February 2018

Chrome users panic as new scam spreads

Security , , , , , , , , , ,

During the previous quarter, fake Chrome notifications urging users to dial a tech support number have grown dramatically. Research reveals that this tech support scam could possibly use an Application Programming Interface (API) to freeze the browser, convincing the user to get in touch with the support line and share their credit card details.

The End Game

The scam works by displaying an error message indicating a bogus security breach incident that renders a browser unusable. These scammers capitalize on the fact that a serious crash can’t be solved by simply closing the site, thereby sending the users into a panic. This encourages them to dial the number listed on the warning message.

On the other end of the line, the scammers would pose as Microsoft or Apple representatives to convince users into surrendering their credit card details to repair a non-existing security issue. The scams are generally carried out through legitimate sites or malicious ads that have been hacked.

The Ingenious Process

This new scam operates against Chrome by corrupting the window.navigator.msSaveOrOpenBlob programming interface, which basically uses it as a form of distraction. The hackers manipulate the browser and forces it to save a random document on a disk repeatedly at super fast intervals that are impossible to notice. After five to 10 seconds, Chrome will be completely unresponsive.

The Easy Fix

To recover, Windows users simply have to open Windows Task Manager (press ctrl + shift + esc keys) and stop the process there. On the other hand, macOS users just need to wait until a system message prompts them to close the unresponsive Chrome tab. Typically, the latter is a more appealing option since users would have the freedom to close only the corrupted page. Manually closing the whole browser means possibly losing unsaved files in any open Windows.

When faced with IT-related issues, you need to determine how you can approach them calmly. The threats in the digital world may be terrifying and intimidating, but causing a panic in your workplace isn’t the answer. Call us as soon as any problems arise, and we’ll help you as soon as we can. We can even hook you up with other security measures to beef up your network security.

Published with permission from TechAdvisory.org. Source.

Hackers hijack PCs to steal cryptocurrency

Hardware , , , , , , , ,

There’s a new cyberattack in town, and it’s out to get your Bitcoins. Cryptojacking has grown in popularity over the past few months mainly because of the increasing value of cryptocurrency. So if you notice your computer slowing down, hackers may already be using your hardware to make easy money.

Hijacked hardware
Cryptojacking secretly uses your computer to calculate complex mathematical problems to generate cryptocurrency. They get inside by using phishing emails to lure victims into clicking on a link, which then runs malicious cryptomining programs on the computer. Any cryptocurrency produced then gets delivered to the hacker’s private server.

But hackers have developed an even more insidious tactic. By infecting websites with ads and plugins that run cryptojacking code, any visitor who loads the web page instantly gets infected with the malware, sending their computer’s processor into overdrive trying to generate cryptocurrency.

Unlike most malware, cryptojacking software won’t compromise your data. But it will hijack your hardware’s processing power, decreasing performance while increasing your power and cooling bills. So instead of paying for the computing power themselves, hackers can simply use thousands of compromised computers.

Surge in cryptojacking
It’s difficult to tell how much hackers are making with cryptojacking, but there’s a good chance that this type of attack will be as popular as ransomware was in 2017. In fact, for as little as $30, anyone can purchase a cryptojacking kit from the dark web to force other computers to generate Bitcoin or Monero for them.

According to several reports, even sites like The Pirate Bay, Openload, and OnlineVideoConverter are allegedly using cryptojacking exploits to diversify their revenue streams.

The biggest reason why this is becoming so popular is because it’s a low-risk, high-reward scheme. Instead of extorting money directly from the victim, hackers can secretly generate digital currencies without the victim knowing.

If it is detected, it’s also very hard to track down who initiated the attack. And since nothing was actually “stolen” (other than a portion of computing power), victims have little incentive to apprehend the culprit.

Prevention and response
To avoid cryptojacking, you need to incorporate it into your monthly security training sessions. Teach your employees to practice extra caution with unsolicited emails and suspicious links. Using ad-blocker or anti-cryptomining extensions on web browsers is also a great way to stay protected.

Beyond prevention, use network monitoring solutions to detect any unusual behavior with your computers. For example, if you notice a significant number of PCs running slower than usual, you should assume that cryptojacking is taking place.

If you’ve confirmed that it is, advise your staff to close browser tabs and update browser extensions as soon as possible.

Cryptojacking may seem less threatening than some malware we’ve discussed in the past, but it can incur real power, cooling, and performance costs to your business when several systems are compromised. To make sure you don’t end up enriching any hackers, call us today. We offer hardware solutions and cybersecurity tips to keep your business safe and sound.

Published with permission from TechAdvisory.org. Source.

Using Cortana to Organize Business

Business , , , , , ,

You are probably already aware of Cortana, the Windows 10 AI personal assistant. Did you know that you can use it to improve the efficiency and productivity of your business? With a better understanding of its basic functions, you’ll be on your way to becoming an AI-powered organization.
To take advantage of Cortana, you should enable it on your desktop first. The process is easy: Just press the Windows Key, type “cortana” and click on “Cortana settings.” From there, you can change whether it responds to your voice or get activated by a keyboard shortcut, and you can set other personal preferences.

Voice Reminders, Notes and Alarms

As soon as you enable “Hey, Cortana” on all your gadgets, you can begin using it to dictate notes, set alarms, and create reminders. Thanks to advancements in AI, Cortana should be able to recognize most natural-language requests, like “Wake me up at 9am tomorrow,” or “Remind me to pick up my dry cleaning tomorrow.”

Meanwhile, you can use it as a voice recorder during meetings instead of writing down notes. Just say, “Hey Cortana, make a new note in OneNote,” and whatever is recorded will automatically be saved to OneNote!

AI-Scheduled Meetings

With Microsoft’s new Calendar.help feature, you can issue commands to a group email chain by saying things like, “Hey Cortana, can you help us book a 30-minute call next week?”

Calendar.help will work with Cortana to contact each attendee individually, find out what times they are available, and pick the best option for the group. You would only need to email the details, including duration, agenda and location, before you cc Cortana and forward it to the people involved. At that point, Cortana will send invites and handle all email exchanges. For now the project is still in preview/beta, so you will need to sign up.

Quick Conversions and Calculations

There are times when you need to make some calculations, but Googling or using your phone’s calculator just takes too much time. Cortana can answer complicated math problems, even if they are stated in plain language. What’s more, Cortana is able to convert temperature, time zone, weight, and volume.

Cortana will not only improve your business processes, but also help create a more relaxed workplace. And when employees are less stressed, everyone experiences more rewarding workdays.

We’re experts in traditional office IT, but we’re also pretty savvy with exciting new tools like Cortana. Send us a message today to learn more tips on improving productivity in your workplace.

Published with permission from TechAdvisory.org. Source.

Facebook announces News Feed change

Social Media , , , , ,

Facebook recently announced a big change to its News Feed. In response to the backlashes it has been receiving — mostly due to allegations of how social media causes depression and affects one’s political views — it has decided to limit posts from businesses and share more posts from your friends on the News Feed.

Potential outcome for Facebook

One of the main sources of revenue for the social media giant is from its advertising program. But with the changes set to take place, there’s a high possibility that users will spend less time on its platform. This would mean comparatively less effective advertising than before, thus fewer advertisement signups from businesses.

While they do admit this move may potentially hurt profitability, Facebook hopes this change will improve user experience, which in the long-run may translate into higher profits.

Reason for News Feed change

Users enjoy learning about what’s happening in their social circles. Whether what’s shared is as mundane as what someone recently baked, or as momentous as a wedding, every day millions of users like and comment about each other’s lives. For this reason, Facebook has decided to spotlight images and videos that are more meaningful to people on a personal level. Such posts have greater power to deepen human bonds.

Weighing the pros and cons of the News Feed change

However, research has found that constant use of Facebook can cause people to feel alienated and inadequate, reducing people’s overall well-being in the long run. According to the American Academy of Pediatrics, teenagers are especially liable to “Facebook depression,” as they constantly compare themselves with their peers.

On the other hand, several researchers believe that an individual’s personality has a greater impact on the type of response he or she will have. If you feel your life is very fulfilling, seeing your friend or family member having fun would make you happy. By contrast, if you’re unhappy or feeling insecure with life, seeing other people’s happier moments will depress you even more.

Effectiveness of change

It’s still too early to tell whether this move will change society for the better and, at the same time, salvage Facebook’s reputation of being a platform that helps people connect with each other. Only time will tell.

Besides Facebook, there are other online channels that can improve your business reputation. If you’re interested in building a stronger web presence, contact us today and we’ll help you get started.

Published with permission from TechAdvisory.org. Source.

Don’t fall for distributed spam distraction

Security , , , , , ,

One of the most frustrating things about using email is seeing dozens of spam messages every day. Fortunately, they’re just minor annoyances that are easy to remove from your inbox. However, hackers have developed a way to make spam much more insidious. Here’s what you need to know about modern spam attacks.

Understanding DSD
Distributed Spam Distraction (DSD) is designed to inundate your inbox with thousands of nonsense emails. There are no dangerous links, ads, or attachments involved, just random excerpts of text stolen from books and websites. What’s more, the email and IP addresses used are all different so victims can’t simply block a specific sender.

These attacks last anywhere from 12 to 24 hours and can flood inboxes with as many as 60,000 messages. While they may seem like harmless annoyances, the true purpose of DSD is to draw victims’ attention away from what hackers are doing behind the scenes.

And what they’re doing is exploiting your personally identifiable information (PII) to make unauthorized purchases or pilfer cash directly from your accounts. The DSD acts as a sort of smokescreen to hide payment confirmation messages behind a deluge of spam messages.

New tactics
Over the years, hackers have developed new tactics involving DSD. Several reports have shown that, instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that have been designed to weed out malicious code and gibberish text used by traditional DSD attacks.

What’s even more worrying is that any ill-intentioned individual can go to the dark web and pay for DSD services. They just have to provide a hacker with their target’s name, email address, and credit card numbers — all of which can also be purchased in the dark web — and pay as little as $40 to send 20,000 spam messages.

How to stop it
DSD is a clear sign that one of your accounts has been hijacked, so whenever you receive dozens of emails in quick succession, contact your financial institutions to cancel any unfamiliar transactions and change your login credentials as soon as possible. It’s also important to update your anti-spam software (or get one if you don’t have one already) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected. This means you should regularly change your passwords and pins, enable multi-factor authentication, set up text alerts for whenever online purchases are made in your name, and be careful about sharing personal information.

For more tips on how to deal with DSDs or other cyberattacks, call us today. We offer powerful tools and expert advice that will ensure your business’s safety.

Published with permission from TechAdvisory.org. Source.

Enhance your new laptop in 5 steps

Hardware , , , , , , , ,

Laptops may not be the most powerful computers, but the benefits they provide are undisputable. For one thing, they deliver a similar user experience to your huge desktop PC, but much more conveniently and affordably. But before you reap their many benefits, learn five precautionary steps you should take before using them.

1. Update your laptop’s operating system

One of the first things you should do before using your laptop is upgrade its operating system. Assuming you did not purchase the laptop right when it was released, your laptop will still be running an older operating system. With important patches and fixes released in each new update, it is recommended that you install the latest one to ensure your laptop is free of any vulnerabilities.

2. Remove bloatware

Opening your laptop for the first time, you might notice that there are already several preloaded software in the system — some of which you will probably never use. These are known as bloatware.

These apps take up a lot of your valuable drive space, so consider getting rid of them. The easiest way to do this is by downloading a bulk uninstaller, which allows you to check all the bloatware apps you don’t want and remove them in one fell swoop.

3. Install protection software

It’s no secret that the world we live in is unsafe. And with so much confidential information nowadays becoming digitalized, it is necessary to protect yourself against losing important data from your computer. The solution to this is very simple. By installing antivirus software that can automatically — or manually — scan your computer at a scheduled time, potential attacks can be thwarted before they become more serious.

Not only is your laptop’s data vulnerable to cyberattacks, there is always a chance your laptop can get lost or stolen. While there are preventive steps you can take — such as being mindful while using your laptop in public places — another solution would be to install anti-theft software. Security features such as “Find My Device” for Windows 10 and “Prey” for other operating systems can help you locate your device if it’s ever stolen or misplaced.

4. Optimize your power settings

One of the most frequent problems that laptop users have is that their batteries run out of juice too fast. However, you can actually extend the battery life by making a few tweaks to your power settings.

Reduce your display brightness, but not so much that it causes eye and mental fatigue
Use the Sleep or Hibernate mode for your operating system

5. Set up a backup plan

Imagine spending months working on an important project and suddenly finding it nonexistent the next day just because your laptop crashed. Deadlines will be missed. Profit margins will decrease. Customers will leave unhappy. And if worse comes to worst, you’ll be out of business.

Why add more unnecessary stress if you can prevent it from happening in the first place? By setting up an automatic backup system, you can regularly save all your important files; that way, you’d still have access to the data anytime were anything to happen to the original file.

You can also store all your important documents in the cloud, which ensures access whenever you need, even if your laptop crashed or got stolen.

Getting a new laptop can be fun, but the joy might be short-lived if you don’t set up any preventive measures from the start. Call us for information on how we can help you secure your company’s laptop today.

Published with permission from TechAdvisory.org. Source.

Virtual DR for ransomware protection

Business , , , , , ,

The massive success of ransomware like WannaCry and Petya have spurred other cybercriminals to develop their own ransomware and sell it on the black market. This means we can expect more ransomware attacks in the future. To prepare your business, you need virtualized disaster recovery solutions. Here’s why.

Virtual DR
Virtual DR solutions allow you to create point-in-time copies, or “snapshots,” of operating systems, data, and virtual machines as they appear at a given point in time. These snapshots can then be loaded onto any workstation with everything still intact. In the event of a ransomware attack, administrators can essentially roll back the system to a point before the malware hit.

What’s great about point-in-time copy features is that they are automated. Just schedule the snapshots, and your virtual DR software will do the rest. And although virtual DR solutions vary, most of them have the capacity to store thousands of point-in-time copies, giving you plenty of restore points to choose from.

Why virtual DR trumps traditional DR
Traditional DR methods don’t have these features. Even though most computer operating systems have a system restore functionality, modern ransomware strains are designed to disable them. On the other hand, virtual DR software isolates point-in-time copies and restore functionality from virtual machines, which means they can’t be affected if one virtual machine was compromised with ransomware.

Another reason why traditional DR is not a great option is because there is a lot of manual labor involved. You have to copy all your data into a backup drive, reinstall applications, and reconfigure hardware. By the time you’ve recovered from the ransomware attack, the financial and reputational damage caused by downtime will have taken its toll on your business.

When recovering your system, you want as little hassle as possible. With virtual DR, you can load a clean, ransomware-free snapshot onto your system in less than 30 minutes.

However, implementing virtual DR can be complex, especially if you don’t have much IT expertise. But if you partner with us, this won’t be a problem! Call us today to get robust solutions that guarantee business continuity.

Published with permission from TechAdvisory.org. Source.

6749 S. Westnedge Ave

Suite K, #128

Portage, MI 49002-3556

Southwest Michigan: (269) 290-7137

St. Louis: (314) 558-0623

Toll Free: (877) 288-5527