Removing Admin Rights to Protect Yourself from Malware Infection

computer-virus-removal-software-5

Microsoft published 147 vulnerabilities in 2013 that were rated as Critical. Critical, however, is a relative term, and there is one simple thing anyone can do that would guard against almost every single Critical vulnerability according to a new report from Avecto: remove admin rights.

Continue reading “Removing Admin Rights to Protect Yourself from Malware Infection”

Cyber Monday Warnings and Tips

By this point everyone knows of Cyber Monday; the first Monday after the long Thanksgiving weekend in which retailers advertise huge discounts to online shoppers. This round of shopping is designed for those who would prefer not to engage in the sometimes rugby like skirmishes that happen on Black Friday, the big sales day at brick and mortar locations. In addition, online shopping can appeal to the savvy bargain hunter for the ease in which they can comparison shop. Also, let’s not forget the attraction of shopping in comfort, lounging in pajamas in one’s own home.

Still, online shopping is not without it’s pitfalls. Following some simple guidelines can save a great deal of hassle, while at the same time aiding in keeping important credit and identity information private.

Continue reading “Cyber Monday Warnings and Tips”

Is There Anyone Listening In? A Primer on Mobile and Internet Security

188525-nsaseal_original

The media revelations of former NSA contractor Edward Snowden and others have been highly publicized over the past month. Unfortunately often times the media is more concerned with ratings and readership than with accurate and detailed information. This article will serve as part one of a three part exploration of phone use and data transfer, the ability of agencies to intercept and record these activities, and the likely future of the technology involved.

Continue reading “Is There Anyone Listening In? A Primer on Mobile and Internet Security”

Avoiding Online Scams

In this crazy technology-enabled world we live in today, scammers, theives, and otherwise unscrupulous folks have never had more tools at their disposal for stealing your data, your identity, and your money.

In this blog post, I’ll recall some of the scams and schemes that I’ve been the personal target of in the past year, and review some of the ways that you can avoid becoming a victim of online scams!


Typical Scams:


“Your account has been compromised, please verify all of your information”

A common scam involves sending a victim an “official-looking” email, scaring them with a claim that their account is in danger, and then soliciting personal login credentials from them.

Remember: no website or company will EVER ask you to “verify” or “confirm” your username/password information!


“I want you to buy $3000 in laptops using these two credit cards”

I’ve received emails from people claiming to be interested in purchasing computers from me. They ask how much I’d charge for, say, three high-end Sony VAIO laptops. Once I give them a quote, they say, “Ok, great – I’ll give you this credit card information, and you go ahead and purchase that for me”.

Yeah, right – can you say “stolen credit card” with MY name attached to a $3000 fraudulent purchase? I don’t think so.


“Click here to Download, Win, Verify!”

We’ve all seen this on various websites and unsolicited emails. Just go to any “free” software download site, and you’ll see this type of “clickbait” plastered all over the site. The danger here is that some of these URL links can lead to virus-hosting malicious websites.

Rule of thumb: before clicking on ANYTHING, just “mouse-over” the link and look at the URL preview that your browswer/email client displays. If you don’t recognize the URL, DON’T CLICK IT.


“Hi, I’m so-and-so from the Help Desk. BIG problem with your system, so I’m going to need all of your information to fix it”

While rare, these types of one-on-one social engineering attacks can be very effective. Attackers pretend to be calling from your company’s IT department, scare you with claims that your system is compromised, and then subtly ask you for sensitive data and information to help them “fix” the problem.

If you ever receive an unsolicited call like this at your workplace, don’t release ANY information, and make sure that your REAL IT department is made aware of it immediately!


“This app is requesting permission to do the following: take ALL of your data”

On Facebook, there are thousands of apps you can install on your account: everything from games, birthday reminders, and video-sharing apps. Most of these apps are harmless, but some of them take control of your Facebook profile and extract your personal data for viral marketing purposes. This way, the app can spread itself through your personal social network by posting and otherwise notifying your friends’ of its presence.

Before you install ANY app, read it’s privacy and permission statements first!


“Install this software using the (Recommended) settings”

Software developers want to make their product easy for the end-user to install and use, so they’ll often include a “Recommended” installation option alongside an “Advanced” one. This way, the software is installed using default settings without the user having to do anything else.

Be careful, though: MOST of the “Recommended” installations will also install “piggyback” software. For example, downloading and installing the popular “Adobe Flash Player Plugin” also includes (as the “recommended” or “default” option) downloading and installing the “Google Chrome” web browser. So, if you follow Adobe’s “recommendation”, a browser that you might not even want will get installed on your system (and automatically set as the default browser)!

A better way to install software is to use the “Advanced” option (don’t worry, it’s usually not THAT advanced – just select the installation folder, and you’re done). This way, you’ll be able to prevent any built-in, unwanted piggyback software from installing.


Conclusion

I want all Silverleaf fans to be safe when they’re browsing the Internet, because there are a lot of people out there looking to steal from you. My best advice is to be vigilant (and skeptical) when it comes to browsing, email, and software, so as not to leave yourself vulnerable to a scam or attack.

And remember: if it seems too good to be true, it probably isn’t true. (especially on the Internet!)

Homeland Security advises disabling Java

The U.S. Department of Homeland Security has issued several official warnings to the public this past week, advising users to disable or uninstall Java software on their computers.

(Read the US-CERT Statement here)

The warning comes after reports from computer security experts were released, stating that hundreds of millions of business and consumer users are vulnerable to a serious flaw in the software.

Despite a recent “patch” released by Oracle to fix the problem, Homeland Security officials continue to advise people to not use Java.

It’s not uncommon for the U.S. government — or any other government agency — to advise against security threats, but rarely does an agency actively warn to disable software; rather they offer advice to mitigate such threats or potential attacks, such as updating software on their systems.

Unless you absolutely need Java installed on your system, it’s probably a good idea to disable or uninstall Java immediately, just to be on the safe side.

Scam: New Update from facebook. Now you can check who visited your profile.

Facebook Scam: Now you can check who visited your profile.

Facebook scammers are once again trying to take advantage of curious users who want to know which of their friends are visiting their profiles. This is a scam. The “Facebook Profile Viewer” and “Profile Visitor” apps are not something you want to install.

Remember: Facebook does not give you any way to find out who has been viewing your profile, will never do so, and neither does any app or service.

This particular scam says something along the lines of:

New Update from facebook. Now you can check who visited your profile. check here ——–>>>@[266343576787035:128:FAŒBOOK PROFILE VIEWER ®]<<<<------ Who Watching your Profile ? [Facebok user]'s Photos

The text “FAŒBOOK PROFILE VIEWER ®” is a link to the rogue app. If you click on the link, you have to permit the app to access your profile and install it on your Facebook account. It spreads by sharing the above image on your profile and asking your Facebook friends to Share it.

You should always be very careful about installing random Facebook apps on your account, especially ones that ask for a lot of access to your account. Take a minute now to remove all the Facebook apps you find suspicious. If you don’t know how to do so, you can refer to the following guide: How to clean up your Facebook apps.

As a general word of caution, don’t click on everything your Facebook friends share on the social network. If you see a scam like this one, report it. Then go check your Messages and Wall to make sure you’re not spreading the scam; the sooner you clean it up, Unlike all relevant Pages, and uninstall all relevant Apps, the better. You can also contact Facebook Security if you’d like to.

Note: this article was first posted on 3/27/12 at zdnet.com

ALERT: Surviving The Deadly DNS Changer Malware Attack

How to Survive a DNS Changer Malware Attack

Yesterday, the FBI took down the temporary Internet servers it set up to keep computers online if they were infected with a piece of malware called a DNS changer.

This meant that if you were infected by the malware, your Internet would stop working immediately after the FBI shut down its servers.

The story was quite a sensation: with scary-sounding phrases like FBI, DNS changer malware, and NO INTERNET, media outlets quickly picked it up. Quite a few very worried people, in fact, asked me if they would be okay come July 9, 2012.

And I have good news for them: if they’re reading this, they’re probably okay.

Media Sensationalism + Tech Ignorance

In reality, this most recent malware scare was pretty limited in scope: less than 50,000 computers in the U.S. were estimated to be affected, so there’s a very small chance that the average user lost Internet connectivity. Kind of disappointing, really.

DNS Changer Malware Error

What really struck me was the overblown reporting of the story by the media, and the genuine concern I observed in several friends and clients. It reminded me of the “Y2K” scare back in ’99 (sorry, I mean 1999), when people were told that the world would end just because a few short-sighted software programmers in the 70’s decided to save two bytes of storage space.

This is another classic case of exploitation of fear and ignorance for profit: headlines like “Malware May Kill Your PC July 9” and “DNS Changer malware: You’re running out of time to check for it” scare and provoke people into clicking these types of links, and generate traffic and ad revenue for the sites posting them.

Fortunately, the FBI provided lists of IP addresses to the Internet companies and, in turn, the companies gave customers instructions on how to remove the malware. (If you received no notification, and want to make sure your machine is not infected, you can check by clicking on this link.)

Basic Cyber Security Checklist

If you are NOT infected by DNS changer malware, congrats! Here’s some tips on remaining infection-free:

  • Keep a Clean Machine: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
  • When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.
  • Protect all devices that connect to the Internet: Along with computers, smart phones, gaming systems, and other web-enabled devices also need protection from viruses and malware.
  • Plug & scan: “USBs” and other external devices can be infected by viruses and malware. Use your security software to scan them.

Of course, if you suspect that your machine is infected, check out my virus removal page or contact me for help.

Socially Engineered Malware: Your New Facebook Friend

Embarrassing confession: I was tricked into downloading a computer virus.

Socially Engineered Malware: Your New Facebook Friend

Last week, a high school friend of mine sent me a “Group Invite” message on Facebook®. The message urged all recipients to “help out my friend by ‘liking’ her page”, and included a link to said page. Being the helpful friend that I am, I decided to “CLICK HERE!”

Then, something strange happened: when I tried sharing the link by “Attaching” the URL into a message to a friend, Facebook did not correctly generate a description of the link. Instead, it only displayed random JavaScript code…

I knew immediately that I was infected with a virus. Shamefully, I asked myself: how could a supposed computer professional like me download a virus?

The answer: I was tricked!

Socially Engineered Malware

While some types of malicious software (malware) work by exploiting technical loopholes in a computer system, socially engineered malware exploits weaknesses in human nature. Even Mac users, with their perceived immunity to computer viruses, are not safe: without any technology dependencies, socially engineered malware can target users running either Windows or OS X.

From a cyber criminal’s perspective, tricking users into downloading and installing malware is a preferred means of attack. By manipulating trust (rather than hacking software), criminals may cast a wider net and target more victims. And the implied trust relationships inherent in social networking sites, such as Facebook, make them full of perfect targets for socially engineered attacks.

I, for one, certainly did not expect that the link sent to me by a friend would contain a virus: those clever hackers exploited my trust in my social network, and mislead me into clicking on the infected link (so you see, it wasn’t my fault).

Protecting Yourself against Socially Engineered Malware

I could have had all of the “smart” filters, firewalls, and anti-virus programs in the world installed and still downloaded that virus. Although these tools together do a good job of preventing most malware downloads, ultimately it is was me that made the decision about what to click.

Socially Engineered Malware: Anti-Virus Programs

It is therefore very important to “look before you click.” If you suspect a bad link, do a bit of research and mouse-over the link (without clicking!) and look at the preview URL that your browser will display. Pay special attention to the domain name (i.e. www.silverleafcs.com), and make sure that it is one that you recognize: if you notice random-looking characters and numbers in the domain name, this is a telltale sign that the URL could be an automatically-generated malicious site.

So the next time somebody (even a friend) sends you a link entitled OMG i cant believe she posted this LOL click here NOW, exercise a bit of caution. Clicking responsibly can mean the difference between discovering a new hilarious video, or even more hilariously (for the hackers), downloading socially engineered malware.

And if you do happen to accidentally download something bad, don’t be embarrassed, just click here. (link tested to be 99.9% malware-free)