TRI December 2018 Newsletter

TRI Newsletter – December 2018

Charity Scams to Watch Out for During the Holidays

‘Tis the season of giving, which means scammers may try to take advantage of your good will. A surprising fact about American donation habits is that everyday folks like yourself are the single largest driver of charitable donations in the United States. Giving USA’s Annual Report on Philanthropy found that individuals gave $286.65 billion in 2017, accounting for 70 percent of all donations in the country.

Charity Scams

Unsolicited donation requests are fairly normal during the holiday season —especially since non-profits depend on year-end giving for the success of their organizations—but look out for a few behaviors as red flags. Overly aggressive pitches including multiple phone calls and emails, or high-pressure tactics that require your immediate donation, should always be avoided. Be on high alert for “phishy” emails and links; make sure to check the sender’s email address and hover over links to reveal their true destination before clicking on them. Even if a website looks legitimate, it may be spoofed. Check that the domain matches the company you intended to visit. This can be trickier than it sounds. For instance, stjudehospital.com may appear to be genuine, but an easy Google search of “St. Jude Hospital” reveals their actual site to be stjude.org.

If you’re donating to a charity you’ve never worked with before, do a little research before committing your funds.

“Charity Navigator” is a particularly useful resource; just type in the organization’s name and check out their rating. If they are not listed on Charity Navigator, it’s probably best to err on the side of caution and donate your hard-earned dollars elsewhere. Also, be sure to only enter sensitive or personal information into websites that have an SSL certificate; you’ll be able to tell if a page is secure if the link begins with “https”. (This is a great tip for shopping online this holiday season too.) Finally, before making any online donations, make sure you have a strong antivirus program installed that can detect phishing sites and that it’s up-to-date on all your devices.

If you are contacted by a charitable organization by telephone and want to make a donation, don’t give them your credit details over the phone. Have them mail you a donation form for you to evaluate and mail back. Remember: no legitimate charity will ask you to wire them money or pay them in gift cards. If you encounter a charity that is urging you to do so, cut all contact and block them on all platforms.

Bear in mind that not all charity scams are out for money, either—some are hoping to skim personal information. There is absolutely no reason to provide a charitable organization with information like your Social Security Number or driver’s license number—these are major red flags. Also, be especially cautious of requests to send an SMS code to donate via text message.

Social Media Scams

Social media is an easy and typically secure way to donate to legitimate charitable organizations, but scammers know how to use these platforms as well. Social media scams are on the rise, but a little bit of common sense goes a long way with donations on social channels. If you’re looking to donate to someone through a crowdfunding site, be sure the campaign fully answers these questions:

  • Can you verify if the organizer of the campaign has an existing relationship with the intended donation recipient?

  • Is there a plan for how the funds be used to aid the intended recipient?

  • Are verifiable friends and family of the intended recipient making donations and leaving supportive comments?

  • How will the intended recipient access the funds?

If you cannot easily find the answers to these questions, we recommend you avoid donating to that campaign.

Another pervasive social media scam is celebrity imposters who pretend to raise funds for charities or disaster relief. These imposters use the familiar faces of some of our favorite media personalities to gain our trust and access our wallets. If you have been solicited by a celebrity for donations, stop and take moment before you give. Make sure it’s their official social media page, which can be often verified on Twitter and Facebook by a small blue checkmark next to their name. You may also Google the celebrity’s name and “scam” to see if others have already reported a trap.

Source: @PatrickDempsey on Twitter

Attacks Targeting Seniors

While scams that target our aging loved ones are a problem year-round, the Consumer Financial Protection Bureau says scammers tend to ramp up their efforts during the holidays to take advantage of seasonal generosity. Most charity scams that target seniors are similar to the ones we all face, including phishing emails, phishing sites, and false charities. However, “Grandkid Scams” are a unique variety.

For this type of fraud, an older adult is contacted by a someone pretending to be a family member in desperate need of money or assistance, often impersonating a grandchild. Speak with the older adults in your life about the common signs of scams, like misspelled emails and requests for wire transfers, and teach them how to hover over a link to check its destination. Remind them to verify whether a family member is reaching out for money, and check in with them more often leading up to the holidays to catch any potential security issues early.

Stop Attacks Early

Vigilance is key in stopping a potential security breach in its tracks. If you believe you may have unwittingly sent money to a scam charity, reach out to the organization you used to send the money, such as your bank or credit card company. Tell them the transaction was fraudulent and ask them to cancel it, if possible. If you believe your personal information was exposed, you can freeze your credit to prevent any long-term damage. Also, if you think you may have encountered a charity scam of any type, be sure to report it to the FTC to help keep others safe.

Even if you don’t think you have suffered a breach, keep an eye on your credit score and monitor your banking and credit accounts closely this holiday season. Paying a little extra attention will help you act quickly if your information has been compromised, potentially saving you and your family major holiday heartache. For an added layer of protection, secure all of your family’s devices behind a trusted VPN, which will keep your private data encrypted and safe should anyone try to intercept information you send over WiFi.

by Drew (Webroot) on Nov 26, 2018

General Maintenance for your Computer

  • Keep it clean

  • Wipe your monitor, inspect your vents and remove dust/buildup, and keep peripherals tidy.

  • Perform basic software maintenance. (Do the updates when prompted)

  • Keep Windows up to date (stop postponing those Windows Update boxes!)

  • Do a disk cleanup

  • Check for memory problems. Windows 10 comes with its own memory diagnostic tool.

  • Give your battery some TLC

  • Keep that airflow unobstructed and make sure the computer doesn’t get too hot or too cold. The Goldilocks zone is between 68°F and 77°F. If you plan to store your PC for more than a month, discharge the battery at 70% power and remove it.

Browser Spyware Infections “scareware”

Please continue to be diligent and aware when going online to surf the web or check your email.   I still get calls 4-6 time a day about attacks of “Scareware”. The first thing you should do is Shut Down your computer. Many of them tell you not to, but that is because the scareware is loaded into your RAM (temporary storage).  Once the computer shuts down that is cleared. The first thing I will ask when called is did you shut down your computer.

(Example of browser “scareware”)

https://www.malwarerescue.com/wp-content/uploads/2014/03/systemversion.com-pop-up.png

If you get a page that tells you that you are infected with XXX many viruses and to call their tech support number right away, DON’T.  What’s happening is your browser has been hijacked by the people claiming to have identified your infection. If you were to call, they will appear to be as legitimate as they can as they request your payment information.  Because this is attempting to ‘get a reaction’ from you, both PC and MAC computers are at risk. HP, Dell, Microsoft and all other legitimate technicians will only call you when you have initiated a call to their support. Additionally, and unfortunately, due to these scareware tactics, if you attempt to Google or execute a web search for one of these legitimate company resources, it is even possible that the page you find is a fake landing page published by these malicious persons.  (Look in your computer, software or printer documentation for a customer support number.)

What can you do now?  If shutting down didn’t solve the problem, we can usually walk you through resetting your browser over the phone.  If you clicked on/called the number, Shut Down your computer and call us. Most spyware can be cleaned off your computer in about an hour ($125).

Welcome Adam!

We have a new technician starting in December Adam Leffler.

He will be shadowing Brett to some appointments and meeting our residential customers.  Adam has 10+ years in the tech world and will be a great addition to TRI.

Thank you,

James, Chris, Michael, Clint, Brett, Adam & Suzi

Technical Reinforcements

612-720-0233
info@reinforceme.com
www.reinforceme.com

TRI October 2018 Newsletter

TRI Newsletter – October 2018

Browser Spyware Infections “scareware”

Please continue to be diligent and aware when going online to surf the web or check your email.   I still get calls 2-4 time a day about attacks of “Scareware”. The first thing you should do is Shut Down your computer. Many of them tell you not to, but that is because the scareware is loaded into your RAM (temporary storage). Once the computer shuts down that is cleared. The first thing I will ask when called is did you shut down your computer.

(Example of browser “scareware”)
https://www.malwarerescue.com/wp-content/uploads/2014/03/systemversion.com-pop-up.png

If you get a page that tells you that you are infected with XXX many viruses and to call their tech support number right away, DON’T.  What’s happening is your browser has being hijacked by the people claiming to have identified your infection. If you were to call, they will appear to be as legitimate as they can as they request your payment information.  Because this is attempting to ‘get a reaction’ from you, both PC and MAC computers are at risk. HP, Dell, Microsoft and all other legitimate technicians will only call you when you have initiated a call to their support. Additionally, and unfortunately, due to these scareware tactics, if you attempt to Google or execute a web search for one of these legitimate company resources, it is even possible that the page you find is a fake landing page published by these malicious persons.  (Look in your computer, software or printer documentation for a customer support number.)

What can you do now?  If shutting down didn’t solve the problem, we can usually walk you through resetting your browser over the phone. If you clicked on/called the number, Shut Down your computer and call us. Most spyware can be cleaned off your computer in about an hour ($125).

 

50 million Facebook accounts breached by access-token-harvesting attack
Bugs in two features enabled mass harvest of single sign-on tokens.
Sean Gallagher – 9/28/2018, 1:35 PM

Excerpt

Facebook reset logins for millions of customers last night as it dealt with a data breach that may have exposed nearly 50 million accounts. The breach was caused by an exploit of three bugs in Facebook’s code that were introduced with the addition of a new video uploader in July of 2017. Facebook patched the vulnerabilities on Thursday, and it revoked access tokens for a total of 90 million users

In a call with press today, Facebook CEO Mark Zuckerberg said that the attack targeted the “view as” feature, “code that allowed people to see what other people were seeing when they viewed their profile,” Zuckerberg said. The attackers were able to use this feature, combined with the video uploader feature, to harvest access tokens. A surge in usage of the feature was detected on September 16, triggering the investigation that eventually discovered the breach.

 

NewEgg cracked in breach, hosted card-stealing code within its own checkout
Like British Airways breach, attack blended with site code, sent data to lookalike domain.
Sean Gallagher – 9/19/2018, 2:30 PM

Excerpt

The popular computer and electronics Web retailer NewEgg has apparently been hit by the same payment-data-stealing attackers who targeted TicketMaster UK and British Airways. The attackers, referred to by researchers as Magecart, managed to inject 15 lines of JavaScript into NewEgg’s webstore checkout that forwarded credit card and other data to a server with a domain name that made it look like part of NewEgg’s Web infrastructure. It appears that all Web transactions over the past month were affected by the breach.

 

If you feel that your account has been breached what should you do?

  • Close accounts affected and/or create new accounts with the company.
  • Verify all charges on credit cards were done by you.
  • At the least, change passwords to a secure and different password.

 

Thank you,
James, Chris, Michael, Clint, Brett & Suzi
Technical Reinforcements
612-720-0233
info@reinforceme.com
www.reinforceme.com

Sextortion Emails With A Twist

There’s a new email scam in town, and it’s taking people for quite a bit of money. The scam asserts that it has captured video of the recipient watching porn using their computer’s web cam, and threatens to send that video, along with the video the recipient was supposedly watching, to everyone in the recipients contact list. The twist? They give the recipient a password that the recipient has used in the past. It might be the distant past, or recent past, or even a password that’s currently in use.

This new twist lends a scary amount of credibility to the scam. To that end, as Vice reports, the culprits have made off with over half a million dollars so far in this scam. We’ve already had a number of clients call in about this scam, and our advice is to not pay the extortion money. You can find the full text of one of these emails on Kerbs On Security’s site, but I will post a snippet below.

 

You don’t know me and you’re thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

 

The fact that they have a valid password is really the scariest part for most people. I would recommend that if the password they present to you is one that you currently use, change that password. If you are still concerned about an email you’ve received, or someone you know needs to be talked out of paying the extortion fee, please give us a call. Our clients’ information is always confidential, but we can discuss the similarities between the different instances of this that we have seen.

Uptick In Phony Tech Support Scams

Microsoft is stating that there is an increase in the number of phony tech support calls, The Register reports. Microsoft puts the number of tech support scam calls at about 153,000, and roughly 15 percent of those calls resulting in the victim losing money.

It’s important for everyone to remember that Microsoft will not call you to fix a problem with your computer. The two big reasons are that basically 90% of the computer-using world are their customers.  That’s a lot of customers, and would require an impossibly large support team. The other reason is verification. Microsoft cannot verify who you are, and you cannot verify that it is actually Microsoft that’s actually calling you.

If you get a call from someone claiming to be Microsoft, do not give them any of your personal information, and do not let them remotely connect to your computer. If you have any concerns about such a call, feel free to reach out to us and we will assist in any way that we can.

Malware Disguising Itself As An Update

An ArsTechnica article posted today is talking about a rash of websites that have been compromised, and are now delivering phony web browser updates to site visitors.

What’s important for our clients to understand is that all major web browsers have a control method for updates. Internet Explorer and Edge are updated through Windows Update. Chrome and Firefox both phone home and download updates from their trusted sources. There is never a legitimate reason for a website to distribute an update to your web browser.

As always, keep your anti-virus software up-to-date, and if you run into any problems, Reinforcements are just a phone call away.

Secure Website Warnings

Symantec had a bit of a bumpy 2017, starting out with the mis-issuance of roughly 30,000 secure website certificates. For a very in-depth read on that, check out Ars Technica’s post here.

With the mis-issuance issue in mind, The Register kindly reminds us that in mid-April of this year, Google Chrome is going to stop considering certain certificates issued by Symantec as being valid. This means that if you visit a site with one of these certificates, you will get a security warning before you see the actual web site you were intending to visit.

We just want you to be aware that these security warnings could be coming. It’s possible that site owners will have upgraded all of their certificates before the deadline. But if they don’t, then for those of you using the Google Chrome browser, you may expect to start seeing these warnings sometime in April. For those of you using Mozilla Firefox, the warnings should be popping up a month later in May. Unfortunately I couldn’t find time lines for Microsoft Internet Explorer or Edge.

The main take away is that if you see these alerts, give it some time. Don’t put any personal information into a site that has thrown one of these warnings. Given the wide spread popularity of Google and Firefox, web site administrators will be keenly aware when the switch has been flipped, if they weren’t aware already.

Vulnerable Cisco Firewalls

Ars Technica reports on a vulnerability to some Cisco firewalls. You can read their article here:

https://arstechnica.com/information-technology/2018/01/cisco-drops-a-mega-vulnerability-alert-for-vpn-devices/

What does this mean to TRI customers?

Well, it looks like the vulnerability exists in Cisco’s ASA software that is used in many of their firewalls (note: some of the firewalls running the software don’t necessarily say ASA on them). If you’re using one of the affected firewalls, and you’re using WebVPN, you should patch immediately. That brings us to the next hurdle. Patches for Cisco devices either come from behind their paywall, or by contacting their Technical Assistance Center (TAC). Some people are reporting slow response times from TAC, and if you don’t have current support with Cisco, the download behind their paywall is out of reach.

Need Help?

If you’d like assistance assessing your firewall, working with TAC, or even replacing your firewall if it’s simply too old, we are here to help.