George a tech

01/22/2019

Last week I had another client whose email account was compromised. The hackers used her account to create sub-accounts. With access to her email, they could see who she did business with and try the email address with the discovered password to try to gain access to those accounts. Since she used the same password, they were able to access her other accounts at merchants and make purchases.

My client was alerted by a merchant about the fraudulent activity and she noticed the sub-accounts in her email. She brought me in to deal with the aftermath. I changed about 10 account passwords and deleted the email sub-accounts. She may have more fraud to deal with but we handled the big accounts.

Use strong passwords and do not reuse them on various sites with whom you do business! Using a password manager is recommended so that you can create and use strong passwords.

One of the largest breaches called "Collection #1" was discovered on January 7, 2019. Is contains 772,904,991 unique email address/password combinations.

If you would like to see if your email address and password have been exposed visit: https://haveibeenpwned.com.
Don't worry. It may look scary but it is absolutely legitimate, created by web security expert, Troy Hunt.

If your email address/addresses have been exposed, change your password immediately, make it very complex, don't reuse your password on other sites, and be sure to provide your cell phone number so that you can be verified.

Have I Been Pwned allows you to search across multiple data breaches to see if your email address has been compromised.

11/26/2018

This past week one of my clients had her email account hacked. By that I mean that her password was changed. With access to her email, they could see what accounts she uses, e.g. Amazon, eBay, iTunes, etc., and they changed the passwords to those accounts also.

We were able to change her passwords for everything except Amazon. The hacker was "returning product" my client had purchased from Amazon and was issued gift cards and return labels for the products which must be returned by December 15 or her credit card will be charged for the item they shipped to replace the "returned" items.

My client did not have 2-step verification for her Amazon account, meaning that she had not given her cell phone number. When we tried to reset her password, she did not receive the email notification with the link to reset it.

We eventually reached someone at AZ who was able to help verify her identity. Hopefully, it is sorted now.

Moral: use COMPLEX passwords! And turn on 2-step verification. Your email account must be protected. It gives a hacker tremendous ability to wreak havoc in your life.

02/21/2014

I have noticed that my clients are getting "infected" by malware lately. They report that their computer is quite slow and they continually get "pop-ups." These pop-ups are not in their browsers, they appear while they are simply using their computer. One of the "pop-up" programs I see on almost every client's sluggish computer is PC Optimizer Pro. While PC Optimizer Pro is not malware it certainly acts like it!

I decided to try to figure out how my clients are downloading these nefarious programs. They all swear they did not download them but, of course, they did. I had one of my clients demonstrate how she had downloaded iTunes which she knew was the last thing she had tried to download (iTunes was not installed even though she had tried to download it). She typed "iTunes" into her browser search box. The first few results were NOT Apple.com websites. They were ads!

The link results of her search were similar to these:
itunes.win-install.com
itunes.apple.gufile.com

The word "Download" was prominently displayed which drew her attention to the one she clicked on. I had my answer to how clients are installing these pesky programs. My client, and I suspect, the average computer user, did not understand the structure of a web address. And why would she?! Technology expects so much of the average user.

Her first mistake was to click on one of the "ad" links. Ads are displayed at the top of the search results. If you look closely, you will see "Ads related to: iTunes" and below that a few ads paid for by advertisers, of course. Below that will be the native search results.

The most important thing to pay close attention to in search results is the structure of the web address of the displayed links. The word just before ".com" should be "apple" (in this example). In her results it was "win-install" and "gufile" preceded by "itunes" or "itunes.apple." These are NOT Apple websites. They are subdomains of win-install.com and gufile.com.

These types of websites are not to be trusted. Their downloads will, at the very least, simultaneously download (and silently install) several programs which will start popping up every few minutes trying to get you to pay for them.

Other consequences of downloading from these types of websites are:
Search engine is changed to, for example: Conduit Search
PC Backup software pop-ups
Your Home page is changed

01/29/2013

I'm starting to see what I believe to be fallout of the recent Java vulnerability. For now, I'm recommending to uninstall all versions of Java via Add/Remove Programs in Control Panel. This vulnerability may be fixed in Java 7 Update 11 but just to be safe, uninstall all versions of Java including Java Runtime. You may not even need it.

11/09/2012

Here's a story about getting your email password cracked and where that can lead. Make sure your email password is STRONG, update your security questions and add your mobile number as an identity verification.
http://wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking

06/07/2012

Watch for this if you have a LinkIn account!

Phishers are coming out of the woodwork trying to bait panicked or otherwise unsuspecting LinkedIn users into supposedly 'confirming' their account, but what they're really doing is hijacking login credentials. They're also compounding the situation, whereby LinkedIn has now confirmed it suffered a ...

12/03/2011

http://technolog.msnbc.msn.com/_news/2011/11/30/9122334-researcher-secret-software-tracks-phone-users

A security researcher and systems analyst says a company's software is secretly logging the keystrokes of Android phone users, as well as those on some BlackBerrys and Nokia devices, although the company that makes the software denies the claims. The matter has grown so contenti …

12/03/2011

http://www.wired.com/threatlevel/2011/12/carrier-iq-backlash/

The backlash against a formerly obscure, California mobile-monitoring software maker grew even larger Thursday, with a Senator asking questi...

05/29/2011

This is a screenshot of one crimeware software program.

05/29/2011

The previous post is a fascinating look at crimeware kits! Software for cyber criminals designed to create malware attacks. Price $1500!!

05/29/2011

http://www.zdnet.com/blog/bott/why-malware-for-macs-is-on-its-way/3243?tag=mantle_skin;content

This isn’t about Mac-versus-Windows. It’s about engineering and (shady) economics. I see convincing evidence that the tipping point is her

05/29/2011

http://www.zdnet.com/blog/bott/mac-malware-authors-release-a-new-more-dangerous-version/3385

Apple finally responded to the Mac Defender outbreak, with a technical note containing removal instructions and the promise of a removal tool. Within