The new year has begun, and we have three suggestions for improving the quality of your computing life in 2013.
1. Backup often and in the cloud: Consider the consequences if all your data… Word files, Music or Photo library, Quicken/Quickbooks data, and everything else, were to just disappear. It’s a scary thought, but it happens to the unprepared all too often. Make 2013 the year to get you backup in order and configure it to archive your most important files and folders automatically. A whole-system local backup is very important, too. But the cloud-based approach to backing up protects you from disasters like fire, flood, theft, and virus infestations. Don’t wait another year to safeguard your data.
2. Look before you click: Watch out for fake download buttons,toolbars and other junk-ware. Users get into trouble with these things all the time because they click without thinking. Before clicking anything that’s unfamiliar, take a second or even ten, and look more closely at the link. A little bit of precaution can save you from hassles, and even disasters.
3. Keep it clean: Dust can kill a computer, clogging it and causing everything to overheat, with potentially disastrous results. When you have pets their hair can exacerbate the situation even further. So, schedule regular cleaning sessions where you use a can of compressed air to blow dust and pet hair off your cooling-fan blades and out of your case.
USE CAUTION: When downloading or opening files
Ask yourself: “Do I recognize this person sending me a file or telling me to visit a website? Can I be sure that it’s really them? Is the message written in language and style that my friend or this organization would normally use?”
Incredibly, it is both free and easy to fraudulently send an email that appears to come from someone else’s email account! So what should you do to be on your guard? Do you reply to an email that looks a little strange and ask the sender whether they intended to send it and to confirm where they got the file if there is an attachment? Do you ask them if they themselves exercised similar caution when they received the file? In truth, you’re not going to want or be able to engage in that kind of discourse with every slightly suspect link or attachment that you see, so if you don’t recognize the sender and it looks suspicious then delete it. So put simply, be careful where you click and exercise a little EXTRA common sense, if that makes sense!
USE CAUTION: When following links to websites
If you are asked to visit a website, ask yourself whether the ‘URL bar’ (the ‘address bar’ at the top of your Internet browser) starts with exactly the same Internet domain name you would usually use to access that company’s site? If in any doubt – check!
Don’t surf the web or open files when you have Administrator privileges
One of the easiest ways to protect yourself from many deception attacks – those that install unintended software on your computer – is to avoid logging into your computer using the ‘Administrator’ account, or using a personal account that has ‘Administrator’ privileges. If you do need to log in as Administrator (to change your system settings etc.) , make sure at least that User Access Control (UAC) is enabled, if you are using Windows XP, Vista, or Windows 7, then you will be asked if you really want to install. This is easy to turn on from the Windows CONTROL PANEL just by typing “UAC” into the search box.
Protect yourself with up-to-date software
Finally of course, keep the online security software up-to-date on your PC. All of the main security software companies spend millions every year to ensure that whenever someone learns about a new Internet security threat, we work out what the risks posed by that threat are, how the mechanics of the threat may cause it to target you and how to protect your computer from it.
The makers of operating systems, Internet browsers and the most common software applications spend vast amounts of time and money looking out for new security threats that exploit potential problems within their products, and whenever one is found (by anyone) they usually fix the hole in their software quickly and release an update. This software fix is usually known as a ‘patch’ or as an ‘update’.
All computer users should regularly visit their operating system vendor’s website (e.g. http://windows.update.com for Windows) and run the update software to keep their OS and tools bug free.
Similarly, you should follow the update guidelines and visit the websites of the companies that supply all of the software that you use, to ensure that you are always running the latest version and are up to date with security fixes.
So with a little knowledge, a little caution, a little rigor applied to processes we use to make sure our operating system, Internet browsers and other PC applications are always up to date – and by using a good online security product, we can be confident that we are protecting our electronic information and our online lives against virtually every Internet threat that is likely to attack.
There are myriad ways that viruses, trojans and other types of malicious code can cause you a lot of grief and it pays to be up on all of them. Completely disconnecting access to the Internet would go a long way towards keeping viruses and other malware out of your life, but it wouldn’t make a whole lot of sense. So you need to be aware of, and take steps to protect yourself from the ways the bad guys get access to your valuable information.
Did You Know:
BWS Technologies can assist you with managing and eliminating any of these threats below.
Contact us now!
Web surfing and social networking – It’s the World WILD Web out there
The web is a cybercriminal’s dream come true. It’s instantaneous. It’s anonymous. And it’s very, very easy to fool people. A website that looks at first glance to be your bank’s website can easily be a clever forgery. And that video-viewing download you’re being offered? Chances are you don’t need it – and you certainly don’t need the spyware that may well be hidden behind a realistic-sounding application name.
Email and Spam – Oldies But Still Baddies
For many years, the virus writers’ distribution method of choice was email attachments. Although still a popular method of attack, e-mail is a far less effective way to fool people into opening things they shouldn’t.
In addition to installing a reputable security solution and keeping it updated, educating yourself on responsible email behavior is fundamental to email security efforts. One important reminder comes from US government agency US-CERT. “Many viruses can “spoof” the return address [in an email], making it look like the message came from someone else. If you recognize the return address but weren’t expecting the message, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments” the organization advises.
Instant Messaging (IM) – Chatting Your Way to Trouble
While not yet as ubiquitous as email, instant messaging is gaining momentum as a communications tool, and carries many of the same risks as email, as well as some unique to the IM environment. Viruses and other malware can be hidden in files sent over IM. Links embedded in messages can lead to infected websites. IM even has its own version of spam, sometimes called SpIM – Spam over Instant Messaging. Users should also be made aware that “Some IM services link your screen name to your e-mail address when you register. The easy availability of your e-mail address can result in an increased number of spam and phishing attacks, ” warns Microsoft. So users should take care when they register for an IM account that they don’t inadvertently advertise their email address.
Insider threats – Know Your Enemy, You Might Be Them
While you are right to be concerned about shadowy cyber-criminals, you have the potential to cause just as much havoc. By some accounts, the damage caused by accidental or deliberate data misuse is actually greater than that posed by remote hackers.
While education goes a long way towards controlling accidental internal security breaches, stopping yourself from introducing destructive malware is more challenging.
Public Wifi – just because it is open doesn’t mean it is secure
Do you have any idea how your laptop is being protected while connected to an open network? You’re opening the door to significant risk if you don’t take the appropriate protective measures.
You need to be extra protective when connecting to a wireless network you know nothing about, this goes a long way towards ensuring those machines don’t bring any unwanted ‘gifts’ with them when they reconnect to your network.
USB Sticks – Plug’n’Play Malware
USB sticks, thumb drives, memory sticks – whatever you call them, are as just as useful to the bad guys as they are to us. While they’re physically tiny, they can hold several gigabytes of data.
Recent examples of falling victim to USB-stick-driven security breaches include Greater Manchester Police in the UK, where computer systems were down for several days after a USB stick containing the Conficker Worm was plugged into a computer connected to the network. Fortunately, removable devices can be automatically checked using antivirus software or users can choose to run a manual scan before accessing any of the files on the stick.
CERT’s advice on how to avoid malware infection via USB sticks includes the obvious warning not to use any unknown devices but also to keep personal and business drives separate. “Do not use personal USB drives on computers owned by your organization, and do not plug USB drives containing corporate information into your personal computer,” the organization says.
Mobile devices – The computer in your pocket
Today’s smartphones are miniature computers. Hackers and criminals have also been known to use text messages to direct unsuspecting users to infected websites according to US-CERT. “These messages, supposedly from a legitimate company, may try to convince you to visit a malicious site by claiming that there is a problem with your account or stating that you have been subscribed to a service. Once you visit the site, you may be lured into providing personal information or downloading a malicious file,” the agency warns.
Other risks with smartphones relate to downloading content. CERT’s advice is not to download files or applications directly onto your smartphone. If you do need to download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it.
Aside from email and web access, other ways criminal code could gain access to a mobile device is via the wireless networking technology known as Bluetooth. CERT’s advice when it comes to Bluetooth is to know how to keep it switched-off when it is not needed. “Make sure that you take advantage of the security features offered on your device,” the agency states. “Attackers may take advantage of Bluetooth connections to access or download information from your device. Disable Bluetooth when you are not using it to avoid unauthorized access.”
Wireless networks – What You Can’t See Can Hurt You
Even after more than a decade of use, wireless networks still spill outside the physical confines of a building, continuing to offer a tempting route into the network for hackers. Closing this loophole means paying attention to the security settings of the network. US-CERT advises that you need to be aware that the entire contents of their network could end up in someone’s control if they don’t take care to adequately protect their wireless networks. “A practice known as wardriving involves individuals equipped with a computer, a wireless card, and a GPS device driving through areas in search of wireless networks and identifying the specific coordinates of a network location. This information is then usually posted online.”
US-CERT also advises how to use firewalls to block wireless attacks. “While it is a good security practice to install a firewall on your network, you should also install a firewall directly on your wireless devices (a host-based firewall). Attackers who can directly tap into your wireless network may be able to circumvent your network firewall—a host-based firewall will add a layer of protection to the data on your computer.”
BWS Technologies can assist you with managing and eliminating any of these threats above.
Contact us now!
Edited and Adapted via AVG Blog
If you have IndigoGUARD you are protected.
Subject: setting for your mailbox are changed
SMTP and POP3 servers for mailbox are changed.
Please carefully read the attached instructions before updating settings.
When the attached document is opened, the recipient’s PDF viewer will execute the /Launch command included in the document parameters. This will, in turn, pass echo statements to cmd.exe to create a vbscript file called “script.vbs”, which will then extract a second script called “batscript.vbs”, and then finally use that to create and run a Trojan executable called “game.exe.” Game.exe attaches itself to Windows Explorer and creates a new schost.exe service in order to hide itself and to ensure that it is always running.
Three seconds after installation, the original script file cleans up the remaining evidence by deleting the scripts and executable files created during infection. The new svchost.exe process will then periodically contact three domains over HTTP: jademason.com, 1foxfiisa.com, and dolsgunss.com, in order to download new code or instructions, or upload stolen data.
According to NitroSecurity’s SIEM Blog, some of the major antivirus products from vendors such as Avast, AVG, Symantec, McAfee, eTrust, and Trend Micro currently have signatures available to detect the file attachment as malicious; however, few of the remaining top 40 antivirus products are able to detect any of the files associated with this attack. Gladiator recommends that users do not open any emails or attachments like the ones described above and should always exercise caution regarding any suspicious or unsolicited email received.
Every time I resubmit an email address it tells me its invalid. Could this be a problem with my email?
Yes and No :^)
Yes > Some users are seeing a “Please update your email address” message after logging in because their email service provider is most likely treating Facebook emails as spam. To resolve this issue, please contact your email service provider and let them know about your problem receiving emails from Facebook.
No > It appears Facebook never sends the confirmation emails out. It is a bug in their system and it has been reported. Just keep trying.
When you’re using email marketing to communicate with your audience — as in, you’re not just trying to sell them stuff — you’re building customer relationships. And relationships flourish when two parties engage in a dialogue. That’s true of your best personal friendships, and it’s also true in business.
Email communication is a great way to let subscribers know more about your expertise, business, service, or organization. But if you’re only using it as a one-way street to spread your message, you’re missing out on a wonderful opportunity to engage with your readers and build long-term, trusted relationships. That’s important because..
1. “Welcome! How did you find us?”
The best place to start asking for reader feedback is at the point of connection — your welcome email letter. Warm it up by telling readers what they can expect to receive now that they’ve subscribed to your newsletter. Then ask them to email you info about how they heard about your business. Learning how new customers find you lets you channel your marketing efforts and dollars into the most effective outlets.
2. “Send us your thoughts, concerns, ideas, pet peeves, etc.”
Every email communication should have a link inviting recipients to talk back to you. A simple “What’s on your mind? We’d like to hear from you” can get the conversation started. Or tailor the question to something that’s happening in the news or your industry today.
3. “What kind of information do you want to hear from us?”
Survey or ask readers about the five most important topics they want to read about in your newsletter, so you can deliver highly relevant, valuable content. Tell them you’ll report on the results in a future issue. Feedback on content also allows you to segment your audience into smaller, more targeted groups. You can send readers only the content they are interested in.
4. “Stump the experts.”
Invite readers to stump you with their best questions. Suggest areas to ask about, such as uses for your products, or interesting, popular, or challenging aspects of your services — the things customers most often ask you about face to face. Tell readers you’ll give them credit if you answer their questions in your newsletter. And as thanks, you can send them a small gift, such as a pen, refrigerator magnet, desk calendar, or sticky note pad with your company logo on it.
5. “Share your success story.”
Here’s another type of “reader challenge” that fosters conversation, touts your products or services, and generates great content: Invite customers to share their success stories with you — ways your products or services have solved problems and improved their lives. Publish the best ones, credit the authors, and send the winners a fun freebie.
Getting the Conversation Started
Take a look at your next email marketing campaign. If it doesn’t contain a way for readers to “talk back” to you, pick one of the ideas above and integrate it into your communication. Get creative, be conversational, and have fun with it! Now is an opportune time, as people say good-bye to summer and settle into their fall schedules. Find out how people are feeling about the economy now and looking ahead to 2010. Not only will you get feedback that’s critical to making smart business decisions, you’ll get ideas that will help make your email communications — and your customer relationships — come to life.