Windows 11: To Upgrade or Not To Upgrade?

Microsoft’s Push to Upgrade to Windows 11

Beginning in late 2021, Microsoft began to send out a program with their monthly Windows 10 Updates called Microsoft Update Health Tools.

One of the functions of this program is to examine the hardware and software environment of the computer and determined whether or not it was ready for Windows 11. It would then show a message in the Updates and Security section of Settings advising if the PC was “Windows 11 ready”.

Windows 11 message in Windows 10 Updates and Security

The user could choose between “Download and Install” or “Stay on Windows 10 for now”. If the latter was chosen, this would come up:

Windows 11 message on Windows 10 if upgrade was declined.

The user could choose between “Skip for now” or “Get Windows 11”. If “Skip for now” was chosen, then this would come up:

Windows 11 push on Windows 10

Microsoft is giving the user one more chance to upgrade, saying that they “recommend it for your device”. Once again, the user can “Decline upgrade” or “Get it”.

If “Decline upgrade” is chosen, the next time the user opened up “Updates and Security”, this would show, giving the user the ability to install Windows 11.

Windows 10 Security and Updates message.

Why Not Upgrade?

OK, so, if your PC meets the requirements for Windows 11, and it doesn’t cost anything more, why not upgrade? Especially if you can revert to Windows 10 within 10 days (after 10 days you can no longer revert to Windows 10 unless you do a clean install of the OS, which means that all data will need to be backed up and all programs will need to be reinstalled, then data will have to be restored from the backup).

Here is a good article outlining the pros and cons of Windows 11. Probably one of the biggest cons is that not all apps/programs that are Windows 10 compatible are Windows 11 compatible. This was an issue when Windows 10 replaced Windows 7. This means that you’ll need to purchase new programs/apps to replace those that aren’t compatible, unless the software manufacturer offers a free upgrade.

Another con is going to be the interface. We’ve noticed some things that were in Windows 10 are not available in Windows 11. That’s OK if you didn’t use them, but not good if you did.

One item that we didn’t like when it came to a new PC with Windows 11 Home is that you could not create a local account initially when setting the PC up. You are forced to use a Microsoft account, unless you use Method 2 in this article, which can be complex.

Summary

PC Medics of Alabama/PCMDX believes in security most of all. We want to make sure that your environment, whether you’re a business or residential user, is safe from outside threats. This is why we won’t work on a Windows 7 (or older) PC. Windows 7 is no longer supported by Microsoft, thus is open to vulnerabilities. Ease of use, although important, is secondary to security.

Once Windows 10 is no longer supported by Microsoft, we will shift our focus to Windows 11. For now that’s years away. So, the choice to upgrade is yours. Sometimes the “if it ain’t broke, why fix it?” mindset is not so bad. Do you need the “latest and greatest” (which is subjective) or are things good for now?

Microsoft would have you believe that Windows 11 is awesome. Maybe it is. But, like all new operating systems, there are flaws that are not discovered until the OS is in the mainstream. Beta testing does not always reveal everything, especially since there are so many hardware platforms out there. Unlike Apple OS X (and now OS XI), where there’s only one hardware manufacturer, Apple, with Windows there’s thousands of hardware possibilities when you include motherboards, CPUs, GPUs, RAM, hard drives, etc., which means there could be thousands of compatibility issues.

So the choice is yours. Our PCs are staying on Windows 10 for now.

Windows 10 Information

Last Update 10/29/2020

This page will contain tips on Windows 10 that we have learned since the operating system came out in 2015.

Windows 10 is ever evolving with new “feature updates” released by Microsoft twice a year. Because of this, this page will be updated and amended as needed, so check back often.

There is no particular order that these items are in.

  • Hard Shutdowns can disable your system. A “hard shutdown” is when a user either holds the power button down until the PC shuts down or power to the PC is lost (i.e. a power outage) causing the PC to turn off without following the Start>Shut Down command (also known as a Soft Shut Down). The most common result of a hard shutdown is a blue screen indicating a BCD Error. Sometimes this error can be repaired with a Windows 10 Recovery Drive using the command prompt. Other times it cannot be repaired and the system either needs to be restored using a backup (which will restore the data) or reset using the Windows 10 Recovery Drive (in which case the data will be lost). We HIGHLY recommend that desktop PC users plug it in to a UPS (Uninterruptible Power Supply) that provides software that lets the PC know when power has been lost and issues a soft shut down command once the battery on the UPS reaches a certain level. NEVER hold the power button down on the PC to shut it off until all other methods have been tried if the PC freezes.
BCD Error screen
  • Windows Updates – Unlike the previous Windows operating systems (Windows 7, Windows Vista, Windows XP, etc.), Windows 10 will do updates when needed. These updates can initiate on their own, thus making the PC unusable until the update process is complete. If this is a Feature Update, it can take up to several hours, during which time the PC will indicate that it’s updating and to not turn it off. Don’t turn it off, or a BCD Error (see above) can occur. You can set the time when the update should NOT take place by going to Start>Settings>Updates and Security and setting the active hours, which will tell Windows NOT to do updates during those hours. If the PC is turned off during the non-active hours, it will eventually perform the updates during the active updates, so be sure to keep the PC on if the Active Hours option is selected. We do not recommend installing Feature Updates until the PC indicates that it will have to install them. This allows others to be the “Guinea Pig” on new updates. In the past there have been Feature Update issues that have had a negative impact on the PC.

So…are you backing up your computer?

In late 2017 Microsoft released Windows 10 Update 1709.  If you’re a Windows 10 Home user, you were not given a choice to install the update, and may have been subject to some of the issues that this latest update caused.

In the that followed the update we had numerous calls of crashed PCs.  All of them had two things in common.  First, they were Windows 10.  Second, they had just been updated.

In all cases the user data was not accessible.  Although we were able to fix all of them, it was only because we had installed imaging software on them.

Which brings us to the topic of this post:

Are you backing up your computer?

One of the first questions that we ask clients when it comes to their computers is “Is there anything on this computer that you absolutely, positively cannot live without?”.  If the answer is “yes” (which is usually is), we ask how they are backing up.  Most don’t have a plan.

There are several ways to backup a computer, and we’ll discuss each one of them in detail here.

Before we do that, though, let’s break down what your PC consists of.  Whether you’re running a Windows or Linux based PC or a OSX based Mac, your computer has three basic software items:  The Operating System, Programs, and Data.

The Operating System (OS) is what makes it go.  When you push the power button on your computer, the OS starts up.  Programs can’t run without it.  Peripherals couldn’t be installed without it.  Everything depends on the OS.

The Programs are what allow you to do things, like create documents, spreadsheets, edit photos and videos, listen to music, watch music, and thousands of other things.

Data is what you create with programs.  It’s your documents, your spreadsheets, your pictures, your videos, your music, your stuff.  It’s the only item of the three that cannot be replaced, because YOU created it, not the OS creator or the program vendor.

If a computer crashed, we could recreate everything using the OS DVD (or USB) and the program disks.  If your computer didn’t come with a restore DVD, then you will have a problem if the hard drive crashes.  Either way, bringing back the data will be impossible.

So data is probably the single most important thing to back up.  If you do need to reinstall the OS and the programs, be prepared to spend some time with it.

When we setup a backup plan, we offer several different options.

Option 1 – Image Backup – An image backup is just as the term implies.  It’s an image, or picture, of the hard drive.  Using a backup program (for Windows 10 Home we recommend EaseUS Home Backup , for Windows 10 Professional, we recommend EaseUS Workstation Backup – either will work for their Windows 7 or 8.1 counterparts).  EaseUS Backup will allow you to create several different types of backup, including an image backup.

You will need a destination for the backup.  If you have more than 1 computer, we recommend a Network Attached Storage (NAS) device.  This is basically an external hard drive that is accessed via your network.  It allows multiple computers to backup to is, as well as store additional data, like music, pictures, videos, that can be accessed by anyone on the network who has the right credentials.  You can also use a USB external hard drive, but that limits the number of computers that can use it as a destination to only one.

EaseUS will prompt you to create a WinPE rescue USB when you first install it.  Make sure you do this, and put the USB thumbdrive in a safe place.  If your hard drive crashes, you’ll need this to restore your PC.

Option 2 – Data Backup – A data backup is a backup of all of your “stuff”, but not your OS or your programs.  EaseUS does offer an option to backup only data, which we recommend in addition to the image backup.  This lets you restore just a single file or folder if you accidentally deleted it.  An image backup restores the entire computer.  Data backup just restores files and folders.

Option 3 – Cloud Backup – The cloud has become part of every computing environment, from enterprise, or business level, to home level.  You’re already using the cloud, whether you realize it or not.  Most smartphones use the cloud to store data, with iCloud, Dropbox, OneDrive, Google Drive being some of the more popular cloud applications and storage sites.

In a nutshell, the cloud is storage space on someone else’s network that is accessible only via the internet.  You can’t get to your stuff unless you’re online.  If something happens to your computer your data is not lost because it’s on the cloud.

Our favorite cloud backup system is iDrive.  It’s relatively inexpensive ($79 per year), fully automated, and gives you plenty of storage space (2 terrabytes, which equals 2000 gygabytes, which is more than enough for all of your photos, videos, music and documents).

Once you install the program, it backs up on a schedule that you determine (ours runs at 10:30pm daily) and, once the initial backup has been done (which could take days, depending on how much data you have, and what your upload speed is), it only backs up what has changed since the last backup.

Oh, and it’s not limited to just your computer’s data.  You can backup as many computers as you have, your tablet or iPad, and your smartphone, as long as the total of all the data is under 2 terrabytes (you can always buy more space, but it’s unlikely you’ll need it).

What method should you use?

We use all three.  We have a NAS, and we backup an image and data, and we use iDrive.  We can restore an entire computer, or just a file.

You should use whatever will prevent you from ever having to say

To sum it up…

It’s really pretty simple to get your system backed up, especially if you use the methods we listed.  However, if you need help, or if you didn’t backup and now you need to get your data off your hard drive, contact PCMDX today.  We’ll come to you and get your “stuff” back.

 

 

 

Phone Scam of the Week – A New Twist

A week doesn’t go by when we don’t get a call from a “Microsoft security specialist” telling us that they have “detected something wrong with the security of our computer”.

Depending on what we are doing, we’ll either hang up or explain to the “security specialist” that we don’t have time. First, though, we will listen to their script to see if anything has changed, and if it has, we’ll want to see what has.  Today was one of those days.

The call, this one from 203-695-4021 (a Connecticut phone number) came in at around 1:30pm.  The person, who had a thick Asian accent, identified himself as being a security specialist with Microsoft.  He said that for a few days “our firewall has not updated and he needed us to update the Windows key.

We played along, since this was a new script.  The steps were as follows:

Identify the Windows Key and push it, while pushing the R key.  This, of course, launches the Run command.  He requested that we enter “CMD” in the field.  This brings up a Command Prompt.  He had us check the IP address of the PC by using the IPCONFIG command.

Next he had us repeat the Run comma

nd and enter MSCONFIG in the field.  This brings up the basic settings on the computer.  The main reason for this is that they want to “show us some issues with the computer”.  These “issues” are normal everyday things going on with the PC.

Next he had us write down a “Windows Key”, which consisted of eight characters, five numbers and letters, then a dash, then three more letters.  He said we would need this “key” later in the process.

He next wanted us to open a browser window and go to www.help123.ml so that he could remote in to the PC.  This is where we stopped and informed him that we were terminating the conversation (we didn’t say it that politely).

Had we gone to the next step, he would have remoted into the PC, then taken over control and/or installed some malicious software (also known as malware).  This could range from keyloggers to capture user names and passwords, but also viruses or worms to spread to other computers.

As we have documented in the past, Microsoft does not monitor your computer.  They do not have people call you letting you know that there’s a problem with your PC.

Should you get a call from anyone who identifies him or herself as being from a computer company and that they have detected an error with your PC, or a virus on your PC, please hang up.

If you are reading this and you know that you’ve allowed access to your PC to someone who called you, contact your IT support person immediately so that they can scan your PC for malware.  If you con’t have an IT support person, contact us at pcmdxal@gmail.com for further assistance.

If you’ve allowed access to your PC by one of these scammers and you gave them your credit card (yes, they sometimes have the guts to ask for payment after they scam you), keep an eye on your statements for any unauthorized transactions.

The bad guys are smart.  We need to be smarter.

Scam E-Mails: How To Tell

 

Recently PCMDX received a call from a business who’s bank account had been compromised.  Someone, using legitimate information, was able to gain access to the account and make transfers from the account to another account, and also made wire transfers to a third party.

The business had been told by the bank that their network had been hacked and that they should seek some help in securing their network, which is why they contacted PCMDX.  We focus providing network support for small businesses that have less than 15 computers, and one of our specialties is cybersecurity and compliance.

Although how the actors (the term used for the “bad guys” since they are “acting” as a legitimate party) were able to get the necessary information is still under investigation, it’s likely that it was given to them by one of the company officers via e-mail.

 

We recently received a scam e-mail and we’d like to share it with you so that you can learn how to determine if it’s a legitimate e-mail or not.  Please note:  If you’re not sure if the e-mail is legitimate, call the sender and ask them if they sent it, even if it passes all of the tests.  It’s better to be safe and verify authenticity than take a chance.

Here’s a screenshot of the e-mail we received, along with some notes (Click on the image for a full size view).  We blurred out information that is not relevant.

 

Let’s begin at the top.  The subject line “Please Read! (Final Warning) | 06/05/2017” sounds pretty threatening and will get your attention right away.  But it doesn’t indicate who it’s from or what it’s about.

If you look at Blue Arrow 1, you’ll see that it’s from “ACME account team”, followed by the e-mail address of “admin@MAIL.HAMILTONTN.GOV”.  (We’re going to use ACME as the alias for the name of the company).  So here you have two major clues that this is a scam.  First, the words ACME account team.  Any legitimate company will list themselves as ACME Account Team, with all words capitalized.  This is a major clue that this e-mail did not originate in the US (most scam e-mails are from overseas, where grammar is poor).

Our next clue is the e-mail address.  Although “admin” is legitimate, MAIL.HAMILTONTN.GOV is not.  That’s an e-mail server for the city of Hamilton, Tennessee.  It has a .gov domain ending, which can only be assigned to government entities, such as cities, counties, states and the federal government.  Why would ACME have this domain?  If it were a legitimate e-mail from ACME, it would end with something like ACME.com or ACME.net, not a .gov domain.

The body of the e-mail is actually very good, at least when it comes to scam e-mails.  It’s convincing, it has information in it that the typical person would consider to be legitimate.  However, as we get to the bottom, some red flags appear.

When you hover over a link (and the Blue Arrow 2 is pointing to two links, “Visit Help and Support” and “Login to My Account”), the bottom part of your browser, known as the status bar, will display the link that it’s pointing to, which we’re using the red arrow to point to.  In other words, when you click on the link, it’s taking you to the web site that is showing in the status bar.

This particular link is pointing to baltoo.com/ACME/index.php .   This should immediately sound an alarm with the person reading the e-mail.  The company that is sending this is ACME, but the domain it’s pointing to (the first part of the web address is always the domain) is baltoo.com .  Anything after the domain name is irrelevant, since that’s just the directory and folder inside the server it’s pointing to, and you can name that anything you want.  When you hover over the link, it should point to the company you’re trying to go to.  So it should read acme.com/Acme/index.php.

Once you click on the link, one of two things will happen.  Either you will be shown a very convincing site that is asking for your user name and password, or you will end up on poisoned site that will infect your computer with malware, such as a virus, a Trojan, or ransomware.  If it’s the former, you’ll enter the user name and password, and within minutes the actors will have gained access to your site (as they wanted to in this case), or perhaps gained information such as name, address, social security number, date of birth, etc. (under the guise of “verifying your identity”).

Recent studies have shown that firewalls, anti-virus programs, and other security software and hardware, although still crucial in preventing attacks, need to be supplemented by training of staff so they know what they should look for.  (That page also has a quiz you can take to see how much you know about phishing attacks – we scored 10/10.  How’s your score?).

Our companion site, Don’t Become Another Target lists dozens of examples of how companies, some billion dollar plus companies, were compromised not by technology, but by social engineering.  In other words, a con job either via e-mail or via phone.  Adequate training would have prevented many of the attacks.

If you’re a small business that doesn’t have an IT department, but would like IT level support, contact PCMDX today.  We’ll take care of your computer network and cybersecurity needs so you can take care of your business.  And don’t wait until you’ve been compromised.  The cleanup is much costlier than the prevention.

Worldwide Cyberattack – What you need to know to protect yourself

By now you have probably seen reports of a ransomware attack that is taking place worldwide.

Although major corporations and government agencies are being hit, small business and residential users are subject to being attacked as well.

In this post we won’t go into the technical details of what happens if you’re hit (except the results), we’re going to focus on how to prevent becoming a victim.

You will know if you’re affected because you will lose access to all of your data files (documents, photos, e-mail, etc.) and you’ll see a message indicating that you have a certain period of time to send a “ransom” (hence, ransomware) which is usually in the range of $250-$1,000, in the form of Bitcoin to an e-mail address.

If you’re hit and you have a backup of your files (many of our clients are now using cloud backup as well as a local backup – if you do NOT have this installed, go to http://www.idrive.com , sign up for the 1 Year Plan and use the Code PCMDX) turn off your computer and contact us.  We will schedule a time to come our and re-image your computer.  There is no other recovery option available.

If you’re hit and you do not have a backup of your files, contact us for further options.  The last thing we want to do is to pay the ransom, however, depending on how important your documents are we will explore all options.

Here’s how to prevent THIS attack:

  • Make sure your Windows Update is up to date.  In Windows 10 your patches are done automatically.  In Windows 7, go to Control Panel, Windows Update, and run the update.  All PCs patched after March 14, 2017 are safe from THIS attack
  • Do not open any attachments in e-mails  from people you don’t know, or that indicate they have an invoice attached, and the attachment is a Word, Excel, .zip, or .exe file.  Rule of thumb is if you don’t know the sender, don’t open the attachment.
  • Do not click on any links in e-mails from senders you don’t know OR if the e-mail is vague in nature.
  • Make sure your anti-virus program is up to date.  Remember, most AV programs WILL NOT prevent this attack, however, you should have it up to date regardless.
  • Train all of your users in the above.  Training is the number one prevention method.
  • Backup, backup, backup.  Backup your files.  Backup your computers.  If you have questions about how to backup, contact us today.

This post will be updated as we receive more information.  Last Update 5/15/17 8:30am

 

Anything you post can and will be used against you

Most of us have applied for a job.

The traditional application process starts off with the candidate seeing an ad placed by an employer for a position that the candidate is interested in.  The candidate follows the instructions for applying for the position, which usually involve a resume and/or an application.  These are sent to the employer who reads them, and then narrows down their list of candidates based on what they’ve received.

Once the candidate list has been narrowed down, the employer requests an interview.  The candidate will sit in front of the employer and the employer will ask questions, and the candidate will reply with answers that hopefully will please the employer.  This process then narrows the list down again to the point of the employer choosing one candidate and offering them the position.

Sounds simple enough, right?  But let’s look at some of the items that this process requires.  First, the application and/or resume.  Let’s be honest here.  This application has to look good.  After all, we’ve all heard the importance of the first impression.  This piece of paper is your first impression.  There’s nothing on it that is negative.  In other words, if you were fired for constantly being late for a job, the reason you put for leaving will most likely be something along the lines of “Took position with Company Y”.

Applicants today know that companies have been told by their legal staff that they should not say anything negative when someone calls for a reference about a former employee.  They should limit their information to the time the former employee worked there, and, if asked, if they would rehire the former employee.  Anything more can open them up for a potential lawsuit.

The next phase of the process is the interview.  If you know anything about a job interview, you know that you should be punctual, dress professionally, be polite, bring an extra copy of your resume, make eye contact, and make yourself look good.

That’s really what it boils down to.  You want TO MAKE YOURSELF LOOK GOOD.  You’re basically selling yourself.  You have become a product that you would like the employer to buy.

Those who want to sell their products go to great lengths to make their product look good.  Ever look at an ad for a hamburger?  Looks great, doesn’t it?  Yet when you arrive at the restaurant, the item you get in the bag or on your tray doesn’t quite look like the item in the ad.  Here’s why:

You can do the same thing with yourself.  You can hire someone who will write your resume for you.  They will make it, and basically YOU, look great by what is written.

The end result is that you will be the one chosen by the employer to fill the position they have open.

Yet social media has changed all that.  Social media allows the employer to see the REAL you.  The REAL you who may have posted something that included several profanities.  Or several disparaging remarks against different races or religions.  Yup, you can be labeled a racist or homophobe or anti-Semite simply based on your social media content.  Probably not something you’d put on your resume, but something the potential employer will find simply by looking at your Facebook feed or you Twitter account or your Instagram pictures.

But “Wait” you say.  “I don’t allow just anyone to look at my social media accounts.“.  You don’t?  That’s good.  You shouldn’t.  But what if the interview process includes them asking you to friend them?  If you say no, you might be excluded from the list of applicants.

So let’s say that your posts are not bad in content.  What about your friends’ posts?  Aesop once said You are known by the company you keep.”  Guilt by association is another way to put that.  The employer might think (correctly or incorrectly) that you feel the same way that your friends feel about certain topics.

Now, let’s go beyond the employer realm.  Let’s go to the world wide view of social media.  Governments today are using social media as a vetting tool to see if a particular individual should be granted access to their country.  Are you interested in travelling to visit certain countries?  Is your church planning a “tourist” trip to China?  How about visiting Cuba for vacation?  One wrong post in your Twitter feed and you’re not going to make that trip because their government may think that you’re going there for purposes other than what you’re stating and will not grant you entry.

Not planning to go on a trip anytime soon?  How about applying for college?  That college application is probably one of the most important pieces of paper (or online applications) that any person under 19 is ever going to fill out.  They’ve worked on their grades to make that 4.0.  They’ve studied hard to make that 32 on the ACT.  They’ve done hundreds of hours of community service.  Their community involvement is impeccable.   And there seems to be a pattern in their social media feed that they are all about the legalization of marijuana and have every beer logo as their profile background.  That should be an interesting conversation with the admissions counselor to that prestigious school.

But what about in the normal world?  After college and after you already have a job.  How can social media impact your then?

Yes.  And Yes.  And Yes one more time.  People have lost their jobs because of social media.  Money.com came up with 10 Mistakes people made on social media that cost them their jobs.

10 Social Media Blunders That Cost a Millennial a Job – or Worse

Facebook, Twitter, and even blog posts can lose you a job, and the bar for what counts as a social media “mistake” is lower than you’d expect. Here are the ten worst stories, ranked from least to most painful, of young people getting fired (or nearly fired) because of social media activity.

But there’s other ways that social media can impact your in negative ways.

Recently an individual began to post on a Facebook group that we belong to about local politics.  This individual was very caustic in their posts, and began to attack people for their views.  In the pre-Facebook days, this would be done in an anonymous way, since the individual would have a “screen name” which may or may not identify them as to who they are.  Today, though, it’s pretty simple to identify who they are since they are using their name.

Don’t Feed The Troll

Within 15 minutes of doing some searching using paid and free tools, we were able to find out everything about this individual that they probably wouldn’t want everyone to know.  One tool searches 61 social media sites in under 30 seconds and the results can be less than flattering.  We were then able to inform those people who were engaging with this individual in the group that this individual was nothing more than an old fashioned troll.

Rule #1 about dealing with an internet troll is don’t feed the troll.  In other words, don’t engage with the individual because all they want is attention.

Your information is out there.  It’s not hard to find if you know where and how to look. Anything you post in social media can and will be used against you, as the following article shows.

Anything you post can and will be used against you

Everybody’s freaking out over the Wikileaks revelations that the Central Intelligence Agency can hack Apple and Android smartphones, major PC operating systems — and even TV sets. The news is causing ripples in international relations and got companies like Google and Apple to patch holes and issue fixes.

 

How the Massive Yahoo Breach Could Affect You.

On December 14, 2016 Yahoo revealed that 1,000,000,000 (that’s 1 billion) user accounts had been compromised in 2013, a year before they reported another breach that affected 500 million user accounts.

That’s 1.5 billion accounts that were hacked.  A company that employs 13,600 people in their IT department was hacked and user accounts from enough people to equal the population of North America, South America, Central America, Australia, Russia, Germany, and a few smaller nations, were compromised.

Yahoo engineer in server farm.

Why would hackers be so interested in the e-mail accounts of all these people?  They’re not.  Just like they are not interested in the Chicken Stamp accounts that were breached recently at KFC.

So what are they after?  Lax password security by those Yahoo and KFC account users.  If you’re like many people, you’ll use your e-mail account as a user name for most, if not all, of the web sites you frequent.  And if you’re like most users, you also use the same password for most of these sites.

By the way, Yahoo and KFC aren’t the only companies that have been hacked.  Our sister site, DontBecomeAnotherTarget.com keeps track of all major breaches.

So suddenly those Chicken Stamp accounts and those e-mail accounts begin to have more value, especially if those same user names and passwords are used at financial sites.

Some security sites are recommending that if you have a Yahoo account, it’s time to close it, including if you have an account that Yahoo administers (@att.net, @bellsouth.net).  You also need to change all of your passwords that are similar to your Yahoo/.att.net/.bellsouth.net. Now.  And you need to begin to practice safe online behavior.

What’s safe online behavior?  It’s

  • not using the same password at all web sites
  • using complex passwords that include upper and lower case characters, numbers and symbols
  • changing your password a few times per year (it’s recommended every six weeks, but a few times per year is better than not at all)
  • not writing your passwords down on a Post-It and sticking it to your monitor.  Use a password manager, like LastPass, Dashlane, eWallet
  • not clicking the little box that says “stay logged in” at sensitive sites
  • not going to dangerous web sites (adult content, gaming sites)
  • not opening attachments from people you don’t know
  • making sure your computer is patched with the latest updates
  • making sure you have a good anti-virus program.  And keep it current.

If you own a business and you’re doing your own IT support and security, you’re doing a disservice to not only your clients, but also your clients security, and your own security.  Studies show that 61% of people will not go back to shop at any business that’s been breached.  Contact us today to see how affordable expert IT support can be.

If you take credit cards, you’re required to be PCI Compliant, and that doesn’t mean checking all of the Yes boxes on the Self Assessment Questionnaire (SAQ), even if the answer is No.  It’s actually being compliant by making sure all of the items meet requirements.  Most businesses we visit to do our free PCI Compliance assessment are not even close to being compliant.  Most fail in every one of the 12 PCI DSS categories.  Contact us today if you would like to see if you’re compliant.  It costs you nothing to find out.

Regardless of whether you’re a business or a home user, this Yahoo breach should not be taken lightly.  You need to act on it today.

Contact us today if you need help.  Our engineers are the some of the most experienced in the Southeast when it comes to not only cybersecurity and SMB (Small Medium Business) IT support – it’s what we specialize in.  And PCMDX is one of the top PCI Compliance firms in the country.  If you’re a home user, we can help you as well by making sure your network is protected (yes, if you have a broadband router and multiple devices, you have a network), and all of your devices are protected.

Updated 12/15/16 10:56am CST to update link.

 

Ransomware being distributed as fake Adobe Flash Player Update

Ransomware is some of the most destructive malware in the cyber world.

cyber-security-1784985_640

For those not familiar with it, ransomware is software that will encrypt all of your documents, photos, music, and other types of files, then demands a ransom in order to get them decrypted.  Normally there’s a time limit in getting sending the ransom.

A complete description of how ransomware works can be found in this PCMDX Blog post.

The bad guys are always looking a new ways to take advantage of computer users, but this latest attack is worth taking a look at because it’s one of the more legitimate looking attacks.

In the past, we’ve warned you to look at the page for grammar and spelling errors, as well as phrases that don’t sound right, before clicking on any links.  The majority of the attacks originate in other countries where English is not the native language.  Because of that, the bad guys sometimes resort to Google Translate to write their web pages and programs.  Google Translate can sometimes have some flaws in how it translates, especially when it comes to technical terms.

The latest ransomware attack is a perfect example of this.  You may click on a link that takes you to a page like this:

fake-flash-player-update_test

Fake Adobe Flash Player update page. (click for larger image)

 

For the most part, this page looks legitimate to most users.  But there are two obvious errors, and one not so obvious, that should warn you immediately that it’s fake, and possibly a threat.

First, look at the instructions for “1.”.  You’ll see it instructs you to locate a file “named like”.  An obvious grammar error.

Second, look at the URL (the web site).  http:// fleshupdate. com …flesh is not flash.  The not-so-obvious error is the phrase that reads “Your Flash Player may be out of date”.  Adobe products will not use the term “may”.  It’s either out of date or it’s not.

Fake Adobe Flash Player update page with errors highlighted.

Fake Adobe Flash Player update page with errors highlighted. (click for larger image)

 

The Adobe Flash Player update page is https://get.adobe.com/flashplayer/

The “https” means that it’s coming from a secure site.

You’ll notice there’s much more information on the update page.

real_-flash-player-update_test

Authentic Adobe Flash Player update page (click for larger image)

 

For clients who have PCMDX do their IT support, you’ll never see the Adobe Flash Player update page, as we have it set to update in the background.  If you do see an update page, it’s absolutely fake, and you should not click on any links.

Please share this information with everyone who uses your computers.  Once ransomware infects your system, there’s no reversing it unless you pay the ransom, which is rather costly, both in money and time.  Since ransomware is constantly evolving, most anti-virus products will not protect you from the damage.

The best way to prevent getting struck by ransomware is to follow these guidelines:

  • Never open attachments from unknown senders or known senders where the message is vague.  If in doubt, contact the sender to verify they sent it.
  • Always keep you system up-to-date and patched
  • Although anti-virus products may not protect against ransomware, they do protect against other malware, so always have your AV product installed and up-to-date.
  • BACK UP YOUR DATA.  We recommend a three step backup program, which includes imaging, data, and off-site.  The three combined are optimal, but have at least one.

PCMDX can assist you with all of these items.  We specialize in providing cybersecurity and computer support for Small-Medium Businesses that have under 15 PCs and don’t have the budget for a full time IT person, but want IT level support.

 

 

 

PCI Compliance – An Ongoing Process

Recently Computer World published what’s most likely the very best article dealing with PCI Compliance.  Not so much what it entails to be compliant, but what it takes to remain compliant.

The ultimate unanswerable question: Are we PCI-compliant?

PCI compliance is Zen-like. It’s hard to determine, and even when a letter declares a company PCI-compliant, that declaration can always be retroactively reversed later – such as if you’re breached. Yes, when you most need to be able to say that you are PCI-compliant is when it’s taken away.

 

The issue with PCI compliance is that the business network and the business environment is constantly changing and evolving.  There are 12 requirements in the PCI DSS.  In order to be compliant, all of these must be current all of the time.  Some remain static, meaning they don’t change.

Let’s take requirement No. 1: Install and maintain a firewall configuration to protect cardholder data. firewall-156010_640 Your PCI specialist installs and configures a firewall.  Once it has been configured properly, you’ve met the first requirement, right?  Well, sort of.  Assuming the firmware is current, and nothing changes in the network environment, the answer would be Yes, you’ve met the requirement.

Let’s go down to requirement No. 11:  Regularly test security systems and processes.  Inside this requirement is 11.1, which requires that a hardware inventory be kept up to date of all devices on the “protected” or POS network.  This is the network that handles all credit card transactions (your guest wi-fi, or any other network should NEVER be on the same sub-net as your POS traffic).  You just replaced or added a POS terminal.  Did you log it in the inventory, including the model and serial number?  If the answer is No, then you’re not compliant.

On that very same replacement terminal, you need to make sure that you have met requirements 5 and 6: Use and regularly update antivirus software; Develop and maintain secure systems and applications.  If you’ve added a location on the network for this terminal, the network diagram also needs to be updated.

Now let’s move on the the human factor in being compliant.  Each individual who handles credit cards must be trained in the methods of handling cards safely and securely, which is part of requirement 12:  Maintain a policy that addresses information security.  If you’ve hired a new employee, they must first be trained and sign-off acknowledging that they’ve been trained.  A copy of the signature page must go in their employee file.

The article in Computer World makes some outstanding points.  First,  you’re only compliant on the date that you last checked and updated (successfully) the requirements:

The reason why compliance is tied to the date the assessment was wrapped is that, in theory, any change at all to anything on the network could make that merchant noncompliant. I get that. It makes sense. But what good is PCI compliance if a retailer never knows if it is compliant? 

This is where PCMDX comes in.  We take it off your shoulders and put it on ours.  We let you worry about the prime purpose of your business, and we take care of the things that we’re good at:  Keeping you compliant.

Further more, as the article states, it’s the human factor that makes you (and keeps you) compliant:

But it (software) can’t track PCI compliance — which is a human-dictated state — any more than it can declare a system “secure.” 

PCMDX is the only company in our service area (Alabama, Mississippi, Western Tennessee, Florida Panhandle) that creates a plan for your company to become, and remain, PCI Compliant.  We will visit your site, examine your existing network, create a plan to make your network compliant, implement the plan, and then keep it maintained on a regular schedule.

Contact us today for a free, no-obligation consultation.  You’ll be glad you did.