Why Do People Create Viruses?

Why Do People Create Viruses?Writing a computer program is hard and writing a virus is even harder (BTW you don’t even need programming skills as viruses templates can be bought online), so why do people do it? In the majority of instances it comes down to 3 reasons:

  • Money
  • Bragging rights
  • Simply being a jerk.

While bragging or being a jerk is pretty self-explanatory, the money side is more interesting. Here are some of the ways people make money with viruses:

Bank account theft: As with real bank robbers virus creators are more than happy to help themselves to the money in your bank account. Once they have your login details (obtained via a key logger) they simply transfer your funds away or use your credit card details to go on a shopping spree. Sometimes they’ll leave the fun to another person by selling your details to the highest bidder.

Ransomware: Sometimes a virus will encrypt your files and demand money for a key to unlock you own data. Without a true backup procedure in place you are at their mercy.  Once you have paid the nightmare may not be over as they now know you are an easy target and request even more money.

Ad swappers: A very cheeky technique which you may never know is happening to you. This scam is when a virus puts annoying ads on websites you visit or places affiliate codes on pages. When you buy something legitimately – eg, from Amazon – the affiliate codes allow the hacker to get a percentage as a ‘referral fee’. Their kickback doesn’t make your purchase cost more and you may not even know you are infected.

Bitcoin mining: You have heard of digital currencies being used for payments but did you know you can also earn money via bitcoin mining? You can earn this money by running specialized software on your computer but sometimes this means paying more in running costs than you would actually make – unless you were very clever and sneaky, and used a virus to use the processing power on other people’s computers.

Botnets: If infected with a botnet, a computer can be remotely controlled to do whatever the virus creator wants. In most cases they’ll usually set the infected computers to overwhelm a target computer and blackmail the owners of that computer – the ‘Botmaster’ says “pay me thousands of dollars or I’ll crash your computer.”

Account stealing: Subscription accounts like Netflix and Hulu are often hijacked allowing other users a free ride by using your accounts. Gaming accounts open up another world of financial incentives with those digital items that people work hard for in the games worth a pretty penny on the black market.

These are just a few of the ways people make money through viruses and malware. If you know of any others please leave a comment below.

Give us a call at 08 8326 4364 to make sure your computer is secure and protected.

How Much Could A Ransomware Attack Cost Your Business?

How much is your data is worth? Information is probably the most valuable part of your business. Imagine if you lost your client database, accounting software, inventory management and any intellectual property you may own. How long will it take to recreate this data and how much money would you lose in lost productivity, staff wages and the time it takes to either recover or recreate the lost information?

Recently when the WannaCry ransomware spread through out the world, many businesses were suddenly forced to re-assess the value of their data: was it worth saving and what would be the ongoing costs of the attack?

If you don’t have a recent backup most ransomware attacks cost at least $US200 (if not a lot more) to get your files released and that is only IF the cyber criminals honor the payment and actually give you the decryption key (some even demand further payments). Meanwhile your business is still running and new client calls are still coming in and you may find yourself unable to operate with your systems down.

Paying the ransom may seem like a quick fix but:

  • There is still the downtime involved to restore your data resulting in lost productivity.
  • If word gets out that your data has been compromised you may find confidence in your business plummets and your existing clients head elsewhere.
  • The cyber criminals you pay, may now see you as an easy target and demand more money or target you for other scams and malware activity.
  • You may recover the data but is it compromised with other malware?
  • You may not get back all the data that has been lost.

So that $US200 ransom may end up costing many, many thousands of dollars!

How To Prevent Ransomware Attacks on your Business

Keep your systems up to date: Malware can take advantage of flaws in older versions of Windows and software – sometimes ones that have already been patched by Microsoft and third party vendors. To be protected businesses have to stay up to date with their patches & versions. To be up to date with Windows patches you need to be running a supported version of Windows. Delaying patches and updates puts your business at risk – we can help you keep you systems up to date.

Use corporate grade security software and firewall: Free software may be fine for low end home computers but if the worst happens you will get no support or help from a company providing free software. A firewall or UTM (unified threat management) device can also help block malware and ransomware infections. But whether it is a free or paid for solution the software (and any hardware devices) must be kept up to date.

Lock down employee computers: Very few staff will require full administrator access to your business network. With a higher level of permissions the more damage a person can do – either accidentally or by inadvertently installing malware. By locking down your computers you have a better chance of containing a malware attack to non-vital systems. Our expert computer technicians can design an access management plan that gives you best of both worlds – flexibility and security.

Educate your workplace: Most employees believe they are being cyber-safe but in reality it is quite different. Many malicious links and embedded malware have become harder to spot – and all it takes is a microsecond to click (and later regret it). We can work with your staff to establish procedures around checking links for authenticity before clicking, awareness around verifying the source of attachments and the importance of malware scanning and keeping systems up to date. We can help get the message through!

Have a solid backup plan: When ransomware hits, a connected backup = infected backup. Also a lot of cloud backup systems, such as Dropbox, immediately clone the infected files which also renders the cloud copy useless. The only safe backups will be the ones both physically and electronically disconnected. Our experts can set you up with a backup system that makes recovery simple.

Be proactive: The best way to avoid the costs of a ransomware attack is to prevent it from happening in the first place is with up to date antivirus software, regular systems updates and security audits. Remember, many businesses were able to watch WannaCry from the sidelines, completely unaffected and seized opportunities while their competitors were down.

Our regular maintenance plans can help protect your business against the next cyber-attack. Call us today on 08 8326 4364 or via email at support@dpcomputin g.com.au.

WannaCry Ransomware Explained: Is Your Business At Risk?


With all the media attention last week you would be hard-pressed to not of heard about the WannaCry cyber-attack. Businesses of all sizes and even hospitals and police departments found themselves crippled with out warning.

Here in Australia we looked to have missed a large part of the attack due to the time zone differences and the fact that a kill switch was found for the malware. We shouldn’t rely on these factors going forward though. This articles details what the malware is, why it caused so much damage and how to protect ourselves moving forward.

What is WannaCry?

The WannaCry cyber-attack was a type of malware (the collective name for malicious software which includes viruses, worms and spyware) called ‘ransomware’. Just like the name suggests, it actually demands money from the owners of the computers infected. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until payment is made –  in this case, the price was set at $300 payable with the internet currency Bitcoin (and you had 3 days to pay before it doubled). If you don’t pay the ransomware threatens to permanently delete all your files. It is not yet known how much money the WannaCry hackers have earned with their latest attack – but you can be sure that plenty of people have paid the ransom. Even the FBI recommends paying the ransom – especially if the ransomed files are of a sensitive nature or weren’t backed up.

How It Spread So Fast

WannaCry self-replicates and spreads. So far, no common trigger has been identified, as is normally the case with phishing links (a phishing attack needs to be activated – usually with a click). WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time it infected other networks, who then spread it further and further. Given the nature of the internet it had spread widely within hours.

Why Some Businesses Were Safe

WannaCry took advantage of a specific vulnerability in Windows of which Microsoft patched months ago. Thus only systems that have fallen 2 months behind in their Windows updates were infected. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – which is no longer supported by Microsoft). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected as the virus literally had no way in

This outbreak shows the importance of staying up to date with security patches on your systems. We haven’t yet seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick Windows update could protect your business from weeks of downtime and lost revenue making attacks like this a non-issue.

With our regular maintenance plans we can make sure you stay up to date and protected. Give us a call today at 08 8326 4364 to discuss ways we can help your business stay safe.

Four Reasons To Use Anti-Spam Filtering In Your Business

Monitor screen showing spam in the mailbox

Remember the times when spam was obvious and unless you desperately needed a special blue pill they were easy to ignore and delete? The impact on your business was minimal as spam was just an annoyance rather than anything else. Unfortunately spam has now matured into an aggressive threat, marked by sophisticated attacks and rapidly evolving techniques. It is not just random electronic junk mail anymore and is putting a costly strain on your business resources.

How Spam Impacts Your Business

Hackers are now sending cleverly disguised emails to your business containing malware. Once clicked by an employee the malware can infect your computer system or steal your private data. The malware can spread across the entire computer network and beyond – including your clients and vendors. The fact that your employees must pause and examine every email adds hours of lost productivity. Some spam is so convincing that only an expert would be able to visually identify it. Employees are also more likely to miss an important email, either not seeing it arrive at the same time as a spam attack or becoming overwhelmed with the sheer number of emails.

How an Anti-Spam Filter Can Save Your Business

Spam emailEmail clients such as Outlook can perform basic filtering but to rely just on Outlook is not recommended. The best method is to implement a corporate grade filtering solution. Depending on whether you have an on premise or cloud based server an on premise or external filtering options are available. Even if you have an on premise mail server we recommend an external filtering option. An external option stops spam ever reaching your office saving precious bandwidth and server processing time.

Ways in which a spam filter will benefit your business includes:

  1. Block threats before they reach your inbox: The spam filter’s purpose is to block the spam from ever reaching your employees mailboxes. The threat is automatically identified and either held securely or immediately deleted. This is the best way to avoid activating any malware present in spam – as it’s so easy for you or an employee to click on a link in an email that seems authentic and / or important. The effects of that one click may be instantaneous or may lie hidden for months. Removing the email before it is in a users mailbox is a much safer option.
  2. Filter legitimate emails: Real mail needs to be able to stand out and avoid the trash. Anti-spam filtering has sophisticated recognition abilities which block spam only and allow real mail to land safely in mailboxes.
  3. Meet data regulations: Many businesses are subject to strict privacy and data storage regulations, some more so than others. To continue operation, they need to meet conditions including the use of spam filtering to reduce the risk of data breach.
  4. Protect your reputation: You can see how uncomfortable CEOs are when they go public to admit a breach. They must acknowledge that they failed to protect client data or that users may be infected with a virus. Not only do they then face financial loss but their business reputation takes a nosedive. Anti-spam filtering is a simple way to help reduce these types of scenarios.

Filtering has come a long way in recent years, with complex algorithms identifying and catching spam before it becomes a risk to your business. Real emails can now pass safely through without the classic catchcry of ‘check the spam folder’, and businesses can work with greater productivity and more safely than ever before. You need email, but you definitely don’t need spam or the chaos it can bring to your business.

We can block spam and keep your legitimate emails flowing. Call us at 08 8326 4364 or email support@dpcomputing.com.au today!

Will Clicking That Link Cost You Thousands?

Ransomware has been a huge security threat in 2016. No-one was safe. Hackers targeted everyone and everything – including office networks and home PCs. In fact anything connected to the Internet (including smart TV’s and surveillance cameras) was fair game for them. They were very successful, with reports of upwards of $US846million reported just from incidents in the US. With this sort of monetary gain business is booming for hackers, with thousands of attacks each day bringing in an average of $US640 per target. Even more alarmingly is that the cost to the end user is on the rise with hackers demanding more and more money each time.

Some hackers even offer to help and rescue you from the issue that they caused – for a fee of course! One method is to trick you into thinking you have a virus or malware issue that will spread rapidly if you don’t pay them money to remove it. Another scarier method is that they pretend to be from a law enforcement agency (ie the Federal Police, FBI or a similar type of organisation) and say your computer was involved in a crime (anything from money laundering to child pornography). If you pay them a certain amount of money quickly you can avoid going to prison.

The real bad malware that is spreading rapidly at the moment are the crypto range of viruses. These viruses cause users to be locked out of their own data by encrypting files on users computers and servers. Folders of business documents, pictures, photos, music and even financial records are all held hostage until a ransom is paid. The encryption is such that it is unbreakable and unless you have a good backup paying the ransom is often seen to be the only solution.

The way these evil hackers get into your computer is deviously simple. They convince users to click on an email attachment/link or pop-up. For example you receive an email or pop up that:

  • supposedly tracks an undeliverable package.
  • is a bill or credit from a utility company.
  • alerts you to a virus that was found and needs to be removed.
  • an invoice from a company you have never heard of and / or for goods you never ordered.
  • advises you of a recent traffic or some other type of fine.

They make the message so tempting to click through for more details (this is what the hackers count on). Their messages and pop-ups aren’t obvious threats and so can easily slip under our radar and through various spam and virus filters.

Paying the hackers to solve or unencrypt your files is not recommended as they are not the most trustworthy bunch. That one payment may lead to demands of more and more money with no solution in sight.

To make things worse, the malware can encrypt your backups too. Having a backup is very important in any situation, but in cases like this, the right backup is needed – with several other backup copies not connected to your network and stored safely offsite. An online backup is also recommended. Before restoring your backup remember to check that the malware isn’t lurking in the background, ready to not just re-infect your restored files but also the backup drive itself.

To avoid finding yourself dealing with ransom demands we recommend being wary of all email attachments. Even if they are from business associates, friends and family – if you are not sure what the file is don’t click it. The sender may not have sent that email intentionally and their compromised system may be automatically emailing everyone in their address book.

You should also be wary with any popups that appear out of place, especially ones that try to make you panic or do something you are wary of doing. If the message doesn’t sound or look right then don’t click it. Ransomware is just too dangerous to risk.

Also make sure your backups are working correctly and regularly test your backups.

Call us on 08 8326 4364 to set your computer up with protections against ransomware / malware / viruses, and put backups in place that will keep your important files safe.

Should You REALLY Click That Button?

All of us have had that pop up that just won’t leave. It’s hounding you to upgrade your software or change some sort of setting and clearly it has zero intention of giving you a rest. That software wants to be upgraded or that setting changed and it wants it now.

update

Begrudgingly you click the “Yes” or “Ok” button and let it upgrade in the background or change that setting. Maybe now it will leave you alone to get some work done but instead of doing something positive you quickly discover it’s given you the exact opposite. Your essential hardware no longer works, you’ve got errors all over the place, and that application no longer runs at all.

The urgent popup was more of an instant downgrade.

Before you click that nagging upgrade button, consider the following:

Is the popup for legit software?

Do you have that software already installed on your machine? Does the popup look dodgy with poor spelling or grammar? If so it may be a virus or piece of malware trying to install on your machine.

Will this upgrade benefit your business?

Some upgrades are only cosmetic. They look great and the developers pitch them as the latest and greatest, but without additional innovation on offer – you’re better off waiting for a version with some actual benefits.

Is the upgrade going to work with your current systems and processes?

If your project management software no longer talks to your scheduling software, you’ve got a problem. It’s reasonable to expect the upgrade to have gone through robust testing and bug fixes, but even the mega corporations are caught out in an instant.

Is your current solution still an option?

Developers cease support of older software versions after a certain date. In these cases, continuing to use an outdated version leaves your system vulnerable, without patches and security updates. If your software is at the end of its cycle, you’ll need to upgrade regardless. This, however, gives you the perfect opportunity to revise your selection and make some experienced decisions – upgrade or replace.

On the other hand, if the upgrade is going to have a positive effect on productivity, efficiency or customer satisfaction, definitely put it on your to-do list. Hold off for just a few days or weeks while your IT technicians research any conflicts that might arise.

Being an early adopter isn’t always the best idea. Sometimes you need to let your other software packages catchup – compatibility issues will always be an issue. It’s more important than ever before to take your time and research the upgrade to see how others have fared – before things come crashing down.

Call us for a quick compatibility check BEFORE you click any popups.

Six Quick Security Tips To Keep Your Business Safe

securityEvery employee shares one inescapable flaw that is putting businesses at risk – they are human.

Up to 59% of data breaches can be traced back to something an employee did or didn’t do, which helped create a security incident or cyber-attack.

To help prevent security issues build security awareness and respect into your company culture, so that maintaining digital security becomes as simple as making a cup of coffee.

Use complex passwords: Every employee, including management and owners, need to use an alphanumeric password that they haven’t used before. Password managers can assist with making sure they’re never forgotten.

Verify unknown identities: Not familiar with ‘Jenny from Accounting’ who has called to ask for sensitive information? Double check the callers identity and access permissions before releasing any information. Hackers love to play on our desire to help other people.

Encrypt by default: People regularly transfer data to a laptop, USB drive or smartphone so they can work offsite. Unfortunately this equipment can be easily stolen or lost. Set operating systems to encrypt data by default, so that it becomes useless in the wrong hands.

Protect portable devices: Laptops, mobile phones and other portable devices should always require a password and be set to auto-lock after a short period of time. Never leave them unattended in cars, buses, restrooms etc, and if travelling by plane take them on-board as carry-on luggage.

Set personal usage rules: Many businesses block productivity-vacuums such as Facebook and other websites but what are the rules regarding games, video streaming or shopping? Can users install their own software? When business devices are used for personal usage, security tends to slide which results in unintentional malware installation. Also don’t let the employees spouse or children use any company device.

Educate often: People often fall into the “it won’t happen to me” mindset. As security threats change regularly have a quick five minute discussion once a month to remind staff that you always need to be vigilant.

Some things to discuss with staff are:

  • Links in emails – Hackers often send emails that look like they are from your bank, phone company or similar. Be sure to check the link by hovering over it with your mouse. This method of attack is known as ‘phishing’.
  • Tech scam popups – Be on the lookout for popups advising that your computer is infected and you need to call a phone number or download software.
  • Email attachments – Never open an unknown attachment and even from people you know and trust. If you are not expeciting an attachment from the sender always contact them to confirm and scan for malware before opening.

If you need help implementing better security practices in your business, give us a call on 08 8326 4364 or via email at support@dpcomputing.com.au

How To Spot A Tech Scam

Scammers swindle millions from people every day.

If your computer had a security problem, you’d want to know about it ASAP, right?

Before your important files are corrupted, your photos lost and your digital life destroyed. Even thinking about gives me the shivers.

Tech scammers know we’d be lost without our computers, and that we don’t always know what’s going on behind the screen – which is why they’ve been able to swindle millions from every day people across the world.

The scam goes like this:

ScamsOne day out of the blue you receive a phone call from someone with a heavy accent (usually Indian) saying they’re from Microsoft (or some other company) or worrying pop-up appears on your screen, saying your system has been infected with a virus.

To fix the problem, the caller or the pop up says you to download some support software, which they’ll give you a special link for.

A technician then uses that software to gain access to your system and make it appear your system is riddled with viruses. Flashing screens, mysterious diagnostics whizzing by, fabricated errors…they’ll do or say anything to make you panic. They’ll even go as far as claiming your system has been infected with illegal content and if not corrected you will face criminal charges.

Demands for credit card information follow soon after. Once the card details are provided, they simply stop fiddling with your system to make it seem the problem is fixed. To continue the scam, they’ll soon access your system to recreate the problem, this time offering a ongoing paid subscription for ongoing protection.

What To Do If You’re Targeted By A Tech Scam

1. Don’t taunt them. Just hang up. Right now you’re only a phone number in their system and they’ll move onto the next – if you give them cause to target you personally, you may find yourself in a dangerous situation.

The real Microsoft will never randomly call people like this. Ever.

2. If a pop-up appears, immediately run an anti-virus scan. Don’t click the pop-up or call the number.

What To Do If You’ve Already Been Scammed

It’s okay. It feels horrible, but you’re not alone and the situation can be corrected.

Call your financial institution and have the charges reversed and your card reissued. It’s easier than you might think and helps the authorities locate the scammers.

Then give us a call on 08 8326 4364 (or support@dpcomputing.com.au) and we’ll make sure they no longer have access to your computer.

Free Windows 10 Mini Course

Windows10For almost a year now Microsoft has been promoting (and even pushing) a “Get Windows 10 Free” upgrade to every PC running Windows 7 or 8. The upgrade has been very controversial due to Microsoft’s aggressive tactics – a lot of our customers have found themselves “upgraded” to Windows 10 without permission!

All that will end soon, as on July 29, 2016, the free upgrade offer will finish, forever (really). So should you take advantage of this free offer while you still can?

This is not a “one-size-fits-all” situation – there are quite a few computer models which aren’t fully compatible with Windows 10 – if you upgrade you may find your mouse,  network or say printer doesn’t work quite right anymore. And a few (very few) applications that run on Windows 7 won’t run properly on 10. (The good news is if you decide you don’t want the upgrade it’s easy to revert back to your previous Windows if you do so in the first 30 days after the upgrade).

But overall the new Windows 10 has had mostly positive reviews, and it’s designed to be more secure and more cloud-and-touch-friendly than Windows 7 without being as shockingly different as Windows 8. Plus Windows 10 will be supported by Microsoft for the foreseeable future, where Windows 7 will become unsafe to use in 2020 (and
Windows 8 in 2023). If your hardware is in good shape then taking advantage of the free upgrade may save you from buying a new computer for a few more years.

Windows 7’s support ends January 2020,  Windows 8’s ends January 2023. Windows 10, if kept updated, is expected to last long after 2025.

Still, after the debacle that was Windows 8 and Microsoft’s pushiness with the free upgrade many people are hesitant to upgrade. So if you want to learn more about Windows 10 and what it’s like to use BEFORE you upgrade, we’ve got a deal for you. Our partners at Bigger Brains are allowing us to post their “Windows 10 Essentials” training course right here on our website for you for FREE until July 29 (Click the screenshot below).
free windows 10 training

If that is not enough we even have another Windows 10 Tutorial video which you can check out here on Youtube:

Check out the award winning free course HERE. And for a full year of Bigger Brains training, including courses on Excel, QuickBooks, Outlook, Gmail, HIPAA and 50 more, ask us about our $79 special!

Don’t Fall For Phishing Scams

PhishingWhat is a Phishing Attack

Phishing is an attempt to trick you in giving out personal information such as bank accounts, passwords and credit card numbers.

They work by someone contacting you pretending they are from a legitimate business. They then ask you to provide or confirm certain confidential information.This contact can come in a variety of formats such as email, social media, phone call or text message. The messages are designed to look genuine and often use copied logos and branding from the legitimate company.

Once the scammer has this information they can then use this to carry out fraudulent activities such as emptying your bank account or using your credit cards.

How to Avoid a Phishing Attack

Some tips to help you avoid a phishing attack are:

  • Don’t reply to any suspicious looking emails or messages that ask you to confirm or update any information about your account whether they are from a coworker, finance company, friend, bank etc.
  • Don’t click or visit any links contained in suspicious emails or messages. Even if the website looks legit it will most likely infect your computer or do something worse.
  • Legitimate businesses, organisations and government departments will never send you a message to ask for your login information or sensitive personal information. If in doubt ring the organisation in question but don’t ring any numbers listed in the suspicious message.
  • Ignore emails that try to convey a sense of urgency and / or are requesting you to “Verify your account” right away due to ‘security issues’, ‘suspicious activity’ or ‘failed login attempt’ or the like.
  • Do not copy website links from suspicious messages and paste them into your web browser.
  • Never open or save any documents or attachments that come from possible spam and / or virus mails.
  • Never send confidential information about any of your accounts in an email.
  • If you’re unsure or suspicious about an email from a ‘friend’ or ‘colleague, call them  (ie don’t respond to the suspicious email) to see if that really was a legitimate message.

Further information is provided at the Australian Government’s Scam Watch website – http://www.scamwatch.gov.au/