Triona's Tech Tips

If you get a phone call saying you have a virus on your computer, hang up.

As reported by researcher Orla Cox on Symantec’s blog, the sellers of fake antivirus and security software have gone old-school and are now phoning victims to peddle their snakeoil. Cox posed as a computer novice to investigate:

Once I was connected to one of their agents I explained my problem to them. My computer was running really slowly and crashing a lot. The agent, “Brian”, proceeded to tell me that I was the victim of a virus that had entered my computer over the Internet. He walked me through opening up the Event Viewer and asked if I saw any errors or warnings in there.

[Note from Triona: That's because Event Viewer's purpose is to log what Windows is doing. These errors and warnings are part of normal operations and don't necessarily correspond to problems.]

Cox continues:

Naturally, I did. Brian then told me that these were indications of a virus infection. Was it serious, I asked? Brian said yes. Sounds ominous. Thankfully there was help at hand though… To clean up the computer, and also to avail of their software maintenance service, I could pay a yearly subscription fee of 129 euro. I could also pay 250 euro for a two year subscription. Brian was pushing hard for me to go for the two year option but in the end we agreed to go for just a one year subscription.

Cox was then urged to send an email with name, address, phone number, email address… and credit card details. If your red flags haven’t already been raised, that should send them to the top of the pole. No legitimate company would ever ask you to email your credit card details, that’s like a burglar asking you to stick your keys under the doormat.

Why are the miscreants behind rogue security software resorting to this tactic? Remember, it’s all about social engineering: the art of getting you to breach your own protections. Real security programs have become so good that the best way to commit cybercrime is to trick you, the person at the keyboard. Just as no security in the world can protect your house if you unlock the door, no security software can protect your computer if you can be tricked into bypassing it. That’s why these scams are called scareware — because they try to scare you into falling for their tricks.

Don’t be a victim of scareware scams. When in doubt, hang up on that fake call, ignore those phony “antivirus” warnings and pay no attention to spam emails. If you think you may have a virus use a real program like AVG’s free antivirus, Malwarebytes’ malware scanner and Trend Micro’s online House Call scanner to determine if you’re infected.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Facebook has introduced a FourSquare-like feature that allows you to share your immediate physical location with your friends. Unfortunately, it defaults into sharing this information whether you want it to or not.

This feature has sparked a new round of debates over Facebook privacy, with the ACLU of Northern California issuing a statement saying, “In the world of Facebook Places, ‘no’ is unfortunately not an option.”

Facebook Places allows you to share your location with the click of a button, which works particularly well with smart phones and other mobile devices. However, even if you don’t post a location yourself, a friend could still tag you with location information which would then be visible to others. Unless you intend to use Facebook Places, I encourage you to disable it. Facebook says they have made it easy to do so, but the process seems non-intuitive.

• First, go to Account, then Privacy Settings in the upper right hand corner. Click the “Customize Settings” link. Under “Things I Share,” change “Places I check in” to “Only me” and uncheck the Enable box for “Include me in ‘People Here Now’ after I check in.” Under “Things Others Share,” change “Friends can check me in to Places” to Disabled.

• Go to Account, Privacy Settings and click “Edit my settings” under “Applications and Web sites” at the bottom of the screen. Next to “Info accessible through your friends,” click “edit settings” and uncheck “Places I’ve Visited.”

I also suggest that you do not set your account permissions to Everyone, as it leaves your information wide open. In the computer security world we advise that security settings always default to maximum rather than minimum, a policy I wish Facebook would follow.

You’ll have to take your Facebook security into your own hands by routinely reviewing your Privacy Settings, because they may change as Facebook introduces new features or upgrades old ones. And remember, privacy on the Internet is a meaningless term. Expect that anything you post on Facebook or elsewhere can be revealed, and don’t say anything that you don’t want to be public knowledge.

It may be hard to believe, but some of the best software is free. Try out these fabulous freebies:

1) AVG Antivirus (Windows)
AVG offers some of the best security suites on the market, and they make the antivirus component free for personal use. If you’re looking for greater protection, try the paid AVG Internet Suite which also includes anti-spyware and a firewall.

2) Malwarebytes (Windows)
I use Malwarebytes to rid computers of the worst spyware infections. It doesn’t offer continual protection (you’ll need a security suite for that) but it can help get rid of anything that may sneak through.

3) CutePDF Writer (Windows)
Need to create a PDF file? Try this quick, free program. (Mac users, use the built-in Print to PDF option under the File menu.)

4) Mozilla Thunderbird (Windows and Mac)
A free email program that rivals Outlook and spotlights Outlook Mac equivalent Entourage’s shortcomings.

5) OpenOffice (Windows) and NeoOffice (Mac)
Why pay for Microsoft Office when you can get the same functionality for free? OpenOffice and NeoOffice can open and save Word, Excel and PowerPoint documents with ease.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

We’ve got another off-schedule emergency update, this one for Adobe Reader and Acrobat. It applies to both Windows and Mac users and will be released sometime next week. I encourage you to check for updates (under the Help menu) and make sure you install this one when it comes out. You can read Adobe’s advisory here.

The new update will take version 9 users to version 9.3.3 and version 8 users to 8.2.3. However, if you’re still on version 8, I recommend you move to version 9. And if you’re on a previous version (like the omnipresent Acrobat Reader 7), you definitely want to move to version 9. Acrobat 7 was the standard for a long time but is now obsolete and can be used as a entry point for viruses.

In case you’re wondering, the difference between Adobe Reader and Acrobat is that the former allows you to read PDF files while the latter also lets you create them. Adobe Reader used to be known as Acrobat Reader and is still referred to as plain ol’ Acrobat. So, yes, these updates apply to you regardless of whether you have the full version of Acrobat or just plain Reader.

You can also visit this web site to find the latest versions of all your Adobe products.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Today Microsoft released an off-schedule update to fix a bug in Windows that could allow your machine to be infected simply by browsing a list of files with Windows Explorer. This emergency update applies to Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. You can read the Microsoft security bulletin here.

Microsoft’s normal monthly updates arrive the second Tuesday of the month, otherwise known as Patch Tuesday. Off-schedule updates are typically only released in cases like this, where vulnerabilities are being actively exploited by viruses and malware. One particular virus is especially virulent. A variant of the Sality virus, it disables your security software and downloads more malware onto your computer.

If you have Automatic Updates enabled you’ll eventually get this update, but to make sure you are protected as quickly as possible visit update.microsoft.com and make sure you install update MS10-046 (aka 2286198).

The battle for your computer has stepped up a notch, as fake security software now offers real tech support. Talk about twisted!

As I’ve written before, rogue security software pretends to be real antivirus and anti-malware software in order to commandeer your computer. It disables your bona fide protections and claims that you must purchase their super-duper software to save you from invented infections. Now, they’ve added a “support” option as further bait. After all, if the software offers you tech support by live chat and email, it must be legitimate, right? And so much money is being made on this fake software that they can actually afford to hire real people to provide said tech support! It’s a whole new take on social engineering, the unethical art of doing anything and everything to manipulate you.

Remember, rogue security software will not protect you; it will leave you vulnerable. Your best protection is to stick with security programs from known vendors. Norton, McAfee, AVG, Trend Micro, and avast! are all real companies with real products. Although I’m still not enamored of Norton and McAfee (see why), you’re certainly better off with them than a rogue. Become familiar with what your regular antivirus program looks like. If you sit down at your computer one day and see something different, be very suspicious. Also, be careful if you do a web search for antivirus software, because many of the “sponsored links” lead you to fake programs. Once fake security software is on your computer, it’s extremely difficult to remove. And don’t fall for the trick “uninstaller,” which leaves remnants of the rogue to regenerate itself.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

If you get an email from Facebook saying there is a message for you, do NOT click on the link. Visit Facebook’s site directly instead to respond to any and all messages.

Like the Facebook update scam I dissected for you a few months ago, this latest scam tries to trick you into clicking a potentially malicious link by mimicking a legitimate Facebook message. Take a look at this screenshot and compare it to the Facebook update scam. You’ll see similarities, including the use of Facebook formatting and logo as well as a legitimate-looking link. However, the link actually redirects you to a malicious site. The site on this particular message has already been blocked as being harmful; it probably belongs to some innocent victim whose web site was hacked to deliver viruses or harvest passwords a la the Twitter DM worm. But there are plenty of other phony sites out there that may not have been blocked.

In my case I was alerted to the scam because I’d never heard of the people from whom the messages were purportedly sent, but that’s not a foolproof way to tell if a message is fake or not. Facebook accounts can be hacked, and false messages sent. This grants the fake messages an undeserved level of trust because they come from someone you know–and that’s the point. Cybercriminals know people are unlikely to click on unsolicited links and far more likely to click on something sent by someone they know. The best way, as I said, is to distrust all email links no matter who they’re from. You are far safer visiting the Facebook site directly and checking your messages from there.

We’ve talked before about Facebook privacy, or lack thereof. Facebook is facing such public scrutiny over privacy, it’s hard to keep up with the number of changes they’ve made. They’ve expounded upon their improvements to news media and set up a page dedicated to privacy. But given the popularity of social networking sites and the multitude of ways they can be exploited to trick unwary users, I expect privacy will remain an issue for some time to come.

Many people believe the illusion of privacy offered by social networking sites. They think they are conversing in a private setting, when in reality that information can easily end up on search engines and other public places. Google and other search engines routinely index data from Facebook and other social networking sites, and data can slip through even if your privacy settings are set to maximum.

Security also remains a concern for Facebook users. Clickjacking–tricking users into clicking links–has become so prevalent on Facebook it’s earned its own term: “likejacking.” A recent worm using link-bait such as “The Prom Dress That Got This Girl Suspended From School” has infected hundreds of thousands of Facebook users. Clicking the link marks it as “like” to your Facebook friends, giving it unwarranted credibility and helping to spread the worm. Worms like this may also attempt to gain control of your Facebook page or use malicious code to introduce viruses into your computer. Other scams use recent events like the World Cup to entice you into clicking links that purportedly go to video clips. You are then prompted to download software to view the videos, but the downloads are viruses. All those links that claim you will get X number of goodies for Farmville or other games are mostly scams. Criminals may even try to “friend” you from phony accounts so they can target you for burglaries and other crimes.

In other words, social networking sites are about as secure as sieves. What’s a Facebook user to do? My advice is to remember that anything you say on the Internet is public, regardless of your privacy settings. Don’t post information about your children, your vacation plans, or other information than could be used against you. Be wary when clicking on links, and make sure you have a good security suite that is continually updated. And, as always, stay tuned to Tech Tips for the latest computer news.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Computer infections go by many names: viruses, Trojan horses, malware. But there is a particular class of infections that is not only malicious but nearly invisible in nature.

Keyloggers are virus-like programs that capture everything you type on your computer. Because they sit between your applications and the software than drives your keyboard, they are difficult to detect and harder to remove. They are often invited by viruses that have already infected your computer. There are even hardware keyloggers that can be secretly installed between the keyboard cable and your computer.

Keyloggers are seen in conjunction with rootkits, software designed to capture control of your computer. Anti-rootkit tools can help keep keyloggers at bay. Although these tools are not yet part of standard security suites, in the future I anticipate we’ll see more commercial protections against keyloggers and rootkits.

In the meantime, how do you protect yourself? The usual recommendations apply: run a strong security program, avoid clicking on links, and make sure all of your software is up to date. It’s far easier to avoid keyloggers and rootkits than it is to remove them.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Did you know you can expand your web browser’s functionality? Extensions (also called add-ons or plug-ins) are little programs that run within Internet Explorer, Firefox, Safari, and other web browsers. While extensions offer increased options, they also pose security risks.

Some extensions are probably familiar to you. One of the most popular, Flash, lets you see video content on the Web. Flash also illustrates the risks of extensions. Viruses can enter your computer through malicious Flash content, especially if you’re running an older version of the extension. Most people don’t realize that browser extensions, like all software, need to be updated.

To solve that problem, several months ago Mozilla introduced a check for Firefox to help users find and update their extensions. Mozilla is now offering this free service for other browsers. To maximize your computer security, become familiar with the extensions you’re running. The easiest way to do that is to visit Mozilla’s extensions check page, but you can also find them under Tools>Manage Add-Ons (Internet Explorer), Tools>Add-Ons (Firefox), and Help>Installed Plug-Ins (Safari).

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.