CryptoDefense Ransomware Virus

As we have provided previously, there has been a bad virus running around for a few months. The virus targets Microsoft Office files, text files, pictures, videos and PDFs.  If infected, the virus will encrypt these files and hold the victims data ransom.

The latest iteration of the cryptolocker virus is known as “CryptoDefense.”   Symantec has analyzed the program and discovered the file encryption is a 2048-bit RSA key.  The virus creators are Microsoft’s infrastructure and Windows API to generate the encryption and decryption keys.  The extortionists are demanding $500 BITCOIN to be paid within a few days.  If you don’t pay on time, the ransom doubles.

According to Jeremy Kirk of Computer World, Symantec has “estimated the cybercriminals received more than $34,000 worth of bitcoin in just a month, showing the effectiveness of their scam.”

In November 2013, the United States Computer Emergency Readiness Team (US-CERT) has issued Alert (TA13-309A) which outlines details and recommendations for dealing with CryptoLocker Ransomware Infections.   See: https://www.us-cert.gov/ncas/alerts/TA13-309A

Our recommendation is to ensure you have a current on-site and off-site backup.  Frequently update and verify your backups.  Non-compressed backups (or copies) of your files stored on an external hard drive will fall prey to the malware if your system is infected and the drive is plugged in.  Off-site backups which use a mapped drive also can become infected.

Source: http://www.computerworld.com/s/article/9247348/CryptoDefense_ransomware_leaves_decryption_key_accessibleLarge-CryptoDefense

Ransomware CryptoLocker

CryptoLocker

Ransomware is a type of malicious software designed to block access to your computer system or files until a sum of money is paid. This type of malware typically targets individuals.  We are starting to see more business computers targeted.

The current greatest ransomware threat continues to be Cryptolocker. Cryptolocker started appearing in late September 2013. Once the system is infected, the malware encrypts most or all the users data files, making the files inaccessible.  The ransom ranges from $300.00 to $3000.00 US dollars. There is currently no way to decrypt the files as the encryption key is randomly generated.

It is important to note CryptoLocker will encrypt any data files it finds on your system.  This includes files on your physical hard drive, attached USB drives and even cloud connected storage.  This means data on a mapped DropBox drive could also become encrypted.

I have an online backup. Is my data protected?

Having an online backup does NOT guarantee your data is protected.  While having an online backup can HELP to restore unencrypted files, it does not protect you from CryptoLocker.  In fact, once CryptoLocker has encrypted the file, it has changed.  This may cause your online backup to backup the now changed and encrypted file.

Should I pay the ransom?

Only you can make the decision to pay the ransom. Paying the ransom DOES NOT guarantee the files will be decrypted. Paying the ransom can lead to other problems, like credit card fraud and identify theft. We DO NOT recommend ever paying the ransom.  We recommend prevention and using best practices to avoid getting the infection.

Reports indicate some who have paid the ransom never get their files decrypted.  Others have reported their files were decrypted, but it took several hours to days for the process to reverse itself.

Where does CryptoLocker come from?

CryptoLocker can be installed from simply browsing to an infected website.  However, it is frequently delivered via spam email as a compressed archive (.zip) file or via an executable file (.exe). Emails may appear to come from a person or business you know.  Faked emails appearing to come from UPS or FedEx have also been reported as points of distribution for CryptoLocker.

Signs your system may be infected with CryptoLocker

1. The system has started running unbearably slow.  This is due to the processor resources needed to encrypt all of your files.

Some steps you can take to help protect yourself.

Remembering no anti-virus/anti-malware can provide 100% protection, here are some things you can do to help ensure you don’t get infected.

  1. Have a decent and up-to-date antivirus program running.
  2. Get the latest operating system updates
  3. Have your computer firewall running
  4. Limit user privileges
  5. Have an online backup of your files.
  6. Have a complete and current offline and unconnected backup of all your data files.

More information about CryptoLocker:

Service Provider Invoicing

So you are starting up your small business and confused about which accounting package is right for you. Knowing which accounting package is right for you can be a complex decision. Quickbooks is an outstanding program if you’re looking for an accounting program that is a total solution. However, for a new small business software accounting systems can be a big investment.

When you decided on an accounting package, it is essential to understand your needs now and in the future. Ask youself if the accounting package will grow with your business. Be sure you understand the portability of the data, should you decide to move to a different accounting package later on down the road.

If you are just getting started, and you are looking for simplicity and affordability, Freshbooks, a completely online accounting system, may be right for you. Freshbooks is an extremely simple and easy to use online invoicing program which provides many bells and whistles accounting tools which are standard with QuickBooks. With FreshBooks, the focus is on keeping everything simple and the programs core functions are based on the basics like creating estimates or proposals, issuing payments and sending invoices.

One of the best things about Freshbooks is that you can try it for free. Try Freshbooks here!

 

Freshbooks Accounting

AirMail

Disposable Email Address

Have you ever wanted to get some FREE information from a website only to find they want your name, email address, mothers maiden name and phone number before giving it to you?  A disposable can be very useful in getting the information you want without giving out our real email address.

Disposable email addresses are valuable if you want to avoid receiving SPAM.  One free service we recommend is AirMail.  AirMail is located at www.getairmail.com.  You can obtain a disposable email address in about 5 seconds.  It shouldn’t be used for any real business.  It should never be used for more then a few minutes and there is no security.  To be very clear, the use of a disposable email address should be used for legitimate purposes where you want to protect your actual email address from ending up on some company’s SPAM list.

About.com provides a list of other Disposable Email Address Services > Here!

Home Phone Services

TEKEASE Home Phone Service is a highly affordable solution for customers who want to reduce their monthly bills. Bring your current home phone number to us, or set up a new one — the choice is yours!

So, if you are still paying the high costs of a traditional landline telephone, call TEKEASE today to discover the value and reliablility of our cellular home phone service.

For a limited time, we will provide in-home installation at an incredible price. Call us today at 309.689.8355 to learn more.

Phone Service - Peoria IL

NOTE: Home Phone Connect is not compatible with homesecurity systems, fax machines, DVR services, credit card machines, or medical alert services (eg. Life Alert). HSI/DSL may or may not be available, please contact your service provider to determine if this product is available as stand alone offering.

AT&T and SBC Email Settings for Outlook

The helpdesk is frequently receiving calls regarding the proper settings for sbcglobal.net Outlook settings and att.net Outlook settings. If your email account is still pointing to the pop.sbcglobal.yahoo.com and smtp.sbcglobal.yahoo.com servers, you are likely receiving a certificate warning issue when sending and receiving mail. AT&T changed these severs over a year ago.    

sbcglobal.net and att.net Email Servers

Incoming mail server: pop.att.yahoo.com Outgoing mail server: smtp.att.yahoo.com

Authentication

Mark the checkbox for My outgoing server (SMTP) requires authentication and select use same settings as my incomming mail server.

Server Port Numbers

Incoming server (POP3) – 995 (Check This server requires an encrypted connection (SSL))

Outgoing server (SMTP) – 465 (Change the following type of encrypted connection from None to SSL)

 

New Account

 

Mail Settings More      Mail Settings More2    Mail Settings More3

Gone Phishing

Phishing Scams

Phishing is an illegal attempt to collect meaningful information, like your online bank account username, password, or credit card number, from an email recipient (target).  The emails masquerade themselves as coming from an organization you likely already due business with.  Large national banks like Citibank, Chase, CapitalOne, PayPal, PNC and others are the most frequent brands used by the criminals.  However, banks are not the only organizations used.  They will use social media sites, like FaceBook or LinkedIn, and other high traffic websites to trick the target into providing their information.

Popular Phishing Scams

  1. Email from your bank saying your account has been compromised.
  2. Email from your bank saying a check has bounced.
  3. Email from your bank saying your online password has expired or will expire.
  4. Email telling you to need to verify your email address.
  5. Email from your bank telling you about a recent change in your account information has changed.
  6. Email telling you some amount of money (usually a small but tempting amount) is available for you.

Email Spoofing

The method of masquerading a FROM email address called spoofing. It is a non-complex way of manipulating how an email appears when it is sent out to make the recipient believe it comes from a legitimate organization or person.  As an example, the email appears to come from security@somebank.com when in fact it was sent from 123456@freemail.com.

Why the scammers do it?

If an email spam scammer is successful the target will click the link provided in the email.  This usually takes the target to website which looks EXACTLY like the organizations legitimate website.  The target attempts to login to the FAKE website with their username and password and the scammers job is nearly complete. The victim has just provided their username (often their email address) and password to the criminal.

Unfortunately, over 80% of computer users, you use the same password for everything.  So the criminal now has the targets password for everything from their bank to their Facebook and Amazon account.  If a common password is compromised, the criminal will attempt to use it to access every possible site/account they can.  The targets compromised information is now used by the criminal or sold to another criminal to create distance between the original offender and the user of the information.

How to Avoid Becoming a Phishing Victim

  • Be aware that many scam artists are making forgeries of company sites that look like the real thing. They may take every precaution to make consumers believe their site is secure and, therefore, legitimate. Following are some tips on avoiding the trap.
  • Don’t trust e-mail headers. They can easily be forged.
  • Avoid filling out forms in e-mail messages. One can’t know with certainty where the data will be sent, and the information can make several stops on the way to the recipient.
  • Verify the legitimacy of a web address with the company directly before submitting any personal information. Don’t click on a link in an e-mail message from a company until you check.
  • Protect yourself through education and thorough evaluation. Don’t trust everything you read.
  • Verify the legitimacy of the company first before acting. What’s the rush? A simple phone call may make all the difference.
  • Be alert to phishing messages. Reputable companies do not contact their customers via e-mail to request that they update their files or to verify an account or security setting.

Source: Center for Information Technology

If you have been a victim and taken the bait.

If you have taken the bait and compromised your information, especially your Social Security Number (SSN), you should place fraud alerts on the three major credit reports (Equifax, Experian, and Trans Union).

Even if you haven’t been a victim, you should consider an identity protection and credit monitoring service like LifeLock or Experian.  Some of the services they provide include proactive protection, advanced internet monitoring, credit alerts, non-credit alerts, address monitoring and lost wallet protection.

Don’t SPAM

So you received an email from a trusted friend.  The email subject reads “This has been verified on Snoops.com!”  First, before you hit the forward button…hit the delete button.  Most of these emails start from the very folks who make malware and virus software.  99% of these are scare tactics.

You should also be very careful when searching the Internet for information about viruses. Doing so will often lead your computer to the path of infection. There are reputable locations to learn about current virus threats, but we don’t consider Snoops to be among them. If you absolutely must do some research, we recommend some of the sites below.

Learn more about the latest email and virus hoax information at SOPHOS

  1. Microsoft Malware Protection Center
  2. Symantec Security Response Team
  3. Wikipedia for a List of Known Viruses

DISCLAIMER: This information provided in this site is not intended to provide support or specific guidance related to computer support problems. We are not responsible if you use this information and you do so at your own risk. Before attempting any repair on your own, you should contact the appropriate professional for assistance.

Stuck Key’s Driving You Insane

As keyboards get old they have a tendency to loose their spring.  Most keyboards (laptop and desktop) rely on a combination of rubber springs and somewhat fragile plastic scissor clips.  First, we never recommend you taking your keyboard apart to resolve the stuck key.  It can lead to disastrous results and you needing to replace an otherwise healthy keyboard.

There are several things you can try to do to fix a stuck key or two.  Check out the article at PC World for some great tips on resolving your keyboard frustrations at I’ve got a dead key on my keyboard.

DISCLAIMER: This information provided in this site is not intended to provide support or specific guidance related to computer support problems. We are not responsible if you use this information and you do so at your own risk. Before attempting any repair on your own, you should contact the appropriate professional for assistance.

Digital Living Network Alliance

DLNA (Digital Living Network Alliance) is an alliance founded in 2003 which is dedicated to making our digital living experience better.  As we continue to add  more devices to our lives, it is essential they are truly interoperable with other technologies.

This is good for consumers and will hopefully mean a real end to proprietary technology. Well, at least as it relates to the ability to connect devices, to one another.  “DLNA is comprised of more than 240 of the industry’s most reputable digital brands.  The following companies have joined DLNA to leverage new technologies to help lead the digital revolution.”

So when you are considering a new device, you might well consider making sure the DLNA Certified Logo appears on the box.  Find out more about the DLNA at www.dlna.org

DISCLAIMER: This information provided in this site is not intended to provide support or specific guidance related to computer support problems. We are not responsible if you use this information and you do so at your own risk. Before attempting any repair on your own, you should contact the appropriate professional for assistance.