Tag Archives: hackers

08.11.17
by

Phone Scam of the Week – A New Twist

A week doesn’t go by when we don’t get a call from a “Microsoft security specialist” telling us that they have “detected something wrong with the security of our computer”.

Depending on what we are doing, we’ll either hang up or explain to the “security specialist” that we don’t have time. First, though, we will listen to their script to see if anything has changed, and if it has, we’ll want to see what has.  Today was one of those days.

The call, this one from 203-695-4021 (a Connecticut phone number) came in at around 1:30pm.  The person, who had a thick Asian accent, identified himself as being a security specialist with Microsoft.  He said that for a few days “our firewall has not updated and he needed us to update the Windows key.

We played along, since this was a new script.  The steps were as follows:

Identify the Windows Key and push it, while pushing the R key.  This, of course, launches the Run command.  He requested that we enter “CMD” in the field.  This brings up a Command Prompt.  He had us check the IP address of the PC by using the IPCONFIG command.

Next he had us repeat the Run comma

nd and enter MSCONFIG in the field.  This brings up the basic settings on the computer.  The main reason for this is that they want to “show us some issues with the computer”.  These “issues” are normal everyday things going on with the PC.

Next he had us write down a “Windows Key”, which consisted of eight characters, five numbers and letters, then a dash, then three more letters.  He said we would need this “key” later in the process.

He next wanted us to open a browser window and go to www.help123.ml so that he could remote in to the PC.  This is where we stopped and informed him that we were terminating the conversation (we didn’t say it that politely).

Had we gone to the next step, he would have remoted into the PC, then taken over control and/or installed some malicious software (also known as malware).  This could range from keyloggers to capture user names and passwords, but also viruses or worms to spread to other computers.

As we have documented in the past, Microsoft does not monitor your computer.  They do not have people call you letting you know that there’s a problem with your PC.

Should you get a call from anyone who identifies him or herself as being from a computer company and that they have detected an error with your PC, or a virus on your PC, please hang up.

If you are reading this and you know that you’ve allowed access to your PC to someone who called you, contact your IT support person immediately so that they can scan your PC for malware.  If you con’t have an IT support person, contact us at pcmdxal@gmail.com for further assistance.

If you’ve allowed access to your PC by one of these scammers and you gave them your credit card (yes, they sometimes have the guts to ask for payment after they scam you), keep an eye on your statements for any unauthorized transactions.

The bad guys are smart.  We need to be smarter.

12.15.16
by

How the Massive Yahoo Breach Could Affect You.

On December 14, 2016 Yahoo revealed that 1,000,000,000 (that’s 1 billion) user accounts had been compromised in 2013, a year before they reported another breach that affected 500 million user accounts.

That’s 1.5 billion accounts that were hacked.  A company that employs 13,600 people in their IT department was hacked and user accounts from enough people to equal the population of North America, South America, Central America, Australia, Russia, Germany, and a few smaller nations, were compromised.

Yahoo engineer in server farm.

Why would hackers be so interested in the e-mail accounts of all these people?  They’re not.  Just like they are not interested in the Chicken Stamp accounts that were breached recently at KFC.

So what are they after?  Lax password security by those Yahoo and KFC account users.  If you’re like many people, you’ll use your e-mail account as a user name for most, if not all, of the web sites you frequent.  And if you’re like most users, you also use the same password for most of these sites.

By the way, Yahoo and KFC aren’t the only companies that have been hacked.  Our sister site, DontBecomeAnotherTarget.com keeps track of all major breaches.

So suddenly those Chicken Stamp accounts and those e-mail accounts begin to have more value, especially if those same user names and passwords are used at financial sites.

Some security sites are recommending that if you have a Yahoo account, it’s time to close it, including if you have an account that Yahoo administers (@att.net, @bellsouth.net).  You also need to change all of your passwords that are similar to your Yahoo/.att.net/.bellsouth.net. Now.  And you need to begin to practice safe online behavior.

What’s safe online behavior?  It’s

  • not using the same password at all web sites
  • using complex passwords that include upper and lower case characters, numbers and symbols
  • changing your password a few times per year (it’s recommended every six weeks, but a few times per year is better than not at all)
  • not writing your passwords down on a Post-It and sticking it to your monitor.  Use a password manager, like LastPass, Dashlane, eWallet
  • not clicking the little box that says “stay logged in” at sensitive sites
  • not going to dangerous web sites (adult content, gaming sites)
  • not opening attachments from people you don’t know
  • making sure your computer is patched with the latest updates
  • making sure you have a good anti-virus program.  And keep it current.

If you own a business and you’re doing your own IT support and security, you’re doing a disservice to not only your clients, but also your clients security, and your own security.  Studies show that 61% of people will not go back to shop at any business that’s been breached.  Contact us today to see how affordable expert IT support can be.

If you take credit cards, you’re required to be PCI Compliant, and that doesn’t mean checking all of the Yes boxes on the Self Assessment Questionnaire (SAQ), even if the answer is No.  It’s actually being compliant by making sure all of the items meet requirements.  Most businesses we visit to do our free PCI Compliance assessment are not even close to being compliant.  Most fail in every one of the 12 PCI DSS categories.  Contact us today if you would like to see if you’re compliant.  It costs you nothing to find out.

Regardless of whether you’re a business or a home user, this Yahoo breach should not be taken lightly.  You need to act on it today.

Contact us today if you need help.  Our engineers are the some of the most experienced in the Southeast when it comes to not only cybersecurity and SMB (Small Medium Business) IT support – it’s what we specialize in.  And PCMDX is one of the top PCI Compliance firms in the country.  If you’re a home user, we can help you as well by making sure your network is protected (yes, if you have a broadband router and multiple devices, you have a network), and all of your devices are protected.

Updated 12/15/16 10:56am CST to update link.