Hacker Defense

 People are scammed and hacked every day.   That is a troubling fact, but worse yet is the tactics that they use are constantly changing, from simple phishing attacks to complex stolen-info scams, there are more and more ways to get ripped off.

 I ran across a  post on reddit that had some good advice, and I will share that here.

 

1. **Disconnect Devices**: Turn off Wi-Fi on all devices to stop the hacker’s access.

2. **Enable 2FA**: Use two-factor authentication (2FA) on all accounts.

3. **Contact Email Provider**: Report the hack and regain control of the email account.

4. **Check for Recovery Options**: Use the “Forgot Password” link to reset passwords securely.

5. **Scan Devices**: Run antivirus software to remove malware.

6. **Notify Banks/Creditors**: Protect financial accounts.

7. **Don’t Pay the Hacker**: Ignore ransom demands.

 

I also learned about this site with a specific help site for seniors, also worth a look.

 

https://www.cisa.gov/resources-tools/resources/cisa-cybersecurity-awareness-program-older-american-resources.

 

I would add to that to also set up recovery accounts for MS, email, etc., whenever possible since it will aid in recovering a compromised account much faster.  Make sure that you also update the phone numbers/recovery email addresses  anytime that the information changes.

 

 

 

We need to change our thinking when strangers contact us!

I have a customer/friend.  I will call her Jean.  She contacted me to help her with her PayPal account recently.   When I got there, she described the following scenario.

She has a friend in Norway that is trying to pay her back for a loan (via PayPal).  She tried to receive a payment from the friend, but it was blocked.  She was supposed to unblock her account via instructions provided by her "friend"

 PayPal limits transactions on personal accounts, and if you try to pay or receive an amount greater then their limit you have to upgrade your account first.

 This was for Thousands of dollars, so I naturally assumed that this was a friend/relative, or someone she had known for years.  She said no, this was someone that she met online.  They chatted for some time, and they were both believers. It wasn't until he mentioned (in an indirect way) that he was in a financial hardship that they ever discussed money or financial matters.

Jean is a single 50-60 year old woman, and I don't know anything of her personal life but it seemed very plain to me that this person was taking her for a ride.  I had to tell Jean that I think she was scammed, and I think that the "instructions" may have had her unlock her account so that her "friend" could steal more from her.  While there are controls to help prevent this type of theft, they clearly didn't work in this case.  The scammers are constantly evolving their tactics to work around new policies to protect their users.

 People are taken advantage of every day using some very slick tricks and some very organized behaviors to outright rob, steal identities, empty bank accounts, open lines of credit, and any other conceivable theft against people who are either confused by slick, fast-talking sharks, or just confused in general.

Our default stance when we deal with strangers should be suspicion and defense.  Not giving out information on ourselves that might allow them to access our accounts.  Legitimate businesses won't be put out when we exercise caution.  They understand the world we live in.

It's also a great idea to have someone you can call on when you want a second opinion about things that "just don't feel right"  Feel free to call on me if you want a 2nd opinion.

What does international shipping look like in the world of COVID?

 For the last few years, I have utilized vendors from overseas (China mainly) because most times parts are available for considerably less than domestic sources.  Sure, shipping times are quite a bit longer (in my experience 2-3 weeks is normal) but if you're not in a rush, or you're buying stuff you know will use in the future but not in a huge hurry to get them, it can be a significant cost savings.

 It's becoming more common to receive shipping from overseas; sites like Wish.com, Newegg.com, and Amazon all have some available resources that ship directly from China. It's worth the extra few minutes to verify where your purchases are coming from.  Many times the vendor is a third party (meaning they have a selling agreement with the host, and are not formally part of the core company).  In this case you might have to deal directly with the vendor in case of trouble.

In the wake of COVID-19, I'm beginning to wonder if my strategy is still a solid one.  I'll give you an example.  I bought a small lot of parts on Feb. 14 and began the waiting process...this was when COVID was still not fully engaged here in the Midwest.  After everything that happened in March/April I was hesitant to engage the vendor on my order status, but by May I had waited like 10 weeks for my item. I contacted the seller, and to my surprise they were unaware that I was still waiting to receive my items.   They offered to re-ship, and reassured me that their logistics issues were resolved and should be back to normal.

Here I am today and as of Aug 14, I have still not received the package (or the replacement package for that matter) and it's been 6 months to the day!  When I contacted the customer service (eBay in this case), they pretty much told me that their coverage through their guarantee is only valid for 30 days after the sale, so I'm pretty much out of luck unless the seller decides to step up.  The rep also suggested that I should contact my bank and file a claim with them.

What the rep obviously didn't know is that credit card/debit card protections only apply for 90 and 30 days, respectively.  If you file a claim after that period is up it will be declined automatically.  Always be safe when buying from any vendor, but for now I have to say I'm going to be avoiding online purchases from overseas until some of these issues have been cleared up.

 

Amazon shoppers beware

I just saw a new phishing scam (this time targeting Amazon customers) a couple days ago,  It involved scammers sending out a massive number of emails, claiming to have locked the user's Amazon account due to suspicious activity. It included a link so that users could remove the "lock" directly.

I got a similar contact, this one (supposedly) from our electric utility and came via phone contact. I'm sure they wanted personal or bank/credit card to settle a supposed unpaid bill.

Here is how that works.  They target thousands, even tens of thousands of users.  Sure not all of them will have an amazon account, but that is why they cast a very large net.
If you were to click the link in the message, it will say it's taking you to the Amazon secure log-in screen, but in reality you get dropped off at a website (that belongs to the scammers) that resembles Amazon.  If you try and log in with a user name and password, they will capture your user name/password, and your identity may be stolen; fraudulent purchases or other criminal activity are sure to follow.

What should you do to deal with Phishing attempts?
1) When you see a message, receive a phone call, etc., delete that message (or hang up the phone) and using your browser (NOT a link) log into your account and check the status of your account that way.
If there was an issue you would be the site would advise you when you log in. If you have the customer service number for the site you can also call in to them. 

2) Don't follow links in email messages, especially when they ask for personal information.

3) While you can report this to the site, there are literally dozens of new attacks every day and new schemes to go along with them.  Protect yourself, don't be gullible, and keep your identity and your money safe!

4) Avoid sharing links to web sites as much as possible.  Links are great but they don't always take you where you think you're going.

A cautionary tale with a happy ending...

Recently I had what could only be described as a catastrophic failure where Windows is concerned.  I was going about my normal routine, and I noticed that there was an update available for my backup software.  I was trying to install it when I was getting a strange error from the software that it was unable to complete the task.

Since I always start with the easy stuff first, I decided to reboot the computer....

Normally you would expect to see this message when you remove a hard drive, or if a power cable has come unplugged.  Since I had done none of these things,  I figured I definitely had more than a minor issue.

What I checked:

• Software changes: none were made, no windows updates recently, etc.
• Hardware: date/power cables are connected, both to the hard drives, and on the mainboard (or to the power supply, in the case of power cables. Note: if you have a modular power supply, also check that the power cables are connected at the power supply as well)
• Made sure that my primary & secondary drives appear in the BIOS.  On Dell PC's you hit the F2 button during startup to enter the BIOS.  (My secondary/data drive was there, but my primary/Operating System (OS) drive was not.

So it seemed pretty clear to me that my primary boot/OS drive was having issues.
Luckily for me, I have a backup solution in place, and I am reasonably faithful in keeping it.  <More about that later>

Clone to the rescue

I grabbed my most recent clone of my OS drive, removed the <old> OS drive, and exchanged the two.  I then reconnected everything else, rebooted the system, and Voila!  Windows came right up!  Because it was a clone, windows didn't even know the difference; it came right up to the point that the clone was created.

Now, that took care of most of my issues; my recent backup was only about 10 days old.  Any other important files would be handled under my Dropbox (cloud backup).

My backup procedure

Since I have 2 drives in my system, (one for programs, Windows, etc., and one for data: documents, downloads, photos, etc.).  I needed a way to back up both drives, and I wanted a simple way to schedule and manage my backups.

I have been using software called Backupper from AOMIE for a few years now.  I was using Clonezilla before that (for just making clones), but Backupper is more simple layout, easier to use, and I can run backups, Clone drives, and some other taks right from a single program (since it is run right from Windows).

<<By comparison, Clonezilla is run off a CD or USB and it is run through a DOS-type interface (not Windows).  As its name suggests, it only does clones, no backups.>>

I have a Dropbox set up for small important files (like word, excel, and pdf files.)  I've been using my free account for years, and never felt the need to upgrade.  I don't keep larger files, pictures, etc. in my dropbox, so I rarely get close to running out of storage.

I do a monthly backup of my data drive, and at least bi-monthly clone of the OS drive.  I keep a 2nd clone drive around (so I actually have 2 hard drive backups in case one were to fail.

I replace my main OS drive on a 3 year rotation.  At that time frame, the drive is out of warranty, and (at least if it contains valuable information) then it's time for a replacement.

My data drive gets replaced on a 5 year rotation, unless I start to notice performance issues with the device.  Then it gets replaced immediately.  I am a big fan of the WD black line of hard drives; their 5 year warranty, combined with years a reliable service, make it easy for me to recommend them.

It's not really a backup unless you know it works

I have an identical system to my desktop that I can drop my clone into for testing purposes.  It's also really handy to have a spare machine in case you experience a hardware (mainboard, CPU, etc.) failure.

How it turned out 

In the end, the OS drive was still under warranty.  I sent a quick email off to Kingston (my OS drive was a Kingston V300 SSD drive), and they validated the warranty and replaced the drive with a new one.

Everything else has been working fine, and I have not really had any further issues.

Backup Basics...

One of the most troubling types of computer problems involves the loss of data

 Personal files, photos, important documents, music, videos, and the like are all things that can be disturbing to lose.  And yet many people have no plans to protect these important, irreplaceable files from loss.  But there are plenty of things that can go wrong that affect these files.
 

Hard drive failures: Mechanical hard drives are an amazingly complex piece of machinery, capable of storing large amounts of data in a small physical space, and at a relatively low cost.  Not surprisingly, the mechanics inside a mechanical hard drive can fail, plus they are sensitive to shock (being dropped, bumped, etc.), so they are not invulnerable.
 

Flash memory failure: SD cards, USB drives and internal memory for tablets and phones use a non-volatile memory (meaning that the memory does not require electrical energy to store data).  This type of memory is pretty reliable, (not shock-sensitive) but still failures can happen, and they can fail without warning.
 

Virus or Ransomware: This type of threat can corrupt files, or encrypt them to prevent access to the files at all.  Payment can be demanded to release the files, with an implied threat to delete the files if payment is not made.

What do all of these have in common?  If you have a backup which contains your backup files, then you will be able to recover your system and your files.

Windows 7 and above include a backup utility for creating and maintaining backup copies of your files and can also backup your operating system (OS) in case of a virus or hardware failure.  You can access it by typing backup in your search bar.  Using it, you can select which files you want to back up (often called the source data) , where you want to store them (the target) and when you want to perform the backup (and if it is to repeat).  If you run it immediately, it will take minutes or hours depending on how many files, the relative speed of the computer, and the type of backup storage.
There are also many programs that will perform backups for you; naturally, they feature some additional options not found in the Windows backup utility.  I am currently using one called AOMEI Backupper, which has can do partition resizing, disk cloning and disk imaging as well.
I have been using disk cloning software* for several years.  It has proven as easy way to prevent redundant activities when prepping and repairing computer systems.  I really appreciate the ease with which this type of software can give a layer of protection to a user.  In fact, I recently did a full backup of my primary system last week, a process that took (in its entirety) about 4 hours.  This was a backup of over 300GB of data files, pictures, music etc., and I fully verified that the backup will boot into windows. Disk imaging software** takes a slightly different approach, where the target of the imaging is a larger storage device that can hold many images.  Usually a server (a network computer with vast amounts of storage) will be utilized in this environment, and usually in an enterprise operation.
* Disk cloning software-a utility program which makes an exact copy of the drive, essentially duplicating the source drive sector by sector.
**Disk imaging software- a utility program that can store an image, or a full copy of a disk or partition, for later use during a recovery operation.

My take on ransomware...Causes, prevention, & dealing with these threats.

There has been a pretty steep uptick in ransom-ware activity the last few months, and the seriousness of this particular type of threat has grown to near epidemic proportions.

 Any software which can take administrative control of a computing device, prevents removal/detection/deletion, and hold control of it until a monetary amount is paid (the ransom), is considered ransomware.
Probably most disturbing is the amount of money that ransom-ware is generating to the criminal element.  The FBI estimates over $200 million has been spent already in 2016 to release personal, business, and even file servers that have been compromised.
The other frightening aspect of all this is that the "ransom" rates are also on the rise.  Where ransoms from a few years ago might have been merely a couple hundred dollars, I have now heard of ransoms going into the thousands of dollars.  Yikes!

So what can someone do (to prevent and/or recover) from a ransomware attack? 

The fast answer (the best one in my opinion) is prevention.  If you have been around computers for awhile, you have probably heard,

• "Don't try to get stuff (that costs money) for free", 
• "Don't open email with attachments from people you don't know",
• "Don't download unknown programs", 
• "Don't click on links in web pages, or email unless you know where the link is taking you".

These are good suggestions, but there are some other things that can also be done:

1. Back up files, especially personal files, pictures, and any financial/business software.  A full backup should also be run, and the backup media should ideally NOT be regularly connected to the computer (any connected device could be compromised in the event of a ransomware attack)  Removable storage like DVD's, external hard drives, and USB drives, are good examples.

2. Keep your antivirus current.  And have a second line of defense.  Malwarebytes has a free scanner, but the paid version has an active component that monitors and will block malicious content.  While nothing can truly block against every threat, a good solution will have consistent updates to its detection engine, and make those updates available in a timely manner.

3. Know how Microsoft operates.  They will never call you to offer assistance.  If you get a call like this you can rest assured that it is some type of scam attempt.

 Q: "OK, these are good suggestions, but I already have a popup telling me that I need to pay.  What do I do?"

A: some of these threats can be removed.  So the first thing to do is NOT panic.  Next, terminating the process in hand is important.  Shutting down the PC is a good first step.  If you are locked out when it restarts, you could try to start the PC in safe mode.  (When the PC is first booting, you can bring up your startup options by tapping the F8 key.  Select safe mode, and see if your computer can start.

If it can start in safe mode, download and run Malwarebytes.  It may be able to root out and remove the problem.  If it comes back clean, your system may not have been infected by the threat (this is where quickly shutting the PC down can help).  If it does find any threats it may ask to restart your system after it removed them.  I would recommend a follow up scan after that to ensure nothing is left behind.
Also run a scan with whatever your other virus/malware scanner is.  If you don't have one, Windows defender (Win 8,10) or Microsoft Security Essentials. (Win 7) are good basic protection.