Monday, October 13, 2014

How To Spot Socially Engineered Emails


For quite some time I wanted to give information about how to spot spam emails. That is quite a sizable field and I wavered too long. This time to my  and I believe to your advantage the wait pays off.

I discovered that KnowBe4.com already had done an excellent job and published the result as a one page fact sheet much better and more concise than I could ever have done it. The paper is called Social Engineering Red Flags. This link should show the information in your browser or in your reader application for PDF files.

I recommend to print it as a handy reference guide.

And here is a real life example; just this morning (10-20-2014) I received an email that looks on first glance like it came from Facebook, optically quite convincing. It is such a "classical" example that I took a screen shot to show it to you:


For me it goes without saying that I do NOT just click on a link in ANY email, no matter who the sender is supposed to be, no matter how "familiar" it looks.

The first clue is the sender address. Bad, simple forgery, not even an attempt to disguise the forgery; maybe that is even the miscreant's real email address. This is one of the times where I regret not to be a security researcher because I would love to mess a bit with this guy.

Then I did what for me by now has become second nature: I rested my mouse on the link (see the cursor). The translation of where the link would have taken my computer to in the status line (bottom left corner of the picture) confirmed my suspicion: The link goes to a web site in Russia. Did you see "http://pemoht-tb.ru/rand..."? ".ru" is the country code for Russia!

If you handle your email with programs or techniques that do not show you all the information from this example then you live dangerously. Imagine a teenager; they would blindly click on the link and voilĂ , the computer is infected and maybe you even loose all your files!

Oh well, more work for me... (tongue in cheek!_).


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.




Monday, October 6, 2014

Java - Yes or No?


On January 14 2013 I wrote about Java. This artcle should explain what Java is.

There mainly are two opposing views about Java on home computers around.

The first one says that Java is needed so rarely that it should not be on a home computer at all.

The second one just delivers it pre-installed on all computers sold over-the-counter in case you need it.

My personal view about Java is the following:
Have it installed for the (maybe rare) case that you need it.
My reasons are:
  • If we are about to do something and get interrupted we tend to react somewhat frustrated. At this time we are very likely to get directed to the "wrong" web site for the download and we will probably get some sort of "blind passenger" or gunk software that we really neither need nor want.
    You doubt that? See the real life examples in this article.
     
  • Over the years I had several very frustrated customers calling me and asking why Java was not installed. In every single case some well meaning but ill advised relative, friend or computer technician had removed Java.
     
  • The few MB of disk storage space that Java needs are not an argument anymore; we are in  the age of 500GB and 1TB disk drives that a home user never will fill up. It is many years since I have seen a really full disk drive.
The price we have to pay is simple:
Keep Java up-to-date - and use common sense!

In What To Update from September 18 2011 I wrote:
Here is the list of the most important things that have to be kept up to date.
Added for this article:If you don't have any of these programs installed just ignore the entry in this list:
  1. Windows (better: all Microsoft software)
  2. Security programs
  3. ‏Firefox web browser 
  4. Firefox add-ons
  5. Java
  6. Adobe Reader
  7. Adobe Flash
  8. Adobe Shockwave
  9. Thunderbird email client
  10. Thunderbird add-ons
My conclusion:
  • It is very easy to keep Java up-to-date when you do that regularly anyway and are not stressed.
     
  • At a time where you will be frustrated and impatient (you want to get back to what you were doing when you got interrupted!)  you are more likely to get tricked to inadvertently allow some unrelated gunk to get on your computer.
For the non-technical home user I install Java and admonish the user to keep it up-to-date.

Naturally it always is my customer's computer so in the end the customer has to decide if they want to live with or without Java. Uninstalling Java is easy:
Control Panel > Programs and features > Highlight Java > Right Click > Click Uninstall.

Please uninstall all versions of Java that you eventually see. Old out-of-date versions are a HUGE security risk!

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.



Sunday, October 5, 2014

2014-10-06 WTKM Talking Points (October 6 2014)


Windows 10 announced. I am really impressed by the preview that I have running.

PLEASE check your Firefox web browser and Thunderbird email program for updates.
FF
needs to be at least at version 32.1.2 and TB at version 31.1.2
A really serious bug in some common, standard encryption code was updated.


S
hellshock bug in Linux/Unix:
At first I assumed the worst, we’d have to buy new routers. But home routers are not at risk!
We do not have to worry about Android or Apple phones from this - so far at least and if we use common sense.

If you have a cloud-enabled NAS device you are potentially at risk. Switch off remote access until the manufacturer releases updated software.
Mostly enterprise systems running Linux or Unix are at risk.
It is a good idea to check your home router for firmware updates anyway.

For-Pay Windows maintenance tools worthless

Home Depot got stripped of 56 million customers credit card data

  • It ignored security warnings from staff
  • It failed to update Symantec Anti Virus since 2007
  • It did not consistently monitor its network for signs of attack
  • It failed to properly audit its eventually-hacked payment terminals
  • It's executives reportedly told pleading staff that "we sell hammers"
  • Former unnamed HD security staff were so concerned of the poor state of IT systems that they warned friends to 'use cash' instead of credit cards.
JP Morgan (Chase bank plus nine! othe banks) attacked. Chase alone got stripped of 84 million customers personal data but no logins stolen. Personal data? Including SSNs? No word...

Have these banks been as sloppy as Home Depot? See above.

As I repeatedly have said: Management, management, management.


Can your account be pwned? Check on Have I been pwned? Well, HD and Chase cases probably not yet included.


Why do people create virus programs? MONEY!
CryptoWall alone cashed over six months more than $1.1 million

 
Apple Mac security programs: Only three of 18 very good, a few good. Fuhgetabout the rest. 17,000 Macs in just one botnet.

Marriott fined $600k for JAMMING guests' Wi-Fi hotspots
Posh hostel borked guests' networks to sell their pricey WiFi

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
 

Friday, October 3, 2014

Windows 10


Wow, Microsoft, I am impressed!

I have done my first baby steps on the Windows 10 Technical Preview that was released today.

All I can say is:

         Windows 10 is Windows 8 done right!

I can hardly wait for next year's final release; we do not have an  official release date yet; it will be some time next year.

This is the system I will upgrade my everyday "work" computer to.

EVERYTHING of "old" software I tried so far works flawlessly, even system utilities, Libre Office and Google Earth. And the system is only a "preview" that still has some rough edges..

Running the risk to repeat myself, I am impressed.

Do you still have Windows Vista running on a a well equipped machine or one that could easily be upgraded to at least 4GB of RAM? Windows 10 is the system to upgrade to!

Be warned, do NOT attempt an in-place upgrade, always do a full install! This advice has nothing to do with Windows 10, it comes from experiences with six generations of upgrading Windows to newer versions.

As usual I welcome suggestions and comments right here in the blog. Please no hidden adverts for commercial software and please only language that your little kids could hear.

Click here for a categorized Table Of Contents.

Wednesday, October 1, 2014

Why Me?


Recently I got asked by a prospect one too many times why he or his friends should prefer my computer services over some other person or big company. Thank you Larry P. for the question. Here is my answer:

I sell only my experience, my know-how and my time.

I sell NO material goods nor any software.

I do not get any kickbacks from any manufacturer, wholesaler or dealer.

I have worked professionally as a programer and administrator
     with computers since July 1st 1964
     with Microsoft software on CP/M computers since 1977
     with PCs since February 1982
     with Microsoft Windows since version 3.1 in 1992

Since 2001 I have specialized in loss-less virus removal on small networks and home computers and protecting these machines from the dangers of the internet.

I do not charge sales tax.

I have NO contractual ties to any product, manufacturer or wholesaler.

I recommend and install only freely available and functionally proven programs.

No added “hidden” cost for the home user.
Even a proven alternative to Microsoft Office® is officially available free of charge.

I have absolutely no hidden financial interest or other commercial bias.I receive absolutely no kickbacks of any kind, no matter where and what the customer buys.

Generally:
I prefer real-life usability and experience over personal opinions and commercial “tests”.


I abhor industry shenanigans and trickery and warn my customers.


I can explain technically complex concepts in layman's terms.


I do not mince words but rather say it as I see it.
 As usual I welcome suggestions and comments right here in the blog.