Showing posts with label hack. Show all posts
Showing posts with label hack. Show all posts

Thursday, October 19, 2023

How To Protect Yourself From Scammers

How To Protect Yourself From Scammers

Scammers are versatile in their tactics, posing as various entities, including banks, real estate agencies, utility companies, and even family members or government agencies. They often employ pressure tactics to create a false sense of urgency, leading to rushed decisions and financial losses. To safeguard your interests, it's essential to be vigilant and take proactive steps to prevent falling victim to scams. This article offers insights and tips on how to protect yourself from scammers.


Question Too-Good-To-Be-True Offers

Scammers often dangle tempting promises of high returns, low risk, and "golden" opportunities. If something sounds too good to be true, it probably is. Take your time to ask questions, verify claims, and conduct due diligence before making any financial commitments. This cautious approach can help you avoid falling prey to fraudulent schemes.

Be Wary of "Grandparent Scams"

One common scam involves imposters claiming to be family members, especially grandparents, seeking financial help. If someone purports to be a family member, independently verify their identity by calling them directly. In cases where you suspect a family member needs assistance, reach out to them through a trusted phone number or in-person contact. Avoid responding to such pleas via email, social media, or text, and always consult with the person's parents before sending money to a potential scammer.

Guard Your Passwords and PINs

Your passwords and PINs are the keys to your online security. Never share them, even with close friends, family, or relatives. Keeping this information confidential is vital for safeguarding your financial and personal data.

Protect Against Phishing Emails

Phishing emails are a favored tool among scammers. Pay close attention to any email that appears as a bill or a security alert. Be cautious if you notice misspelled words, your name is absent, the links seem suspicious, or if you're asked to "verify" your account or personal information. In such cases, delete the email and promptly report it to the relevant authorities.

Implement Security Best Practices

  • Be Cautious with Money Transfers: 
    • Avoid sending money to individuals you don't know in real life, particularly through third-party services like Zelle, Venmo, and Cash App. 
    • Refrain from using gift cards to settle bills; legitimate businesses do not request payment via gift cards.
  • Ignore Unsolicited Messages: 
    • Delete random texts and emails that ask you to click a link or provide personal information.
    • Never click on links from untrusted sources.
  • Regularly Monitor Your Accounts: 
    • Stay vigilant by regularly monitoring your financial accounts. 
    • Respond promptly to fraud alerts and report any unauthorized transactions.

Enable Multifactor Authentication

For added security, enable multifactor authentication (MFA) for your accounts whenever possible. MFA provides an extra layer of protection that can thwart account hacks or hijacks even if a malicious actor obtains your login information.

Understanding Fake Websites and How Scammers Exploit Them

Fake websites are tools scammers use to deceive individuals into divulging sensitive information, downloading malware, or making purchases from non-existent products. Scammers often employ these websites as part of phishing attacks.

Recognizing fake websites is becoming increasingly challenging. To ensure you're not dealing with a fraudulent website, remain vigilant and apply the aforementioned protection measures. By staying informed and exercising caution, you can significantly reduce your vulnerability to scams and safeguard your online security.

In conclusion, being proactive, skeptical, and informed is the best defense against scammers. Protect your personal and financial information by following these guidelines, and remember that it's always better to be cautious than to fall victim to fraudulent schemes.


We Also Recommend Reading:


Jon Pienkowski
Pacific NW Computers


Friday, August 18, 2023

Protect Your Comcast.net Email from Hijackers


How to Protect Your Comcast.net Email Account from Hijackers

If you use Comcast.net email, you may have heard of some cases where customers’ email accounts were hijacked by hackers. This can be a very frustrating and scary situation, as hackers can use your email account to scam your contacts, steal your personal information, or cause other damages.

In this blog article, I will explain how hackers can hijack your Comcast.net email account, what they can do with it, and how you can protect yourself from this threat.

How Hackers Can Hijack Your Comcast.net Email Account

There are different ways that hackers can gain access to your Comcast.net email account, but one of the most common methods is phishing. Phishing is when hackers send you fake emails or direct you to fake websites that look like they are from Comcast or other legitimate sources. They may ask you to enter your email address and password or click on a link or attachment that contains malware. If you fall for their tricks, they can capture your login credentials and use them to access your email account.

Another possible method that hackers can use to hijack your Comcast.net email account is through a data breach. A data breach is when hackers break into a database that contains sensitive information, such as email addresses and passwords. If the database belongs to Comcast or a third-party service that you use with your Comcast.net email account, hackers may be able to obtain your login credentials and use them to access your email account.

What Hackers Can Do With Your Comcast.net Email Account

Once hackers have access to your Comcast.net email account, they can do a lot of malicious things with it. Some of the common things that hackers can do are:
  • Set up email redirection or auto-forwarding rules. This means that hackers can forward emails coming into your account to their own email account and continue their attack on those who are emailing you directly.
  • Create a spoof email account that looks very similar to your actual email address but with a different domain name. For example, if your email address is johnsomeguy@comcast.net, hackers may create a spoof email address like johnsomeguy@outlook.com. They can then use the spoof email address to impersonate you and scam your contacts in various ways.
  • Attempt to hijack and take over other various online accounts, as the hackers can now receive/redirect security and login authentication emails.
  • Delete all contacts in your address book, storage folders in your email account, or incoming email messages. This can cause you to lose important data and communication.
  • Send spam or malicious emails from your email account to other people. This can damage your reputation and expose others to potential harm.

How You Can Protect Yourself From This Threat

If you suspect that your Comcast.net email account has been hijacked by hackers, you should take immediate action to secure it and prevent further damage. Here are some steps that you can take:
  • Change your password as soon as possible. Make sure that you use a strong password that does not use any common words or phrases. You can use a password manager or generator tool to help you create and remember a strong password.
  • Check your email settings and rules. Look for any suspicious redirection or auto-forwarding rules that hackers may have set up and delete them. Also, check if hackers have changed any other settings, such as your signature, reply-to address, or recovery options.
  • Scan your computer and devices for malware. Use reputable antivirus or anti-malware software to scan your computer and devices for any malware that hackers may have installed on them. Malware can compromise your security and allow hackers to access your email account or other accounts.
  • Contact your contacts and inform them of the situation. Let them know that your email account has been hijacked and warn them not to open any emails or click on any links or attachments that they may have received from you recently. Also, ask them to report any suspicious emails that they may receive from the spoof email address that hackers may have created.
  • Consider switching to a more secure email provider. Comcast.net email does not always offer some of the advanced security features that other email providers do, such as two-factor authentication (2FA). 2FA is when you need to enter a code or use another device to verify your identity when you log in to your email account. This adds an extra layer of protection against hackers who may have stolen your password. You may want to switch to an email provider that offers 2FA or other security features.

I hope this blog article has helped you understand how hackers can hijack your Comcast.net email account, what they can do with it, and how you can protect yourself from this threat. If you have any questions or comments, please feel free to leave them below.

Jon Pienkowski
Pacific NW Computers
www.linktr.ee/pnwcomputers

Tuesday, December 27, 2022

Data Privacy & Data Security In Today's Digital Age


How to Become as "Invisible" as Possible In Today's Cyberage

I have been getting a lot more questions from customers lately with regard to online data privacy and data security.
"How can I keep my online accounts more secure?"
"I would like to surf the internet as anonymously and as privately as possible. How can I do that?
"I found some personal information online, and would like it removed! How do I do that?"

So I decided to write a post covering the basics of online privacy, how to improve your safety and security when online, and how to get personal data removed from the internet (if at all possible).

Limiting Personal Data From Getting Online & How To Use The Internet More Securely/Privately:

  1. Delete all social media accounts, take-down any/all personal/professional sites (blogs, websites, etc), and delete or depersonalize any/all types of online accounts. These sites have been used for years for obtaining personal information, gathering information for social engineering attacks, and even identity theft! 
    • Facebook
    • Twitter
    • LinkedIn
    • Forum Accounts
    • Other Online Accounts (ie) News Sites, Game Sites, Online Stores, etc.
  2. Remove all (or disable) unnecessary apps from your Smartphone, Tablets, eReaders, etc. 
    • Do not install apps that collect any type of personal data, or unnecessarily require you to create an account just to be able to use the app. Also, downloading and installing "THIS AWESOME FREE APP" is the #1 way for a company to easily collect data about you.
  3. Search for any personal information listed on "Data Broker" websites and submit a request for your information to be removed. 
  4. Use a VPN for any and all web surfing; preferably a no-logging VPN like Private Internet Access.
  5. Use a web browser that has your privacy in mind from the get-go. A very popular privacy-oriented web browser that is widely used is the Brave Browser. By default, the Brave Browser blocks website trackers and advertisements. It also has an incognito mode for even further private surfing, private search features, and even some VPN connection features. It's a great program for privacy conscience users.
  6. You can take things a step further and use the Tor Browser and the Tor Network to access and surf the internet. When using the Tor network, you are using a decentralized network that routes traffic through multiple servers (or "nodes") and encrypts the transmitted data each step of the way. It's quite secure and great for anonymity! Sounds amazing, right? Why isn't everyone using it? Well, it can sometimes be a bit difficult to get set up and connected to the Tor Network, and the speed of the network can be quite slow. But if security and privacy are your goals, Tor is the go-to for anonymous, encrypted internet use. This also makes it popular among nefarious people...
  7. To take things even a step further, you can use a USB Thumb Drive-based Linux operating system for privacy-oriented system usage and web/internet usage. Though you would still likely want to use a VPN as well as a secured web browser. But this is a great option to have a "temporary" bubble to use. Tails is a portable Linux OS that is my go-to if I need to use a system that is foreign to me, but I need to securely access online data or securely log in to online accounts. All without leaving a trace behind on the host system! It technically could also be used as a day-to-day OS for those wanting even further their security/privacy.
  8. If you are worried about using public Wifi, the easiest option is to get a Mobile Hotspot plan through your cellphone provider. Most cell phones are capable of creating their own Mobile Hotspot that other devices can then connect to. If that is not an option with your cellphone, then getting a physical Mobile Hotspot from your cellphone provider would be the next best thing. Speeds may not be great! But you will be using your own personal/private network when out on the go.
  9. Create a "generic" email account that has very little personal information associated with it, or even go as far as to use a fake name! If what you are sending via email is secure/critical, you can use an encrypted email service such as ProntoMail. There are also "Burner" email services that are temporary! You could create and use a somewhat personalized email for a job interview or something more official, but it would just not be permanent. I believe that ProntoMail premium is capable of providing this feature at a cost. But there are some free-ish services such as Temp-Mail and GuerrillaMail that you can use as well.
  10. Use an encrypted text messaging/messaging service such as Signal or WhatsApp
  11. Use virtual/burner credit cards for online orders. That way, your actual credit card information can't be intercepted or stolen! Privacy.com is a great example of a free/paid-for provider of this type of product/service.

Remove Personal Data From the Web

  • Data Removal Request: If you live in a state that has a "Digital Privacy Act" that requires companies to remove personal data if requested to do so, then search for any and all personal information and keep track of where it is all listed. Then reach out to those companies/services directly, and ask them to have your personal information removed or for you to be "opped out". If they do not follow through with your request, and your state DOES have a "Digital Privacy Act" or Law in place, then you can contact the FTC and/or your State Attorney General's office to report that company/service.
    Here’s a List of Data Broker Sites and How to Opt-Out of Them
  • OneRep -As cheap as $9 a month, OneRep is an automated removal service that covers over 150 data broker sites for your provided personal data.
  • DeleteMe - This service is a little more expensive at $10.75 a month, but is also highly rated for being able to remove personal data. Their system is automated as well, but where they are a "step above" is that they have actual employees that will assist with private data removal. Not all data broker services respond well to automated requests. So this is where DeleteMe stands out above the pack! That extra dollar or two could go a long way...
  • Legal Removal Request - If a removal request has gotten you nowhere, and the FTC and/or your State Attorney General is not able to help. There is legal action you could still take! You would need to find an attorney who is familiar with internet law. A lawyer could try to obtain a court order to remove your private data. That court order could then be presented to the website or a search engine (such as Google) and your data will either be removed from the website, or the URL containing the data will be omitted and blocked from search results.
  • Dark Web data is nearly impossible to have removed. It's the wild west of the internet, and the folks that use the Dark Web for nefarious things simply do whatever they want. Even if you were able to find and contact a dark web site that has your personal data/info, that alone could make you a target for further attacks and exploitation. You can't change your address obviously. But you can change your email, and phone number(s).
  • Government sites are exempt from these data removal requests as some information is public domain/public record.

Securing Your Online Accounts

In this day in age, just having a password is not enough to keep your online accounts secure, and hackers out of your accounts. Even if you do everything in your power to keep your login information secure, data breaches happen to big companies all the time! So even with your due diligence, your data can still be leaked and exposed in a data breach, data/network attack, etc.

But there are a few ways you can fight this!
  1. Use 2-Factor Authentication
  2. Use a USB Security Key
First off, it is HIGHLY recommended that you set up and use 2-Factor Authentication on all online accounts that you can. If you don't know what 2-Factor Authentication (or 2FA) is, you may actually already be familiar with this security technology. You know when you log in to your online banking on a new or different device. The bank will likely give you a call or send a text message with a code to confirm you are who you say you are. That is 2-Factor Authentication! Since 2FA has been around for a while now, calling/texting your phone with a code can be compromised. To take things a step further, you can download and use an Authenticator App on your smartphone, to generate account access codes whenever you may need them!

Both Google and Microsoft have their own Authenticator Apps. Surprisingly enough, Google (as of this post) doesn't let you back up your associated accounts and security keys. You can transfer them, however! But if you lose your phone, break your phone, or get a new phone (and forget to transfer your Authenticator data), you could get locked out of your very own accounts! So I tend to find myself recommending Microsoft's Authenticator App for creating, storing, and accessing 2FA security codes. Microsoft's Authenticator App has a backup feature and you can easily backup, transfer, and restore all of your 2FA account information if needed. This can be a lifesaver...

Now, if you want to take your account security to the NEXT level, you could purchase and use a hardware-based USB security key. A USB security key is a device that works on the same principal functions as 2FA. But instead of getting a phone call or text message with a security code, or having to use an authenticator app. You would physically plug in a USB device to gain access to your associated online accounts! So in order for you, or anyone else, to be able to get into an account that is associated with your USB Security Key. The USB Security Key would be physically plugged into the device needing account access, and then you would have to touch the USB Security Key with one of your fingers for account access to be granted. This would make it nearly impossible for anyone to exploit the phone call/text message codes, try to fake an authenticator app code, etc. The USB Security Key would have to be directly plugged into the device, and then touched for access to be granted to an associated account. Yubikey is the maker of the security keys that I have used personally, and I highly recommend their products! They make different models that have different interface types, including NFC, USB-A, USB-C, and Apple's Lightning connector.

The one downside to using a USB Security Key, however, is that you have to physically have the key with you in order to gain access to your accounts. If you lose your key, or it gets stolen, then whoever has possession of your key will then have access to all of your associated accounts. Yubikey does however allow you to disable a USB Security key in the event that something like that happens, however!
So if you do decide to start using a USB Security key for your online accounts, it's important to keep that key in a safe place, and have an alternative way of accessing accounts in case your key is ever lost, stolen, or damaged.
Some folks (myself included) purchased a second USB Security key that is all set up and ready to go but is kept stored in a safe place, just in case anything happens to the primary USB Security key.
You could also use an Authenticator app in addition to your USB Security key. An authentication app would serve as an alternate way of accessing your accounts if ever needed.

The bottom line is this: If you decide to use a USB Security key for your online accounts, just make sure you keep it stored someplace safe and secure. Also, have alternative/redundant account access in place. That way, if you lose or damage your USB Security key, you can still get into your accounts!

With the implementation of even a few of these tips, you can greatly improve your online privacy and security!

Jon Pienkowski
Owner/Operator
Pacific Northwest Computers
www.linktr.ee/pnwcomputers
360.624.7379

Monday, January 21, 2019

RansomWare or a Fake Tech Scammer Locked You Out of Your Computer using a "SysKey" Password

Image result for syskey attack

Some RansomWare Viruses and "Microsoft Tech" Scammers will Enable Windows' "SysKey" Function,
 and lock you out of your computer!

Well we have a few ways you can remove that pesky "SysKey,
and get you back into your computer!

*THIS IS FOR WINDOWS 7; MAY WORK ON 8 or 10 BUT THIS IS NOT TESTED OR CONFIRMED.

If this happens to you, the first thing you can try is use a Windows OS Media disk to remove the "SysKey" function using the Command Line.
  1. Boot to the appropriate OS Media (matches the installed OS version of the computer you are fixing). 
  2. When the OS installation screen comes up, Select USA English and then "Repair the Windows Installation"; DO NOT INSTALL!! 
  3. Go to "Advanced Troubleshooting" 
  4. Click on "Advanced Repairs" 
  5. Click on and open the the "Command Line" tool 
  6. Find the OS Disk by changing drive letters and checkin contents with the "dir" command. ie: cd C: cd D: cd E:, etc. 
  7. Run the following command on the OS drive:
    copy c:\windows\system32\config\regback c:\windows\system32\config 
  8. Say no to the "Software" replace prompt, but say yes to the others and replace a total of 4 files; Default, SAM, Security and System. 
  9. Reboot system 
You should be able to login to the computer again!
A warning however, you may have some security, OS and/or user account damage after the fact.

However there is an alternate method (or two) that can also do the trick, if the above process does not work, or is too difficult!

I have also removed the "Syskey" password using the following procedure:
  1. Boot from a Windows 7 Install DVD/Thumbdrive, or boot from a user created Windows Restore/Repair Thumb Drive.
    *You can also attempt the same procedure from Windows Start-Up Repair; if you are able to get there. 
  2. When the "Install Windows" screen appears, click on "Repair your computer" to access the system recovery options. 
  3. From the nex screen, run System Restore to last point before the syskey password on your computer.
    *This will fail, but must be done! 
  4. Click "run system restore again" and this will take you back to the main system recovery options list. 
  5. Open Command Prompt from the main system recovery options list. 
  6. Open Regedit; type "regedit" without the quotes, into the command prompt and the Regedit application will open. 
  7. Navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa and change the 'SecureBoot' value entry from 1 to 0. 
  8. Navigate to: HKEY_LOCAL_MACHINE \SAM\SAM\Domains\Account and delete everything for "F value" so that it's data/value is 0000 
  9. Reboot and you should now be able to Login! 

If you are not able to boot into the Windows 8 or 10 Startup Recovery Environment there is still yet another repair method you can try!

To get the computer to run a system restore if you can't get into the recovery environment, you try to make/trip the computer into doing a Startup Repair. 
  • The way we do this, is by turning the system off mid boot and then Startup Repair should catch that "issue" and run the next time you power on. 
  • During this process Windows typically recommends running a system restore to fix any possible boot issues; allow this process to proceed and complete. 
  • After this process has completed, open the computer's DVD drive and insert a copy of Hiren's All-in-one Boot CD/thumb drive. 
  • Turn the system off/restart the system. 
  • Booting from DVD or USB, boot into the Hiren's All-in-one Media and select "Mini XP Recovery Environment" 
  • Allow your system to boot into the "Mini XP Recovery Environment" RAM Drive environment. 
  • Once booted into "Mini XP" you can now run the built in Registry Editor (regedit) to complete the registry edits needed and listed in the previous repair steps. 
This procedure lets you complete the same repair tasks but using a different access methods and tools, but the same general repair principles and process.

These all have worked for me on client machines and has allowed me to get passed a "syskey" password each time. Once I am able to login to the client's system, I will physically disconnect the internet and start my cleaning procedures on the affected system. After a full clean-up, software removal and tune-up the once locked PC will now run fine without the user getting locked out anymore!

I hope this helps general users or other IT professionals!

Pacific Northwest Computers
Jon Pienkowski - Owner/Operator
www.pnwcomputers.com
360.624.7379

Wednesday, April 30, 2014

Microsoft Internet Explorer Vulnerability ~ Fact and Opinion


As you have most likely heard, Microsoft is scrambling to fix a major bug which allows hackers to exploit flaws in Internet Explorer 6, 7, 8, 9, 10 and 11. The company has also confirmed it will not issue a fix for web browsers running on Windows XP after it formally ended support for the 13 year old operating system back on April 8th.

The vulnerability was discovered by cyber security software maker FireEye Inc. which stated the flaw is a ‘zero-day’ threat. This means the first attacks were made on the vulnerability before Microsoft was aware of it. FireEye also revealed a sophisticated hacker group has already been exploiting the flaw in a campaign dubbed ‘Operation Clandestine Fox’, which targets US military and financial institutions.

FireEye spokesman Vitor De Souza declined to name the hackers or potential victims as the investigation is ongoing, only telling Reuters: “It’s unclear what the motives of this attack group are at this point. It appears to be broad-spectrum intel gathering.”

For its part Microsoft has confirmed the existence of the flaw in an official post: https://technet.microsoft.com/library/security/2963983

Now, Internet Explorer has always been a vulnerable browser and has exploits created/identified against it everyday. This is why for YEARS I have pushed my customers to use an alternative Web Browser such as Mozilla Firefox or Google Chrome. As previously mentioned, both of those web browsers are safer to use than Internet Explorer and are both immune from the recently identified exploit!

What makes this recent vulnerability stand out from the others, and why this particular vulnerability is making all the headlines, is that the problem is pretty widespread; affecting 1 in 4 Windows based computers and ALL Windows XP systems.

A Temporary Fix
While Microsoft rushes to fix the bug, FireEye gave concerned users two workarounds .
  1. Use another web browser other than Internet Explorer
  2. Disable Adobe Flash. “The attack will not work without Adobe Flash,” it said. “Disabling the Flash plugin within IE will prevent the exploit from functioning.”
*Adobe has released a new patch/update for their Flash Player! Allow the Flash Player to update or manually download and install the latest version here: http://www.adobe.com/support/flashplayer/downloads.html

No Hope For Windows XP
Microsoft has confirmed that no fix will be rolled out for Windows XP because support has officially ended and there are no plans to make an exception. It states:

“An unsupported version of Windows will no longer receive software updates from Windows Update. These include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software, which can steal your personal information.”

The company’s advice to Windows XP users has remained the same for some time: upgrade to Windows 7 or 8 or buy a new PC. It has also repeatedly sent a pop-up dialog box to reachable Windows XP machines with the following end of support notification.

For users unsure whether their existing XP PCs can support Windows 8, Microsoft offers a software tool called ‘Windows Upgrade Assistant’ which can be downloaded here: http://go.microsoft.com/fwlink/p/?LinkId=321548

If you have any questions or concerns please don't hesitate to get in touch!

Jon Pienkowski
Pacific NorthWest Computers
www.pnwcomputers.com
360-624-7379