Rogue Browser Extensions & Scams

| February 14, 2020

Browser extensions are add-ons that people often use to improve the look and functionality of their web browser. However, among the good browser extensions, more rogue browser extensions seem to be popping up, and some users are installing them without realizing their potential risk to online privacy. In recent years, our computer repair shop has helped people who have been scammed through their phone or computer in some way. As we looked closely at each of the instance where someone was scammed, or almost got scammed – the common denominator in most of those cases was that the attacker knew something about the user’s recent online activities. Whether the user was trying to track a package, or contact support for an internet-based company – the attacker seemed to know enough information to come across to the user as legit. So, this raised the question of how the scammers were getting information about the user’s online activity?

Knowing the “how” is the key to preventing more scams of this nature. So, let us dive in.

Extensions Secretly Tracking Users Online

In the instances that we helped someone whose computer had been compromised, one thing that stood out is that the attacker seemed to know something about the user’s recent online activities. So, there had to have been a leak. What was interesting however was that there were no major threats on these computers –only a few seemingly innocent browser extensions.

Risky Browser Extensions

Digging further, I found that these browser extensions had permission to read the users search history, make changes to the user’s search settings, etc. With the right configuration, these rogue extensions could read or change your data on certain sites! Yet, some of the most commonly used computer protection software did not even flag these browser extensions as a potential risk. Anything the user searched for, or any sites that the user visited could be recorded by these rogue browser extensions. So, all it takes is having one of these malicious browser extensions to have an information leak! And that information in the wrong hands, with a bit of social engineering can be a source of trouble for unsuspecting computer users.

Malicious Extensions

Malicious browser extensions affect PCs and Apple (Mac)  computers alike. Mac users are not immune to this type of attack. Rogue browser extensions are a subtle type of threat that cyber criminals can use to collect data about the computer’s user without being obvious. Once an attacker has enough information about the computer’s user, they can usually execute a cunning confidence game on unsuspecting victims without raising any red flags.

The Solution

Not all browser extensions are malicious. You can find useful extensions that help you block ads for example, or help you lookup words. However, you have to do some research to find reputable browser extensions before you install them. On the other hand, rogue extensions are just trouble from the get go. They often pretend to be “useful” to the user in some way, while secretly collecting information about the user’s online activity. Sometimes they end up on the user’s browser through deception and they might remain unknown to the user until a computer whiz spots them.

If you suspect that you have rogue browser extensions, and you want to know how to get rid of unwanted extensions, check out our article on how to remove extensions. If you do not feel comfortable removing unwanted extensions by yourself, we encourage you to contact your local, trusted computer professional. They can help you remove the unwanted extensions and also help you configure your web browser’s privacy settings for better protection. If you found this information to be useful, pass it on. Thank you!

How To Remove Extensions

| January 31, 2020

Unwanted Browser Extensions

Extensions are a type of web browser add-on that can add more functionality to your web browser. However, you might find yourself in a situation where a malicious Extension is installed on your web browser without your knowledge. In that case, it helps to know how to remove the unwanted Extension in order to protect your personal information. We have only chosen Google Chrome, Firefox, and Microsoft Edge for this how to. So without further ado, let’s dive into it.

Please keep in mind that the following “How-to-s” are based on the standard configuration for each browser at the time of writing this article. Please note: the Extensions shown in the images below are not to be considered malicious. We are simply using these Extensions for illustration purposes, nothing more. If you feel comfortable removing browser Extensions by yourself feel free to follow these instructions. Otherwise we recommend that you get help from a computer expert.

Depending on the browser, removing the Extension can be as simple as right clicking on the extension and clicking the remove option. If that doesn’t work, you can follow the instructions for your browser below.

How To Remove Extensions From Microsoft Edge

  1. Click on the three horizontal dots on the top right hand corner of Microsoft Edge to open the options menu as shown in the image below.
  2. Navigate to the Extensions option
  3. Choose from the list of Extensions which one you want to remove
  4. Click on the Extension to show more info and options for that browser Extension
  5. Locate the uninstall button and click on it to remove the unwanted Extension. A confirmation box will show up, so click on the OK to complete removing the unwanted browser Extension.

How To Remove Extensions From Google Chrome

  1. Click on the three vertical dots on the top right hand corner of Google Chrome to open the options menu. See image below.
  2. Navigate to “more tools” and then click on Extensions from the list of options which pops up when you hover over the more tools option. At this point, you should be presented with a list of tiles for the currently installed web browser Extensions.
  3. Select the Extension that you want to remove and click on remove.
  4.  A confirmation box will show up. Click on the remove button to remove the unwanted browser extension.

How To Remove Extensions From Mozilla Firefox

  1. Click on the menu bars on the top right hand corner of Firefox to open the options menu. See image below.
  2. Navigate to and click on Add-ons from the list of options.
  3. On the left of the next screen, click on Extensions if your browser does not automatically open the Extensions.
  4. Select the Extension you want to remove from the list of extensions.
  5. Click on the three horizontal dots on the right of the Extension tile to open the menu options for that Extension.
  6. Select and click on “Remove” from the Extension’s menu list.
  7.  A confirmation box will show up. Click on the remove button to remove the unwanted browser Extension.

As you remove these Extensions you will also have the option to report the Extension and give your feedback. We recommend that you take a few moments to report any malicious Extensions so that they can be blocked from each respective browser. Hope you found this information to be useful. If so, please share and help others stay in the know.

Computer Security For Home Users

| December 7, 2019

What is computer security? If you own a computer, you are probably familiar with computer security concepts like an Anti-Virus or Firewall. You might have even installed an anti-virus by yourself or with the help of a friend, or a computer tech professional, but did you know that this is just one small aspect of computer security?
Computer threats come in many forms. Some threats target vulnerabilities on the computer itself, and some, like phishing scams, target the user. In this article, we will explore some concepts and basics that can help you stay protected while enjoying the convenience your computer brings.

Computer Security

Understanding Computer Security

In order to understand the purpose of computer security, we need to take a step back and look at what is at stake – our personal information. Criminals want to steal our valuable information, and in the case of seniors, they want to scam them out of their life’s savings.
Unfortunately, one thing that an anti-virus cannot do is detect threats which circumvent the computer’s security by exploiting the user’s desire for convenience, fear or uncertainties about computers. So, for some users, there has been a gap in computer security involving the user’s inability to detect computer threats in which the attacker uses clever tactics to gain access to the user’s computer. According to the FTC, the total of money lost in computer related fraud was about 55 million dollars in 2018. This stresses why we need to demystify computer security and establish basic guidelines that anybody can follow to steer clear of computer related fraud.

phishing

Computer security is not only about preventing computer viruses, it is about protecting personal or privileged information and following safety guidelines that help us protect our money and our personal information while using computers. Your information is one of the most valuable commodities you have. It is the key to your identity and it can be the key to your money – so, you must protect it like you would protect any key to your valuables.

The Human Vulnerabilities in Computer Security

One of the toughest things to secure a computer against is phishing attacks and computer related fraud. This is mainly because these forms of computer attacks target the user and attempt to exploit what the user does not know, or exploit the user’s oversight and failure to verify things before taking action. Even some of the most computer savvy individuals fall for these types of attacks from time to time. So, when it comes to computer security, you can never be too careful.
Recently, there have been more instances where a scammer tricks unsuspecting users into giving the scammer access to the user’s computer over the internet. The scam artist may masquerade as part of Microsoft, Amazon etc., all in the hopes of exploiting the user’s assumptions, oversight or emotional vulnerability in some cases. Once the attacker gains access to the user’s computer, it’s too late in most cases. You have have to get into damage control mode quickly!

Most of the software used to gain remote access is legitimate software, so your anti-virus will not detect the software as a threat. Only an experienced computer professional can detect such Riskware (programs that can be used to cause harm in the wrong hands). Some users may not even realize that their computer was compromised. The attacker could go back into the compromised computer as they please. Sounds like fiction right? No it isn’t.
The goal of this article is not to induce fear, but to raise awareness and empower. These computer threats are real. Keeping people in the dark about these computer risks only perpetuates the problem. The best way to fight back is to raise awareness on these types of attacks and empower each user with practical security guidelines to help prevent such computer security threats.

Protecting Your Computer & Information

While there are some aspects of computer security that are best left to the computer professionals, there are things that you can do to help protect your computer. In addition to having a good anti-virus, we recommend the following safety guidelines to help you protect your computer and your personal information. In no particular order, here they are:

  • Keep your computer’s software up-to-date: Updates often contain security patches to help protect your computer. Always update your Web Browser, Adobe reader, Java, Office and your operating system e.g. Windows or Mac operating systems etc. If you are not sure how to do updates, get help from a knowledgeable and trusted source.
  • Clear your search history & cookies from your web browser(s): An attacker can learn enough about you to create a phishing attack or phone scam using your web history. In order to prevent this, it helps to get in the habit of clearing your web history and cookies regularly. However, before you clear your history and cookies; if you have websites that you automatically log into, make sure that you remember your usernames and passwords before you clear your cookies. Clearing cookies will log you out of any website that you automatically log into. So you will need to sign back in.
  • Do not always trust the internet: For all the good that comes with the internet, there is also the bad. It’s relatively easy for people to be anonymous on the internet. This makes it easy for scammers to cast a web of bait to lure unsuspecting internet users into a cyber trap. The only way to stay safe on the internet is by having a good Internet Security program and by always taking time to verify things before you take any irreversible action online.
  • Verify web addresses:  Before you conduct any important transaction online, verify that you are on the correct or official website. A misspelled web address can land you on a fake website that could be setup to steal your personal information or install malicious software on your PC.
  • Do not take emails at face value: Get into the habit of verifying emails before taking action. Always error on the side of caution when clicking on links or opening attachments, even if it looks like the email is coming from someone you know. Hacked email accounts can be used to spread malicious software as well.
  • Avoid spreading chain emails: Even though they can be a fun way to spread jokes among friends, that very same behavior can be exploited and used as a way to spread malicious attachments.
  • Be aware of tech support or customer support scams: If you get a random call from “Microsoft” or any computer manufacturer, it’s a scam!  These companies do not call you unless you contact them first. If you get a pop up telling you to call a number because your computer is infected it’s a scam! If you can’t close the browser or shut down your computer – hold down the power button until your computer shuts down (not always recommended). After that, contact a trusted local computer service to fix any security issues on your computer.
  • Beware of prepaid card scams: Always treat it as a red flag when someone you don’t know asks you to go and buy a prepaid card to send them money. Prepaid cards are often untraceable; therefore they can help scammers get an undeserved payday while remaining anonymous.
  • Backup Your Data Files: Backing up critical files is a big part of information security. Backups come in handy in situations where the hard drive crashes or situations where ransomware locks the user out of their files. Always detach your backup device when you are done backing up your files.
  • Be careful of what you download: The internet can be a dangerous place to download something just because the name sounds good or familiar. Here is why; a Trojan is a type of malicious software which is notorious for being disguised as useful software. So, names like “Perfect Driver Updater”, “My Private Network”, “Search Protection” or “Free Network Security”, etc. may sound appealing, but they can also be a perfect delivery system for malicious software. Before you download anything, do your research on the download and on the reputation of the site that is offering that download. Use web tools like Norton’s Safe Web to check a websites reputation and unbiased customer feedback before downloading anything new.
  • Research and educate yourself to stay on top of scams: Big companies like Microsoft, HP, Dell, Amazon, PayPal etc. are usually aware of scams using their names.  So they usually put out tips to help their consumers avoid scams. If you are ever not sure whether something is a scam or not, go to the official website of the company in question and read articles or contact support on the matter.
  • Last but not least, be careful who you give remote access to your computer: There is no way that you can hold someone accountable for any wrong doing if you cannot see them or find them. So, before you give someone remote access to your computer, think about the potential risk to your personal information or finances. Never put convenience before computer security! If you really need computer help, it is better to get help from a local, trusted source whenever possible.

By now, you probably have figured out that computer security is an ongoing real-time process. And, just like driving, we have to stay vigilant, follow some guidelines and be able to identify and steer clear of potential hazards. We hope you found this article useful. If you know someone who can benefit from this knowledge, pass it on!

Windows 7 Support Ending

| February 19, 2019

According to Microsoft, they will stop providing security updates for Windows 7 after January 14, 2020. What does this mean for Windows 7 users and why must you upgrade to Windows 10? As the name suggests, security updates are software updates designed to fix any issues found in the Windows system that can make it easy for computer viruses and hackers to compromise your computer.

Windows 7

Without these updates, a computer becomes a major security risk especially when connected to the internet and it becomes progressively difficult to repair. So, if you still use Windows 7, it is time to start thinking about upgrading your computer to Windows 10, or maybe just bite the bullet and get a new Windows 10 machine.

We are here to help if you have any questions about upgrading to Windows 10, or if you need help with the transition to a new Windows 10 computer.

Is My Computer “Dying”?

| October 23, 2017

People ask us this question from time to time. While it is impossible for us to know for sure if your computer is dying without doing any diagnostics, we have a few pointers that might help you identify instances when your computer needs immediate attention. But before we get into that, there are a few exceptions worth mentioning. Some of the warning signs we will cover here can also be caused by an over active Antivirus, bad virus or bad software configurations. So keep in mind that the real cause of these warning signs can only be established with proper diagnostics.

Since loss of data is the main concern for most of us when our computer crashes, we thought it would be useful to highlight the warning signs that are often associated with hard drive (computer storage memory) failure. The goal of this article is to hopefully provide you with information that could help you prevent data loss if your computer is not backed up. Ok, without further ado, here are some computer “symptoms” that you don’t want to shrug off in the order from bad to worse:     

The computer is slower than usual or freezing up during operation

  • If your computer is about 3 years or older, this could signify that your hard drive is failing. If you have not been backing up your data, you will need to do so while you still have access to the data, just in case the hard drive is failing.

Frequent startup issues

  • When it takes several attempts to get your computer started, a corrupt operating system might be to blame for the problem. But a failing hard drive might also be the problem. Your computer might start up after doing an automatic disc check, which could temporarily fix the start up. But, if the hard drive is going bad, this fix will be short lived.   

The blue screen of death

  • Sounds a bit ominous don’t you think? While a blue screen of death can be caused by viruses or software issues, it can also be a result of failing hardware. Again, in computers 3 years or older, if there was no significant changes in your computers software, you definitely need to have your computer checked for failing hardware such as the hard drive, RAM or even the motherboard.   

Computer Blue Screen Of Death

Stuck on a black screen with or without blinking cursor

  • This often occurs when the hard drive becomes inaccessible. This can be due to a corrupt file system or worst case, hard drive failure. When the screen is blank with no cursor, but there are signs that the computer is on, that can indicate RAM, video card or motherboard problems. If that is the case, your data might still be salvageable. So, get a computer professional to look at your computer to establish what exactly is going on.

Boot error, boot device not found /No boot device

  • Sometimes power surges or liquid spills (especially on laptops) can damage the hard drive and make it suddenly inaccessible. Those rare instances are the exception when it comes to the rest of the warning signs above. But in most cases you will see at least one or more of the warning signs above before you get the “no boot device” error message. By this time it might be too late for any simple inexpensive data recovery. Your computer can still be repaired if only the hard drive is bad. But data recovery will most likely cost a pretty penny at this point.

While looking out for these symptoms may help prevent data loss, the real solution is doing regular backups of your valuable data. We recommend using at least 2 backup devices interchangeably since there are some viruses that can compromise any storage device attached to your computer. Cloud backups like One Drive, Google Drive, Carbonite, etc. are some good options to consider in case of fire, natural disasters or even device theft. However, if you have not backed up your data and it looks like your computer is on the fritz, we hope you now know how to spot when a serious problem is imminent and take action to prevent unnecessary data loss.