US Cert issues tech support fraud alert

reno computer repair - US CERT
reno computer repair – US CERT

US cert has issued an alert (about 5 years late) regarding Tech support fraud. Where fake antivirus companies pretend to be Microsoft or some other well known company and demand that you must “fix” your computer or be reported or even arrested if you do not immediately comply with their demands for money.

I have written about this for many years, so it is nice to see when the government catches up with the rest of us in the computer support world.

Some of the highlights from the alert are…

HOW THE FRAUD OCCURS
Initial contact with the victim typically occurs through the following methods:

Telephone: A victim receives an unsolicited telephone call from an individual claiming the victim’s device or computer is infected with a virus or is sending error messages to the caller.

Search Engines: Individuals in need of tech support may use online search engines to find technical support companies. Criminals pay to have their fraudulent tech support company’s link show higher in search results hoping victims will choose one of the top links in search results.

Pop-up message: The victim receives an on-screen pop-up message claiming a virus has been found on their computer. In order to receive assistance, the message requests the victim call a phone number associated with the fake tech support company.

Locked screen: The victim’s device displays a locked screen with instructions to contact a faketech support company. Some victims have reported being redirected to alternate Web sites before the locked screen occurs.

The report goes through a few different attack scenarios but in the end comes down to not doing anything a new popup or person cold calling you on the phone tells you to do.

If you see such a popup or get the phone call, hang up and call your normal IT support company to make sure your ok.

You can read the full report here…

https://www.ic3.gov/media/2018/180328.aspx

And as always feel free to call RenoGeek for any tech support question you may have.

Change Facebook Ad Preferences

Reno-computer-Repair-Online-Privacy
Reno-computer-Repair-Online-Privacy

Seems with the loss of 5 billion or so in wall street value Facebook has finally found a reason to start taking some of its end users privacy concerns seriously.

Starting with a simplified interface you can now go into the depths of Facebook land and change “some” of the things you are shown while on their website.

If you are a long time user you may wish to plan  some “away” time to wade through the hundreds if not thousands of categories that have been connected to your account  and I would definitely suggest that you expand the settings to view to find all the ways the big “F” has been tracking you.

But if you take the time and go back once in awhile to review what new things they have learned about you delete them. You can keep what they know about you to a minimum.

Of course if you don’t have a reason to share everything with everybody on the planet you can also change the settings so that only your friends can see what you post.

At any rate it might be fun to see how much Facebook as learned about you.

(or not).

You can review and change your Facebook Ad privacy settings here..

https://www.facebook.com/ads/preferences

 

Timeline – The next thing on your system to clean out

Reno Computer Repair - Spring Creators Update
Reno Computer Repair – Spring Creators Update.

Windows Spring Creators Update will feature a new utility called Timeline. It will let users see in chronological order all the activities they have performed on their computers. While this utility is being touted as something of a super “recently used” list. It may turn out to be a privacy issue. As anybody logged into your account will have an even easier time seeing what you have been up to.

While Microsoft says users will be able to change the settings of Timeline to show less (or no) information, it will as most settings on Windows 10 systems be buried. Meaning many if not most people will have little clue as to where they can adjust what is saved and shown.

I predict that this utility will be used against end users in a number of ways. Bosses at work demanding to see this log from workers to check up on them. (easier than asking the IT department to keep tabs on people).

And even IT support scammers using it instead of event viewer to give the impression that hackers are tracking their every move. In addition this provides a new attack vector for fake system utility programs. Claiming they will “clean” this new tracker and instead infecting users unknowingly.

Hopefully the good folks in Redmond, WA. Have already considered these possibilities and will provide some kind of hardening of this new program to prevent misuse of this utility.

But as with web browsers and email it will once again be up to the end user or their IT support staff to monitor and clean out the digital junk this new utility will create.

Want to share your life on Facebook? Don’t be Surprised when companies steal your data.

Reno Computer Repair - Cambridge Analytica
Reno Computer Repair – Cambridge Analytica

Cambridge Analytica is in the news for allegedly stealing user data from Facebook and then using it to help the GOP in the 2016 election. In short they took user data from Facebook profiles while users were interacting with a personality quiz.

While this company claims that they did not violate Facebook’s rules on how they handle data and that they also complied with their own “privacy” policy. It just goes to show that when using almost any “free” service online, you are paying for it in the end by supplying information about yourself to that company and any 3rd party they share or sell that information to.

While this case seems to deal primarily with people clicking on a Facebook link and then going to a 3rd party website to take a quiz.  There are many ways that Facebook (or the companies they “work” with) can take (steal) your data.

So how do you protect yourself while in “Zuckerberg Land”? There are a number of ways to limit (but never eliminate) the chances your data ends up where you never expected it to.

Limit what information you share in your bio: 

Do you real need to put every school you went to? Where you worked or work at? What your favorite restaurant or movies are? How you voted last time around? The State and city you live in? The more information you give away, the easier it is to collect and then refine what is know about you. Share less and be safer.

Change the privacy settings on Facebook:

Click on the help icon then settings and then privacy. Under “Your Activity” change your settings from “public” to “friends only”. Look at the other settings and decide what levels you feel comfortable with. For me I don’t wish to share my phone numbers and other info with strangers.

Don’t play that Game:

Every game, survey, quiz and who were you in a past life link on Facebook is for the most part paid for by an outside company. And that company somehow needs to pay to run the website that said link game or quiz  is running from.

Most companies don’t give away stuff for free unless they are somehow going to make money from you. So the vast majority of these companies are gathering your information and selling it.  Don’t play the games and take the quizzes and they will have less of your information.

The Takeaway: 

The less information you give to Facebook (or any company online) the more privacy you will enjoy. So the next time a Facebook recommend or sponsored post appears in your feed offering to show you what Egyptian Pharaoh you were in a past life pops up. Keep scrolling…

No safe Harbor – AMD chips also have major flaws

Reno Computer Repair - AMD Flaw
Reno Computer Repair – AMD Flaw

It seems that the computer security company CTS has found 13 different flaws in modern AMD CPU’s. So for thoses that were going to jump off the Intel ship and switch to AMD, it may all be for not.

While I won’t get to far into why CTS released this information with only one days notice to AMD (and giving them no chance to repair the issues). It just highlights the need for much better testing of all CPU’s before being released for general use.

It also shows us all the need for more than just one or two big companies controlling the manufacture of most of the worlds CPU’s. As this forms a security bottleneck, where the failure of these two companies now jeopardises the security for almost everybody using a computer on the planet.

The fixes I predict, will take the same path as Intel’s did over the last few months. Deny a major problem, have O/S and software manufacturers try and patch things and then come out with their own firmware patches to address the issue.

But in the end these companies loose little because when they do come out with new “fixed” chipsets, people will flock to buy up the new, more “secure” CPU’s.

The big losers here are the companies and end users that will have to contend with less secure machines and the slowdowns of said machines once the patches are released.

As always make sure your IT staff or your personal computer technician or shop is up to date on these problems, so that they may protect both you and your company.

Did you read page 327 of your privacy policy?

Reno Computer Repair Privacy
Reno Computer Repair Privacy

Every website you go to, every app you install and each social media account you open, more than likely has a privacy policy. The fine print as it were, that you must accept if you wish to use most modern services today. They are even baked into Microsoft Windows (I see the disclaimer each time I setup Windows in my computer repair shop), the ISP you used to get here and read this, your credit card issuers, banks, your home, car and student loans. As well as  TV’s that can stream movies, Alexa and too many other products to list.

But of course these agreements let you know about the many protections these companies take to insure what they learn about you never gets out to the real world and that all your information is safe and sound with an army of employee’s guarding it with their very life’s, right?

To bad that is not the case in the 21st century. These privacy agreements let most companies sell, share and use your information almost any way they want. All those “free” websites, accounts and apps are paid for with every click you make and each cat video you watch. Ever notice after watching  a bunch of videos about a subject, you see ads for something similar for weeks afterward?  That’s your “privacy” in action. And it’s all legitimate and legal. All because you really “read” all the pages in your EULA and the Privacy policy, right?

Some of these documents can contain north of 100+ printed pages. So companies know they are safe stuffing almost anything they want into these “fair warning” agreements.

But while all this is bad enough, the really scary part is in many (if not most) cases deep, deep down in this document will be something to the effect of this…

“From time to time we may share some (or all) of your information with our partners, suppliers and on occasion with law enforcement or other legal  entities that may have jurisdiction over data we have collected about you.”

And all these different companies and agencies in many cases are free to do whatever they like with your information once they acquire it from the primary company you shared your data with. In other words once one company gets your information in can then be shared or bought by other companies, who can then share or resell it to yet other companies.

So the fact that you might stay up every Friday night watching cat’s in tuxedo videos at 3am while also on review websites for the best pot shops in California could, after being shared over and over with different companies, end up being bought by your car insurance company that now raises your rates out of the blue because you have a higher risk of driving while under the influence.

The gist here is that you should read all agreements before clicking on the “agree” button. It might not be worth installing the next add rabbit ears to all my face shoots app, if your giving up information you never thought anybody can or should see.

As an example, here is a link to paypals “3rd party list”. They only share with 500+ companies. What could go wrong?

https://www.paypal.com/ie/webapps/mpp/ua/third-parties-list

 

Only 45% of Ransomware Victims get their data back.

Reno Computer Repair - Avoid Ransomware
Reno Computer Repair – Avoid Ransomware

A study by CyberEdge, a computer security company. Found that only about 45% of the companies that try to pay off Hackers to get their files back, ever see their data again.

While not a huge surprise to me that some criminals turn out to be dishonest. It will be a great disappointment to the company or end user that probably spent hours, if not days trying to figure out how to turn cash into bitcoin in order to pay off the hackers. And then trying to navigate cyberland to then get that payment to said hackers. All for a less than 50/50 chance of ever seeing their files again.

The same study found that close to 90% of the companies and end users that made good backups on a regular basis were able to re-install their operating systems and recover the majority of their data from their backups.

For me it’s a no-brainer to do things right in the first place and make good backups that guarantee a much higher degree of recovery, at much less cost to you or your company in the end.

Backups are nothing more than a insurance payment to the future, when malware, ransomware or a failing hard drive can (and probably will) have you wishing you took the time to set up a good backup policy.

I know this to be true, because I see almost daily the results first hand of what happens when poor or no backups are made. And in the end it is much cheaper to make good backups now, than to pay off hackers or your employees to recreate years worth of lost data.

If you do not have a good backup plan in place (or don’t know if you do). Call RenoGeek today to setup a plan that will give you peace of mind.