Posts

Yes, Macs Can get Malware

So Macs can be infected with malware. Who would have ever thought? The malware at issue here is the dreaded ransomware. Ransomware scrambles up your files, and the hacker at the helm says he’ll give you the cyber “key” in exchange for a handsome payment.

6DRansomware historically has primarily impacted Windows users, but recently it got into OS X—its latest version, Transmission.

  • The virus cyber-incubates for three days.
  • Then with a Tor client, it connects to an Internet server and locks vulnerable files.
  • The cyber key costs $400.
  • Nevertheless, this attack, which doesn’t happen as easily as, say, being lured into clicking a malicious video, is easily spotted.
  • Apple quickly mitigated the problem before anyone’s data had a chance to get encrypted by the virus and held hostage for the bitcoin payment.
  • In summary, Macs are not immune to ransomware, but the circumstances under which the user is victimized are unique and rigid.
  • To avoid the crush of a ransomware attack, regularly back up your data!

It’s time to take precautionary measures, while at the same time, not allowing anxiety to creep in every time you use your device.

  • Be careful when downloading applications.
  • Never run apps that are unfamiliar to Apple. Go to System Preferences, then Security and Privacy, then General.
  • You will see three safety levels. Now, you should never download an app from a third-party vendor. One of the safety levels is called Mac App Store. If you choose this one, all the apps you get will only come from the Mac app store, meaning they will have been given the green light by Apple.
  • To widen the app selection, you can choose Mac App Store with identified developers. This will allow you to get applications created by developers whom Apple has endorsed. However, this doesn’t mean it’s as secure as the Mac App Store choice, because the identified developers’ product was not tested for security by Apple—but at least Apple will block it if it’s infected.

Updates

  • Never put off tomorrow what you can update today. Download updates the moment you are cued to do so.
  • Go into the App Store, hit Updates and then Update All to make sure you’re caught up on updates.
  • To avoid this hassle in the future, put your settings on automatic updates: System Preferences, App Store, Download newly available updates in the background.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Protect your small business against viruses with these tips

It is September and it’s National Preparedness Month—a great time to get involved in the safety of your community. Make plans to stay safe, and this includes maintaining ongoing communications. National Preparedness Month culminates September 30th with National PrepareAthon! Day.

6DI learned in high school biology class that one of the things that distinguishes life forms from inanimate objects is that living things replicate. Therefore, a computer virus is, well, alive; it replicates itself. It’s alive enough to cause billions of dollars of destruction from the time it attacks a computer network until the disaster is cleaned up.

But just what is a computer virus?

Not only does this nasty program file duplicate itself, but it can spread to other computers without human involvement.

Unlike a virus with DNA, a tech virus usually doesn’t produce symptoms to give you an early warning. But it’s hell-bent on harming your network for financial gain.

Though a virus is malicious, it may impersonate something harmless, which is why the user lets it in. One type of virus is spyware— which allows your computer to run smoothly as always, while the spyware enables criminals to watch your login activities.

Though viruses often corrupt in secret, others can produce symptoms including:

  • Computer programs and smartphone applications open and close spontaneously.
  • Computer runs very slowly for no apparent reason.
  • Someone you know emails you about the global email you recently sent out promoting a product you have nothing to do with.

You can protect yourself or your business from a virus in the following ways:

  • A malment is a common way to let a virus into your computer. This is a malicious attachment that, when clicked, downloads the virus. The email message tricks employees into clicking that attachment. Unless it’s been confirmed by the sender that you’ll be receiving an attachment shortly, never open attachments. Or at a minimum, scan them with antivirus software.
  • Never open an attachment sent out of the blue by the IRS, company bank, credit union, medical carrier, etc.
  • Apply the above rules to links inside emails. A “phishing” email is designed to look legitimate, like it came from the bank. Click on the link and a virus is released. Or, the link takes you to a site that convinces you to update some login credentials—letting the hacker know your personal information.
  • Never use public Wi-Fi unless you have a VPN (virtual private network) encryption software.
  • All devices should have continually updated security software including a firewall.
  • Browser and operating system as well should be updated with the latest versions.
  • Prevent unauthorized installations by setting up administrative rights.
  • Employees, from the ground to the top, should be aggressively trained in these measures as well as bring-your-own-device protocols.
  • Back up your data. Why? Because when all else fails and your data and devices have been destroyed by malware, a cloud backup allows you to not only recover all your data, but it helps you sleep at night.

The prevention tactics above apply to businesses and really, everyone. Employees should be rigorously trained in how malware works and other tricks that cyber thieves use. To learn more about preparing your small business against viruses, download Carbonite’s e-book, “5 Things Small Businesses Need to Know about Disaster Recovery.”

#1 Best Selling Author Robert Siciliano CSP, CEO of IDTheftSecurity.com is a United States Coast Guard Auxiliary Flotilla Staff Officer of the U.S. Department of Homeland Security whose motto is Semper Paratus (Always Ready). He is a four time Boston Marathoner, Private Investigator and is fiercely committed to informing, educating, and empowering people so they can be protected from violence and crime in the physical and virtual worlds. As a Certified Speaking Professional his “tell it like it is” style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders. Disclosures.

What is a Computer Worm?

Worms. Most of us probably think of them as those squirmy invertebrates we dissected as a kid or found on the sidewalk after a storm. You might have used them as bait for fishing (not phishing), to pull a prank or have even eaten them (no judgment).

6DWhether you like worms or not, there’s one kind of worm that definitely isn’t your friend—the computer worm. This kind of worm is a computer program that can replicate and send copies of itself to other computers in a network. Worms are considered a subset of viruses, but unlike viruses they can travel without any human action.

Most worms are designed to exploit known security holes in software, although some spread by tricking Internet users. Mass-mailing worms, for instance, spread via email or instant message (IM). They arrive in message attachments and once you download them the worm silently infects your machine. Peer-to-peer (P2P) networks are another avenue for worms: cybercriminals upload infected files with desirable names to entice users into downloading them. And once you download the file your computer is infected.

Once your machine is infected, the worm can corrupt files, steal sensitive information, install a backdoor giving cybercriminals access to your computer, or modify system settings to make your machine more vulnerable. They can also degrade your Internet connection and overall system performance.

The good news is there are steps you can take to keep your computer from being infected:

  • Don’t download or open any files on P2P sites.
  • Since some worms now have a phishing component—meaning that they try to trick users into running the malicious code—do not click on links in unexpected emails and IMs, or download attachments connected to them.
  • Use comprehensive security software, like McAfee LiveSafe™ service, with a software firewall to block unauthorized traffic to and from your computer. Make sure to keep your security software updated.

If you fear that your machine is already infected, immediately run a security scan.

Of course, given the fast-moving nature of Internet worms, your best bet is to be cautious and take steps to avoid getting infected in the first place.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

What Is a Trojan Horse?

One of history’s great literary classics is Homer’s Iliad, which tells the story of the Trojan horse—the wooden horse that the Greeks hid in to enter the city of Troy and take it over. Two thousand and some odd years later, hackers use a digital Trojan horse to hide malicious files in seemingly harmless files with the intent to attack or take over your device. A Trojan horse (or Trojan) is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.

6DThere are a variety of types of Trojans, many of which can launch sophisticated and clever attacks. Here are some types to be aware of:

  • Password-stealing Trojans—These look for saved passwords on your computer and email them to the hackers. Some can even steal passwords cached in your browser history.
  • Remote access Trojans—These are quite common, allowing the attacker to take control of your computer and access all of your files. The hacker could potentially even access your online banking and credit card sites if you have your password stored in your browser memory or on your computer.
  • Destructive Trojans—These Trojans destroy and delete files from your computer
  • Antivirus killers—These Trojans detect and kill your antivirus and firewall programs to give the attacker easier access to your computer

A Trojan can have one or multiple destructive uses—that is what makes them so dangerous. It’s also important to realize that unlike viruses, Trojans are not self-replicating and are only spread by users who mistakenly download them, usually from an email attachment or by visiting an infected site.

Here are some steps you can take to avoid downloading a Trojan horse:

  • Beware of suspicious emails. Don’t open an email attachment if you don’t recognize the sender of the email
  • Use comprehensive security software. Protect all your devices with McAfee LiveSafe™ service as well as stay protected from spam, sketchy files, and viruses
  • Separate the good from the bad. Use an email program with a built-in spam filter to decrease the chance of a malicious email getting into your inbox
  • Know the threats. Keep current on the latest threats so you know what to look for when you receive suspicious emails

Remember that Trojans are common because they are so successful. Hackers use social engineering techniques, such as mentioning a current news topic or popular celebrity, to get you to click on their email. Just being aware of what they are and how they work can prevent you from having to deal with financial loss, identity theft, damage to your computer, and significant downtime.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Hotel PCs serve up Infections

You can legally purchase spyware and install it on your computer, but it’s against the law to do so on someone else’s device. Spyware records e-mails, chats, browser history, passwords, usernames, etc.

4DYou’d buy it for your computer if you wanted to know what your tween was up to on it or how much your employees are goofing off.

This same kind of software can infect your computer after you click on a link in a strange e-mail or visit a malicious website that downloads a virus. Spyware can also be in the form of a flash drive-like tool that a snoop or crook could connect to someone’s PC and obtain private information.

Not surprisingly, this technology has made it possible to infect PCs at hotels. In Dallas recently, computers were infected at several major hotels. The crooks used hotel computers to access Gmail accounts, then downloaded and installed the flash drive-like tool to track keystrokes of unsuspecting innocent guest users as they typed in passwords and usernames to access their bank and other online services.

This is why you should use a public computer only for website browsing for the latest news or entertainment. Even if the PC is within visual range of hotel staff, a crook could still easily connect a keylogger. This is just too easy to do once the criminal sits down at a computer.

If you absolutely must print something out from your e-mail account, at least use a throwaway e-mail address like 10minutemail.com or yopmail.com. Use your smartphone to forward e-mails to the throwaway address. Next, access the temporary address from the hotel PC.

Lock down BIOS settings, then secure them with a solid password. This way, people can’t boot up a computer with a flash drive or CD. But not all operating systems support these protective measures. Your best bet, again, is to use hotel PCs only for entertainment or checking on the weather.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Best Way to Destroy a Computer Virus

Computer viruses are here to stay, which means users need to know the best way to eradicate them the moment they attack. Like disease viruses, computer viruses evolve and get “smarter.” The many different kinds of computer viruses (such as worms, Trojans, spyware) are called malware: malicious software.

4HIn general, security software comes with instructions for getting rid of or containing malware.

For Windows users, Microsoft provides tools that get rid of malware. Between your operating system and antivirus software, you will have the basic tools for fighting off most viruses.

Tips for Protecting Your Computer

  • Every day, run a quick scan of all of your devices. But in addition, run a weekly deep scan. Either type of scan can be manually set up or set on an automatic timer (which is actually a lot better since you wont have to remember to do it).
  • Your e-mail program should be set to alert you before you download any graphics or executable files. If you can, set your e-mail to display only text, and to alert you before loading any graphics or links.
  • If you don’t recognize an e-mail sender, and the message includes a link, never click on the link. If the link has you curious, then visit the associated website via outside the e-mail, or, manually type the link’s web address into your browser. In fact, don’t even click on links in e-mails that are supposedly from a familiar sender. Fraudsters can make it look as though the sender is someone you know. Never mind how they do this; it happens.

You can outwit cybercriminals. You just have to be a little smarter than they are and never think, “It can’t happen to MY computer.” There’s nothing special about your computer that makes it intrinsically immune to cyber threats. You must be proactive and take measures to prevent malware attacks.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

How to tell if your Computer has a Virus

Your computer probably has a virus if you can answer “Yes” to any of the questions below:

Is your computer running quite slowly?

A virus often causes a computer to run slowly. But realize that this symptom can also mean that a computer needs more memory, or that the hard disk needs defragmenting. It can also mean spyware or adware is present.

Are programs automatically starting?8D

A virus may damage some programs. And in some cases programs might not start at all.

Are unexpected messages occurring?

A viral infection can make messages appear unexpectedly.

Does your Windows program suddenly shut down?

A virus can do this, too.

Is your hard disk or modem working overtime?

Ane-mail virus sends many duplicates of itself by e-mail. You can tell this might be happening if the activity light on your external modem or broadband is constantly lit. Another clue is that you can hear your computer’s hard disk constantly working.

These situations don’t always mean a virus, but they shouldn’t be ignored, especially if there are other problems occurring.

If you already have the latest version of a solid antivirus program, it should spot a virus that’s already in your computer and even a virus that’s about to be downloaded.

Antivirus software works best when it’s programmed to scan your computer at regularly timed intervals (this way you won’t have to remember to manually do it). The software should also automatically download updates to your computer for antivirus definitions.

A reputable antivirus software system should be able to detect a virus trying to get into your computer or one that’s already present. As viruses are always evolving, there may be an invader that your software does not yet recognize, but probably soon will, once an update occurs of a new virus definition.

When a reliable antivirus program spots a virus it will quarantine it. You’ll then be asked if you want to promptly delete it or set it aside. This is because there may be times when the antivirus software thinks that a legitimate program or file is a virus. You then get the opportunity to restore the program or file.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Killer Computer Viruses

When most people think about a virus, they think of a fever, chills, and maybe a potential pandemic. But when they think about a computer virus, they think of a headache, or worse, identity theft.

Unusually, one report claims that a computer virus played a role in the deadliest air disaster in Spanish history. Others refute this claim, arguing that a virus was not the cause.

USA Today reports, “Spanish newspaper El Pais cites a 12,000-page investigative report that outlines how a computer infection, spread via an infected USB thumb drive, may have been a contributing factor. The report says a malicious program precipitated failures in a fail-safe monitoring system at the airline’s headquarters in Palma de Mallorca.”

Whether or not a virus contributed to the delay or cancellation of the flight’s departure, which led to the crash, this type of scenario is possible. Now and in the future, incidents like this may involve malicious technology.

Technology plays a role in many aspects of our lives, and when that technology is corrupted, the results can be disastrous. Consider the extent to which hospitals, banks, water treatment facilities, electrical grids, airports, gas stations, and even roads rely on technology.

Steve Stasiukonis, a penetration tester, describes how USB thumb drives can turn external threats into internal ones in two easy steps. After being hired to penetrate a network, he says, “We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us.”

In this scenario, the USBs were dropped in a bank parking lot, then picked up by the employees and used to compromise the network. Fortunately for the bank, this was only a test of the network’s security.

Bad guys will use every possible mechanism to accomplish their goals. Do your best to increase your security intelligence. Regardless of your job description, security is everyone’s responsibility.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss another data breach on Good Morning America. (Disclosures)