RANSOMWARE – What is it? How to Avoid it!!!

Posted on March 2, 2016 by wjimenez275

Perhaps you heard of the Hollywood Presbyterian Medical Center that recently had to pay $17,000 to hackers who had seized control of the hospital’s computer systems and held them for ransom? They aren’t the only ones being held ransom, just the latest. There were over 4 million ransomware attacks my mid-year 2015 and it’s growing.

Now there’s a hospital in Kentucky that has recently been hit with ransomware. You can read about it here.

It’s not just hospitals and large companies who get hit. Individuals do as well.

What is ransomware? Ransomware is malicious software that allows a hacker to access a computer or network of computers, encrypt the files on that computer and then request money to decrypt it. Doing so basically lets the hackers hold your files or computer hostage. Even if you pay, there’s usually no guarantee that your files will be released.How does your computer get hacked? Generally, it happens when you open an infected attachment in an email, or you visit an infected website (which WOT should protect you from). Once the software gets on your computer, it may take a day or so to go to work but when it does, you’ll find that your sensitive files, your pictures, and videos, your files in your Documents folder, are all locked and there’s nothing you can do to open them; unless you pay the ransom.

How to avoid it? The single biggest thing that will defeat it is having a regularly scheduled backup. If you are attacked with ransomware you can clean up your computer and restore your files from backup. Keep in mind that some ransomware will also encrypt files on an attached external drive so if you’re backing up to an external drive, disconnect it when you’re done with the backup. You can also back up your files to the internet. I use iDrive for my cloud backup. With iDrive, you can back up not only your computer files, but you can back up your cell phone files, such as pictures, contacts, text messages, Facebook pictures and videos and more. You can back up multiple computers and devices to the same account. You can also backup to a USB hard disk attached to your computer for a local backup.  You can check it out at https://goo.gl/yjQ8SM.

Next, make sure that your antivirus software is current and active.

Make sure that your programs are updated, especially Windows and Adobe software.

Do NOT open email attachments unless you are 100% sure they are safe, even if it says it’s from UPS, FedEx, or your best friend. If a strange window pops up in your browser, use Ctrl-Alt-Del and go to TaskManager to close your browser. Don’t click on the pop up as they will often be programmed to install malicious software and never call the phone number in the pop-up to have them “fix” the malware attack (they only want access to your computer to do more bad things).

If you have any questions, please email me and I’d be happy to help you.

Advertisement

Filed under: Instructional, PC Security, PC Tips and Tools | Leave a comment »

How Can I Check My Email to See if it’s Spam?

Posted on November 2, 2014 by wjimenez275

Every day it seems there is more and more spam coming to us in our email. Some have links that we’re tricked into clicking on. Some have attachments we’re pushed to download and “view”. Most have a connection to viruses, malware, or worse. But they look like they’re coming from websites or companies we know and use or they look like they’re coming from a family or friend. How would we know they’re bad?

There are a few things to check in the email but you have to learn to question every email, and then check it. Learn to “hover” your mouse over items, meaning move the mouse pointer over the link or other item in the email without clicking. What you’ll see may surprise you.

Watch my video here to see what I mean.

Filed under: Instructional, PC Security, PC Tips and Tools | Leave a comment »

Internet Explorer Malware Hole

Posted on April 28, 2014 by wjimenez275

Microsoft announced this weekend that ALL versions of Internet Explorer were at risk for “drive-by” attacks from malicious websites. These attacks are currently happening around the world so this isn’t a “could happen” attack, it’s real.

 

A possible “drive-by” attack is one where you visit a website and you start getting pop-ups stating you have hundreds of viruses, trojans, bugs, etc. and offering to fix your computer problems, for a price. Another type is the kind where you don’t know that it’s happening but the malicious site is installing damaging software onto your computer.

 

The risk of the Internet Explorer issue is that is has the potential of allowing the hackers the same user access as you have on your computer. That means that they’d have the ability to install software, create new user accounts, change or delete your files, hold your computer hostage, and many more things.

 

Microsoft is working on closing these holes but it could be sometime for it happen. Microsoft has said that they will not fix the holes for Windows XP.

 

What are your options until then?

  • Stop using Internet Explorer. Download Google Chrome or Mozilla Firefox and set them up to be your default browser, especially if you’re still running Windows XP
  • Do not click on links that you get in emails, unless you’re absolutely certain they’re legitimate.  

Of course, if you’re already using a different browser, you don’t have to do anything further.

Filed under: Internet Items, PC Security | Leave a comment »

Is This Email from a Friend Safe to Open?

Posted on April 24, 2014 by wjimenez275

With all of the spam email being delivered, here are a few tips that will help you decide if the email you’ve just received are spam.

The To: field has email addresses in it that are obviously fake (you may be bcc’d on it)
The To: field has multiple email addresses in it that are in alphabetical order, many of which you have no clue who they belong to.
—————————————-
Look at the time of day the email was sent. If it was sent at 2:00 in the morning and you know the person in the From: field most likely wasn’t up at that time, question it.
If the time sent on the email is several hours later than the time at your location, chances are it was sent from a server out of country. Question it.
—————————————-
The attachments are either a .ZIP file or a .EXE file. There are legitimate reasons for someone to send a ZIP file but very few people do that any more. Always question it.
—————————————-
There is a link in the body of the email and the text in the email is asking you to click that link to “verify” some information. TIP – Hover your mouse cursor over the link without clicking. Most of the time a text balloon opens showing the actual site the link will take you to. Compare it to what the link in the email is. If it’s different, even a little bit, don’t click. If you’re suspicious, don’t click.
If something needs to be verified, don’t do it by clicking on a link. Open your browser and go the website itself and login and verify information. Most companies won’t ask you to verify anything via email. They may notify you and then tell you to login to your account but won’t have you click a link.

—————————————–

If you want to check to see if the email you received with an attachment is a virus, forward it to virustotal.

The sending process is as follows:

Create a new message, or forward the suspicious email to scan@virustotal.com as the destination address.
Attach the file to be scanned. Such file must not exceed 32MB in size. If the attached file is larger, the system will reject it automatically.

If you completed these steps correctly, you will receive an email with the file scan report. The response time will vary depending on the load of the system at the moment in which the file was sent.

—————————————-

Don’t reply back to sender asking if it’s okay to open the email. Chances are it didn’t come from who is in the From: field. Don’t reply back asking the sender to stop sending you things. If there is an “unsubscribe” link at the bottom of the email, don’t. All of these things tell the spammer that they’ve reached a live email address and you’ll be put on more spam lists and receive more spam.
—————————————-
Don’t EVER just click or open without questioning. Even if you’re expecting an email with an attachment, take your time to look at the email first for clues.

Filed under: Instructional, PC Security | Leave a comment »

Analysis of Yahoo Voice Password Leak – 453,441 Passwords Exposed | Sucuri

Posted on July 12, 2012 by wjimenez275

Have you noticed an increase in spam from those you know with yahoo, hotmail, aol or gmail accounts? There’s a reason for that. Apparently, there was a massive leak of Yahoo passwords and since many people use the same passwords for several sites, it was easy to hijack those accounts. From the link in this article, you can check if your email has been hijacked and is being used to send spam. Whether it is or isn’t, you should consider changing your password.  Also, take a look at the password list. Notice how many people are using simple, easy to guess passwords. Check out my post on creating strong passwords – Maybe My Password Isn’t As Strong As I Thought It Was

We recently heard that a massive leak of Yahoo passwords has been floating on the interwebs for a few days. According to Ars Technica, the dump is from Yahoo Voice and the data was released in clear-text yes, clear text in 2012. It seems they were not storing the passwords securely.We got access to the dump and we can confirm that this leak is valid. We can not however confirm it is from Yahoo, the password analysis does not have many “Yahoo’s” in it we’ll explain later.That said, we recommend all Yahoo users to change their passwords ASAP! Specially on other services that you are reusing the same passwords. Better safe than sorry.

*You can check here if your account was part of the leak: http://labs.sucuri.net/?yahooleak

via Analysis of Yahoo Voice Password Leak – 453,441 Passwords Exposed | Sucuri.

Filed under: PC Security | Leave a comment »

An Easy Way to Stay Safer on the Web, with OpenDNS

Posted on April 29, 2012 by wjimenez275

Since this post is going to be a little technical, I’m going to start by defining some of the things that will be discussed.

DNS – Short for Domain Name System (or Service or Server), an internet service that translates domain names into IP addresses. Because domain names are alphabetic, such as askbillfirst.com, they’re easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, a DNS service must translate the name into the corresponding IP address. For example, the domain name http://www.askbillfirst.com might translate to 208.109.14.108.

Domain Name – A name that identifies one or more IP addresses. For example, the domain name microsoft.com represents about a dozen IP addresses. Domain names are used in URLs to identify particular web pages.

URL – Abbreviation of Uniform Resource Locator, the global address of documents and other resources on the World Wide Web (www).

When you access the internet and type in a URL, the name you entered is sent to servers that translate the letters you typed into the corresponding IP address for that site. Generally, those servers are set by your internet provider. There is no filtering involved with these servers. Therefore, any website that you attempt to go to will pass back to you whatever it has on it, both the good and the bad.

Now, there is a way to set up your computer, or your network router, to protect you from visiting sites that may cause you problems. One company that allows you to filter web content, protects you from phishing sites, and other things is OpenDNS. OpenDNS is used for content filtering. It filters content based on categories of sites, such as gambling, pornography, social networking, humor, and more. These sites may not be malicious, but they could be considered unacceptable types of content. OpenDNS is often used in place of parental control software.

To set this program up you’ll need to modify your network adapter settings. If you use both wired and wireless connections, you’ll need to modify both adapters. If you want to set this up so it protects everyone on your network, you can make the settings in the router and they will filter to everyone on the network.

You can find the instructions for OpenDNS here.

These settings will work on both PC’s and Mac’s whether you set it at the pc level or the router level.

Do not use this in place of a good anti-virus, but use it along with a good anti-virus for an easy way to stay safer on the web.

UPDATE – Laura from OpenDNS informed me that ” OpenDNS actually works as a security filter as well. It protects you from phishing websites, as well as blocking Malware like the Conficker virus. We’re seeing a lot of users — both home and business — choose OpenDNS specifically for the security it provides.” Thank you Laura for that update.

Filed under: PC Security, PC Tips and Tools | 3 Comments »

Email: Spam, Virus or Clean?

Posted on January 27, 2012 by wjimenez275

Not sure if you’ve noticed, but there are a lot of emails being received that have a few lines of gibberish followed by a hyperlink, and often times a nice motivational quote. Many times, these emails are coming from someone you know. How are these emails getting past the spam and virus filters you have in place? Why isn’t your antivirus program stopping them?

Well, first, most of these emails are coming through as plain text, with no formatting like HTML emails have. Spam filters usually are looking for key words, phrases, or graphics. With these emails, often times there aren’t any “key” words that will trigger the filter. As for the virus, there usually aren’t any attachments, just a hyperlink, again, nothing that will trigger the filter.

The following is a sample of a text based email with normal words and a hyperlink. Also note that it’s not addressed to me but I received it anyway so it must have gone out to a group. Click on the examples that follow to see them full screen. They will open in a new window so when you’re ready to move back to the article, just close the image window.

It’s a lot more difficult getting an HTML formatted email through spam filters but some do get through. The following is an example for comparison sake between an HTML format and Text Only format:

And then there is the email trying to convince you that it’s okay to open the attachment to print or verify the information they’re telling you about in the email. In this case, the email is stating that I paid property tax on property in King County, where ever that is. Since I don’t remember doing that, maybe I should print the document to see what they’re talking about. Well, wouldn’t you? Except for the fact that none of the reference numbers match up, from the payment confirmation to the reference number to the number on the attachment, none match. Notice also that the attachment is zipped. This is a common method of hiding a virus to get it past the filters.

 

Well, I didn’t open it. It forwarded it on to scan@virustotal.com and in less than 5 minutes, I received the following report. Note that virustotal scanned the file against 40 some antivirus engines and most came back with no virus found…but 4 of them did find something. That was good enough for me. I deleted the email.

Image

I hope this helps clarify those emails you’ve been getting.

Oh, and by-the-way, if you get an email similar to the ones above from a friend, have them change their email program’s password as it’s possible that their email program has been hijacked.

Filed under: Instructional, PC Security | Leave a comment »

Maybe My Password Isn’t As Strong As I Thought It Was

Posted on August 24, 2011 by wjimenez275

For years, we in the computer industry, have been telling people to create cryptic passwords that include upper and lowercase letters, numbers, and special characters. We’ve been saying that if you replace certain characters with others, such as @ instead of “a”, or 3 instead of “E”, or ! instead of l, that chances of getting your password stolen are remote. Well, it would be remote, but with today’s technology, someone trying to break that password would have it figured out in 3 days with 1000 guesses/second, which is probably faster than you trying to remember what the password actually is.

A far better and safer way to create passwords is to string words together. Four random words, such as dogsbakewoodseat, would take 550 years with 1000 guesses/second to break, and would be much easier to remember if you use words that have meaning to you. The reason isn’t so much in the letters you use but is a combination of length as well as content. Most cryptic passwords are shorter than 8 characters because they’re hard enough to remember as is without them being longer. By using the word combination, you can make your passwords long and still be easy to remember.

I still recommend you using a different password for every site so with all of those passwords to try to remember you may want to use a password manager. I recommend RoboForm which allows you to save your passwords to your computer, or to the internet where they’re available just by clicking, when you need to log-in to a site.

If you want to see how safe some of your passwords are, or passwords similar to what you use, try them here, and see how long it would take someone to hack your password.

Filed under: Instructional, PC Security | 5 Comments »

Fake Antivirus Industry Down, But Not Out — Krebs on Security

Posted on August 4, 2011 by wjimenez275

Fake Antivirus Industry Down, But Not Out — Krebs on Security.

Many fake antivirus businesses that paid hackers to foist junk security software on PC users have closed up shop in recent weeks. The wave of closures comes amid heightened scrutiny by the industry from security experts and a host of international law enforcement officials. But it’s probably too soon to break out the bubbly: The inordinate profits that drive fake AV peddlers guarantee the market will soon rebound.

During the past few weeks, some top fake AV promotion programs either disappeared or complained of difficulty in processing credit card transactions for would-be scareware victims: Fake AV brands either ceased operating or alerted affiliates that they may not be paid for current and future installations.

On July 2, BestAV, one of the larger fake AV distribution networks, told affiliates that unforeseen circumstances had conspired to ruin the moneymaking program for everyone.

Filed under: Internet Items, PC Security | 1 Comment »

Google: Your Computer Appears to Be Infected

Posted on July 19, 2011 by wjimenez275

From KrebsOnSecurity

Google last week began warning more than a million Internet users that their computers are infected with a malicious program that hijacks search results and tries to scare users into purchasing fake antivirus software.

Google security engineer Damian Menscher said he discovered the monster network of hacked machines while conducting routine maintenance at a Google data center. Menscher said when Google takes a data center off-line, search traffic directed to that center is temporarily stopped. Unexpectedly, Menscher found that a data center recently taken off-line was still receiving thousands of requests per second.

Menscher dug further and discovered the source of the traffic: more than a million Microsoft Windows machines were infected with a strain of malware designed to hijack results when users search for keywords at Google.com and other major search engines. Ironically, the traffic wasn’t search traffic at all: The malware instructed host PCs to periodically ping a specific Google Internet address to check whether the systems were online.

For the rest of the article, please click here

NOTE: Unlike the scareware and fake anti-virus programs that “popup” on your screen, this is  a banner notice at the top of your search results. Use your own anti-virus programs to scan your computer as well as programs such as SuperAntiSpyware and Malwarebytes

 

 

 

Filed under: PC Security | Leave a comment »

Next Page »