Ignore That Email: Nobody is Spying On You

by

We posted this on Facebook a few weeks ago, but it’s worth mentioning here again.  An email has been going around the past few months. It takes some different forms but generally follows the same pattern:

  1.  Someone “hacked” you and has your password
  2. They’ve been monitoring you
  3. They’ll send your information to all your contacts
  4. To prevent this send them bitcoin

I even got that email.  I gotta say when you see your password in an email right there it’s scary.

All Mailboxes Found 18 matches for search 2018 11 18 14 46 36

All Mailboxes Found 18 matches for search 2018 11 18 14 47 21

“Subject:  dave@calldrdave.com has password (my password). Password must be changed

Hello!

I’m a programmer who cracked your email account and device about half year ago.

You entered a password on one of the insecure site you visited, and I catched it.

Your password from dave@calldrdave.com on moment of crack: (my password)

Of course you can will change your password, or already made it.”

As well as

“Subject:  dave – (my password)

It seems that, (mypassword), is your password. You may not know me and you are probably wondering why you are getting this e-mail, right?

actually, I setup a malware on the adult vids (porno) web-site and guess what, you visited this site to have fun (you know what I mean). While you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) having a keylogger which gave me accessibility to your screen and web cam. after that, my software program obtained all of your contacts from your Messenger, FB, as well as email.

How Did They Get Your Password?

It seems like every day I listen to the news, I hear about another hack. From Applebee’s to Yahoo, there’s a company for every letter of the alphabet that’s been breached. A hacker stole your password from one of these companies.  If you use your password more than one place, that’s how they got it.

Fortunately, I use a password manager called 1Password.  Although I avoid reusing passwords for important stuff, I’ll be lazy and do it for some websites.  In my case, I could trace it to Angie’s List.  I had to sign up for my business and I didn’t’ think I’d use it much.  That’s why I used a throw-away password.

What Can You Do to Prevent This?

You can’t prevent someone from hacking another system.  I mean when Equifax gets hacked, that just shows you how vulnerable we all are.  The best you can do is mitigate the damage.

Stop Reusing Passwords

I get it. Passwords are hard to keep track off.  As I said, I use 1Password.  We can help you set that up.  We also have a more manual option:  A password book.  We sell these for $7.50, although you can get one free by joining our Wellness Program.  That lets you use a unique password and keep track of them.

Get a Reliable Antivirus

If you’re on a Mac, you probably don’t have an antivirus.  If you’re on a PC you might be using the free one that comes with Windows.

We used to take the approach good enough is, well, good enough. If you haven’t had any problems with your computer, stick with what you got.  With so many threats out there, we’re finding basic protection isn’t enough.  A professional paid antivirus provides not just added security but peace of mind.  We recommend Malwarebytes.  Fortunately, we’re able to sell it at a discount.  Normally it’s $40, but we can sell it for $35 to existing clients.

When you get an email like this, just run a scan to get that peace of mind.

Don’t Pay Scammers/Let Them Keep the Money

We deal with tech support scams all the time.  Some clients are so embarrassed they decide to let the criminals keep the money. These criminals then use the money to attack other victims.  If we cut off the stream of money and don’t make this profitable, they’ll stop doing it.  Okay maybe not stop, but at least make them work harder!

As a reminder, clients who are part of our wellness program get unlimited phone and email support for questions like these.  When they get any suspicious emails, they just call us rather than give money to a scammer.

Full text of the emails:

“It seems that, (my password), is your password. You may not know me and you are probably wondering why you are getting this e-mail, right?

actually, I setup a malware on the adult vids (porno) web-site and guess what, you visited this site to have fun (you know what I mean). While you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) having a keylogger which gave me accessibility to your screen and web cam. after that, my software program obtained all of your contacts from your Messenger, FB, as well as email.

What did I do?

I backuped phone. All photo, video and contacts.

I created a double-screen video. 1st part shows the video you were watching (you’ve got a good taste haha . . .), and 2nd part shows the recording of your web cam.

Exactly what should you do?

Well, in my opinion, $500 is a fair price for our little secret. You’ll make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).

BTC Address:

(It is cAsE sensitive, so  copy and paste it)

Important:

You have one day in order to make a payment. (I’ve a unique pixel in this e mail, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will certainly send out your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I receive the payment – I’ll destroy the video immediately. If you need evidence, reply with “Yes!” and I will certainly send out your video recording to your 6 contacts. It is a non-negotiable offer, that being said don’t waste my personal time and yours by responding to this message.”

And

“Hello!

I’m a programmer who cracked your email account and device about half year ago.

You entered a password on one of the insecure site you visited, and I catched it.

Your password from dave@calldrdave.com on moment of crack: (mypassword)

Of course you can will change your password, or already made it.

But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.

I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.

Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.

But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!

I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)

I made screenshot with using my program from your camera of yours device.

After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?

BUT I’m sure you don’t want it. I definitely would not want to …

I will not do this if you pay me a little amount.

I think $855 is a nice price for it!

I accept only Bitcoins.

My BTC wallet:

If you have difficulty with this – Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.

After receiving the above amount, all your data will be immediately removed automatically.

My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.

If this does not happen – all your contacts will get crazy shots with your dirty life!

And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!

Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:

Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.

Bye.

Interesting Idea for an Old Computer

by

A Computer TreeWhen you get a new computer, you might wonder what to do with the old one, especially if it works.  We work with Connecting For Good in Kansas City to help refurbish and distribute these computers to needy families.  However, there are some other uses.

My colleagues at Lifehacker had some interesting ideas.  The one I like best is the “guest computer.”  When people come over and need to just check email or print a boarding pass, why not have them use that spare computer.  After all, hotels have those kinda resources.  Just be sure to use it every so often to check to make sure it works and gets security updates.

When it’s finally ready to go out to pasture, don’t just throw it in the trash. Give us a call.  Even if it doesn’t work, we can still get it ethically and responsibly recycled.  We’ll make sure your private data is erased and the computer ends up in good hands.

Photo by mikecogh

Has Your Password Been Stolen?

by

Authenticity required passwordWith all the recent and continuing breaches, one thing we learned is you can’t rely on a company to tell you.  Breaches are reported months and sometimes years later.

If you’d like to check if yours was stolen, the website “Have I been pwned” helps.  All you do is put in your username or email address (no passwords!)  It then tells you what hacks you’ve been a victim of.  I was only the victim of seven on one email address.  I consider that lucky.

Fortunately, I use a password manager.  All those passwords on those sites were unique, so I was safe.  We help clients all the time setup password managers.  It’s easy and saves you time and hassle.  All you do is remember the password to your password manager and it takes care of everything else.

Photo by liako

Which is More Secure? Your Phone or Laptop

by

Action Link Wireless

With many people having both a smartphone and laptop synced, you’d think people would secure them equally.  In reality, it seems people are more worried about their phone rather than their laptop (or desktop).  That’s a big mistake.

This article has some interesting facts!  The ones that stood out to me are related to leaving the laptop unattended.  I see this in coffeeshops all the time. Someone will take their phone in the restroom with them or up to the counter, but otherwise just leave their laptop there.  It also makes sense it’s easier to carry a phone in your pocket compared to a laptop.

Nonetheless, both devices should be protected equally.  That includes proper password, encryption, and other security methods.  This is a much bigger deal if you’re bound by professional codes of conduct like HIPAA, FINRA, or PCI.  We’re here to help with that and have lots of clients in these situations.

Photo by Kevin Johnston

Use Chrome? Don’t Settle for a Boring Chrome Start Page!

by

pasted image 0

Many clients use Google’s Chrome browser on a PC and a Mac.  It’s fast and reliable, but it’s also highly customizable.

This blog post gives you some easy ideas of how to change your start page.  My favorite though is New Tab Motivation by The Mindful Tech Labs.  They also make chatbots for Facebook, so there’s no excuse not to be motivated.

Let me know in the comments what your favorite start page is.

Have a Landline; You’re in the Minority!

by

Image from page 206 of Bell telephone magazine 1922

Back in 2016, we crossed a major threshold in technology.  A majority of US Households use mobile phones and don’t have landlines. It makes sense as mobile phones become a necessity.  Why use a phone that ties you to one location?

If you still have a landline, there’s probably a few reasons.  First, you might be concerned about your phone number.  Everyone has it, so if you got rid of it, you’d lose contact with people. That was my first worry too.  Fortunately, mobile providers make it easy to “port” a number.  I walked into my AT&T store and five minutes later my landline was now a mobile phone.  It’s a ton cheaper than my landline.  Best of all, all the calls get forwarded to my mobile phone, so I can get calls from both numbers.  Yeah.

Another reason might be faxing.  No worries here.  Online faxing is often free through websites or even iPhone and Android apps.  It’s still way cheaper than your landline.  Newer multifunction printer/scanners support internet faxing as well.

Finally, it’s about the comfort level.  People perceive landlines as more reliable.  Back in the day, they were.  Now, most voice calls travel on internet lines anyways.  All the outages we’ve had with Midco in Lawrence is because of that.  We see the same issues with AT&T customers.  When the internet goes out the phones go out, and vice versa.  The two are linked together.

If you need help making the switch, give us a call. We’ve helped lots of clients with it.

Photo by Internet Archive Book Images

Police Using Fitbit Data Against You?

by

Fitbit ForceI’m not talking the fat police either.  I’m talking about someone going to jail based on what a fitness tracker told police.

The details are explained here . It should give everyone pause for concern.  The obvious thing is “don’t do anything wrong,” but the problems go deeper than that.  For example, given that people know how these trackers are used, what could stop someone from switching yours out and framing you.  I know I’ve accidentally picked up my spouse’s tracker before.  The Supreme Court is already grappling with issues of cell phone towers and privacy.  Their decision might impact cases like this as well.

Photo by Bekathwia

Biggest Online Security Threat is You

by

Security Stock 11081We can put the best antivirus on your computer (Malwarebytes), but ultimately they’re ineffective you work around them. It’s not just phishing attempts. There’s a whole bunch of reasons humans mess everything up.

Phishing is Getting More Sophisticated

Most of us know not to click that link pretending to be from Amazon or our local bank.  Phishing emails used to have telltale signs like broken English and generic greetings like “Dear Customer.”  Scammers have upped their game.

Last summer a massive attack used Google’s document sharing system to trick users into clicking a link.  I consider myself pretty sophisticated but I fell for it on one of my accounts.  I do product reviews and just assumed it was a press release.  I often get those through Google Docs.

The Wall Street Journal (paid article) explains the seven deadly sins of why we click that link:

  • Confidence: ‘Trust us, this is normal.’
  • Greed: ‘Get your cheap pills here!’
  • Urgency: ‘The boss says hurry up and click.’
  • Fear: ‘Your PC is infected! Click to fix’.
  • Shame: ‘Click here to see what everybody is saying about you.’
  • Lust: ‘Psst! Check out these nude celebs.’
  • Sloth: ‘Didn’t update your OS? Thanks!’”

That article talks about how major companies and politicians got snared by one of these sins. All you need is one person to make a mistake to infect a whole company

Two-Factor Authentication (2FA) isn’t Enough

We love 2FA.  That’s the system that texts you when an unknown login attempt happens and let you approve it.  Hackers use the above sings to get you to disable it.

Mashable reports on an NSA analysis of how people get tricked into turning off their protection.  All you really need is to take the typical phishing a bit further.  I know every time my system does updates my bank thinks I’m on a new system because the browser is updated.  I go ahead and put in my special code to gain access.  I could easily be tricked into giving up my second factor.

We’re Not Dumb, But Scammers are Smart

Although I’ve come close, I’ve never gotten taken in by one of these scams.  I’d chalk that up to luck rather than skill.

A few stories I read made me feel slightly better that I’m not dumb.  One refers to a New York Supreme Court Judge taken for over one million dollars. Southern Oregon University was taken for $1.9 million.

You’d think Google and Facebook are smart enough to avoid getting taken.  Nope. Both were victims of a scam that raked in $100 million.  With the combined power of these two companies and their sophisticated systems, I feel kinda helpless against it.

Cisco, a computer networking company, tried to train employees not to click links in a unique way.  It sent them phishing emails to see who would click. Sneaky, but it worked

It Doesn’t Need to Be Email

We’re all protective of our emails, but sometimes the threats come in the old-fashioned way.  This link explains how someone from Starbucks was tricked into sending money.  Scams like this rely on the seven sins mentioned earlier.  Security has to be on everyone’s mind and not just focused on how the threats come in.

How to Prevent It

The obvious first line of defense is computer security.  We can help with that. Not just antivirus, but making sure you’ve got the latest security patches.  Beyond that, you have to be extremely skeptical.  This article sums it up best:

“There’s often a misconception that everyone needs to be a security expert — but that’s not the case. Security is not everyone’s day job, but ultimately, often all users need to have a mentality of caution — they have to be mindful of what they’re doing, and be aware that their actions on corporate equipment, and can be far-reaching.”

When in doubt, don’t click the link.  Pick up the phone and call someone directly!

Photo by Hivint

Keyloggers and What You Need to Know

by

keyloggers

Last year, Lawrence was hit with it’s first reported keylogger attack at KU.  It’s a problem sweeping the country.  The problem in Lawrence is mild compared to some schools.

For example, one student changes his grades 90 times in a 21-month period along with five of his friends.  That article explains why schools are a target.

“Keyloggers are cheap, they’re easy, and the targets – schools and universities – too often have paltry budgets for equipment, software and skilled administrators.”

While I’m sure KU has upped their security since then, it just takes one mistake for a hacker to install a keylogger.  Free State and Lawrence High School should be on alert as students applying to colleges might try to do this.

With all these attacks, the patterns are the same

  1.  Someone uses a public computer to enter in grades or
  2. They fail to notice something attached to their computer

If you’re responsible for entering in people’s grades, do it on your own private computer.  If you see something unusual connected to the computer, don’t put in your password.  Instead call your IT department.  If you can’t call them, call us!

Photo by Robbert van der Steeg

This Windows Tool Could Put Us Out of a Job?

by

security 2

With a recent Windows 10 Update, Microsoft included a pretty cool tool to fix (or at least warn you) of problems with your PC.  I jest about putting us out of a job.  We’ll still be fixing PCs and Macs, but this tool makes our job easier.

It’s the Microsoft “Device Performance and Health Report”.  This video explains how it works.  It lets you know of any potential problems and even suggests some fixes.  Of course, if the problems still persists, or you just need help fixing some of the problems, give us a call, send us a text, or write us an email.  We’re here to help with your PC problems.

FOLLOW US

Testimonials

  • Matt was on time, fixed the problem, explained what he had done, asked questions about my use of the computer, and treated me respectfully even though I know so little about computers. Read More
    Janet
    Via Get Five Stars
  • Perfect, could not have been better, will call again. Read More
    Dave Evans
    via Get Five Stars
  • Our computer was getting old and giving us a lot of trouble. Dr.Dave helped us purchase a new computer directly from Dell which saved us quite a bit of money. When the new computer arrived, he installed it and added the necessary security all at a very reasonable price Read More
    Geneva Tucker
    via Google Reviews
  • Dr. Dave is always prompt, knowledgeable, and very helpful. He knows his stuff, and is a very pleasant person to talk to about your computer needs. He's fantastic! I especially recommend him for Apple/Mac owners. Read More
    Karen Roberts
    via Google Reviews
  • Very smart guys; high level of quality; efficient service. Read More
    Ron Guerin
    via Google Reviews
  • Dave and Co. are great. They have rapidly solved every problem we've presented to them, show up right on time, and are pleasant and professional. I trust them completely Read More
    Charles Higginson
    via Google Reviews
  • very dedicated to help you with computer problems, questions, or personal challenges with technology. Efficient, effective, and experienced technician. Read More
    Mary
    Get Five Stars
  • Is always very helpful. Read More
    Dan
    Get Five Stars
  • Was prompt. Listened to my questions. Solved the problems. Thanks Read More
    Sue
    Get Five Stars
  • Absolutely Outstanding. Competent and Caring. Thanks a Million. Read More
    Bernie
    Get Five Stars