Blog Post
Beware Ransomware !
Phishing
Don't Get Caught
Spoofing
Is That Really You ?
Spying
Is Someone Watching ?
Hackers and Thieves are Knocking at your Computers Door(s)
There’s still the oldest trick being used to install malicious software on your computer. It’s You!
If you’ve received emails with invoices you didn’t expect, or a bank or telephone email telling you to confirm your identity, you have been targeted. This is called Phishing, and you are the fish to be caught.
Most of these attempts are bulk generated and usually have some obvious mistakes. You will notice some typographical errors in words or composition. If you hover (don’t click) over the from address you will see the actual email address used, and if you hover over a link, it will display where the link goes. It can be listed as ‘Bank Support’ or even ‘IRS’ but hovering reveals the real link destination. Its usually a long encrypted string, and it goes to their server, someplace in the world, that will install a cryptolocker malware or just a tracker to wait for an opportunity.
Some of these attempted attacks will succeed as people are tricked into clicking on a link, a picture, or even an audio file. Sometimes your antivirus will not pickup on this content in the emails as they depend on the user clicking on them to activate. And they will install, or not, depending on the users permission level. If you are the sole user, or administrator, clicking on that link or picture gives the bug full authorization to install.
Although there are highly restrictive programs that have some AI built into them, and they may alert you, its not 100% effective. We recommend backups to a password protected device. That means if you use DropBox, a cloud storage or local storage device, it must remain in a ‘signed out’ state until accessed by a password. Troublesome, yes, but the risk is high.
When on the web, in any browser, you may get a screen alerting you to a ‘security problem’ or ‘Your computer is infected, call this phone number’. Don’t call the phone number, no matter if you think its real. It will be difficult to exit the page, you will need to ‘kill’ the task (the browser your using} with the computers task manager, or reboot the computer as it is. That will clear it. No need to do a hard shutdown (power button) in this case.
When going to a webpage, even a secure banking page, stay alert for ‘redirects’. They usually happen without being very obvious, or maybe you notice a slight visual difference. Always look for the green ‘lock’ icon next to the web address before you enter any names or passwords. Hover your mouse (don’t click) over the submit button or any links to see if they look like they are from the site your on. If you have any doubt, exit the page, clear the cookies and privacy data from the browser your using, and then close the browser and reboot the computer.
If you ever think that the mouse or screen is being manipulated or used, just disconnect the network cable. If on WiFi and you see this, or have no control over the keyboard or mouse, then you will need to power down the computer by the power button. This is a hard shutdown, and you may see a system message on restart.
The Ransomware and Malware issue continues. Unpatched systems have allowed hackers with patience to wait for the opportunity, are responsible for the recent Bank, Social Media, and Retail Stores. Or they send carefully crafted emails to employees disguised as coming from the CEO.
Everyone needs to keep aware that they can be a target. Keep aware of their tactics and stay on guard for anything unusual.
helpfull insight. thanks