Triona's Tech Tips

The words “Mac” and “virus” in the same sentence? Yes, folks, Macs get viruses. In fact, Mac malware attacks are escalating to a level I haven’t seen in over a decade. Let’s talk about what you can do to protect yourself.

First, don’t assume that you can’t get a virus just because you have a Mac. All computers can get viruses, and threats like phishing scams and password harvesting affect everyone regardless of the type of computer they use. Pay attention to the advice Windows users receive on how to deal with viruses and Internet threats, because much of the same information applies to you.

Every Mac should be running antivirus software. My personal favorite is Intego VirusBarrier, but a good free alternative is ClamX AV. You also need to make sure your Mac has the latest software patches. Use Software Updates under the Apple menu, but don’t neglect to update your other software, especially Acrobat, Flash, and Microsoft Office.

Be aware that fake antivirus software has infiltrated the Mac universe just as it has the world of Windows. If your Mac displays a message saying that you are infected and need to buy some super-special software, assume it’s snakeoil. Run a bona fide tool like the ones mentioned above, and never, ever click on anything you are not certain is legitimate. When in doubt, use Force-Quit (option-command-escape) instead of the red X to quit.

The world of Internet threats is ever-evolving, so stay tuned to Tech Tips for the latest Mac security help.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews, plus notice of upcoming seminars and other events. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

I’ve gotten an increasing number of reports from people who either received messages similar to the following, or discovered that such messages had been sent from their email accounts:

Subject: Hello

Dear friend,

i would like to introduce a good company who trades mainly in electronic products, They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you!

The web address: (removed for safety)

If you check online you’ll find reports of this coming from users of Hotmail, Gmail and other email services. There are variations in the scam. Some may cite a different web site, or may have a different subject or message in the email.

If you receive a message like this, the important thing is NOT to click on any links because it will infect your computer with viruses. The same goes for messages you may receive via instant messaging (IM), Facebook, Twitter, or other means. Inform the person who sent it to you by another means (like the good old fashioned telephone) to let them know they have been hijacked.

How can you tell if a message is real or not? If it seems generic, contains no subject or a bland subject like “hi” or “hello,” doesn’t mention you by name, contains spelling, grammar or punctuation errors, or has been sent en masse to a large number of people, those are indications it may be a scam. Ask yourself: Is this the sort of message I would expect this person to send?

If your account has been hijacked, it’s vital to change your password immediately. Here’s some information on how to create strong passwords:

• Triona’s Tech Tips: How To Create Secure Passwords

And here is some more information on what to do if your email account is hijacked:

• Triona’s Tech Tips: What To Do If Your Email Account Is Hijacked

Be sure to scan your computer with your security software. If you’re using free software you should consider purchasing a security software suite. You should also check your email signature and any autoresponders you may have set, as they may have been modified to send malicious links to your contacts. Inform your contacts that your account was hacked and that they should not respond to any scam messages they have received. And you should report the incident to your provider.

These hacks are becoming more and more prevalent. It is absolutely vital that you protect yourself by using strong passwords that are unique for every account, and that you stay vigilant about your computer’s security.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Microsoft provides free antivirus by way of its Security Essentials program (MSE). But MSE is no substitute for a third-party security software suite.

MSE includes basic antivirus and antispyware tools plus a firewall. It was originally designed for consumer use in the USA and as a way to cut down on rampant virus problems overseas. As such, while it’s better than nothing, it doesn’t provide the features or functionality of a genuine security suite.

One of the problems with MSE is that too many fake security programs try to emulate it. Just because something looks vaguely Microsoft-y doesn’t necessarily mean it’s genuine. Also, Microsoft is primarily an operating system and productivity software company that does not specialize in security. They may have inadvertent blinders on when it comes to securing their own products, whereas the third party vendors may have more innovation in that area because they are thinking outside the Redmond box.

There is also the danger of homogeneity. When everything on your network uses the same software, you are more susceptible to viruses and malware that exploit the vulnerabilities of that software. In other words, if you live in an XYZ Brand world protected by XYZ Brand tools and along comes a virus that exploits XYZ Brand weaknesses, you’re a sitting duck. That’s true whether XYZ Brand is Microsoft, Apple, or anyone else. Diversifying affords you more protection.

Therefore, I’m sticking with my usual recommendations: AVG, Trend Micro, Avast, Kapersky, and many of the other great security programs out there.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

My article in today’s Northwest Herald talks about fake computer cleaning software scams. Like fake antivirus software, fake cleaning programs are scams trying to trick you into installing them on your computer. They show up in search engine results and are advertised via television, radio, and spam emails. You might even get a phone call urging you to purchase a fake software product. I encourage you to avoid any computer cleaning software unless you are positive it is legitimate.

My two favorite tools are CCleaner for Windows and Snow Leopard Cache Cleaner for Mac (which, despite the name, also works on previous versions of the Mac OS as well). I’m particularly fond of these programs because they work by giving you a convenient way to run the tools already built into your Windows or Mac computer. That makes them safe and reliable.

Of course, before you run any utility that might change your computer system, you should always make at least one backup (preferably two or three to different backup devices). These cleaning programs don’t run all the time like your antivirus software, but you can run them whenever you think your computer might be getting a little slow.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

I’ve seen a number of people lately whose Windows computers were infected with a particularly nasty fake antivirus scam called ThinkPoint. Please take precautions to protect yourself against this scam and others like it.

Fake antivirus software is the latest arrow in the cybercriminal’s quiver of scams. These rogue security programs mimic real antivirus programs but are actually viruses in and of themselves. They will do anything and everything to get you to buy them. I’ve written about them here, here, here and here.

What makes ThinkPoint so obnoxious is that it embeds itself by changing your Windows settings so that the ONLY thing that can run on your computer is ThinkPoint. It does this by making itself the shell, or the interface that lets you communicate with your computer’s operating system. In other words, it wraps itself around Windows like a giant eel and won’t let you in unless you buy it.  Of course, you’re not so much buying the software as paying a ransom (which is why such programs are sometimes called ransomware).

Thinkpoint spreads through a variety of means. To gain a toehold, it displays fake Microsoft Security Essentials alerts. Microsoft Security Essentials is a real program, but these alerts are generated by the ThinkPoint virus to trick you into letting it deeper into your computer.

ThinkPoint: Fake Microsoft Security Essentials window

From then on, ThinkPoint displays the following window whenever you try to start your computer.

ThinkPoint hijacking your Windows desktop

If you click the only available option, “Safe Startup,” the software will pretend to scan, pretend to find infections and then start pestering you to pay money to remove them. But the real infection is ThinkPoint itself, and any virus buddies it may invite along for the ride.

ThinkPoint pretends to scan and find viruses

There are ways to remove ThinkPoint, but it can be tricky, especially if there are other infections present on your computer. Malwarebytes is one of my favorite removal tools, but in this case you may have a hard time getting the computer to a point where you can run it. Your best protection against ThinkPoint and other fake security software is prevention. Use a reliable, bona fide security program, use secure passwords, and follow the advice I offered about what to do if your email account is hijacked.

If you’ve been infected by ThinkPoint or other viruses or malware (and are in my service area, Chicago’s north and west suburbs), I would be happy to help you remove them. You can contact me here

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

My column in today’s Northwest Herald talks about the recent uptick in hijacked email accounts. Hackers hijack your account in order to prey on your contacts by sending spam, malicious links, and outright requests for money in your name. And not just your email account… Facebook, LinkedIn, and other accounts can also be hijacked.

Here are some things you can do to protect yourself, not just from hijacked accounts but also from viruses, spyware and other Internet threats:

• Use strong passwords that are unique on every system, and change them every few months. Earlier this week I posted an article about how to create secure passwords. This is the number-one thing you can do to prevent your accounts from being hijacked.

• Use a high-quality security software suite. I used to recommend free solutions for Windows like AVG combined with Spybot or AdAware, but these days I’m finding the freebies aren’t enough to protect you. Norton and McAfee will do the job, but Norton in particular tends to take up a lot of memory which may make older machines run more slowly. I prefer AVG’s paid Internet Security Suite or Trend Micro’s Titanium Internet Security or Titanium Maximum Security. If you’re using free AVG, you can get a discount on the full AVG suite if you buy through the “upgrade from free version” option.

Whatever solution you choose, be sure it is a full suite—containing antivirus, anti-spyware, and firewall—and not just antivirus. And be sure it’s real software and not one of the many rogue security programs that are actually viruses in disguise.

Mac users, you need security software too. My personal favorite is Intego VirusBarrier or Internet Security Barrier. If you run Windows on your Mac through Apple’s Boot Camp or a program like VMWare or Parallels, try Intego’s Dual Protection options: VirusBarrier DP or Internet Security Barrier DP. These include BitDefender for Windows to protect the Windows half of your computer.

• Make sure ALL of the software on your computer is regularly updated. In one of my previous Northwest Herald columns, I talked about the dangers of old software. Here on my blog I’ve also talked specifically about the risks posed by old versions of Adobe (Acrobat) Reader and Flash.

• If you’re on Windows, use a browser other than Internet Explorer. Using Firefox or Opera instead of Internet Explorer offers you that much more protection. If you must use Internet Explorer, find out why older versions of Internet Explorer pose a greater risk of virus infection.

• Watch out for poisoned search engine results and learn how to spot bad web links.

• Never click on links or open attachments in email. Always visit the site directly. For example, if you get an email saying you have a new Facebook message, go directly to facebook.com from your Web browser instead of clicking the link in the email.

• Learn about social engineering and how hackers will do anything and everything to trick you into letting them in.

• And, finally, subscribe to the free email version of Triona’s Tech Tips for easy-to-understand tips you can use to protect yourself from the latest Internet threats. You can click this link or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe.”

Many people say to me, “I don’t need a secure password. I don’t have anything sensitive on my computer, so I don’t care if a hacker gets in.” You, my friends, are a hacker’s dream. Because it’s not necessarily your personal information they want, although they’ll happily steal your credit card info if they can. No, what they really want is control of your computer, your email address, your Facebook page… anything and everything that will let them do their dirty work from behind a smokescreen.

Let me teach you how to be a hacker’s worst nightmare by using strong passwords that are:

• At least 6-12 characters in length
• A mix of upper- and lowercase letters, numbers, and symbols if allowed
• Not common words or proper nouns found in a dictionary
• Not in use on any other system
• Changed regularly (at least once every few months)

The most common password mistakes I see are:

• Using no password at all (e.g. hitting Enter)
• Using common passwords like “password,” “123456,” spouse’s name, or pet’s name
• Using a common dictionary word with an exclamation point at the end
• Using the same password for everything
• Rotating through the same two or three passwords for everything
• Sharing passwords with others
• Sending passwords via email
• Sticking passwords on Post-It notes on monitors or under keyboards

Why not take this opportunity to change your passwords? It’s the best thing you can do to protect yourself against identity theft and cybercrime.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

The mainstream media is swooning over the recently discovered “Here You Have” virus, which spreads via malicious links in email messages. The virus, also called Imsolk, has infected some high-profile companies including Disney, Proctor & Gamble and Wells Fargo, according to reports.

It’s typical that the viruses that get the most attention are those that happen to infect big-name organizations. (Note that ABC News reports that ABC/Disney itself was infected by the virus.) In this case, the virus itself is not that scary. Sure, it’ll infect your computer, disable your security protections, spread through removable drives and network shares, and send itself to everyone in your contacts list. But a lot of viruses do that. And yes, it’ll overwhelm your network if you allow it to run rampant, which is what appears to have happened at some of these large companies. But, the thing about Here You Have is that it’s avoidable if you follow some simple precautions:

• Never click on email links.
• Run a good-quality security suite that includes antivirus and anti-spyware protections. The major security programs have already been updated with protections against Here You Have.

And, if you’re in a corporate setting:

• Filter spam at your network perimeter.
• Block unnecessary attachment types, like the .SCR file type used by Here You Have.

Want to know the viruses that scare me? The ones no one hears about because they are too sneaky. The ones that work silently, slipping into your computer without any interaction from you. The ones that can’t be removed with standard security tools. The ones that secretly record your keystrokes and quietly commandeer your computer. The ones that only infect a few computers at a time so as not to be detected.

That’s not to say you shouldn’t be wary of Here You Have, especially since it appears new variants of the virus are arising. But remember, the viruses that do the most damage don’t always make the headlines.

If you get a phone call saying you have a virus on your computer, hang up.

As reported by researcher Orla Cox on Symantec’s blog, the sellers of fake antivirus and security software have gone old-school and are now phoning victims to peddle their snakeoil. Cox posed as a computer novice to investigate:

Once I was connected to one of their agents I explained my problem to them. My computer was running really slowly and crashing a lot. The agent, “Brian”, proceeded to tell me that I was the victim of a virus that had entered my computer over the Internet. He walked me through opening up the Event Viewer and asked if I saw any errors or warnings in there.

[Note from Triona: That's because Event Viewer's purpose is to log what Windows is doing. These errors and warnings are part of normal operations and don't necessarily correspond to problems.]

Cox continues:

Naturally, I did. Brian then told me that these were indications of a virus infection. Was it serious, I asked? Brian said yes. Sounds ominous. Thankfully there was help at hand though… To clean up the computer, and also to avail of their software maintenance service, I could pay a yearly subscription fee of 129 euro. I could also pay 250 euro for a two year subscription. Brian was pushing hard for me to go for the two year option but in the end we agreed to go for just a one year subscription.

Cox was then urged to send an email with name, address, phone number, email address… and credit card details. If your red flags haven’t already been raised, that should send them to the top of the pole. No legitimate company would ever ask you to email your credit card details, that’s like a burglar asking you to stick your keys under the doormat.

Why are the miscreants behind rogue security software resorting to this tactic? Remember, it’s all about social engineering: the art of getting you to breach your own protections. Real security programs have become so good that the best way to commit cybercrime is to trick you, the person at the keyboard. Just as no security in the world can protect your house if you unlock the door, no security software can protect your computer if you can be tricked into bypassing it. That’s why these scams are called scareware — because they try to scare you into falling for their tricks.

Don’t be a victim of scareware scams. When in doubt, hang up on that fake call, ignore those phony “antivirus” warnings and pay no attention to spam emails. If you think you may have a virus use a real program like AVG’s free antivirus, Malwarebytes’ malware scanner and Trend Micro’s online House Call scanner to determine if you’re infected.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.