“Free” Security Scan? Beware of Scammers.

“Messages telling you to install and update security software for your computer seem to be everywhere. So you might be tempted by an offer of a “free security scan,” especially when faced with a pop-up, an email, or an ad that claims “malicious software” has already been found on your machine. Unfortunately, it’s likely that the scary message is a come-on for a rip-off.

The free scan claims to find a host of problems, and within seconds, you’re getting urgent pop-ups to buy security software. After you agree to spend $40 or more on the software, the program tells you that your problems are fixed. The reality: there was nothing to fix. And what’s worse, the program now installed on your computer could be harmful.

Scammers have found ways to create realistic but phony “security alerts.” Though the “alerts” look like they’re being generated by your computer, they actually are created by a con artist and sent through your Internet browser.

These programs are called “scareware” because they exploit a person’s fear of online viruses and security threats. The scam has many variations, but there are some telltale signs. For example:

  • you may get ads that promise to “delete viruses or spyware,” “protect privacy,” “improve computer function,” “remove harmful files,” or “clean your registry;”
  • you may get “alerts” about “malicious software” or “illegal pornography on your computer;”
  • you may be invited to download free software for a security scan or to improve your system;
  • you could get pop-ups that claim your security software is out-of-date and your computer is in immediate danger;
  • you may suddenly encounter an unfamiliar website that claims to have performed a security scan and prompts you to download new software.

 

Scareware purveyors also go to great lengths to make their product and service look legitimate. For example, if you buy the software, you may get an email receipt with a customer service phone number. If you call, you’re likely to be connected to someone, but that alone does not mean the company is legitimate. Regardless, remember that these are well-organized and profitable schemes designed to rip people off.

How Do the Scammers Do It?

Scareware schemes can be quite sophisticated. The scam artists buy ad space on trusted, popular websites. Even though the ads look legitimate and harmless to the website’s operator, they actually redirect unsuspecting visitors to a fraudulent website that performs a bogus security scan. The site then causes a barrage of urgent pop-up messages that pressure users into downloading worthless software.

What to Do

If you’re faced with any of the warning signs of a scareware scam or suspect a problem, shut down your browser. Don’t click “No” or “Cancel,” or even the “x” at the top right corner of the screen. Some scareware is designed so that any of those buttons can activate the program. If you use Windows, press Ctrl + Alt + Delete to open your Task Manager, and click “End Task.” If you use a Mac, press Command + Option + Q + Esc to “Force Quit.”

If you get an offer, check out the program by entering the name in a search engine. The results can help you determine if the program is on the up-and-up.

Good Security Practices

Check that your security software is active and current: at a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. You can buy stand-alone programs for each element — or a security suite that includes these programs — from a variety of sources, including commercial vendors and your Internet Service Provider. The security software that was installed on your computer when you bought it generally works for just a short time — unless you pay a subscription fee to keep it in effect.

Make it a practice not to click on any links within pop-ups.  Report possible fraud online at ftc.gov/complaint or by phone at 1-877-FTC-HELP. Details about the purchase — including what website you were visiting when you were redirected — are helpful to investigators.”1

Reference:

1 Reprinted:  The Federal Trade Commission (FTC) is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace.

Federal Trade Commission, Consumer Information

Note: This article was previously available as “Free Security Scan” Could Cost Time and Money.

 

Beware of Tech Support Scams!

There are scammers who will call and claim to be a computer tech associated with well-known companies like Microsoft or Apple.  Other scammers send pop-up messages that warn about computer problems.  They say they’ve detected viruses or other malware on your computer.  They claim to be ‘tech support’ and will ask you to give them remote access to your computer.  Eventually, they’ll diagnose a non-existent problem and ask you to pay for unnecessary – or even harmful – services.

If you get an unexpected pop-up, call, spam email or other urgent message about problems with your computer, STOP.  Don’t click on any links, don’t give control of your computer and don’t send any money.

How the Scam Works

Scammers may call, place alarming pop-up messages on your computer, offer free “security” scans, or set up fake websites – all to convince you that your computer is infected. The scammers try to get you on the phone, and then work to convince you there’s a problem. Finally, they ask you to pay them to fix that non-existent problem.

To convince you that both the scammers and the problems are real, the scammers may:

  • pretend to be from a well-known company – like Microsoft or Apple
  • use lots of technical terms
  • ask you to get on your computer and open some files – and then tell you those files show a problem (when they don’t)

Then, once they’ve convinced you that your computer has a problem, the scammers might:

  • ask you to give them remote access to your computer – which lets them change your computer settings so your computer is vulnerable to attack
  • trick you into installing malware that gives them access to your computer and sensitive data, like user names and passwords
  • try to sell you software that’s worthless, or that you could get elsewhere for free
  • try to enroll you in a worthless computer maintenance or warranty program
  • ask for credit card information so they can bill you for phony services, or services you could get elsewhere for free
  • direct you to websites and ask you to enter your credit card number and other personal information

These scammers want to get your money, access to your computer, or both. But there are things you can do to stop them.

If You Get a Call or Pop-Up

  • If you get an unexpected or urgent call from someone who claims to be tech support, hang up. It’s not a real call. And don’t rely on caller ID to prove who a caller is. Criminals can make caller ID seem like they’re calling from a legitimate company or a local number.
  • If you get a pop-up message that tells you to call tech support, ignore it. There are legitimate pop-ups from your security software to do things like update your operating system. But do not call a number that pops up on your screen in a warning about a computer problem.
  • If you’re concerned about your computer, call your security software company directly – but don’t use the phone number in the pop-up or on caller ID. Instead, look for the company’s contact information online, or on a software package or your receipt.
  • Never share passwords or give control of your computer to anyone who contacts you.

If You Were Scammed

  • Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything the software says is a problem.
  • Change any passwords that you shared with someone. Change the passwords on every account that uses passwords you shared.
  • If you paid for bogus services with a credit card, call your credit card company and ask to reverse the charges. Check your statements for any charges you didn’t make, and ask to reverse those, too. Report it to gov/complaint.

Refund Scams

If you paid for tech support services, and you later get a call about a refund, that call is probably also a scam. Don’t give the person any personal or financial information.

The refund scam works like this: Several months after a purchase, someone calls to ask if you were happy with the service. If you say “No”, the scammer offers a refund. Or, the caller says the company is going out of business and giving refunds. The scammer eventually asks for your bank or credit card account number, or asks for access to your bank account to make a deposit. But instead of putting money in your account, the scammer takes money from your account.

If you get a call like this, hang up, and report it: ftc.gov/complaint.1

Reference:

1 Reprinted:  The Federal Trade Commission (FTC) is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace.

Federal Trade Commission, Consumer Information

Bryley Systems Ranks #5 as a Top IT Service Provider!

Worcester Business Journal.

May 28, 2018, Volume 29, Number 10 – Book of Lists

Bryley Systems was recently featured in the Worcester Business Journal’s Book of Lists, being ranked #5 as a Top IT service provider.

Bryley Systems is a Managed IT/Cloud/Security Services Provider with clients throughout New England and across the continental United States.  We have fulfill the IT needs of organizations with a focused, client-friendly approach by combining brand-name equipment and software with flexible service options and low-risk, custom-fit, support agreements. Our certified, experienced staff – backed by seasoned management – approach each client’s needs individually.

Best Practices to Keep Computers From Overheating

The cooling system of a computer (the fan, heat sinks, vents, etc.) forms one of the most essential components of your device. “Simply put, if your computer becomes too hot, it is possible to destroy and shorten the lifespan of the hardware inside your computer, leading to irreparable damage and potential data loss. Besides losing your data, heat pecks away at your computer’s internal organs—the motherboard, CPU, and more—significantly shortening its lifespan.  Besides the most obvious reason to keep your computer cool, a hot computer will also run slower than a cooler computer. So to prevent your computer from slowing down, make sure that it is running at a moderate or low temperature.”1

Air Flow.  Leave at least three inches of room for airflow around each computer, particularly along the back.  Keep things such as papers, files, or other heating elements away from your computer.  Computer stands are handy to allow for proper airflow.  If you work with a laptop, avoid soft surfaces.  The rubber feet on a laptop will provide room for air to flow under the computer.  Also remember never to leave your laptop turned on before placing it in your bag or briefcase. This would cause the heat to accumulate in one place and thus cause the laptop to overheat.

Dust and Debris.  If dust and debris clog up the air vents, it stops the proper air flow.  When dust and lint build up over the fan, it causes it to work harder.  A layer of dust covering other heat generating parts such as the RAM and Hard Disk can also cause overheating.  In a dusty environment, clean the inside of a computer periodically, particularly the internal fans.  Also, where possible, do not place the computer on a carpeted surface; the carpet fibers are ingested into the computer, building up on the interior surfaces. If you decide to personally clean your computer make sure the system is off and the power cable is unplugged.  To avoid damaging the sensitive electronics, do not touch internal components.

Fans.  The CPU, graphics cards and other computer components generate a great deal of heat. To combat that heat, computers come with internal fans to circulate air.  Keeping those fans in good working order is critical to a well-running system.  Clean the inside of office computers every 8-12 months, particularly the internal fans. All it takes is a can of compressed air and a small brush. Check to ensure that fans are operating. You can do this by turning on the computer with the case open. There should be two or three fans inside the box.  If increased cooling is necessary, consider adding a case fan, attached inside the computer to the front or back of the case. Several manufacturers also make specialized fans for individual components, such as high speed computer memory.  In many cases, computers come installed with very basic CPU fans. Upgrading to a more efficient fan can increase cooling power.

Temperature.  Computers prefer a room temperature of no more than 77 degrees Fahrenheit, with humidity between 35% and 80%.  Resist the temptation to turn off the office air conditioning over the weekend to try and save money. For added protection, install a smart thermostat that will alert you if the temperature moves higher than the desired range. Catching an air conditioning problem early can save costly electronics repairs.

Battery.  If you want to keep your computer safe from overheating, never overcharge the battery. Most people plug in the chargers of their laptops and keep them connected even when the battery is charged to a 100%.  Never do so. Not only does it cause overheating but according to some computer experts, it also reduces the battery life.

PC Settings.   “Tweaking the power settings of your computer is also an effective solution to overheating. Less power consumption leads to less heat generation.”2

  • Try to avoid setting the brightness to maximum.

Some additional best practices would include managing power and data:

  • Shut down workstations at the end of the day. This not only cools the system but also protects against power surges caused by storms. (Note: patching often occurs after-hours; leave your computer powered-on overnight when patching is scheduled)
  • You can also adjust your power settings and screensaver to switch the system to ‘Sleep’ or ‘Hibernate’ mode when not in use.
  • For critical workstations (including servers and other key devices) attach an uninterruptible power supply (UPS). This will protect them against surges and power outages.  For less critical devices, a surge protector should be sufficient.

By utilizing these tips you should have a longer lifespan of your computer.  The time spent taking proper care of your equipment should save time and money in the long run.

References:
1 + 2   fosbytes.com
www.Lifewire.com
www.makeuseof.com
www.howtogeek.com
www.techrepublic.com
https://www.pcworld.com/article/198882/overclocking_for_newbies.html

 

Crucial Steps to Take if Your Email Has Been Hacked

Many years ago Yahoo users fell victim to one of the largest data breaches in internet history.  Names, passwords and email addresses for every single customer account on the company’s servers were exposed in a cybersecurity attack.  This attack was very sophisticated – three billion users across multiple services under Yahoo’s umbrella were left vulnerable as a result of the hack.   In late 2017 the complete details surfaced after Yahoo’s parent company was made aware of the nature of the attack.

Whether you use services such as Yahoo Mail, or providers such as Microsoft, Google and Apple, you should be aware about the security of your own email address. After all, your email may be the single most important digital asset you own.  All communication is typically related to your professional networks, personal relationships, and credentials for every other digital service for which you’ve signed up.   All of this data can be used for identity theft, financial fraud, a vehicle for spam, and blackmail.  While there are safeguards you can implement to deter cyber thieves from accessing your personal account, in a severe breach these best practices may not be enough to prevent your email account from being hacked.

If you suspect that you have been targeted, quick action on your behalf is always required to prevent further damage.  If you are in the office, communicate with your IT Administrator immediately.  If you are at home either contact an IT professional, or follow these steps to try and recover your compromised email account. (Remember, in a widespread and very severe breach, these best practices may not be enough to recover your account, and there may be future damages to recover from).

Try to change your password.  You will need to verify whether your email address is still accessible. Most hackers will immediately change your password to prevent you from using your account. If you are able to secure entry before this has been done, you can reduce the threat of further attacks.

  • Make sure your new password differs completely from your last one, and don’t reference any easily guessed personal details such as your birthday or your pet’s name. Ideally, your password should be at least 10 characters long, and it should include a special character and number.
  • In addition, you should look to change your answer to any secret questions used in the account recovery process. After doing so, confirm that the alternative email addresses and phone numbers associated with your email account are not changed.
  • If you are having trouble regaining control of the account, visit your mail provider’s site for instructions on recovering your account. Apple, Google, Microsoft and Yahoo all have guides on their sites, as should other email and internet service providers.

Email everyone on your contact list including business associates, family members and friends about the breach. Next, get in touch with your email provider and report the details. Not only will this alert them to future infiltration attempts, but they may also be able to provide you with further details about the incident and where the access attempts came from.

If you feel sensitive information like bank records have been compromised, you should reach out to a credit reporting agency and have them track your personal credit activity in the months following the incident.

Your account may have been hacked through malicious software, so scan your computer for malware and viruses with a security program. You should also update your computer and devices with the latest security updates.

Recover Your Account.  If you cannot access your account using your old password, then you will need to put in some extra effort before you can recapture sole control of your email address. Start with the “forgot your password” option and check out the recovery options available. It may be as simple as sending an email to an alternative account or a text message to your mobile phone to regain control.

If these options are not available, or you do not have access to your alternative accounts, then you will need to browse through the help center for your email provider for other means of securing access. In worst-case scenarios you might be forced to contact customer service from your provider.

Check Your Email Settings to make sure nothing has been changed.  Keep an eye out for any changes made to your email settings and reset them back to your preferences. Possible issues you should be aware of include:

  • An unfamiliar forwarding address added to your email
  • A new “reply to” email address that tricks your contacts into sending their replies to a different account
  • An enabled auto-response option, used to send out spam messages to your contacts
  • Malicious links added to your email signature

 

Once you have reset any changes to your settings, look at your sent folder to see if the hacker sent out any sensitive information found in your email history.

Change Passwords for Other Accounts.  If you are using the same email and password for multiple accounts, get to work changing your login credentials for these services as soon as possible. This would be a good time to choose unique passwords for each service.  Scan your email inbox and trash folders for any password reset messages. Most hackers can identify other websites that make use of your primary email address. Once they have figured that out it is simply a matter of sending a password reset link and you suddenly have a plethora of compromised accounts on your hands. Make sure to reset login credentials for any similarly breached logins.

References:
PC Magazine
The New York Times
The Federal Trade Commission Consumer Protection Agency

Don’t Let the Summer Heat Destroy Your Mobile Devices

As much as we all enjoy outdoor activities that go along with those “lazy days of summer”, we are always reminded to stay hydrated, use sunscreen, avoid too much physical activity during peak hours, etc.   But, what about our precious mobile devices?  Are they being protected from the heat?

Here are a few things to remember as you’re out and about enjoying the warmth of the summer days.  If you get hot, your mobile devices probably will too.  Read on for a few helpful tips to keep your smartphones and tablets cool and running smoothly all summer long:

1 – If at all possible, charge the battery in your phone or tablet indoors where it’s cool.  Charging any battery will cause it to heat up, and if the temperature is 90 degrees or above it could possibly cause the entire device to over-heat and fail.

2 – Try not to use your device in direct sunlight for extended periods of time on hot summer days, especially if it has a black or dark colored case.  The sun’s hot rays can rapidly turn most any electronic device into a chunk of molten plastic and silicon, and typically, the damage is done before you even realize that it is happening.

3 – Install a quality anti-malware app on your devices to prevent viruses and malicious apps from over-working their CPUs and other components.

4 – Don’t leave your devices in a hot vehicle all day, even if the vehicle is in the shade when you park it.  If you have no choice and simply must leave your device(s) in a hot vehicle, wrap it in a cloth and leave it in the trunk.  Avoid leaving it in the passenger compartment.

5 – Use an app such as Clean Master or CCleaner for Android to keep your devices running as efficiently and cool as possible.These apps can help keep your device’s virtual working environment free of clutter, which in turn will allow the CPU and memory to work less while the device is running.

While we cannot control the outside temperature on a hot summer day, these steps can help protect your smart phones and tablets.  Stay Cool!

Scam Alert – Beware!

The Consumer Federal Trade Commission has recently released a scam alert.

“Have you received a robocall at work, telling you that you have to take action or your Google business listing will be removed? Or maybe even marked as permanently closed? That kind of thing could be tough for a business — if the threat was real. But those calls are not legit—and not from Google.

The FTC just filed a lawsuit against Point Break Media and others, saying they made just those kinds of calls. According to the complaint, people who believed the calls and then spoke to a live telemarketer were told that they could avoid the problem by paying a fee (up to $700). When people paid this fee, the scammers then allegedly targeted them with offers for even more expensive services that would supposedly improve Google search results.  Of course, nobody making those calls is affiliated with Google. And businesses can — for free — manage their own Google business listing.

In this case, the scammers targeted music instructors, house painting companies, car dealerships, and other small businesses. They knew that appearing in online searches is crucial for those businesses, and threatening that connection with customers might make people act before stopping to think.

If you get a call like this, don’t press any buttons. Don’t call the number back, and don’t engage. That just encourages the scammers. The best thing to do? Immediately hang up the phone, and then talk about it with your colleagues or employees. Let them know that:

  • Scammers pretend to be someone you trust. They pretend to be connected with a company you know or a government agency
  • Scammers create a sense of urgency. They want you to rush and make a quick decision without considering options.
  • Scammers use intimidation and fear. It’s okay to hang up the phone and confirm what’s really going on before taking any action.

Then, sign up for the FTC’s Business Blog (FTC.gov/Subscribe), which will keep you up to date on what’s happening at the FTC, and how it affects your business. Also, check out FTC.gov/SmallBusiness. Knowing about scams that target small businesses will help you protect yours.” 1

Reference:

1 https://www.consumer.ftc.gov/blog/2018/05/google-not-calling-you

Division of Consumer and Business Education, FTC