Monthly Archives: July 2015

CryptoLocker and clones

It’s been barely 19 months since the CryptoLocker virus started infecting computers around the world, but in that relatively brief time it has made a significant impression on thousands (some say millions) of computer users. It has also spawned a whole new category of cyber-criminal activity, known as encrypting ransomware.
Unlike earlier infections of this type, CryptoLocker and its successors follow best practices in their encryption methods. As a result, a user whose data files have been encrypted by one of these recent incarnations stands virtually no chance of successfully decrypting their encrypted files on their own.

The best way to recover from such an infection is to restore the files from a recent, unencrypted backup. But many users have discovered, too late, that their backups are nonexistent or, worse, have also been encrypted by the ransomware. In that case, the only reasonable chance of recovering those files is to pay the ransom.
But, is this a viable option? You will hear different opinions from different sources, many with their own built-in bias. I believe the most clear-headed, rational discussion of this issue appeared recently in a post by the British anti-virus software company Sophos, in their Naked Security newsletter. The article is titled “Ransomware – should you pay?” Here is a link to it: https://nakedsecurity.sophos.com/2015/03/19/ransomware-should-you-pay/.
Thanks to The Virus Doctor (Ken Dwight) for this article, as well as Sophos for their link.

Identity Theft and Fraud

Here we are, in the income tax preparation season. (Didn’t we just suffer through this?)

As usual, there are people so willing to help you. They offer all sorts of tips and tricks to save you money. But wait–are they asking for things like your social security number? How about your email login credentials? Most likely they are helping not you, but themselves. They are trying to gain your trust so you will give them personal information so they can become rich at your expense.

One of the scams that they run this time of year involves someone trying to contact you from the IRS by email claiming either you owe a ton of money or that the IRS owes you a ton of money. Either way, it’s a scam. The IRS will NEVER contact you by email. They want your personal information. Similarly, they will not contact you by phone. Hang up on people telling you they are IRS officers. Report them to the Treasury Inspector General for Tax Administration at 1-800-366-4484.

Another thing to be looking for: a website that looks like it may belong to the IRS. The real website has an address of www.irs.gov. That’s it. Very simple. If you get an email with a link to the IRS, remember to put your mouse over the link and check the real address of that link by looking at the lower left corner of your screen. The true link will show up there.

I closing, here’s a useful link to use if you want to know more from the IRS about identity theft: http://www.irs.gov/uac/Taxpayer-Guide-to-Identity-Theft.

Keyless Car Access

Here’s one that should interest those of you with who have vehicles that don’t need a key to unlock the door:

Many new cars just require that you have the key on your person and the door automatically unlocks when you approach it. Likewise–the ignition does not have an ignition key. You just have to have the key with you. So what’s the problem? Seems like there are a number of reported incidents where unknown persons have obtained access to locked cars of the type mentioned. There is no evidence of forced entry and it has puzzled many a law enforcement organization. Now we know what is happening.

The newer cars are always wirelessly scanning for the proper key. When you approach it with the proper key, the car unlocks itself and can be started. (The distance may be 50′ or so). The bad guys have a power amplifier that they carry with them and turn it on as they approach the car. It extends the distance that the car can search for the proper key. So–if you need to be within 50′ then the amplifier allows the distance to be increased to maybe 100′. If you key is in the house on the kitchen counter, the car can most likely find it easier and unlock the door. Note that the distances used in this example are guesstimates and are used only to give you an idea of how it works.

So what do you do? According to a writer with the New York Times, just put your keys in the refrigerator at when you are not driving your car. Why? The ‘fridge acts as a Faraday Cage (well, not a perfect one, but close enough) which will not allow the wireless signal to get in or out.