Upgrade for Better Browsing

Browser performance is becoming a bigger issue as browser updates and website advances require new versions – and even new computers. Not upgrading can also present security issues.

The problem we are seeing is a combination of clients with older computers using older versions of their favorite browsers trying to view websites that have advanced features the browsers and computers can’t support. The problem manifests itself when visitors can’t access a site or they can’t move around the site and use all of its features. They also start to see pop-up messages to upgrade their browsers.

We all tend to keep using our older systems and make a lot of allowances until something has to give. In this case, it’s your browser and/or computer. If your computer is not woefully out of date, you likely can upgrade your browser, but there are a few things to keep in mind.

Most important, don’t click on an upgrade pop-up message without being absolutely sure it’s a legitimate message. We have not heard of scammers and hackers using this type of pop-up to get your money or your data or both, but if they’re doing it already…

You can always go to the browser publisher’s website (Microsoft, Firefox/Mozilla, Chrome/Google, Apple, etc.) and download a browser upgrade from there. We believe it’s a safer way to do it. If you happen to download more than one upgraded browser, make sure you designate only one as your preferred or default browser. That will ensure that links you click – such as the link from our email message to get to this article – open in the browser you prefer to use.

If your computer cannot support a browser and a website you use, you should consider upgrading your computer. It’s not really an arbitrary suggestion; it’s all about security.

From the website owner’s point of view, they constantly need to incorporate new software to cover multiple platforms, such as Windows or Apple computers and a host of mobile devices. At some point, they just cannot incorporate the software needed to function properly on older browsers and older computers. Some of the reasons may include the ability to perform e-commerce transactions efficiently and securely, the storage of financial and medical records, the protection of encrypted messages and vulnerability to a variety of attacks.

Those needs take into account legal and insurance issues that affect their decisions about the software and systems they use and support. (We will discuss those in a future issue of Technology Update).

For you, the computer user, you need to consider costs – and that goes beyond just the cost of a new computer.

  • What is your cost if you cannot purchase business items online from your preferred vendors?
  • What is your cost if you cannot purchase any items online – personally or for business – because your browser (and computer) may have security risks?
  • What is your cost if you cannot bill customers and clients because of doubts about your security (see Protection in the Third-Party World)?
  • What is your cost if your data is breached?
  • What is your cost if you are found liable for others’ data breaches?

Browser requirements are likely to get tighter as we go deeper into our Internet-based world and as security becomes an even more important concern for website owners. We can help you get the most up-to-date browsers onto your computers, and we can help you plan an orderly upgrade of your personal and commercial systems to take advantage of any possible cost efficiencies. Call us – 973-433-6676 – or email us to help keep your website browsing as safe and enjoyable as possible.

Protection in the Third-Party World

The reliance on third-party providers for so many data servers continues to grow. That increases your dependence on other people’s diligence, and it increases your responsibility to be more vigilant.

“NJ Biz” recently devoted a series of articles to many aspects of online safety and protection, and one of them focused on issues we’ve been discussing: verifying the integrity of third-party providers and two-factor authentication. Third-party providers are being used more and more by businesses of all types because they can scale up faster and more economically to handle any number of users from any number of locations.

However, you need to rely on those providers to protect your data, and according to Jonathan Dambrot, CEO and co-founder of Prevalent, a Warren-based IT security, compliance and third-party risk management service provider, the security environment is far from ideal. In one of the “NJ Biz” articles, he says: “Depending on who you talk to, between 40 to 80 percent of all data breaches are happening at third-party vendors, because that is where most of the data is. People are focusing on third-party data security risks because criminals are going after the data where it resides.”

If a provider has weak security, it can be more vulnerable to an attack by hackers. But government and industry leaders are getting together to help you. Last December, Congress passed The Cybersecurity Act of 2015 to encourage companies to share with the government and each other technical details of hacking threats. This regulation reflects a growing acceptance of collaboration as a way to access data security threat intelligence and enforce vendor compliance.

It’s the latest of several early steps in a fluid regulatory process.

“Regulators have put controls in place over the last two-and-a-half to three years, and there is a combination of reasons why third-party or downstream risk has become really important to people as they look at their cybersecurity,” Dambrot said. “Third-party vendor and business associate risk has really changed as vendor services have changed. Years ago, people weren’t talking about cloud usage as much as they are today, and so, regulators will continue to change the wording to match the way data is handled.”

This collaborative effort, however, doesn’t get you off the hook. On the contrary, you need to do more. Two other articles we recently came across expand on two security matters we discussed last month: two-factor authentication and asking the right questions of any data-services provider.

Rather than re-explain some of the more effective ways to use two-factor authorization (2FA), we can refer you to a recent post by Ed Bott on ZDNet. There are many options available, including apps you can download to your mobile devices.

As he asks, “How much are your private communications worth? How about your reputation? Your bank account? Your identity?”

We know they are priceless to us but have great value on the black market. With 2FA enabled for a cloud service, any attempt to sign in on an unrecognized device might require you to enter a secret code that’s either received as a text message or generated by an authenticator app on your previously registered smartphone.

“Depending on the service, entering a code might automatically establish the current device as trusted, or you might be given the option to trust the current device,” he writes. “If this is your new computer or tablet (or a new browser), and you have this option you should say yes. When you’re signing in on a device you don’t control, you shouldn’t allow it on your trusted list. One way to make sure that the device isn’t marked as trusted is to use a browser in private mode (aka incognito in Chrome). If a bad guy manages to steal your credentials for an account that’s protected by 2FA, he’s unable to do any damage. Because he is signing in on an unrecognized device, he’s required to provide a second form of authentication. Without access to your trusted device, he can’t authenticate himself and can’t go any further.”

There are many variations on that theme, and we can help you find one or two 2FA programs that can best meet your needs and comfort level with your devices. But you need to be sure the data center that houses your information has all the right policies and procedures in place, too.

Services provider vXchange, which estimates some 78 percent of work-related data will be on the cloud by 2018, has a list of 10 questions you should ask your next data center manager, and we suggest you read them to get an idea of what’s at stake. They’re questions we ask of ourselves and our provider to minimize your risk and ours.

While you don’t get total control of your data, you will have a much better grasp of the possible risks and the steps you can take to maximize your protection.

As your trusted IT service provider and advocate, we have 2FA techniques we prefer and providers with which we have established relationships. We can answer your questions and address your specific concerns in selecting and installing 2FA programs, and we can help you select and vet data centers. Call us – 973-433-6676 – or email us to set up an appointment to discuss your specifics.

3 Years is a Lifetime

We used to consider three to five years as the useful lifetime for a desktop/laptop computer and five to seven years as the useful lifetime for a server. Forget about mobile devices, which seem to become obsolete before you buy them. For computers and servers, a lifetime is getting shorter.

Since the dawn of the computer age, hardware and software have always had a push-pull effect on each other. When one party makes a significant advance in capability and/or speed, the other is forced to catch up – and maybe raise the ante. Faster, more sophisticated application software requires faster, more powerful computing systems to give you all the productivity benefits that can increase your profitability. Faster, more powerful computing systems can make you wonder why your application software is slow, leading you to demand more robust software from publishers. It just goes on and on.

For business and home users, we’re looking at three years now for the useful service life of a computer, and for businesses, we’re looking at shorter lifetimes for peripherals, such as printers. Some companies may tend to keep printers around longer because their basic function hasn’t changed. They print documents, and most printers in use today have enough speed to satisfy most offices.

But they don’t have enough processing speed to satisfy the software systems that feed them the files to print. With technology advancing at such a rapid pace, there is less and less “backward compatibility” to handle older printer drivers or to upgrade printer drivers for newer computers or software. As a result, you need to look at the useful operating life of your printers in addition to your operating system, your application software and your computer. At some point, you’ll be looking at security, too, because your OS and your printer drivers will no longer be supported with bug fixes and security patches.

At some point, too, your computer system and your Wi-Fi system will not match the speed of your Internet connection. Gigabit speeds are becoming more readily available from multiple providers, and competition will ratchet up the speed and cut the price. In practical terms, you are going to demand more speed from your equipment and network because it will increase your business’ productivity or because it will better handle all the streaming needs in your home – such as movies, TV programs and educational and gaming activities.

We can fine-tune equipment only up to a point. After that, you are going to need new hardware and maybe new software. And then, you will begin the cycle again.

As for mobile devices, they are changing rapidly, too. And as companies such as Apple and Samsung wage performance and feature wars, there will be more pressure on each of them to make significant improvements with each new upgrade they release. We’re already seeing how this war affects a company’s stock price, resulting in shareholder pressure as well as customer pressure to be better and cheaper in a shorter product-rollout cycle.Whether at home or at the office, you need to start looking at a three-year cycle for most of your hardware and software – and look at how your systems integrate with mobile devices, which are being used increasingly for tasks normally done on a computer. We can help you with a technology assessment of your business, your home or both – and look at how your systems need to integrate with mobile devices. Our assessment will give you a planning guide to devise a timetable and budget to keep your systems current with your needs. Call us – 973-433-6676 – or email us to set up an appointment.

How Does Your IT Consultant Handle Your Info?

Today’s interconnected world is an interdependent world. No matter how many precautions you take to protect your data’s security, technology has forced you to depend on other people’s diligence to share your passion for protection. You don’t have a lot of control over the weakest link in your online chain. But asking how your IT consultant handles your information can help you gain better control where it’s possible.

So, here’s the question you need to ask: How do you handle my information, including your access to my systems?

And, here’s the discussion that needs to follow:

Your IT consultant must follow the strictest protocols available to protect all the information you provide. This includes access to your servers, routers (including repeaters or boosters for Wi-Fi networks) and computers that store your information or have access to wherever you store information.

An individual provider, such as Sterling Rose, can handle your data security differently from a large support organization. It’s not that one type of provider is better for a particular client; it’s more a matter of tailoring protection procedures to meet real-world needs and being diligent about following them.

We can keep all of our clients’ information in one place that can be accessed by only one person, and that helps us build a strong wall around (and roof over) the user names and passwords for your systems. With the ability to securely access the information from a desktop computer or mobile device, we can service a client from anywhere.

We protect that information in a number of ways. These are just a few of them:

  • We regularly use two-factor authentication, which requires more than just a password. Every two-factor system has its own set of additional requirements, but the net result is that a hacker or robotic system cannot provide the necessary response. (We’re sure somebody is hard at work to defeat two-factor authentication, but right now, it works.)
  • We use long, complex passwords with upper- and lower-case letters, numbers and special characters. Those are always impossible to crack using the latest available algorithms – at least for now.
  • We use systems that require us to re-log in every 14 days and change our passwords and authentication information. It’s a major inconvenience for us, but it’s much more convenient than having to explain why we need to react to a security breach.

A larger IT service provider with multiple technicians available to service a client can also store information securely in one place, but all the technicians need to access it. Some questions you should ask include:

  • Where do you store my information?
  • How do technicians access my information?
  • What protocols do you follow for user names, passwords and other authentication?
  • Are you notified when my information is accessed, and are you able to track who accessed it?

Your IT consultant must be able to advise you on the best security measures to take within your own organization. They should be able to help you design and install a set of procedures for any point at which information is accessed, such as:

  • Accessing specific files or categories of files from within your office or offices that are stored on your own server or on a server hosted by a third party (a cloud provider)
  • Accessing that information from a remote location, such as a home office, where you can install and monitor security measures
  • Accessing that information from a remote location, such as a customer’s place of business or a public place, such as a coffee shop or airport, where you cannot verify the security of a network.

You may also need to set up encrypted email, which we did for an insurance business. Our client reasoned that while they can control exchanges with their clients, they cannot control what happens when their clients communicate with others. Our client needed to be able to show that their security measures would stand up to an outside audit.

If you have any questions about how we handle your information, feel free to contact us at any time by email or phone – 973-433-6676. We would be more than happy to review our policies and procedures in general and for your information in particular. We can also help you develop and implement a security program for your business – or home – system.

Listening to Kidz

One of our clients has launched a new website that looks at how kids look at restaurants. Aside from the specific market need the new website is attempting to fill, it’s also giving us a different perspective on online reviews and how they’re used.

The website, www.kidzdish.com, comes from his experiences dining out with his wife and their two daughters. He notes that his daughters are observant and notice things that would never occur to him or his wife. As parents of two children, it resonated a lot of ways for us.

On one level, it’s a great tool for teaching children how to write reviews – which we all depend on for choosing restaurants or buying ingredients and tools to make dinner at home. It helps them sharpen their observation skills, and that will be critical as they get older and as their lives become more multi-faceted.

On another level, it gives parents a good tool for teaching their children how to use the Internet, and it provides strong parental controls. The benefit for that, too, is the creation of a family activity that’s centered around the Internet.

The website has also made us more observant parents. When we go to restaurants, our kids are usually hungry, and the faster they get the food they want, the better the experience for everyone. We now notice – and can tell all potential customers – if the servers get to us quickly, how they pay attention to our kids’ concerns, and if they bring out their food before ours. That last point is key for us. As parents, we can’t eat until our kids are served, and if we have to wait, our food gets cold. So, when our kids post reviews of restaurants we patronize, that’s one factor they will use to rate the place. They’ll also discuss how they were treated by their server, such as: the server treated me like a little kid, or the server made me feel special and let me know we were appreciated as customers. Oh, yes, they also will comment on the texture and flavor of the mac-and-cheese.

As online interaction continues to play an increasingly greater role in how we live, we support the growth of websites such as this, which give our kids the chance to develop mindsets and skill sets for a communications channel that carries more information at breakneck speeds every day.

What are your thoughts? Leave a comment and let us know. And if you are concerned about setting parental controls on computers or devices in your household, we can help. Call us – 973-433-6676 – or send us an email to discuss your needs.

 

Passwords and Passing Information

We’ve had numerous articles over the years about strong passwords, thinking before you click and responding to requests for sensitive information. A recent seminar and a personal experience brought it all together. You still need to be mindful of several principles that can keep your systems – and your sensitive data – more secure.

At the seminar, conducted by a cyber expert from the State of New Jersey, the presenter said he “cringes” at the “stuff” he sees on walls when he walks into many offices. People have Wi-Fi passwords on sticky notes on the walls near their computers. Passwords are taped to monitors, or people use very simple, easy-to-crack passwords.

Yes, those notes are a convenience for busy, overworked people, and state employees are not exceptions. We’ve seen a lot the same things when we service our business clients – and you have to ask the question: Who else is seeing this information?

The answer is that countless people who you can’t recall have probably seen the information. Anyone who visits your offices can see passwords hanging on the walls of cubicles or taped to monitors. If you have a lot of traffic in your office, the chances are greater that your networks and data have been compromised. If salespeople, contractors and others need Wi-Fi access to work in your office, have you given them the network password instead of a guest network password? Even if you don’t have a lot of visitors, do you have a cleaning service? Any member of the cleaning crew could see that information and access your network and files.

The solution is simple: Don’t allow anyone in your office to leave passwords out in the open. If they must be written down so you and everyone in the office can access the correct information when they need it, then keep that information in a locked desk drawer.

You can take additional steps, such as changing your network password frequently, requiring your employees to change passwords frequently and establishing rules about the number of characters and types of characters that must be in a password. If outsiders need access to your network, set up a guest password – and change that even more frequently.

Remember, your security is only as good as the worst security of anyone who has access to your network.

Outside the office, make sure that you and everyone in your company have secure passwords for computers and mobile devices – especially if you have sensitive data, including passwords, on them. We can help you install and teach you how to use security systems that can lock computers and devices if they are lost or stolen.

Because we go in so many public places and can tend to leave computers and devices on a table, for example, it makes more sense to make more use of the cloud for storing sensitive data. Yes, we can lock devices and encrypt data, but unless you have a backup program, the data can be lost. We recommend both having a backup program and using one of the major storage providers such as Google, Dropbox, iCloud or Office 365. They all have security protocols to protect access – unless, of course, you have left your passwords on your computer or device or have used a simple, easy-to-crack password. They also have redundant systems to make sure your data are accessible anytime from anywhere.

While we are on the subject of security, this is a good time to remind everyone to think before you click. We recently installed a new PC for a client, and within a month, the client saw a pop-up message about a problem with the computer and a “solution” to fix it for $499. And instead of a credit card, the “solution” provider wanted the money transferred directly from a bank account. Fortunately, the client realized the error and was able to call the bank and freeze the account before the money was taken out – and before more was sucked out by the scam artist.

We were guilty of not thinking right away, too. One of our business partners sends us a check once or twice a year, and they wanted to switch to an ACH system. They sent us an email asking us to respond with our bank’s routing number and our account number.

I started to reply – without thinking it through – and then realized before I sent anything that this was an unusual request for sensitive information. I stopped and phoned the company. Yes, it was a legitimate request from our partner, but we can all learn two important security lessons from this:

  1. Don’t just respond to an emailed request for information – no matter how legitimate it looks. There are too many ways to spoof an email address or a phone number. Find the phone number of that person and that company independently, such as opening your browser and entering the website address (url) that you know or find through an online search.
  2. Never send sensitive information, such as passwords and bank accounts, by email. A phone call to the person you have identified as a legitimate employee who is designated to take your info is safe. So is using a secured page on a legitimate website.

Security is critical. If you have any questions about security measures for your system, email us or call us – 973-433-6676, and we will respond in a timely manner.

Windows 7 Pain Management

Windows 7 is still a viable operating system for many businesses, but as more users and software application publishers migrate to Windows 10, using the older system can be very painful. Managing that pain isn’t easy, especially when you have a large, highly customized application package that simply can’t be upgraded to work with Windows 10.

The problem comes when you need to reinstall your Windows 7 operating system. There is just no easy way for this OS, which is 11 years old. In technology terms, that’s more than just a ripe old age. In real-time terms, that old age creates a lot of problems.

The re-installation problem requires you to follow these steps:

  1. Install Windows 7 using your valid installation disk. That’s pretty easy, but don’t get overconfident.
  2. The installation process will ask – really, require – you to download and install Service Pack 1. It’s the only service pack that Windows ever issued for Windows 7. Nor has Microsoft ever released a “roll-up,” which would be a compilation of all updates since Service Pack 1.
  3. So, after you have downloaded and installed Service Pack 1, you’ll need to run Windows Update to get all the critical security upgrades and patches.

Windows Update has more than 200 important updates. You need to start the sequence, and then, you need to pay attention. There are numerous points along the way where you need to reboot your computer to complete the installation of an update. Then, you need to continue Windows Update.

We have reinstalled Windows 7, and it has taken us two to three hours with a fast Internet connection. If you have a slow connection, it can be like riding a bicycle on the New Jersey Turnpike.

If a re-installation is something you must do, we can walk you through the steps. However, you must be asking why all of your application software can’t just run on Windows 10?

For highly customized software, such as a Sage accounting program that one of our clients uses, there is a compatibility issue as well as a financial consideration. Windows 10 has a number of security features that will not work with a Windows 7-based application program. They are not issues you can solve simply by not using all the features. The application software must be compatible with the OS. The financial consideration is that an upgrade to the accounting package would be $15,000. The cost of the time to reinstall Windows 7 is nowhere near that, and that’s probably the pain-management equivalent of taking aspirin until the pain goes away.

If you are fortunate to have some planning time, you can manage the pain more effectively by talking with the app publisher about updates. Those are always difficult for the app publisher because customized programs take a lot more of their time. They need to write the upgrades into their basic package and then to several steps farther to add your customization. Customized software packages have a lot of moving parts.

Some other factors to consider as you migrate is how much you need to keep everyone together. If you have a senior executive moving to Windows 10 ahead of most of the people in the department, how will that affect everyone’s ability to use the same applications. Windows 10 and Windows 7 versions may be quite different.

In addition to the application aspects of the software, will there be major security gaps between the older and newer versions? As we are harping, security is extremely critical in today’s business-computing world. When you leave certain doors open to get the work done, you may leave an opening for an outsider to come in and compromise your system’s integrity.

If you see your business coming to a crossroads, contact us as early as possible by email or telephone – 973-433-6676. The more time we have to look at your options, the better your probability of having the best possible outcome in managing the pain of transitioning your OS and application software to a more stable, efficient and secure system.

Disappearing Hard Drives?

Will your hard drive go the way of the floppy disk? Fifteen years ago, I never would have given it a thought. Now, I think it’s coming.

Mechanical hard drives have inherent problems. One is that they can wear and crash, and unless you have a good backup system in place, you can lose a lot of important data. Another is that they are slow – some slower than others by design and some slower because they fill up and don’t give your software space to search for the files you need.

The next alternative is the SSD (solid state drive), which is much faster but also much more expensive. While it always comes down to a cost-benefit analysis, the speed differential can be substantial. On startup, a computer with an SSD can be ready to work in 30 to 40 seconds. It can take three to four minutes for a computer with a hard drive to boot up.

The difference won’t seem that great until you experience it for yourself – or see somebody else’s system boot up faster. We love faster computers, and the more data we need to crunch, the more we crave that speed and performance. We have a number of clients who have made the switch and have found it worth the expense to increase their productivity.

If you’re not ready to commit to SSD technology, you could speed up your current technology by moving your data storage to the cloud. With fewer files taking up less space, your computer will have room to look through your hard drive to find the files you need. It will make it faster to save files, too. You could gain a significant time advantage by only keeping “working” files on your hard drive and then putting everything back onto your cloud’s server when you’re finished.

With technology changing so quickly, you may also want to think about changing your hardware more frequently to make more productive systems work more cost-effectively. Businesses depend on productivity increases to reduce costs and add profitability. We can help you look at the future and see what pathways will get you to your goals. Call us – 973-433-6676 – or email us to talk about your evolving needs as the tech revolution continues.

Backdoor Blues Need Legal Lyrics

The FBI’s request for Apple to unlock the iPhone used by the San Bernardino shooters has led to a far-reaching controversy in the United States. Parties on both sides of the issue have valid concerns, and we believe resolutions will need to come in the forms of a Supreme Court ruling (probably first) and federal legislation to better align technology and the law.

In our opinion, this collision was bound to happen because the push and pull between national security and privacy have gotten stronger as technology has made us part of a global society. Looking just at the United States, technology has advanced at a far greater pace than our legal system’s ability to keep up with it. Further, no matter how tightly our laws are written, there are always differing interpretations, and in our legal system, differences are resolved (in theory) through the courts and the appeal process. Even if Congress were to pass a law now to resolve the issue, one side would contest it.

Thus, the likelihood is that any legal decision will be based on a law that is already on the books, and it could wind up before a deadlocked Supreme Court. That’s a possibility, given our political environment.

This is where opinion ends. Here are the issues to consider.

There is no end. Once this specific cell phone is unlocked, the genie is out of the bottle – and the genie has the key to Pandora’s box. As we understand the legal world in practical, lay terms, there will be other legal cases in this country to justify unlocking a phone or any other access point to data, and arguments will be based on rulings that involve this phone. If a party in a lawsuit can successfully make the case that another request justifies unlocking a phone – with an argument made on a very fine point of law – a local or state government, in addition to our federal government, could gain access to data.

Knowing that a backdoor or master key is available, a foreign government could force a US technology company doing business in its country to unlock data. US businesses and citizens could be put between the old rock and hard place without the same legal protections that we have in this country.

There are no secrets. As the saying goes, “a secret is only secret when one person knows it.” Any solution to unlock the password and data on this particular phone will be a team effort. The greater the size of the team, the greater the chance a hacker will find a way to uncover the secret.

The defenses will need to be massive. If Apple and Google have software to unlock encrypted phones, they will be subject to massive “attacks” by parties interested in getting the code. Cyberwar is fought all the time by governments, corporations and hackers of all stripes. Who is going to keep the code, and who is going to have access to it? Defending against attacks burdens the tech companies.

Nobody’s data will be secure. This is the heart of the technology companies’ argument. They tout the security of their customers’ information, whether it be personal identification, health records and financial records. Corporations depend on security and access to how products are manufactured and how products and services are priced. We have already seen how a weakness in a contractor’s IT system opened a door to Target’s records. If someone can get into your phone, how safe will your life’s savings be? Could somebody use your healthcare and identity information to obtain services fraudulently and stick you with the bill?

The tech companies believe they have a responsibility to protect their customers’ data. There are very few issues that bring Apple, Google, Microsoft and others together like this one. It goes beyond mobile phones and tablets. Businesses, institutions and governments collect and store huge amounts of sensitive or proprietary data in “the cloud,” a global system of secure servers, routers and hard drives. These same organizations make extensive use of mobile phones and tablets. The tech companies argue that they must not do anything to violate the trust their customers place in them to protect the data.

What’s the greater risk? Is it a terrorist attack or somebody wiping out the life’s savings of millions of people in a matter of seconds?

Society needs to decide the privacy vs. security issue. It’s not right to make businesses the arbiters of public policy. We need an open, honest discussion of all the ramifications of possible laws, including the unintended consequences that always arise, and we need laws that do the right thing. There will never be complete agreement, and the right thing may not be the popular thing.

You can read many of the arguments from Apple and other tech companies here – as well as support from various privacy groups. There are no easy answers to the questions surrounding the issue.

Our call to action here is to speak up. We invite you to leave a comment below, and we encourage you to contact your government representatives to let them know what you think. We can sing the blues about privacy vs. security, but at the end of the day, our lyrics need to lead to laws.

 

Seniors and Scammers

People 60 years and older seem to be victimized more than any other group by scammers, whether they operate online or over the phone. While it’s always easy to let your guard down at any age, older people seem inclined to be more trusting when they get a phone call.

The rules for seniors apply to people of all ages. It starts with being an active listener and observer for three alarms.

The first alarm is visual as well as audible. Voice Over Internet Protocol (VOIP) telephone systems are totally Internet based, and that allows any system owner to program a caller ID to appear as any phone number. It can be your local area code or an area code from anywhere in the US or the rest of the world. Scammers match a phone number to a name in a database, so it can even display a name that looks very normal with an unrelated phone number that looks normal. Sometimes, you’ll just see a string of random numbers. Be careful, and if something doesn’t sound right, disconnect the call. None of those phone numbers can be traced.

We live in a diverse society, so don’t take this second alarm the wrong way, but listen for an accent. A lot of scammers call from other countries because they can avoid a lot of laws in the US. If you hear an accent and something doesn’t sound right, don’t give the caller access to your computer or any other information and disconnect the call.

A third alarm is any caller who claims to be from Microsoft, some other large technology company or the IRS. Microsoft and the IRS, for example, will NEVER call you on the telephone to tell you there’s a problem with your computer or a tax return. Microsoft does all of its updates online through Microsoft update, and the IRS sends you a letter – by snail mail.

When it comes to the telephone, screen your calls. If the caller doesn’t leave a message, it’s just as well you didn’t talk them. If you get a call from someone who is NOT your IT consultant and who says he’s discovered a problem on your computer, hang up.

Also be careful of pop-up messages while you are surfing the web. Scammers can break through weak security measures on some websites or a hole in your security and insert a pop-up message. When you click a link on that message, they’ll make the screen look like your computer is infected. Then, they can offer you a repair or a service subscription while they gain access to your computer – allowing them to infect your computer or hold your data hostage.

Cybercrime is a fast-moving target. If you suspect something wrong, it might be best to shut down your computer and call us at 973-433-6676. We can discuss the best plan of action, which could a remote check of your system or an on-site visit. For non-emergencies, you can email us, too.