Lower your risk of spyware infection

The vast majority of viruses in the workplace come from non-work related sites. Well established business websites are rarely the cause of a virus infection. The following are some examples of websites to avoid while on a corporate network.

• Social Networking Sites
  1. MySpace
  2. Facebook
  3. Twitter

Social networking sites are targets for people promoting the spread of malware and viruses. These types of sites are targeted because of their large user base. Once an account has been infected, it will attempt to spread to everyone in that user’s friends list by sending links or files that would tempt the user to click or open these links and files to further spread the malware.

• Webmail Sites
  1. Hotmail
  2. Yahoo Mail
  3. Gmail
  4. Live.com Mail

Webmail has long been a target and tool that virus writers use to spread their code. It provides anonymity by offering free accounts with little or no proof of identification. Webmail is not as thoroughly filtered by virus scanning software than most corporate mail servers, this leads to employees infecting their work computers because they are checking personal email that does not get scanned by your servers.

• Suspicious Emails
  1. UPS, FedEx, DHL, USPS shipping manager in the subject line.
  2. Unknown senders
  3. Known senders with suspicious content or attachments.

If in doubt, do not open the email or attachment. Many people get virus infections from their friends, family and coworkers because these people have been infected and the virus is now sending out emails to everyone on their contact list. If your aunt Betty doesn’t know how to send a picture attachment then there is good reason to believe that something may be amiss. If you’ve never seen the name before, use caution, it may be spam with links to virus infected webpages.

• Non work related websites
  1. Obscure blogs
  2. Pornography
  3. Torrents, illegal downloads
  4. Entertainment: Music, Movies, Gossip, Shopping
  5. FREE offerings (IE: screensavers, wallpaper backgrounds…)

There are many sites that at best are deemed questionable. The less known a site is, the less likely it is to be secure. For example, Amazon.com vs. shopping123.com. Small, insecure sites are targets for the placement of viruses and malware, once these sites are infected, anyone visiting the site will be infected. If you stick to large, well-known, work related websites, you greatly reduce the risk of infection.

If you do happen to get a virus, the best thing to do at that point is to shut the PC down. Most viruses have been known to retrieve additional code or other viruses from the internet making the problem worse over time. Infected PC’s that have been left on and used for days have been found with dozens to several hundred infected files and different variations of viruses. Others that have been shut down quickly were  much more easy to remove, saving you time and money in the long run. 

For the typical home user, these three terms can be very confusing. What is the difference between them? Are they different at all? Yes they are, but to you they are all the same thing – a pit, full of time and money. Since this is the case for most of us, we will use them as interchangeable terms. When they infect your computer, they can make your PC run incredibly slow, sometimes to the point of being unusable. They can block internet access, hack your email, track what you’re doing, and in some cases take full control of your computer for whatever their programmers’ malicious intent is. So how can you prevent against these infections? Cue the singing angels, because you’re about to find out.

Prevention:

Here at CompuType, we hear some form of this phrase at least once a day: How did my computer become infected when I pay for antivirus?” I hate to say it, but antivirus is merely a first line of defense. Not to lessen the importance of a good antivirus program, but it’s not everything. The biggest part of prevention is your browsing habits. You must be careful of what you click on; always know where a link is going to take you before you click on it. If you don’t trust it, don’t click on it. This, however, can be easier said than done. I went to download CCleaner, a program very useful for cleaning out the temp files on your computer. Once at the free download page, I was presented with this:

This is a typical (even conservative) example of download link confusion. With three different download links, and only one being legitimate, people are understandably confused as to which button to click on. While this site doesn’t seem to have any malicious links, many other free download sites can have upwards of five or six different download buttons. Pressing on the wrong one can open the flood gates for malware, and your antivirus chance of catching it after it’s downloaded is spotty at best.

Here is another tricky one:

If you have seen something that looks like this, you were most likely somewhere on the internet you should not have been. If you have seen this more than once, you are most likely a teenage boy. The key to identifying this as an illegitimate message is the title bar. It is a message from Internet Explorer, in this case meaning it is no more than another internet window (pop-up). Had this been a legitimate message, your antivirus (avast, AVG, Norton, etc.) would be the one telling you that you need to run a scan, and would not ask you to download anything more than virus definitions. You should NEVER click on this window, as it gives the infected files permission to download onto your computer, most of the time bypassing your antivirus program. Out of all the different computers we service for virus infections, this is the most common means of infection.

There are, of course, other means of infection: email hoaxes, ads that promise you you’ll lose weight by using just this “one little trick” and so many more that it would be impossible to cover in this article. But luckily most of these can be thwarted by using a little common sense. If you know your grandma doesn’t know how to work her email program, don’t open the attachment she sent you from her account; it most likely wasn’t her. Don’t click on an advertisement that promises a free iPad, because anything that looks too good to be true probably is. And if you have a teenager, it may be best to invest in some sort of parental control software (here is a link to a PC Magazine article detailing several different programs), because he/she will most likely be the cause of your next virus infection. It’s nothing against anyone of that age, but teenagers (especially boys) are quick to click on ads that interest them without thinking about the consequences.

But wait, nothing about antivirus software was mentioned, how can that be? Simply put, it doesn’t really matter what antivirus software you have. There’s no doubt that some are better than others, but the determining factor of your computer’s safety is you.

Now that you’re armed with this new knowledge, keep in mind that internet trickery is everywhere. If you do happen to fall for any of these tricks, it is important that you get it fixed right away. The longer an infection is on your computer, the more information they can gather about you, or even worse, your bank account. If this ends up being the case, CompuType’s trained technicians will be happy to help you out of the extremely annoying and stressful situation that is a virus infection.

On Tuesday, July 10th, 2012, Microsoft released a security advisory regarding sidebar gadgets in Windows Vista and Windows 7. All gadgets, old and new, now pose a security threat to your computer. They can be compromised to allow a hacker to have access to your PC and all of your data. Microsoft’s current solution is to disable gadgets completely. Follow this link for the “fix” and to read more about it – http://support.microsoft.com/kb/2719662

Here is Microsoft’s official recommendation: “Customers who are concerned about vulnerable or malicious Gadgets should apply the automated Fix It solution as soon as possible. For more information, see the Suggested Actions section of this advisory.”

To be safe, CompuType IT Solutions recommends that you follow Microsoft’s suggestion and disable your gadgets. You can use the “Fix It” application found at the Microsoft link above, or disable the gadgets manually. Hopefully MS will provide a solution to this issue, to keep all the gadget users happy. If you are not comfortable making these changes and repairs yourself, just give us a call and we’ll be glad to assist.

CompuType would also like to remind you to keep your Windows Updates current, as well as your Anti-Virus, Java, Flash or any other application that constantly nags you to update it. Most of the updates these companies push out are to fix security vulnerabilities, so it is good practice to keep up with them. If you’d like to have CompuType help you keep up with these issues, just give us a call. We can set you up with remote support, using GoToCompu, or one of our skilled technicians can stop by and take care of your issues.

Despite rumors to the contrary, Monday is not “Internet Doomsday”. There will be no cataclysmic shutdown, no Al Gore pulling the plug with a demonic laugh, no sudden termination like the TomKat split. July 9, 2012 on the Mayan calendar does not say “Adios Internet”. What is happening is described in detail here.

Essentially, the FBI is shutting down some servers on Monday that have been allowing PCs infected with the DNSChanger virus to use the internet as if nothing is wrong. Once these servers are shutdown, PCs with the virus will not be able to access the web.

Yes, that sounds horrible, but it is easily avoided. Before Monday, July 9, please visit http://www.dns-ok.us from every PC you own to see if you have the virus. If you see green, do a happy dance because your machine is clean. If you see red, then don a hazmat suit – you need to start cleanup procedures immediately.

If your antivirus program isn’t correcting the problem, then be sure to contact professional help, or even that 29-year-old “kid” that lives in your neighbor’s basement. If you don’t get it cleaned up this weekend, you won’t be able to check fantasy baseball stats and upcoming summer sales access important work related websites.

Experts currently estimate the number of infected PCs is down to 250,000 or less, so you’ve got a .02% chance of being infected. Much better chances than winning a lottery jackpot though so be sure to get your PC checked out soon!

Courtesy of Dynamism.com

The use of USB memory sticks and other removable media has become a mainstay in today’s business world. With the increased popularity, prices for these devices have fallen to the point that they are given away at many conventions, and used in devices that are plugged into our computers every day. The combination of low prices and consumer ignorance has sparked a not so new trend of infecting these devices with viruses, Trojans, and other forms of malware to wreak havoc or gain access to sensitive data. I say “not so new”, because in the past other forms of removable media such as floppy disks and CD’s where subject to the same types of attacks. In this article you will learn the risks of using removable media in the work place as well as at home. Keep in mind we will focus on USB memory sticks, but many of these tactics can be used with external hard drives, CD’s and any other form of removable media.

I assume most readers have used a USB drive to move files from one PC to another, maybe to take some work home one night? So what is the worst case scenario you ask? Well, unless you own a nuclear reactor you don’t have to worry much about the Stuxnet worm that put Iran’s nuclear ambitions on hold for a few months; but if you want to know what can happen this is a good example. Why would I bring up such an elaborate plot as an example for a small business? This is why; many of you have spent thousands of dollars on a quality firewall, anti-virus and anti-malware software, as well as spam filtering and employee education. Well, all of this can go down the tubes because of a USB thumb drive that your employee found in the parking lot lying next to their car. Sometimes what seems like an elaborate scheme is the simplest, a five dollar thumb drive from Wal-Mart, a free download off the web, toss a few of these USB memory sticks into the parking lot of a few competitors and you have lost all your client data. Why pick the lock on the front door when you can go through the open window? Not a likely scenario? Do a quick Google search and you will see how often it happens.

Don’t think your employees would put a memory stick they found in the parking lot into their work PC? Give me a call and we can test out that theory. Lucky for the bad guys they don’t even have to spend the five dollars on a memory stick. How many of you or your employees have opened an email that was infected with a virus don’t lie. I likely removed it! Yeah I’m talking to you! Lucky for you those viruses were just there to make your day miserable. If you are truly unlucky, you will get a virus that will not pop-up anything on your screen, but just wait for you to insert any type of removable media and then copy its self onto that media. Next it will wait to be inserted into another PC and copy its self to that PC. Now you are in the same situation as the previous example. You don’t have to be computer illiterate or uninformed to fall for this one.

What happens after that? Well if you are lucky you just have your run of the mill virus infection that tries to swindle you out of 50 bucks for the “full version” of the fake anti-virus program you were just infected with. Though you could still be out several hundred dollars in repairs, the more likely reason for using USB media for infection is to gain access to your data. Some malicious code is more difficult than others to transfer via email. Sky’s the limit with a USB drive, plenty of space, no spam filtering to catch onto what is happening, we can bypass that fancy firewall and get a more targeted attack rather than the spray and pray method. Don’t think your competitors would do that? I hope not, but they are not the only ones that can make use of your client data. There are plenty of people out there who would love to buy a list of people they know for a fact spend money on X business. And if you think there is a market for that, they will be climbing the walls to purchase your customers credit card information.

Are you trying to scare the crap out of us!? Of course I am! No one thinks about these things until it happens to them. Rarely does anyone call me and ask for a firewall, or to tell me their antivirus is out of date, their backups haven’t ran in months etc…etc…etc, until something bad happens. Number one method to keep this from happening to you is to be PROACTIVE. Call us for a security assessment; let us check your firewall and anti-virus program, tell us how you conduct business and what your concerns are. Most would consider a yearly security assessment inexpensive, anyone that has had to pay to clean up the aftermath of the above event would consider it necessary.

What can I do myself? I have to use my memory stick every day! Calm down, I wouldn’t deprive you of your precious files! We can thank Mindi McDowell from us-cert.gov for the following tips on protecting your computers and nuclear reactors from attack.

• Take advantage of security features – Use passwords and encryption on your USB drive to protect your data, and make sure that you have the information backed up in case your drive is lost.
• Keep personal and business USB drives separate – Do not use personal USB drives on computers owned by your organization, and do not plug USB drives containing corporate information into your personal computer.
• Use and maintain security software, and keep all software up to date – Use a firewall, anti-virus software, and anti-spyware software to make your computer less vulnerable to attacks, and make sure to keep the virus definitions up-to-date. Also, keep the software on your computer up to date by applying any necessary patches.
• Do not plug an unknown USB drive into your computer – If you find a USB drive, give it to the appropriate authorities (a location’s security personnel, your organization’s IT department, etc.). Do not plug it into your computer to view the contents or to try to identify the owner.
• Disable Autorun – The Autorun feature causes removable media such as CDs, DVDs, and USB drives to open automatically when they are inserted into a drive. By disabling Autorun, you can prevent malicious code on an infected USB drive from opening automatically. In How to disable the Autorun functionality in Windows, Microsoft has provided a wizard to disable Autorun. In the “More Information” section, look for the MicrosoftFix it icon under the heading “How to disable or enable all Autorun features in Windows 7 and other operating systems.”

Help! I am unsecure and I think someone is stealing pictures of my cat Peaches, how can we reach you? If you would like to schedule a free technology evaluation for your company, an in depth security assessment or anything in-between, just give us a call and ask for the technician who encrypts all pictures of his cat.

CompuType IT Solutions hosted its first Belleville Chamber of Commerce event, Coffee Cup Connections. Coffee Cup Connections is an event the Chamber of Commerce puts on to allow each of the member Businesses the opportunity to host. We hosted this event in May 2012 and provided breakfast pastries, a brief presentation about our organization, the chance to do a brief tour of our facility, and the chance to engage with chamber members.

Jeff Harris, Senior IT Consultant at CompuType IT Solutions

Jeff Harris, Senior IT Consultant, with 18 years of experience was the presenter and gave an overview of what services CompuType IT Solutions offers to its client base. The group had an array of questions concerning business technology. We would like to host other events as well but we need your feedback to know what you want to hear about. Some of the questions raised at this event were:

Is it ok to use two different virus programs?
The direct response would be yes, it is ok to use more than one anti-virus program however there is a catch. Every virus program you add to your computer will slow your PC down exponentially as it will take a performance hit. My recommendation would be to use only one anti-virus program and keep it updated at all times. Furthermore, make sure that you are getting all your windows updates from Microsoft and keep your PC/network appropriately patched.

Do you fix computers here as well?
Yes. We have a full service in-house computer repair department. Our trained staff will see you driving up and help you bring your equipment in to the service counter. We will conduct a brief interview to get the details of the issue(s). We will then give you an estimated time of completion and contact you with the repair costs to get authorization to perform the work. Upon authorization we will resolve the issues discussed and contact you upon completion to pick up the equipment. Upon your arrival to pick up your equipment we will discuss how the problem started and what you can do to avoid these computer repairs in the future.

Thank you to the Belleville Chamber of Commerce for allowing us to host this May event here at CompuType IT Solutions and a sincere thank you for those that came out to see us:

Cheryl Kennedy of Webster University

Cynthia Platt of Webster University

Andy Hess of First National Bank of Dieterich

Tom Grant of Labor Ready

Brad Brachear of Clear Wave Communications

Chris Green of Prudential

Travis Mossa of Prudential

Susan Wobbe of Barber Voss Home Care

Connie Merrell of Visiting Angels Home Care

Jared Zappia of Extra Help Inc.

Sarah Gustin of Family Hospice

Melinda Hult of City of Belleville Alderman

Mary Jo Smith of The Imaging Center at Wolf Creek

Wendy Pfeil of Belleville Chamber

After July 9, you may lose internet access on your PC thanks to the FBI. Not because of something they will do on July 9, but because of something they will stop doing. Confused yet? Let me explain.

Most of you have been a victim of mal-ware at some point in the past few years. It goes by many different names (Trojans, junk ware, ad-ware, that crap that screwed my computer, etc.). One of the recent variants has been particular nasty. It has been most commonly called TDSS, but also goes by Alureon, TidServ & TDL4. This malicious code changed your DNS settings and disabled your anti-virus programs, making you susceptible to further problems.

So what if they change my DNS settings? you may ask. DNS (Domain Name Services) is a critical function to your internet access. Every server, website and device on the internet is identified by an IP Address. DNS translates a domain name into that address (www.compu-type.net = 199.217.139.204). Without DNS, your PC cant find www.youtube.com (74.125.227.130) or www.facebook.com (69.171.224.53).

So what this international band of hackers did with the TDSS virus was tell your PC to use their DNS servers instead of those specified by your ISP, therefore controlling which servers you connected to when browsing the internet. You may have intended to go to www.google.com, but they could redirect you www.EstoniaRulez.com or virtually anywhere. And that anywhere usually involved pushing more malware on your PC, making your PC slower and slower, and risking the security and privacy of your data.

How does the FBI fit in? In November 2011, the FBI along with Estonian police, arrested these cyber crooks in Operation Ghost Click. Once the criminals were in custody, the FBI realized that shutting down those DNS servers would create havoc for potentially millions of internet users worldwide because those DNS requests would go unanswered. So under a court order, they have been operating safe DNS servers in the place of the malicious servers so that PCs infected with TDSS can function almost normally (aside from the slow internet, disabled anti-virus, annoying pop-ups, etc).

On July 9, 2012, that court order expires and those servers will go silent. If you have TDSS, you will not be able to use the internet at all after those servers are shut down. It is crucial that you get your PC tested and cleaned before that date. The FBI has setup a website that will tell you if your PC is infected with this malware (http://www.dns-ok.us). If you get this result:

Then congratulations your machine is clean. If not, call us and well take it from there. But just be sure to do this before July 9, before the FBI shuts down your internet for good.