Tag Archives: Security

Working from your local coffee shop? Encrypt or die!

Here’s a short video that shows you how an attacker could use simple hacking tools and a rogue wireless access point to steal login credentials.

For the full article see the blog at Sophos here

Advertisements

Leave a comment

Filed under Online Security, Virus

Don’t fall for the Microsoft ‘tech support’ scam!

phonescamMy wife received an interesting call today from someone claiming to be from Microsoft technical support.  According to them our computers had contacted because we needed technical support.

Of course it’s a scam, but one that people (particularly older people) get taken in with all the time.

For the uninitiated, the scam involves someone (usually from India) calling and saying that they are representatives from Microsoft technical support. They then tell the victim that their computer is running slowly because of viruses or because they need an additional piece of software — at a cost, of course. It’s been floating around for almost as many years as the Nigerian money transfer scam and is still going strong.

Once a person buys into the scam they take them through a number of steps showing them files and error messages on their computer (every computer has error messages if you know where to look) and then they sell the victim “technical support” or an “extended warranty”.   This will involve several steps:

  • Taking control of your PC
  • Watching as you enter your bank account and credit card details into an online payment (the online payment – usually around $299 – is real)
  • Trashing your PC or, in some cases, installing malicious software on your PC so that they can continue to exploit you after the call is over

If you want to see what happens you can watch the video on the Malwarebytes website – via What happens if you play along with a Microsoft ‘tech support’ scam?  Spoiler alert – they end by calling him names and trashing his PC.

Unfortunately it is often the elderly that fall for this the most, so do yourselves a favor and tell your older relatives to contact you before they make online payments or install software from cold callers.  A little time spent on the phone with them could save everyone from an enormous amount of hassle in the future.

Any legitimate company will happily give a call back number and wait while you check with people.  And if you’re really not sure then post a comment below letting me know what is going on and I’ll get back to you.

 

3 Comments

Filed under Online Security

Who’s attacking your website?

ImageWith the explosion in web creation tools owning a website is no longer the domain of a select few.  Whether you have an online store, a “business card” site or a fan site for your passion setting up a website can be done by almost anyone with a need and a little patience.

What many people fail to realize is that, just like your home PC, a little care is needed if you are to avoid having your website taken over and either vandalized or used as a springboard for spreading viruses.  After all which of your friends wouldn’t download something from a website they knew you created?

Think people aren’t attacking your site?  A quick look at the sites I have set up showed, without exception, every one of them had logged attempts to log in using brute force password cracking.  I know this because I have software installed on these sites that tracks failed attempts to log in and, if they occur often enough (10 tries in my case) then my site will automatically  block access from those IP addresses with increasingly long lockouts and sends me a note to let me know about it.  Here’s a sample from one of the sites I take care of:

IP Tried to log in as

 

As you can usernames like admin, administrator, root, and variants of the URL (starred out for privacy reasons) have all been tried.  It’s one of the reasons I NEVER use those as either a user id or a password.

Attacks mostly seem to come from the Czech Republic, the Republic of Korea, Ukraine and so on.

Why those places and what are they doing?  Who cares?  The important thing to realize is that even the website you put together as a memorial to your beloved dog can, and will, be attacked.

The site i pulled the lockout information from is only special to the people that use it.  It doesn’t get millions of views, isn’t a political or controversial group, and doesn’t contain any secret information.  In fact everything on the site is public.  So if they are being attacked then it’s a very good bet that your website is too.

So what can you do about it?

Well you can’t stop people attacking you, but you can make life difficult for them by taking some simple steps.

  1. The most obvious, and easiest, thing to do is to make sure that you don’t use any common user names  or passwords.  If your website providers sets up a default user such as Admin when your site is built, change it!  Passwords don’t have to be long and hard to remember – two random words like BlueDriver or NotedMarketer will keep people guessing long enough to make them bored.  If you use Admin and password because they are easy to remember then you deserve what you get.
  2. Install software that can lock out repeated login attempts.  There are many of these around and they are often free.  Install them for some peace of mind and sleep easily knowing that someone isn’t bombarding your website with thousands of login attempts.
  3. Make sure that you keep your website software up to date.  As the HeartBleed bug showed us, no website is foolproof, so make sure that vulnerability are patched regularly.

Those three simple steps alone should keep the vast majority of people at bay.  Sure there are are few highly skilled people out there that could get in if they wanted to, but with so many juicy targets for their talents why would they waste their time on your cooking blog?  Nope…it’s the equivalent of the thug with a brick that we want to stop and the steps above are the equivalent of a spray can full of mace to those guys.

 

Leave a comment

Filed under Computers, Online Security, Web Design

Heartbleed: What you need to know

Several people have contacted me because they were worried about “Heartbleed” – a software flaw that lets attackers steal the cryptographic keys used to secure online commerce and web connections.

First let me clear up something – this is NOT a virus.  Heartbleed is a bug that affects online servers, not your PC.

The bug, called “Heartbleed”, affects web servers running a package called OpenSSL which is the most common technology used to secure websites. Web servers use it to securely send an encryption key to the visitor; that is then used to protect information coming to and from the server from the so-called man in the middle attack, where a third-party intercepts both streams of traffic and uses them to discover confidential information.

Don’t Panic

This bug has been around for about 2 years.  While that means that hackers ‘could’ have been stealing information and passwords during that time the chances are relatively low.  If it were a well-known bug then it would have come to light sooner and been fixed.  So while the good guys didn’t know about it, neither did most of the bad guys.

What can I do?

There is nothing you can to do fix a website, but you can check to see if a website is vulnerable by visiting this site.  If the sites tests OK then I would recommend changing your password as it is possible that your password was detected before the bug was patched.  But do not change your password until after the site is fixed – now that this is known there’s more chance that someone will exploit it and you could actually be making the situation worse.

Should I stay offline?

If you can stay offline then that would be a good start – at least for a few days.  But most people can’t so I would suggest just being careful and, if you must visit a high security site such as a bank or email system then check it first using the website tester.  It’s the weekend…go outside and play!

Should I change my password?

Better safe than sorry.  But, as noted above, don’t change it until after the server has been patched.  Many well used sites such as Facebook, Instagram and Pinterest were affected and you should change passwords, particularly if you use the same password on multiple sites (as many people do).  For a hit list of passwords you should change right now check this list.

More information can be found via Heartbleed: Hundreds of thousands of servers at risk from catastrophic bug | Technology | theguardian.com.

Leave a comment

Filed under Online Security

Security Threat Means It’s Finally Time to Say Goodbye to Windows XP

Even good things come to an end, and it’s really, really time to say goodbye to Windows XP.  As good as it was  this trusty old workhorse is not only obsolete, it is getting dangerous to run. That’s because Microsoft is getting ready to pull the plug on the last vestiges of support for Windows XP SP3 and that means no more security updates.

Security is like a game of leapfrog. Hackers attack with a new offense, security folks build a defense against it, and the attackers come back with yet another variety of malware. But after April, only one side will be playing, and you risk being a loser because of that.

In fact things are already looking pretty bad.  Check out this graph showing infection rates for the various versions of Windows and I think you’ll agree that the days of XP are finally over.

infection_rates

The king is dead – long live the king!

For the full story read Security Threat Means It’s Finally Time to Say Goodbye to Windows XP | CIO Blogs.

Leave a comment

Filed under Computers

Are you using protection? Using HTTPS to keep your private information private

Places that offer free wifi usually have un-encrypted (or open) wifi connections to make it easy for customers to connect.  Unfortunately that also makes it easy for people to steal your information and even take control of your accounts.  If you would prefer that didn’t happen then read on…

httpsIf you’ve ever done your shopping or banking online, you may have noticed a small “lock” icon appear in your address bar, or that the address bar has turned green. This indicates that your browser is using a secure connection (“HTTPS“) to communicate with the website and ensure that the information you send remains private by scrambling the information being sent from your computer to the website.  

Without HTTPS your information is being broadcast in clear text, picked up by people nearby and can be used to capture your passwords or take control of your accounts.

Not all websites need to use HTTPS.  Encrypted pages take longer to load and are more expensive to set up.  

But if you’re using public Internet access points found at coffee shops, airports, libraries or schools sites,  are being asked  for credit card numbers or other personal information and don’t see a secure browsing connection then you need to just walk away.  If buying something on that site is a must then do it at home where (hopefully) you have your access point secured with a password or, better yet, pay by check.  

The good news these days is that most of your favorite websites such as Facebook,  Gmail and Twitter have figured out that this is a big problems and now use HTTPS by default – nice work chaps!  

Leave a comment

Filed under Computers, Online Security, Technology