Monday, October 14, 2024

Your Online Account(s) Got Hacked & You Are Locked Out: What Do You Do!?


Online security is becoming increasingly critical as more of our daily lives move onto the internet. If you believe one or more of your online accounts have been hacked or compromised, it’s essential to act swiftly. If you are locked out of an account, the situation becomes even more urgent. Below are detailed steps you can take to mitigate damage, regain control, and enhance the security of your other online accounts.


*Note: One takeaway from my own personal "getting hacked" experience is that the new "Verified" model that most social media platforms use now is being leveraged to push users into paying for the verification, just to receive any kind of personal support if they happen to have any problems or issues with their account. Going forward I recommend (and will personally practice) that you verify ANY and ALL online social media accounts that are important or critical to your life/work. You can use the services for free, but if you have an issue like an account hi-jack/take-over, it can be next to impossible to get ANY help if you are un-verified.


1. Report the Incident Immediately!

Reporting the compromise to relevant authorities and service providers is crucial. This not only helps you recover control of your account but also aids in preventing further damage.

  • Local Police: If you suspect identity theft or fraudulent activity, file a report with your local police department. Keep copies of the report for further use.
  • Websites or Software Providers: Contact the customer support teams of any websites or services involved in the breach. Most platforms like Google, Facebook, and financial services have processes in place to assist users in recovering hacked accounts.
  • IC3/FBI: If the incident involves significant financial loss or cybercrime, file a report with the Internet Crime Complaint Center (IC3), which is a division of the FBI focused on internet-based crimes.

2. Recovering a Locked-Out Account:

If you are locked out of an account, follow these steps (and see further details at the end of the blog):

  • Use Account Recovery Options: Most services offer account recovery options like email or phone verification, but this may not be safe if these are compromised. Prioritize recovery methods like trusted devices or backup codes (which many services provide when setting up 2FA).
  • Contact Customer Support: If recovery options fail, reach out to the service provider’s customer support. Be prepared to verify your identity through personal information or past account details.
  • Keep Documentation: If you’ve filed reports with the police or the IC3, share these reports with the service provider, as this may help speed up the account recovery process.

3. Secure Any Associated Payment Services

If you're completely locked out of an account, especially one that’s linked to financial services, take immediate action by logging into any associated payment services and removing access to the hacked site or account. For instance:

  • PayPal
  • Venmo
  • eBay
  • Banking apps or credit card accounts

This helps to stop any unauthorized transactions that could stem from the compromised account. Be sure to carefully review recent activity on these services to identify any fraudulent activity and report it to your payment service provider.

3. Change Passwords on Any/All Online Accounts You Have!

Once you've safeguarded your payment methods, it's essential to change your passwords across all your online accounts. Start with the most important and sensitive accounts first:

  • Email Accounts: Your email is often the gateway to all your other accounts, so this is the highest priority.
  • Financial Accounts: Banking, credit cards, PayPal, Venmo, CashApp, Zelle, etc.
  • Shopping Platforms: Amazon, eBay, and any other sites where your payment information is stored.

Use strong, unique passwords for each account. Consider using a password manager to generate and securely store complex passwords, reducing the chances of reuse or weak password issues.

4. Monitor and Secure All Other Online Accounts

Even if only one account was compromised, hackers may have attempted to access other accounts through the use of the same password or linked email addresses. Take the following additional precautions:

  • Review all recent account activity for suspicious logins or transactions.
  • Revoke access to any suspicious devices or apps that are connected to your accounts.
  • Update security questions and answers, ensuring they aren't easily guessable or derived from public information.

5. Setup, Use, and/or Check Any Credit or Data Monitoring Services

If you use any sort of data monitoring or ID monitoring service(s), this would be the time to check on them or even ask the provider to run an up-to-date check of your personal information.

  • Guardio: We do use and recommend Guardia as an "Umbrella" service to not only monitor your personal information but also look for password leaks and even provide email/web filtering and monitoring. The service is not free, unfortunately. But their products and services have GREATLY helped us with similar issues in the past.
  • Free Credit Monitoring such as Experian, Equifax, Credit Karma, the FTC, and other resources.

6. Enable Two-Factor Authentication (2FA)

Where available, always enable two-factor authentication (2FA) for your accounts. However, be cautious with the type of 2FA you use:

  • Do not rely on 2FA through SMS or email, as these can be intercepted through SIM-swapping attacks or email compromises.
  • Use an authenticator app such as Google Authenticator, Microsoft Authenticator, or Authy.
  • Security Keys: For the highest level of protection, use your security key for 2FA on any accounts that support it.

Make sure to set up both security keys on all accounts that support them for redundancy in case one is lost or stolen.

7. Implement Security Keys for Two-Factor Authentication (2FA)

Using a security key (like a YubiKey) is one of the most effective ways to protect your accounts. Security keys provide an extra layer of security beyond traditional passwords by requiring physical confirmation for account access.

  • Buy Two Security Keys: Setting up two keys ensures that if one is ever lost, stolen, or damaged, the backup key can be used to regain access to your account.
  • Register Both Keys: Set up both keys on every account that supports their use (e.g., Google, Dropbox, Microsoft, social media, financial services, etc.).

8. Ongoing Protection and Monitoring

After recovering your accounts and enhancing their security, adopt good online security practices going forward:

  • Use a Password Manager: This helps you create and store strong, unique passwords for all your accounts.
  • Monitor Credit Reports: If financial information is compromised, regularly monitor your credit report for unusual activity. You can also consider placing a fraud alert or credit freeze.
  • Watch for Phishing Attempts: Be especially cautious of phishing emails or texts that may follow a breach, as hackers may try to gain further information by impersonating legitimate companies or services.

By following these steps, you can effectively respond to an account compromise and significantly reduce the chances of future breaches. The key is to act swiftly, report incidents, and continuously improve your security practices.


Sunday, September 15, 2024

Mac Self-Service System Configuration: How-To

Apple Self-Service
System Configuration: How-To

System Configuration may be required at the end of your repair. System Configuration is a postrepair software tool that completes the repair for genuine Apple parts. System Configuration has a number of purposes that vary based on the part replaced. Refer to the Introduction section of the model you’re repairing for a complete list of details.

Before initiating System Configuration, ensure that the Mac is running the latest version of macOS. You’ll have one attempt to complete System Configuration. If the attempt is interrupted, canceled, or encounters an error, the Mac will display a message instructing you to contact the Self-Service Repair Store team for assistance.

If you don’t want to update the Mac to the latest version of macOS or need assistance initiating the System Configuration process, contact the Self Service Repair Store team.
Initiate System Configuration

Important: If the Mac automatically starts up to diagnostics mode, skip to step 6.

If you use Ethernet to connect the Mac to the internet, plug the Ethernet cable into the Mac before turning on the computer. If you use Wi-Fi, you'll connect the Mac to the internet during step 5, after the computer starts up to diagnostics mode.

  1. Press and hold the power button on the Mac to turn on the computer. On laptop computers that have Touch ID, press and hold the Touch ID button.
  2. Continue to hold the power button or Touch ID button as the Mac turns on and loads startup options. Release the power button when “Loading startup options...” appears on the screen.
  3. When the startup options screen appears, press and hold Command (⌘)-D on the keyboard to put the computer into diagnostics mode.
  4. If you're using Wi-Fi to connect the Mac to the internet, choose the network from the Wi-Fi menu in the upper right corner of the diagnostics mode screen.
    Note: The Wi-Fi menu may take a few seconds to appear. This is normal behavior.
  5. A list of languages will appear on the diagnostics mode screen. Choose your preferred language and click "OK."
  6. When the Diagnostics & Repair screen appears, click “I agree“ to begin System Configuration.
    Important: If you replaced the lid angle sensor on a laptop, skip to step 9.
  7. If System Configuration is successful, the Mac will display a message that says, “Suite completed. Restarting to Diagnostics Mode.”
  8. Important: If you encounter an error, contact the Self-Service Repair Store team for assistance.
    Complete steps 9 through 14 only if you replaced the lid angle sensor on a laptop.
  9. When the Action Required alert window appears on the screen, click "Continue." Then immediately close the display.
  10. Keep the display closed for 20 seconds.
    Caution: If the display isn’t fully closed during the System Configuration process, 
    you’ll need to install another new lid angle sensor.

  11. Open the display when you hear the startup chime or after waiting 20 seconds.
  12. If System Configuration is successful, the Mac will display a message that says, “Suite completed. Restarting to Diagnostics Mode."
  13. The Mac will automatically restart to diagnostics mode. Then choose Restart from the Apple menu.
  14. After the Mac restarts again, confirm that you can put it to sleep by closing the display. The Mac should sleep when the display is almost completely closed.
    • Important: If you encounter an error, or the Mac doesn't sleep when expected or wakes unexpectedly, contact the Self Service Repair Store team for assistance.

Restore the Mac Before Initiating System Configuration

You may need to restore the Mac before initiating System Configuration for the following reasons:

  • If you replaced the logic board and the replacement logic board isn't running the latest version of macOS.
  • If you replaced the logic board or SSD modules on a Mac Pro or Mac Studio.

To restore the Mac you will need the following:

  • Another Mac running macOS Sonoma (14.1 or later) or another Mac using the latest version of Apple Configurator.
  • Internet access
  • A USB-C charge cable. The USB-C cable must support both power and data. Don’t use Thunderbolt cables.

Follow these steps to restore the Mac:

  1. Choose one of the following methods to restore the repaired Mac, then continue to step 2:
      • If you replace the logic board, the Mac will start up in diagnostics mode.
      • If you replace SSD modules, the Mac will start up to Setup Assistant. Shut down the Mac before continuing.
  2. Follow the steps above to Initiate System Configuration
  3. The Mac will automatically restart to diagnostics mode. Then choose Restart from the Apple menu.
  4. After the Mac restarts, follow the onscreen instructions to activate the Mac.
Published Date: May 08, 2024

Monday, August 26, 2024

Understanding Phishing and Social Engineering Attacks: A Deep Dive Into Modern Scams

Understanding Phishing and Social Engineering Attacks: A Deep Dive Into Modern Scams

Phishing and social engineering attacks have become increasingly sophisticated, targeting individuals and organizations intending to deceive and exploit. One of the most prevalent forms of social engineering is the fake tech support scam, where attackers pose as legitimate technical support representatives to gain access to personal information, financial details, or direct control of the victim’s computer. However, there are many other ways a scammer can convince someone into believing and going along with a targeted Scam. In this article, we’ll explore how these scams operate, their common tactics, and how you can protect yourself and others from falling victim.


How Online Scams Work

Initial Contact: The Hook

Scammers often initiate contact with potential victims through various channels, employing different tactics to lure them into the trap:

  1. Cold Calls: The scammer calls the victim directly, impersonating a representative from a well-known company such as Microsoft, Apple, or a popular antivirus provider. They usually claim to have detected viruses, malware, or other critical issues on the victim’s computer.
  2. Pop-Up Warnings: While browsing the web, the victim may encounter alarming pop-up messages. These pop-ups often mimic legitimate security alerts, claiming that the computer is infected and instructing the user to call a provided number for immediate assistance.
  3. Phishing Emails: The scammer may send phishing emails that appear to come from reputable companies. These emails typically warn of security threats and urge the recipient to call for support or click on a link, leading them to a fraudulent website or direct contact with the scammer.

Convincing the Victim: The Bait

Phishing email attacks are designed to trick recipients into revealing sensitive information, such as passwords, credit card numbers, or other personal data. Below are some common examples of phishing email attacks:

  1. Fake Account Security Alert:
    You receive an email claiming to be from your bank or another financial institution, warning you of suspicious activity on your account. The email urges you to click on a link to verify your identity or secure your account.
    • What to Look For:
      • Urgent language like "Your account has been compromised!" or "Immediate action required."
      • Links that appear to be legitimate but lead to a fake website designed to capture your login credentials.
      • Generic greetings like "Dear Customer" instead of your actual name.
    • Protective Action:
      • Do not click on links in the email. Instead, go directly to the institution’s official website and log in there to check your account status.

  2. Impersonation of a Trusted Contact:
    You receive an email that appears to be from a colleague, friend, or family member asking for help or money. The email might claim that the sender is in trouble or needs urgent assistance.
    • What to Look For:
      • The sender's email address may look similar to the real one but have small differences (e.g., john.doe@examp1e.com instead of john.doe@example.com).
      • Requests for unusual actions, such as purchasing gift cards or transferring money.
      • Poor grammar or language that doesn’t sound like the person you know.
    • Protective Action:
      • Contact the person directly using a different method (like a phone call) to verify the request before taking any action.

  3. Fake Invoice or Payment Request:
    You receive an email from a supplier or service provider claiming that you owe money for an invoice that you don’t remember. The email includes a link or attachment to view the invoice
    • What to Look For:
      • Unfamiliar sender or details about a purchase you don’t recall.
      • Attachments that might contain malware or links to phishing websites.
      • Pressure to make a payment quickly.
    • Protective Action:
      • Verify the legitimacy of the invoice by contacting the supplier directly using known contact information. Do not open attachments or click on links in the email.

  4. Job Offer or Employment Scam:
    You receive an email offering a job opportunity with an attractive salary or benefits, often asking you to provide personal information or pay a fee upfront.
    • What to Look For:
      • Unsolicited job offers that seem too good to be true.
      • Requests for personal information like Social Security numbers or bank details early in the process.
      • Professional-looking emails but with poor grammar, odd formatting, or vague job descriptions.
    • Protective Action:
      • Research the company independently, and avoid sharing personal information until you have verified the legitimacy of the job offer.

  5. Delivery Notification Scam:
    You receive an email claiming that a package delivery attempt failed and that you need to click on a link to reschedule delivery or update your shipping information.
    • What to Look For:
      • A sender claiming to be from a delivery service like UPS, FedEx, or DHL.
      • Links to websites that are not the official delivery service's domain.
      • No specific details about the package, such as the sender's name or tracking number.
    • Protective Action:
      • Visit the delivery service’s official website and enter your tracking number manually, or contact the service provider directly to confirm the delivery status.

  6. Phishing for Credentials:
    You receive an email that appears to be from a service you use (like Google, PayPal, or Netflix) stating that there’s a problem with your account. The email includes a link that directs you to a fake login page designed to steal your username and password.
    • What to Look For:
      • Emails that urge you to "confirm your account" or "update your payment information" immediately.
      • Links that, when hovered over, show a different URL than the official site.
      • Fake login pages that mimic the real site but have slight differences in the URL.
    • Protective Action:
      • Never log in through links in unsolicited emails. Instead, navigate to the service provider’s official website manually to check your account.

  7. Tax Scam Emails:
    You receive an email purporting to be from the IRS or another tax authority, claiming that you are due a refund or owe additional taxes. The email instructs you to click a link to provide your financial details.
    • What to Look For:
      • Emails from government agencies, especially those asking for personal information.
      • Claims that you are entitled to a refund or need to pay taxes urgently.
      • Requests for sensitive information like your Social Security number or bank account details.
    • Protective Action:
      • The IRS and most government agencies do not initiate contact via email. If you receive such an email, report it to the appropriate authorities (like the IRS at phishing@irs.gov).

Gaining Remote Access: The Trap

Scammers often will try to gain remote access to a victim's computer or online accounts, giving them control and the ability to steal personal information, install malware, or commit fraud. Here’s a basic rundown of how these scams work:

  • Creating Urgency: To make the victim anxious and more likely to comply, the scammer uses technical jargon and alarming language. They might say that immediate action is needed to prevent severe damage or data loss.
  • Gaining Trust: The scammer may instruct the victim to perform simple tasks on their computer, such as opening the Event Viewer, which naturally shows error messages. They use this to "prove" the computer is compromised, even though these messages are normal and harmless.
  • Requesting Remote Access: The scammer then persuades the victim to install remote access software (like TeamViewer, AnyDesk, or LogMeIn). This software allows the scammer to take control of the computer as if they were physically present.
  • Exploiting Access: Once they have control, the scammer might:
    • Install malware to steal personal information.
    • Access online accounts, such as banking or email.
    • Demand payment for their "services" or for fixing the supposed problem.

Continued Exploitation: The Aftermath

Even after the victim has paid, the scam may not end. The scammer might leave behind software that allows them to regain access to the computer later, or they might sell the victim’s information to other scammers, leading to further fraud attempts.


Protecting Yourself Against Phishing and Social Engineering Attacks

Be Skeptical of Unsolicited Contact

Legitimate companies rarely contact customers out of the blue about computer issues. If you receive an unsolicited call, pop-up, or email, be cautious. Do not provide any personal information or grant remote access to your computer.

Verify Claims Independently

If you encounter a warning or receive a message claiming there’s an issue with your computer, do not trust it without verification. Use official channels to verify the legitimacy of the claim. For example, look up the company’s official contact information and reach out to them directly.

Do Not Allow Remote Access

Never allow someone you do not know or trust to control your computer remotely. Legitimate support personnel will only ask for remote access if you have initiated the contact through verified means.

Use Reputable Security Software

Ensure that your computer is protected by up-to-date antivirus and anti-malware software. Programs like Malwarebytes Anti-Malware are excellent tools to detect and remove potential threats.

Educate Yourself and Others

Awareness is key. Educate yourself about common scam tactics and share this knowledge with friends and family, particularly those who may be less tech-savvy.


What If You’ve Fallen Victim to a Scam!?

If you’ve fallen victim to an online scam, acting quickly is important to minimize potential damage. Here’s what you should do:

  1. Stop All Communication
    • Immediately cease any communication with the scammer. Do not respond to emails, messages, or calls.
  2. Disconnect from the Internet
    • If the scam involves remote access to your computer, disconnect from the internet immediately by unplugging your ethernet cable or turning off your Wi-Fi. This prevents the scammer from accessing your system further.
  3. Change Passwords
    • Change the passwords for your online accounts, starting with your email, banking, and any accounts where sensitive information is stored. Use strong, unique passwords for each account, and consider enabling two-factor authentication (2FA) where possible.
  4. Contact Your Bank or Credit Card Company
    1. If you’ve provided financial information or made payments, contact your bank or credit card company immediately to report the scam. Request that they monitor your account for suspicious activity and possibly issue new cards.
  5. Check for Unauthorized Activity
    • Review your bank statements, credit card accounts, and online accounts for any unauthorized transactions or changes. Report any suspicious activity to your financial institution or the respective service providers.
  6. Remove Any Installed Software
    • If the scam involves installing software on your computer (such as remote access tools), uninstall it immediately. Go to `Control Panel > Programs > Programs and Features` to uninstall the software, and then check Task Manager (`Ctrl + Shift + Esc`) for any suspicious startup entries.
  7. Scan for Malware
    • Run a full system scan using reputable antivirus and anti-malware programs like Malwarebytes Anti-Malware. This will help identify and remove any malicious software that the scammer might have installed.
  8. Report the Scam
    • Report the scam to the relevant authorities. In the United States, you can file a report with:
    • The Federal Trade Commission (FTC) at [ReportFraud.ftc.gov](https://reportfraud.ftc.gov/)
    • The Internet Crime Complaint Center (IC3) at [www.ic3.gov](https://www.ic3.gov/)
    • Your local law enforcement agency.
  9. Monitor Your Identity
    • Keep an eye on your credit report and consider placing a fraud alert or credit freeze with the major credit bureaus (Equifax, Experian, and TransUnion) to protect against identity theft.
  10. Educate Yourself and Others
    • Learn about common scams and share this information with friends and family to help protect them from similar threats. Awareness is one of the best defenses against online scams.
  11. Consider Professional Help
    • If you’re unsure about the extent of the damage or how to secure your system, consider seeking professional assistance. Pacific Northwest Computers in Vancouver, WA, can help you secure your system and recover from a scam. You can contact them at 360-624-7379 for further assistance.


Conclusion

Phishing and social engineering attacks, such as fake tech support scams, are a significant threat in today’s digital world. By understanding how these scams operate and taking proactive steps to protect yourself, you can avoid becoming a victim. Always be skeptical of unsolicited contacts, verify claims independently, and never allow remote access to your computer unless you’ve initiated the contact through verified channels. If you do fall victim, act quickly to secure your computer and seek professional help to ensure your personal information remains safe.




Friday, August 9, 2024

Set your Windows 11 PC Network Profile to Private and Make Sure File and Print Sharing is Turned On!

How to ensure your Windows 11 PC's network profile is set to Private (and not Public) and that file and print sharing is turned on!!

1. Check and Set Your Network Profile to Private

  • Open Settings:

    • Press Windows + I to open the Settings app.
  • Go to Network & Internet:
    • In the left-hand menu, click on "Network & Internet."
  • Choose Your Network:
    • Click on "Properties" next to your current network connection (e.g., Wi-Fi or Ethernet).
  • Set Network Profile to Private:
    • Under "Network profile type," select "Private."
    • This setting makes your PC discoverable on the network, which is necessary for File and Printer Sharing.

2. Turn On File and Printer Sharing

  • Open Control Panel:

    • Press Windows + R, type control, and press Enter.
    • In the Control Panel, select "Network and Sharing Center."
  • Access Advanced Sharing Settings:

    • On the left side of the Network and Sharing Center window, click on "Change advanced sharing settings."
  • Enable File and Printer Sharing:

    • Expand the Private network profile section.
    • Under File and Printer sharing, select "Turn on file and printer sharing."
  • Save the Changes:
    • Scroll down and click "Save changes."


    Thursday, July 25, 2024

    I think someone is accessing my accounts and/or devices! What do I do!?

    If you suspect someone is accessing your accounts and/or devices, quickly securing them is crucial. Here are steps to check if your devices or accounts are being monitored or accessed by a 3rd party; and how to secure them!!


    Check If Somone Has Access To Your Accounts and/or Devices:

    1. Check for Unusual Behavior Being Exhibited By Your Device(s):

      • Unexpected battery drain.
      • Data usage spikes.
      • Overheating devices.
      • Unusual pop-ups or applications.
    2. Review Account Activity:

      • Check recent activity on your accounts to see if there are any unauthorized logins or changes.
        • On Gmail: 
          • Go to “Details” at the bottom of your inbox.
        • On Facebook: 
          • Settings > Security and Login > Where You're Logged In.
        • For other services, look for similar settings.
    3. Check Connected Devices:

      • Review the list of devices connected to your network or online accounts (Google, Apple, etc) and remove any devices that you do not recognize.
    4. Review Installed Apps:

      • Go through your installed applications and look for any apps you don't recognize or remember installing.
        • On Android: Settings > Apps.
        • On iOS: Settings > General > iPhone Storage.
    5. Check Permissions on/of Your Device(s):

      • On Android: Settings > Apps > [App Name] > Permissions.
      • On iOS: Settings > Privacy > [Permission Type] (e.g., Location Services, Camera).
    6. Update Your Software:

      • Ensure your device's operating system and all apps are up to date, as updates often include security patches.
      • On Android: Settings > Software Update.
      • On iOS: Settings > General > Software Update.
    7. Run Security Scans:

    Steps to Secure Your Accounts & Device(s):

    1. Change Your Passwords:

      • Update passwords for all accounts linked to your devices.
      • Use strong, unique passwords for each account.
      • Consider using a password manager.
    2. Enable Two-Factor Authentication (2FA):

      • Set up 2FA for all accounts that support it to add an extra layer of security.
    3. Logout from All Devices:

      • Sign out of all devices for each account. This will force any unauthorized users to log back in, prompting 2FA if enabled.
      • Look for "Log out of all devices" or similar options in account settings.
    4. Reset Your Device:

      • Factory reset your device to ensure no malicious apps remain.
      • Backup important data before resetting.
        • On Android: Settings > System > Reset > Factory data reset.
        • On iOS: Settings > General > Reset > Erase All Content and Settings.
        • After resetting, only reinstall apps from official app stores and trusted sources.
    5. Monitor Account Activity:

      • Regularly check account activity for any unauthorized access or changes.

    Notify & Seek Help:

    1. Notify Account Providers:

      • Contact the support teams of the services where you suspect unauthorized access. They can help secure your account and investigate any breaches.
    2. Consider Legal Action:

      • If you believe your privacy is being violated or if there are any illegal activities, contact local law enforcement for assistance.
    3. Get Professional Help:

      • For further assistance in securing your accounts and devices, contact Pacific Northwest Computers in Vancouver, WA. We can provide professional help in securing your digital presence. Reach us at 360-624-7379.

    Additional Tips:

    • Use a Password Manager: Consider using a password manager to generate and store complex passwords securely.
    • Regularly Monitor Accounts: Keep an eye on your account activity and be alert to any suspicious behavior.
    • Educate Yourself on Security: Stay informed about online security practices to better protect your digital life.

    By following these steps, you can regain control of your accounts and devices, enhancing your overall security. If you need personalized assistance, don't hesitate to reach out to professionals for help!


    Pacific NW Computers

    Saturday, July 13, 2024

    How to do a Tune-up/Clean-up with Virus Scans for your PC!

    General PC Tune-up/Virus Scan Procedures:

    Uninstall/Install Software:

    1. Uninstall Obvious Bloatware:
      • “Free Trial” software
      • Obvious junk programs & toolbars (One Search, Driver Support, One Bar, etc)
        1. Use the PNW Computers “Browser Hi-jack” blog article as a reference to find and remove software malicious Adware Programs.
        2. Computers that are heavily infected should be checked with ‘TDSKiller’ to rule out the presence of a Rootkit BEFORE any cleaning procedures begin. Unless cleaning is needed to run the utility.
    2. Install/Update Essential Programs:
      1. Security Clean-up Software List (Ninite.com can be used for installing most apps):
        1. Chrome, Firefox, Edge - Update
        2. Java, .Net & Silverlight Runtimes - Update/Install
        3. Malwarebytes Antimalware
        4. Malwarebytes ADWCleaner
        5. BleachBit

    Security Scanning & Virus/Malware Removal:

    1. Virus and Malware Scanning:
      Run FULL (not a quick/fast) Virus Scan with Local AV as well as Malwarebytes and ADWCleaner

    2. Web Browser Clean-up:
      • Check all Installed Web Browsers’ Extensions/Add-ons for anything unwanted/needed.
      • Check the general browser settings (Start Page, Default Search Engine, Etc.) for any tampering or modifications and reset to defaults if needed.
      • ADWCleaner is an excellent tool for finding and removing browser hijack apps.

    Performance Tune-Up:

    1. Junk File Clean-up - Bleach Bit

    2. Paging File Optimization

      1. Set the PC's paging file to either 1.5 the amount of RAM or set to 4096MB.
        1. Settings > System > About > Advanced System Settings
          1. Select the “Advanced” tab at the top
          2. In the “Performance” section click on “Settings”
          3. Click on the “Advanced” tab
          4. Under “Virtual Memory” click on “Change”
          5. Set the paging file accordingly
    3. Optimize System Performance Options

      1. Right-click ‘My Computer’ > Properties > Advanced System Settings> Click ‘Advanced’ tab > Click ‘Settings’ under the “Performance” area.
      2. Un-check all of the PC's visual effects performance options except for:
        1. "Use visual styles on windows and buttons"
        2. “Smooth Scroll List Boxes”
        3. “Smooth Edges on Screen Fonts”
        4. “Show Translucent Selection Rectangle”
        5. "Use drop shadows for icon labels on the desktop"
        6. Start-up Program Entries can also be managed using the Task Manager.
        7. Disable all unnecessary start-up items
          1. Typically leave start-up programs related to:
            1. OneDrive/MS Office
            2. iCloud Drive
            3. Printers
            4. WIFI Software
            5. Audio/Video Software
            6. Specialty apps such as Garmin, Fitbit, etc

    Windows Updates:

    1. Access Windows Updates through System Settings
    2. If the Microsoft Update feature is not/has not been enabled, enable Microsoft Updates in the Windows Updates “Advanced Options”. You can also enable the “Notify me when a restart is required” option too as well.
    3. After the Microsoft Update feature has been enabled, Windows Updates will now check for both Windows and Microsoft Updates.
    4. Allow the computer to check for new updates.
    5. Once checking for updates is finished, download and install all available updates.
      1. You may need to do this process more than a few times to make sure the system is fully updated.
    6. Some Windows Updates may fail. Do not hyper-fixate on failed updates, as they will likely resolve on their own after a few update/restart cycles.
    7. Verify Installation of all currently available Windows Updates AND Upgrades

    Wednesday, July 10, 2024

    Fake Tech Support Scam: What You Should Do!


    A fake tech support scam is a type of fraud where scammers pose as legitimate technical support personnel from well-known companies to trick victims into giving them access to their computers, personal information, or money. Here’s how these scams typically operate and how to clean up your system if you did/do fall victim to this type of scam!


    How Fake Tech Support Scams Work

    Initial Contact:

    • Cold Calls:
      Scammers often call victims directly, claiming to be from reputable companies like Microsoft, Apple, or a popular antivirus provider. They usually say they've detected viruses, malware, or other issues on the victim's computer.
    • Pop-Up Warnings:
      Victims might encounter alarming pop-up messages while browsing the web. These pop-ups often claim that the computer is infected and instruct the user to call a provided number for immediate support.
    • Emails:
      Scammers may send phishing emails that appear to come from legitimate companies, warning about security threats and urging the recipient to call for support.

    Convincing the Victim:

    • The scammer tries to convince the victim that their computer is at serious risk. They use technical jargon and alarming language to create a sense of urgency.
    • They might ask the victim to open certain files or run specific commands that produce harmless but alarming-looking results, reinforcing the scammer’s claims.

    Gaining Remote Access:

    • The scammer persuades the victim to install remote access software, such as TeamViewer, AnyDesk, or LogMeIn. This gives the scammer control over the victim’s computer.
    • Once they have access, they might pretend to run diagnostics or show fake errors to maintain the illusion of a serious problem.

    Exploiting Access

    • The scammer may install malware, steal personal information, or use the computer to commit further fraud.
    • They often demand payment for their "services," claiming they can fix the issues they "found." Payment might be requested via credit card, wire transfer, gift cards, or other non-reversible methods.

    Continued Exploitation

    • Even after payment, scammers may leave behind software that allows them to regain access or continue monitoring the victim's computer.
    • They might sell the victim's information to other scammers, leading to further fraud attempts.


    How to Protect Yourself

    Be Skeptical of Unsolicited Contact

    • Legitimate companies rarely contact customers out of the blue about computer issues. 
    • If you receive an unsolicited call or message, be wary.

    Verify Claims Independently

    • Don’t trust pop-ups, emails, or calls without verifying their legitimacy through official channels. 
    • Look up the company’s official contact information and reach out directly.

    Do Not Allow Remote Access

    • Never give control of your computer to someone you do not know or trust. 
    • Legitimate support personnel will not ask for remote access unless you have initiated the contact through verified means.

    Use Reputable Security Software

    • Keep your antivirus and anti-malware software up to date. Use reputable programs like Malwarebytes Anti-Malware to protect your system.

    Educate Yourself and Others

    • Learn about common scam tactics and share this knowledge with friends and family, especially those who might be less tech-savvy.


    Here's a step-by-step guide to help you ensure your computer is secure and free of any unwanted remote access software if you did fall victim to a fake tech support scam/scammer.


    Immediate Steps To Take If You Have Been Scammed

    1. Disconnect from the Internet

    • Unplug your ethernet cable or turn off your Wi-Fi to prevent further remote access.

    2. Identify and Remove Remote Access Software

    • Check Installed Programs
      • Go to `Control Panel > Programs > Programs and Features`.
      • Look for any remote access software (e.g., TeamViewer, AnyDesk, LogMeIn, RealVNC).
      • Uninstall any suspicious or unfamiliar programs.
    • Check Task Manager
      • Press `Ctrl + Shift + Esc` to open Task Manager.
      • Go to the `Startup` tab.
      • Disable any suspicious entries that start with Windows.

    3. Scan for Malware and Adware

    • Malwarebytes Anti-Malware:
      • Download and install Malwarebytes
      • Run a full scan and remove any detected threats.
    • ADW Cleaner
      • Download and run ADW Cleaner.
      • Follow the prompts to clean any adware, toolbars, or PUPs.


    Additional Steps You Can Take...

    Network Settings

    • Ensure no changes have been made to your network settings:
      • Go to `Control Panel > Network and Sharing Center > Change adapter settings`.
      • Right-click your network connection, select `Properties`, and check for any unfamiliar protocols or services.

    Check for Suspicious Services

    • Press `Win + R`, type `services.msc`, and press Enter.
    • Look for any unfamiliar services that are running and set to start automatically.
    • Right-click and stop these services if they seem suspicious

    Update Your System

    • Ensure your Windows operating system is up to date:
    • Go to `Settings > Update & Security > Windows Update`.
    • Install any available updates.

    Reset Passwords

    • Change the passwords for your computer accounts, especially if they have administrative privileges.
    • Change passwords for any online accounts accessed from this computer.

    Enable Firewall and Antivirus

    • Ensure Windows Firewall is enabled:
      • Go to `Control Panel > System and Security > Windows Defender Firewall`.
      • Make sure you have an antivirus program running and up-to-date.

    Monitor for Unusual Activity

    • Keep an eye on your system for any unusual behavior or performance issues.


    Final Steps

    Consider Professional Help

    Data Backup and Recovery

    • Backup your important data to an external drive or cloud storage.

    System Restore or Reinstallation

    • If you suspect deep-rooted infections or issues, consider performing a system restore or a clean installation of Windows.


    Feel free to reach out if you need further assistance or if anything is unclear. Stay safe!


    Monday, July 8, 2024

    How Did I Get Infected!?!


    For those of you who think, "Well, if I don't install random new programs from the internet or download random EXE files, I won't get infected" that's not really the case today. Most people are not infected because they browse the internet and accidentally click on an EXE file. That was more common several years ago.

    Nowadays, most people get infected because the malware comes to them. 

    You don't have to go out on the internet and have to "find" viruses or malware to get infected.

    The malware arrives in your inbox, in your private messages, from a trusted source, a hacked website, or inside a program you use, whose company got hacked, like in the case of 3CX.
    • The 3CX hack, which came to light in late March 2023, was a sophisticated supply chain attack. The incident involved the compromise of 3CX’s Windows and macOS build environments, allowing hackers to push trojanized software to 3CX customers.
    • The breach began when an employee at 3CX downloaded a trojanized installer for the X_Trader trading software, which had been compromised by North Korean threat actors. This malicious installer gave the attackers access to the employee's device and corporate credentials, enabling them to infiltrate 3CX’s network and insert malware into the 3CXDesktopApp. The attack was likely carried out by a North Korean hacking group tracked as UNC4736, linked to the financially motivated operation dubbed AppleJeus​ (Security Week)​​ (Security Week)​​ (CISA)​.
    This doesn't mean there aren't still things like malware advertising (malvertising), where you see ads on Google to entice you to click on or download something malicious. Another major source of malware now is also social media platforms! YouTube videos as well!! 

    For instance, if you look for any kind of cheat, crack, or mod for a popular video game, you will often find videos with external links. Many of these links, especially if they're password protected, contain malware.

    Sometimes, it's literally the first search result when looking up something as harmless as "sewing patterns and templates"!!

    Here are further examples of common ways people can get infected:

    • Phishing Emails:
      One of the most prevalent methods. Attackers send emails that appear to be from trusted sources, tricking recipients into clicking malicious links or downloading infected attachments. These emails often mimic legitimate communications from banks, social media platforms, or even colleagues.
    • Compromised Websites:
      Legitimate websites can be hacked to serve malware to visitors. This method doesn't require any action from the user other than visiting the site. Drive-by downloads exploit vulnerabilities in browsers or plugins to install malware without the user’s knowledge.
    • Software Supply Chain Attacks:
      These involve compromising a trusted software vendor to distribute malware to end users. The 3CX hack is a prime example, where attackers infiltrated the development pipeline of 3CX, a business communication software, and inserted malware into the software updates, affecting thousands of users.
    • Malvertising:
      Malicious advertisements, or malvertising, are another common method. These ads can appear on legitimate websites and redirect users to malicious sites or directly download malware. Even major advertising networks have been exploited to serve malvertising.
    • Social Media Platforms:
      Attackers exploit the popularity of social media to spread malware. They create posts or messages with enticing links that lead to malicious sites. YouTube videos offering cheats, cracks, or mods often include external links that direct users to malware. These links can appear highly ranked in search results, making them seem legitimate.
    • Messaging Apps:
      Private messages on platforms like WhatsApp, Facebook Messenger, and others can carry malicious links or attachments. Since these messages often come from known contacts, users are more likely to trust and click on them.
    • Trusted Sources:
      Sometimes, malware is spread through channels that users inherently trust. This could be through an email from a known contact whose account has been compromised or through a popular website that has been hacked.

    We always recommend installing and using good, trusted, and reliable antivirus and antimalware software for your system. While they are not a silver bullet, these tools provide essential layers of defense against various cyber threats. Antivirus software is designed to detect and remove viruses, while antimalware software targets a broader range of threats, including spyware, adware, and ransomware. 


    In addition to antivirus and antimalware software, browser add-ons can enhance your online security by providing additional protection against malicious websites and phishing attacks. One such recommended add-on is Malwarebytes's Browser Guard


    Benefits of Using a Browser Guard: 
    • Blocking Malicious Websites:
      Browser Guard blocks websites that are known to host malware, preventing you from inadvertently visiting harmful sites.
    • Protection Against Phishing:
      It helps identify and block phishing attempts, protecting your personal information from being stolen.
    • Ad Blocking:
      The add-on can block unwanted ads, which can be a source of malware through malvertising.
    • Improved Browser Performance:
      By blocking malicious content and unwanted ads, Browser Guard can enhance your browsing experience and speed.

    Pacific Northwest Computers Practices Combined Protection; What is That?!

    No single solution can offer complete protection against all cyber threats. Using a combination of antivirus, antimalware software, and browser add-ons provides multiple layers of defense, significantly reducing the risk of infection and data breaches. 
    Here’s why combined protection is essential:
    • Layered Defense: Different tools specialize in different areas of protection. Antivirus software focuses on traditional viruses, while antimalware software targets newer, more sophisticated threats. Browser add-ons provide real-time protection while you browse the web.
    • Reduced Risk of Zero-Day Attacks:
      Zero-day attacks exploit unknown vulnerabilities. Having multiple layers of protection increases the chances of detecting and stopping these attacks.
    • Comprehensive Coverage:
      Combined tools cover a wider range of potential threats, from viruses and worms to phishing attempts and malicious websites. 
    • We recommend using an Antivirus, 1-2 "stand-alone" scanning tools for general malware and adware scanning, as well as a maintenance/clean-up utility for removing junk/temp/cache/cookie data. 


    In today's cybersecurity landscape, simply avoiding the download of random programs or EXE files is not enough to protect against infections. Malware delivery methods have become more sophisticated, targeting users through phishing emails, compromised websites, and even trusted sources like popular software vendors, as seen in the 3CX hack.


    Malicious advertisements and social media platforms have also become significant vectors for malware distribution. Given this complexity, it's essential to use a multi-layered defense strategy. This includes installing and regularly updating trusted antivirus and antimalware software to provide essential protection against various threats.


    Additionally, browser add-ons such as Malwarebytes Browser Guard offer critical extra layers of security by blocking malicious websites, protecting against phishing attempts, and enhancing overall browsing performance by removing unwanted ads.


    Combining these tools creates a robust defense system, significantly reducing the risk of infection and providing comprehensive coverage against a wide range of cyber threats. By staying informed and proactive, users can better safeguard their systems and personal information from evolving cyber threats.

    Monday, July 1, 2024

    While we understand that prices on Amazon can be very competitive, there are several reasons why our prices might be slightly higher...


    1. Quality Assurance: 

    We source our parts from reputable suppliers who meet our strict quality standards. This helps us ensure that you receive reliable, durable, and high-quality parts. Amazon sellers can sometimes be not very well established 3rd sellers. There is also the risk of receiving "counterfeit" products from online sellers such as Amazon as well: https://www.aboutamazon.com/news/policy-news-views/amazon-counterfeit-crimes-unit-latest-updates-2024

    2. Expertise and Support: 

    Our team offers personalized service and expert advice that you won't get from an online marketplace. We can help you choose the right parts for your specific needs.

    3. Warranty and Returns: 

    We stand behind the products we sell. If you encounter any issues with a product or part, we make the process of replacement or return smooth and hassle-free by taking care of it for you.

    4. Supporting Local Business: 

    By purchasing from us, you are supporting a local business that contributes to the community. Your support helps us continue providing high-quality service in our area.

    5. Value-Added Services: 

    In addition to selling parts, we offer a range of value-added services such as maintenance, repair, and installation, which can save you time and ensure the job is done right.

    We believe that these benefits provide significant value that justifies the price difference. We are committed to offering you the best possible service and ensuring your satisfaction with every purchase.

    Wednesday, May 22, 2024

    Easily Zero Fill a Hard Drive for FREE through Windows!




    How To Zero-Fill A Hard Drive
    via the Windows Command Prompt

    Windows 7,8,10 and 11 actually can zero-fill a hard drive through the built-in Command Prompt utility. The Command Prompt adopts a special 'format' command to achieve writing zeros to the hard disk/partitions.

    How-To Zero Fill a Hard Drive in Windows:

    1. Click the “Start” button

    2. Input “cmd” in the “Search” box, and then right-click the Command Prompt icon and select “Run as administrator”.

    3. At the prompt window, you are going to use the following command to format each partition on the hard drive. 

    4. The command is (without quotes):
      “format DRIVE: /fs:NTFS /p:1” 
    5. However where it says "DRIVE:" you will need to provide the drive letter of the hard drive you wish to format/zero fill.

    6. Once you know the drive letter of the hard drive that is going to be erased, enter it in the command as follows: "format E: /fs:NTFS /p:1"

      • !WARNING BEFORE PROCEEDING!
        You cannot undo a format! So ensure that you choose the right hard drive and back up any required files! If you format the primary drive by mistake, the operating system will be deleted and your computer will not work again until you reinstall it.

    7. If you are 100% positive the drive letter is correct for the hard drive you would like to erase, with the command properly typed out in the Windows Command Prompt, you can now hit “Enter” to format the selected drive with the NTFS file system. 

    8. Type “y” and press “Enter” to confirm erase data.
      • This process will write zeros to every sector of the drive for a single pass.
      • For a twice-pass, you can input “p:2” instead.

    9. Wait for the process to be completed. 

    10. After erasure/zero fill is completed, you'll be prompted to enter a Volume label. 

    11. Type a name for the drive if necessary, or just press "Enter" to skip.

    12. Wait while “Creating file system structures” appears on the screen.

    13. Then repeat the above steps to format every partition on the hard disk; if/as needed.

    14. After writing zeros to each partition, you can type “exit” and press “Enter” to close the Command Prompt.

    That's it! 

    You have now successfully erased and zero-filled a hard drive for FREE through the Windows Command Prompt!