Router Virus aka VPNFilter Malware

The Router Virus

Have you heard in the past few weeks about the router virus that is impacting hundreds of thousands of routers?  The FBI even issued a report recommending that everyone reboot their routers because:

“Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide.”

Over the past week or so, we’ve been getting calls from our customers who are very concerned about the router virus they keep hearing about.  And they’re right to be concerned.  The malware has been programmed into hundreds of thousands of routers. Big deal, right?  Because I don’t run any programs on my router, I’m protected, right?  I don’t store any of my data on my router.  It’s just that black box that sits in the corner that brings my WiFi signal from my ISP to my tablet. Completely harmless, right?

What can go wrong?

Harmless? Well, no.  This particular router virus can make your router inoperable.  Even worse, it can collect any information passing through the router. And then it could possibly collect your ID and password for your bank account.

How do you protect yourself?

The FBI is recommending that you reboot your device and then upgrade to the latest firmware.  You should also change the router password to a super-super secure password.

How do you reboot your router?The Router Virus aka VPNFilter Malware

Rebooting your router is just like rebooting your computer.  Unplug the router (or turn it off if the on/off switch is clearly marked), Wait 30 seconds, then plug it back in.

Will a reboot of the router always work?

Several privacy and security companies are saying that a reboot does a partial job.  Apparently, a router has two kinds of memory: Volatile and non-volatile memory.  Sometimes the router virus will also write data to the non-volatile memory too.  A reboot will clear volatile memory only.  In order to clear non-volatile memory, you’ll need to reset your router.

Should I reset my Router instead?

A router reset is more complicated than just turning the device off and on.  You’ll need to enter certain information and then follow certain steps. ESET (the company we like for antivirus software) has provided instructions for performing the reset.  You can find them in this article.

Which routers have this virus?

ESET has published a list of routers known to be infected with the router virus.  There are probably many others and the best thing would be for you to reboot your router regardless of which model you have.  Here is the list from ESET:

  • “Asus: RT-AC66U, RT-N10, RT-N10E, RT-N10U, RT-N56U, RT-N66U
  • D-Link: DES-1210-08P, DIR-300, DIR-300A, DSR-250N, DSR-500N, DSR-1000, DSR-1000N
  • Huawei: HG8245
  • Linksys: E1200,  E2500, E3000, E3200, E4200, RV082,  WRVS4400N
  • Mikrotik: CCR1009,  CCR1016,  CCR1036,  CCR1072, CRS109, CRS112, CRS125, RB411, RB450, RB750, RB911, RB921, RB941, RB951, RB952, RB960, RB962, RB1100, RB1200, RB2011, RB3011, RB Groove, RB Omnitik, STX5
  • Netgear: DG834, DGN1000,  DGN2200, DGN3500, FVS318N, MBRN3000,  R6400,  R7000,  R8000,  WNR1000,  WNR2000, WNR2200, WNR4000, WNDR3700, WNDR4000, WNDR4300, WNDR4300-TN, UTM50
  • QNAP: TS251, TS439 Pro, Other QNAP NAS devices running QTS software
  • TP-Link: R600VPN, TL-WR741ND, TL-WR841N
  • Ubiquiti: NSM2, PBE M5
  • Upvel: according to Talos, malware targeting Upvel as a vendor has been discovered, but researchers have not yet determined which devices are targeted.”

Will you reboot your router or reset it?

If you decide you want to “re-set” your router rather than “reboot” it, let us know if you need help.

Information about Geek For Hire, Inc.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years.  His company is highly rated by both the BBB and by Angie’s List.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30 day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, I earn from qualifying purchases.

Phishing Expedition’s – Keeping Safe During the Holidays

Several of our customers received a disturbing email over the past few days.  Once customer received one that said her email was being discontinued.  Another received one that said his bank account was being closed.  I even got one that said my SIM card was being deactivated so I would effectively be without cell service!  These are all “phishing expedition’s”.

Luckily I know the signs to look for to determine if an email is a phishing expedition or for real.Phishing Expedition

  1. Make sure the email is really from a trusted source.  If the email is from a friend, read it through before you click on any links.  Does the email sound like it was written by your friend?  Are you expecting an attachment or other link from them?  Always check when you receive an email with a link or other attachment before clicking.  Did your friend really send it?
  2. Before I click on a link in an email, I hover my mouse over the link to see where the click will take me.  When I hovered over the “Know More” link on the email I received, it goes to the website t.goddypuddy.IN/withLotsMoreTextFollowing. The “in” at the end of the website is a country code.  In the US, we are used to seeing .com, .biz, .net, or .gov.  In this case the .IN refers to  India.  So I know that the email originated in India. (Note that you can only do this on your computer, so don’t click on any links from your phone or tablet unless you know they are 100% safe!)
  3.  Does the body of the website match the Subject line?  In this case, the Subject is that my mobile number is being deactivated.  But the body of the email is completely unrelated talking about banks and the Supreme Court.
  4. If your friend or colleague says they didn’t send the message, tell them to change their password and run their virus scanner ASAP!

What else can you do to stay safe?

  • Put a note on your calendar to change your email passwords at least once a month.  Here are some tips to creating a strong password.
  • Be extra careful when surfing the web or viewing posts on Social Media. Malware is increasingly being spread that way.

Looking for more info on phishing expedition’s?  Here are some past blogs:

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Mac OS Malware – What you need to know

It’s finally happened.  Mac’s have finally reached that magic threshold where more and more people are purchasing MacBooks and iMacs.  The “bad guys” have recognized that and are writing Mac OS malware, viruses, and ransomware.  Yes, they are specifically targeting the Mac OS.  They’ve had years of practice on Windows machines.  They know Mac users are a bit more discerning, so their malware needs to be even more subtle to trick those Mac users.  Their products look like the real thing – a real email from Dropbox, a real pop-up from Adobe.

It’s a jungle out there, so don’t think you’re immune just because you have a Mac!mac os malware

Two versions that are targeting Macs are MacSpy and MacRansom.  MacSpy does the usual data scraping, browser history harvesting, etc. MacRansom is a straight-up ransomware.  The cost to retrieve your data is about $650-750.  You can read more about them in this article from Dark Reading.

Another Mac OS malware that’s spreading is installed when you think you’re installing an Adobe upgrade.  You do get the upgrade, but you get a “snake” program as well.  For anyone interested in reading more, check out this article.

Another Trojan, named OSX/Dok, is also relatively new and spreads it’s program through a sophisticated phishing email.  So far, it seems to be targeting primarily European Mac users.  Checkpoint says that:

“This new malware – dubbed OSX/Dok — affects all versions of OSX, has 0 detections on VirusTotal (as of the writing of these words), is signed with a valid developer certificate (authenticated by Apple), and is the first major scale malware to target OSX users via a coordinated email phishing campaign.”

Have you learned something about Mac OS malware? If you found this helpful, please forward it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission if you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

6 easy steps to keeping your computer safe from malware

Geek For Hire gets  calls just about every day from someone who is concerned about an email they’ve received, or a phone call, or a popup warning.  Usually I’m able to tell them that all is well.  How do I know that?  There are a few key things to make sure your machine stays safe from malware.

  1. Have you received a phone call from someone claiming to be Dell Technical Support – or HP, or any of the other manufacturers?  If you have not initiated that call, it is most likely a scam.  They will be very convincing, telling you that you need to install  updates, or that you have a virus.  Hang up!  As long as you don’t give them access to your machine, you should be fine.
  2. Have you received a phone call from someone claiming to be Microsoft?  They generally tell you that your Operating System is not up to date and they need to get access to your computer to download the appropriate files.  Again, these folks are very convincing, but you should hang up.
  3. Have you received an email from a technical company offering to review your machine for viruses and other problems? Send that email to your spam folder and ignore it!  Make sure you don’t click on any of the links in the email.Keeping your machine safe from malware
  4. Have you received an email from “Amazon” claiming that you have just purchased an item for $457?  They just need you to click on this one link to confirm your purchase.  Don’t click on it!  Delete the email!  It is a scam!
  5. Have you seen a pop-up on your machine saying that your machine is badly infected and you need to click on a link to get it resolved? In many cases you may already have some kind of malware installed on your computer.  Once you click on the link, you’ve “given permission” for additional malware to be downloaded and installed on your machine.  In this case you should run your virus scanner to see if it can remove the malware.  If it can’t remove it, or if it says it’s not finding any, you should call for professional help.
  6. Whenever you suspect an issue with your machine, run your virus scanner to make sure your machine is safe from malware.

If you found these tips helpful, please forward it to your friends!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission if you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Phishing Expeditions (Stay Safe Online!)

There’s another threat out there. It’s a Phishing Expedition. Several of our clients have already fallen for it.  It comes by way of an email which appears to be from a trusted friend or business associate.  They want you to take a look at a document on DropBox. It looks legit, plus, you’ve gotten documents from this email contact before.

So, you click on the link to look at the DropBox document. Except it’s not from your friend. And in that brief moment, you’ve given access of your entire email contact list to the Phishers.

As soon as you figure out what has happened, it is important to change the passwords for all of your email accounts

"Phishing" by Edwind Richzendy
“Phishing” by Edwind Richzendy

immediately. Here are some ideas for creating a really strong password.  You should also run your virus scanner.

How do you make sure this doesn’t happen to you?

  1. Before opening any attachments, make sure the email is actually from your contact.  Are you expecting a document or other attachment from them? Does the text of the email message and subject “sound” like what your contact would write? If not, give them a call to see if it’s really from them.  (If it’s not, tell them to change their password and run their virus scanner ASAP.)
  2. Put a note on your calendar to change your email passwords at least once a month.
  3. Be extra careful when surfing the web or viewing posts on Social Media. Malware is being spread that way as well.

Looking for more info on phishing?  Here are two past blogs:

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

8 Tips For Determining Fake News Sites

Over the last week or so, I’ve been hearing more about “Fake News” websites.  I’ve been aware, for a while, of websites that seem more biased, but I hadn’t been aware of websites with actual fake news. An off-shoot of this issue is that these websites sometimes include malware.  Several of our customers got a virus in the week leading up to the election from clicking on those types of “news” stories.

abraham-lincoln-internet-quote

Have you read any of these news stories?  Many of them surround the impact fake news has had on Facebook and other Social Media.  For example this article from the NY Times, or this one from the Washington Post, or this one from CNN .

What to watch out for:

  • Does the site have a lot of “click bait”?  That’s a web site with pop ups that you have to click through before you can read the actual content. This is different from the sites which make you watch an advertisement before you get to the actual story.  Click bait will take you to another site entirely.
  • Can you verify the news item with a reputable source?  If it’s real news, there should be something on one of the national news websites like CNN, NYT, MSNBCUSA Today, or even the Financial Times.  If it’s a local news stories, an NBC, CBS, ABC, or Fox local affiliate should have information.
  • Does the URL for the website seem odd in some way?  For example a url that ends with ” .co “, or ” .su “, or ” .ru “.
  • Does the headline match the story?
  • When a news story seems too fantastic to believe, I head over to Snopes to see what they have to say.  From their website, Snopes: “began in 1995 as an expression of … interest in researching urban legends has since grown into what is widely regarded by folklorists, journalists, and laypersons alike as one of the World Wide Web’s essential resources.”
  • Is it on a list of “fake news” websites?  There are several of these lists floating around.  Here is the one published by USA Today.
  • Is it satire?  Several websites are satire, which is not fake news.  Satirical sites which come to mind include the Onion, and the Borowitz Report.
  • Check the date.  Is it a recent news event, or something from months or even years ago that is being re-purposed as new news?

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

DDoS? And Why YOU May be to Blame

Last week, many websites and apps were severely compromised, especially on the East Coast. Apps like Twitter, Reddit, Spotify, AirBnB, and Netflix slowed to a crawl or were shut down altogether.  A DDoS attack was launched against Dyn, a New Hampshire company that provides DNS routing.

Level3 Outage map on 24Oct16 Screen Shot by Geek For Hire, Inc.
Level3 Outage map on 24Oct16
Screen Shot by Geek For Hire, Inc.

What did you just say?

  • DDoS = A “Distributed Denial of Service” occurs when hundreds of thousands of messages are sent to specific internet addresses with the intent to overload that service and shut it down. (In this case, the intent was to take down Dyn in order to affect many websites and not just one.)
  • DNS = The Internet’s Domain Name System translates the URL’s we enter, like www.google.com, into “the numerical IP addresses needed for the purpose of locating and identifying computer services and devices.” (From wikipedia)

In the past, most DDoS attacks were focused on a particular website.  Last Friday, the attack was focused on a company which the NY Times calls “one of the Internet’s giant switchboards”, which had a devastating impact.

So, how is this MY fault?

Do you have a surveillance camera on your front door? A wireless printer? A “smart” refrigerator”? All of these are connected to the internet with their own numerical IP address.  The “bad guys” can run through a list of IP address to see which addresses can easily be compromised.  Once they’ve identified these devices, they can use them to add to their arsenal to send the messages that create the attack.

I still don’t get it.  How is this MY fault?

Do you use a password on all of your internet connected devices? Is it secure? A password of “admin”, “123456”, or “password” is NOT secure!  Have you ever been out looking for free WiFi, and something like “HP-M475-5E3F78” was presented as an available WiFi that you could connect to?  That is what happens when someone does not put a password on their printer.  There are literally millions of WiFi connected devices in the US.  How many of those are vulnerable to participating in these types of attacks?

Please make it a point to use a secure password on all of your internet connected devices.  Change it today!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Ransomware

Chris has seen several Ransom Ware infections in the past 18 months or so.  Ransomware is just about the worst of the malwares the “bad guys” have thought up. Essentially, once you get infected, the ransomware installs a nifty little program which encrypts all of your data.  Then, they’ll give you a pop-up letting you know that you have so much time to pay a ransom to receive the encryption key.

Here is a screen shot of one of the ransom notes Chris has seen.

HELP_DECRYPT - ransom ware - modified

I’ve asked Chris to tell you what ransomware looks like, what you can do if you’re infected, and how to protect yourself.

I’ve seen three actual instances of ransomware in the past few years.

The first instance occurred about two years ago at a customer site.  I found that their personal and business files were all encrypted.  Since they had a fairly recent backup of their data, the thought process was relatively quick: remove the old hard drive, install a new one, rebuild their server, and restore their data.  This took several hours to complete, but it was successful and very little data was lost.

The previous instance occurred last summer, to a customer I hadn’t served in many years.  I forget the nature of the problem which motivated the service call, but I soon discovered that their personal data was unreadable.  I turned off the computer and removed the hard drive, so that I could see what customer data was there without allowing the infection to proceed if it was still active. Turns out the customer already had a secondary infection which had been running for the past six months.  This created a huge volume of temporary files and greatly delayed my getting permission to access to their data. Somewhat fortunately, every personal folder which had been encrypted had had a text file and an HTML file added, which contained a document from the ransomware software.  The document indicated that the data was encrypted, and if you wanted to get it back you had pay a fee in BitCoin at one of 4 different IP addresses.  Note that only one IP address was responsive.  The ransom cost started at some amount, and would increase as time went on.  To prove that they were indeed the ones which encrypted the data, they offered to decrypt one file immediately and at no charge.  In talking with the customer, they identified the one file that was the most critical, and this one file was successfully and promptly decrypyted. Eventually, the customer decided to pay the ransom, which was about $700.  It it took a long time for the customer to get the BitCoin payment into a spendable account, and then the payment could not be given because none of those IP addresses were accessible.  We were ultimately declined access to provide the ransom payment because their servers were too busy to receive another connection.  Apparently their servers were being crushed with activity from their own success.

The most recent occurred a few months ago at a business I frequent.  The symptom to them was that the computers which run their business management application displayed an error message saying that the database was corrupt.  Since I was there at the time this happened, my recommendation was that they turn off all of their computers. Turns out they received an encrypting infection called “Locky”, because the customer files are encrypted and renamed to have a “.Locky” extension.  But there was no opportunity to pay a ransom to get the data back.  Another problem was that there was no backup of their data for several years.  The solution was to replace the old hard drive with a new drive in the server computer, reinstall and update the operating system, and coordinate with the manufacturer to reinstall the application and look for old data.  Fortunately, a copy of the database that was 6 months old was found; so there was a 6 month gap in time, but at least they had not lost 20 years of customer data.  Also, a good antivirus was installed on all of their computers, which they did not have before.  They did not understand that they needed a good antivirus installed.  This was actually a problem that was waiting to happen.  It could have been avoided if their usual “IT Guy” had taken the initiative to see what they did and did not have, rather than just doing a technical task they were called in to do.  They are hopefully in the process of getting a backup procedure, because hindsight showed that having a 6 month gap in customer data could have been avoided if their usual “IT Guy” had implemented backups of their data.

There are lessons to be learned from these experiences.

  1. Have a good antivirus on all of your technology.  Note that there is no antivirus on the planet that can protect you from all things all the time.
  2. Have your computer prepped by a competent IT person.
  3. Make backups of your data.  Backups never go out of style.  It can be to an external hard drive, or a USB thumb drive, or to a cloud based backup service like Dropbox.
  4. Know the completion status of that backup.  I’ve lost count of the number of customers who believe that they have been backing up for long time, but turns out that their data is actually old because the backup has not worked for years.

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

The Scariness Increases

Ransomware

Chris forwarded a link to me the other day about some scary “malvertising”.  For those of you who didn’t have Senor Garcia for High School Spanish, “mal” is a Latin prefix meaning “bad”.  Other words you might be familiar with include “malware” and “malicious”.  And that’s what this is: Malware that looks like advertising, but really contains malicious code.

I can hear you saying: “But I know how to be careful and not click on stuff that looks suspicious!”  And that’s the issue right there.  These are “advertisements” that appear on highly respected websites.  ARS-Technica warns us that:

“Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.

The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when “Angler,” a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.”

Another technical site, MalwareBytes, mentions some other websites, including Newsweek, Realtor.com, and NFL.com.

And, the malware that is being downloaded isn’t your run-of-the-mill virus.  In many cases it is Ransomware, which takes all of your files and encrypts them with a special key.  You then need to pay a ransom to get the encryption key to get your data back.

This is not a message you want to see popping up on your screen!

Ransomware Image - source: http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/
Ransomware Image – source: http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/

What is our advice?

  1. Use an adware blocker like AdBlock Plus
  2. For some websites, they won’t show you ANY content unless you agree to see their ads.  In that case, never click on an advertisement.
  3. If you really are interested in a product or service that is being offered, go to the company’s site directly.
  4. Keep your data backed up to an external source.  And back it up at least once a month – more often if you are working with ever-changing and precious data.

If you need help getting rid of any malware, or learning how to regularly back up your data, give us a call!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted! Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link:  Try Amazon Prime 30-Day Free Trial

Computer and Phone Scams to watch for

Computer and phone scams are rampant if my voice mail is any judge. For the last few weeks I’ve been getting a voice mail message with the following recording:

“This call is in regards to the security software we installed on your computer last year. Now we see a red flag on our end stating there is a security breach on it. Please call 1-866-758-1262. I repeat, 1-866-758-1262. Thank you.”

We’ve also received phone calls from regular people like you or me who fell victim to these scams.

Whenever you receive a call on your home or mobile phone from a number that you do not recognize, be extra careful. Dell or Microsoft or Toshiba or even Apple won’t be calling you to tell you that your computer has a virus. When you get this kind of call, your spider-sense should be tingling!

Some of these computer and phone scams are very sophisticated. There are times though when you answer the phone and the person on the other end is very convincing. You might believe them and agree that they can access your computer remotely. Then when you hang up the phone you have second thoughts.

What steps should you take if you think you’ve been scammed?

  • Turn your machine off.
  • Disconnect the internet from your machine.  You may need to unplug the Ethernet cable from your machine or turn off the router if you have wireless service.
  • Turn your machine back on and confirm that your anti-virus is still working and is still installed.
  • Start your virus scanner.  It should tell you whether any malware has been installed, and it should remove those programs.
  • Once your virus scanner has completed and has removed any potential threats, you can reconnect your internet.
  • For the next few days be very cautious about how you use your machine.  For example, it would be prudent not to enter any financial or banking information on that machine – use your phone or iPad instead.  If the machine doesn’t show any signs of continued infection, it should be fine.  If it starts displaying pop-ups or becomes very slow, it’s time to call in a professional to do a thorough scrub of the machine.

You can find other symptoms of an infected machine here:

INFORMATION ABOUT GEEK FOR HIRE, INC.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has provided computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call at 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area and remote service throughout North America.

Here’s a link to our Covid19 Policy.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.