Showing posts with label attack. Show all posts
Showing posts with label attack. Show all posts

Monday, October 19, 2020

Protect Yourself From Cyber Attacks & Digital Fraud!


PROTECT YOUR INFORMATION

Make sure you know who you're communicating with.

  • Fraudsters pose as credible organizations, such as banks and the IRS, "phishing" for your information.
  • Be aware of COVID-related scams.
  • Criminals are taking advantage of the pandemic. Learn more about the top scams criminals are using during these difficult times.

Report suspicious texts and emails.

  • Fraudsters impersonate companies to get consumers to click links and provide personal information. These deceptive emails, phone calls, and text messages appear to come from a legitimate source.
  • Don't let online shopping scams trick you.
  • Before providing your billing information online, make sure you are working with a credible site. 
  • Don't download any software or click unknown links.

SECURITY BEST PRACTICES

Layer your protection.

  • A strong password is the first line of defense against cybercriminals. We recommend using multifactor authentication for an added layer of protection for all your accounts.

Be alert.

  • Monitor your accounts regularly, respond to fraud alerts, and report unauthorized transactions promptly.
  • Watch out for phishing attempts.
  • There are some easy ways to ensure an email is from "who you think" sent it. There are some simple methods to spot Email Spoofing, which you can find here.

Set your preference for digital documents.

  • Mailbox fraud has been an ongoing strategy for criminals. 
  • Safeguard your correspondence by signing up to receive digital information for your products and services instead of by Mail/USPS.
  •  Use a shredder to destroy paper documents when you are done with them.

Stay alert about industry trends on cybersecurity threats!

Tuesday, September 19, 2017

Ransomware; What You Need To Know


With the popularity of the "WannaCry" ransomware bug that went around in early 2017, most folks are pretty familiar with the term Ransomware (aka an extortion virus). If you are not familiar with term, essentially a Ransomware virus is bug that usually gets into a system through an infected attachment via a fake Email. Once the email is opened, the virus activates and immediately starts to seek out and encrypt Word Documents, Excel Spreadsheets, Pictures, Music; anything it can get it's hands on. It is a VERY destructive type of attack and if not prepared, you could loose all of the precious data that is stored on your computer and connected to your computer!

So what is Data Encryption?

Data encryption is a way to lock a file, or any type of data on a hard drive, very securely. Encryption essentially locks a file with a nearly unbreakable secret password, key, etc. Once a file has been "locked" or encrypted, you need have to have the secret key or password to be able unlock and access file(s) again. The key or password is what enables you to decrypt, or "unlock" the file, and have access to all your stuff again; pictures, documents, music, etc. So what the scammers are trying to achieve with deploying Ransomware is to lock your data up and then extort money from you to get your data back. Essentially make you pay a ransom to get your data unlocked and accessible again.

What can you do to protect yourself from Ransomware attacks?


  1. BACKUP YOUR DATA: Back up your files remotely every day, but only on a hard drive that is not connected to the internet. So long as you back up files on an external hard drive, you won’t lose any information if hit by a ransomware attack.
  2. NEVER OPEN A SUSPICIOUS EMAIL ATTACHMENT: And never download an app that you haven’t verified with an actual store. Read reviews before installing programs.
  3. SCAN ALL DOWNLOADS: Some antivirus programs have the ability to scan files to see if they might contain ransomware. Make use of them before downloading any questionable attachments from email or software from the internet.
  4. EXTRA PROTECTION: If you want take things a step even further, BitDefender does have an Anti-Ransomware security tool you can install and run on your computer to supplement (and work in conjunction with) your existing security software:
    www.bitdefender.com/solutions/anti-ransomware-tool.html

What do you do if you have already gotten infected with Ransomware?

If your computer has been attacked by ransomware, you can explore the free ransomware response kit (from ZDNet) for a suite of tools that can help with a ransomware attack.
Pacific Northwest Computers also recommends the following to moderate an attack as well:
  1. Remove the infected machines from the network, so the ransomware does not use the machine to spread throughout your network!! VERY IMPORTANT!!
  2. Decide whether or not to restore from available backups, try to decrypt the encrypted data, or pay the ransom and take it as a lesson learned.
  3. Research if similar malware has been investigated by other IT teams, and if it is possible to decrypt it on your own. About 30 percent of encrypted data can be decrypted without paying a ransom. Some of those tools are listed below:
If the none of the available decryption tools work (or a decryption tool is not available for your specific type or Ransomware) data recovery could be a last resort option. There have been cases where when the Ransomware virus attacks and the data encryption first occurs, the original file is actually copied and then deleted, and the copied file is what gets's encrypted! So we can try to recover those original files!

If you have been hit by a Ransomware virus, you need Ransomware Data Recovery, or you are interested in getting some systems in place to be prepared and protected in the case of a Ransomware attack, feel free to reach out to us!
Pacific Northwest Computers


Jon Pienkowski ~ Owner/Operator
360.624.7379

Friday, June 5, 2015

How can I keep my computer from getting infected? Pacific NW Computers' PC Security Tips


1. Make sure you regularly run MANUAL scans with your installed security software!
Security Programs We Recommend (Or Have Installed):
  • Avast Antivirus, BitDefender Free, Microsoft Security Essentials
  • MalwareBytes Anti-Malware
  • Spybot Search & Destroy
  • CCleaner
*For direct download links to the software listed above, visit "Pacific NorthWest Computers' Links and Recommended Software" page on our Blog Link below!
http://pnwcomputers.blogspot.com/2013/06/pnw-computers-links-and-recommended.html

Basic/General Scanning Procedure:

  • Before running any scans with any of the installed security software, be sure to FULLY update the software FIRST.
  • After updating the security software, perform the deepest and most thorough scan that the software is capable of. This is usually labeled as a FULL or COMPLETE scan.
  • DELETE or QUARANTINE any and all of the security software’s findings.
  • Make sure you DON’T download and install any scanner/security software that solicits you to download and install its software. These scanners are blacklisted because of their questionable reputation.

2. Make sure your Windows is ALWAYS up to date!

  • An unpatched Windows is vulnerable and even with the “best” Antivirus installed; malware will find its way through.
    So visit http://windowsupdate.microsoft.com/ to download and install the latest updates.
  • Be sure to download and install all CRITICAL and SOFTWARE updates! You also may have to do several “passes” of Windows updates before all the available updates/patches are actually installed.
  • Verify that your version of Windows Vista, Windows 7 or Windows 8 has the most recent service pack installed. If this is not currently installed on your system, the Windows Update website will recognize this vulnerability and request you to download and install any available Service Packs and other needed updats.

3. Stay away from questionable sites.

  • This is one of the main causes why a computer gets infected. Visiting cracksites/warezsites – and other questionable/illegal sites is ALWAYS a risk. Even a single click on the site can be responsible for installing a huge amount of malware. Don’t think: “I have a good Antivirus and Firewall installed, they will protect me” – because that’s not true… there is no “Magic Bullet”. Before you know it, your Antivirus and Firewall may already be disabled because malware already found its way on your system.


4. Be careful with email attachments!

  • Malware spreads via email as well, especially email attachments. The most common ones are emails telling you that your computer is infected and that you can find the removal tool in the attachment, emails telling you that your password has changed and can find it in the attachment, emails with product codes in the attachment from software that you purchased (which you didn’t), emails with attachments that are so called “Security Updates”, etc. etc.
  • Don’t trust any emails like the ones listed above. Don’t even attempt to preview/open them and delete them immediately instead! It may also happen you receive an email from someone you know, but with a questionable attachment present and strange content in the e-mail’s message. In this case, this person – or someone else who has your address book in his/her address book – is infected with malware (worm/spambot) and sends these emails without being aware of it.
  • Don’t click links in emails from someone you don’t know, because these links can redirect you to sites where malware gets downloaded and installed.

5. When surfing the internet…

  • Use Google Chrome or the FireFox web browser as your MAIN internet browser. These browsers does not use ActiveX controllers or BHO’s (these are programs that are a standard feature’s of Microsoft’s Internet Explorer and are “exploited” vulnerabilities that hackers use to infect computers). If a specific website (such as a financial institution website) may require Internet Explorer to be used in order for you to view their site, then use Internet Explorer. But for that specific website ONLY!
  • Don’t click on links inside pop-ups. ALWAYS close the windows via the "X" for the window vs. clicking "Cancel" or any other 'escapes' in the pop-up.
  • Download software off of the internet from websites you know and trust. A lot of free software comes bundled with other software, including malware.
  • Be careful when you are viewing videos online. Especially when you get a pop-up asking you to download a “Codec” to be able to watch the video. By default, your media player should already have the necessary codec installed to watch online videos. In the case that you’re prompted to install an additional codec while trying to watch a move online (or downloaded), it is most likely a false alert and this so-called codec may install malware.
  • Don’t install plug-ins (ActiveX) if you’re not certain what it is or why it is you need it. (Unless you are attempting to perform Windows/Microsoft Updates).
  • Glubble is a great FireFox add-on if you want to manage the sites your kids are allowed to see.

6. Watch what you download!

  • If you want to install certain software, always go to the developer’s site to download the software. Then you can be sure you’re downloading and installing the right software. Be aware of the fact that certain software (especially freeware) may contain/come bundled with extra software including spyware and/or adware. So only install when you’re sure they are OK.
  • The use of Torrent sites, Game Patches and Mods, Emulators; really anything "Free" is always a risk. Unless the download/host site is a reputable site, you can never be sure what you are exactly downloading. A file you are looking to download or have downloaded isn’t always what it’s made out to be.

If you have any questions or comments please don't hesitate to get in touch!

Jon Pienkowski
Pacific NorthWest Computers
www.pnwcomputers.com
360-624-7379

Wednesday, April 30, 2014

Microsoft Internet Explorer Vulnerability ~ Fact and Opinion


As you have most likely heard, Microsoft is scrambling to fix a major bug which allows hackers to exploit flaws in Internet Explorer 6, 7, 8, 9, 10 and 11. The company has also confirmed it will not issue a fix for web browsers running on Windows XP after it formally ended support for the 13 year old operating system back on April 8th.

The vulnerability was discovered by cyber security software maker FireEye Inc. which stated the flaw is a ‘zero-day’ threat. This means the first attacks were made on the vulnerability before Microsoft was aware of it. FireEye also revealed a sophisticated hacker group has already been exploiting the flaw in a campaign dubbed ‘Operation Clandestine Fox’, which targets US military and financial institutions.

FireEye spokesman Vitor De Souza declined to name the hackers or potential victims as the investigation is ongoing, only telling Reuters: “It’s unclear what the motives of this attack group are at this point. It appears to be broad-spectrum intel gathering.”

For its part Microsoft has confirmed the existence of the flaw in an official post: https://technet.microsoft.com/library/security/2963983

Now, Internet Explorer has always been a vulnerable browser and has exploits created/identified against it everyday. This is why for YEARS I have pushed my customers to use an alternative Web Browser such as Mozilla Firefox or Google Chrome. As previously mentioned, both of those web browsers are safer to use than Internet Explorer and are both immune from the recently identified exploit!

What makes this recent vulnerability stand out from the others, and why this particular vulnerability is making all the headlines, is that the problem is pretty widespread; affecting 1 in 4 Windows based computers and ALL Windows XP systems.

A Temporary Fix
While Microsoft rushes to fix the bug, FireEye gave concerned users two workarounds .
  1. Use another web browser other than Internet Explorer
  2. Disable Adobe Flash. “The attack will not work without Adobe Flash,” it said. “Disabling the Flash plugin within IE will prevent the exploit from functioning.”
*Adobe has released a new patch/update for their Flash Player! Allow the Flash Player to update or manually download and install the latest version here: http://www.adobe.com/support/flashplayer/downloads.html

No Hope For Windows XP
Microsoft has confirmed that no fix will be rolled out for Windows XP because support has officially ended and there are no plans to make an exception. It states:

“An unsupported version of Windows will no longer receive software updates from Windows Update. These include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software, which can steal your personal information.”

The company’s advice to Windows XP users has remained the same for some time: upgrade to Windows 7 or 8 or buy a new PC. It has also repeatedly sent a pop-up dialog box to reachable Windows XP machines with the following end of support notification.

For users unsure whether their existing XP PCs can support Windows 8, Microsoft offers a software tool called ‘Windows Upgrade Assistant’ which can be downloaded here: http://go.microsoft.com/fwlink/p/?LinkId=321548

If you have any questions or concerns please don't hesitate to get in touch!

Jon Pienkowski
Pacific NorthWest Computers
www.pnwcomputers.com
360-624-7379