Ransomware – Are you prepared?

Unless you have been living under a rock for the last week or so, you probably heard about the massive global hacking attack that so far has hit 150 countries.  This attack used a type of malicious software called “ransomware”.  This attack hit governments and hospitals, but individuals were targeted as well.  Most notably was the National Healthcare Service of Great Britain, which literally shutdown the NHS, causing them to turn patients away due to their systems being inaccessible.

 

What is Ransomware?

So, the question for the average user is, “What is ransomware?”  In a nutshell, it is malicious software that locks all your files up from being opened.  The only way you can unlock them is to enter what is called a “decryption key”.  So, how do you get that decryption key?  You guessed it, you pay a ransom to the hacker.  That ransom may come in the form of doing a money transfer payment, such as a bank wire, or more often, you will pay them in Bitcoin, which is a type of electronic currency.  Of course, there are zero guarantees that you will ever get that decryption key.  Many times, the hacker never sends it.  So now you have not only lost all your data, you’ve lost cash too.  That cash ransom by the way, can be just a few hundred dollars, to thousands.

 

How Do I Get This?

A person can get ransomware several ways.  One of those ways is by clicking on an email attachment that seems legitimate, like a Word document, or a JPEG (picture file).  You can also get ransomware by clicking on a web link in an email that may refer to something like a UPS shipment notification.  In either scenario, you click it, and that is where the fun, or non-fun, begins.  You will usually have your entire screen display something like, “All your files have been encrypted.”, and it will demand you pay a ransom by a certain date, or your files will be gone forever.

 

How Do I Stop This From Happening?

There are ways to mitigate your risk at getting ransomware.  First, make sure your operating system is up to date.  If you have been postponing those Windows Updates, postpone them no longer.  There is a reason why you have updates, and many times it is because Microsoft has discovered a vulnerability that hackers can use to attack you.

For you Mac users who are in smug mode thinking you are immune because you are on a Mac, guess what?  You are not exempt.  Earlier this year a strain of ransomware, specifically designed to attack the Mac OS, was discovered.  So, the update manager that has been telling you to update, you should probably do that like right now.

The second thing you can do is make sure you have antivirus on your computer and that it is up to date.  If you have been seeing that little message popup that your antivirus is expired and you need to renew, do it today.  If it costs too much, then shop around.  There are many free options out there that work just fine.  Some of those antivirus options are Avast or AVG.  Microsoft Windows has its own antivirus, Windows Defender, that is also free of charge and works quite well at stopping viruses, Trojans, and other things that could launch ransomware.

Finally, there are some companies that offer software specifically designed to prevent ransomware.  CryptoPrevent, is a nice little app that runs in the background on your computer.  Also, BitDefender has an app that runs on your machine to stop ransomware before it starts.  Both are hardly noticeable, and do not slow your machine down.   I strongly recommend using a combination of antivirus and some sort of anti-ransomware software together to provide a solid layer of protection.

 

I Got Hit.  What Do I Do?

If you got hit with ransomware, first off my condolences.  However, there may be hope for you to recover your information without having to pay that ransom.  Many security research companies offer free tools for you to install on your machine that will target the ransomware infection, and not only remove it, but will decrypt your files.  However, there is no guarantee on this, because not all ransomware has been cracked that is out there.

Another way to recover from this is to restore from a backup.  Windows has a System Restore functionality that will allow you to revert your PC to a previous point in time.  However, some ransomware, as part of its function, is to delete those backups.  Therefore, this may or may not work.  If you read my recent article on cloud backups and have implemented that strategy, then you have another option.  Wipe your entire hard drive, reinstall Windows, and restore from the cloud.  This last option may prove to be a faster way to recover, because you could literally spend hours trying to clean an infection like ransomware off your machine.

 

Do Not Delay

There are some individuals and businesses that may not want to take the time, or money, to invest in protecting against ransomware.  If you are on the fence, consider what type of impact it would have if you lost everything due to a hacker attack?  Would your business survive if all your customer files were being held for ransom?  How about all those precious pictures of your kids growing up now suddenly gone because you don’t have $10K lying around to pay the ransom for your files?  In conclusion, you cannot afford to delay upgrading your systems security features.  If ransomware can shutdown portions of a government run healthcare system, imagine what it could do to you.

 

Two Factor Authentication – It’s No Longer Optional.

There is an old saying that there are two guarantees in life:  Death and Taxes.  Well, when it comes to personal computing, there are two guarantees as well.  Passwords and password changes.  Yes, if you use a computer, a smartphone, or anything that connects to the internet, you have a username and password as a means of identifying who you are in order to access information.

For many years, the standard has been that your username be unique, as well as your password.  This criteria for many years has been sufficient in guarding your account information at your bank, your social media accounts, everything.  However, this is no longer the case.

Two Factor Authentication (2FA)

What is “two factor authentication?”  Simply put, it is a way of identifying yourself by use of multiple pieces of information.  Without getting into the gory details, it means that you are using something else, in addition to your username and password, to verify your identity.  Many corporations have used this type of technology for years.  However, for consumer users of computers, this is something we are seeing more and more each day.

To give an example, lets say you have a Gmail account.  When you login, you enter your username and password and you press enter to login.  If you have two factor authentication enabled, once you login, you would be presented with a screen asking for an additional code to enter.  That code could come in the form of a text message, or through use of an authentication app.  Once you enter that additional code, you gain access to your account.

At this point, I can already hear you groaning at the idea of having to enter something else to secure your account.  Thoughts like, “That’s annoying!”, or, “I have to enter another piece of information to check my email?”, and finally, “This is stupid!  I’m not going to do it!”, I am quite certain are going through your heads.  However, before you make a hasty decision, consider the following scenario.

Vacation Gone Wrongvacation gone wrong

A husband took his wife and kids on a family vacation to San Francisco.  For this trip, the husband brought his smartphone, and instead of a laptop, he decided to bring his Android tablet.  After a wonderful two weeks in sunny California, they decided to hit up Fisherman’s Wharf for some last minute shopping.  After several hours of walking around, they returned to their vehicle only to find both back windows smashed out.  Several items of luggage were stolen, including, the husband’s bag that had his tablet inside.

That tablet had all sorts of apps, such as email, banking and investment apps, all major social media account apps, and the like.  After having to deal with the frustration of having their stuff stolen, this husband spent the better part of the night changing passwords for literally everything in his digital life.  It was at this point that he setup two factor authentication where he was able to do so.

What If It Was You?

Imagine yourself in the above scenario.  Having to frantically change passwords before the other person got to your digital stuff is not fun at all.  If that person had setup two factor authentication on his accounts prior to the theft, that would have at least put up a roadblock for the thief, while that person went down the list to change passwords.  Two factor authentication is not the “magic wand” of security.  It is simply another means of securing your information.  You can either do that, or run the risk of a hacker getting access to your banking information, or deleting all your photos from your cloud account.

Setting Up 2FA

Setting up 2FA (more jargon to impress friends) is very simple, and you may already be using it.  If you have logged into your bank from another machine that you typically do not use, the website may say they have sent a verification code via text message.  This is a form of 2FA.  Another way you can set this up is to go to your social media sites and look under settings/security.  Usually you will find a way to enter your mobile number and enable two factor authentication.

You may download and use apps like LastPass Authenticator, or Google Authenticator.  These apps allow you to setup 2FA with different sites that allow use of such an app.  You scan a barcode that is provided by a website, and once you have it in there, each login you do will require use of that additional code.  A nice feature of 2FA is that you are instantly notified on login attempts.

Many sites that allow, or even force you to setup 2FA also allow you the ability to check a box to remember you on that machine.  This way you do not have to enter a secondary code each time.  A word of caution on this.  By doing so, if your device is ever stolen, and they can get to your apps and have a greater chance of logging into whatever site(s) you have enabled that feature.  I would caution against doing this from your tablet or mobile phone.

No Excuses

Two factor authentication is not a passing fad, but is a standard in computer security.  When considering whether or not to set it up, ultimately the decision rests with you.  However, each week it seems we hear about another company having a security breach.  Therefore, 2FA is no longer something that is optional, but is a necessity in securing your digital life.

Global Hack Attack – Ransomware

Keep your eyes peeled regarding a global hacking attack that has hit 12 countries so far.  The attackers apparently are using technology stolen from the NSA of all places, to launch ransomware onto people’s machines.  Heavily hit already is Britain’s National Healthcare System.

Now more than ever, we have to be vigilant.  These things usually are transmitted via email attachments.  Some may look weird, but oftentimes, they can appear harmless.  If you think something is strange, go with your gut and do not open that attachment.

You can read more about this story here.  Also, feel free to review an article about email security to brush up on how to protect yourself.

Google Docs Phishing Scam – ALERT!

If you receive a message that someone shared a document with you from Google Drive, as of this moment DO NOT OPEN IT!  It is a massive phishing scam that is going on all over the internet right now.

Just delete the email and then delete it from your deleted items folder.  Hopefully we will have more to report as the details come out.

 

UPDATE:

According to Google’s own system status page, the issue should be resolved.

https://www.google.com/appsstatus#hl=en&v=issue&sid=4&iid=c708d68b1884a629816e361895c125a5

This particular scam brings the user to a convincing Google Drive login page.  Once you login, you are given the choice of what account you want to sign in with.  Once a person clicks that, this is where the fun begins, because you’ve just given access to some hacker/scammer who can lock you out of your account, delete all your stuff, and fun things like that.  You will know it’s a scam when you look in the from field in your email and it says:  From:hhhhhhhhhhh

My recommendation is that for the rest of this week, do not open a thing from Google Docs that is shared via email.  If by some chance you did click on the link, and you saw a screen of gobbledygook, then please change your Google password immediately.

 

Old Computers Can Still Be Useful

The Holidays have long since passed and you have been cruising around the internet on a brand-new desktop or laptop.  It’s shiny, it smells new, and it’s so much faster than your old computer.  However, your old computer sits there in a corner, disconnected from power, and gathering dust.  You have said to yourself, “What am I going to do with this old thing?”  Below are some things to consider regarding an old PC and how it can still be useful.

The first suggestion for an old PC is to consider using it as a home server.  But wait you say!  “Servers are just for businesses I thought?”  Well, think again.  Today are homes are becoming more and more internet connected, and especially when it comes to media storage.  Videos and pictures take up a lot of storage space over time, so that new rig you got for Christmas could easily start slowing down like your old PC if the hard drive starts filling up.

 

Take that old desktop, which probably has a 500GB hard drive, and wipe the operating system off it and reinstall Windows.  Of course, before you do this, make sure to back up your files to an external drive.  Just wiping the drive and reinstalling Windows will make that old PC run much faster, if not like new.  If you are going to use this computer as a home file server, and the current drive is too small, head out to the store and buy a larger one and install Windows on it.

 

Take all those videos, pictures, and your document files and offload them onto that old PC.  Finally, make sure that all computers in your household have the same network name, turn on file and printer sharing in the operating system, and you can now access those files from any machine in the house.  Congratulations!  You have just setup a home file server.

 

Do you have kids?  Are they always getting on your computer and leaving a trail of destruction behind, such as downloading games, or getting it infected with malware and the like?  This is another reason to repurpose an old PC.  Follow the same steps above to reinstall Windows, and now you have a computer that your kids can use, thus freeing up your machine.  Be sure when you do this, that you set each one of them up with their own user account, so they can have their own settings, layouts, and the like.  I would also highly encourage anyone to make those user accounts “Standard Accounts” and do not give them Administrator access.

 

Another consideration is donating that old PC to someone who is in need.  The first thing people think of are schools and libraries.  However, schools and libraries get their computers through budgetary allocations.  Private schools however may be a route to consider, as they are not funded by taxpayers, but by those paying tuition.  Also, consider charitable organizations, such as churches, women’s shelters, or organizations that help people with job placement.  Please consider however that when you donate your old PC, it should be something that they can use.  If you have an old Windows XP machine, they are not going to be able to use that.

 

The options I mentioned in this article primarily dealt with using the Windows operating system.  However, you may want to try your hand at the Linux operating system.  There are Linux distributions that you can download for free from the internet and install on that old PC or laptop.  You might find that it runs even better than before with a different operating system, as many Linux users, such as myself have discovered.  This can be especially useful if you have a child, or an adult, in the home that likes to tinker around with computers.  You can even use that operating system to network with your other Windows machines in the home server option mentioned earlier.

 

In the past, old PCs usually were relegated to the garage, where they would only emerge years late to take their place as one of the last items to go in a garage sale.  However, old computers can and are still very useful today, when applied to the right situation.  So, go get that old machine and try some of the options mentioned here today.  You will be getting the most out of your money that you invested in that machine, and you might find that it will enhance, or make more efficient, how you do things regarding your personal computing.

Hackers Going Old School

I have written quite a bit about attacks on computers through poisoned search results, and of course, just hitting an infected webpage.  When these things happen, your computer may starting “talking” to you announcing that if you try to shutdown your computer, your files will be infected, blah blah blah.  Of course, this is nothing more than a scare tactic to get you to click that button for “remote assistance”, which of course the only assistance you will get are your files stolen, held for ransom, and of course the high possibility of identity theft.

However, some hackers are going old school, by using the telephone as a launch point into hacking your computer.  For example, you may get a call on your home or mobile phone, and the caller ID might say “Microsoft”, or “Google Support”.  The person on the other end of the line will say that, “they have received alerts that your email account is sending out a bunch of spam”, or, “we have detected that your computer is infected with viruses, and we need to clean your computer, or we will have to lock down your machine.”

Of course, none of what I described is the case, because like I mentioned in a recent article, these companies have no idea if your computer is sending spam email, or infected with viruses.  These hackers, who are really scammers, use fear tactics, such as using inflected voice tones and a lot of technical jargon to get you all flustered and worried.  It is at that point they will have you turn on your computer, goto a site like Ammy Admin, Aero Admin, or they may use a legitimate remote control software like Teamviewer or LogMeIn, have you enter a code, and then they are on your computer where the games will begin.

So what can you do?  First of all, if the call comes out of left field, with the person on the phone stating something similar to what I mentioned earlier, my best advice is to hang up.  To verify if the call was a scam, call the number back on the caller ID.  Most likely it will refer either to some other number, or national 411 assistance.  Did I forget to mention that when they call on the phone, they also put forth false caller ID information?  Of course, this is assuming that anything other than “PRIVATE” or “BLOCKED” showed up on the caller ID.

This next part is a bit of a sensitive topic, but nonetheless true when it comes to these scammers.  The overwhelming majority of the scam calls you get, the person on the other end will have a heavy foreign accent.  Most of the calls are not coming from the US, but are in fact coming from overseas from the Middle East, India, and even Southeast Asia.  Again, if you get a call out of the blue, with foreign accented person on the line stating they need to connect to your virus laden computer, hang up.

Finally, you must understand that these phone calling hackers do not limit their calls to your mobile or home phone number.  They can and do call business numbers, because they are literally just going down a list of numbers that their criminal boss gave them, and have no idea if they are calling a home, mobile, or business phone number.  Therefore, it is absolutely imperative that you be alert when at the office.  Allowing a hacker who called you to get access to your work computer, will in all likelihood be a career limiting move for you.  In other words, you are likely to be fired.

Hackers use many methods and means to gain access to your information.  While most hacks occur while you use the internet, hackers are not above giving you a good old fashioned phone call to scare you into giving them access to your machine.  However, you have now been equipped with the knowledge to defeat them.  And defeat them we shall!

 

Poisoned Searches – A Launching Point Into Trouble

It has happened to us all at one point or another, where we search something on a search engine, click on the top result, and the next thing we know, we are getting popups telling us to contact tech support that our machine is infected.  Immediately, we go into panic mode thinking that all our files, folders, pictures, etc are summarily being stolen, or worse, deleted.  Most of these types of attacks have not infected the computer at this point, but are designed to scare you into clicking the OK button.  That is where the fun will begin.  However, with a little bit of knowledge, you can get around these attacks, and get on with your life.

First, we need to understand that search engines list search results based on several factors.  One of those is that companies pay them to have their business listed at the top, which means people will click on those results first, versus scrolling down the page.  For example you may see the address www.amazon.com and it will say (Sponsored) in the link.  However, hackers, scammers, and what I like to call them, scum, will hijack these results, strictly to separate you from your money.  They essentially write computer program code that instead of going to www.examplesite.com, you wind up at a different web address that pops up the alert stating your computer is infected, and that you need to click OK to connect to “Microsoft Support.”

If the above happens to you, understand this.  Microsoft does not proactively monitor or otherwise try to help you if you get a virus.  They are never going to know you are infected, and if you need their support, you must contact them at their number.  With modern hijacks like this, the attacker/scammer wants you to click that OK button, because that will start a remote session where someone connects to your computer.  In such a scenario, you can be assured that they will either start stealing information from your machine, or, they will launch a virus code that will encrypt your files on your computer, and then they will demand a ransom from you to unlock and access your files.

Second, another thing you need to understand about search results, is when you are needing technical support.  For example, a computer user I know recently needed help with his Yahoo email account being reset.  He went to Google searching for “Yahoo’s Support Phone Number”, and lo and behold, it was at the top of the results.  However, when he called the number, the person on the other end of the phone was not from Yahoo, unbeknownst to him, and he directed him to go to a website and download a program that remotely connected him to his machine.  Thankfully, he got wise enough and severed the connection.

I mentioned this because most of the technical support out there today is done by going to a company’s website, and filling out a support ticket webform, or contacting them at an email address.  In this situation that happened above, a group of scammers created a webpage, that got cached by the search engine, but that had a fake number for support.  Even if they answer “Yahoo Support” I can tell you that Yahoo does not have a phone center to contact for help.  Also, a legitimate support outlet for a company will email you a confirmation shortly after requesting help, usually with a ticket number, and a phone number to call in.  Also, if you ever call a number you searched, and they do not answer something like, “Thank you for calling (insert business name)”, that’s a clear indicator you are talking to scammers.  Hang up.

So what is a person to do?  In my experience, I highly recommend to never click on search results that have the words “sponsored” or “paid ad” listed in the result.  These are just breeding grounds for hackers and scammers, and it’s just not worth it.  About one month ago, there was one listed for Amazon, that literally for a couple of days, that poisoned search result stayed up.  I wonder how many were goaded into scam support sessions?  Sadly enough, probably a lot.

Another thing you can do, and this mostly applies to business is, if you are needing support with your computer, a program you use, or anything technology related, and you have a help desk in place, please, submit a ticket to your helpdesk.  As an IT Professional, I am constantly amazed that there are procedures in place that clearly state, “All requests for support must be submitted to support@abc.com”, and yet employees will try to resolve their own issues, which more often than not, lead to bigger problems.  Those situations again, are just one Google search away from kicking off.

Finally, vigilance and awareness, more than anything else, will go a long way to keeping you from hitting a poisoned search result.  Look at the search result, and before clicking on the link, hover your mouse over the link.  What will pop up is a complete showing of the URL, and if that URL does not have the name of the company or site you are trying to reach in it, you probably do not want to click on that.

Poisoned search results are a pain for sure, but with the knowledge above, you should feel confident you can navigate the minefields that idiots layout for unsuspecting users.  Awareness of what you are looking for, and awareness of what results are returned to you will go a long way to keeping your PC healthy, happy, and more importantly, safe.

Decrapifying your computer

Your computer is slow, your productivity is down, and as a result of this, you have a greater inclination to kick a puppy.  (Can’t wait for the animal rights advocates to light me up on this one.)  The answer is, you need to decrapify your machine.  We are going to outline how you do this.

First of all, why is your computer all “crapped up” in the first place?  There are many answers to this, but the most common reason is that your computer accumulates lots of temporary files that over time just take up space, can contain errors, or you might have picked up some malware or spyware that is hogging all your memory and processing power.  This will cause all sorts off things to start happening such as slow web pages loading, slow computer startup, or you may start to get a slew of popups while browsing.  Below are some recommended tools to help you get the crud out of your machine.

First, clear out your browser cache.  This is a space on your computer where images of webpages get stored to help them load faster the next time you visit.  There are many browsers that are out there so I recommend using something like CCleaner.  You can also simply use the tools that are built in your browser.  Usually they are located under “settings.”.

Second, most computers come with a ton of “bloatware”.  These are program extras that the manufacturer of your machine put on your computer.  If you are not using these programs, why keep them?  Head over to the internet and download PC Decrapifier.  This is a program that will scan for common bloatware programs and in one swoop, deletes them from your PC.  This frees up more hard drive space, which gives you some more speed.

Another thing that will help is to defragment your hard drive.  What is hard drive fragmentation?  Well, I am not going to cover that, because most people just want their computer running faster.  Suffice to say, it slows your computer way down.  Download Defraggler which is an excellent program for defragmenting your hard drive.  Be warned that this is something that you do not want to run while you are using your computer for something else.  This can take a long time and ties up a lot of your computer’s processing power.  This is something you may only run once or twice a year.  If you have a solid state hard drive, which you can find out from your computer manufacturer, you will not want to run this.

Finally, if your computer is creeping along, you may have malware/adware.  These are programs that gather information about you, or could just be there to make your life miserable.  A great program to clear all that stuff out is Malwarebytes.  This program will find malware and other things causing issues, even trojans and viruses, and delete them off your machine.

If you follow these simple steps, you can “decrapify” your PC and be back up and running faster than ever before.

Computer Security – Convenience can cost you.

This is part 1 in a series on Computer Security

Computer security.  I can almost sense that just from the title of this article people’s eyes are glazing over with the familiar, “Do we have to discuss this stuff again?”  The answer is yes, and the reason why is that you are likely to be the one at fault if your data is compromised.  Read on, because I know I’ve already enraged you by implicating you as the source of trouble.

 

Data security is not something that consumers and businesses can simply try to address in a cavalier manner.  It is a serious topic that in today’s digital age can have serious ramifications not only on your business, but in your own personal life.  Yet despite the fact that we do everything online from paying our bills, to telling people what type of salsa we are eating at the next FourSquare check-in, securing ones data is sadly handled in a lackadaisical way.

 

Take for instance the very basic of security levels; Passwords.  Passwords are those secret codes that unless someone has that item, they will never get past that login screen.  But is your password secure?  Most likely it is not.  Rather, it is probably something very easy for a hacker to guess, and probably without a great deal of effort.  Is your password “Password” or your date of birth?  If I just guessed your password here in this article, I’ve got some news for you.  Your password stinks, and you might as well not have one at all with a password like that.  That was cutting I know, but it’s because I care enough to tell you the truth!

 

Passwords should be complex and difficult to guess.  They should never be something that is personally identifiable with you, such as date of birth, last 4 of Social Security Number, or anything like that.  Also, passwords should not be recycled, meaning, that you shouldn’t use the same password on different sites.  I’ve been guilty of this in the past so I am preaching as much to myself as I am anyone.  They should be a combination of letters, numbers, and characters.  The more you have, the better off you are.

 

If you are in need of a program or tool to help you generate strong passwords, there are a plethora of choices out on the web.  A quick Google search will pull up several options, many of which are free, that will generate passwords that are random characters that will be very difficult to figure out.  If you go with the pay for services, you can actually just have to remember one password to access all your randomly generated ones.  I highly recommend seeking out services like these, because as recent news stories about hackers stealing people’s login information shows us, the name of your favorite pet for your password is not good enough.

 

Keeping your passwords secure is good.  What is not good is writing down your passwords!  I see this all the time both in homes and especially in businesses.  It is just a major NO NO!  Now there will be those who will say that they have to do this because they will not be able to remember all those passwords.  I will again point them to the options I mentioned earlier. 

 

The main reason why people continue to still write down passwords, which again, is careless and dangerous, is simply due to laziness.  Yeah I said it!  It is a simple matter of them not taking the time to properly secure their information because convenience trumps security in their minds.  Here are some things to consider for those who feel that Post It Notes are a great way of storing passwords.

 

Imagine you have someone over to your home.  Could be a repairman, could be even a friend.  They walk by and see these colorful, eye catching sticky notes all over your computer screen.  You leave the room for just a few moments, and in those few moments, they capture your passwords that you have written down on a sticky that says, “Bank Login”, or, “Brokerage Account.”  A day or so later you check your bank account and see a massive withdrawal.  What happened?  You happened is what happened.

 

How about for business owners?  Take a walk around the office and you will soon find out that more employees than not have passwords out in plain sight.  Is this the impression you want to leave with your existing and perspective new customers?  To have passwords out in the open sends a message to them of, “We do not care enough to secure your data.”  They will take their business elsewhere, believe me.

 

Some will say that traditional passwords are on the way out, and we are heading more towards biometrics.  That may be, but for now, it’s still usernames and passwords.  Therefore, make your passwords secure, and difficult for someone else to guess.  You will be better off, and it sure beats dealing with an identity theft issues down the line.