Monthly Archives: October 2014

Security Questions

You have all seen this:  You create an account online and you are asked to enter a password and answer some security questions to be used later if you forget your login credentials.  They offer many standard questions, like “What is your mother’s maiden name” and “What is the name of your favorite pet.”

So what should you do?

First, create a password that is unique and hard to guess.   We’ve addressed this in a previous article.  Stay away from kids’ names and pet names.  As for the security questions, here are several suggestions:

A good security question should:

be easy to remember
have thousands of possible answers
not be something you  would use on social media
be simple one or two word answers
not change over time

If a site lets you make up your own questions, so much the better.

Don’t use things like birthdays, school names, etc.  These are easy for the bad guys to find.

I’ve talked with clients that just make up answers that aren’t true.  This is helpful, as someone who really knows you won’t be able to guess the answer.  Hey–anything to keep your data and identity secure works.  Be careful, though.  If you make up questions, you better remember the answers!

Another tip–if the site allows you to request a password change, they will usually email you. So be sure you give them a current email address.

Scareware

In the past, we discussed rogue anti-virus programs.  They are still around.  They call themselves things like “Antivirus 2014.”  I’m frequently asked why, if there is an internet security program installed on the computer, do these things keep showing up?  Well, they are not technically a virus.  Many are programs created with Flash and act like a movie playing.  The problem is it’s a movie that you can’t turn off!  No matter how many times you click on the “X” the windows keep appearing.  Some versions open 10 or more windows in a really short time.  Annoying, to say the least.

While many of these programs aren’t harmful (they aren’t busy deleting data), they can ruin your day and make your computer useless—they just fill up the screen and try to get you to pay money to get them to go away.  They can also prevent you from navigating to an antivirus site where you might find a utility to remove them.  When you try to access one of the many antivirus companies’ sites, you’ll be blocked.

There are a number of ways to get this junk to go away, but ror right now, restarting the computer in safe mode and doing a system restore may help.  Once you do the restore, run MalwareBytes (you can get it from www.malwarebytes.org).  This should pick up the bad stuff.  If you don’t scan for malware, you will probably find yourself right back where you were at the beginning of the day. If this procedure makes you uncomfortable, just give us a call and we can assist you.

Celebrity Name Scams

A popular mail scam by those who are trying to get your personal info involves sending a mail  with a link claiming to show you sensational news or pictures of celebrities or other famous people, including pop stars and politicians.

Don’t be fooled.  Don’t click on the attachments.  A big red flag would be if the attached file has a .zip extension.  This guaranteed to cause you grief!  Don’t do it.  Use only your delete button here.

You are not going to learn anything about celebrities by clicking on these links, nor will you see pics of them in awkward situations.  You will, however, most likely become infected with malware.

Also noted was the hacking of celebrities’  Facebook and Twitter accounts.  Hackers take over these accounts to post malicious or outrageous comments.

Thanks to the Scambusters.org site for these hints.

Computer Upgrading and Recycling

Thinking of a new computer? You can choose to upgrade the computer you have to make it perform a bit better or you can just buy a new machine. The big box stores will usually want to sell you a new computer. This may not be the best for you.

Ways to upgrade: Add memory. Replace your hard drive with a larger one. Clean up any unnecessary programs running in the background. Perhaps add a spiffier video card. Want the latest and greatest? Buy a new computer. Don’t just rely on a salesman in a big store.  Some of these big-box stores have sales staff that know what they are talking about.  Unfortunately, some don’t!  Ask for advice from someone who knows what your needs are.

This brings us to what to do with your old equipment. Throw it away?  Not a good idea. Recycling is available.  Many times computer stores will offer to recycle your old machine.  There are also places, such as Goodwill who accept donations of equipment that is still usable.  Perhaps a local school or charity could put your old computer to good use.  A cautionary note: If you recycle your old hard drive, your old data is still on it. It must be erased (not just “deleted”). An alternative is to destroy the disk with something like a large hammer or take it apart and smash the metal disks inside (a good project for kids who like to take stuff apart).  Too many people don’t realize that they are leaving themselves open to identity theft by leaving data on their hard drive. If you don’t know how to erase the disk, get help from a trusted computer person.

Rogue Anti-Virus Scams

You all have heard of viruses.  Like viruses that infect living beings, computer viruses infect your computer. They are software, and are often attached to other software or documents you might receive. When you run the virus’s software or the file the virus has infected, the virus can infect your computer’s software.

Viruses can gather email addresses from your computer and send itself to everyone you know.  Sometimes this is just an annoyance—spreading spam and other useless messages.  But sometimes it can carry what we call a “payload” that installs itself on your computer and really messes you up.  We can save the discussion of the various kinds of viruses for another time.  This time we’ll talk about something else.

I’ve had many calls from people who say their computer is infected because there is a big message on the screen that says it is infected.  Then the message starts a “scan” that scares you to death.  This is called a “Rogue Anti-Virus.”  It’s actually a program that sneaked into your computer and is generating the message.  The problem is, you can’t work, ‘cause the messages won’t go away.  They keep popping up and trying to get you to give money to someone to clear it up.  Don’t do that!

Don’t despair—get a trusted computer tech to help out.  It takes just a little effort by someone who knows what they are doing to get rid of this pest.  I’ll be posting some easy fixes on our website as soon as I get time.

Remote Access Scams

I just spoke with a member of our community who related a phone call he received.  Out of the blue, he was called by a person who said that he was working with Microsoft and wanted him to know that there were a lot of viruses going around in this area.  He then asked permission to log onto the person’s computer so he could help out.

The first mistake the user made was saying “OK.”  After the caller logged onto the computer, he went to a website and proceeded to start downloading a virus scanning program.  At this point, the computer owner started questioning the guy about his affiliation with Microsoft and how he knew there were viruses on his computer.  The caller, of course, tried to keep him on the line and sell him a service.

The whole thing ended with the owner telling the guy he was not interested and hanging up the phone and, I believe, restarting the computer.

I, too, have received these phone calls.  While the caller didn’t say he worked for Microsoft, he did say he was part of the Windows Support Group.

Object lesson:  No one is legitimately monitoring your computer unless you allow them to do so.  Do not fall for any caller claiming to be able to remove viruses or tune up your computer unless you specifically ask for this service.  Allow no one to log onto your computer unless you know who they are and trust them.  Once they are in your machine, who knows what type of software they will install or what data they will steal? Remember—your first line of defense is your common sense.

Protecting your Data

In a previous article, we talked about safeguarding your data in case of a problem where your hard drive crashed or you lost files (maybe with the help of grandkids).   You now know to back the data up frequently.  Perhaps you are doing that.

Here’s something that might happen, though—for some reason Windows stops responding.  You try to restart and you get the BSOD (Blue Screen of Death).  Maybe just a black screen that says Windows is missing important files.  You are desperate!  You haven’t recently done data backup.  You need your computer.

You have system restore disks, so you try to use them to get the system up and running.  This might not be a good thing to do.  Many system restore disks will wipe the hard drive before restoring.  This will cause all your programs and data to go away.

Unless you know what you are doing or like living on the edge, it’s best to call a computer professional to see if Windows can be repaired instead of restored.  If you can get the computer working again without losing your stuff, you’ll be a lot happier.

Passwords

Time to talk about that thing you all hear about:  your passwords!  How many times have you heard that you should be changing your passwords regularly?   How about choosing a password that is strong vs. weak?  Choose a place to record them so you won’t forget.  Don’t whine about how many passwords you need to know.  We offer a free program to do just this.  It’s Whisper which you will find under Downloads on our site.

It should go without saying that your password is one of the really important safeguards of your bank account, your email account, your network, etc.  Using something that is easy to remember usually ends up as your name, the word “password,” the numbers “123456” or something equally clever (NOT!)

In general, your password should be 8 or more characters in length.  It’s good to include uppercase as well as lowercase letters.  Adding a number or another character (such as the # or ! or @) makes it even stronger.  Of course, using a password written in a foreign language helps, too.  When trying to hack into accounts, the bad guys frequently launch a “dictionary attack” which just means they try every conceivable word in the dictionary.  This doesn’t take as much time as you may think. They have computers to help them!

 

Malware Protection

We’ve been telling you to have a good internet security program installed on your computer.  Choose the one you like or get a recommendation from a computer professional.  We are finding that people are listening, but not everyone knows just how to set up the protection.

A good internet security program will update its virus, firewall, and malware definitions every day and scan all the stuff that you load into the computer, including mail, attachments, programs, and documents–if you tell it to!  Be sure you read the directions to enable all the protection.  Note that the programs can scan known malware as you work on files or on the web.  The bad guys, though, are always out there making more bad stuff. So what your program thinks is safe right now may no longer be safe.  This is why a complete computer scan is necessary.

One feature of a good anti-malware program allows you to scan your computer on a set schedule.  (Some free programs do not allow you this option.) On a desktop computer this works fine, as the computer is turned on for most of the day.  On a laptop, however, the computer is mostly off unless you are actually using it.  So—in many cases the program never gets a chance to scan your machine!  The best thing to do in this case is to run a “manual” scan of your hard drive at least once a week.  Just tell it to “scan now” and let it run.   Should take about ½ hour–more if you have tons of data.

Gullibility

The success of nearly every scam that confronts us depends on one single factor — gullibility, our willingness to believe something that’s untrue, and then to take action that involves giving away money or information, circulating untrue emails, or downloading malware onto our computers.

A gullibility survey by The Ponemon Institute, a well respected privacy and information security firm, identified the following characteristics:

  • Among vulnerable categories, younger people are more likely to fall for a scam than seniors.
  • Americans are more gullible than the British or Australians — the three groups the survey covered.
  • Bogus prizes and antivirus software are the most successful at fooling people.
  • Supporters of the two main political parties in the U.S. are equally gullible when it comes to believing things that are untrue — not just in politics but in all aspects of life.

Most of us think we’re better at identifying scams than we really are.

Quoted from Internet ScamBusters.  You may read the entire article here:
http://www.scambusters.org/gullibility.html