Virus Infections from Fake Support Sites

Virus Infections After a Support Call?

tech support virusOver the past few months, our Computer Repair shop in Tucson has had had dozens of customers come to us with virus infections after having called an alleged technical support site for companies like HP, Microsoft, Dell and even Intuit (Quicken and Quick Books).

The support person got the customer to allow them to make a remote connection so they could diagnose their computer. Invariably, they would scare the customer and tell them their computer was in bad shape with spyware and virus infections, Windows problems and hard drive issues. They would tell them that these were the real source of their problems and that they could fix them. Then they gave them a ridiculous price, often $200 – $300 to repair their computers. Gee, we do it for only $130. [Read more…]

5 Tips to Avoid Android Malware: Be Aware When Downloading Apps

android marketEveryone loves free apps, especially Android users (phones and tablets). While most of these apps are legitimate, the number of free Android apps that are actually malware keeps increasing. Android users are more at risk than iPhone and iPad users because the the Android market is much more open than Apple’s.  This means more choices, but also more risk.

[Read more…]

6 Common Myths About Web Safety – Part 1

internet safety securityComputer Viruses, Malware, Trojans, Spyware, Adware, Rootkits, Bootkits…. a wild menagerie of threats to be sure.  I’ll use the generic term “Malware” to refer to all these types from now on.  You may not have even heard of some of these forms of infections.  What the heck can you do?  How worried do you need to be?  The truth is, we’re all subject to these risks, but the better informed you are, the safer you’ll be.

This will be a series of posts where I’ll try to give you a simple rundown of the most common myths that get people into trouble.  How many parts will there be in this series?  That depends on how much time I have to write, or how sleepy I am if I’m writing at night.  I’m guessing two or three.

 

Myth #1: I Must be Safe Because I’ve Never Had a Virus Infection

Guess again my friend.  How would you know, when most malware and Trojans are designed to be stealthy and work behind the scenes without your knowledge?  That’s the whole point!  Yes, some types of malware do get your attention, especially the ones trying to sell you fake software, but this is only one type of infection.

Others may be lurking behind the scenes trying to steal your passwords, credit  card numbers, etc.  Eventually, if there are enough of them on your computer, you’ll notice performance slowdowns, lockups, error messages or even crashes.  This may be the only warning you’ll get that something is wrong, but by then it may be too late.

You won’t believe how many computers come in to our shop for other types of repairs, where we find viruses and malware galore.  As part of our troubleshooting, we always run a quick scan and sure enough, most of them have some type of infection.  They’re not always serious, but it goes to show how common this problem is.

Myth #2: Only Porn, Gambling and Other “Questionable” Sites are Dangerous

Of course, these are by far the riskiest sites out there, so you should avoid or at least minimize your visits to such sites (nudge-nudge).  Did you know that an estimated 83% of trusted, legitimate sites are hacked and infected with malware?  Now that’s scary!  The bigger sites monitor their sites, but hey can’t always keep up.  Most of the time they’re clean, but you can’t know if they’re clean when you visit them.

Why do they target these sites?  Because that’s where the money is!  They are popular, high-traffic sites, so they’re the best way to distribute the infections.  Most of the time they just hack the site.  If they can’t get in that way, they use other tricks.  One for example, is to pose as an advertiser wanting to post an ad on a legitimate site.  Once they’ve submitted and paid for their ad, they’ve built up trust with the site.  Then later, they post an update to their ad, embedding malicious code in it and voila… they’ve infected the site.

Stay tuned for Part 2.

Top 10 Simple Online Privacy Tricks Anyone Can Do: Tips 1-2

Tips 1 & 2: Passwords and Security Questions

These first two tips go hand-in-hand, so make sure you use them both.  Read on……

 

1. Create Secure, Easy-to-Remember Passwords

Secure passwords are the best, but not if you can’t remember them.  Most of you already know this, but are you implementing it?  There are a lot of tricks to creating easy, memorable passwords without making them easy to guess.  You can research this on Google, but I’ll give you a few ideas.

1)  Don’t use the same password for every website, especially banking sites.

2)  Alternate UPPER and lower-case letters, as passwords are case-sensitive.

3)  Use special characters, such as #,%,@, or !. Either add them or replace a letter with one of these characters.

4) Use a common base password (like a pet’s name), then add pattern of numbers that means something to you (like your kids’ birthdays).  Or perhaps add the initials of the website it’s for.

Example:  If your cat’s name is Muffy, your kid was born in 1964 and the password is for Yahoo Mail, you can use MuFFy1964YM.  For a Wells Fargo password, say your birthday is May 5, 1945.  You can use MuFFy1945WF.  Get the picture?

5)  Shift your fingers up one row and to the right (or the left, since they don’t quite line up) on the keyboard from the actual letter you want.  For instance, instead of “muffy“, type k8tt7.  Use whatever rule you want, but stick with one rule, so you don’t get confused.

 

2. Security Questions.  Keep them as Private as Your Passwords

Strong passwords are important, but they’re useless if your security question is something anyone can answer.  Most websites have ways to recover or reset your password if you forget it by using security questions, also known as “challenge questions”.  When you answer these correctly, the site lets you change your password, or will email it to you.  What would happen if a hacker, coworker, your kid, or an angry “ex” knew the answer to this question?  I shudder to think!

Instead of going the traditional security question route, you could use a formula to create a memorable, yet indecipherable security question.  For instance, you could use word association to make the question easy for you, but hard for others, for example:

  • “What’s your mother’s maiden name?” could be answered with your favorite Iron Maiden album instead.
  • Put in your mother’s birthplace when the question asks for your birthplace.  Get the picture?

Here’s another trick, but it’s not available on all websites.  Some sites let you create your own privacy questions.  If they do, definitely go for this option, as it opens up a whole world of options.

2. Create Secure, Easy-to-Remember Passwords

Last updated by at .