Cyber Security Today

November 30, 2020 by Robert Eyler

Today is Cyber Monday, when the Internet will be filled with supposed bargains and quick clearance sales. Some of those bargains will come from crooks. Be careful. Know the prices of the things you want to buy. If a deal is too good to be true, it’s probably fake — especially if it’s from a site or seller you’ve never heard of. Another scam is to offer a deep discount, but it comes with high shipping and handling fees.

Remember criminals are sending fake emails that look like they came from Amazon. Some offer deals. Others pretend there’s a problem with your Amazon account and ask you to click on a link to verify your information. The goal there is to steal your login password. And scammers still use phone recordings as traps. There are recorded calls going out now pretending to be from Amazon saying they’re about to charge you for being an Amazon Prime member. This, too, is a trick to get you to give away your password.

Many people are ordering products online at this time of year, so they’re expecting parcels. That’s why scammers are also now sending out emails with package delivery scams — like ‘Our courier couldn’t deliver your parcel today. Click here to see the delivery notice.’ Check if the email really is from a courier you are expecting.

Finally, make sure the device you use for buying — computer, smartphone or tablet — has the latest security updates. That’s just in case you make a mistake. You don’t want to get infected.

That’s it for Cyber Security Today. Links to details about these stories are in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals.

Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

This is from Cyber Security Today at https://www.itworldcanada.com/article/cyber-security-todoay-executives-email-passwords-for-sale-a-ransomware-attack-on-industrial-systems-manufacturer-and-online-shopping-tips/438936

Windows Defender gets the job done — so why even gamble with third-party antivirus?

January 30, 2020 by Robert Eyler

What I use is Windows Defender and Malware Bytes Pro.

In a world where Windows Defender is more than good enough to get the job done, why even risk using a third-party antivirus?

Dan Thorp-Lancaster

28 Jan 2020

Windows Defender family options Source: Windows Central

News broke this week that Avast has apparently been selling the browsing data of its users to major companies, including Microsoft, Google, Pepsi and Home Depot. The data, which was obtained as part of a report by Motherboard and PCMag, included things like Google searches, what LinkedIn pages and YouTube videos people looked at, and even the porn sites people viewed.

Avast claims the data it collects is anonymized, and its users have to opt in to allow Avast to use their data. However, it’s unlikely that every owner included in the around 100 million devices that opted into the program knows exactly how their data is being used and what’s being collected. Despite all of the caveats, the fact remains that an antivirus company is harvesting browsing and search data from its users, dumping it off to a subsidiary, and selling it for marketing purposes.

Our favorite VPN service is more affordable now than ever before

Why even gamble with the idea of yet another company treating your online habits like a sack of money to be pillaged when Windows Defender, which is build into Windows 10, is good enough?

Defender isn’t perfect but it’s more than good enough

Windows Defender Security Center Source: Windows Central

Microsoft has received some backlash in recent years over the telemetry data it collects with Windows 10, but that’s a far cry from pulling your entire browsing history and selling it, even if it’s anonymized. Otherwise, Windows Defender has a lot going for it: it’s fast, and it doesn’t hit system resources as hard as heavy third-party antivirus software does. Even better, it’s just as good as all of the other antivirus options on the market.

By opting to stick with Windows Defender, you also avoid all of the annoying parts of third-party antivirus software. It’s free, there are no annoying pop-ups to renew your subscription, and you aren’t opening yourself up to other potential attack vectors opened up by the way other antivirus software has to integrate itself into your system. Did I mention, it’s free for Windows users?

Windows Defender is no cure-all for every problem out there. You’ll still want to practice some common sense when poking around the internet, and you might even want to pair it with a malware scanner of some sort to double up on protection. Still, there’s no reason to go out of your way with third-party antivirus software when Windows Defender is just fine in its current state.

I don’t say all of this as some sort of privacy warrior. I’m well aware that every Google search I make, every trip I map out with my phone’s GPS, and every Amazon purchase I make are all going into some marketing black box that is uniquely designed to make me buy more stuff I probably don’t need. But when everyone online is looking to make a buck on our data, it only makes sense to cut down where you can.

This is information is from https://www.windowscentral.com/windows-defender-great-so-why-even-gamble-third-party-antivirus

New Google Android Threat: Malicious App

November 3, 2019 by Robert Eyler

This information came from Forbes at https://www.forbes.com/sites/kateoflahertyuk/2019/10/30/new-google-android-threat-malicious-app-installed-by-40-million-play-store-users/amp/

Google Android users have been put at risk again, after it emerged a keyboard app called ai.type previously available on the Play Store has been making millions of unauthorized purchases of premium digital content. The Android app has been downloaded more than 40 million times, according to researchers at Upstream.

Hiding in plain sight by masking its activity to spoof apps such as Soundcloud, the rogue Google Android app delivers millions of invisible ads and fake clicks, passing on user data about real views, clicks and purchases to ad networks.

Ai.type is a customizable on-screen keyboard app developed by Israeli firm ai.type LTD, which describes the app as a “free emoji keyboard.”

But in the background, without your knowledge, the Android app turns your device into “one of the many bots of the network controlled by fraudsters to commit ad fraud,” says Guy Krief, CEO of Upstream.

The app was deleted from the Google Play Store in June, but it remains on millions of Android devices and is still available from other third-party marketplaces. There was a spike in its suspicious activity once removed, the Upstream researchers say.

Specifically, Upstream says its Secure-D platform has detected and blocked more than 14 million suspicious transaction requests from 110,000 unique devices that downloaded the ai.type keyboard.

There is currently a free version of ai.type in the Google Play Store, which was added in October. Upstream’s researchers say they have not detected any suspicious activity coming from the newer app. The premium app is not affected.

It’s one of many rogue Android apps reported in recent weeks. Only last week, researchers at ESET discovered a year-long campaign that saw 8 million installs of adware delivered through 42 apps.

It came after ESET researcher Lukas Stefanko published his report detailing the 300 million malicious Android app reports during the month of September.

Other recent rogue apps plaguing Android users include spyware and adware.

The Google Android app threat: What to do

I contacted Google, who confirmed that the app had been removed from Google Play. However, Upstream advises anyone who has downloaded ai.type to check their phones for unusual behavior. This can include issues such as the battery depleting faster than usual, your device overheating, your data plan depleting or charges for premium digital services that you haven’t purchased. If you spot any of these indicators, it’s likely you have become a victim.

If you have already downloaded the app, you should delete it now, says Krief.

In general, Android users need to be more proactive about their security than those who use Apple’s iPhone. In order to be as safe as possible, Krief advises to only download apps from Google’s Play Store.

Meanwhile, read users’ reviews of apps–and not only the most recent ones. “Do a quick online search about the app and its developer,” he says.

You should also have active and updated anti-virus running on your device.

It seems that malicious Android apps are popping up more than ever. Recently, a lot of experts have been commenting that the Google Play Store is getting out of hand. “It is hard to keep statistics, but we are seeing an increasing number of apps available in the Play store being exposed for fraudulent activity,” Krief says.

He warns: “We are also seeing developers re-publishing apps that were caught for fraudulent behaviour, under the same name, or under a different app name.”

So it goes without saying, if you use Android, you need to take steps to secure your device–and be careful about what you download as well as the permissions you allow your apps.

Update November 1 at 07:36 ET

Updated to clarify that there is still a version of the ai.type app in the Google Play Store, but this is not affected by the same issues as the one removed by Google in June.

Scammers impersonating Social Security Administration (SCAM)

August 12, 2019 by Robert Eyler

Officials said the callers fraudulently identify themselves as Social Security Administration representatives and threaten taxpayers with deactivating their Social Security number or account due to “suspicious activity.”

Posted: Aug 9, 2019 12:58 PM

Posted By: Chelsea Hunt

Share to Twitter Share to Email Share to Print

EUGENE, Ore. — The Oregon Department of Revenue is warning the public after a spike in scam calls.

As part of the scam, the caller may ask for personal information and bank account information.

Officials warn that a person’s caller ID may even show the real Social Security Administration number — 1-800-772-1213 — but the scammers are faking the number.

“We encourage the public to protect themselves by verifying they’re speaking with authorized representatives of the Social Security Administration if they have any questions about the legitimacy of the call,” said Department of Revenue Director Nia Ray.

If you suspect the call is a scam, hang up and call the Social Security Administration number and speak to a real representative. Officials said you should never give any part of your Social Security number, bank account information or credit card number to anyone who contacts you.

Officials said if you get one of the calls, notify the Federal Trade Commission. You can also report scams to the Office of Inspector General by calling 1-800-269-0271 or online by clicking here.

Microsoft Issues ‘Update Now’ Warning To Windows Users

June 6, 2019 by Robert Eyler

This is from https://www.forbes.com/sites/daveywinder/2019/06/01/microsoft-begs-windows-users-to-update-now-citing-wannacry-2-security-threat/#290f5c1c60ca

ASSOCIATED PRESS

Microsoft really does not have the greatest track record when it comes to those security and system fixes that are usually referred to as Patch Tuesday updates. Readers of Forbes will not need reminding how these updates have recently caused Windows to freeze or simply decided to install themselves and cause unexpected restarts. Indeed, I have had more messages from readers who are fed up with Windows updates than in relation to anything else I have covered on Forbes. Yet it is precisely these people that Microsoft is now urging to apply one particular set of updates released May 14, warning that unless they do at least a million computers might be exploited by a security threat that could be as damaging and costly as WannaCry was two years ago.

The warning, which reads almost as if Microsoft wrote it on bended knee, was posted on the Microsoft Security Response Center blog. Referring to the critical Remote Code Execution vulnerability, CVE-2019-0708, that has become better known as BlueKeep, Simon Pope, director of incident response at Microsoft, states that “Microsoft is confident that an exploit exists for this vulnerability.” What’s more, Pope says that such an exploit could “propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.” An internet-scale port scanner has already determined that there are at least 923,671 internet-facing machines which are vulnerable to BlueKeep on port 3389 which is used by the Microsoft Remote Desktop feature.

It is worth reading between the lines here, especially concerning that apparent confidence that a BlueKeep exploit exists. While it is not clear if Microsoft has intelligence that suggests active malware has been weaponized in this way, what we do know is that there is proof of concept (PoC) code available already. One BlueKeep demo on GitHub will crash a system that is vulnerable but does not execute the wormable threat that Microsoft is obviously so worried about. We also know, through the information security community on Twitter, that there are denial of service (DoS) exploits available, and that security researchers have been successful in developing wormable exploit code.

While Windows 8 and Windows 10 users are not impacted by this vulnerability, Windows 2003, Windows XP and Windows Vista all are. Despite all of those vulnerable systems being unsupported for some years, Microsoft made the patch available to users which shows just how concerned it is by the “WannaCry 2” threat. Windows 7 and Windows Server 2008 are also vulnerable.

Although I am as fed up with ongoing Windows update problems as anyone, I’m more worried about a WannaCry 2 attack taking down a myriad of business systems and all the fallout that entails. Which is why I am echoing the advice of Microsoft’s Simon Pope: “We strongly advise that all affected systems should be updated as soon as possible.”

Reminder of End Of Life for Windows 7

March 26, 2019 by Robert Eyler

The end of support for Windows 7 will stop on January 20 , 2020. Your Windows will still work as normal ;However , you will not get any update or security updates for Windows 7. Then in time you can become vulnerable to viruses and malware on the internet and also have your information stolen from your computer.

Now would be the time to update to Windows 10 before January 20, 2020. As of March 15, 2019 You can download Windows 10 for free. If you do want to update to Windows 10 I can do that for you. The cost for us to do it would be $100. This includes testing and making sure that the system is in good working order. Make sure that it can get on to the internet , the printer is working. Also we will clean out the system from junk.

You can ether call or text me at (864)494-9089

or if you like you can email us at robert@roberts-computer.com

or you can go to Microsoft site at https://support.microsoft.com/en-us/help/4057281/windows-7-support-will-end-on-january-14-2020

Tip: For your own safety, you should never Check for Updates in Windows 10

December 18, 2018 by Robert Eyler

Tip: For your own safety, you should never Check for Updates in Windows 10

We all know and accept that being a Windows 10 Insider will expose you to early software with potential bugs, but it turns out besides ticking the Become an Insider box there is another way to tell Microsoft you like to live on the wild side, and that is simply clicking on the Check for Updates button.

In a blog post last week Michael Fortin, Corporate Vice President of Windows revealed that clicking that button marked you out as an advanced user willing to test early versions of Windows 10 patches.

He writes:

We also release optional updates in the third and fourth weeks of the month, respectively known as “C” and “D” releases. These are validated, production-quality optional releases, primarily for commercial customers and advanced users “seeking” updates. These updates have only non-security fixes. The intent of these releases is to provide visibility into, and enable testing of, the non-security fixes that will be included in the next Update Tuesday release (we make these optional to avoid users being rebooted more than once per month). Advanced users can access the “C” and “D” releases by navigating to Settings > Update & Security > Windows Update and clicking the “Check for updates” box. The “D” release has proven popular for those “seeking” to validate the non-security content of the next “B” release.

In short with the monthly C and D patches are a proving ground for the regular and mandatory B “Patch Tuesday” releases which regular users would not normally receive unless they click Check for Updates.

And while Microsoft notes these are “validated, production-quality optional releases” we know these patches have gone wrong in the past, and have had to be pulled and re-issued. Unless you wish to be a tester it is probably wise to let the pioneers take the arrows first.

In the end, it is wise to test any software update on a small segment of users first, but many less expert users have been told Checking for Updates makes your PC safer, not riskier. Some segment of users even Check for Updates to avoid unexpected reboots when they are doing something important. How Microsoft views this group will not be transparent to them.

With the usual Christmas meetups approaching it may be wise that, instead of telling our friends and family to keep their PCs up to date, to spread the message that it is best to leave your PC alone to do its thing and hope and pray Microsoft gets it right this time.

This is from https://mspoweruser.com/tip-for-you-own-safety-you-should-never-check-for-updates-in-windows-10/

Scam Calls Are ‘Epidemic’ — and Getting Worse

October 20, 2018 by Robert Eyler

A new report says nearly half of mobile calls will be fraudulent by next year

by Sarah Elizabeth Adler, AARP, September 14, 2018 | Comments: 200

This can be found at Scam Calls Are ‘Epidemic’ — and Getting Worse

Tero Vesalainen/Getty Images

Scam calls are getting more frequent — and quickly. By next year, nearly half of all calls to mobile phones will be fraudulent, according to a new report from telecommunications firm First Orion. The company analyzed data from more than 50 billion calls over 18 months to get a snapshot of what they call the scam-call “epidemic.” Here’s what they found:

Mobile phone scam calls are increasing: In 2017, only 3.7 percent of calls to cell phones were fraudulent. This year, that number reached 29.2 percent — and it’s expected to climb to 44.6 percent in 2019.

Fraudulent landline calls are declining: Scam calls originating from landlines are decreasing. In 2019, only a projected 24.8 percent of scam calls will come from landlines, a decrease from 56 percent in 2017. This is in part because fewer people use landlines in the first place, but it’s also a sign of just how technologically sophisticated — and successful — mobile scammers have become.

Beware the area code: “Neighborhood spoofing” is a tactic in which fraudsters show up as a local number on your caller ID by matching the first six digits of your number. The report estimates that 9 in 10 scam calls will come from a familiar area code next year.

The increasing numbers of scam calls mean it’s harder to determine what calls are legitimate — on either a mobile or landline.

“People just don’t answer their phones anymore,” says Gavin Macomber, First Orion’s senior vice president of marketing and strategic business development.

Learn more about protecting yourself, visit AARP’s Scams & Fraud page.

According to Macomber, 84 percent of unknown mobile calls (and an even higher percentage of landline calls) go unanswered these days. This can be a real problem for legitimate businesses trying to reach their customers.

And for consumers who get caught up in a scam, the financial repercussions can be serious. The FTC reports that the median loss from a phone-based scam in 2017 was $720.

Luckily, there are several ways to stay protected. For smartphone users, apps such as RoboKiller and Truecaller can help detect and block unwanted calls — but keep in mind that these apps block calls only from known scam numbers, not “spoofed” calls that temporarily hijack legitimate digits.

Some carriers, such as T-Mobile, have started to offer screening services that alert consumers if an incoming call is likely fraudulent — and other carriers are likely to follow suit. In the meantime, familiarize yourself with common scams, like calls from people claiming to work for the IRS or your credit card company.

Macomber says he hopes we’ll soon be living in a world in which consumers can answer their phones again. Until then, just hang up.

Text to Download an App to track you

September 6, 2018 by Robert Eyler

This is going around… Now… It may or MAY NOT be for tracking women / young ladies — but the object of it is to install SOMETHING on your mobile device.

Be sure to have “only authorized software” enabled on your phone to make sure this stuff isn’t auto-installed.

Your phone can get infected just like a computer and with the popularity of phones over computers/laptops, we’ll see more of this.

Please, have a talk with your kids about things like this.

DO NOT DOWNLOAD ANYTHING FROM A TEXT MESSAGE THAT YOU DO NOT KNOW WHERE IT CAME FROM.

This came from Facebook -The Computer Guy

Warning on Sextortion do not fall for this scam

August 16, 2018 by Robert Eyler

Do not believe this email if you get this email just delete it.

Someone has been sending sextortion scam emails with a new twist – one aimed at making it more likely you’ll be duped into paying a blackmail fee.One of the emails arrived at Naked Security yesterday, via a diligent reader, just as Brian Krebs was breaking the story on his site.

It claims to have compromising images of the recipient and goes on to ask for payment in order to stop the images being released publicly. Attempting to manipulate victims by claiming to have compromising images of them is known as sextortion, and its been used for years. What makes this scam different is that it’s added something extra: it contains a real password used by the victim.

The email reads:

"I do know, [PASSWORD REDACTED], is your password. You do not know me and you are probably thinking
why you are getting this e mail, correct?
actually, I placed a malware on the adult videos (pornography) website and do you know what,
you visited this web site to experience fun (you know what I mean).
While you were watching videos, your internet browser initiated working as a RDP (Remote Desktop)
that has a key logger which gave me accessibility to your display and also webcam. after that,
my software program obtained all your contacts from your Messenger, Facebook, as well as email.
What exactly did I do?
I made a double-screen video. First part displays the video you were viewing (you've got a nice
taste haha), and second part shows the recording of your webcam.exactly what should you do?
Well, I believe, $2900 is a reasonable price tag for our little secret. You'll make the payment
via Bitcoin (if you don't know this, search "how to buy bitcoin" in Google).
BTC Address: 19ZFj3nLSJCgoAcvZSgxs6fWoEmvJhfKkY
(It is cAsE sensitive, so copy and paste it)
Important:
You have one day to make the payment.
(I've a unique pixel within this email message, and now I know that you have read this e mail).
If I do not get the BitCoins, I will definitely send out your video to all of your contacts
including relatives, co-workers, and so forth. Nonetheless, if I receive the payment,
I'll erase the video immidiately. If you want evidence, reply with "Yes!" and I will send your
video to your 9 friends. It is a non-negotiable offer, that being said do not waste my time and
yours by replying to this e-mail."

This information is from the Naked Security
There is more information on this at the following links
Wikipedia
FBI