Don’t fall for the Microsoft ‘tech support’ scam!

phonescamMy wife received an interesting call today from someone claiming to be from Microsoft technical support.  According to them our computers had contacted because we needed technical support.

Of course it’s a scam, but one that people (particularly older people) get taken in with all the time.

For the uninitiated, the scam involves someone (usually from India) calling and saying that they are representatives from Microsoft technical support. They then tell the victim that their computer is running slowly because of viruses or because they need an additional piece of software — at a cost, of course. It’s been floating around for almost as many years as the Nigerian money transfer scam and is still going strong.

Once a person buys into the scam they take them through a number of steps showing them files and error messages on their computer (every computer has error messages if you know where to look) and then they sell the victim “technical support” or an “extended warranty”.   This will involve several steps:

  • Taking control of your PC
  • Watching as you enter your bank account and credit card details into an online payment (the online payment – usually around $299 – is real)
  • Trashing your PC or, in some cases, installing malicious software on your PC so that they can continue to exploit you after the call is over

If you want to see what happens you can watch the video on the Malwarebytes website – via What happens if you play along with a Microsoft ‘tech support’ scam?  Spoiler alert – they end by calling him names and trashing his PC.

Unfortunately it is often the elderly that fall for this the most, so do yourselves a favor and tell your older relatives to contact you before they make online payments or install software from cold callers.  A little time spent on the phone with them could save everyone from an enormous amount of hassle in the future.

Any legitimate company will happily give a call back number and wait while you check with people.  And if you’re really not sure then post a comment below letting me know what is going on and I’ll get back to you.

 

3 Comments

Filed under Online Security

Google Gives Real Time Analytics to iPhone Users

In case you missed it, Google released Google Analytics for iPhone last week. It comes a year after it was originally released for Android devices. The Real Time analytics is the best feature for website owners who can now get-a-glance of their information right from their pocket.

For the full story click here:  Google Gives Real Time Analytics to iPhone Users | LevelTen Dallas, TX.

Leave a comment

Filed under Free Software, Web Design

Domain Registry Services of America – SCAM!

Today I received a very official looking letter from a company called Domain Registry Services informing me that the domain of one of my customers is due to expire “in the next few months”.  If you have received one of these don’t be fooled – it’s a scam!

Here’s how it works: Domain Registry Services sends website owners an official-looking “expiration notice” (see below), urging them to “act today” to prevent “loss of your online identity making it difficult for your customers and friends to locate you.”

They are hoping that you won’t look too closely at it, fill in the form and send it back.  If you do you will have inadvertently transferred the domain registration from the company you originally registered with (GoDaddy, BlueHost, etc.) and signed that over to DRS.

I have no idea what their registration services are like but I can say that they are at least twice as expensive as any reputable domain registrar ($35 for one year when most charge between $10 and $15).  I can only assume a company that stoops to such underhanded tactics to win clients would be an absolute nightmare to deal with and any chance of getting a refund has to be slim at best.

If you receive one of these notices do yourself a huge favor and file it in the round filing cabinet.

scam

2 Comments

Filed under Computers, Online Security

Who’s attacking your website?

ImageWith the explosion in web creation tools owning a website is no longer the domain of a select few.  Whether you have an online store, a “business card” site or a fan site for your passion setting up a website can be done by almost anyone with a need and a little patience.

What many people fail to realize is that, just like your home PC, a little care is needed if you are to avoid having your website taken over and either vandalized or used as a springboard for spreading viruses.  After all which of your friends wouldn’t download something from a website they knew you created?

Think people aren’t attacking your site?  A quick look at the sites I have set up showed, without exception, every one of them had logged attempts to log in using brute force password cracking.  I know this because I have software installed on these sites that tracks failed attempts to log in and, if they occur often enough (10 tries in my case) then my site will automatically  block access from those IP addresses with increasingly long lockouts and sends me a note to let me know about it.  Here’s a sample from one of the sites I take care of:

IP Tried to log in as

 

As you can usernames like admin, administrator, root, and variants of the URL (starred out for privacy reasons) have all been tried.  It’s one of the reasons I NEVER use those as either a user id or a password.

Attacks mostly seem to come from the Czech Republic, the Republic of Korea, Ukraine and so on.

Why those places and what are they doing?  Who cares?  The important thing to realize is that even the website you put together as a memorial to your beloved dog can, and will, be attacked.

The site i pulled the lockout information from is only special to the people that use it.  It doesn’t get millions of views, isn’t a political or controversial group, and doesn’t contain any secret information.  In fact everything on the site is public.  So if they are being attacked then it’s a very good bet that your website is too.

So what can you do about it?

Well you can’t stop people attacking you, but you can make life difficult for them by taking some simple steps.

  1. The most obvious, and easiest, thing to do is to make sure that you don’t use any common user names  or passwords.  If your website providers sets up a default user such as Admin when your site is built, change it!  Passwords don’t have to be long and hard to remember – two random words like BlueDriver or NotedMarketer will keep people guessing long enough to make them bored.  If you use Admin and password because they are easy to remember then you deserve what you get.
  2. Install software that can lock out repeated login attempts.  There are many of these around and they are often free.  Install them for some peace of mind and sleep easily knowing that someone isn’t bombarding your website with thousands of login attempts.
  3. Make sure that you keep your website software up to date.  As the HeartBleed bug showed us, no website is foolproof, so make sure that vulnerability are patched regularly.

Those three simple steps alone should keep the vast majority of people at bay.  Sure there are are few highly skilled people out there that could get in if they wanted to, but with so many juicy targets for their talents why would they waste their time on your cooking blog?  Nope…it’s the equivalent of the thug with a brick that we want to stop and the steps above are the equivalent of a spray can full of mace to those guys.

 

Leave a comment

Filed under Computers, Online Security, Web Design

Ubuntu bootable USB stick saves the day!!

logo-ubuntuOn safari in Uganda my brother and I found ourselves on a photo and video binge that left our devices wanting.  Cameras, camcorders and smart phones were all quickly filled and, with more than a week to go, we needed more storage.

My brother had brought along an old Windows laptop for when this happened and we backed everything up to that before clearing down ready for the next day.  This machine was now the sole repository for several hundred “once in a lifetime” photos and videos.

Potholes? You don’t know what they mean until you’ve visited Kampala

Unfortunately Ugandan roads are anything but smooth and after a couple of days bouncing around in the back of the van we discovered to our horror that booting the PC gave us nothing but the blue screen of death!  My brother is a great photographer but isn’t especially knowledgeable about computers and, while I could tell he was trying to stay calm, his repeated question about whether those pictures could be salvaged betrayed his concern.

As luck would have it I had a copy of Ubuntu on a thumb drive with me.  I had brought this along to salvage an old laptop for a friend and this turned out to be just what we needed.  Within minutes we had the PC up and running by booting from the thumb drive and I was able to easily figure that the hard drive on the laptop was  failing, but it wasn’t dead yet.  Much to my brother’s relief I was able to bring up the pictures we had backed up.

nookNow we needed another place to put the pictures before the drive gave up the ghost for good.  Here I just plugged in my Nook HD with its 32gb micro SD card and it was an easy job to copy the pictures across to the card.  Job done!

Once again Ubuntu saves the day, and it somehow seems fitting that it should rescue us in Africa.

Considering how little space a thumb drive with Ubuntu on it is I’m actually now thinking of making that a standard part of my packing list.

Ubuntu…don’t leave home without it!

via How to create a bootable USB stick on Windows | Ubuntu.

Leave a comment

Filed under Computers, Free Software, Linux, Technology

Silence of the Fans

Image from Fanshare.com

My wife’s PC used to drive me mad!  Every time I sat in the office I could hear the fan running at full tilt, especially after she had played Facebook games and left them running.

Something had to be done!

A quick check showed high CPU use and the temperature (checked using Speccy) well above normal.

My first reaction was that she needs a new PC but my frugal (cheap) side kicked in and forced me to dig a little deeper so I removed the PC cover and discovered that the heat sink above the CPU was entirely buried in fluff!

30 seconds with a vacuum cleaner and the office is back to its former library like state.   Ahhh!

Leave a comment

Filed under Computers

Heartbleed: What you need to know

Several people have contacted me because they were worried about “Heartbleed” – a software flaw that lets attackers steal the cryptographic keys used to secure online commerce and web connections.

First let me clear up something – this is NOT a virus.  Heartbleed is a bug that affects online servers, not your PC.

The bug, called “Heartbleed”, affects web servers running a package called OpenSSL which is the most common technology used to secure websites. Web servers use it to securely send an encryption key to the visitor; that is then used to protect information coming to and from the server from the so-called man in the middle attack, where a third-party intercepts both streams of traffic and uses them to discover confidential information.

Don’t Panic

This bug has been around for about 2 years.  While that means that hackers ‘could’ have been stealing information and passwords during that time the chances are relatively low.  If it were a well-known bug then it would have come to light sooner and been fixed.  So while the good guys didn’t know about it, neither did most of the bad guys.

What can I do?

There is nothing you can to do fix a website, but you can check to see if a website is vulnerable by visiting this site.  If the sites tests OK then I would recommend changing your password as it is possible that your password was detected before the bug was patched.  But do not change your password until after the site is fixed – now that this is known there’s more chance that someone will exploit it and you could actually be making the situation worse.

Should I stay offline?

If you can stay offline then that would be a good start – at least for a few days.  But most people can’t so I would suggest just being careful and, if you must visit a high security site such as a bank or email system then check it first using the website tester.  It’s the weekend…go outside and play!

Should I change my password?

Better safe than sorry.  But, as noted above, don’t change it until after the server has been patched.  Many well used sites such as Facebook, Instagram and Pinterest were affected and you should change passwords, particularly if you use the same password on multiple sites (as many people do).  For a hit list of passwords you should change right now check this list.

More information can be found via Heartbleed: Hundreds of thousands of servers at risk from catastrophic bug | Technology | theguardian.com.

Leave a comment

Filed under Online Security

New additions to the Cool Free Software page

Today I added a few additions to my Cool Free Software page.  Each of them is powerful, easy to use, and of course free.

First up is AVGO Free DVD Ripper which easily rips DVD to AVI, MP4, MKV, H264, iOS and Android.   I’ve been using this to rip DVDs for my Nook HD and these little babies have turned my bus commute into New York into something that I almost wish were longer.  It might not be the fastest, but it certainly is the most consistent.  So far I haven’t found a DVD it couldn’t rip.

Next is Handbrake, a tool for converting video from nearly any format to a selection of modern, widely supported codecs.  I was really a bit late to the party with this one as many people I know have used this for some time.  When I started watching movies on the bus I had a selection of older movies already on my PC but not in a format compatible with my Android tablet.  No worries.  I downloaded this little puppy, selected a suitable output option and was fixed up in no time.
Have a lot of files to convert?  No problem, it has a batch mode so you can leave it running all night.

dupes

Finally we have Auslogics Duplicate File Finder.  You know how it is.  You copy files around, make backups, move things and suddenly your find yourself running out of disk space and you have no idea why.  This great little tool scans your PC and locates file duplicates.  What makes this special is that it doesn’t just do it based on the file names as some do, this tool actually compares the file contents to guarantee that the files are the same.  I won’t tell you how much space this recovered for me because it’s embarrassing.

Give these tools a try.  I’m sure you’ll find them as useful as I have.

Leave a comment

Filed under Computers, Free Software

Your New PC Needs These 22 Free Programs CIO.com

opensource-logoSome great advice and software from CIO.com.  Many of these I use already, some were new to me and will be explored over the weekend.

Wish I had known about Ninite before I set up the new PC!

via Your New PC Needs These 22 Free Programs CIO.com.

Leave a comment

Filed under Computers, Free Software

Software upgrades for Computer Whisperer WordPress clients

software-update-iconWhat is happening?

Clients of the Computer Whisperer WordPress hosting websites are updated and maintained regularly.  Usually these upgrades are minor, performed outside of normal business hours and not something that would need notification.

Periodically it is necessary to deploy major upgrades to the core platforms to make sure that your website remains stable and secure.  In this case we will be upgrading PHP from version 5.2 to 5.4 within the next seven days.

What will happen and how does this affect me?

Even major upgrades are not normally problematic and should result in nothing more than a few minutes of downtime for your site.  In almost all cases you will not even be aware that the change has taken place.

Within the next seven days the following actions will be taken on your site:

  • Your site will be fully backed up
  • All plugins will be upgraded to the latest version
  • WordPress will be upgraded to version 3.8 if necessary
  • The PHP version on your site will be upgraded from 5.2 to 5.4
  • After upgrading your site will be tested to make sure that core functionality is performing as expected
  • Email access will not be affected during the upgrade process

What if there are problems?

Since WordPress 3.8 is known to be stable with PHP version 5.4 any problems are most likely caused by plugins.  In the event of a problem we will identify the offending plugin and either work with the plugin developer to resolve the issue or find an alternative plugin that provides the same functionality.

Rest assured that your website is fully backed up using a method that allows for rapid deployment to an alternative host.  In the unlikely event of a major problem we will set up a new host using a legacy version of the software and migrate your site to that host.

If you would like to speak about this please feel free to call the usual number or simply leave a comment below.

Leave a comment

Filed under Computers, Web Design