Tuesday, July 25, 2017

The Matter at the Hand

   Check this out!...



   Here's a transcript:

   Calling from Criminal Investigation Division of I-R-S.  The matter at the hand is extremely time sensitive and urgent, as after all that, we found that, there was a fraud and misconduct on your tax which you are hiding from the federal government. This need to be rectified immediately so do return the call as soon as you receive the message. The toll free number is 1-8-6-6-9-7-8-6-6-1-8. I repeat again, 1-8-6-6-9-7-8-6-6-1-8. Thank you.

   Needless to say, this is a scam.  You can look at all of these reports on phone number lookup sites.

   Now, you may think that this obviously sounds like a scam.  However, it unfortunately works.

   So what should you do if you or someone you know receives one of these calls?

  1. Don't respond.  Just leave that alone.
  2. Report it.  Here is the FTC info page on reporting scams, spams, do not call or telemarketing violations and other issues.  Here is the complaint reporting page.
   I did file a report with the FTC.  It doesn't take long and it's the right thing to do.

   While these calls can be either annoying or entertaining, the bottom line is that they work and some people do fall for these scams.  So educate yourself and others.

   Do you have any interesting robo-call or scam stories to share?

Tuesday, July 4, 2017

All Your Bitcoin Are Belong To Us

   If you're old enough... and geeky enough, you may remember this:


   All Your Base Are Belong To Us was one of the famous early internet memes.  You can take a break and read more about it here and here.

   Memes are fun!  But ransomware isn't.  We've talked about ransomware many times in the past.  It's a kind of virus or malware (malicious software).  It's been in the news quite a bit and the healthcare industry has had particular ransomware problems.  And the news will continue after May's "WannaCry" and June's Petya/GoldenEye global attacks.

   Basically, in a ransomware attack, infected computers cause data to be encrypted.  Normally encryption is a good thing, but only when you can also decrypt your data.  In this attack, only the attacker can restore your access to the information, and will do so for a "small consulting fee".

   Payment is typically made using Bitcoin.  Bitcoin has also been in the news.  It is what is called a "crypto-currency".  It's basically an online way to pay for things, kind of like an online debit card where you already have the funds in your account.  The main reason Bitcoin is used for ransomware is that it is fairly anonymous, particularly when compared with traditional credit cards or banking.  It's not completely anonymous - it does protect identity during transactions, but eventually someone may have to turn that bitcoin into other traditional currency.

   With all the ransomware attacks, some organizations are getting bitcoins so that they are ready in case they need to pay ransom!

Tuesday, June 20, 2017

Payday!

   I received this great news in email today.  For some reason gmail marked it as spam!  But it looks great to me! :-)

Tuesday, May 23, 2017

I'll Cry if I Wanna

   I try not to jump on bandwagons, but with so much coverage and affects of the whole worldwide WannaCry mess, I do have a few things to say.  I have a few different things to cover that you may not have seen elsewhere.

   There's been plenty of media coverage so I'll just give a high level overview of what happened.  Like many other nations, the US National Security Agency (NSA) studies computer flaws and develops ways to attack them.  The Shadow Brokers are a hacker group who started leaking some of these NSA-developed attacks in the second half of 2016.  The April 2017 edition of their leaks included the code that enabled the WannaCry attack.
   The attack that started on Thurs May 11 consisted of two parts.  One would encrypt files so that the owner could not get access to their files (commonly called "CryptoWare").  The other part could get remote access to any vulnerable computer.  This was a very powerful combination and this is the first time we've seen this kind of auto-spreading cryptoware.  Once infected, the victim sees a screen that directs them to pay a ransom in bitcoin - so the whole attack is considered "Ransomware".

   Now, Microsoft did release a patch in March to fix some of these problems, in particular the remote access part.  So no problem, right?  Desktops and laptops are usually easier to patch, and you should always have your home systems set to automatically update.  But servers need more testing to assure that applications continue to work as expected.

   Patching was a critical part of the fix, but there was definitely more to it including things like new anti-virus signatures, whitelisting, intrusion prevention signatures and firewall rules.

Tuesday, May 9, 2017

Google Docs and the Mailinator

   You're minding your own business, just checking email, when you get an email from a "friend" inviting you to get a shared Google Doc file.

   You're a student of security, or at least a fan, so you're always skeptical when you receive an email with a link or attachment.  This one appears to come from someone you know.  The subject and body of the message seem consistent with a Google doc sharing message.

   Problem clue #1 - look at the "To:" line.  Clearly, this message wasn't sent to you.

   Problem clue #2 - were you expecting this email and file?  Has this sender sent you Google docs in the past?  Did this email arrive at work or home - and do you normally use Google docs there?

   But, you are rushed and don't have time to send your friend a message to see if this email is legit.  So you click.  If you're not already logged in to your Google account, you're asked to log in.  What you see next is...

Tuesday, April 25, 2017

World Password Day and Teen Power

   Thurs May 4, 2017 is World Password Day!  I know that's coming up fast, but don't worry, you still

have time to plan your celebration.  No, that's not the day when you share your password with the world.  Nor is it about changing your bank password from 123456 to 1234567.

   I've written about this in the past.  World Password Day is a day to learn and it's yet another opportunity to take a look at what is protecting your personal information, your financial information, your medical information as well as your internet presence and reputation.  Most passwords provide a thin veil of protection

   On World Password Day, we should at the 4 main problems we can very easily fix:
  1. People choose weak or easily guessable passwords - the simple fix is to choose better passwords!  As I've said many times in the past, when it comes to passwords, size matters!  Make 'em long.  But even if you choose a good password...
  2. Passwords get reused among sites - this is a major problem because the attackers will try stolen passwords at other sites.  And it works.  So choose a unique password for every site on which you have an account.  But...
  3. We can't remember all our passwords - so, as we've discussed in the past, use a password vault.  The vault is a program that will help you choose great passwords, recall those passwords and protect them.  But sometimes that's not enough because...
  4. Even well-chosen passwords can be guessed or hacked - so for extra protection use two-factor authentication (also called multi-factor authentication).  Typically this means using an app on your smartphone as part of the login process.  That means, to break into your account, an attacker would need both your (long, strong) password AND your smartphone.  That's hard for the attacker to do.  And using multi-factor is easy!    Setting up 2-factor authentication is easier than ever before and is in use on many mainstream sites including Google, Facebook and Twitter.  Here's some info on sites offering 2-factor authentication.

   The WPD website has some high level guidance on each of these as well as those great Betty White videos!

   And if those all aren't enough reasons to move to 2-factor authentication, now... that pinnacle of journalism... Teen Vogue, has put out a really good article on the subject!  You can read it here.

   In addition to really good coverage of 2-factor methods and websites, the article also goes into more advanced topics like the use of a physical fob called a Yubikey.

   What is really significant is that this article is directed at a population who both grew up with technology and is used to sharing everything. The key message is that there are good reasons for protecting your information and reputation, even if you don't yet have financial assets or a job.

   So, are you ready to take the World Password Day challenge?  Start slowly.  Get a password vault and start with your most important sites: banks, insurance, investment and social media.  Change the passwords to unique long strong ones.

Tuesday, April 11, 2017

Cyberbullying and the New Math

   According to Cyberbullying Research Center, the National Crime Victimization Survey (NCVS) is a large-scale data collection effort led by the U.S. Census Bureau and the Bureau of Justice Statistics.  This study has been going on since 1973.  In 1989 they added supplemental questions focused on school-related incidents, and stepped this up to a more in-depth biennial survey in 2005.

   Cyberbullying is still a major issue.  It's been over 4 years since I've written on this subject.  While there is perhaps more visibility, the basic problems haven't changed.

  Based on the above benchmark, at first glance, bullying appears to be trending down over the past decade.


   While there have been some high-profile cases over the years, this is a real, current and ongoing issue.