Computer Security For Home Users

What is computer security? If you own a computer, you are probably familiar with computer security concepts like an Anti-Virus or Firewall. You might have even installed an anti-virus by yourself or with the help of a friend, or a computer tech professional, but did you know that this is just one small aspect of computer security?
Computer threats come in many forms. Some threats target vulnerabilities on the computer itself, and some, like phishing scams, target the user. In this article, we will explore some concepts and basics that can help you stay protected while enjoying the convenience your computer brings.

Computer Security

Understanding Computer Security

In order to understand the purpose of computer security, we need to take a step back and look at what is at stake – our personal information. Criminals want to steal our valuable information, and in the case of seniors, they want to scam them out of their life’s savings.
Unfortunately, one thing that an anti-virus cannot do is detect threats which circumvent the computer’s security by exploiting the user’s desire for convenience, fear or uncertainties about computers. So, for some users, there has been a gap in computer security involving the user’s inability to detect computer threats in which the attacker uses clever tactics to gain access to the user’s computer. According to the FTC, the total of money lost in computer related fraud was about 55 million dollars in 2018. This stresses why we need to demystify computer security and establish basic guidelines that anybody can follow to steer clear of computer related fraud.

phishing

Computer security is not only about preventing computer viruses, it is about protecting personal or privileged information and following safety guidelines that help us protect our money and our personal information while using computers. Your information is one of the most valuable commodities you have. It is the key to your identity and it can be the key to your money – so, you must protect it like you would protect any key to your valuables.

The Human Vulnerabilities in Computer Security

One of the toughest things to secure a computer against is phishing attacks and computer related fraud. This is mainly because these forms of computer attacks target the user and attempt to exploit what the user does not know, or exploit the user’s oversight and failure to verify things before taking action. Even some of the most computer savvy individuals fall for these types of attacks from time to time. So, when it comes to computer security, you can never be too careful.
Recently, there have been more instances where a scammer tricks unsuspecting users into giving the scammer access to the user’s computer over the internet. The scam artist may masquerade as part of Microsoft, Amazon etc., all in the hopes of exploiting the user’s assumptions, oversight or emotional vulnerability in some cases. Once the attacker gains access to the user’s computer, it’s too late in most cases. You have have to get into damage control mode quickly!

Most of the software used to gain remote access is legitimate software, so your anti-virus will not detect the software as a threat. Only an experienced computer professional can detect such Riskware (programs that can be used to cause harm in the wrong hands). Some users may not even realize that their computer was compromised. The attacker could go back into the compromised computer as they please. Sounds like fiction right? No it isn’t.
The goal of this article is not to induce fear, but to raise awareness and empower. These computer threats are real. Keeping people in the dark about these computer risks only perpetuates the problem. The best way to fight back is to raise awareness on these types of attacks and empower each user with practical security guidelines to help prevent such computer security threats.

Protecting Your Computer & Information

While there are some aspects of computer security that are best left to the computer professionals, there are things that you can do to help protect your computer. In addition to having a good anti-virus, we recommend the following safety guidelines to help you protect your computer and your personal information. In no particular order, here they are:

  • Keep your computer’s software up-to-date: Updates often contain security patches to help protect your computer. Always update your Web Browser, Adobe reader, Java, Office and your operating system e.g. Windows or Mac operating systems etc. If you are not sure how to do updates, get help from a knowledgeable and trusted source.
  • Clear your search history & cookies from your web browser(s): An attacker can learn enough about you to create a phishing attack or phone scam using your web history. In order to prevent this, it helps to get in the habit of clearing your web history and cookies regularly. However, before you clear your history and cookies; if you have websites that you automatically log into, make sure that you remember your usernames and passwords before you clear your cookies. Clearing cookies will log you out of any website that you automatically log into. So you will need to sign back in.
  • Do not always trust the internet: For all the good that comes with the internet, there is also the bad. It’s relatively easy for people to be anonymous on the internet. This makes it easy for scammers to cast a web of bait to lure unsuspecting internet users into a cyber trap. The only way to stay safe on the internet is by having a good Internet Security program and by always taking time to verify things before you take any irreversible action online.
  • Verify web addresses:  Before you conduct any important transaction online, verify that you are on the correct or official website. A misspelled web address can land you on a fake website that could be setup to steal your personal information or install malicious software on your PC.
  • Do not take emails at face value: Get into the habit of verifying emails before taking action. Always error on the side of caution when clicking on links or opening attachments, even if it looks like the email is coming from someone you know. Hacked email accounts can be used to spread malicious software as well.
  • Avoid spreading chain emails: Even though they can be a fun way to spread jokes among friends, that very same behavior can be exploited and used as a way to spread malicious attachments.
  • Be aware of tech support or customer support scams: If you get a random call from “Microsoft” or any computer manufacturer, it’s a scam!  These companies do not call you unless you contact them first. If you get a pop up telling you to call a number because your computer is infected it’s a scam! If you can’t close the browser or shut down your computer – hold down the power button until your computer shuts down (not always recommended). After that, contact a trusted local computer service to fix any security issues on your computer.
  • Beware of prepaid card scams: Always treat it as a red flag when someone you don’t know asks you to go and buy a prepaid card to send them money. Prepaid cards are often untraceable; therefore they can help scammers get an undeserved payday while remaining anonymous.
  • Backup Your Data Files: Backing up critical files is a big part of information security. Backups come in handy in situations where the hard drive crashes or situations where ransomware locks the user out of their files. Always detach your backup device when you are done backing up your files.
  • Be careful of what you download: The internet can be a dangerous place to download something just because the name sounds good or familiar. Here is why; a Trojan is a type of malicious software which is notorious for being disguised as useful software. So, names like “Perfect Driver Updater”, “My Private Network”, “Search Protection” or “Free Network Security”, etc. may sound appealing, but they can also be a perfect delivery system for malicious software. Before you download anything, do your research on the download and on the reputation of the site that is offering that download. Use web tools like Norton’s Safe Web to check a websites reputation and unbiased customer feedback before downloading anything new.
  • Research and educate yourself to stay on top of scams: Big companies like Microsoft, HP, Dell, Amazon, PayPal etc. are usually aware of scams using their names.  So they usually put out tips to help their consumers avoid scams. If you are ever not sure whether something is a scam or not, go to the official website of the company in question and read articles or contact support on the matter.
  • Last but not least, be careful who you give remote access to your computer: There is no way that you can hold someone accountable for any wrong doing if you cannot see them or find them. So, before you give someone remote access to your computer, think about the potential risk to your personal information or finances. Never put convenience before computer security! If you really need computer help, it is better to get help from a local, trusted source whenever possible.

By now, you probably have figured out that computer security is an ongoing real-time process. And, just like driving, we have to stay vigilant, follow some guidelines and be able to identify and steer clear of potential hazards. We hope you found this article useful. If you know someone who can benefit from this knowledge, pass it on!

Windows 7 Support Ending

According to Microsoft, they will stop providing security updates for Windows 7 after January 14, 2020. What does this mean for Windows 7 users and why must you upgrade to Windows 10? As the name suggests, security updates are software updates designed to fix any issues found in the Windows system that can make it easy for computer viruses and hackers to compromise your computer.

Windows 7

Without these updates, a computer becomes a major security risk especially when connected to the internet and it becomes progressively difficult to repair. So, if you still use Windows 7, it is time to start thinking about upgrading your computer to Windows 10, or maybe just bite the bullet and get a new Windows 10 machine.

We are here to help if you have any questions about upgrading to Windows 10, or if you need help with the transition to a new Windows 10 computer.

Is My Computer “Dying”?

People ask us this question from time to time. While it is impossible for us to know for sure if your computer is dying without doing any diagnostics, we have a few pointers that might help you identify instances when your computer needs immediate attention. But before we get into that, there are a few exceptions worth mentioning. Some of the warning signs we will cover here can also be caused by an over active Antivirus, bad virus or bad software configurations. So keep in mind that the real cause of these warning signs can only be established with proper diagnostics.

Since loss of data is the main concern for most of us when our computer crashes, we thought it would be useful to highlight the warning signs that are often associated with hard drive (computer storage memory) failure. The goal of this article is to hopefully provide you with information that could help you prevent data loss if your computer is not backed up. Ok, without further ado, here are some computer “symptoms” that you don’t want to shrug off in the order from bad to worse:     

The computer is slower than usual or freezing up during operation

  • If your computer is about 3 years or older, this could signify that your hard drive is failing. If you have not been backing up your data, you will need to do so while you still have access to the data, just in case the hard drive is failing.

Frequent startup issues

  • When it takes several attempts to get your computer started, a corrupt operating system might be to blame for the problem. But a failing hard drive might also be the problem. Your computer might start up after doing an automatic disc check, which could temporarily fix the start up. But, if the hard drive is going bad, this fix will be short lived.   

The blue screen of death

  • Sounds a bit ominous don’t you think? While a blue screen of death can be caused by viruses or software issues, it can also be a result of failing hardware. Again, in computers 3 years or older, if there was no significant changes in your computers software, you definitely need to have your computer checked for failing hardware such as the hard drive, RAM or even the motherboard.   

Computer Blue Screen Of Death

Stuck on a black screen with or without blinking cursor

  • This often occurs when the hard drive becomes inaccessible. This can be due to a corrupt file system or worst case, hard drive failure. When the screen is blank with no cursor, but there are signs that the computer is on, that can indicate RAM, video card or motherboard problems. If that is the case, your data might still be salvageable. So, get a computer professional to look at your computer to establish what exactly is going on.

Boot error, boot device not found /No boot device

  • Sometimes power surges or liquid spills (especially on laptops) can damage the hard drive and make it suddenly inaccessible. Those rare instances are the exception when it comes to the rest of the warning signs above. But in most cases you will see at least one or more of the warning signs above before you get the “no boot device” error message. By this time it might be too late for any simple inexpensive data recovery. Your computer can still be repaired if only the hard drive is bad. But data recovery will most likely cost a pretty penny at this point.

While looking out for these symptoms may help prevent data loss, the real solution is doing regular backups of your valuable data. We recommend using at least 2 backup devices interchangeably since there are some viruses that can compromise any storage device attached to your computer. Cloud backups like One Drive, Google Drive, Carbonite, etc. are some good options to consider in case of fire, natural disasters or even device theft. However, if you have not backed up your data and it looks like your computer is on the fritz, we hope you now know how to spot when a serious problem is imminent and take action to prevent unnecessary data loss.

Email Spoofing & Phishing Attacks

Spoofing Emails Targeting Office365 Users

Spoofing emails are a big problem these days leading to compromised personal information and sometimes devastating financial loss. If you want to protect yourself from spoof emails, it helps to know what a phishing, or email spoofing attack looks like. So we have a great example for you here! One of our clients got an email recently that looked like it was from Microsoft about their Office 365 account. Looking at this email from the view point of someone who is not familiar with phishing or spoofing attacks, it is easy to see how people often fall for these spoof emails. So, we are going to break this email down in a way that that will hopefully help you, your friends or employees detect email spoofing.

Email Spoofing

Misspelled or Incomplete Email Address

The first give away on this email was the incomplete email address. The email appears to be from Microsoft, but its missing the .COM at the end of the email address. This can be very easy to miss especially if you just take a quick glance at the email.

Spoofing Logos / Fake or Abused Logos

Secondly, the logo was a bit off. If you look up the real Office365 logo you will know what I mean. The font is not right and the real Office365 logo does not even have the word Microsoft in front of it. But the color of the “logo” and the careful placement of the word “Microsoft” could make this “logo” evade a quick “sniff test.” This logo is placed there to give the spoof email an official look. By mimicking a trusted source, the spoof engineer hopes that their fake email will evade detection.

Masking Rogue Website Links

Last but definitely not least is the link. If you get any email with a link, you can check where the link goes just by hovering your cursor over the link. But please do not click on the link, unless the web address is consistent with the source of the email, or unless you recognize the site. In this case, when we hovered over the link we noticed that the “Cancel Disable Process” link did not go to Office 365. Therefore, my educated guess is that this link will either lead to a fake page that looks like your Office 365 login, or it will lead to a page that will deliver a nasty virus payload to the PC.

This is just one example of an email spoof, but as you can imagine, email spoofing comes in many forms. The biggest take away here is to look for consistency. Just because an email has a Microsoft, IRS, Chase, Fox News, or Bank of America logo does not mean it’s coming from that source. Always check for consistency before you click on any email links. If you just get in the habit of checking the 3 things highlighted by the red arrows in our example, you will be able to enjoy your emails without becoming a victim of phishing or email spoofing.

Automatic Windows 10 Upgrade

Recently many Windows 7 and Windows 8.1 users have been waking up only to find a new Windows 10 upgrade on their computers. To some, this may not be a big deal, assuming that the upgrade went well. However, sometimes the upgrades do not always go well due to incompatibility with the user’s choice of Anti-virus, or hardware that might not be supported by Windows 10. So, if want to have some control over when your computer upgrades to Windows 10 read on.

Imagine the “horror” if you were nicely content driving an automatic car and then you wake up one morning to a manual car that you do not have any experience with? That would be me! Manual transmissions HORRIFY me! Now, don’t get me wrong, I can put a boogie down to a beat, but let’s just say my coordination skills are immune to development when it comes to a stick shift! So, should I ever wake up to a stick shift, my wife will be driving – no ifs, ands or buts about that! At that point, she is the man! I will be happy riding shotgun like a pro! I imagine a sudden upgrade to Windows 10 might feel that way for some users. So, if you don’t want to be caught off guard, or you want to upgrade to Windows 10 at your own pace, this might help.

Why You Could Get The Windows 10 Upgrade Automatically

Most computers have a default setting to receive automatic updates, which is recommended to help keep current on bug and security fixes for your PC. The Windows 10 automatic upgrade has been coming in as part of these automatic updates, which are usually set to occur around 3 am. So, if you are not quite ready to upgrade to Windows 10 you have two options:

  1. Turn off your computer at night, or
  2. Exclude the Windows 10 Upgrade from your Windows Updates

The first option is straight forward, but you will still need to keep an eye on those automatic updates. The second option is the best option – for now at least, but it requires a few more simple steps. So let us get straight to it:

How To Stop The Automatic Windows 10 Upgrade For Windows 7:

  • Click on the Start Menu button
  • Click on All Programs
  • start-and-all-programswin-update-update
  • Scroll through the list of items until you find Windows Updates
  • Click on the Windows Updates
  • check-updates
  • If there are pending updates, click on the important updates and see if Windows 10 Upgrade is listed
  • If Windows 10 is listed, just click to uncheck the box so that it’s not installed with the Updates
  • Windows 10 upgrade
  • If Windows 10 is not listed, go ahead and install the pending updates
  • Once the Updates are installed, go back through the process and see if there are any more updates. If not, click on check updates and see if any updates exist. If there are more updates, click on the important updates once again to see if the Windows 10 upgrade is listed – and if it is, you know what to do.

If you have Windows 8, you may be better off upgrading to Windows 10. Windows 10 is actually more user friendly than Windows 8 in my opinion. Windows 10 upgrades go through just fine in most cases with no glitches. But if you are not sure if your Anti-virus might affect the upgrade, or if you have rare or expensive proprietary software that you are not sure will work with Windows 10, you may want to have some control over the upgrade of your PC to Windows 10. So, hopefully this helps. As the good ole technical adage goes, “If it isn’t broke, don’t fix it!” Best of luck!