A new virus has been spreading lately – mainly through email attachments disguised as shipping notices from UPS and the like. The trojan virus “ransomware” encrypts the computer’s documents, pictures, music and other personal files making them inaccessible. It then demands a $300 ransom be paid within a few days to decrypt the files, or the files become inaccessible forever.
Anti-virus programs have been mainly unsuccessful at detecting or blocking this new virus since it is rapidly changing and evolving, and the Anti-virus vendors are having a hard time keeping up with it. Since no anti-virus program is 100% effective at detecting viruses, you need to follow some basic computer safety tips so that you don’t get this new virus.
To help avoid from getting this new virus, follow the information in the following articles:
Computer users are prompted to install updates from programs such as Adobe Reader, Flash Player or Java. With many fake programs that try to convince people to download official-looking updates, it’s often hard to know what is safe to accept and install.
If you DO NOT have your internet browser open (Internet Explorer, Chrome, etc.) and you receive a prompt in the notification area just to the left of the clock on your computer’s taskbar that a program needs your permission to update, it is generally safe to do so. However, if you are being prompted to download or install something while you’re viewing a web site while your internet browser is open, it’s most likely a gimmick to get you to install adware or malware.
Consider signing up for our Computer Maintenance Plan to take away the worry of knowing which updates to install or not, and keep your computer up-to-date and maintained.
If you’d rather do updates on your own and want to check to be sure if an update is legitimate or not, below I have provided direct website links to the most common browser add-ons that that you are likely to need and are updated frequently. Read the installation prompts and check-boxes carefully and uncheck any extra programs or toolbars that you may be prompted to install.
• Adobe Flash Player– Used by websites such as Youtube.com and CNN.com to display videos. Official updates are usually presented as a pop-up box in the upper-left corner of your screen when you first start your computer.
• Adobe Acrobat Reader – Used by many websites to view and print official documents and manuals that have a file extension of .PDF. Official updates are usually presented by a notification icon on your taskbar to the left of the clock.
• Java – Used by most websites to allow programs to run on a website. Online games, dynamic maps, and customizable home pages using drag-and-drop and just a few examples of websites that use Java and/or Javascript. Official updates are usually presented by a notification icon on your taskbar to the left of the clock and sometimes along with a blinking notification about “jucheck.exe”.
• QuickTime – In April 2016 Apple advised that QuickTime will no longer be supported and contained security vulnerabilities. Therefore, QuickTime should be uninstalled. It was used by some websites to display video and/or audio, most commonly movie trailers and videos playable in iTunes. Used on Apple and non-Apple computers, official updates are usually presented by a pop-up box from Apple Software Update.
• Windows Update (link works only with Windows XP and Internet Explorer), on Windows Vista or newer go to Windows Update in the Control Panel – These updates fix security flaws and provide reliability updates for the Windows operating system. Windows Updates are usually downloaded and installed automatically on the 2nd Tuesday of every month. Occasionally some updates need to be manually installed and will show a yellow shield or light-blue icon in the notification area just to the left of the clock on your computer’s taskbar to prompt you to install the updates.
If you use an Internet Explorer based browser, sometimes a website may prompt you to download an ActiveX control – as shown below in the yellow bar between the address bar and the top of the web page. In this case be sure you are at a well-known trustworthy website, and read everything to make sure what the website is prompting you to install is really required in order to use the website. When in doubt – don’t do it. In the example below, I would not install an ActiveX control from “Shop at Home Select” because I don’t know or trust them.
AT&T recently began upgrading email accounts to a new look, and added a security feature that will help prevent the widespread hacking that has been occurring over the past few years. When the upgrade is ready, you will see the web page below if you access your “web mail” via http://att.yahoo.com/mail or http://mail.yahoo.com in a web browser. You may also access your web mail via the Mail icon on the AT&T/Yahoo or Yahoo home page. Click the “Switch Now” button to proceed with the upgrade.” If you only access your email through an program such as Windows Live Mail or Outlook you won’t notice the new look, however you should still enable the new SSL security feature described later in this article. You can click on the screen shots below to view a larger version.
To help prevent hacking of your email account, we recommend that that you immediately enable SSL. To do so, click on the gear icon on the upper-right corner of the upgraded web mail and select “Mail Options”. In the General section, click on the checkbox to the left of “Make your att.net Mail more secure with SSL (i.e. preventing others from accessing your account at Internet cafes)”. Click “OK” on the refresh notice, then click on “Save”. (See screen shot below).
Update 5/8/13: AT&T has announced a June upgrade to their web mail that may include a security feature used by most other email services that encrypts email over the internet between Yahoo’s servers and your computer. The option to “turn on SSL” would help prevent the account hacking problem that currently plagues the email service. As such, you may want to hold off on switching away from using AT&T/Yahoo Mail until the upgrade has completed to see if extra security has been enabled.
Due to ongoing security issues with AT&T/Yahoo Mail, and other problems we’ve seen with randomly disappearing contacts and a 2-step verification process that does not work, we are now recommending that AT&T/Yahoo Mail users switch away from using the service. The most logical alternatives are Hotmail/Outlook.com and Gmail.
We can help you make the switch in about an hour in most cases, including setup of your new email account on all of your computers and portable devices. If you’d prefer to do it on your own, keep in mind that if you’re using an AT&T/Yahoo email account, you should not delete the email account associated with your AT&T account since it is also used as your username for access to your AT&T services.
Over the years we’ve helped lots of clients who’ve had their email account hacked – typically a Yahoo, Hotmail or AOL account. They usually first notice the problem when they are contacted by someone in their email contacts about unusual requests for money or a gift card. Other signs that an email account has been hacked include:
Lots of emails from “mailer-daemon” in a short period of time
No new email in the Inbox, and being filtered to the Trash or Archive folder
Some or all previous email have been deleted
All contacts have been deleted
“Reply-to” address changed
All messages being forwarded to a different address
Email signature added or changed
The language changed to something other than English
When attempting to login to their email some have discovered that their password has been changed and they are unable to access their account.
If your Yahoo account has been compromised, below are some helpful links:
If you’re still unable to access your account after following instructions in the resources above, you can call Yahoo at 866-562-7219 or AT&T at 800-288-2020.
It’s important that you DO NOT use your email account to send messages until you are absolutely sure that the hacker no longer has access to the account, all changes that were made are reversed, and two-factor authentication is enabled on the account to prevent future unauthorized access. If you need professional help with getting your email account back and everything fixed, give us a call.
In light of recent media attention to the security vulnerabilities in Java, it is recommended that you disable Java in your web browser to minimize the risk of infected websites using Java to access your computer. But you first need to check your current version of Java and update to the latest version in order to disable it.
If you do not see Java in your computer’s Control Panel, the Java Control Panel applet may be launched by finding and running javacpl.exe manually. This file is likely to be found in one of the following folders on your computer: C:\Program Files\Java\jre7\bin or C:\Program Files (x86)\Java\jre7\bin.
Java is used in very few websites. The most common websites that use Java on your computer in order to work properly include many game websites, 3D mapping, financial trading and business specific applications. If you need Java for a specific website, consider adopting a two-browser approach. If you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox, and then using an alternative browser (Chrome, IE9, Safari, etc.) with Java enabled to browse only the site(s) that require it.
Please Print This Article and keep this list near your computer to remind you of common computer scams that can cost hundreds to thousands of dollars to unknowing individuals.
Calls from Microsoft. If you get an unsolicited call from someone claiming to be from “Microsoft”, “Windows”, “Apple”, “Google”, “Amazon” or any other well-known name, and claiming that there are problems with your computer or account – it’s a scam. The Federal Trade Commission has been cracking down on telemarketers masquerading as major computer companies that scare people with false claims that their computer or security is in danger, and eventually offer to fix the problem for a few hundred dollars. See Avoid Tech Support Phone Scams.
Remote support scare tactics lure you into paying to fix non-existent problems. Similar to companies in the scam mentioned above, there are foreign companies that advertise on search web sites such as Yahoo or Google that may help you with your initial problem, but then claim that they detect severe problems with your computer and attempt to coax you into a yearly tech support plan often costing hundreds of dollars. A recent variant of this scam has popped up on compromised websites which displays a warning message claiming that your computer has a severe problem and that you need to call a number displayed on the screen in order to fix it. See Learn how to spot scams that pop-up on your screen and Companies Pushing Tech Support Yearly Fee.
Deceptive ad links that show up in internet search results – Click to view larger image
Unusual/unexpected email from people you know. You may receive an email from someone you know asking for money, asking you to “check out” something on an unfamiliar web site, or asking you to open an unsolicited document. In these cases the email account of the sender has been hacked, and the hacker/scammer is sending emails to all of their contacts in attempt to get money directly via wire transfers, or indirectly via spam schemes. See Email Spam From Someone You Know Links to Websites That Hack Your Password.
Unusual/unexpected email from a business. You may receive an email from a business such as UPS, Amazon, United Airlines, Verizon, Apple, Google or PayPal that confirms a large transaction or delivery of an item, or a problem with your account. The email attempts to lure you into clicking a button, link or attachment in the email that would ultimately install malware or a virus on your computer. Others may simply ask you to reply to the email and give your email login credentials, which would ultimately result in a hacker being able to access your email account. See How to Spot Fake Email From Legitimate Companies, and Emails that Phish for Your Login Credentials On The Rise: What You Need To Do To Stay Safe.
Email account password hacking due to password re-use. Your email account can easily be hacked if you use the same password to login to your email as you do any other website that is vulnerable to hackers. See the dangers of using the same password for different websites.
If you think you’ve been a victim of a computer scam and need help or advice, please contact Computer Techs at 775-624-6888 or contact your technician.
If you have the free version of AVG AVG Anti-Virus, recently it has been prompting to install the newest update for 2013. If you have not yet installed the update, below I give instructions on how to install the free version, which is not the default installation. The default installation installs a 15-day trial to AVG Internet Security (which I do not recommend), after which an annual fee is required to keep the program up-to-date.
Select the “Basic protection” button before clicking “Next” when you see this screen.
UNcheck the 2 boxes that add optional toolbars to your browser and change your default search engine before clicking “Next” when you see this screen.
If you have already installed AVG Internet Security Trial and you wish to revert back to the free version, see this article.
We have seen many emails appearing to come from legitimate companies with unexpected order confirmations or cancellations and account balance notifications – all with shockingly high dollar amounts that peak the curiosity. These emails are the latest tricks by spammers to lure people to open the email and visit a malicious website that spreads spam and malware. This tactic emphasizes an important computing safety tip: Never click on links in email unless you are absolutely sure about what website the link will take you to.
Some of the companies that are represented in the phony emails include UPS, Amazon, PayPal, Verizon Wireless and US Airways.
How to tell where a link is pointing to. The link below initially looks like it will direct you to the www.ebay.com auction website. But if you hover your mouse over the link text you should notice text along the bottom-left bar of your e-mail client or web browser that shows where the link actually points to – which in my example will take you to Computer Techs’ contact information page.
When you click on the screen shot below you can see an official looking e-mail I received that appears to be from “eBay”. I hovered my mouse over the link “Proceed to Account Update” and the status bar along the bottom-left corner of my web browser shows that the link does not point to a legitimate eBay web page, but rather a long link that happens to have the word “ebay” in it to fool the recipient.
If you receive a questionable email, never click on the link in the email. Instead open your web browser and go to the company’s website by manually typing their website address into the address bar.
Over the years we’ve been contacted by dozens of clients who have had their email account hacked and sending out spam to all of their contacts. This happened shortly after clicking on a link in an abnormal email from someone they know. The website that the link opens typically shows a video while capturing email address and password credentials, then hackers log into the email account and send similar spam emails to all of their contacts.
The subject line of the emails are vague in hopes that you’ll be curious and open it. Examples include:
– Hey
– Hi
– fwd:
– re:
Some of the phrases in the body of the emails include:
– wow this is amazing look into this [link]
– this is awesome [link]
– wow can you look at this [link]
– wow this is crazy check it out [link]
– this is pretty amazing you should give it a look [link]
– [link only]
Other variants coming from the email address from someone you know include links to an unknown website that will:
– Ask you to enter your email login credentials in order to view a document or photo
– Ask you to install Java or Flash Player in order to view the website
The methods above are tricks to get you to divulge private information or to install malware on your computer.
Security reminder: Do not click on links in an email that you are not expecting or if you are not absolutely sure that the link will open a trustworthy website. If you discover that your email account has already been hacked, see our information about what to do if your email account has been hacked.
A new virus has been spreading lately – mainly through email attachments disguised as shipping notices from UPS and the like. The trojan virus “ransomware” encrypts the computer’s documents, pictures, music and other personal files making them inaccessible. It then demands a $300 ransom be paid within a few days to decrypt the files, or the files become inaccessible forever.
Print This Article
