Kirby's Computers of Maquoketa Iowa

Home   Software   Learning Center   Virus news

 

 


Here you will find information on the latest virus and security threats.  News will remain on this web page as long as I am still seeing the threats.

September 15, 2017

I am seeing a rash of fake tech-support problems lately.  These come in 2 different forms.  The first is a phone call.  Someone will call you saying that they've detected a problem with your computer and offer to help.  This is ALWAYS a scam.  Nobody will EVER call you to inform you about a real problem with your computer.  Why?  Because it is impossible to do so.

There is only one company in the entire world which can both detect a problem with your computer AND figure out who you are, thus, how to contact you.  That company is your Internet Service Provider (ISP), in this area usually Centurylink or Medicom.  To be clear, if the CIA detects something on your computer and wants to contact you about it, THEY have to contact your ISP to ask them who you are.  And your ISP will not just hand this information over.  They require a court order to get the information.  What this means is that NOBODY can detect a problem with your computer and give you a call about it except your ISP.  But their business is providing Internet service, not fixing computers.  So they WILL NOT offer to fix it for you.  If they detect that your computer is sending out viruses they will contact you about it, but it won't be a friendly call offering to help.  You will try to get on the Internet one day and, instead of the web page you tried to go to, you will get a nice little message from them saying that they have detected that your computer is sending out viruses and they have shut off your Internet.  To get it turned back on, you have to fix your computer and call the number on your bill to tell them it's fixed and then they'll restore your service.  They will NEVER offer to help.  That's not the business they're in.

The second is a warning popping up on your computer with a scary message about an infection being detected.  This warning gives you a phone number to call to fix it.  The message is very scary, telling you not to close the message, disconnect the Internet or shut off your computer.  They don't want you to do those things because that is how you make their fake warning go away.  This is also ALWAYS a scam.  You are looking at a web page.  Nothing more.  A web page cannot detect issues with your computer.  At least not without initiating a scan from a web page and jumping through multiple security hoops to get the scan going.  NEVER call a number your computer gives you.  Your computer is not a phone book.  It didn't get that number from a legitimate listing.  That number came from the people pushing the warning on your screen.

If you do call the number, again, they will offer to help.  They will direct you to a page to allow them to log into your computer.  They will do a bunch of technical looking things that seem scary and then they will tell you that they've found a serious problem.  There are hundreds, perhaps thousands of these people out there, so the way they sell it differs.  In once case the guy told a customer of mine that she had half an hour to fix the problem or her computer would just stop working and she wouldn't have one.  In many other cases they tell the customer that their data is at risk.

So how can you know if it's a scam?  Tell them to hold on while you call your computer guy to get his opinion.  They will immediately start telling you that it's a problem only they can fix, that a local computer guy doesn't know anything about this problem or some other lie.  So just tell them that you just want your computer guy's advice first and you'll be right back with them.  They will again insist that you don't need to do that and it would be a waste of time.  Some get angry, some get desperate, but ALL try to prevent you from getting a second opinion.  NEVER TRUST ANYONE WHO DOESN'T WANT YOU TO GET A SECOND OPINION!

January 28, 2013

I just got a fake email reporting to come from Facebook telling me there was a problem with my account and that I needed to log in to fix it.  The link takes me to a hacked web page, which then redirects me to the actual attack page.  This page tells me that I need a plugin to view the content, attempting to get me to download and install the virus.  NEVER click on links in emails telling you that there is a problem with your account.  If you believe it may be real, close the email and open your account directly the way you always go to it, not by clicking on the link in the email.  And NEVER download and install any plugins when you go to a web page and it says you need one to view the content.  Almost never will this be legitimate as most web pages are designed to be viewable, at least in part, without any plugins at all.

 

January 14, 2013

An exploit has been found in Java which is fixed in the latest version.  This is a very serious security issue.  You should update to the latest version of Java, Java Version 7, Update 11, IMMEDIATELY.  You can find the latest version at http://www.java.com/.  When you have updated to the latest version you should go to your Control Panel and, in Windows XP, Add and Remove Programs or, in Windows Vista or Windows 7, Uninstall a Program or Programs and Features (depending on the view settings in the Control Panel) and uninstall any older versions of Java.  You have have the same version installed twice, one 32 bit and one 64 bit and the 64 bit version is far more likely to be out of date.  If you do not use a 64 bit browser it is recommended that you uninstall the 64 bit version of Java and do not reinstall it.

NOTE: There are still security vulnerabilities in Java which have not been addressed and it may take up to 2 years to get them all patched.  Security experts are warning that if you don't use any websites which use Java it is best to leave it disabled or uninstall it until all the security vulnerabilities are addressed.  Java is currently the most highly exploited program for infecting computers, at about 50% of all exploits found.  If you don't need it, it might be best to simply uninstall it.

 

January 8, 2013

The first threat I will mention is technical support.  I have been seeing this for months and I am still hearing about customers being scammed.  You may get a call from a company claiming to be Microsoft, Dell, HP or some other company with a big name in computers, or you may actually call one of these companies or what you think to be one of these companies, perhaps getting referred to another support number.  While how you get there changes, what happens when you're there does not.

The support person, almost always with a heavy Indian accent, will tell you to go to a web site which will allow them to log onto your computer to help you with your problem.  They will tell you this is free.  Once they are logged onto your computer some of them install vast amounts of spyware and malicious software, but all of them tell you that they have found viruses on your computer.  They then ask you for several hundred dollars for a year or more of protection.  I have heard instances of them trying to sell subscriptions to Microsoft Security Essentials, Microsoft's FREE antivirus software.  I have even had a customer who bought an antivirus product for $30 only to find out that it was what is known as a "rogue security program", a program which, instead of protecting you, is actually the type of software antivirus usually protects you from.

NEVER let anyone you don't know log onto your computer.  ONLY ONE company can detect viruses coming from your computer, your Internet Service Provider.  They will NEVER offer to fix it for you.  They will normally send you an email saying nothing more than that you have a virus and giving you an amount of time to get it fixed before they disconnect your service.  They will not offer to fix it, nor will they offer to sell you anything to fix it.  Always remember that you can NEVER be sure that you are talking to who you think you are talking to.  You may THINK you called Microsoft or HP may have actually given you the support number, but if they want to log onto your computer, chances are it's not them.  And the most important thing of all, NEVER PAY THEM.  You'd be better off giving your money to a charity rather than a scam artist.

Another newer threat I have seen is not computer related, but even more dangerous.  You may get a call saying the IRS wants to talk to you and to press 1 to talk to a person.  They will know your name.  My wife got this call asking for me.  DO NOT GIVE THEM ANY INFORMATION! She did not talk to a person, so I don't know what they ask for, but tax return fraud is at an all time high right now, so undoubtedly they are seeking information they can use to file fraudulent tax returns.  Also keep in mind that when you file your tax returns you give them your address, NOT your phone number.  The IRS generally communicates via the US Post Office, not telephone.

 

Always relevant: Phishing attempts

Topping the "Always relevant" section is a threat which will always be there.  It comes and goes and comes in different forms, but it has existed non-stop for years and will continue to exist for years to come; email phishing.  Phishing attempts are generally pretty easy to spot if you know what to look for.  Some are more elaborate than others, but the signs are always the same.

First, a phishing email will seem to come from an official source.  Some place like a bank, a credit card company, FedEx, UPS, the Post Office, Microsoft or some place where you have an online account such as Facebook or an online game.  When you get an official looking email you need to ask yourself several questions before even opening it.  Have I gotten emails from this source before?  DO THEY HAVE MY EMAIL ADDRESS?  That last one is an important one.  How would the Post Office get your email address if you never gave it to them?

Next, look at the "To" part of the email.  Is there a long list of email addresses?  If so, this is a mass mailing.  There are only two possibilities if it's a mass mailing.  The first is that it's a newsletter or something similarly unimportant.  The second is that it's a scam.  There is no third possibility.  If the email went to many people it IS NOT an official communication of some problem with your account.  One such email I got was a mass mailing and it listed an account number and a due date for a credit card payment.  Obviously I don't share an account number with 20 other people.

If the source it appears to be coming from might have your email address and you think it might be legitimate then open the email and check for further signs of fraud.  The first thing to do is read it over completely.  Is it in perfect English?  Is everything spelled correctly?  If not, it's probably a fake.  These frauds are usually committed by people overseas in countries without extradition treaties with the US.  English is generally not their first language.  Lawyers write official communications for companies.  They rarely contain mistakes.  Capitol letters, punctuation, grammar and spelling will almost always be perfect.  And when not perfect, they will be close enough that you have to look hard to find the mistake.

Next ask yourself what kind of information this source has about you.  Do they know your name?  Do they know your address?  Do you have an account number with them?  If so, is any of that information in the email?  Your credit card company will not address you, "Dear Sir or Madame", they will address you by your name and account number.  Some fraudulent emails will give an account number.  Is it the RIGHT account number?  Do you recognize it?  Just because they give an official looking account number doesn't mean it's a real account number.  One email I have seen claims that the United States Postal Service has an undeliverable package and they need you to download a form to claim it.  Who doesn't want a mystery box?  The problem is the USPS delivers packages to specific people at specific addresses, but the email uses neither a name or an address.  They don't deliver email.  How would they know they had a package for me if they don't know my name or address, just my email address?

Finally, NEVER trust a link or download in an email.  If there is a problem with your online account, by all means, check it out.  But DON'T do it by clicking on the link in the email.  Close the email, open the your browser and log into your account the way you always do, by typing it in or through your own bookmarks.  Then you can be sure that you are going to the right place.  If they want you to download something chances are it's a scam.  There are a few legitimate reasons you might be sent an attachment, but very rarely are there official reasons in emails you get out of the blue.  For instance, companies will generally NOT send your financial information over an email.  If the attachment is supposed to be financial information, it IS NOT.  Email is not secure and sending financial information through the email is a good way to get your identity stolen.

 

 Older

One threat that has been around a while, but that I still see all the time is rogue security and maintenance software.  NEVER trust a software that will scan your computer for free and ask for money to fix what it finds.  Without exception EVERY one of these programs I have ever tested has been dishonest about the severity of the "problems" it found.  These programs usually do make changes when you pay for them, but the changes usually have little to no effect on how your computer runs and the "problems" they find are generally irrelevant non-issues.  This is ESPECIALLY true for supposed antivirus software.  If a program is telling you that your computer is infected with something and asking for money to fix it THIS IS MALWARE.  It will NEVER be legitimate software.  In short, the software telling you that your computer is infected IS the infection.  NEVER PAY THEM!  The FREE software under the Software/Security section of this website can remove some of these infections automatically.

I DO NOT recommend a registry cleaning software.  Cleaning out your registry has little to no good effect on your computer and can cause problems if the wrong thing is deleted.  If you must use one, use CCleaner listed in the software section of this site.  It is free.

 The same is true for programs to help you keep your drivers up to date.  One such software I tested on a brand new computer I had just built and tested myself claimed that of the 6 drivers I had just downloaded the latest versions of, 26 were out of date.  How I had 26 of 6 drivers out of date after getting the latest versions directly from the manufacturer's web site they did not explain.

One problem I don't see too much any more is the FBI warning.  It warns that the FBI detected some non-specific illegal activity originating from your computer and if you do not pay a "fine" they will press charges.  If you pay them, they WILL NOT go away.  The warning will go away for a month or so, but it will be back, demanding more money.  Just for the record, if the FBI finds you've committed a computer crime, they will show up at your door with an arrest warrant.  They will not extort $200 out of you to settle the charges.