Monday, May 14, 2018

Protection Two-Step

Hi Everyone. I am asked all the time about anti-virus, both personally and professionally. The answer always starts the same; it makes no difference how much you buy or how much you have. Nothing is 100%. With that being said, I want to talk to you about your home protection.

My suggestion is a two-part scenario that focuses on prevention more so than remediation. Think about that. Certainly, it would be more beneficial to your time and energy if you put a plan in motion that works on being proactive, so you do not spend much time reacting to every threat, am I right? Let’s have a look at this scenario.

Part One – There are dozens of anti-virus products out there and they are essentially as effective as the flu shot; not very. So how do you choose which one to get? Should you pay for protection or get the free protection? Free protection is great if you are the type of person who will scrutinize everything that happens to your system because of the horrors of the Internet. However, if you ask what Joel does, I pay for the premium version of MalwareBytes Anti-Malware. Here is why. MalwareBytes has a much different stand on viruses; instead of remediation after infection, they focus on being proactive and making sure the infection cannot harm your system and they do so by stopping the two-way communication between the virus and the virus command center.

Part Two – Take an extra step to protect your home network and do it for free! Stop on over to and sign up for an account and start protecting. Here at Reybold, we use Cisco Umbrella which is the Enterprise version of OpenDNS. With this free personal service, you will either change some settings in your computers or in your home router with their incredibly easy-to-follow instructions and once done, you are under the umbrella of protection by the service. Not only does OpenDNS provide a much faster browsing service for your Internet, it also has the build-in protection that Cisco offers by blocking bad elements from passing through the DNS to your router and/or systems.

So, this is my personal plan that somewhat follows the path we use here at work. We deploy a strong Anti-Virus package on the computers and then we add the outer layer of protection from Cisco to keep bad guys out to begin with. Just remember, this is like anything else and not 100% effective. All of these things cannot prevent the number one problem when it comes to infections; the human element. You still have to be vigilant with where you are browsing and what happens in your email.

Tuesday, June 13, 2017

Why Backup?

I want to talk to you about backups and their importance in today’s digital world. There are plenty of choices of software and hardware that will do the job as well as cloud services. Let’s dive in.

I still get asked the question “why backup”? Why would you not backup is what I ask. There are no guarantees that your computer will last forever and now with all the malicious bugs roaming the Internet the chances have only increased that you will have a problem. The question is no longer “if” you get infected; it is now a question of “when”.

External hard drives are good for backups. However, the potential for failure is greater than, say, cloud backups because this is a piece of hardware, after all and therefore capable of the same mishaps of mis-managed computer equipment. You must run diagnostics and maintenance on the backup drive to ensure that the hardware is in top shape and preserving your data. Also, if you choose this method, I recommend that you connect the device, run your backup and then disconnect it from the computer. If you have an unknown virus on the computer, you do not want it to affix itself to your backup drive infecting it.

Cloud backups are quickly becoming the popular trend in data backup and for obvious reasons. When you do online backups through a service, you set some parameters like time and what you want backed up and forget about it. Your data is backed up onto servers that are maintained, kept safe from viruses and ready when you are for recovery if necessary. You are putting your data into someone else’s trust and many of these companies do a very good job at cloud backup. This has become my method of backup with a twist. I manually control my backups to the cloud then delete everything from my computer. If my computer is compromised, hackers will be disappointed in their findings.

The best defense against Ransomware is a good backup. It pains me the amount of people I know who still do not have a backup plan. Your most important documents and precious memories are extremely important to you. Make a conscious effort to choose a method of backup and stick with it. You’ll be better off if disaster strikes!

Friday, March 10, 2017

The Email Scam...Look Away!

There is always a trigger that compels me to write a new editorial. Today's trigger is because I received two scams; one by phone and one by email. So today I would like to address the latter.

An Email Scam is unsolicited emails that offer you the belief that you will receive something for nothing. This type of scam represents the classic phrase, "too good to be true". We all know what they say about that? If it is too good to be true then it probably is not. 

I actually know someone who is right in the middle of an email scam. The reason I say that is because I have warned him several times that it is a scam and he continues to email with this fella and send him money. If you haven't guessed yet, he has received nothing for his money. So far he is out nearly five hundred dollars and he still thinks he is going to receive $4.9 million from the other person.

Let me share an email I received today to show you what a typical scam email might look like. This is not the one received by my acquaintance above however, it could have been mostly plagiarized because that is how close they are alike:

Hello my dear friend,
How are you over there in your country or elsewhere? I believe you are fine and doing well. I hope my mail meets you in good health today. I am much delighted and privileged to contact you again, after all these time, it takes destiny and courage to remember good friends like you and at the same time, show gratitude to you despite circumstances that made us separate and disrupted our transaction, which ultimately did not work out as we had
projected then.
I am happy to inform you that I have successfully transferred the fund with the cooperation of a new partner from Netherlands. I use this opportunity to inform you that the transaction has finally worked out and I am contacting you to let you know that I left a bank draft check worth of $1.5 million for your compensation, I registered the bank draft check with DHL Courier company before leaving the country, and I instructed him to deliver the check to you once you contact him.
I will advise you now to contact DHL courier manager with your full delivery details so that they will process the delivery of your bank draft check to you immediately. Here is the contact info to contact DHL Manager.
NAME: Dr Albert Godwin
PHONE: +229 9826 4001
Please remember to fill your information as bellow when contacting Reverend Father John Mark ok.
Full Name:----------
Home Address:----------
Your country:----------
Your phone number:----------
Acopy of your I dentity:......
Let's take a look at some facts about the email. This is a typical "Phishing Scam" email designed to convince you to divulge personal information by phone or website which would make stealing your identity very simple.
Look at the grammar in general. There will be spelling errors, run-on sentences, broken English and other things that should just not seem right (DHL has Gmail email addresses?).
Other variations of this type of scam could ask you for a small fee to assist in the cost of getting a larger sum of money into your American bank. Another may ask you to visit a website to enter "secure" information. You may be asked to establish a separate bank account in a different bank for this purpose for security.
US-CERT makes a few simple recommendations to help you from becoming a scammers next victim. They include:
  • Filter spam.
    Don’t trust unsolicited email.
    Treat email attachments with caution.
    Don’t click links in email messages.
    Install antivirus software and keep it up to date.
    Install a personal firewall and keep it up to date.
    Configure your email client for security. 
Keep on the lookout for these types of email. If they show up in your inbox, mark them appropriately as SPAM so that your service provider can investigate and adjust. If they are delivered to your Spam folder already then no action is needed. If you are receiving these types of emails, do yourself a favor, dump them in SPAM and walk away.

Thursday, February 23, 2017

Ransomware Is Getting Worse

As I write this I am thinking, I am so sure that you probably encounter an article like this at almost every turn on the Internet. So you ask yourself why you would stop to read my article on Ransomware? Because, my articles are way cooler!

First thing that we need to do is to identify what Ransomware is. Ransomware is an exploit in which the hacker encrypts the unsuspecting user's data demanding ransom for the decryption key payable in un-traceable funds. This is a true mess any way that you look at it and Ransomware has become a multi-billion dollar venture globally.

Between January 2016 and November 2016, the distribution of ransomware increased by 267% (Source: 2017 State of Malware, MalwareBytes) and shows no signs of slowing down. In fact, it is predicted that ransomware will move beyond encrypting your files and begin to lock the boot partition of your hard drive, meaning that you will not so much as be able to load your operating system.

So what do we do about this? Ladies and gentlemen, there is not much we can do about the problem. I'd like to say that if people stop paying the ransom monies, the business would go under. However, like Hollywood Presbyterian Medical Center in California, there are going to be organizations who find themselves in the position where they must pay. There will be senior citizens who are preyed upon by this attacks who feel there is no alternative than to pay up. This is not true. Let's continue our journey.

How Did I Get It? - A very good question with a very bad answer. There are several ways that you can get it and it does not mean that you did it to yourself. The most common way to get ransomware is by opening an email attachment from an unsuspected sender. Many of these emails come in the form of IRS notifications, shipment receipts, important documents, etc. You can also receive the bug from an infected website and even now, it can be on a legitimate website embedded in an advertisement. Or, in today's advanced world of "always connected" high speed Internet, you could have received it through a drive-by payload.

Prevention is The Best Medicine - Education is key here and lucky for you stopping by to read this, I am like a techie educator. Let's look at some things that you should do to try and prevent an infection on your device.

  • Keep your computer clean as far as making sure that your software and any Internet-connected devices are up to date. Be sure and run critical updates from all vendors on a regular basis or better yet, automatically.

  • Use strong passwords. Include letters, numbers, symbols, upper case and lower case characters and at least 8 in length. Try phrases, they work better.

  • If you have the opportunity to do so, use two-factor authentication with every service that you can. If your accounts are hacked, this will speed up the time it takes to gain control of your accounts again.

  • Never open email attachments from persons that you do not know. As a rule of thumb, the IRS will not contact you by telephone or email to discuss anything with you; they will snail mail you. No one will email or text you and ask you for personal information or passwords; if this happens do NOT respond. Shippers (UPS, USPS, FedEx, etc) will not send you shipping information or receipts in your email. It is the responsibility of the company with whom you placed your order to send that information to you. If ever in doubt, trash the email without opening it.

OK, But I Got Infected - If I leave you with one piece of urgent information to take away from this article, it is BACKUP BACKUP BACKUP! If you become infected with Ransomware or any other extremely damaging malware, the best defense is to have a backup of your files because the only recourse that should be considered is to know that you have a recent backup so you can take a deep breath, relax and format your device and start over. You should never consider payment to these criminals. If you have a good backup then yourself or your technology professional will have you fixed in no time.

There are many things that you can do, both free and monetary, to protect yourself from Ransomware. However, the truth is that there is no way of avoiding it. Hackers will work feverishly every day to find new and innovative ways to steal your money and that means that Ransomware will only get worse. Do yourself a favor for piece of mind and backup and do it regularly so that you are current. Do what I do. I keep my documents, pictures and other important stuff on cloud services and never on my computer. In the end, if infected, I've only lost the time to restore. I hope this gives you a little valuable information that keeps you a little bit safer on the Internet.

Tuesday, November 22, 2016

Holiday Scams; Protect Yourself!

We truly live in the digital world. Everything has the potential to come faster. We live fast, we shop fast, we eat fast and we can be scammed fast. With the Christmas [shopping] holiday upon us it is a good idea to review some of the most notorious holiday scams and how to prevent them from taking you down.

Fraudulent Charities - Public enemy number one, fake charities are at the top of my list during the holiday season. These scammers will solicit your money through phone calls, email or snail mail. They will attempt to tug at your heart strings in any fashion possible. Never give to a charity that you have any doubts about. If you are looking for a charity to donate money to and you want to verify their legitimacy, try some of these links:
Phishing - If this were not the holidays, this would be at the top of the list. So at this giving time of year, it is second from the top. Phishing is the practice of defrauding an individual or company of financial information by posing as a legitimate company. This practice, much like fraudulent charities, is done through telephone, email, text and snail mail. These scammers will portray themselves as everything from a travel agency giving away "GREAT" deals to the "IRS" demanding back payment from your Christmas bonus. If it sounds too good to be real, then it most likely is not. Be vigilant and think before you respond. Do not open emails from unknown persons or suspicious looking email from friends or colleagues.

Name A Star - Okay, I admit, I purchased a star for my wife many moons ago. I thought it was legitimate but now we have a fancy certificate a guide to her part of the universe and someone has my $49.99. So here is the truth; the International Astronomical Union is the only organization that names stars and they will not sell you the right to do so yourself. However, if you want a nice certificate, call me (wink..)

Online Shopping - This is a difficult one to convey because we all love the convenience of shopping online and not dealing with the mobs in the malls. However, there is a rise in cyber crime so bad that legitimate websites are being "skimmed" so that they can capture your credit card information. In most cases, the websites do not know. Malware is being delivered in ads displayed on your favorite shopping sites. Be sure that you use additional verification steps, if possible, on all the websites that you use for shopping or otherwise to be sure that you are on the actual legitimate website. Using sites like PayPal adds extra protection by making sure that your transaction is secure.

The holidays are a time for celebration, family and joyfulness. Take some extra precautions to keep yourself from getting snowbound by malicious thieves.

Thursday, April 7, 2016


My friends, I know that you might hear this from me a lot, but the issue with these fake #tech #support #scams, which come by way of Pop-up windows, pop-up windows with AUDIO and telephone calls is becoming ever so more serious. I have been inundated with clients dealing with these issues daily which tells me that they are on a steady rise. These scams are not going to go away because it is a multi-billion dollar (annually) industry.

Here are some questions I am getting and I pass this on to you. Feel free to pass this on to friends and family and SHARE my page so folks can find me if they find themselves in peril with their computers.

What did I do wrong to get this pop-up? Likely, nothing. These pop-ups are generated by scripts that are placed into websites unknowingly by the website owner so it is passed to you when you land on an otherwise legitimate website. One of the newer ways this is happening is that the malicious code is tied to advertising on webpages, which again, will auto-launch when you land on the page.

I have a pop-up, what do I do? The first thing to do is realize that it is FAKE. No one from #Microsoft or any other company knows if you have viruses or such. But you have to get this off your screen and fast, right? So you might notice that you cannot just close the browser so you have to open your Task Manager. To do this, Right-Click on the taskbar that lays across the bottom of your screen. Select the Task Manager. When that loads, you can click on the web browser that is open (Chrome, Firefox, Internet Explorer...) and click End Process. That should close the browser and all associated windows/pop-ups along with it. If that fails, you can always hold your power button in until the computer shuts down (NOTE – I DO NOT RECOMMEND THIS SHUTDOWN PROCEDURE).

Now am I infected? You might be. There is no guarantee that the pop-up did not drop a drive-by downloader off when the pop-up activated. To be sure you should check your system fully or have a qualified technician look it over for you. If in doubt, have it checked out.

Until we cut off the money supply these types of scams will not only continue but they will continue to outsmart the human element to get what they want. Using some common sense decisions will prevent the cyber criminals from winning.

Wednesday, February 10, 2016

"We don't need no stinking recovery discs"...Wait, I do?

When I first began my career in the technology field, computer manufacturers would always send you set of recovery discs in the event that something drastic happened to your system and you needed to set things back to factory condition or far worse, change your hard drive. As years went by, they began placing this "system restore" on a separate partition of the hard drive and with a few commands, you could reset your computer back to factory condition. This was pretty convenient and they would still include the recovery discs so you had them. A little while later, the discs were no longer included but, if disaster struck, you could buy a set for $25 or $35.

There is your quick history lesson.

Recently, I had several clients who had hard drives that failed. This left them in that critical stage of "what do I do now". The good news is that all of the clients issues were worked out in a speedy and satisfactory manner but I want to discuss the importance of the recovery discs. Almost every computer will ship with an annoying blurb that returns now and again reminding you to create your recovery media. This is something that everyone should do. It is very convenient to have that recovery partition on your hard drive, but what will you do if your hard drive fails? You need the recovery discs. After the hard drive fails is not a good time to find this out. I recently learned that some manufacturers only maintain recovery libraries for their computers for a limited amount of time. That means after a few years, you may not be able to obtain the recovery media from your manufacturer.

It is a simple process and worth the time spent doing this when you first setup a new computer. It is even more valuable now if you have had a computer for some time. Create the discs. Get yourself a couple of DVD writable discs and locate the "Backup and Recovery" section on your computer and start the process. The process will walk you through every step telling you what to do and when to do it. Once you are done, you will now be equipped with the recovery tools needed in the event of an UN-recoverable hard drive disaster. While you're at it, make sure that you are regularly backing up your important data (documents, pictures, etc.).

Now, let's get started on that recovery, shall we?

NOTE - There are other good options for making an exact image of your drive that I will discuss in a future article.