Phishing Alert – Counterfeit Quarantine Report

Please be aware of a phishing email that may land in your inbox.  Delete this message and do not click on any links within the message.  The message is made to look like a spam quarantine report, but the links lead to a malicious website.

Always verify the return address of an unfamiliar sender or any suspicious messages.  In the image below, you can see that the return address name was forged. You can also see that there are some errors in the message body.

 

This image depicts a phishing attempt via email

Set up two-factor authentication for your cPanel account

Hosting customers may use two-factor authentication (2fa) to better secure their cPanel accounts.  2fa adds an extra level of security. It requires a smart phone app called Google Authenticator, which is available for Android and iPhone.

You should be familiar with the steps required to install an app on your phone before you begin.  Unfortunately, we cannot provide support for your smart phone as a part of our hosting support.  If you need help with this, please make an appointment for a 30 minute support session at our office.

First, login to your cPanel account and then use the search to find 2fa.  You will see Two-Factor Authentication, as pictured below.  Click on that.

Two Factor Authentication

Next, click the blue button that says, “Set Up Two-Factor Authentication.”

Scan the QR code with your smart phone.

Enter the code in the space provided.  Click the button that says, “Configure Two-Factor Authentication.”  You must already have the Google Authenticator app on your phone in order for this to step to complete.

Accept the server name displayed on your smart phone.

From now on, you will need the smart phone app to successfully login to your cPanel account.

You can reconfigure or remove 2fa by logging in to cPanel and clicking on “Two-Factor Authentication” again.

Strong Passwords Protect You and Others

Using Strong Passwords

In our ongoing effort to protect our clients and ourselves from malicious actors, we require the use of strong passwords with all accounts.

How can I make sure my password is strong enough? There are a number of strong password generators on the web. One of my favorite ones is provided by Norton IdentitySafe, and can be found here:https://identitysafe.norton.com/password-generator.

If you’re curious about how long it would take to crack your current password, try entering it here:http://random-ize.com/how-long-to-hack-pass/.

It’s not uncommon for clients to proclaim, “I don’t care if someone gets into my email. I don’t have anything that matters in there.” We explain that it’s how a compromise affects others they should be concerned about. Once your email account is compromised, a spammer can use it to send out unsolicited junk. A hacker from another country can use it to send out phishing messages or malware. Many times, the perpetrator uses your contact list, so your own friends and relatives may be affected! Our mail servers may end up being blocked by other services, which means none of our customers would be able to send email anymore.

Please do your best to protect yourself and others by choosing a strong password. Change it regularly. Don’t use the same password on multiple online accounts.

If you have any questions about how to change your password, please send us a message.https://connectnc.com/clients/submitticket.php?step=2&deptid=5.  Thanks for your understanding about our requirement for strong user passwords on our network services.

Please read our password policy here:  https://www.connectnc.com/password-policy/

Secure your communication

Contact us today for an encrypted email demo!  This email encryption and spam filtering service works in conjunction with your company emails, and can work with your current email hosting provider, or we can host your email instead.

Great for:

Dentists, Physicians, Real Estate Agents, Attorneys, Financial Advisors, and any business who needs to email important client information securely!

emailencryption

fake flash update warning

Fake Flash Update Warning

Fake Flash Update Warning

There’s a certain web site I’ve visited a few times that produces a fake flash update warning.  Beware of these warnings.  Adobe will never display a warning such as this when you’re surfing the web.

Here’s a screen capture.

fake flash update warning

First of all, I want to warn everyone never to click on anything like this without examining it first.  There are three glaring examples of fakery to be found at a cursory examination.

#1  The URL has nothing to do with adobe.com.

#2  The message says that you are required to update your flash player.  You are required to update nothing of the sort.  As the saying goes, you are only required to die and pay taxes! Adobe (and other legitimate companies) will not generally display scary messages like this.

#3  This is the most important part…   inside the red box, the advertiser says they are not affiliated with Adobe, the makers of Flash..

If you do accidentally click on the OK button, you will be asked to download or install something with a generic name, like “installer.exe.”  Don’t do it!  In my experience today, I clicked on nothing at all, and still got the download dialog box.

Well, now that you’ve determined you have detected a scam, what do you do?  My advice is to close the browser.  If you’re an inexperienced user, and you always seem to be getting malware, the best course of action is to go ahead and shutdown your computer without trying to click on anything at all.  Press the Windows button on your keyboard to get to the start menu and click Shut down.

Be careful!

Note: I use both Windows PCs and Apple computers.  I have only seen this happen on a Windows PC to date.

FBI issues another warning about tech support phone scams

I’m pasting this in verbatim, because The FBI has very effectively communicated the extent of the problem. Be very careful about giving remote access to your computers to people you don’t know and trust!

3 November 2014

Alert Number
I-111314-PSA

NEW TWIST TO THE TELEPHONE TECH SUPPORT SCAM
The IC3 has produced Scam Alerts in the past advising the public of an ongoing telephone scam in which callers purport to be an employee of a major software company. The callers have strong foreign accents. The callers report the user’s computer is sending error messages and numerous viruses have been detected. The caller convinces the user to give them permission to run a program allowing the caller to gain remote access. The caller advises the virus can be removed for a fee.

Intimidation tactics used in this scam have influenced victims to pay fees associated with the removal of alleged viruses. It has been reported to the IC3 an individual who paid the required fees, later received a call advising the victim the funds paid for the services went to India and were used to purchase weapons for ISIS. The call came with an additional request for money to remove the victim’s name from a black list.

In a new twist to the tech support scam, cyber criminals attempt to defraud using another avenue. The scam is executed while a user is browsing the Internet. In this scenario, a website being viewed provided a link to articles related to popular topics. The user clicked the link and was redirected to a website which produced a window that advised the user’s computer had been hacked. Another window was displayed that contained a telephone number to obtain assistance. The user reported all attempts to close the windows were ineffective. Upon calling the number for assistance the user was connected with an individual who spoke with a heavy foreign accent claiming to be an Apple representative. During the process the user’s web browser was hijacked. Restarting the computer in an attempt to regain access to the Web produced another message with a different telephone number to obtain assistance.

The execution of this fraud is similar to what was reported in a Public Service Announcement (PSA) dated 07/18/2013. The PSA reports on a version of ransomware that targets OS X Mac users. This version is not a malware; it appears as a webpage that uses JavaScript to load numerous iframes (browser windows) and requires victims to close each iframe. The cyber criminals anticipate victims will pay the requested ransom before realizing all iframes need to be closed. The full PSA can be found at http://www.ic3.gov/media/2013/130718-2.aspx

If you are a victim of this scam or a similar scheme it is suggested:

To file a complaint at www.IC3.GOV
Resist the pressure to act quickly
Be cautious of clicking on unknown links

The POODLE exploit

If you’re on the web much, have any online banking accounts or watch TV news, you’ve probably heard about POODLE in the last few weeks.

Rather than reinvent the wheel, I’m going to post some links here for those of you who are interested to peruse.

What you need to know about the SSLv3 “POODLE” flaw (CVE-2014-3566)

If you use the Internet at all, you’ll want to disable SSLv3 on the apps you use, too.  Here’s how you can disable SSLv3.

And, once again, I want to encourage EVERYONE to backup!  Please call us if you need help setting up a backup system.  Or, please just click on this link to buy Carbonite now.

Stay safe out there!

Avoid installing junk you don’t need

For quite some time, the applications we trust and use every day have been tricking us into installing extra stuff we don’t need during the update process.

One example is Adobe Flash (pictured below). Sometimes, their “gift” to you is the Chrome browser. Other times, it’s the Ask toolbar. In this case, it’s McAfee Security Scanner. Almost always, you don’t need or want it.

You can avoid it by paying attention to the update screen and un-checking the box next to whatever it’s trying to install for you.

Avoid Installing Junk You Dont Need

Show your school spirit – but NOT in your password!

It’s great to be a loyal fan or follower of your school’s team, but the one thing you don’t want to do is use your team name as your password!  If you’re a UNC student or grad, and you’re using “tarheels” (or any variant thereof) as your password, change it now.  It’s insecure on many, many levels.  First, it’s a word in the dictionary.  Second, it’s too weak.  Be creative when choosing a password, and make sure it’s secure.  Your online accounts will be at risk of being compromised until you change your password!

What could you use instead?  If you really must use the word “tarheels” in your password, change it to a passphrase that will be easy enough for you to remember, but difficult to guess or crack.

For example, “I_love_my_Tarheels!” is probably something you can remember, and it’s way more secure than just “tarheels.”

Use a tool like this password strength checker to find out how secure your password is.  If the result is anything other than VERY STRONG, please change it!

Password Strength

http://www.passwordmeter.com/

PayPal’s automatically billed payments

PayPal SubscriptionsHere’s something to look out for! Have you ever paid for something with PayPal and expected that to be the last of it, but you ended up on a recurring billing plan? Here’s how you can check to see what’s been preapproved or has been scheduled.

  • Login to PayPal
  • Go to My Account
  • Click on Profile
  • Click More Options
  • Click My Money
  • Go to Preapproved Payments

Use this page to manage your payments for:

  • Subscriptions
  • Automatically billed payments
  • Installment plan payments

Click Update to change any item you see there.