QR code can be a good use for business to make it easy for the customers to view menus , store maps , and to get coupons.

The beauty of a QR code is that instead of asking someone to remember a website, you simply embed it in the code. When they scan the code, it takes them directly to whatever webpage you want.

Because of the easy of getting the QR codes the Cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for Cybercriminal use and / or steal your data on your device.

If there is QR code in a place by like an ATM or place that make no since DO NOT scan them.

To get more information go to this web page.
https://www.inc.com/jason-aten/if-you-scanned-that-qr-code-during-super-bowl-fbi-has-a-warning-for-you.html

Robert’s Computer Service
(864)494-6089

There are groups of people that are mailing out USB drive to business and home users. If you find one in a parking lot DO NOT keep it just toss it in the trash. If you get one in the mail unexpected again DO NOT plug it in to your computer. Just trash it.
There is a scam tied with this USB drive. This drive can very will contain a malicious software that can do harm to you and your computer. They can download malware and/or ransomware to your computer and you not know it.

To get more detail information you can go to

Cyber Security Today, Jan 10, 2022 – Beware of unexpected USB keys in the mail, FlexBooker admits data theft and more

Robert’s Computer Service
Robert (864)494-6089

With the Holidays coming around and lots of pictures being taken. Before you post the pictures make sure you get your GEO tags out of the picture. You can also turn off GEO takes on the device before you take the picture. To delete your GEO tags.
1) go to the picture that you want to remove and right click on it
2) click on Properties
3) click on details tab.
4) At to bottom click on Remove Properties and Personal Information.
5) Save a copy of picture or over write the picture.
6) Click on OK. Your are done with it.
What is GEO tags? GEO tag is the information on what device it was taken on and the location of where it was taken. With that information they can find out where you hang out at and live and work. This should be done all year long not just in the Holidays.
Robert’s Computer Service
(864)494-6089

There are 129 dell computers that has a vulnerability with the BIOS (Basic Input Output System).

The quick summary: Need to update your Dell BIOS manually. If you do not feel or do not want to do it you can give me a text or call me at (864)494-6089 or email me robert@roberts-computer.com

BIOS is essentially embedded software on the system and the first things that runs on the computer after power on and it is behind the computer logo.

What the problem is that it’s still just software. Dell has this product called BIOSConnect that allows a computer in BIOS to call – phone home to Dell for support purposes. So, it can update the firmware on the system. if you’ve lost your operating system and you can’t get it to boot or something’s missing, you can actually still get this thing to connect to the Dell servers in BIOS because that’s always going to be there.

But what’s happened here is the first vulnerability that they found, that Elysium found, is a problem with TLS certificates. And TLS is Transport Layer Security. It’s how the internet works. But this software is written in C code. Which at a very low level, so getting that TLS handshake correct is important, and Dell didn’t do that here. In fact, this system – if you have a privileged network attacker on the network, and they can intercept, like, a DNS call out to the Google DNS server of 8-8-8-8.

They can intercept the communication. Then impersonate Dell and hand back any readily available, freely available TLS certificate, and the software in the BIOS will accept that and say, OK, you’re Dell, right? and any certificate at all, this software says, we’re good here. Just about, as long as it’s not self-signed. It has to be from a certificate authority that’s in the – but those are not easy – not hard to come by. So, if you’re on the network, if the malicious actor is on the network, they can intercept the traffic, they can feedback the – some bogus certificate, and the service will then – the service on that computer will then trust the attacker, and then the attacker can exploit one of three buffer overflow vulnerabilities that were also found in the software. And that allows arbitrary code execution. There’s even one that allows arbitrary code execution in BIOS, so they could completely replace the BIOS of your machine

The end result could be replacing the mother board.

Dell dose have a fix to this problem. However, you should be this done ASPS by August when all of the details will be out in the wild. DO NOT DO IT VIA THE UPDATE TOOL due to you can not trust the tool. When you or someone dose the update. Do it manually.

You can go to dell.com then download the patches.

If you like you can give me a text or call me at (864)494-6089 or email me robert@roberts-computer.com

With this round of Stimulus Check here are some things to look out for.

1) The IRS will not be call or email or text you to get any information for you.

2) If some one calls or sends you an email say that if you pay $$$ we can get for you faster. That can not happens and it will be a SCAM.

3) The IRS doesn’t call it a ‘ Stimulus Check’ they call it by its official name “economic impact payment,” Be wary.

4) If you get a check in the mail with $***.50 and tells you to call or verify information online in order to cash it. Shredding it up if it has cent on it.

IF you would like more or detail information you can go to CNET or IRS CNET https://www.cnet.com/personal-finance/just-do-us-a-favor-and-dont-fall-for-these-stimulus-check-scams-ok/ or IRS https://www.irs.gov/newsroom/irs-issues-warning-about-coronavirus-related-scams-watch-out-for-schemes-tied-to-economic-impact-payments I hope that this information helps you keep your economic impact payments in your pockets.

Today is Cyber Monday, when the Internet will be filled with supposed bargains and quick clearance sales. Some of those bargains will come from crooks. Be careful. Know the prices of the things you want to buy. If a deal is too good to be true, it’s probably fake — especially if it’s from a site or seller you’ve never heard of. Another scam is to offer a deep discount, but it comes with high shipping and handling fees.

Remember criminals are sending fake emails that look like they came from Amazon. Some offer deals. Others pretend there’s a problem with your Amazon account and ask you to click on a link to verify your information. The goal there is to steal your login password. And scammers still use phone recordings as traps. There are recorded calls going out now pretending to be from Amazon saying they’re about to charge you for being an Amazon Prime member. This, too, is a trick to get you to give away your password.

Many people are ordering products online at this time of year, so they’re expecting parcels. That’s why scammers are also now sending out emails with package delivery scams — like ‘Our courier couldn’t deliver your parcel today. Click here to see the delivery notice.’ Check if the email really is from a courier you are expecting.

Finally, make sure the device you use for buying — computer, smartphone or tablet — has the latest security updates. That’s just in case you make a mistake. You don’t want to get infected.

That’s it for Cyber Security Today. Links to details about these stories are in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals.

Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

This is from Cyber Security Today at https://www.itworldcanada.com/article/cyber-security-todoay-executives-email-passwords-for-sale-a-ransomware-attack-on-industrial-systems-manufacturer-and-online-shopping-tips/438936