Don’t Become a Victim of Social Engineering

Social EngineeringYou can have the best in computer and network security but if you or one of your staff members inadvertently give out some information all the security can come to nought.

Social engineering is the art of manipulating other people to take certain actions or divulge private information. Some hackers use social engineers techniques and skip the hassle of writing code and go straight for the weakest link in your security defenses – you and your employees. A seemingly innocent phone call or email may be all it takes to gain access to your computer systems, despite having solid software and hardware protections in place.

Here are a few ways on how social engineers work:

Email: Pretending to be a co-worker, supplier or customer who needs a simple piece of information. It could be a money transfer, contact person or some sort of personal details that they pretend they already know, but simply don’t have in front of them. The hacker may also create a sense of urgency or indicate fear that they’ll get in trouble without this information. Your employee is naturally inclined to help and quickly responds with a reply.

Phone: Posing as IT support, government official or even a customer, the hacker can manipulate your employee into changing a password or giving out information. These attacks are hard to identify and the hacker can be very persuasive, even using background sound effects like a crying baby or call-center noise to trigger empathy or trust.

In person: A person in uniform or a repairman can easily get past most people without question. The social engineer can then quickly move into sensitive areas of your business. Once inside, they become invisible and are free to install network listening devices, read a Post-it note listing passwords or gain information and tamper with your business in other ways.

It’s impossible to predict when and where (or how) a social engineer will strike. The above attacks aren’t particularly sophisticated but can be extremely effective. Your staff have been trained to be helpful, but this can also be a weakness.

So what can you do to protect your business? First, recognize that not all of your employees have the same level of interaction with people, the front desk person taking calls and welcoming visitors is at higher risk than the back office or factory worker. We recommend cyber-security training for each level of risk identified and focus on responding to the types of scenarios like those listed above. Social engineering is too dangerous to take lightly.

Talk to us about your cyber security options today. Call us at 08 8326 4364 or at support@dpcomputing.com.au

How to Tell if Your Computer Has a Virus?

How to tell if your computer has a virus?Sometimes computers do crazy things that ring alarm bells and make users think it is a virus. Next thing you know the boss is telling everyone to run scans and demanding people come clean about their browsing habits. Fortunately, not all weird occurrences are viruses related – sometimes your computer is simply overloaded, overheating or in desperate need of a reboot.

Here are some of the tell-tale signs that your computer maybe infected with malware:

Strange Error Messages

Does your computer have messages popping up from nowhere that make no sense, are poorly worded or just plain gibberish. Take note of anti-virus and security warnings too, check that the warning is from YOUR anti-virus software and looks like it should occur. If a message pops up that isn’t quite right then don’t click it – not even to clear or cancel the message. Close the browser or shut down the computer, then run a full virus scan.

Suddenly Deactivated Anti-virus / Malware Protection

The best way past a security guard is to sneak it when they are not around. Certain malware infections are programmed to disable the security systems first, leaving your computer open to infection. If you reboot and your protections are not enabled you may be under attack. Attempt to start the anti-virus manually and if that doesn’t work, backup your data and try and reinstall your security software.

Social Media Messages You Did Not Send

Are your friends replying to messages you never wrote? Your login details may have been hacked and your friends could be tricked into giving up personal information or money. Change your password immediately and advise your contacts of the hack.

Web Browser Acting Strange?

Perhaps your homepage has changed, it is using an odd search engine or opening/redirecting your to unwanted sites. If your browser has gone rogue it is definitely malware which could be trying to steal your personal or financial details. Skip the online banking and email until your scans come up clear and everything is working normally again. Once you are certain your machine is clean, change all your passwords.

Sluggish Performance

If your computer speed has slowed, boot up takes an eternity and even opening programs takes forever, it is a sign that something is wrong. It is not necessarily a virus though. Run your anti-virus scan and if that resolves it, great, if not, your computer may have a hardware issues or your computer needs a tune-up or service.

Constant Computer Activity

You are not using the computer but the hard drive is going nuts, the fans are whirring, and the network lights are flashing like a disco? It is almost like someone IS using the computer! Viruses and malware attacks use your computer resources, sometimes even more than you do. Take note of what is normal, and what is not and seek help if it looks like something is amiss.

If you have a virus that you can’t get rid of or need a service on your computer give us a call at 08 8326 4364 or at support@dpcomputing.com.au.

What You Need to Know About Facebook Privacy

Facebook PrivacyA lot of people use Facebook but finding the balance between privacy and Facebook fun can be challenging. It allows us to connect with friends near and far but also it publicly shares information that just a few years ago, we’d never dream of putting online. With a Facebook search you can look for people based on where they went to school, town they live in, clubs they belong to, who they’re related to… but when is it too much information?

Your birthday is the first piece of info collected by Facebook when you sign up and it is great getting birthday wishes from friends and family when it appears in their news feed. But while your friends are sending you balloons and funny memes, your birthday is now public knowledge. It may seem harmless, but when you call your bank or other institution, what’s the first question they ask to verify your identity? Your birthday! Some companies and organisations even ask questions like ‘which high school did you go to?’ assuming this is knowledge that only you would know. Except… a lot of people have publicly shared it on Facebook. Whoops!

Then there are the stories of people who have lost their jobs after less-than-wholesome pictures or comments have gone public. If you want to protect your reputation, you may not want pictures from last weekend’s private party showing up online. While you can’t control what others do with photos they take of you, you can control whether or not you are tagged in Facebook in them.

Fortunately, there are settings in Facebook that allow you to control who can see what information and what happens when you’re tagged in a photo. Despite what rumours you may have heard or seen floating around, you do have complete control over your Facebook privacy and it is easy to adjust.

How to Check and Adjust Your Facebook Privacy Settings

Here are some settings you can easily change within Facebook to help secure your privacy and see who can see what on your profile. These steps assume you are logged into Facebook via a browser (using an app on your phone or tablet may be different).

See what your account looks like to an outsider

To see what others can see of your profile follow these steps:

  1. From your Facebook homepage, click your name on the blue bar at the top of the page.
  2. Click the three dots next to ‘View Activity Log’.
  3. Now select ‘View as…’

Run a quick privacy checkup

To run a checkup click the question mark in the top right corner of Facebook and choose the ‘privacy checkup’. Facebook then guides you through a few steps showing what your main settings are.

From within this section think about what you really need to share. For example do people need to know the YEAR of your birth or just your birthday? You can hide the year and your friends will still get the notification.

Edit advanced privacy

While the above checkup covers the most obvious information you can delve much deeper via the privacy section. Click the V-shaped drop down to the right of the question mark and go to settings and select privacy.

Adjust timeline and tagging

In the privacy settings (mentioned above), you can control who can tag you, who can see or share the tagged content and what shows up in your news feed.

I hope that explains about privacy and allows you to go in  and change the settings to what you want and not what the Facebook defaults are.

Tightening your Facebook privacy only takes a few minutes, but it can save you a whole lot of trouble in the future. If you need help with this, just give us a call on 08 8326 4364 or via email at support@dpcomputing.com.au.

Internet Lingo 101 – A Cheat Sheet for Beginners

Internet Terminology 101The Internet is growing and changing so fast that even the dictionary has trouble keeping up. Here are some common terms that are helpful to know.

Browser
A browser is a software program that lets you view web pages, videos and other online content. It’s a core requirement of going online, as it converts the computer languages HTML, Javascript and XML into a readable form.

Popular browsers are Google Chrome, Safari, Firefox and Microsoft Edge – Internet Explorer has been superseded by Edge and due to security issues is no longer recommended.

Email
Electronic mail (aka email or e-mail) is a typed message sent from one person/business to another via the Internet. Email is usually delivered to the recipient quite quickly (sometimes in seconds) but can take up to a few hours or longer.

To read and write email you will need a program such as MS Outlook or access to an email service such as Gmail or Outlook.com (usually through a browser).  Most emails are in the form of letters, newsletters or catalogs and are often written with a more casual tone. Email can include text, links to the internet and images but can only include video and sound as an attachment.

Firewall
A firewall is a security measure designed to act like a bouncer to your network. It can be both a hardware or software device. When an unauthorized user attempts to gain entry, the firewall blocks their path and refuses their access.

HTTP and HTTPS
These are acronyms for the rules of how data is transmitted across the Internet. The actual mechanics are incredibly complicated, but the terms have one very important distinction – the s on the end.

HyperText Transfer Protocol (HTTP) describes how the images, text and links ion a webpage are transferred across the Internet.

HyperText Transfer Protocol Secured (HTTPS) means the page has an added layer of security to hide your personal information from hackers. Data sent through pages with this prefix are securely encrypted before transmission.

IP Address
Every device directly connected to the Internet is assigned a unique IP address to identify itself. It is used to make sure that when you request a page or document it is sent back to you. Your IP will look something like ‘202.9.64.55’ and may be referred to as fixed or dynamic IP address.

ISP
Your Internet Service Provider (ISP) is the company that allows you to connect to the Internet. You usually connect to them through a hardware device such as a modem or router. They can also offer extra services like email or web hosting.

Malware
Malware is the short form of the phrase malicious software. It is a broad term used to describe viruses and other software that performs a function that you don’t know about. Malware can trick you into paying money, take control of your computer, be used to launch attacks against other computers, steal your private details or break your computer in some way. Instead of listing each specific threat separately you’ll commonly see them lumped together under the general term ‘malware’.

Router
The traffic system for your network the connects computers and devices within your office or home and acts as a basic defensive gateway to the Internet. These hardware devices can be wired or wireless and allow you to share one Internet connection amongst all the computers and devices in your office or home.

Social Media
A term to widely describe all the websites and applications that let you share and interact with others online. To fit this term the site needs to allow user profiles, live updates and the ability to add friends and / or followers.

The most common social media websites are Facebook and Twitter.

Spam and Filtering
Spam refers to any unsolicited email message sent over the Internet. It is the electronic form of junk mail but is also a technique hackers use to trick people into clicking links which may infect their computer with malware.

Email applications are reasonably good at identifying spam and should shift dodgy messages automatically to a spam folder before you see it. Occasionally the filters get things wrong and you may find a relevant email needs to be dragged back to your inbox from the spam folder or allowed through. Filters should also allow for blacklisting and whitelisting email addresses.

URL
Each website has a unique address on the web known as a URL (Uniform Resource Locator). URLs commonly end in .com but can also end in a country specific extension like .com.au or .fr, or more recently, in new and exciting extensions such as .xyz or .me

Let me know below in the comments if you have any other words or want a description for a word or phrase you don’t understand.

 

Top Ten Tips To Stay Safe Online

Are you worried about staying safe while using the Internet?

Then check out our great tips on how to stay online by clicking the link below.

The articles go through the following topics:

  • Secure you device.
  • Shop safely with trusted sellers
  • Learn the markers of a secure site.
  • Use a safe and protective payment method
  • Think before you share
  • How to tighten privacy settings
  • What to use a a passphrase
  • How to check the senders email address
  • Check the URL.
  • How to outsmart fishing attempts..

Click the link below to access our easy to print PDF with the tips.

Top 10 Tips to Stay Safe Online Guide

If you have any questions please leave a comment below.

Why You Should Not Use A Free Email Address For Business

Free email accounts indicated a lack of experience

Many businesses, clients and customers communicate primarily by email and as you know it provides a fantastic ROI – unless you’re using a free email address (like Hotmail, Gmail or one provided by your ISP (internet provider)). If you are still using a free email address you are most likely losing business each and every day.

The downsides of using a free email address are:

An unprofessional look: Imagine if your bank used a free email account – you’d never feel comfortable giving them your personal details let alone your money. How people perceive your business is what can make or break a business. Without a professional touch you will appear as a fly-by-night enterprise. It puts your credibility into question and sends the message that you’re not serious about doing business – or worse – that you are prepared to cut corners and take the cheap option.

It erases your experience: A new or fledgling business often starts out with a free email account. This clearly communicates that they are new, have little experience and are perhaps testing the waters in a new direction. They’re not even remotely proven yet and are firmly within the hobby-zone. Continuing to use the free address once your business moves into the professional arena means you will struggle to build momentum and any experience you have earned will be negated.

It’s forgettable or inappropriate: Your business success hinges on being memorable enough to gain repeat custom and referrals from advertising. Unfortunately free email addresses are filled with hard to remember clutter, for example – franksplumbing_1975@hotmail.com or bookkeeper1198@gmail.com.

Neither of these roll off the tongue, are appropriate for business, or can be remembered without a high likelihood of typos and bounce backs. Branded email addresses such as frank@franksplumbing.com make running a profitable and scalable business much easier.

The email address Is not permanent or safe: When you have a free email address you are at the mercy of the provider. They may cancel your account for any reason or even cease operations. These free accounts are also often hacked and their passwords leaked on a global scale. You get stuck using the same provider (and can’t take advantage of any better deals) as you need to use the old email address because it is on your marketing materials (printed on your business cards, car lettering, flyers etc).

With your own domain name and subsequently your own email address you own it and can move it to a new business-grade email service easily. You also have complete control over the domain and can reset passwords and create and close accounts at will.

Give us a call at 08 8326 4364 to set up your branded business email.

Will Clicking That Link Cost You Thousands?

Ransomware has been a huge security threat in 2016. No-one was safe. Hackers targeted everyone and everything – including office networks and home PCs. In fact anything connected to the Internet (including smart TV’s and surveillance cameras) was fair game for them. They were very successful, with reports of upwards of $US846million reported just from incidents in the US. With this sort of monetary gain business is booming for hackers, with thousands of attacks each day bringing in an average of $US640 per target. Even more alarmingly is that the cost to the end user is on the rise with hackers demanding more and more money each time.

Some hackers even offer to help and rescue you from the issue that they caused – for a fee of course! One method is to trick you into thinking you have a virus or malware issue that will spread rapidly if you don’t pay them money to remove it. Another scarier method is that they pretend to be from a law enforcement agency (ie the Federal Police, FBI or a similar type of organisation) and say your computer was involved in a crime (anything from money laundering to child pornography). If you pay them a certain amount of money quickly you can avoid going to prison.

The real bad malware that is spreading rapidly at the moment are the crypto range of viruses. These viruses cause users to be locked out of their own data by encrypting files on users computers and servers. Folders of business documents, pictures, photos, music and even financial records are all held hostage until a ransom is paid. The encryption is such that it is unbreakable and unless you have a good backup paying the ransom is often seen to be the only solution.

The way these evil hackers get into your computer is deviously simple. They convince users to click on an email attachment/link or pop-up. For example you receive an email or pop up that:

  • supposedly tracks an undeliverable package.
  • is a bill or credit from a utility company.
  • alerts you to a virus that was found and needs to be removed.
  • an invoice from a company you have never heard of and / or for goods you never ordered.
  • advises you of a recent traffic or some other type of fine.

They make the message so tempting to click through for more details (this is what the hackers count on). Their messages and pop-ups aren’t obvious threats and so can easily slip under our radar and through various spam and virus filters.

Paying the hackers to solve or unencrypt your files is not recommended as they are not the most trustworthy bunch. That one payment may lead to demands of more and more money with no solution in sight.

To make things worse, the malware can encrypt your backups too. Having a backup is very important in any situation, but in cases like this, the right backup is needed – with several other backup copies not connected to your network and stored safely offsite. An online backup is also recommended. Before restoring your backup remember to check that the malware isn’t lurking in the background, ready to not just re-infect your restored files but also the backup drive itself.

To avoid finding yourself dealing with ransom demands we recommend being wary of all email attachments. Even if they are from business associates, friends and family – if you are not sure what the file is don’t click it. The sender may not have sent that email intentionally and their compromised system may be automatically emailing everyone in their address book.

You should also be wary with any popups that appear out of place, especially ones that try to make you panic or do something you are wary of doing. If the message doesn’t sound or look right then don’t click it. Ransomware is just too dangerous to risk.

Also make sure your backups are working correctly and regularly test your backups.

Call us on 08 8326 4364 to set your computer up with protections against ransomware / malware / viruses, and put backups in place that will keep your important files safe.

How To Stay Safe While Being Social Online

How do you balance being social with staying safe online??

These days it is common for people to happily share all sorts of their private information online. Unknown to the actual users this sharing builds information stores that can easily become a one-stop goldmine for fraudsters.
Staying Safe Online

It’s not exactly the intention everyone has when they sign up to a social network site (as the whole point of most of their networks is to share your life with your friends) but this social sharing depends on us making certain privacy sacrifices.

So how do you balance being social with staying safe?

On Facebook alone, the average person shares 13 pieces of personal information ranging from a fairly innocent name/email combo, all the way to their mothers maiden name and home address.

It doesn’t sound like a lot, but those 13 pieces have the power to unravel your life within minutes.

Even checking in at home has become the norm for some people, helping to create a multi-dimensional online identity. The details are available to anyone who cares to look, whether they’re a friend keeping in the loop or someone with a much darker agenda.

The problem is that you don’t know who’s looking at your profile or why they are looking.

For example, someone could try accessing your email account by clicking the ‘Forgot password’ link. The email service follows its security rules and asks identifying questions like ‘which high school did you go to? What is your pet’s name?’ These most common identifying checks and their answers are probably available on a lot of peoples Facebook page.

Once your email address is compromised, hackers can use that to break into other services by going through, clicking ‘Reset Password’ on site after site, account after account – since they have full access to your email. So there’s nothing stopping them from compromising all your online accounts.

7 Ways To Secure Your Facebook Without Missing Out on the Fun

  • Preview your profile as others see it (ie see if you can login on a friends account to see what they can see).
  • Review what should and should not be visible to strangers.
  • Consider only sharing partial details, like birth day and month, but not the year.
  • Only ever ‘friend’ or ‘connect’ to people you know and trust.
  • Be wary of duplicate or ‘odd’ friend activity – hackers will often clone or hack a friend’s profile and initiate an urgent and uncharacteristic request (usually for money).
  • Update your past privacy settings too.
  • Set default future sharing to ‘friends only’.

Need help securing your social media privacy? We can help– contact us today on 08 8326 4364 or via email at support@dpcomputing.com.au.