Monday, August 26, 2024

Understanding Phishing and Social Engineering Attacks: A Deep Dive Into Modern Scams

Understanding Phishing and Social Engineering Attacks: A Deep Dive Into Modern Scams

Phishing and social engineering attacks have become increasingly sophisticated, targeting individuals and organizations intending to deceive and exploit. One of the most prevalent forms of social engineering is the fake tech support scam, where attackers pose as legitimate technical support representatives to gain access to personal information, financial details, or direct control of the victim’s computer. However, there are many other ways a scammer can convince someone into believing and going along with a targeted Scam. In this article, we’ll explore how these scams operate, their common tactics, and how you can protect yourself and others from falling victim.


How Online Scams Work

Initial Contact: The Hook

Scammers often initiate contact with potential victims through various channels, employing different tactics to lure them into the trap:

  1. Cold Calls: The scammer calls the victim directly, impersonating a representative from a well-known company such as Microsoft, Apple, or a popular antivirus provider. They usually claim to have detected viruses, malware, or other critical issues on the victim’s computer.
  2. Pop-Up Warnings: While browsing the web, the victim may encounter alarming pop-up messages. These pop-ups often mimic legitimate security alerts, claiming that the computer is infected and instructing the user to call a provided number for immediate assistance.
  3. Phishing Emails: The scammer may send phishing emails that appear to come from reputable companies. These emails typically warn of security threats and urge the recipient to call for support or click on a link, leading them to a fraudulent website or direct contact with the scammer.

Convincing the Victim: The Bait

Phishing email attacks are designed to trick recipients into revealing sensitive information, such as passwords, credit card numbers, or other personal data. Below are some common examples of phishing email attacks:

  1. Fake Account Security Alert:
    You receive an email claiming to be from your bank or another financial institution, warning you of suspicious activity on your account. The email urges you to click on a link to verify your identity or secure your account.
    • What to Look For:
      • Urgent language like "Your account has been compromised!" or "Immediate action required."
      • Links that appear to be legitimate but lead to a fake website designed to capture your login credentials.
      • Generic greetings like "Dear Customer" instead of your actual name.
    • Protective Action:
      • Do not click on links in the email. Instead, go directly to the institution’s official website and log in there to check your account status.

  2. Impersonation of a Trusted Contact:
    You receive an email that appears to be from a colleague, friend, or family member asking for help or money. The email might claim that the sender is in trouble or needs urgent assistance.
    • What to Look For:
      • The sender's email address may look similar to the real one but have small differences (e.g., john.doe@examp1e.com instead of john.doe@example.com).
      • Requests for unusual actions, such as purchasing gift cards or transferring money.
      • Poor grammar or language that doesn’t sound like the person you know.
    • Protective Action:
      • Contact the person directly using a different method (like a phone call) to verify the request before taking any action.

  3. Fake Invoice or Payment Request:
    You receive an email from a supplier or service provider claiming that you owe money for an invoice that you don’t remember. The email includes a link or attachment to view the invoice
    • What to Look For:
      • Unfamiliar sender or details about a purchase you don’t recall.
      • Attachments that might contain malware or links to phishing websites.
      • Pressure to make a payment quickly.
    • Protective Action:
      • Verify the legitimacy of the invoice by contacting the supplier directly using known contact information. Do not open attachments or click on links in the email.

  4. Job Offer or Employment Scam:
    You receive an email offering a job opportunity with an attractive salary or benefits, often asking you to provide personal information or pay a fee upfront.
    • What to Look For:
      • Unsolicited job offers that seem too good to be true.
      • Requests for personal information like Social Security numbers or bank details early in the process.
      • Professional-looking emails but with poor grammar, odd formatting, or vague job descriptions.
    • Protective Action:
      • Research the company independently, and avoid sharing personal information until you have verified the legitimacy of the job offer.

  5. Delivery Notification Scam:
    You receive an email claiming that a package delivery attempt failed and that you need to click on a link to reschedule delivery or update your shipping information.
    • What to Look For:
      • A sender claiming to be from a delivery service like UPS, FedEx, or DHL.
      • Links to websites that are not the official delivery service's domain.
      • No specific details about the package, such as the sender's name or tracking number.
    • Protective Action:
      • Visit the delivery service’s official website and enter your tracking number manually, or contact the service provider directly to confirm the delivery status.

  6. Phishing for Credentials:
    You receive an email that appears to be from a service you use (like Google, PayPal, or Netflix) stating that there’s a problem with your account. The email includes a link that directs you to a fake login page designed to steal your username and password.
    • What to Look For:
      • Emails that urge you to "confirm your account" or "update your payment information" immediately.
      • Links that, when hovered over, show a different URL than the official site.
      • Fake login pages that mimic the real site but have slight differences in the URL.
    • Protective Action:
      • Never log in through links in unsolicited emails. Instead, navigate to the service provider’s official website manually to check your account.

  7. Tax Scam Emails:
    You receive an email purporting to be from the IRS or another tax authority, claiming that you are due a refund or owe additional taxes. The email instructs you to click a link to provide your financial details.
    • What to Look For:
      • Emails from government agencies, especially those asking for personal information.
      • Claims that you are entitled to a refund or need to pay taxes urgently.
      • Requests for sensitive information like your Social Security number or bank account details.
    • Protective Action:
      • The IRS and most government agencies do not initiate contact via email. If you receive such an email, report it to the appropriate authorities (like the IRS at phishing@irs.gov).

Gaining Remote Access: The Trap

Scammers often will try to gain remote access to a victim's computer or online accounts, giving them control and the ability to steal personal information, install malware, or commit fraud. Here’s a basic rundown of how these scams work:

  • Creating Urgency: To make the victim anxious and more likely to comply, the scammer uses technical jargon and alarming language. They might say that immediate action is needed to prevent severe damage or data loss.
  • Gaining Trust: The scammer may instruct the victim to perform simple tasks on their computer, such as opening the Event Viewer, which naturally shows error messages. They use this to "prove" the computer is compromised, even though these messages are normal and harmless.
  • Requesting Remote Access: The scammer then persuades the victim to install remote access software (like TeamViewer, AnyDesk, or LogMeIn). This software allows the scammer to take control of the computer as if they were physically present.
  • Exploiting Access: Once they have control, the scammer might:
    • Install malware to steal personal information.
    • Access online accounts, such as banking or email.
    • Demand payment for their "services" or for fixing the supposed problem.

Continued Exploitation: The Aftermath

Even after the victim has paid, the scam may not end. The scammer might leave behind software that allows them to regain access to the computer later, or they might sell the victim’s information to other scammers, leading to further fraud attempts.


Protecting Yourself Against Phishing and Social Engineering Attacks

Be Skeptical of Unsolicited Contact

Legitimate companies rarely contact customers out of the blue about computer issues. If you receive an unsolicited call, pop-up, or email, be cautious. Do not provide any personal information or grant remote access to your computer.

Verify Claims Independently

If you encounter a warning or receive a message claiming there’s an issue with your computer, do not trust it without verification. Use official channels to verify the legitimacy of the claim. For example, look up the company’s official contact information and reach out to them directly.

Do Not Allow Remote Access

Never allow someone you do not know or trust to control your computer remotely. Legitimate support personnel will only ask for remote access if you have initiated the contact through verified means.

Use Reputable Security Software

Ensure that your computer is protected by up-to-date antivirus and anti-malware software. Programs like Malwarebytes Anti-Malware are excellent tools to detect and remove potential threats.

Educate Yourself and Others

Awareness is key. Educate yourself about common scam tactics and share this knowledge with friends and family, particularly those who may be less tech-savvy.


What If You’ve Fallen Victim to a Scam!?

If you’ve fallen victim to an online scam, acting quickly is important to minimize potential damage. Here’s what you should do:

  1. Stop All Communication
    • Immediately cease any communication with the scammer. Do not respond to emails, messages, or calls.
  2. Disconnect from the Internet
    • If the scam involves remote access to your computer, disconnect from the internet immediately by unplugging your ethernet cable or turning off your Wi-Fi. This prevents the scammer from accessing your system further.
  3. Change Passwords
    • Change the passwords for your online accounts, starting with your email, banking, and any accounts where sensitive information is stored. Use strong, unique passwords for each account, and consider enabling two-factor authentication (2FA) where possible.
  4. Contact Your Bank or Credit Card Company
    1. If you’ve provided financial information or made payments, contact your bank or credit card company immediately to report the scam. Request that they monitor your account for suspicious activity and possibly issue new cards.
  5. Check for Unauthorized Activity
    • Review your bank statements, credit card accounts, and online accounts for any unauthorized transactions or changes. Report any suspicious activity to your financial institution or the respective service providers.
  6. Remove Any Installed Software
    • If the scam involves installing software on your computer (such as remote access tools), uninstall it immediately. Go to `Control Panel > Programs > Programs and Features` to uninstall the software, and then check Task Manager (`Ctrl + Shift + Esc`) for any suspicious startup entries.
  7. Scan for Malware
    • Run a full system scan using reputable antivirus and anti-malware programs like Malwarebytes Anti-Malware. This will help identify and remove any malicious software that the scammer might have installed.
  8. Report the Scam
    • Report the scam to the relevant authorities. In the United States, you can file a report with:
    • The Federal Trade Commission (FTC) at [ReportFraud.ftc.gov](https://reportfraud.ftc.gov/)
    • The Internet Crime Complaint Center (IC3) at [www.ic3.gov](https://www.ic3.gov/)
    • Your local law enforcement agency.
  9. Monitor Your Identity
    • Keep an eye on your credit report and consider placing a fraud alert or credit freeze with the major credit bureaus (Equifax, Experian, and TransUnion) to protect against identity theft.
  10. Educate Yourself and Others
    • Learn about common scams and share this information with friends and family to help protect them from similar threats. Awareness is one of the best defenses against online scams.
  11. Consider Professional Help
    • If you’re unsure about the extent of the damage or how to secure your system, consider seeking professional assistance. Pacific Northwest Computers in Vancouver, WA, can help you secure your system and recover from a scam. You can contact them at 360-624-7379 for further assistance.


Conclusion

Phishing and social engineering attacks, such as fake tech support scams, are a significant threat in today’s digital world. By understanding how these scams operate and taking proactive steps to protect yourself, you can avoid becoming a victim. Always be skeptical of unsolicited contacts, verify claims independently, and never allow remote access to your computer unless you’ve initiated the contact through verified channels. If you do fall victim, act quickly to secure your computer and seek professional help to ensure your personal information remains safe.




Friday, August 9, 2024

Set your Windows 11 PC Network Profile to Private and Make Sure File and Print Sharing is Turned On!

How to ensure your Windows 11 PC's network profile is set to Private (and not Public) and that file and print sharing is turned on!!

1. Check and Set Your Network Profile to Private

  • Open Settings:

    • Press Windows + I to open the Settings app.
  • Go to Network & Internet:
    • In the left-hand menu, click on "Network & Internet."
  • Choose Your Network:
    • Click on "Properties" next to your current network connection (e.g., Wi-Fi or Ethernet).
  • Set Network Profile to Private:
    • Under "Network profile type," select "Private."
    • This setting makes your PC discoverable on the network, which is necessary for File and Printer Sharing.

2. Turn On File and Printer Sharing

  • Open Control Panel:

    • Press Windows + R, type control, and press Enter.
    • In the Control Panel, select "Network and Sharing Center."
  • Access Advanced Sharing Settings:

    • On the left side of the Network and Sharing Center window, click on "Change advanced sharing settings."
  • Enable File and Printer Sharing:

    • Expand the Private network profile section.
    • Under File and Printer sharing, select "Turn on file and printer sharing."
  • Save the Changes:
    • Scroll down and click "Save changes."


    Thursday, July 25, 2024

    I think someone is accessing my accounts and/or devices! What do I do!?

    If you suspect someone is accessing your accounts and/or devices, quickly securing them is crucial. Here are steps to check if your devices or accounts are being monitored or accessed by a 3rd party; and how to secure them!!


    Check If Somone Has Access To Your Accounts and/or Devices:

    1. Check for Unusual Behavior Being Exhibited By Your Device(s):

      • Unexpected battery drain.
      • Data usage spikes.
      • Overheating devices.
      • Unusual pop-ups or applications.
    2. Review Account Activity:

      • Check recent activity on your accounts to see if there are any unauthorized logins or changes.
        • On Gmail: 
          • Go to “Details” at the bottom of your inbox.
        • On Facebook: 
          • Settings > Security and Login > Where You're Logged In.
        • For other services, look for similar settings.
    3. Check Connected Devices:

      • Review the list of devices connected to your network or online accounts (Google, Apple, etc) and remove any devices that you do not recognize.
    4. Review Installed Apps:

      • Go through your installed applications and look for any apps you don't recognize or remember installing.
        • On Android: Settings > Apps.
        • On iOS: Settings > General > iPhone Storage.
    5. Check Permissions on/of Your Device(s):

      • On Android: Settings > Apps > [App Name] > Permissions.
      • On iOS: Settings > Privacy > [Permission Type] (e.g., Location Services, Camera).
    6. Update Your Software:

      • Ensure your device's operating system and all apps are up to date, as updates often include security patches.
      • On Android: Settings > Software Update.
      • On iOS: Settings > General > Software Update.
    7. Run Security Scans:

    Steps to Secure Your Accounts & Device(s):

    1. Change Your Passwords:

      • Update passwords for all accounts linked to your devices.
      • Use strong, unique passwords for each account.
      • Consider using a password manager.
    2. Enable Two-Factor Authentication (2FA):

      • Set up 2FA for all accounts that support it to add an extra layer of security.
    3. Logout from All Devices:

      • Sign out of all devices for each account. This will force any unauthorized users to log back in, prompting 2FA if enabled.
      • Look for "Log out of all devices" or similar options in account settings.
    4. Reset Your Device:

      • Factory reset your device to ensure no malicious apps remain.
      • Backup important data before resetting.
        • On Android: Settings > System > Reset > Factory data reset.
        • On iOS: Settings > General > Reset > Erase All Content and Settings.
        • After resetting, only reinstall apps from official app stores and trusted sources.
    5. Monitor Account Activity:

      • Regularly check account activity for any unauthorized access or changes.

    Notify & Seek Help:

    1. Notify Account Providers:

      • Contact the support teams of the services where you suspect unauthorized access. They can help secure your account and investigate any breaches.
    2. Consider Legal Action:

      • If you believe your privacy is being violated or if there are any illegal activities, contact local law enforcement for assistance.
    3. Get Professional Help:

      • For further assistance in securing your accounts and devices, contact Pacific Northwest Computers in Vancouver, WA. We can provide professional help in securing your digital presence. Reach us at 360-624-7379.

    Additional Tips:

    • Use a Password Manager: Consider using a password manager to generate and store complex passwords securely.
    • Regularly Monitor Accounts: Keep an eye on your account activity and be alert to any suspicious behavior.
    • Educate Yourself on Security: Stay informed about online security practices to better protect your digital life.

    By following these steps, you can regain control of your accounts and devices, enhancing your overall security. If you need personalized assistance, don't hesitate to reach out to professionals for help!


    Pacific NW Computers

    Saturday, July 13, 2024

    How to do a Tune-up/Clean-up with Virus Scans for your PC!

    General PC Tune-up/Virus Scan Procedures:

    Uninstall/Install Software:

    1. Uninstall Obvious Bloatware:
      • “Free Trial” software
      • Obvious junk programs & toolbars (One Search, Driver Support, One Bar, etc)
        1. Use the PNW Computers “Browser Hi-jack” blog article as a reference to find and remove software malicious Adware Programs.
        2. Computers that are heavily infected should be checked with ‘TDSKiller’ to rule out the presence of a Rootkit BEFORE any cleaning procedures begin. Unless cleaning is needed to run the utility.
    2. Install/Update Essential Programs:
      1. Security Clean-up Software List (Ninite.com can be used for installing most apps):
        1. Chrome, Firefox, Edge - Update
        2. Java, .Net & Silverlight Runtimes - Update/Install
        3. Malwarebytes Antimalware
        4. Malwarebytes ADWCleaner
        5. BleachBit

    Security Scanning & Virus/Malware Removal:

    1. Virus and Malware Scanning:
      Run FULL (not a quick/fast) Virus Scan with Local AV as well as Malwarebytes and ADWCleaner

    2. Web Browser Clean-up:
      • Check all Installed Web Browsers’ Extensions/Add-ons for anything unwanted/needed.
      • Check the general browser settings (Start Page, Default Search Engine, Etc.) for any tampering or modifications and reset to defaults if needed.
      • ADWCleaner is an excellent tool for finding and removing browser hijack apps.

    Performance Tune-Up:

    1. Junk File Clean-up - Bleach Bit

    2. Paging File Optimization

      1. Set the PC's paging file to either 1.5 the amount of RAM or set to 4096MB.
        1. Settings > System > About > Advanced System Settings
          1. Select the “Advanced” tab at the top
          2. In the “Performance” section click on “Settings”
          3. Click on the “Advanced” tab
          4. Under “Virtual Memory” click on “Change”
          5. Set the paging file accordingly
    3. Optimize System Performance Options

      1. Right-click ‘My Computer’ > Properties > Advanced System Settings> Click ‘Advanced’ tab > Click ‘Settings’ under the “Performance” area.
      2. Un-check all of the PC's visual effects performance options except for:
        1. "Use visual styles on windows and buttons"
        2. “Smooth Scroll List Boxes”
        3. “Smooth Edges on Screen Fonts”
        4. “Show Translucent Selection Rectangle”
        5. "Use drop shadows for icon labels on the desktop"
        6. Start-up Program Entries can also be managed using the Task Manager.
        7. Disable all unnecessary start-up items
          1. Typically leave start-up programs related to:
            1. OneDrive/MS Office
            2. iCloud Drive
            3. Printers
            4. WIFI Software
            5. Audio/Video Software
            6. Specialty apps such as Garmin, Fitbit, etc

    Windows Updates:

    1. Access Windows Updates through System Settings
    2. If the Microsoft Update feature is not/has not been enabled, enable Microsoft Updates in the Windows Updates “Advanced Options”. You can also enable the “Notify me when a restart is required” option too as well.
    3. After the Microsoft Update feature has been enabled, Windows Updates will now check for both Windows and Microsoft Updates.
    4. Allow the computer to check for new updates.
    5. Once checking for updates is finished, download and install all available updates.
      1. You may need to do this process more than a few times to make sure the system is fully updated.
    6. Some Windows Updates may fail. Do not hyper-fixate on failed updates, as they will likely resolve on their own after a few update/restart cycles.
    7. Verify Installation of all currently available Windows Updates AND Upgrades

    Wednesday, July 10, 2024

    Fake Tech Support Scam: What You Should Do!


    A fake tech support scam is a type of fraud where scammers pose as legitimate technical support personnel from well-known companies to trick victims into giving them access to their computers, personal information, or money. Here’s how these scams typically operate and how to clean up your system if you did/do fall victim to this type of scam!


    How Fake Tech Support Scams Work

    Initial Contact:

    • Cold Calls:
      Scammers often call victims directly, claiming to be from reputable companies like Microsoft, Apple, or a popular antivirus provider. They usually say they've detected viruses, malware, or other issues on the victim's computer.
    • Pop-Up Warnings:
      Victims might encounter alarming pop-up messages while browsing the web. These pop-ups often claim that the computer is infected and instruct the user to call a provided number for immediate support.
    • Emails:
      Scammers may send phishing emails that appear to come from legitimate companies, warning about security threats and urging the recipient to call for support.

    Convincing the Victim:

    • The scammer tries to convince the victim that their computer is at serious risk. They use technical jargon and alarming language to create a sense of urgency.
    • They might ask the victim to open certain files or run specific commands that produce harmless but alarming-looking results, reinforcing the scammer’s claims.

    Gaining Remote Access:

    • The scammer persuades the victim to install remote access software, such as TeamViewer, AnyDesk, or LogMeIn. This gives the scammer control over the victim’s computer.
    • Once they have access, they might pretend to run diagnostics or show fake errors to maintain the illusion of a serious problem.

    Exploiting Access

    • The scammer may install malware, steal personal information, or use the computer to commit further fraud.
    • They often demand payment for their "services," claiming they can fix the issues they "found." Payment might be requested via credit card, wire transfer, gift cards, or other non-reversible methods.

    Continued Exploitation

    • Even after payment, scammers may leave behind software that allows them to regain access or continue monitoring the victim's computer.
    • They might sell the victim's information to other scammers, leading to further fraud attempts.


    How to Protect Yourself

    Be Skeptical of Unsolicited Contact

    • Legitimate companies rarely contact customers out of the blue about computer issues. 
    • If you receive an unsolicited call or message, be wary.

    Verify Claims Independently

    • Don’t trust pop-ups, emails, or calls without verifying their legitimacy through official channels. 
    • Look up the company’s official contact information and reach out directly.

    Do Not Allow Remote Access

    • Never give control of your computer to someone you do not know or trust. 
    • Legitimate support personnel will not ask for remote access unless you have initiated the contact through verified means.

    Use Reputable Security Software

    • Keep your antivirus and anti-malware software up to date. Use reputable programs like Malwarebytes Anti-Malware to protect your system.

    Educate Yourself and Others

    • Learn about common scam tactics and share this knowledge with friends and family, especially those who might be less tech-savvy.


    Here's a step-by-step guide to help you ensure your computer is secure and free of any unwanted remote access software if you did fall victim to a fake tech support scam/scammer.


    Immediate Steps To Take If You Have Been Scammed

    1. Disconnect from the Internet

    • Unplug your ethernet cable or turn off your Wi-Fi to prevent further remote access.

    2. Identify and Remove Remote Access Software

    • Check Installed Programs
      • Go to `Control Panel > Programs > Programs and Features`.
      • Look for any remote access software (e.g., TeamViewer, AnyDesk, LogMeIn, RealVNC).
      • Uninstall any suspicious or unfamiliar programs.
    • Check Task Manager
      • Press `Ctrl + Shift + Esc` to open Task Manager.
      • Go to the `Startup` tab.
      • Disable any suspicious entries that start with Windows.

    3. Scan for Malware and Adware

    • Malwarebytes Anti-Malware:
      • Download and install Malwarebytes
      • Run a full scan and remove any detected threats.
    • ADW Cleaner
      • Download and run ADW Cleaner.
      • Follow the prompts to clean any adware, toolbars, or PUPs.


    Additional Steps You Can Take...

    Network Settings

    • Ensure no changes have been made to your network settings:
      • Go to `Control Panel > Network and Sharing Center > Change adapter settings`.
      • Right-click your network connection, select `Properties`, and check for any unfamiliar protocols or services.

    Check for Suspicious Services

    • Press `Win + R`, type `services.msc`, and press Enter.
    • Look for any unfamiliar services that are running and set to start automatically.
    • Right-click and stop these services if they seem suspicious

    Update Your System

    • Ensure your Windows operating system is up to date:
    • Go to `Settings > Update & Security > Windows Update`.
    • Install any available updates.

    Reset Passwords

    • Change the passwords for your computer accounts, especially if they have administrative privileges.
    • Change passwords for any online accounts accessed from this computer.

    Enable Firewall and Antivirus

    • Ensure Windows Firewall is enabled:
      • Go to `Control Panel > System and Security > Windows Defender Firewall`.
      • Make sure you have an antivirus program running and up-to-date.

    Monitor for Unusual Activity

    • Keep an eye on your system for any unusual behavior or performance issues.


    Final Steps

    Consider Professional Help

    Data Backup and Recovery

    • Backup your important data to an external drive or cloud storage.

    System Restore or Reinstallation

    • If you suspect deep-rooted infections or issues, consider performing a system restore or a clean installation of Windows.


    Feel free to reach out if you need further assistance or if anything is unclear. Stay safe!


    Monday, July 8, 2024

    How Did I Get Infected!?!


    For those of you who think, "Well, if I don't install random new programs from the internet or download random EXE files, I won't get infected" that's not really the case today. Most people are not infected because they browse the internet and accidentally click on an EXE file. That was more common several years ago.

    Nowadays, most people get infected because the malware comes to them. 

    You don't have to go out on the internet and have to "find" viruses or malware to get infected.

    The malware arrives in your inbox, in your private messages, from a trusted source, a hacked website, or inside a program you use, whose company got hacked, like in the case of 3CX.
    • The 3CX hack, which came to light in late March 2023, was a sophisticated supply chain attack. The incident involved the compromise of 3CX’s Windows and macOS build environments, allowing hackers to push trojanized software to 3CX customers.
    • The breach began when an employee at 3CX downloaded a trojanized installer for the X_Trader trading software, which had been compromised by North Korean threat actors. This malicious installer gave the attackers access to the employee's device and corporate credentials, enabling them to infiltrate 3CX’s network and insert malware into the 3CXDesktopApp. The attack was likely carried out by a North Korean hacking group tracked as UNC4736, linked to the financially motivated operation dubbed AppleJeus​ (Security Week)​​ (Security Week)​​ (CISA)​.
    This doesn't mean there aren't still things like malware advertising (malvertising), where you see ads on Google to entice you to click on or download something malicious. Another major source of malware now is also social media platforms! YouTube videos as well!! 

    For instance, if you look for any kind of cheat, crack, or mod for a popular video game, you will often find videos with external links. Many of these links, especially if they're password protected, contain malware.

    Sometimes, it's literally the first search result when looking up something as harmless as "sewing patterns and templates"!!

    Here are further examples of common ways people can get infected:

    • Phishing Emails:
      One of the most prevalent methods. Attackers send emails that appear to be from trusted sources, tricking recipients into clicking malicious links or downloading infected attachments. These emails often mimic legitimate communications from banks, social media platforms, or even colleagues.
    • Compromised Websites:
      Legitimate websites can be hacked to serve malware to visitors. This method doesn't require any action from the user other than visiting the site. Drive-by downloads exploit vulnerabilities in browsers or plugins to install malware without the user’s knowledge.
    • Software Supply Chain Attacks:
      These involve compromising a trusted software vendor to distribute malware to end users. The 3CX hack is a prime example, where attackers infiltrated the development pipeline of 3CX, a business communication software, and inserted malware into the software updates, affecting thousands of users.
    • Malvertising:
      Malicious advertisements, or malvertising, are another common method. These ads can appear on legitimate websites and redirect users to malicious sites or directly download malware. Even major advertising networks have been exploited to serve malvertising.
    • Social Media Platforms:
      Attackers exploit the popularity of social media to spread malware. They create posts or messages with enticing links that lead to malicious sites. YouTube videos offering cheats, cracks, or mods often include external links that direct users to malware. These links can appear highly ranked in search results, making them seem legitimate.
    • Messaging Apps:
      Private messages on platforms like WhatsApp, Facebook Messenger, and others can carry malicious links or attachments. Since these messages often come from known contacts, users are more likely to trust and click on them.
    • Trusted Sources:
      Sometimes, malware is spread through channels that users inherently trust. This could be through an email from a known contact whose account has been compromised or through a popular website that has been hacked.

    We always recommend installing and using good, trusted, and reliable antivirus and antimalware software for your system. While they are not a silver bullet, these tools provide essential layers of defense against various cyber threats. Antivirus software is designed to detect and remove viruses, while antimalware software targets a broader range of threats, including spyware, adware, and ransomware. 


    In addition to antivirus and antimalware software, browser add-ons can enhance your online security by providing additional protection against malicious websites and phishing attacks. One such recommended add-on is Malwarebytes's Browser Guard


    Benefits of Using a Browser Guard: 
    • Blocking Malicious Websites:
      Browser Guard blocks websites that are known to host malware, preventing you from inadvertently visiting harmful sites.
    • Protection Against Phishing:
      It helps identify and block phishing attempts, protecting your personal information from being stolen.
    • Ad Blocking:
      The add-on can block unwanted ads, which can be a source of malware through malvertising.
    • Improved Browser Performance:
      By blocking malicious content and unwanted ads, Browser Guard can enhance your browsing experience and speed.

    Pacific Northwest Computers Practices Combined Protection; What is That?!

    No single solution can offer complete protection against all cyber threats. Using a combination of antivirus, antimalware software, and browser add-ons provides multiple layers of defense, significantly reducing the risk of infection and data breaches. 
    Here’s why combined protection is essential:
    • Layered Defense: Different tools specialize in different areas of protection. Antivirus software focuses on traditional viruses, while antimalware software targets newer, more sophisticated threats. Browser add-ons provide real-time protection while you browse the web.
    • Reduced Risk of Zero-Day Attacks:
      Zero-day attacks exploit unknown vulnerabilities. Having multiple layers of protection increases the chances of detecting and stopping these attacks.
    • Comprehensive Coverage:
      Combined tools cover a wider range of potential threats, from viruses and worms to phishing attempts and malicious websites. 
    • We recommend using an Antivirus, 1-2 "stand-alone" scanning tools for general malware and adware scanning, as well as a maintenance/clean-up utility for removing junk/temp/cache/cookie data. 


    In today's cybersecurity landscape, simply avoiding the download of random programs or EXE files is not enough to protect against infections. Malware delivery methods have become more sophisticated, targeting users through phishing emails, compromised websites, and even trusted sources like popular software vendors, as seen in the 3CX hack.


    Malicious advertisements and social media platforms have also become significant vectors for malware distribution. Given this complexity, it's essential to use a multi-layered defense strategy. This includes installing and regularly updating trusted antivirus and antimalware software to provide essential protection against various threats.


    Additionally, browser add-ons such as Malwarebytes Browser Guard offer critical extra layers of security by blocking malicious websites, protecting against phishing attempts, and enhancing overall browsing performance by removing unwanted ads.


    Combining these tools creates a robust defense system, significantly reducing the risk of infection and providing comprehensive coverage against a wide range of cyber threats. By staying informed and proactive, users can better safeguard their systems and personal information from evolving cyber threats.

    Monday, July 1, 2024

    While we understand that prices on Amazon can be very competitive, there are several reasons why our prices might be slightly higher...


    1. Quality Assurance: 

    We source our parts from reputable suppliers who meet our strict quality standards. This helps us ensure that you receive reliable, durable, and high-quality parts. Amazon sellers can sometimes be not very well established 3rd sellers. There is also the risk of receiving "counterfeit" products from online sellers such as Amazon as well: https://www.aboutamazon.com/news/policy-news-views/amazon-counterfeit-crimes-unit-latest-updates-2024

    2. Expertise and Support: 

    Our team offers personalized service and expert advice that you won't get from an online marketplace. We can help you choose the right parts for your specific needs.

    3. Warranty and Returns: 

    We stand behind the products we sell. If you encounter any issues with a product or part, we make the process of replacement or return smooth and hassle-free by taking care of it for you.

    4. Supporting Local Business: 

    By purchasing from us, you are supporting a local business that contributes to the community. Your support helps us continue providing high-quality service in our area.

    5. Value-Added Services: 

    In addition to selling parts, we offer a range of value-added services such as maintenance, repair, and installation, which can save you time and ensure the job is done right.

    We believe that these benefits provide significant value that justifies the price difference. We are committed to offering you the best possible service and ensuring your satisfaction with every purchase.

    Wednesday, May 22, 2024

    Easily Zero Fill a Hard Drive for FREE through Windows!




    How To Zero-Fill A Hard Drive
    via the Windows Command Prompt

    Windows 7,8,10 and 11 actually can zero-fill a hard drive through the built-in Command Prompt utility. The Command Prompt adopts a special 'format' command to achieve writing zeros to the hard disk/partitions.

    How-To Zero Fill a Hard Drive in Windows:

    1. Click the “Start” button

    2. Input “cmd” in the “Search” box, and then right-click the Command Prompt icon and select “Run as administrator”.

    3. At the prompt window, you are going to use the following command to format each partition on the hard drive. 

    4. The command is (without quotes):
      “format DRIVE: /fs:NTFS /p:1” 
    5. However where it says "DRIVE:" you will need to provide the drive letter of the hard drive you wish to format/zero fill.

    6. Once you know the drive letter of the hard drive that is going to be erased, enter it in the command as follows: "format E: /fs:NTFS /p:1"

      • !WARNING BEFORE PROCEEDING!
        You cannot undo a format! So ensure that you choose the right hard drive and back up any required files! If you format the primary drive by mistake, the operating system will be deleted and your computer will not work again until you reinstall it.

    7. If you are 100% positive the drive letter is correct for the hard drive you would like to erase, with the command properly typed out in the Windows Command Prompt, you can now hit “Enter” to format the selected drive with the NTFS file system. 

    8. Type “y” and press “Enter” to confirm erase data.
      • This process will write zeros to every sector of the drive for a single pass.
      • For a twice-pass, you can input “p:2” instead.

    9. Wait for the process to be completed. 

    10. After erasure/zero fill is completed, you'll be prompted to enter a Volume label. 

    11. Type a name for the drive if necessary, or just press "Enter" to skip.

    12. Wait while “Creating file system structures” appears on the screen.

    13. Then repeat the above steps to format every partition on the hard disk; if/as needed.

    14. After writing zeros to each partition, you can type “exit” and press “Enter” to close the Command Prompt.

    That's it! 

    You have now successfully erased and zero-filled a hard drive for FREE through the Windows Command Prompt!


    Friday, May 17, 2024

    LoRA / Meshtastic & Unlicensed ISM

    What is LoRA?

    LoRA (which stands for Long Range) is a wireless communication technology designed for long-range, low-power communication in the Internet of Things (IoT) applications. It operates on unlicensed radio bands and is known for its ability to transmit data over long distances while consuming minimal power. LoRA technology is often used for connecting devices that need to communicate over long distances, such as in smart city applications, industrial automation, agricultural monitoring, and much, much more.

    The official organization of LoRA is called the LoRA Alliance. The LoRA Alliance is an open, nonprofit association that has a mission to standardize Low Power Wide Area Network (LPWAN) technologies to enable Internet of Things (IoT) applications worldwide. The Alliance collaborates with various companies and organizations to promote and advance the LoRaWAN protocol.

    There are also different LoRa frequencies available for use. LoRa technology operates in different frequency bands depending on the region. The most common frequency bands for LoRa are 433 MHz, 868 MHz, and 915 MHz. These frequencies are used in different parts of the world to comply with local regulations and standards for wireless communication. Europe mainly uses 433 Mhz and 868 Mhz. 433 Mhz is still used in the United States, but just not as common. One project in particular that primarily uses 433 Mhz is TinyGS.

    What the heck is TinyGS?!

    TinyGS is a project that aims to create a global network of ground stations to receive and decode data from small satellites, also known as CubeSats. These ground stations are designed to be low-cost and easy to set up, allowing for a decentralized network that can support communication with a wide range of CubeSats. The project focuses on enabling communication with small satellites to enhance their capabilities and increase the accessibility of space technology.

    Then who/what is Meshtastic?
    When I hear about LoRA, I hear a LOT about Meshtastic.

    Meshtastic is an open-source project that aims to create a long-range, low-power mesh networking platform using off-the-shelf hardware and open-source software. It allows users to communicate with each other over long distances without the need for cellular networks or internet connectivity by creating a mesh network using radio frequencies. Meshtastic devices can communicate with each other directly or through other devices in the network, enabling communication in remote areas or during emergencies where traditional communication methods may not be available.
    Meshtastic Wiki: https://meshtastic.org/docs/introduction/
    Flash Meshtastic to a Compatible Device: https://flasher.meshtastic.org/

    So how does all of this work?!

    The LoRa technology typically operates in unlicensed ISM bands, such as 915 MHz in the USA. Unlicensed ISM (Industrial, Scientific, and Medical) bands are radio frequency bands designated by regulatory bodies, such as the Federal Communications Commission (FCC) in the United States, for use without the need for a specific license. These bands are intended for industrial, scientific, medical, and other applications that do not interfere with licensed services. Devices operating in unlicensed ISM bands must comply with certain technical requirements to ensure they do not cause harmful interference to other users. Common examples of devices that operate in unlicensed ISM bands include Wi-Fi routers, Bluetooth devices, and microwave ovens.

    What does a typical LoRA device setup look like?

    First Things First: Set your Device's Region

    In order to start communicating over the mesh, you must set your region for your Meshtastic/LoRA device. This setting controls which frequency range your device uses and should be set according to your regional location.


    Channels, Frequencies, and Frequency Slots:

    The specific frequency settings you would use depend on your region, the LoRa module being used, and specific network configurations. For instance...

    The Long_Fast LoRA "Channel" is the common/public frequency all LoRA radios can communicate on/through. However, the Frequency might be 902.875 Mhz or it could be using 914 Mhz. To determine what frequency will be used for sending and receiving data, a "Frequency Slot" is used to calculate what specific frequency data will be transmitted. Most LoRA radios will automatically set the needed frequency, based on the "slot" that has been selected. However, sometimes you will find that you will need to manually configure the frequency.

    An easy way to figure out what frequency you need that is correlating to the "slot" that is needed/being used, is to use Meshtastic's Frequency/Slot calculator:

    https://meshtastic.org/docs/overview/radio-settings/

    You can also create your own channel, using your own slot, and even using an "overriding frequency" to help with the privacy of your communication. But that is all for another blog post :)

    Radio/Device Role:

    • Router:
      A device acting as a router helps in forwarding data packets within the mesh network. It plays a crucial role in routing messages between different nodes in the network.
    • Router/Client:
      A router client device typically refers to a node in the network that is not actively involved in routing or repeating messages but rather consumes data or interacts with the network for specific purposes. But it also serves the role of a router and helps in forwarding data packets within the mesh network. It plays a crucial role in routing messages between different nodes in the network.
    • Repeater:
      A repeater device extends the range of the mesh network by receiving messages from one node and then retransmitting them to reach nodes that are out of direct communication range.  
    • Client:
      A client device typically refers to a node in the network that is not actively involved in routing or repeating messages but rather consumes data or interacts with the network for specific purposes. 
    • Gateway:
      A gateway device serves as a bridge between the mesh network and external networks or the internet. It facilitates communication between the mesh network and other networks. 
    • Tracker:
      Some Meshtastic devices can also act as trackers, providing location information that can be shared within the mesh network. Each of these roles plays a vital part in ensuring effective communication and connectivity within a Meshtastic Lora mesh network.

    MQTT:

    MQTT (Message Queuing Telemetry Transport) is a lightweight messaging protocol that is commonly used in IoT (Internet of Things) applications for efficient communication between devices. In the context of LoRa (Long Range), MQTT can be utilized to facilitate the exchange of data between LoRa devices and a central server or cloud platform. By using MQTT, LoRa devices can publish data to specific topics or subscribe to topics to receive relevant information, enabling seamless communication and data transfer in LoRa-based IoT networks. MQTT also helps with reporting device location and allowing long-distance communications over the LoRA network, even if your radios are out of RF range. Your LoRA device can also report to MQTT by proxy, through the device that the LoRA radio is connected to.


    Creating a Private Primary, and Secondary "Public" Channels:

    1. If you'd like to connect with other Meshtastic users but only share your data with trusted parties, you may create a private PRIMARY channel and use the default "Long_Fast" network as a SECONDARY channel. 
    2. Ensure you have not changed the LoRa Modem Preset from the default unset / LONG_FAST.
    3. On your PRIMARY channel, set anything you'd like for the channel's name and choose a random PSK. Save this information and/or take a screenshot of the information and/or the QR Code so you can connect other devices to your private channel.
    4. Enable a SECONDARY
    5. Name the secondary channel "LongFast" with a PSK of "AQ==".
    6. If your LoRa frequency slot is set to the default (0), the radio's transmit frequency will be automatically changed based on your PRIMARY channel's name. 
    7. You may also manually configure the frequency slot for your radio as well.
    8. The most commonly used frequency slot in the US is Frequency Slot 20.
    9. After doing all of this, you may have to manually set your LoRA radio back to your region's default settings (in LoRa settings) in order to interface with users on the default slot again.

    Channel Uplink & Downlink:

    • Uplink Enabled:
      • The channel can send messages from the local mesh to MQTT
    • Downlink Enabled:
      • The channel can send messages from the MQTT to the local mesh.

    What kind of device do I need to get started with LoRA?

    ESP32 Based Boards:

    The ESP32 chip is older and consumes more power than the nRF52 chip, but is equipped with both WiFi and Bluetooth. Supported ESP32 devices include:

    nRF52 Boards:

    The nRF52 chip is much more power efficient than the ESP32 chip and easier to update but is only equipped with Bluetooth. Supported nRF52 devices include:

    RP2040 Boards:

    The RP2040 is a dual-core ARM chip developed by Raspberry Pi. Supported RP2040 devices include:

    To learn more on how to get started with Meshtastic and LoRA, as well as much more in-depth setup and configuration instructions/documentation, please check out the official Meshtastic Wiki:

    meshtastic.org/docs/introduction


    Monday, April 29, 2024

    Microsoft Battery & AC Adapter Driver Issue(s)

    Laptop Battery/Charging Issue(s):
    Microsoft AC Adapter & Microsoft ACPI-Compliant Control Method Battery Drivers

    I have run into a few laptops lately that have been exhibiting some issues with charging their batteries and the issues have actually been related to Microsoft's Battery and AC adapter drivers! 

    It's an easy to fix, and you just have to do the following:

    • You can open the "Device Manager" by searching for it through Windows search or by right-clicking the "Start" menu button and selecting "Device Manager."
    • Click on "Batteries" in the device list to expand it, and you will see two items: 
      • Microsoft AC Adapter
      • Microsoft ACPI-Compliant Control Method Battery.
    • Right-click ON EACH ITEM (BOTH) and choose "Uninstall Device". 
      • Yes, you are uninstalling your laptop's battery drivers. But don't worry, they will automatically be reinstalled when you restart your laptop.
    • Shut down your laptop.
    • Unplug the power cable from your laptop.
    • If your laptop has a removable battery, remove it. If it does not, you will need to remove the bottom panel and then disconnect the battery from the motherboard.
    • If you removed the battery, put it back in, or reconnect it if you had to physically disconnect it.
    • Plug your laptop back into power.
    • Power on your laptop.
    • Once you have booted back up and logged in, click the battery icon in the system tray, and you should see that your laptop is plugged in and charging!

    Source: