Online COVID-19 Scams to Be Aware of

Covid Scams, Hacking, malware, Ophtek, Security, Security Threats, , , ,
19
Jan 2021

 

COVID-19 has changed the way we live our lives and, not surprisingly, hackers are trying to take advantage of the fear factor behind the virus.

No aspect of life is off-limits to a hacker; if they can turn a situation to their advantage then they will. And this means that all sense of morals and ethics go out of the window. COVID-19, of course, has caused great fear and panic since it emerged, so it’s a subject people take very seriously. And it’s this investment in fear that hackers are looking to exploit. As with most online scams, if it sounds too good to be true then it usually is. But some people are willing to take a risk when COVID-19 is mentioned.

COVID-19 Scams to Look Out For

You should be aware of the usual online threats to look out for, but here are the specific COVID-19 scams you should be aware of at the moment:

  • COVID-19 Vaccine on the Dark Web: Now that vaccines have been approved in the fight against COVID-19, hackers have decided to exploit this demand. And that’s why it’s now possible to find listings for the vaccine on the dark web. Naturally, you should never buy medicine online unless this has been approved by your healthcare professional and the site is genuine. Very little on the Dark Web – an encrypted form of the internet – is genuine, so any marketplace listings that promise a COVID-19 vaccine should be dismissed. 
  • Fake COVID-19 Mapper: Everyone has been intrigued as to the behavior of COVID-19 and its spread, so the opportunity to monitor its spread is appealing. However, hackers have used this curiosity to help spread their malware. Researchers have discovered a PHP malware dropper which disguises itself as a piece of COVID-19 mapping software. Using a compromised website, hackers encourage visitors to download and install the mapping software. But all that is installed is software which downloads further malware. 

How to Combat COVID-19 Scams

The urge to click on sensational news and promises regarding COVID-19 is strong, but it’s crucial that you think long and hard before clicking. There are numerous COVID-19 scams in the digital wild and they are only going to get more sophisticated. As with all online scams and malware, make sure you practice the following:

  • Install all Updates: Malware often takes advantage of outdated software, so make sure that all your software is up to date. All you need to do is install all updates and upgrades as soon as they become available – your PC should automatically prompt you to install these when available.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Beware of Online Tax Scams

Hacking, Ophtek, Phishing, Phishing Email, Security, Security Threats, Tax Scams, , , ,
05
Jan 2021

Many of us will have started preparing our tax returns and hackers are well aware of this. Therefore, it pays to be aware of the numerous online tax scams.

Nobody likes completing tax returns due to the vast amount of data involved. However, they’re essential for organizations to remain operating. And that’s why we spend hours and hours collecting receipts and details for transactions; this is where all the data builds up. Hackers, of course, like nothing more than getting their hands on huge amounts of data. This data can be used for both financial gain and damaging an organization. Accordingly, tax season is their hunting season.

Tax Scams to Look Out For

Countless tax scams are currently circulating in the digital wild, but these are the most common ones you will encounter:

  • Automatic Tax Payment Deduction: A number of emails have been discovered which claim to originate from the Income Tax Department. These emails falsely claim, in order to generate anxiety, that a tax payment has automatically been deducted from their bank account. An attachment is included which masquerades as a receipt for this transaction. Hackers hope that the recipient’s anxiety and confusion will cause them to open this receipt. Unfortunately, contained within this ‘receipt’ is a slice of malware named W32.Golroted. 
  • Fake Government Websites: A popular method for scamming victims out of money is by designing Government websites which look authentic, but are fake. Using information which has usually been stolen through malicious files or social engineering, these fake websites inform victims that they have received a tax fine. The only way to pay this fine is by wiring payment or purchasing general purchase reloadable cards. However, there is no fine to pay and all the victim will be doing is bankrolling the hackers. 
  • IRS Tax Return is Locked: The last few years have seen the emergence of a phishing email which claims that access to the recipient’s tax return has been restricted. The email is designed to look as though it has been sent by the IRS or, sometimes, the manufactures of the popular TurboTax software. The truth is that the email is fake and has been sent by hackers. The email will urge recipients to click on a link which will take them to a malicious website where their personal information will be stolen.

Staying Safe During the Tax Season

Despite the number of online tax scams it’s easy to stay safe during the tax season. All you have to do is follow these best practices:

  • Remember that the IRS will never contact you by email to discuss the nature of your tax return or your personal details.
  • Verify the true identity of any suspicious links by hovering your mouse cursor over the link. A popup will then display where the link will send you.
  • Never send personal documents to unsolicited email requests as it is likely that a hacker is trying to harvest your details
  • Emails that claim to be from official organizations, but do not use your name are to be treated as highly suspicious and should be deleted.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Five Signs That You’ve Been Hacked

Hacking, malware, Ophtek, Security, Security Threats, , , ,
29
Dec 2020

Having your organization’s network breached is a major cyber disaster, so identifying a breach quickly is crucial. But how do you know you’ve been hacked?

Protecting your organizations networks and data is essential, but with the huge number of hacks taking place it’s not easy. And if a breach occurs this can cause multiple problems for your business such as data theft, ransomware demands and damaged networks. When it comes to these attacks then there’s one factor which is essential: speed. The sooner you realize you have been hacked, the sooner you can set about cleansing your system. Hackers may be evolving their methods to become even stealthier, but there are still certain tell-tale signs that you’ve been hacked.

You may not be aware of these indicators, so we’re going to share five signs that you’ve been hacked.

What Are the Signs of Being Hacked?

The most obvious indicators of your PC being hacked are the following:

  1. Password Not Working: One of the simplest signs of falling victim to a hack is when your password isn’t working. Sure, there’s a chance that you’ve mistyped it or simply forgotten it, but alarm bells should start ringing if you’re convinced you’ve got it right. And, if you have activated two-factor authentication and this is also not working, it’s likely your login credentials have been breached. 
  1. Your Browser Keeps Redirecting: If you discover that your internet browser is behaving strangely then this is a sign you have been hacked. Your browser should, for example, open up with either your company home page or Google, but a hacked browser is likely to take you straight to a malicious website. Such a website will prompt you to download files in an attempt to infect your PC with malware. If this happens then you need to close the browser as soon as possible and advise an IT professional. 
  1. Your Anti-malware is Disabled: It’s unlikely that you will ever need to disable your anti-malware software, so any indication of this being disabled could signal a hack. After all, hackers want to make their life as easy as possible. Therefore, if they take control of your PC, the simplest way to download malware undetected is to disable your defenses. Make a point of regularly checking the status of your anti-malware software to stay safe. 
  1. A Mouse Cursor With a Mind of Its Own: Your mouse cursor should, if you’re not moving the mouse, stay still. You may occasionally get a small amount of movement from hardware issues, but any significant movement indicates a hack. If your PCs defenses have been breached then hackers can easily take control of your PC. And this can be evident from unauthorized activity taking place on the screen. So, if you find that applications are being launched without your permission, power off your PC and immediately get it investigated. 
  1. Your PC is Slowing Down: A PC can slow down when it’s processing multiple tasks at once, but one which is slowing down for no particular reason is one to be suspicious of. It could be, for example, that your PC has fallen victim to a botnet and your PCs processing power is being harnessed for attacks elsewhere. If, after restarting your PC, it continues to lag then it’s critical that you take the necessary measures to isolate that PC before looking deeper.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Google’s Password Checkup Aims to Secure Your Passwords

Ophtek, Password Security, Passwork Checkup, Security, , , , , ,
01
Dec 2020

Passwords are crucial in IT security and will remain relevant for the near future. But Google’s Password Checkup shows there’s always room for improvement. 

We all have a long list of passwords that we use to access various IT apps and services. They’re perhaps the simplest, but most effective step you can take in thwarting hackers. Without a password it’s almost impossible to gain unauthorized access to an IT system. That’s why social engineering and phishing emails have become so popular with hackers. And one of the major problems with passwords is that computer users have a tendency to recycle the same passwords for different IT systems.  

Passwords, therefore, have a number of flaws. Thankfully, Google have designed the Password Checkup app to verify the security of your passwords. 

What is Password Checkup?  

It’s difficult to keep up to date with the sheer number of passwords we use on a daily basis. The simplest way to combat this is to write all your passwords down, but this is one of the biggest password mistakes you can make. Now, instead of writing these passwords down, you can store them in your Chrome browser. As long as you’re running a Google account which is synced to your Chrome browser, you will be able to securely store your passwords. Naturally, this is useful for auto-complete password functions – although even this is risky – but the functionality doesn’t stop here. 

The most exciting and useful feature of Password Checkup is that it will automatically tell you if your login details have been breached. A sophisticated and clever password manager, Password Checkup is linked to a database containing in excess of four billion login credentials. These username/password combinations have all, at some point, been leaked online in large scale hacks. This could potentially mean that, for example, your existing Gmail credentials are visible online for anyone to see. With Password Checkup on your side, however, you will receive an alert in your Chrome browser that your login details have been breached. 

And, going back to the fact that many of us recycle our passwords, these Password Checkup alerts serve as a nudge to use unique passwords. After all, if a hacker knows that you have used the password “abc123” on your Gmail account, there’s every chance you may have used the same password on your Facebook account. Anything that reduces the time taken to breach an account is a win for hackers and you need to minimize this wherever possible. 

How to Use Password Checkup 

Password Checkup originally started as a standalone Chrome add-on and this continued to work until September 2020. The reason for retiring this add-on was down to Google deciding to build Password Checkup into the Chrome browser as an integral component. Therefore, the only way to access the Password Checkup service now is by using an up to date version of Chrome. You must, of course, sign into your Chrome browser with a Google account in order for your details to sync. Ultimately, using Password Checkup will make your online experience safer and securer. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More

Understanding the Basics of Botnet Attacks

botnets, Hackers, Online Security, Ophtek, PC Maintenance, Security, Updates, , , ,
03
Nov 2020

The internet has connected us to each other in a way we would have thought impossible a few decades ago. But these massed connections can be very dangerous.

The beauty of the internet is that one PC can connect to another PC with relative ease. And these connections allow us to pool resources, share information and provide services. The foundations of almost every web service are based upon collections of PCs all working together to deliver an end result. These are often automated tasks that allow a website to continue operating correctly. But the fact that these PCs are generally left to their own devices means they aren’t actively monitored. And this situation makes them a security risk.

Known as botnets, these collections of PCs can have their cumulative power put to use for the gains of hackers.

What are Botnet Attacks?

While most botnets combine harmless coding with hardware, malicious botnets are another matter. A malicious botnet can gain access to your PC via two methods:

Regardless of the strategy involved, the end result is the same: an infection which adds your PC to the hacker’s botnet. Naturally, the more PCs added to the botnet, the more powerful it is. And, with the infection in place, the hacker will have full control of your PC. This allows them to carry out the following tasks:

  • Spread across the rest of your organization’s PCs by executing malware in order to swell the numbers of the botnet
  • Loading fake adverts in your internet browser designed to trick you into providing financial details to malicious websites
  • Use the cumulative processing power of all the PCs in a botnet to carry out DDoS campaigns in order to take websites down
  • Generating spam emails to be automatically sent from your organization’s email server

How Can You Protect Against Botnets?

As you can tell, a botnet attack will do your organization no favors and will cause untold damage to other businesses it targets. Therefore, you need to put these precautions into place:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 3 4 5 6 7 47