Cryptolocker: Why Modern Computer Viruses Are More Dangerous Than Ever

crypt-messageToday’s computer viruses go beyond mere annoyance. How does holding your data for ransom sound? What about spying on you through your webcam, tracking your physical location, recording every keystroke you make? Welcome to the modern generation of computer threats, where infection means real-world consequences.

The latest virus making the rounds is Cryptolocker, a textbook example of all the truly nasty ways in which a modern computer virus can ruin your day. Cryptolocker encrypts your data with a one-way algorithm which mathematically cannot be reversed. If you don’t pay the ransom within the timeframe, the only key to your data is gone, kaput, goodbye.

You can’t restore your data by removing Cryptolocker, because removing the virus doesn’t decrypt the data. No tech support person in the world can decrypt it for you because it’s simply not possible without the key. Even police departments have paid the ransom, even as they recommend that consumers not do so.

Here are some resources on Cryptolocker so you can keep it from digging its sharp claws into your computer.

Cryptolocker started its initial spread via email attachments, which are fairly easy to avoid. But now it’s morphing into variants that can be transmitted via USB drive, and luring victims with fake software activation codes. Although it’s a Windows virus, like all viruses it can be transmitted via Macs and mobile devices. Following in the steps of other viruses, soon Cryptolocker will evolve into spreading via social media sites.

And this is just the start.

There are other viruses out there that can activate webcams – and yes, they can bypass the green light that tells you the webcam is on. They can listen through microphones. They can track your location via your mobile device. They can listen in on your conversations on social media.

Now, more than ever, it’s vital to protect yourself from computer viruses. Here are some Tech Tips resources to help:

Have you run into Cryptolocker or other similarly destructive viruses? Share in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

 

A Parent’s Guide To Protecting Your Kids Online

kidsIt’s hard to protect kids online, because parents and educators often have a hard time finding resources that can help them understand the latest risks and recommendations. I’ve gathered a variety of information in one place so you can learn about antivirus, parental controls, and protecting your kids while using mobile devices and video games.

Kids’ computers are among the most vulnerable to security threats. That’s not to say your kids are doing anything wrong. On the contrary, they’re the victims. Not only do virus-writers like to booby-trap kids with malicious web sites, they also like to infiltrate legitimate ones. Kids are also at much at risk of identity theft as any Internet user. More so, because cyberbullying has become such a deadly and devastating menace.

These are resources every parent needs to know about how computer viruses and Internet threats work. If you have questions, please feel free to comment. You can also subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Antivirus And Security

Mobile Devices

Video Games

Cyberbullying And Harassment

 

How To Avoid Keyloggers, Ransomware, And Rootkits

keyThe most advanced threats to your computer – keyloggers, ransomware, and rootkits – are also the most insidious. The best way to deal with them is to avoid them entirely.

Keyloggers come in hardware form, but are usually software viruses that secretly record everything you type. Ransomware holds your computer and its data hostage until you pay. Rootkits allow hackers to remote-control your computer, and are often used to introduce other types of malware.

Related article: Advanced Threats Target Your Computer (The Northwest Herald)

So why should you fear these threats?

  • They bypass your security.
  • They steal your money and your identity.
  • They force your computer to infect still more computers.
  • They turn your computer into a spam-generating cog in the hackers’ profit-driven machine.

In the tech industry we say you’re rooted or pwned (like owned with a p – “powned”). In other words, the hackers own you. They own your accounts, your passwords, your address, your finances… your life.

Related Tech Tips article: What To Do If You Get A Computer Virus

Fake Antivirus Software
In particular, watch out for fake software scams. I’ve spoken of these before. Fake antivirus software tricks you into installing it, then bypasses your protections and invites its malware friends in to play. It’s devilishly hard to get rid of, as anyone who’s been infected can tell you. Usually you’re looking at a reinstall. And the darn stuff actually makes you pay to be infected! Talk about a scam.

This is why you don’t want to do a web search for “Windows antivirus” and start clicking on random links – many of them are poisoned results that lead you straight to the lookalike fakes.

Related Tech Tips articles: Is Your Security Software Real Or Rogue?How To Spot Bad Web Links

Rootkits And Remote Admin
Concerning rootkits – those backdoor programs that allow hackers remote control of your computer – I’d like to point out that these are not the same as the built-in remote admin tools on your computer. A rootkit, by its nature, is designed to be stealthy. Remote admin programs are supposed to be used to maintain computers for legitimate purposes (say, if you are performing tech support on machines in a remote office). But it can also be exploited just like a rootkit if a hacker convinces you to turn it on. Check out this article on telephone tech support scams for an example.

Related articles: Tech Support Phone Scams Hit HomeHow To Kill Computer Keyloggers

Drive Imagers
Fortunately, you can make it easier to recover your computer if you do have to reinstall it – by imaging the drive while it’s still clean. This, combined with regular backups of your everyday data, will let you restore your computer quickly.

Windows Drive Imagers

Mac Drive Imagers

Have you encountered keyloggers, ransomware, or rootkits? Share in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

Cyber Attacks Spell Trouble For Consumers

padlock-phoneDo you know what to do if your account is swept up in a cyber attack? In the last year many popular sites, including LinkedIn, Twitter, and Evernote, have been attacked and consumer information stolen. What can you do to protect yourself?

As I said in my tech column in this month’s The Northwest Herald:

Cybercriminals attack big companies for the big prize: user account information. With email addresses and passwords in hand, they go on an account-cracking spree across the Internet, hoping that some of the users in their massive heist are using the same weak passwords on multiple sites. Itʼs likely some of your accounts have already been swept up in data breaches like this.

There are a number of things you can do to reduce the possibility of being hacked. Here are my recommendations plus related Tech Tips articles to help you with each step.

If your account has been hacked, you need to reset it. Here is information on account security and resetting hijacked accounts for some of the major sites:

And here is information on the recent breaches I mentioned:

For the latest news on data breaches (something a little more reliable than mass media articles), try these IT security sites.

Do you have questions about cyber attacks and hijacked accounts? Ask in the comments!

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

Your Webcam Can Be Used Against You

webcamSmile! Your private life might be streaming live on the Internet!

Did you know hackers use viruses to commandeer the webcam on your computer, tablet, or smart phone? Makes you think about all the places you take these devices, and what they could be recording. In this month’s The Northwest Herald I talk about the dangers of unsecured webcams and microphones:

It’s not just your devices, but those of the people around you as well. Chances are, you’ve had a phone or tablet nearby during a private conversation with a lawyer, a doctor, a friend. What if someone else was watching and listening through that device?

Cameras can be hijacked in a number of ways. Cybercriminals can commandeer them with viruses, then extort you by demanding money for the deletion of potentially embarrassing photos and videos. Sometimes they have the nerve to imitate law enforcement, claiming that you have illegal content on your computer and will go to jail if you don’t pay their fee.

I’m fond of taping over the webcam unless you need to use it regularly – in which case a purse or pocket provides a lovely view of lint, should someone try to sneak a peek. That doesn’t help with microphones, of course, which is why it makes sense to store your mobile devices where they’re less likely to overhear private conversations.

I also strongly recommend to my fellow parents – get the computers and camera-equipped game consoles out of your kids’ bedrooms, NOW. There are some scary new statistics about the increase in predatory sexploitation which will make you want to take a hammer to every camera in the house.

Here are some articles about webcam security you might find interesting:

What are your concerns about webcam and microphone security? Share in the comments!

Image courtesy of renjith krishnan / FreeDigitalPhotos.net

 

Donation Scams Another Tool In Hacker Arsenal

When disasters strike, we want to help. But before you click to donate to charity, ask yourself – is it a scam?

Hackers use natural disasters like hurricanes, floods, and earthquakes to scam unsuspecting donors. In The Northwest Herald I talk about donation scams:

What’s behind these fake links? Many of them lead to phony lookalike sites that steal your donation and compromise your credit card number. Others silently install malware on your computer or steal your passwords for Facebook and email. Sometimes they do all of these things, a veritable smorgasbord of hacker delight.

As I said in the article, you should never click on links but instead type the address of the charity into your browser. The Red Cross, for example, is www.redcross.org.

A real charity will never ask for your password, your Social Security number, or other personal information. Most charities also don’t solicit via email unless you’ve specifically signed up for their list.

How can you tell if a charity is legit? Here are some places to start.

If you’ve already been scammed, here are resources that can help:

Do you have questions about donation scams? Ask in the comments! You can also subscribe free to Tech Tips by email for more computer news, security tips and social media advice.

 

Why Hackers Attack Your Computer – And What You Can Do About It

“Why would a hacker try to get into my computer? I don’t have anything they’d want!”

As an expert in small business and consumer security, this is the number-one question I’m asked. The answer? Money.

Earning Big Bucks The Hacker Way
Cybercrime is a multibillion-dollar business. Hackers can earn up to $100,000 per day with these scams. That kind of money certainly sounds tempting, doesn’t it? Poor economic conditions and high unemployment make hacking an attractive, if illegal, option both in the U.S. and abroad.

Installing viruses on your computer, stealing your password, hijacking your accounts – all these things bring in some seriously big bucks.

So how do hackers earn their ill-gotten gains? By taking advantage of you in two ways:

1. Commandeering your computer
Installing viruses on your computer allows criminals to control it. They can do everything from redirecting your web searches to capturing your passwords and credit card numbers. They may also install adware from which they get a kickback.

Why do they want to control your computer? Because it’s far more useful to command an army of ten thousand computers than it is to do their dirty work with one. It also creates layers of confusion between hackers and law enforcement.

Even better, they can sell access to their thousand-bot army to other scammers who might want to pull off fake pharmaceuticals, pay-per-click surveys, or 419 scams.

Plus, it gives them ammunition for…

2. Stealing your online identity
If you receive a message from Joe Neverheardofhim, you’re unlikely to click the link or attachment. But if you get a message from your best friend who says she’s stuck overseas and got mugged and desperately needs you to wire money, you might do it.

That’s a real-life scam, by the way. See the Snopes article here.

People are more likely to click on links from people they know. Hackers take advantage of that by breaking into legitimate accounts: email, Facebook, Twitter. If you see a weird message from a friend, hesitate before you click – they may have been hijacked.

Hijacking accounts feeds back into commandeering computers, which leads to hijacking accounts. It’s a perfect world for the hackers, in which their every action can have multiple lucrative rewards.

How To Protect Your Computer
The best way to prevent yourself from becoming a victim is to protect your computer. Here are some more Tech Tips to get you started:

Do you have questions about how to protect your computer from hackers? Ask in the comments! You can also subscribe free to Tech Tips by email for more computer news, security tips and social media advice!

Tools To Protect Your Smartphone From Malware

Do you run antivirus on your smartphone? This month in The Northwest Herald, I talk about the exponential increase in malware on smartphones and what you can do to protect yourself. From the article:

Yet if I were to ask if you run antivirus on your phone, you would probably say no. Nobody mentions malware when you buy a phone, they’re too busy extolling the fancy features. All those cool apps are fine until you realize some virus has been silently snooping on your activities.

Here are links to the latest options for mobile antivirus. The available options are changing all the time as new devices and systems are introduced. I’ve also included links to some of my previous Tech Tips articles which can help you secure your smartphone.

Tech Tips articles on smartphone security

 Mobile Antivirus Options

 Subscribe free to Tech Tips by email for more computer news, security tips and social media advice!

 

Ten Ways To Tell If Your Computer Is Infected With A Virus

Ever get that sinking feeling that something’s wrong with your computer? Here are ten ways to tell if your computer is infected with a virus.

Run a virus scan
A bit obvious, isn’t it? While you’re at it, make sure your antivirus program has been updated recently. If you haven’t bought a new version in a few years, now’s the time.

Run a second virus scan with a different program
Antivirus programs sometimes come up with different results. It’s a good idea to scan with a second program to pick up anything the first one left behind. However, you shouldn’t try to run two antivirus programs concurrently; they’ll conflict with each other. I like free programs Malwarebytes for PC and Sophos Antivirus for Mac.

Watch your computer’s behavior
Is it slower than usual, crashing, having a hard time redrawing the screen? These can all be signs that viruses are running in the background.

Monitor active programs
If a virus is running in the background, it may show up in the list of active programs. You can then click on it and End Task (Windows) or Force Quit (Mac). Bear in mind, though, most viruses will restart on reboot, and some will even regenerate on the spot no matter how many times you quit them.

  • Windows XP
    Ctrl-Alt-Delete, then click Task Manager
  • Windows Vista/7
    Ctrl-Shift-Esc
    or right-click the taskbar and click Start Task Manager
  • Mac OS X
    Option-Cmd-Escape (the Force Quit menu)
    or open a Terminal window and type ps -aef

Check your Web browser extensions
Browser extensions provide additional functionality on the Web. Some are terrific tools while others are sneaky little devils that serve you ads, slurp your data, and otherwise spy on you. Here’s how you can check your browser extensions.

Check your Sent folder
If your email is spewing spam, it may show up in your Sent Items folder. Viruses often commandeer email accounts to send spam.

Check your Facebook and Twitter
If there are all sorts of weird links on your Facebook wall that you didn’t post, your account may have been hijacked. And if that’s the case, it may have happened through a virus infection on your computer.

Start in Safe Mode
If your computer is so confused it won’t work properly, you can boot into Safe Mode which may allow you to diagnose the problem.

  • Windows XP, Vista, 7
    Hold down F8 at reboot (before the Windows logo)
  • Mac OS X
    Hold down Shift at reboot

Ask the Internet
Fortunately we don’t have to compute in a vacuum. If you think you’re infected with a particular virus, do a Web search on it. You’ll often find removal instructions and links to tools (just make sure those tools are legit and not themselves viruses in disguise).

Inspect your other computers
If one is infected, it’s likely the others are, too. You need to keep all your computers secure, even if they’re old or you don’t use them often.

Want more? Sign up for Tech Tips free by email and receive computer news straight to your inbox.

How To Delete Your Old Email Accounts

Did you know your old email account may be spewing spam and malware? In today’s The Northwest Herald I talk about the importance of deleting old accounts:

It happens all the time. You move to a new email address but leave the old one intact; you set up a Yahoo! or Gmail account but never get around to using it. We assume these accounts wait patiently for us. On the contrary, they cower, helpless, waiting for the first hacker who can figure out the passwords.

Unfortunately many people use weak passwords, especially for throwaway accounts. We’ve seen examples of this with a rash of recent security breaches at Yahoo!, LinkedIn, and eHarmony, among others.

These breaches reveal that many people use simple, plain-text phrases like “linkedin”, “mypassword”, and “123456″. People also use the same two or three passwords in rotation. What are the chances some old account of yours uses a password you’ve reused elsewhere?

Here are the additional resources I mentioned in the article. You might find these related Tech Tips articles helpful:

Here are links from some of the more common email providers about how to delete accounts. Note that these links may change without notice, and that account deletion policies vary by provider. Consult the individual site for more information. I’m providing the exact URLs so you can see where you’re going.

And, some social media ones:

Image: FreeDigitalPhotos.net