New Video Tutorial: Is This OK to Click on?
I’m asked how to identify malware, a lot. I’ve created a video to explain what to look for. Here’s a start on how to identify credential theft pages, ransomware downloads, and hoax pages.
I’m asked how to identify malware, a lot. I’ve created a video to explain what to look for. Here’s a start on how to identify credential theft pages, ransomware downloads, and hoax pages.
That’s right, Science Translations, PC410.com, Startupware, even Graphcat, aren’t shutting down for Covid-19. And also, it’s remote work only for the duration of the emergency. Literally not going anywhere. All remote computer repairs, Windows tuneups, malware cleanups, and Windows upgrades are still possible and routine as long as the problem isn’t the internet connection itself. As for hardware, drop shipments are still working, and remote configuration is also available.
Working from home? FREE OFFER to new and existing customers, LOCAL ONLY: Free half hour of remote setup time for Splashtop Remote Access, plus a coupon for an extra free month on the Splashtop annual subscription. Local here means within my usual service range for onsite work once normality resumes its traditional limits, so that’s Carroll County and the north and west sides of Baltimore County. Daytime hours only, 9 to 5.
For more on the non-medical side of Coronavirus/Covid-19, read my March 10th newsletter, also free, available here: https://www.startupware.com/newsletter/
And for those who aren’t local, the discount coupon for Splashtop is also in the March newsletter.
There’s some nasty malware showing up in inboxes right now, disguised as fake receipts and documents, or delivered on web sites from a very fake ‘You must update your… ‘ message. While these have always been a major source of computer attacks, the current batch deserves special prevention and backups. CryptoWall 2.0, CryptoLocker, and other ransomware arrive quietly, encrypt all your documents in the background, and then place a ransom notice on your screen, asking for payment in Bitcoins or an untraceable money order. The encryption is not breakable on most variations of this ransomware; the best defenses are to never work with an administrator account (use ‘standard’ or ‘limited’), and to backup your entire computer on a schedule, and unplug the backup device between backups–these programs encrypt every document they can see, even on backup drives and networks.
We have more information on prevention, either do-it-yourself or as a service, here. And we can help with the cleanup, in central Maryland.
You would think that the malware pushers would know better than to place a phone call to a company that specializes in cleaning up malware and try to lie to us. Nope. So here’s what’s happening:
The phone rings, I answer, and manage to start recording right after. The standard LIES are that they’re from Microsoft, and are in the US, and can see viruses in your computer, and can clean them up, and can be trusted, and, on and on–all wrong. The skill level of whoever wrote the script is high enough that they do point to screens that do show information that is sufficiently technical that it looks scary. They take you to the ‘event log’–that’s a list of routine stuff. Not scary unless the computer is already spitting sparks out the front.
Don’t try this at home. The result of letting these guys actually play in your PC are not pretty for your computer or your credit card. When you get this phone call, just hang up.
With all the work that webmasters put into responsive designs, for web sites that stay readable at every size, there are just so many that aren’t readable–they’re scrolling off the sides, or the bottom, or the text is too small. The fix for that is the ZOOM feature in all the major browsers, including Internet Explorer, Mozilla Firefox, and Google Chrome. Here’s a reminder guide of how to zoom in (make everything bigger), zoom out (smaller), or just put browser magnification back the way the webmaster intended it to be (reset).
Here are the zoom settings again:
And while using Control with the top row of keys is easy to remember, these keyboard shortcuts also work on the numeric keypad, as long as you include the ‘Control’.
Today’s mail includes a new variation of an existing scam. A simple message, apparently coming from your own email server, reporting the arrival of a fax message. Note that it’s all super-generic; the from address is fax@ (your email domain here), and the return address is (probably random) blopez27@ (your email domain here). The download link is through Google’s goo.gl link shortening service, but other domain shorteners are likely also in use–note the reference to Dropbox in the email–OOPS!
Don’t Do What I Did–I Am A Professional
OK, I followed the link. it led to a ZIP file, and I downloaded it. Again, don’t try this at home.
Then I opened the file. It contains one file, ‘Document-2816409172.scr’. I did NOT open that file.
A fax would typically be an image file, probably PNG or TIF or JPG format. It will not be inside a ZIP, because ZIP files compress or bundle other files, and image files are already compressed as much as they can be, so zipping them makes them slightly larger–there’s no logical reason to zip a fax image.
An SCR file is a Windows screen saver, and it can contain scripting and program code. It’s potentially very dangerous.
So, for those of you who still use 20th-Century image transmission technology, er, faxes, be advised of these facts:
OK, all of this should be obvious, but if no one is falling for the scam, then why haven’t the senders moved on to the next evil idea?