchers warn that users didn’t even need to click on ads to risk an infection. At an estimated 9-percent successful malware infection rate, about 27-thousand users would be infected every hour these ads were allowed to run. Yahoo was not able to remove the malicious ads until they had been displaying for nearly 4-days.
Only PC users were at risk, however. The malware could not infect Mac users or those using mobile devices.
If infected the malware is capable of a number of actions. Click fraud, which consists of malware opening web browsers and clicking on ads to generate revenue, is one of the least severe threats. The malware can also remotely control a computer, disable security software and steal log-in information and passwords.
Even though this particular threat did not seem to infect any computers in the US, it should serve as a warning to all internet users. Yahoo is generally a trusted website, but was compromised by criminals and began infecting users with malware. This can happen to any site you typically visit. In order to stay safe, you need an up to date, trusted antivirus program in place.
If your computer has been infected by malware or you’d like to improve security on your devices, call Geek Rescue at 918-369-4335.
December 23rd, 2013
Microsoft Security Essentials, which goes by the name Windows Defender for Windows 8 users, is built into the Windows operating system. It’s designed to give users protection from malware and other security threats, just as any antivirus or anti-malware application would. As Barry Collins reports for PC Pro, however, Security Essentials doesn’t provide adequate protection when compared to other antivirus options.
Security company Dennis Technology Labs tested nine security programs meant for use on personal computers on a machine running Windows 7. Eight of those tested detected and protected against at least 87-percent the malware samples used. Five security programs detected 98 to 99 percent of malware. Security Essentials protected against only 61-percent of malware threats.
These tests tell users that the free, built in option of Security Essentials can’t be relied on to keep your system safe from threats. According to Microsoft, it was never meant to be used as the sole security in place. Instead, it is meant to act in conjunction with other tools. With only 61-percent of malware detected, however, it seems unlikely that Security Essentials would be much help at all in assisting a more robust antivirus program.
Microsoft’s reasoning for not making Security Essentials a better security tool is sound. If every Windows user were able to use a free antivirus program that comes with their operating system, then all of them would likely use it and nothing else. That would eliminate diversity in the market, which would make it much easier for hackers to develop malware to specifically infiltrate systems running Security Essentials. With Security Essentials being viewed as an inferior tool, or at best a good assistant, users must decide on their own what third part antivirus program to put in place. Each of these has its own strengths and weaknesses and makes it more difficult to create malware that is capable of staying undetected for all users.
Though the thinking may be sound, Microsoft needs to do a better job alerting users about the nature of Security Essentials. Too many computers are using it as their primary antivirus protection, which leaves them incredibly vulnerable to attack. If you have no other security tools in place on your PC, look into trusted names like Norton and Kaspersky immediately.
If your computer has been infected by malware, bring it to Geek Rescue or give us a call at 918-369-4335.
December 19th, 2013
If you’re on the ball this holiday season, you’ve probably already completed your online holiday shopping. For those who like to wait until the last minute, there’s still time with expedited shipping to find the perfect gift online. When you do shop online, it’s important to know how to stay protected to avoid scams, malware and identity theft. A post on the 2-Spyware blog details some of the threats to your security and what you’ll need to avoid them when shopping online.
Before you start surfing the web, check to make sure your antivirus program is up to date. You need to update your antivirus often because new malware is introduced every day and updating helps your antivirus identify and protect you from those latest threats. When shopping online, you’re more likely to visit sites you are unfamiliar with while searching for a deal. That makes it more likely you’ll visit a malicious site that’s designed to infect your computer with malware. Ecommerce sites also naturally experience more traffic during the holiday shopping season, which makes them more attractive targets for hackers than other times. This means that even trusted sites may be compromised.
If you’re shopping at sites you haven’t used before, you’ll probably be asked to create an account. It’s important to use a strong password that is long and uses upper and lower case letters, numbers and symbols so it’s difficult to hack. It’s also important not to use the same password for each account you create. Some of these sites may have less security than others, which means if their passwords are stolen and you use identical passwords for multiple sites, a hacker could gain access to all of your accounts.
Where you do your holiday shopping is also important. If shopping from home, make sure your network is secured and you’re using a firewall. Shopping while out and about it tempting, but it isn’t recommended. Public WiFi doesn’t offer any type of security. So, anytime you enter your account log-in and credit card information, that data can be monitored and stolen by a third party.
There are major sites like Amazon that you can trust to keep your payment information secure, but holiday shopping can sometimes lead you to untrusted sites in search of a deal. Some of these sites are completely legitimate, but don’t do enough to keep your information from being stolen. Other sites are scams claiming to sell popular items, but in reality they’re designed to steal your credit card information or infect your computer with malware.
Online shopping is convenient and a great way to quickly finish buying gifts, but it can also lead to costly cyber attacks.
For help improving the security on your computer or network, call Geek Rescue at 918-369-4355.
December 18th, 2013
In humans, early detection is important for treating viruses and other infections. The same goes for computers. Malware, viruses and other threats that infiltrate your system become more damaging the longer it takes to discover them. A post at Rediff points to some signs all computer users should look for that suggest your computer has been infected.
Email addresses are often hacked, but the good news is that it’s usually easy to tell when something’s wrong. Make a habit to check your sent messages and make sure they’re all emails you sent personally. If you have sent messages you don’t recognize, it’s likely that someone else has access to your account. If you’ve received a message from a contact that looks like spam, be sure to tell them that their email may have been compromised.
Most hackers will try to hide their actions, but some malware will still alter the look of your computer’s desktop. If your wallpaper has changed, or there are new icons you don’t recognize, there’s probably malware hiding somewhere on your system.
Malware has the ability to change your passwords, prevent you from accessing Windows tools like Control Panel and Task Manager and lock you out of your computer completely. If you notice your system performing strangely, even if it’s just slower than usual, it’s important to act quickly. Otherwise, you may find that you’ve lost control of your machine completely.
Malware infects computers in a variety of ways. Most commonly, it’s downloaded when a user opens a bad email attachment, or clicks on a bad link. Visiting untrusted websites and downloading programs from untrusted sources are also ways that malware can infect you.
There are two steps to avoiding malware. First, secure your computer. Install an antivirus program and use a secured network with a firewall in place. Then, be careful when surfing the web. Avoid potentially dangerous situations that could lead to a malware infection.
If your computer is infected by malware, bring it to Geek Rescue or call us at 918-369-4335. We’ll remove any harmful files and help you protect against future attacks.
December 18th, 2013
The number of smartphone users worldwide is continually growing. The way they use their devices is also expanding with more internet browsing and online activity than ever before. Unfortunately, this means that smartphone users are becoming a more valuable target for hackers and malware. Protecting your mobile device with antivirus or anti-malware apps is important, but as Mathew J. Schwartz reports for Information Week, even the best antivirus apps available to Android users can’t remove malware from your phone.
That may sound like an odd statement but Android antivirus apps can’t delete or even quarantine threats they detect. The reason for this limitation is Google’s Android Application Sandbox. Every Android app runs in this sandbox, which isolates app data and code execution from other apps on the device. With each app isolated, an antivirus app doesn’t have the permissions needed to delete malware it finds.
Security apps are getting better for Android, however. Researchers testing 28 different security tools for Android found that their average success rate improved in the past three months, from 90.5-percent to 96.6-percent. They found that the best apps come from familiar names like Avast, Symantec, Avira and Kaspersky.
When choosing a security app, there’s more to consider than just if it can detect malware. You want an app that doesn’t overly drain your battery and one that loads quickly and runs efficiently. You also have to consider how accurate its detection rate is. You don’t want false positives going off each time you attempt to install a clean app.
Despite the improvements being made to Android security apps, they’re going to continue to be lacking until they’re allowed to actively treat the malware infections they detect. Google has remained silent on when that might be.
In the meantime, users must be in charge of their own security. When using your smartphone, you can’t rely on security precautions to keep you safe. Instead, you’ll need to steer clear of malware by avoiding suspicious links and untrusted malware. Understand that your device isn’t secure and don’t visit potentially dangerous websites.
If you have a malware infection on any of your devices, including your smartphone, bring it to Geek Rescue or call us at 918-369-4335. We remove malware, viruses and fix any issue you’re having.
December 16th, 2013
Two malicious applications, Win32/Winwebsec and Win32/FakePav, have been in the wild for years, but are troubling security experts thanks to their recent development. Both are fake antivirus programs, which go by ever-changing more common names like ‘Antivirus Security Pro”. They were first discovered in 2009 and 2010 respectively, but as Jeremy Kirk of Network World reports, only recently they’ve been observed using stolen digital security certificates.
Digital certificates are granted by Certification Authorities, or CAs, so legitimate developers can sign their applications and users can cryptographically verify that the application comes from a trusted source. When criminals steal these certificates, it makes it more difficult to catch their malicious programs before they damage a user’s system.
This isn’t a new practice. These bogus antivirus applications only just started using it to slip past security, however. Even more troubling is the way certificates are being stolen. Samples of this malware have been found carrying certificates from a number of different CAs from all over the world. Some of the certificates being used were as little as three days old.
The age of certificates is interesting because it reveals evidence that hackers are regularly stealing new certificates. It’s an ongoing problem. Previously, it had been thought that since stealing certificates is so difficult, older certificates were being used from successful attempts from long ago. In reality, it appears hackers are more successful than originally thought.
CAs are able to revoke certificates once they’ve been discovered being used with malicious software, but malware like these fake antivirus programs replace certificates periodically to stay ahead.
This poses a problem for both users and developers. For developers, having certificates stolen damages their credibility and can be expensive to replace certificates. For users, it’s harder to tell if an application can be trusted or not, which can result in the loss of data or the infection of your device is you choose wrong.
If you’ve downloaded a malicious program and are suffering from a malware infection, call Geek Rescue at 918-369-4335. We’ll fix your machine and help you prevent future attacks.
December 12th, 2013
There are a number of options for improving the security on any of your devices and there are articles across the internet trumpeting the effectiveness of each of them. With the evolution of cyber attacks, however, some security tools that once were trusted have lost effectiveness. Alan Kahn of Techopedia lists three of these that no longer provide proper protection from advanced threats.
- Next-Generation Firewalls
Compared to traditional firewalls, next-generation firewalls offer more detailed controls. They attempt to stop attacks through classifying network traffic, but their reactive approach to security renders them useless against today’s more advanced attacks. Recent advances to next-generation firewalls include hourly updates, cloud based binaries and DLL analysis, but even with these additions, they don’t offer enough protection.
This isn’t to say that having an antivirus program installed on your computer isn’t advisable. You’re certainly at a much greater risk of a malware infection without running a proper antivirus application. However, many users get into trouble because they trust their antivirus too much. It should be used as a complementary tool, not as a stand alone catch-all. Security experts have estimated that up to 90-percent of malware changes within an hour, which allows it to be undetected by antivirus programs. Zero-day exploits are also able to slip through vulnerabilities that an antivirus can’t prevent. So, using an antivirus alone leaves you incredibly vulnerable, but it’s still a needed precaution in conjunction with other tools.
Web gateways are able to keep users off of certain websites that are known to be potentially harmful. However, by using lists of known, “bad” URLs, web gateways are unable to keep up with the rapidly evolving threats faced today. Once again, this is a reactive approach that has little hope of stopping advanced malware delivery systems. Web gateways still have some uses but as a security measure they’re extremely limited.
These three tools aren’t necessarily completely obsolete, but can’t be trusted as the primary tool in your security infrastructure.
For help putting the right tools in place on your computer or your company’s business, call Geek Rescue at 918-369-4335.
December 11th, 2013
Ransomware has been a concern for internet users for some time now, but experts are predicting that the malware will affect more victims than ever before in 2014. As Warwick Ashford of Computer Weekly reports, hackers are producing malware kits that allow ransomware to be created more easily.
Ransomware is a type of trojan malware. It locks a computer or encrypts the data stored on it and demands a payment to unlock or decrypt it. The specific tactics taken are different from attack to attack, but usually victims find that their payment doesn’t restore their computer.
Researchers have discovered conversations on hacking websites about malware kits that make it easier to produce ransomware. These kits allow criminals without advanced knowledge of hacking to produce dangerous malware and even come with technical support. Kits can be used to produce all kinds of malware and the recent rapid rise of malware production is being attributed to their existence. Experts expect more ransomware to be produced with malware kits because it is an attack that directly leads to a payout, unlike other threats that require multiple steps to become profitable.
The best way to protect yourself from ransomware and other malware is to prevent it from infecting your computer in the first place. Be extremely cautious of untrusted email attachments and links in the body of emails. Try not to visit any untrusted websites and trust your browser when it warns you about potential dangers.
It’s also important to keep all applications, especially your antivirus program, updated. Backing up files is also helpful so that if some files are encrypted or damaged, you’ll be able to restore them.
If your computer is infected with malware, don’t pay a ransom. Bring your device to Geek Rescue, or call us at 918-369-4335.