Author Archives: abeconsultants

Data Loss prevention–the mechanics

Now you know what can happen.  You also have an idea of what to do.  But what do you need to do the job?

  1. A backup device.  Use a flash drive (careful–these are easy to lose) large enough to hold your data.
  2. A backup program.  As previously stated, if you buy an external USB hard drive (at least 1T in size), it should have a backup program on it.  You will need to install that program on your computer.  If you don’t want to use the program they provide, there are any number of programs out there–both free and paid versions–that will do the job.
  3. An imaging program.  This is the program that is capable of making a system image and then restoring it to a hard drive.  We use Acronis True Image in our business.
  4. A cloud backup solution.  This is also a good idea if you have data you need to access even in the event of some type of disaster.  Online data is usually available from any device using your logon credentials.  We use Carbonite here.  We are also Carbonite resellers for those of you wishing to buy it through us.
  5. Lacking a cloud backup, you need a place to store your data once it’s backed up.  If you have a business office, store the data at home.  If you have a home office, you could possibly store the data in a safe deposit box.  Possibly a fireproof safe.  Or maybe in a relative’s home.  Anywhere but next to your computer!

Need help with all of this?  Give us a call.

Data Loss prevention — some caveats

Now that you have read my recommendations for keeping your data save, you need to be aware of what can go wrong.  Otherwise you will be calling me and asking why you weren’t warned!

  1. When backing up your stuff, it is best to disconnect the backup device when you are not actually using it.  Should you become infected by a ransomware program, it will affect all connected devices.  It will, therefore, corrupt your backup if it can get to it.
  2. If burning a CD or DVD,  be sure to verify the process.  Also, with any backup system, occasionally look at the backup and see if the computer is actually backing up your data.  It does you absolutely no good to tell me you have your data backed up and when I go to look for it I find that your backups have not actually been working!
  3. Remember to store CD’s, DVD’s, and flash drives in a save place.  Don’t lay them in the sun or put them somewhere where they will be subject to extremes in temperature.
  4. If using a cloud backup system, ask the company how many backups they store.  For instance, in the case of ransomware, the corrupt files will be backed up to the cloud and will be useless.  If the company has several offline backups (Carbonite assures me that this is how they operate) then they can put one of good copies online for you to restore your data.

You’ve Won!

This scam is very familiar.  You shouldn’t fall for it.  No one should. But they do.

Sure, everyone wants to win a prize.  I keep waiting for the people from Publishers Clearinghouse to show up at my door!

If you get a call or a letter telling you that you won but you need to send some money to pay for shipping and handling or some other charge, keep your money in your pocket.  You didn’t win anything.

How about if the caller tells you that you must act right now or the offer won’t be any good.  The best thing to do is hang up.

How about when they ask for personal information such as your bank account number (so they can send your money)?  Nah!  Hang up.

Guard against these “opportunities.”  Keep your money and credit card in your pocket.  You’ll be money ahead.

Scams Targeting Senior Citizens

You always see warnings about these scams.  You read about them and tell yourself that you won’t fall for them.  But you do.  How do I know?  You call me and tell me and ask for help getting out of whatever you’ve gotten into.  So–let’s go over some now.\:

1. The Grandparent Scam–there is a description of this listed in another post, but a new twist consists of you getting a call telling you that your grandchild has been kidnapped and you need to pay the ransom.  NEVER send any money to these people until you verify the whereabouts of your grandchild.

2. Medicare Scam–most often Medicare itself is targeted.  But you may also be targeted. A “representative” calls you asking you to verify personal information.  Don’t give out any.  Medicare already has your information.  They will not ask for it.

3. Reverse Mortgage Scams–Do not take out a reverse mortgage without advice from a trusted financial professional.

Along the lines of mortgages, you may receive a call from someone telling you that if your mortgage is paid off, you need a Deed of Reconveyance or you you will have serious legal problems.  They will offer to get you one if you pay for it for somewhere around $175.  This is a document that you get when you pay off your mortgage. It’s a publicly available document that you can get from the county for a small processing charge.

There are many, many more scams including funeral pre-payment scams, lottery scams, scareware (fake virus) scams.   Here is a really useful page that will offer more valuable advice: https://www.fbi.gov/scams-safety/fraud/fraud.

CryptoLocker and clones

It’s been barely 19 months since the CryptoLocker virus started infecting computers around the world, but in that relatively brief time it has made a significant impression on thousands (some say millions) of computer users. It has also spawned a whole new category of cyber-criminal activity, known as encrypting ransomware.
Unlike earlier infections of this type, CryptoLocker and its successors follow best practices in their encryption methods. As a result, a user whose data files have been encrypted by one of these recent incarnations stands virtually no chance of successfully decrypting their encrypted files on their own.

The best way to recover from such an infection is to restore the files from a recent, unencrypted backup. But many users have discovered, too late, that their backups are nonexistent or, worse, have also been encrypted by the ransomware. In that case, the only reasonable chance of recovering those files is to pay the ransom.
But, is this a viable option? You will hear different opinions from different sources, many with their own built-in bias. I believe the most clear-headed, rational discussion of this issue appeared recently in a post by the British anti-virus software company Sophos, in their Naked Security newsletter. The article is titled “Ransomware – should you pay?” Here is a link to it: https://nakedsecurity.sophos.com/2015/03/19/ransomware-should-you-pay/.
Thanks to The Virus Doctor (Ken Dwight) for this article, as well as Sophos for their link.

Identity Theft and Fraud

Here we are, in the income tax preparation season. (Didn’t we just suffer through this?)

As usual, there are people so willing to help you. They offer all sorts of tips and tricks to save you money. But wait–are they asking for things like your social security number? How about your email login credentials? Most likely they are helping not you, but themselves. They are trying to gain your trust so you will give them personal information so they can become rich at your expense.

One of the scams that they run this time of year involves someone trying to contact you from the IRS by email claiming either you owe a ton of money or that the IRS owes you a ton of money. Either way, it’s a scam. The IRS will NEVER contact you by email. They want your personal information. Similarly, they will not contact you by phone. Hang up on people telling you they are IRS officers. Report them to the Treasury Inspector General for Tax Administration at 1-800-366-4484.

Another thing to be looking for: a website that looks like it may belong to the IRS. The real website has an address of www.irs.gov. That’s it. Very simple. If you get an email with a link to the IRS, remember to put your mouse over the link and check the real address of that link by looking at the lower left corner of your screen. The true link will show up there.

I closing, here’s a useful link to use if you want to know more from the IRS about identity theft: http://www.irs.gov/uac/Taxpayer-Guide-to-Identity-Theft.

Keyless Car Access

Here’s one that should interest those of you with who have vehicles that don’t need a key to unlock the door:

Many new cars just require that you have the key on your person and the door automatically unlocks when you approach it. Likewise–the ignition does not have an ignition key. You just have to have the key with you. So what’s the problem? Seems like there are a number of reported incidents where unknown persons have obtained access to locked cars of the type mentioned. There is no evidence of forced entry and it has puzzled many a law enforcement organization. Now we know what is happening.

The newer cars are always wirelessly scanning for the proper key. When you approach it with the proper key, the car unlocks itself and can be started. (The distance may be 50′ or so). The bad guys have a power amplifier that they carry with them and turn it on as they approach the car. It extends the distance that the car can search for the proper key. So–if you need to be within 50′ then the amplifier allows the distance to be increased to maybe 100′. If you key is in the house on the kitchen counter, the car can most likely find it easier and unlock the door. Note that the distances used in this example are guesstimates and are used only to give you an idea of how it works.

So what do you do? According to a writer with the New York Times, just put your keys in the refrigerator at when you are not driving your car. Why? The ‘fridge acts as a Faraday Cage (well, not a perfect one, but close enough) which will not allow the wireless signal to get in or out.

Phone Scams

More and more people are getting calls from a company that identifies themselves as “Microsoft Help,” “Windows Help,” “Windows Remote Support,” and the like.  These people tell you that it has come to their attention that your computer has been reporting a lot of errors and they want to help you.  Or, they tell you that they have noticed a lot of virus activity on your computer.

The object here is to have you let them access your computer remotely.  Don’t do it.  Once in your computer, they can steal your data, use your computer to illegally access other networks, or they can talk you into paying them a sum of money to allow them to perform all sorts of computer maintenance which you don’t need.

The best thing to do is just hang up.  NEVER let anyone access your computer remotely unless you have asked for that help–such as a trusted technician or possibly help from a software company when you are asking for help about a program you are using.

The Grandparent Phone Scam

While this doesn’t really have anything to do with my usual subject—computers—I felt that it was something you should know about.  I’ve heard of this scam, but had never actually experienced it.  Until I got one of these calls.  This is how it goes:

You get a call from a young man who says something like “Hello?  Grandpa?”  He then asks “Do you know who this is?”  You, of course, say the name of one of your grandsons.  Hint—this is where you hang up.  If you don’t, you’ll hear a great sob story including “don’t tell my mom about this” and it ends with a request that you send him money to bail him out of a really big mess.

I started answering the question then I stopped—I suddenly remembered the scam.  In the first place, our only grandson who is not a little kid doesn’t call me Grandpa.  Then, listening to the sob story, which included stuff about drugs, auto accidents, etc I finally got tired of it and hung up.

Your first inclination as grandparents is a desire to help.  Perhaps the first thing to do is ask the caller’s name—not give him a name.  Because they don’t know you, they probably won’t know a name to give you.  If the name is correct, perhaps you should say you’re going to check with their parents.  This will should end the conversation!