Category Archives: Cautionary Tips

These tips are suggestions for staying safe.

The Latest Ransomware Attacks

You all have probably heard of the latest threat–ransomware that hit a number of countries, but hit Russia the hardest.    Are you vulnerable?

You really should have the latest version of your operating system installed.  Remember that Windows XP is an end-of-life product and is no longer supported.  It is vulnerable.  Windows 7 and 10 are safer–but they need to have all the latest updates installed.

In addition–you need to have a current version of anti-malware/internet security software installed.  Scan your system regularly.  And, most importantly, you need to have your data backed up.  Ransomware only attacks your data.  If you have a copy of all your date, you can replace the encrypted files.  BUT–that backup needs to be offline.  If you have a system that is constantly backing up your data, it will back up the encrypted data and you’ll be out of luck.  If you have a backup that is offline, your data can’t be overwritten.

We recommend having your data stored on an external drive and plug it in only when you are doing a backup.  If you are using cloud backups, talk to the company’s tech support to be sure they have a second copy of your data archived so it can be retrieved if your data is compromised.

The growth of online extortion

Ransomware first stated getting noticed around 2007. It grew slowly until 2014 and 2015.  Between 2015 and 2016, the growth sharply increased.  Experts predict that it will get worse in 2017 by about 25%.

Personal computers are not the only targets.  It will be immensely more profitable to attack servers and hold them ransom.  This can be very costly by causing business disruptions.

So–what to do?  Install good anti-malware software and keep it updated,  View unusual or unexpected email with suspicion,  When in doubt, delete it. You can always reply to the sender if you think it might be legit.

let them tell you why they sent it.

Data Loss prevention — some caveats

Now that you have read my recommendations for keeping your data save, you need to be aware of what can go wrong.  Otherwise you will be calling me and asking why you weren’t warned!

  1. When backing up your stuff, it is best to disconnect the backup device when you are not actually using it.  Should you become infected by a ransomware program, it will affect all connected devices.  It will, therefore, corrupt your backup if it can get to it.
  2. If burning a CD or DVD,  be sure to verify the process.  Also, with any backup system, occasionally look at the backup and see if the computer is actually backing up your data.  It does you absolutely no good to tell me you have your data backed up and when I go to look for it I find that your backups have not actually been working!
  3. Remember to store CD’s, DVD’s, and flash drives in a save place.  Don’t lay them in the sun or put them somewhere where they will be subject to extremes in temperature.
  4. If using a cloud backup system, ask the company how many backups they store.  For instance, in the case of ransomware, the corrupt files will be backed up to the cloud and will be useless.  If the company has several offline backups (Carbonite assures me that this is how they operate) then they can put one of good copies online for you to restore your data.

You’ve Won!

This scam is very familiar.  You shouldn’t fall for it.  No one should. But they do.

Sure, everyone wants to win a prize.  I keep waiting for the people from Publishers Clearinghouse to show up at my door!

If you get a call or a letter telling you that you won but you need to send some money to pay for shipping and handling or some other charge, keep your money in your pocket.  You didn’t win anything.

How about if the caller tells you that you must act right now or the offer won’t be any good.  The best thing to do is hang up.

How about when they ask for personal information such as your bank account number (so they can send your money)?  Nah!  Hang up.

Guard against these “opportunities.”  Keep your money and credit card in your pocket.  You’ll be money ahead.

Scams Targeting Senior Citizens

You always see warnings about these scams.  You read about them and tell yourself that you won’t fall for them.  But you do.  How do I know?  You call me and tell me and ask for help getting out of whatever you’ve gotten into.  So–let’s go over some now.\:

1. The Grandparent Scam–there is a description of this listed in another post, but a new twist consists of you getting a call telling you that your grandchild has been kidnapped and you need to pay the ransom.  NEVER send any money to these people until you verify the whereabouts of your grandchild.

2. Medicare Scam–most often Medicare itself is targeted.  But you may also be targeted. A “representative” calls you asking you to verify personal information.  Don’t give out any.  Medicare already has your information.  They will not ask for it.

3. Reverse Mortgage Scams–Do not take out a reverse mortgage without advice from a trusted financial professional.

Along the lines of mortgages, you may receive a call from someone telling you that if your mortgage is paid off, you need a Deed of Reconveyance or you you will have serious legal problems.  They will offer to get you one if you pay for it for somewhere around $175.  This is a document that you get when you pay off your mortgage. It’s a publicly available document that you can get from the county for a small processing charge.

There are many, many more scams including funeral pre-payment scams, lottery scams, scareware (fake virus) scams.   Here is a really useful page that will offer more valuable advice: https://www.fbi.gov/scams-safety/fraud/fraud.

Identity Theft and Fraud

Here we are, in the income tax preparation season. (Didn’t we just suffer through this?)

As usual, there are people so willing to help you. They offer all sorts of tips and tricks to save you money. But wait–are they asking for things like your social security number? How about your email login credentials? Most likely they are helping not you, but themselves. They are trying to gain your trust so you will give them personal information so they can become rich at your expense.

One of the scams that they run this time of year involves someone trying to contact you from the IRS by email claiming either you owe a ton of money or that the IRS owes you a ton of money. Either way, it’s a scam. The IRS will NEVER contact you by email. They want your personal information. Similarly, they will not contact you by phone. Hang up on people telling you they are IRS officers. Report them to the Treasury Inspector General for Tax Administration at 1-800-366-4484.

Another thing to be looking for: a website that looks like it may belong to the IRS. The real website has an address of www.irs.gov. That’s it. Very simple. If you get an email with a link to the IRS, remember to put your mouse over the link and check the real address of that link by looking at the lower left corner of your screen. The true link will show up there.

I closing, here’s a useful link to use if you want to know more from the IRS about identity theft: http://www.irs.gov/uac/Taxpayer-Guide-to-Identity-Theft.

Keyless Car Access

Here’s one that should interest those of you with who have vehicles that don’t need a key to unlock the door:

Many new cars just require that you have the key on your person and the door automatically unlocks when you approach it. Likewise–the ignition does not have an ignition key. You just have to have the key with you. So what’s the problem? Seems like there are a number of reported incidents where unknown persons have obtained access to locked cars of the type mentioned. There is no evidence of forced entry and it has puzzled many a law enforcement organization. Now we know what is happening.

The newer cars are always wirelessly scanning for the proper key. When you approach it with the proper key, the car unlocks itself and can be started. (The distance may be 50′ or so). The bad guys have a power amplifier that they carry with them and turn it on as they approach the car. It extends the distance that the car can search for the proper key. So–if you need to be within 50′ then the amplifier allows the distance to be increased to maybe 100′. If you key is in the house on the kitchen counter, the car can most likely find it easier and unlock the door. Note that the distances used in this example are guesstimates and are used only to give you an idea of how it works.

So what do you do? According to a writer with the New York Times, just put your keys in the refrigerator at when you are not driving your car. Why? The ‘fridge acts as a Faraday Cage (well, not a perfect one, but close enough) which will not allow the wireless signal to get in or out.

Free Email Accounts

Many folks have been using hotmail.com, msn.com,  and live.com accounts for a while now.  Microsoft has been directing all these users to outlook.com and they log on there. There are several problems with this service.

When you set up these accounts, it’s with the understanding the account is free and you will have very limited access to tech support.  Every so often I am called by a client who has tried to log onto a Microsoft mail account only to get the message that there might be someone else using the account and you need to confirm that you are the owner.  If you have not provided for this eventuality, you are going to be in trouble.

Everyone who sets up one of these accounts needs to have an alternate email address.  There is a place to list that alternate address when you set up your Microsoft account.  If there is any requirement to confirm that you are the account holder, the confirmation link or code will be sent to your alternate email.  If you don’t have an alternate email, you will have to answer a lot of security questions and most people have a problem doing this.

So–what do you use for your alternate email?  If you are a Centurylink customer, you have a Centurylink email account.  Same goes for Comast.  You may just have to go to their site and set it up.  You also have the option of setting up a Gmail account to use for that purpose.

Who is Watching

Many people nowadays have laptop computers that have a nifty little webcam.   It’s that little camera just above the screen.  Look up there–see it?  Do you know it can see you?  It can.

In case you think that the camera is off until you turn it on, think again.  There are bad guys out there that can get into your system and turn the camera on.  This raises an interesting question.  Where do you keep the computer?  College kids keep it in their dorm room and the cover is most likely open.  Adults may keep it in the bedroom or possibly an office.  If someone turns on the camera, what will they see?  Only you can answer that question!

This is not science fiction.  It has happened many times.  I had a client who got the “FBI Virus” and the screen he saw included his picture.  Needless to say, he was upset.  He actually didn’t even know he had a camera.

There is supposed to be an icon or maybe a light that appears when the camera is active.  Trust me–the bad guys can turn that icon or light off so you are not aware they are watching you.

The easiest thing to do to thwart this?  Use a low-tech solution.  Put a piece of tape over the camera unless you need it!  Yes, there are ways of disabling it, but why not keep it simple?