Don’t Go to the Dark (Web) Side

The story of the hacking frenzy would be incomplete without mentioning the dark web. Some adventurous souls might think they can just drop in for a quick visit to see what’s it like and leave, but two thoughts come to mind: Trying to leave the Hotel California and a lamb sauntering into a lions’ den. Resist the temptation to take a peek.

Trying to poke around the dark web just for grins is the equivalent of going to a bad neighborhood at 2 a.m. just for sake of seeing what it’s like. It’s the place where stolen information, such as driver’s license numbers, credit card numbers, health records and the like are bought and sold. It’s no place for thrill seekers.

Yes, there are websites that will provide you with information on how to get to the dark web, and privacy is critical. Those who trade illicit information guard their privacy very tightly, and they use special VPNs (virtual private networks) to make sure they minimize detection by other criminals or law enforcement officials. And, you also want to minimize your exposure to other criminals who won’t think twice about stealing info and money from you.

Cybercriminals using the dark web never use any common ISPs (internet service providers) or browsers. That’s like walking into the bad neighborhood wearing a bright-colored reflective jacket. Rather, the dark web relies on special browsers designed to be undetectable. Users are advised to disconnect and/or disable recording devices such as microphones and cameras.

Dark web transactions are generally done using Bitcoin or some other form of cryptocurrency that makes it difficult, if not impossible, to trace the hands through which money passes. Users of the dark web generally use multiple aliases and anonymous email addresses to hide their identities and locations.

Criminals on the dark web know that other criminals and law enforcement agencies are marshaling all the tools they can to crack the dark webs, and the sophistication on both sides is constantly evolving. If you suspect some members of your family or employees might be thinking about taking a little peek at the dark web, let them know it can be an extremely dangerous undertaking. Once anyone wanders in, they’re prey for hardened criminals, and it’s unlikely they can wander back out.

If you’re concerned about whether someone in your home or office may have compromised your system’s security in some way, call us – 973-433-6676 – or email us for a security audit. If there’s something going on, we can take steps to mitigate the effects.

Spoofs and Email Management

Spoofing email addresses is so common that you might as well accept the fact that you have to scrutinize every message you get. With our switch to a new Office 365 management portal, many clients have been getting emails allegedly from Microsoft, and some are more obvious spoofs than others. It might be time to look at your email management processes.

Hackers use spoofing as a way to get into your computer or network. They are relying on your carelessness to click a link that allows them to introduce some sort of malware that will give them access to your critical personal or corporate data and your address book or contact list. Once they get in there, they can replicate the same message that snared you and hope they get lucky with a few more careless people.

To clean out the malware, we need to isolate the message to see what the hacker is spreading through your system. We’ve received a number of calls from clients in the past few weeks about problems with spoofing, and our issue has been the size of clients’ email folders. Simply put, when there are 100,000 messages stored in the inbox, finding the spoofed message that caused the problem can be extremely time-consuming.

In all likelihood, you’ve run into a similar problem when trying to find a specific message. Outlook gives you some search parameters for finding any message you may have saved, but because of the way most people search, you get a lot more possibilities, and that still slows down your search. And, of course, the more messages you have stored in one place, the longer it takes your program and you to find the message you want.

Setting up an email management system can make your searches more efficient, and it can also help you or any IT support team isolate a message that might be causing a problem with your system. Again, Outlook has a few tools, but you might want to start by creating a system of subfolders within your inbox. For example, I file all emails by client, and within each client, I file them by the year. That makes it easy to get to a place to find a message I want to retrieve. It’s similar to the way most of you would set up folders for documents, photos and videos, and business records.

Of course, that system is only as good as the effort you put into moving messages to folders. If you suffer from a severe case of email overload, you may want to consider an archiving program that works on the back end of your email program. It can be especially helpful for a business, particularly where employees deal with multiple people from the same organization. For as little as $3 per month, it can set up and execute a system that even isolates people within a company, making it easier for you or anyone in your organization to get to a specific message to resolve any kind of problem – customer service or malware.

While home users may not be concerned with customer service issues, there are times when you need to find a message to resolve a problem, and good organization can make a busy life a little less hectic. We can help you set up set up Outlook folders or find and set up an archiving system that works best for your needs. Give us a call – 973-433-6676 – or email us to discuss your email management issues and explore the most appropriate solutions.

Safe Travels, Safe Wi-Fi

It’s getting near spring-break time, and summer vacations will soon follow. You may have seen the reports about wi-fi issues and data security. One of the biggest problems you face is how easy it is to log onto a “fake” wi-fi network – a network that is neither part or your hotel’s system nor secure. But if you pay attention and follow a few simple tips, you can safely stream your favorite content and handle some routine email tasks.

The first and most obvious thing to do is make sure you understand your hotel’s or resort’s log-in information when you check in. Get the proper names of any network that the hotel makes available for you. Then, when you try to log in when you get to your room or sit down at the pool, you can pick out that network from the many that will display when your computers or devices search for the network. Don’t be surprised to see several networks that have spellings or character-and-number sequences that are similar to the networks you were given at check-in.

When you go to log in to the network you’ve selected, you’ll likely be asked for your name and room number. Tip No. 1, don’t enter a correct room number or even a correct name. Misspell your name, if you want. If the network lets you in, then you are not on a legitimate network. If you are denied access with your incorrect info, you should feel confident the network is OK.

Depending on the property’s size and network setup, you may be required to log onto multiple networks. Follow the log-in test for each network. And, most important, make sure everyone in your family or travel group follows that procedure because the breach of one computer or device could compromise everyone in the group.

Also, be aware of network names and connections as you float around. You or one of your family members could inadvertently wind up on an open, unsecured network that can be used to breach your computers or devices to steal information. Tip No. 2, you might want to consider disconnecting from the network when you finish your online session.

Tip No. 3, don’t use a wi-fi network conduct online business, such as credit-card purchases or accessing your bank accounts. You should also avoid wi-fi for logging onto sites related to your health or finances. Instead, use your cellular network. It’s much safer. That may require you to make some additional arrangements with your cellular carrier or to buy and install a SIM card with a data plan for service. However, it’s well worth the time and expense.

Personally, when I travel, I “hotspot” my computer in connection with my cell phone number. It can be expensive (though that’s a relative term), but it removes me from the wi-fi network. So far, hackers have not breached the cellular networks.

Just as a related point, if you are going to depend more on cellular data, make sure you have a plan that will cover your use, and make sure everyone who uses your plan knows its limits. If you’re streaming a lot of video content or gaming, data gets sucked up faster than you can imagine, and charges for exceeding your plan’s limits can be steep.

We can help you prepare for an internet-safe trip or make sure your systems are secure whenever you go remote near your home or office. Call us – 973-433-6676 – or email us to set up an appointment to look at your systems (we can do a lot remotely) and answer your questions.

Fraud’s Warning Signs

Anyone who tries to defraud you online – or even on the telephone – is literally banking your carelessness. Take a good look at emails and links and listen carefully on the phone. You can spot the fraud, and if you’re not sure, disengage and call the person you think contacted you – on the telephone – or send a new email, totally separate from the thread.

It’s important to be on “high alert” because the hackers and scammers are at the top of their game, and their targets include trusted advisors, such as accountants and tax preparers. We should state that these people should have secure systems in place and should know not to send or request sensitive, confidential information through email.

But at the end of the day, you need to take ownership of your privacy, so here are some tipoffs that a communication might not secure or might be out-and-out fraudulent.

First, does your accountant normally contact you by email? If not, that ought to raise a red flag. Second, can you absolutely verify that the email is from your accountant? While some email systems are good at spotting something fishy (or phishy), a scammer is betting that you’re not going to pay attention. Check the properties of an email address. It could very well be that cybercriminals were able to recreate the look and feel of an email from your accountant, but unless they actually got into the accountant’s server, a phony email will have a phony email address.

Attachments can be another tipoff to fraud. You should be suspicious if you get an email with attachments that are supposed to be forms, such as a tax form you need to fill out or a return to verify, are you being asked to provide your Social Security number and maybe your birthday? Can you open it without having to go to a secure website and enter a password? That doesn’t pass our initial smell test.

If your accountant does contact you about sensitive information or forms, are you referred to a secure website? Do you have that link with your access credentials safely stored? In a safe world, you can log into your account by entering the website address from your browser and entering your credentials.

If something doesn’t look right, you should always be able to call your accountant on the telephone.

And just to go one step farther this spring, here are some other things to be wary of.

Are you getting emails supposedly from someone you haven’t heard from in ages? And does have a short subject line, such as “hi”, with no message but a link? That’s a sign of fraud and clicking the link could open a breach in your system that can expose your sensitive data.

Are you getting Facebook friend requests from people who are already your friends? That’s generally a fraudulent request by someone looking to get into your system.

Anyone using fraudulent methods to get into your computer system may also be planting some kind of virus or malware to help infect other computers. If you think you may have clicked a link by mistake that could lead to a breach of your system, shut down your computer and disconnect it from the internet. Then call us – 973-433-6676 – so that we can apply our tools and expertise to minimize the damage and clean up your system.

Spectre and Meltdown Raise Need to Update

We’ve seen lots of patches from chip manufacturers and operating-system publishers trying to resolve the Spectre and Meltdown issues. Their effectiveness is mixed, but there are a couple of things you can do to help protect your systems: backup your files and update your software.

The patches came out quickly last month, and they kept on coming as chip manufacturers and publishers of apps and operating systems tried to close the open doors that Spectre and Meltdown use to get into a computer. If you installed all the updates, even multiple updates from chip manufacturers and software publishers, you did the best you could to mitigate problems.

If you haven’t installed updates for operating systems, applications, firmware, browsers and antivirus protection, do it NOW. If you have not set up your systems to automatically install updates, we suggest you do that now, too. Every supplier with a stake in your success is working ‘round the clock to shore up any weaknesses in their products. The faster you install them, the faster you’ll protect your systems and data.

Here is what you and the computer industry are up against:

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and the secrets, of other programs and the operating system. If your computer has a vulnerable processor and runs an unpatched operating system, you risk leaking sensitive information. This applies both to personal computers as well as the cloud’s infrastructure.

Spectre also breaks the isolation between applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets and may actually make applications more susceptible to attacks.

While Spectre and Meltdown affect chips, they resulted in computer failures that, in turn, resulted in the losses of apps and data files. In a number of cases in which our clients were affected, we found that Google Chrome was piece of every problem. We don’t say this to point a finger at Google; we note it to make sure you have the latest version of your browser installed.

In the more severe cases, we had to reinstall software systems – with all the cumulative patches – and data files because everything was wiped out. In the most extreme cases, we had to replace computers. This, of course, required that all data files were backed and that all software for operating systems and applications were licensed.

Using subscriptions for operating and application software can eliminate just about all problems associated with keeping your systems up-to-date and licensed. They also can provide access to backed-up data files to help restore your system. The bottom-line benefit is that if your system is struck by some disaster, which can include Spectre and Meltdown, a ransomware attack, or a virus or malware invasion, we can wipe your computers and servers of infections and initiate clean installations of your operating system, firmware, and application software and then restore settings and data.

Without the subscription, you may need to purchase software and then recreate all of your settings as best as possible. And if you don’t have data files in a separate, secure location, you’ll need to find the latest files you have and then restore them in your recreated system.

As we make these points, we are aware that everyone has budget restrictions. However, you need to look at the costs associated with an interruption due to an IT system failure. Any money you may have saved by hanging onto old equipment and software can be wiped by a single event.

By making smart investments to your system, you’ll be able to maximize your security and efficiency. That’s important for home use as well as a business. More and more, we have multiple users conducting some sort of transactions over the internet, and those activities can take place from remote locations. It’s a continuing trend in our use of technology. Subscriptions are a continuing trend, too, in the way we keep our systems ready to do all the things we do.

We can help you make the best decisions to balance your IT needs and available funds. Call us – 973-433-6676 – or email us to discuss your update needs and develop a plan to meet them.

Protecting Your Email Accounts

My dad wasn’t getting his personal email for a few days and thought it was because his service was down. We found otherwise, and he wasn’t the only victim. The message here is: Pay attention to oddities.

One of my dad’s symptoms of an email problem was that he wasn’t getting any messages. Unfortunately, that symptom doesn’t raise too many eyebrows these days because he figured a server was down – again.

But when the problem continued, he called, and we logged in to discover that his email was being forwarded to a Gmail account. We were able to re-secure his account, and it was one of those “no harm, no foul” situations this time. Next time, he might not be lucky.

But my dad wasn’t the only victim of an email invasion. One of our clients with an international business discovered that for a couple of days, all of their email was going into the “deleted” folder. They were expecting to have money wired in, so the email problem put them on heightened alert.

When we investigated, we found that they had been hacked and that hackers had added a rule to their email system that sent messages to the “deleted” folder and also forwarded the messages to an email address they had set up.

Both instances point out the need to be vigilant – and to follow safety precautions we’ve mentioned many times before.

  1. Make sure you have a strong password.
  2. Use long passwords that include upper- and lower-case letters, numerals and special characters.
  3. Change your password periodically.
  4. Never put information such as Social Security and bank account numbers in emails. They’re so easy to get picked off by hackers.
  5. Avoid sending emails that have umpteen thousand addresses in the “To” and “Cc” lines. It’s very easy for hackers to insert their own email address into someone else’s name and start a phishing expedition that could reel in sensitive, private information.

If you notice something funky about your email, get in touch with us right away. Call us – 973-433-6676 – or email us to help secure your email.

‘Free’ Streaming

Not all streaming is meant to be shared – or least not shared with dozens of strangers around the world. Cable companies and content providers are concerned about lost fees as access credentials to programming are increasingly abused. They’re cracking down on piracy.

Stealing service has been a problem since the first electrical wires and meters were installed more than 100 years ago. For cable and content providers, it became an issue when the first cable wires were strung up. The problem has grown as technology has developed more content and more ways to get it. Putting aside the issue of whether it’s all overpriced, it costs money to develop and deliver the content we love to watch, and too much of it is “falling off the back of an electronic truck.”

We can watch content for free on our TVs when they receive broadcast signals. But for the most part, the only people who watch broadcast TV are those who have cut the cord and stream through their TVs on their internal Wi-Fi or wired networks. For them, a TV is a device, just like a tablet, wireless phone or computer.

Cable providers have relationships with content providers that enable subscribers to stream cable-delivered content or simply stream it from the content providers. You get a username and password, and you’re good to go. You can even share your account with others, and almost all of us have done it at one time or another, especially with Netflix or Amazon Prime. Some providers encourage it.

Unfortunately, some people have taken sharing too far. The content industry has been OK with sharing info with a few friends or family members, but the problems arise when those friends and family members start sharing access with their friends and family. It’s all gone viral, and it hasn’t gone unnoticed.

Every provider who issues usernames and passwords also has the means to track who is accessing content and where they’re watching it. They expect that subscribers will stream their programming when they’re traveling, and they can usually verify access privileges are being properly used. Most vacations are a week or two, and even if you move around a bit, you’re generally not in locations a world apart within the space of two days – or on the same day.

The industry can track possible abuse, and there are steps they can take – if they haven’t done so already – to limit access without alienating honest, rule-abiding subscribers. They can require all subscribers to re-enter or change passwords more frequently. It’s a risk for them because some subscribers may find this an inconvenience and drop their service. However, it’s one way to shut off access to a large number of pirates in one fell swoop.

They can also limit the number of shares they’ll allow. While Netflix, for example allows up to four shares for its most expensive plan, and providers such as HBO and DirecTV allow limited sharing. ESPN may have limits on how many streams are allowed, but that could be independent of limits placed by cable or satellite carriers.

The industry can threaten to cut off subscribers – or actually cut their cords – but that gets into all sorts of sticky legal and customer-service issues. For example, do you take action against the parents who gave their college-age kids access? Do you go after their kids? Do you go after the users of devices they believe are “invalid users?”

This problem will become more prominent on the industry’s radar screen because a lot of money is at stake. Content producers need to be paid for their product, and that payment depends on how many subscribers watch it. Cable and satellite companies pay fees to producers and collect fees from advertisers and subscribers based on the number of valid users. Nobody wants money taken off the table because of a discrepancy between subscribers and viewers.

Finally, all this sharing raises a nagging question in the back of our mind: If someone has access to an account that you pay for, how can they use this access for their own gain at your expense? Call us – 973-433-6676 – or email us for help in tightening up your access controls.

Are You Printing Invitations to Your System?

Printers have been fingered as the weak link in many business and home networks. Most small businesses and home users tend to run their printers into the ground, and the longer they hang around without the latest firmware updates, the more vulnerable they are to a cyber-attack.

You can stop printing invitations to intruders – even with your current, old printer. Let’s start with the firmware. Simply go to your printer manufacturer’s support website and you can see all the firmware and driver updates available for download and installation.

Whether your printer is on a home network or small business network, make sure your firewall software is up to date and that you have a strong, secure network password for each printer. It’s too easy, especially in an office, to use a simple password that everyone can remember and hackers can figure out. And too many, especially in an office, keep their passwords stuck to monitors, where anyone walking by can see them. Your employees and/or family members just need to bite the bullet and remember a strong password – and keep that knowledge to themselves. It’s also worth noting, too, that sometimes the printers don’t even have those default passwords; they have none at all.

You can further restrict access to your printers by properly managing your printer settings and ports. Just as we’ve seen everything related to the IoT, printers can be shipped with default settings controlling printers and default port assignments. Any third-rate hacker can figure them out. You can and should change them immediately when you set the printers up to work on your networks.

Some manufacturers are recognizing the role they can play in protecting your printers. HP recently introduced its Connection Inspector for enterprise systems, and we can only hope the company and other manufacturers start incorporating similar tools for small businesses and homes.

The new tool is designed primarily to combat malware intrusions through printers by looking at unusual behavior on network traffic going to a printer. It learns what “normal” traffic looks like, and when it detects malicious activity, it can immediately go into a protected mode, stopping any further unfamiliar or unusual requests and sending a warning to IT administrators. It can even trigger a reboot of the printer.

We’ll keep an eye on developments in printer security to let you know when tools like Connection Inspector become available for you. There should be an incentive to develop them because more and more professional services corporations and families, especially those with school-age children, rely on remote and/or wireless access to printers to create hard copies of information in a corporate database or a collaborative research project.

In the meantime, we can help you tighten your printer security by looking at your machine’s settings and ports and checking your network’s security, too. We can also help you with the installation of firmware and driver updates. Call us – 973-433-6676 – or email us for an appointment. It’s time to make sure you’re printing documents, not invitations to enter the inner sanctum of your system.

‘KRACKing’ Your Wi-Fi Network

KRACK is an ominously named crypto attack that exploits a flaw in the process of connecting a device and a Wi-Fi network. By allowing network access without the password, effectively it opens up the possibility of exposing credit card information, passwords, and practically any other data on your device. Here’s how to protect yourself – somewhat.

Using WPA2 security, the standard of protection for the past 13 years, is still the way to go, and setting a strong, secure password is just as important as it ever was. But it’s like a lock on your front door. Locks, according to conventional wisdom, keep out honest people. But a lock that’s strong enough to delay a would-be thief was thought to still be effective.

That was until KRACK (Key Reinstallation Attack) was discovered. It exploits a flaw in the four-way handshake process between a user’s device trying to connect and a Wi-Fi network, allowing an attacker to access a network without the password. It’s an equal-opportunity attack, too. It can affect Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others, but the most current versions of Windows and iOS devices are not as susceptible to attacks because of how Microsoft and Apple implemented WPA2. Linux and Android-based devices are more vulnerable to KRACK.

Fortunately, it’s not a helpless situation. Attacks can only be successful when someone has access to the wireless network you’re on at the time of the attack. That means you need to be especially careful on public networks. You can further help yourself by:

  • Making sure you’re up to date with all available security patches
  • Using a VPN, which will encrypt your internet traffic
  • Visiting only websites that use HTTPS, though it’s not a guarantee you’ll be safe.

We’ll keep you updated on developments against KRACK, and we can help you now by taking a look at your systems and security to make sure you’ve maximized your protection. Call us – 973-433-6676 – or email us for an appointment.

Here’s Lookin’ at Your Password

Passwords are just as painful for companies that require them as they are for you. And, they’re expensive as well as subject to theft. What are we looking at in the near future? The eyes have it.

Microsoft and Apple are moving ahead with facial recognition to replace passwords. The technology is getting better and better, and, let’s face it, once their systems can recognize you and match you up with other records, you won’t have to remember some arcane, complex password – which you could mistype…

Going “password-less” would create a huge economic benefit for the business world. At our recent Microsoft IT conference in Orlando, the company said lost passwords are their biggest IT cost. In the month of July, they spent $686,000 in IT-related costs for restoring forgotten passwords. Annually, the cost is roughly $12 million.

The way systems work, it’s always to your benefit to say you’ve forgotten your password if you risk being locked out of website or application, such as your Office 365 account or a bank account. While their security needs dictate making a password reset more difficult, the complexities raise costs.

Also, in today’s world, all of these systems and interactions can be hacked, and dark-web operatives can change your letters, numbers and special characters once they’ve cracked your code. Your face is another matter. And while someone at some point in the future will figure out a way to defeat facial recognition, I believe this gets us ahead of the curve – for now.

Microsoft has facial recognition tools available for computers that have Windows 10 with Hello installed, and Apple has it for iPhones and iPads. While you can use them now for their own websites and online apps, it will take some time for the rest of the online world to get there. Your bank or credit card company, for example, will need to develop tools that work with all platforms and operating systems, and they will need to make sure online performance doesn’t suffer.

One online security app that some banks encourage their customers to use is Trusteer. While it can be effective as form of two-factor verification, it can slow down a user’s computer. We’ve had numerous incidents of clients calling us about slow computers, and Trusteer has been the problem. Once it’s uninstalled, performance levels return to what they should be.

There are other two-factor authentication methods you can use, but you’ll be up against that issue of whether you want more convenience or more security.

If you have any questions about facial recognition tools or two-factor authentication, call us – 973-433-6676 – or email us. New technologies can be scary, mostly because you can worry about making a mistake somewhere that can lock you out of the info and apps you need for work and life. We can help you navigate the brave new world with confidence.