FBI issues another warning about tech support phone scams

I’m pasting this in verbatim, because The FBI has very effectively communicated the extent of the problem. Be very careful about giving remote access to your computers to people you don’t know and trust!

3 November 2014

Alert Number
I-111314-PSA

NEW TWIST TO THE TELEPHONE TECH SUPPORT SCAM
The IC3 has produced Scam Alerts in the past advising the public of an ongoing telephone scam in which callers purport to be an employee of a major software company. The callers have strong foreign accents. The callers report the user’s computer is sending error messages and numerous viruses have been detected. The caller convinces the user to give them permission to run a program allowing the caller to gain remote access. The caller advises the virus can be removed for a fee.

Intimidation tactics used in this scam have influenced victims to pay fees associated with the removal of alleged viruses. It has been reported to the IC3 an individual who paid the required fees, later received a call advising the victim the funds paid for the services went to India and were used to purchase weapons for ISIS. The call came with an additional request for money to remove the victim’s name from a black list.

In a new twist to the tech support scam, cyber criminals attempt to defraud using another avenue. The scam is executed while a user is browsing the Internet. In this scenario, a website being viewed provided a link to articles related to popular topics. The user clicked the link and was redirected to a website which produced a window that advised the user’s computer had been hacked. Another window was displayed that contained a telephone number to obtain assistance. The user reported all attempts to close the windows were ineffective. Upon calling the number for assistance the user was connected with an individual who spoke with a heavy foreign accent claiming to be an Apple representative. During the process the user’s web browser was hijacked. Restarting the computer in an attempt to regain access to the Web produced another message with a different telephone number to obtain assistance.

The execution of this fraud is similar to what was reported in a Public Service Announcement (PSA) dated 07/18/2013. The PSA reports on a version of ransomware that targets OS X Mac users. This version is not a malware; it appears as a webpage that uses JavaScript to load numerous iframes (browser windows) and requires victims to close each iframe. The cyber criminals anticipate victims will pay the requested ransom before realizing all iframes need to be closed. The full PSA can be found at http://www.ic3.gov/media/2013/130718-2.aspx

If you are a victim of this scam or a similar scheme it is suggested:

To file a complaint at www.IC3.GOV
Resist the pressure to act quickly
Be cautious of clicking on unknown links

The POODLE exploit

If you’re on the web much, have any online banking accounts or watch TV news, you’ve probably heard about POODLE in the last few weeks.

Rather than reinvent the wheel, I’m going to post some links here for those of you who are interested to peruse.

What you need to know about the SSLv3 “POODLE” flaw (CVE-2014-3566)

If you use the Internet at all, you’ll want to disable SSLv3 on the apps you use, too.  Here’s how you can disable SSLv3.

And, once again, I want to encourage EVERYONE to backup!  Please call us if you need help setting up a backup system.  Or, please just click on this link to buy Carbonite now.

Stay safe out there!

Wired technology writer suffers a major hack

Matt Honan recently found his digital life in a shambles. Bad guys were able to access his online accounts AND his personal computer.  They wiped every shred of data from his MacBook.

If Matt Honan, a technical writer for Wired Magazine,  can get hacked in such a fashion, so can any of us.  We now rely on our computers and the Internet for almost everything!  We store photos on our computers and in the cloud. We bank online. Who doesn’t order stuff online? Almost nobody!

The question is, what can you do to protect your accounts and your data?

Are you backing up your data?  If you are, are you backing up the right data?  

ConnectNC takes data protection seriously.  If you need our help getting the right stuff backed up, please give us call or open a ticket.  We have several backup options available, and can develop a plan for you or your business.

Read Matt’s story here:
http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/

Unexpected email with an unexpected link? Don’t click on it!

FedEx Bad Email

Trojan.LameShield

No matter what Internet Security software you’ve installed (you DO have something installed, right?), don’t ever click on a link you receive from an unexpected source!  These can include, but are not limited to, notices from FedEx about a shipment to you, or that you sent, Verizon (or other company) phone bill that is extremely high, notice from a bank (with which you probably don’t even have an account) or any other official-looking notice from a company asking you to click on something.

Read the message carefully.  You’ll almost always see poor grammar, spelling and punctuation. There will often be odd contradictions.  In the email to the left, the sender claims to be FedEx, but asks you to go to your US Post Office for a package.

There may be otherwise empty email messages from friends, too, that contain a link.  Never click on those either!  That’s a hallmark of a hijacked email account.  Let your friend know to change his or her account password asap.

If it’s too late because you’ve already clicked and installed a trojan, give us a call:  910-695-7068.

Please review your tax information Phishing Scam

If you receive a message purporting to be from Intuit Inc with a subject similar to “Please review your tax information,” Do not open the message or click on any links. Do not respond. Simply trash the message.

Here’s the text of the message that’s circulating now.

With a view to guarantee that precise data is being maintained on our systems, and to be able to grant you better quality of service; INTUIT INC. has participated in the Internal Revenue Service [IRS] Name and TIN Matching Program.

We have found out, that your name and/or Social Security Number, that is stated on your account does not correspond to the information on file with the IRS.

In order to verify your account, please use the following link.

Regards,
INTUIT INC.

Corporate Headquarters
2632 Marine Way
Mountain View, CA 94043

Joomla Vulnerability Alert

According to Joomla developers, a weakness and a vulnerability have been reported in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

1. Certain unspecified input is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

This vulnerability is reported in versions prior to 1.7.3.

2. An error in the random number generation when resetting passwords can be exploited to change a user’s password.

This weakness is reported in versions prior to 1.7.3 and 1.5.25.

Solution: Update to version 1.7.3. or 1.5.25.

http://developer.joomla.org/security/news/373-20111101-core-xss-vulnerability
http://developer.joomla.org/security/news/374-20111102-core-password-change
http://developer.joomla.org/security/news/375-20111103-core-password-change

Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace

WASHINGTON, DC – Today, the Obama Administration released the National Strategy for Trusted Identities in Cyberspace (NSTIC), which seeks to better protect consumers from fraud and identity theft, enhance individuals’ privacy, and foster economic growth by enabling industry both to move more services online and to create innovative new services.  The NSTIC aims to make online transactions more trustworthy, thereby giving businesses and consumers more confidence in conducting business online.

“The Internet has transformed how we communicate and do business, opening up markets, and connecting our society as never before.  But it has also led to new challenges, like online fraud and identity theft, that harm consumers and cost billions of dollars each year,” said President Obama.  “By making online transactions more trustworthy and better protecting privacy, we will prevent costly crime, we will give businesses and consumers new confidence, and we will foster growth and untold innovation.  That’s why this initiative is so important for our economy.”

“We must do more to help consumers protect themselves, and we must make it more convenient than remembering dozens of passwords,” said Commerce Secretary Gary Locke, speaking at the U.S. Chamber of Commerce.  “Working together, innovators, industry, consumer advocates, and the government can develop standards so that the marketplace can provide more secure online credentials, while protecting privacy, for consumers who want them.”

The goal of NSTIC is to create an “Identity Ecosystem” in which there will be interoperable, secure, and reliable credentials available to consumers who want them.  Consumers who want to participate will be able to obtain a single credential–such as a unique piece of software on a smart phone, a smart card, or a token that generates a one-time digital password.  Instead of having to remember dozens of passwords, the consumer can use their single credential to log into any website, with more security than passwords alone provide.  Since consumers will be able to choose among a diverse market of different providers of credentials, there will be no single, centralized database of information.  Consumers can use their credential to prove their identity when they’re carrying out sensitive transactions, like banking, and can stay anonymous when they are not.

Once the Identity Ecosystem is developed, a small business, for example, would be able to avoid the cost of building its own login system and could more easily take its business online.  Consumers would be able to connect with the new business with a credential they already have, thereby avoiding the hassle of creating another username and password while also being more secure.  The small business can take advantage of this interoperability to focus on its product or service instead of on managing users’ accounts.  The small business has also expanded its ability to reach new customers across the nation and around the world.

Separately, there are many services for which consumers must go to a physical store–or sign a sheet of paper and fax it to a business.  In the Identity Ecosystem, consumers would have the option of proving their identity online, which would enable industry and government to both move brick-and-mortar services to the online world and to create innovative new services.

More secure credentials will also help consumers and businesses better protect themselves from identity theft and online fraud, which annually cost our economy billions of dollars and impose a significant cost in time and money to those who fall victim.  In the worst cases, it can take a consumer over 130 hours to recover from having their identity stolen.  According to industry surveys, a consumer will also suffer an average out-of-pocket cost of $631 when their identity is stolen–and millions of consumers suffer this experience each year.

The Identity Ecosystem will provide more security for consumers; it will also provide better privacy protections.  Today, a vast amount of information about consumers is collected as they surf the Internet and conduct transactions.  How organizations handle that information can vary greatly, and more often than not, it is difficult for consumers to understand how their privacy will (or will not) be protected.  The NSTIC seeks to drive the development of privacy-enhancing policies as well as innovative privacy-enhancing technologies to ensure that the ecosystem provides strong privacy protections for consumers.

The NSTIC outlines a private-sector led effort, facilitated by government, to develop the technologies, standards and policies necessary to create the Identity Ecosystem and to enable a self-sustaining market of many different credential providers.  The Identity Ecosystem will be built to provide more security and privacy to consumers, while also spurring economic growth by helping businesses move more services online.

For more details on the National Strategy for Trusted Identities in Cyberspace (NSTIC), click here, or read the full Strategy here.

 

Fact Sheet: National Strategy for Trusted Identities in Cyberspace

 

“The internet has transformed how we do business, opening up markets and connecting our economy as never before.  It has revolutionized the ways in which we communicate with one another, whether with a friend down the street or a colleague across the globe.  And as we have seen in recent weeks, it has empowered people all over the world with tools to share information and speak their minds.  In short, the growth of the internet has been one of the greatest forces for innovation and progress in history.”

—President Barack Obama

Be careful about e-mail greeting cards!

I recently received a Hallmark greeting card from a “friend” in my email in box. The message was NOT, however, a greeting card from a friend. It was an attempted attack on my machine. Since I use a Mac, I didn’t have to worry about this particular trojan. The evildoers who propagated this trojan want you to install zapchast on your Windows computer by clicking on their link and use it to do bad deeds. More information can be found here >> http://www.microsoft.com/security/portal/SearchResults.aspx?query=zapchast

What can you do to protect yourself? First of all, install a reputable security application on your PC, from a company such as Symantec or McAfee and KEEP IT UPDATED! We can do this for you as part of our Virtual IT service. I don’t open anything with attachments from people I don’t know, or anything that I haven’t asked for or know about in advance, really. In fact, I don’t open greeting cards and those types of things ever, since I have an aversion to animated stuff with what I consider to be unpleasant music. I still send greeting cards via snail mail. :)

If you have Internet or network security needs, please give our office a call and schedule an appointment. Call (910) 695-7068, ext. 10. Be careful out there!

Please keep your passwords private!

There are individuals who may send email to you, asking for your account password, or asking you to login to a web site to change your password. These people are posing as technical support people in an attempt to get your account password from you. Once they have your account password, they login to webmail and use your address to send out thousands of “spam” messages across the Internet.

There are a few steps you can take to make sure your account isn’t “hijacked” to use for spamming (sending junk email). First, and most important, never give your password to anyone who is requesting it by email. Don’t login to any web site to change your password or enter your current password on the request of anyone by email. If we feel your account has been compromised we’ll change your password for you. We’ll never email to ask you to do it.

You can read more about this kind of activity, called “phishing,” by going to the following URL: http://en.wikipedia.org/wiki/Phishing

Second, please make sure your password is strong enough to prevent someone from guessing it. If your username and password are the same, you’re a potential target for account hijacking. Your password should contain upper and lower case letters, numbers and some other character(s), such as symbols or punctuation. Here are a few examples of good and bad passwords.

GOOD passwords
————–
M9ADu%3wQ! (good)
NtiL@e_D5o1sig (even better – more characters)

BAD passwords
————-
1234 (one of the most commonly used and easily guessed passwords)
spaniel (a word in the dictionary)

Please check your password here:
http://tinyurl.com/safe-passwords
If your password strength is not rated “strong” or “best,” it should be changed immediately!

If you have ANY reason to believe that someone has guessed your password, please call us to change it immediately.