All posts in 'Security'

22 Feb

Microsoft Doesn’t Want To Talk To You

Don’t take it personally, but they really don’t want you to call.  Who does want you to call are online scammers that are trying to gain access to your computer.

Over the past two weeks, a few of our clients have been duped into “doing the right thing” by responding to a notification they receive on their computers, stating that a “serious problem” has occurred and that they need to call into Microsoft for assistance.

The above image is what a Windows “blue screen of death,” or BSOD, looks like.  When this happens, Windows is having a problem with a program, the computer, or maybe even itself.  Now this image..

.. was captured from a Windows PC that visited a web site and opened up a web page that mocked a BSOD closely, except for one important distinction: this warning wants you to call for help.

Once an end user calls the number displayed on the fake error message, the person on the other end of the line will walk you through the process of allowing them access to your PC and performing one (or more) of the following nefarious acts:

  • Install viruses in the hopes of getting the end-user to purchase either software or services to “clean” the PC
  • Install a trojan that monitors and reports private information back to the bad guys
  • Record user names and passwords in order to gain access to your other online services, such as email or online banking accounts
  • Encrypt and hold your data hostage in the hopes that you will pay a ransom

If you find yourself face to face with this “error,” or anything similar that asks you to call a number for assistance, go through the following steps:

  1. Close all browser windows until the “error” goes away
  2. Reboot your PC

The above steps should remove the “error” from memory and allow you to continue using your system normally.  If the “error” comes back on reboot, then you may have either already been infected or you may have a not-so-reputable program running that should be uninstalled and removed.

It is at this point where you can give US a call at 866-976-9136 for assistance in cleaning up your PC.  We’re not Microsoft and we do want to talk to you!

18 Dec

Why the Yahoo! Hack is a Big Deal

Last week I published a blog post that advised our friends and clients to ditch their Yahoo! accounts after it was announced that over a billion accounts had been hacked and user information was compromised.

Since this post I have received emails and direct messages asking for more information on how the hack could affect them personally and on a business level.  I thought it would be a good idea to share those questions and my answers with everyone below..

I have a Yahoo! account but I don’t really use it for anything.  Am I okay?

The biggest problem is not what was in the account, but your Yahoo! login credentials.  If you use the same user name and password for all of your online accounts (banking, shopping, social media), then deleting your Yahoo! account isn’t enough.  You need to go to those sites and change your password pronto.  The bad guys may one day use your Yahoo! credentials on other sites and then you’ll have a whole new mess on your hands.

Doesn’t AT&T use Yahoo! for email?

Yes, AT&T sure does.  If you access your email accounts with a web browser, look for a “Powered by Yahoo!” graphic at the top.  If you see that on your email portal, your account with a Yahoo! partner may have been compromised.

Is there anything else I need to do to protect myself?

Outside of changing your passwords on a regular basis, I would also recommend either implementing or changing your two-factor authentication information wherever you can.  2FA is an extra layer of security that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know.

Using a username and password together with a piece of information that only you know makes it harder for potential intruders to gain access and steal your personal data or identity.

15 Dec

Close Down Your Yahoo! Accounts NOW

Yahoo! just announced another hack on it’s systems where a whopping one billion accounts were hacked and user data was compromised.  Couple this discovery with 500 million Yahoo! accounts being hacked in September and you’ve got more than enough reason to ditch your Yahoo! account as soon as possible.

Following are hints and tips for Yahoo! account owners to ditch their current accounts and secure better methods of email communication…

  1. Before you delete your Yahoo! account, get rid of all the folders, emails and contacts and then delete the account.  As an alternative, you can open up a Gmail account instead or if you use your Yahoo! account for business, PCSDesk can assist with moving you over to a business email account.
    _
  2. Check to see if you have used your Yahoo! password with other sites.  If you have, access those other sites and change the security questions and passwords as soon as possible.  For example, if your Yahoo! email account name is “lastname@yahoo.com” and your bank login information is “lastname,” any hacker with access to your Yahoo! password will use it to log in to your bank account and other sites.
    _
  3. If you used a mobile phone number in association with your Yahoo! account and you still use that number, then SMS phishing (a.k.a. “Smishing“) is something you should be aware of.  Be aware!

If you need assistance in getting away from Yahoo! and onto a more secure emailing service, please drop us a line or give us a call at 866.976.9136 – we’re here to help.

29 Nov

Facebook Cloning Scam and How It Works

There is a new online scam going around and this time, a friend and customer of PCSDesk was targeted.  Please view the video below for more information on the Facebook Cloning Scam making the rounds and what you need to look out for..

3 Jun

TeamViewer Potential Hack

tvIn the past 24 hours, users who utilize the remote computer control service TeamViewer have been complaining about their PCs, Macs and servers being taken over by unknown parties.  It appears that miscreants gained control of the victims’ TeamViewer web accounts and used those to connect to computers, seize the end-users web browsers to empty PayPal accounts, access web mail and order items on Amazon and eBay.

What To Do

If you use TeamViewer to access your work or home systems, please perform the following steps in the following order:
Check To See If Your Account Was Accessed

  • Log into the TeamViewer Management Console web site here: https://login.teamviewer.com/nav/home
  • In the upper-right hand corner, click on your user name and select “Edit Profile”
  • Select “Active Logins” to see a listing of recent sessions where your account was accessed

Change Your TeamViewer Password (whether you’ve been compromised or not)

  • From the “Active Logins” selection mentioned above, select the link entitled “General”
  • Select the “Change password” link to change your password

As always, if you need assistance with any of the above, please either give us a call at 866-976-9136 or drop us a line via our web site.  We’re here to help.

5 Nov

Top 5 Facebook Scams of the Week

Facebook now has over a billion users, that’s a mind-boggling thousand million people who check their page regularly. The bad guys are irresistibly attracted to a population that large, and here are the top 5 scams they are trying to pull off every day of the year.

  1. Who Viewed Your Facebook Profile lures you with messages from friends or sometimes malicious ads on your wall to check who has looked at your profile. But when you click, your profile will be exposed to the scammer and worse things happen afterward.
  2. The Facebook Color Changer App tries to trick you to personalize your Facebook page, but it also leads you to phishing sites, deceives you to share the app with friends, and infects your mobile devices with malware. Stay away from it.
  3. Fake Naked Videos There are tons of fake naked videos being posted all the time using the names of celebrities like Rihanna or Taylor Swift that sometimes make it past the Facebook moderators. These scams are in the form of an ad or a post and have a link to bogus YouTube videos. That site then claims your Adobe Flash player is broken and you need to update it – but malware is installed instead!
  4. Facebook Videos With Come-On Titles The bad guys often try enticing titles like “Not Safe For Work” or “Scandalous” to lure you into clicking on these videos and get redirected to phishing sites that steal your personal information.
  5. Check my status update to get free Facebook T-shirt Messages from your Facebook friends to go to their page, and get a free Facebook t-shirt. It’s a scam. Remove any access to rogue applications if you have clicked on something like this.

Facebook is what it is, there simply is no way to change the colors of your profile or change the theme. Stay away from such messages if you want to avoid getting your PC infected with malware. As an additional reminder, do not click on anything to do with Ebola, they are now offering free toolbars that will warn you when Ebola pops up in your town, but it’s malware being installed instead. Do not fall for it: Think Before You Click!

28 Aug

Protect Your Browsers from Java Exploits

Over the weekend, security firm FireEye spotted a new attack that exploits a vulnerability in Java to install a piece of malware called “Poison Ivy Trojan,” which communicates with command and control servers in China and Singapore.

Couple this with other serious, cross-platform Java exploits that have occurred over the past year and you’ve got a recipe for computing headaches and compromised data security.

Your best line of defense is to disable Java in your web browser of choice.

To do so, please take a look at the following..

How to Disable Java in Chrome / Chromium:

  1. Type “about:plugins” (no quotes) into the Chrome address bar
  2. Find your Java plugin in the list and click “disable”

How to Disable Java in Firefox:

  1. Type “about:addons” (no quotes) into the Firefox address bar
  2. Find your Java plugin in the list and click “disable”

How to Disable Java in Internet Explorer:

Don’t even bother. If you care about browser security, you would be better off installing Chrome or Firefox and ditching Internet Explorer completely. If you must use Internet Explorer, you can disable Java applets by going to [Tools Menu] > Internet Options > Security (tab) and clicking the “Custom Level” button at the bottom of the window. Scroll down in the “Security Settings” box until you see “Scripting of Java Applets,” and click the “Disable” or “Prompt” radio button. This will disable the loading of Applets on webpages.

18 Jul

Surge in Small Business Attacks

Symantec is reporting that 36% of all targeted attacks during the last six months are being directed at businesses with 250 or fewer employees.

According to the Symantec Intelligence Report (click to view PDF) this targeted attack number of 36% is up from 18% reported at the end of December 2011.

While this upsurge against SMBs is significant, Symantec says large enterprises consisting of more than 2,500 employees are still receiving the greatest number of attacks, with an average 69 being blocked each day.

So what does this mean to PCSDesk customers?  Hopefully it means that you’ve allowed us to secure your servers and workstations with a firewall and an implementation of best practices policies to keep your data and business processes secure.  If not, contact us today!