Category Archives: Keep Safe Online

Keep Safe Online, Security, Virus and Malware Descriptions

Viruses, Malware and Worms, Oh My! – Part 3

November 13, 2013 Computers Made Simple Leave a comment

If you’re confused about what virus, malware, adware, and Trojans, etc. are, here are some definitions for you:

Photo of Trojans Virus and Worms — **The big three.**

1. Virus

This is an all -encompassing term but, fortunately, it’s a type of malware that we don’t see to often these days. A virus in a computer performs pretty much the same as it does in a human; it takes over completely, preventing other systems from working. A bad virus in either host can sometimes destroy that host completely. Many viruses were written to simply show the awesome skill of the person who wrote the script. Read that with heavy sarcasm. Some script kiddies , as they are sometimes called, don’t even write their own stuff. They copy scripts from more knowledgeable coders and claim them as their own, often signing their names somewhere in the virus code. These days, this type of individual would rather leave their work unseen and unnoticed by the users that they try to infect, in order to extract as much information as possible from them. A virus seeks to attach itself to as many files as it can on the host computer. This is the activity that your AV software should pick up. It’s the speed of the replication that makes them so very dangerous.

2. Malware

Anything that does damage, extracts private information or uses someone’s computer for purposes unknown to that user could be termed malware. There are many different kinds but, basically, things that do bad stuff to computers are designated as malware.

3. Adware

Adware is not nearly as bad as malware but it is aggravating and frustrating all the same. Most adware is installed with those seemingly helpful toolbars which many companies install with their software. Adware wants you to use a certain page for your homepage, a specific search engine, etc. Adware pretends to help you but, in reality, it only helps the company that installed it on your computer. One of the main problems with adware is that it frequently is missed by your anti-virus software. It’s not really harming your computer and it doesn’t act like malware so your AV program will likely not even notice that it’s running or pick it up on a scan. There are specific programs that seek out and destroy adware and we’ll get into these in a future post.

4. Trojan

These are things that pretend to be other things, just as the original Trojan Horse pretended to be a gift way back in history. The computer user expects a file to be a certain thing, let’s say a Word document or PDF, but that file is actually the installer for a piece of malware. The unwitting computer user won’t know what’s going on behind the scenes when they click on the infected file. While everything may seem normal and the software may do exactly what the user expects it to do, it has also infected the computer with any one of dozens of kinds of malware. It’s not only hackers that do this. Governments use Trojans to manipulate computers and machinery in countries that may be a threat to them. If you’ve ever heard the term ‘backdoor’ in discussions of malware, this is what a Trojan seeks to install on the host computer. Once the backdoor is up and running, the infected computer can be manipulated without its owner knowing about it.

5. Worms

Probably the most famous computer worm is known as the ‘Stuxnet’ worm, designed expressly to infect Iran’s nuclear engineering projects. A worm is a virus but isn’t quite as bent on destruction as a simple virus is. Worms can do many things but their aim is to sit unnoticed, all the while feeding information out to the installer and, in some cases, preventing devices from performing as they should. If one country wants to eliminate a perceived threat, let’s say from a missile installation, it is possible to have those missiles misfire or go off-course through the use of a computer worm. If you’re familiar with the TV series Battlestar Gallactica from about ten years ago, you’ll remember that the Gallactica, which was not networked, was the only spaceship which was not infected with the virus that destroyed the defence capabilities of every other networked military ship. Worms work their way from computer to computer though networks, often through updates. Some worms are designed specifically to target certain types of mechanical systems.

Those are the basics. In our next few posts, we’ll show you how to immunize you and your family from these threats. While dangers do not lurk in every corner of the Internet, there are enough of them out there to make knowing this stuff very important. Tell your friends!

Thanks for reading!

Dangers of Attachments, Email, Hotmail, Keep Safe Online, Security

Viruses, Malware and Worms, Oh My! – Part 2

November 13, 2013 Computers Made Simple Leave a comment

Although we don’t get nearly as many as we used to, some very dangerous emails still make their way into our inbox. Which ones are those? Emails with attachments, that’s what we’re writing about today. We’ll give you a few tips on how to stay safe and protect yourself from these malicious emails.

1. What’s an ‘attachment’?

Most of the time, an email is just words that someone has typed, no different than a text message. Some emails looks much like a webpage, specifically those from companies that you’ve chosen to deal with or receive ads from. Nothing much to worry about there, right? Complications arise when someone attaches a file to an email. Let’s say you’re sending a resume to a company that’s hiring. You could copy and paste your CV into the body of the email or you could attach the whole file to the email. The format for this file may vary, from PDF to .doc to .docx, etc., but the full file is sent with the email. At the other end, the person who opens that email has to download the file and open it on their computer. (Some online email providers allow documents to be opened with their email program but not all do this.) Hopefully, you’ll see where this is going. What if that attachment isn’t a simple Word document?

2. How do I know if an email has an attachment with it?

If you use Outlook/Hotmail, it will look like this:

Photo of Email Attachment — **The icon of a paper clip means these emails have attachments.**

3. What are the dangers of email attachments?

Some types of files, zips for instance, contain executable files within them. An executable file is one that actually does something, as opposed to a photo that you simply look at. Some other types of files, pdfs for example, can have an executable file hidden inside them. You are not able to send unzipped executable files any more, most email providers, if not all, have chosen to eliminate ‘exe’ files as attachments. This doesn’t mean that you’re safe, just that you have to be more careful.

If you somehow get an .exe file and click on it, you could be allowing a virus to take control of your computer or installing a key-logging program which will remember everything you type then send that data to an identity theft gang; any number of bad things, in other words. That’s why attachments can be dangerous.

4. How do I know if an attachment is safe?

Here are some simple rules to follow when faced with an email that has an attachment:

A. Do you know the sender?

B. If you know the sender, is the attachment described in the email? “I’m attaching a copy of my latest resume. Could you check it over for me?”, something like that.

C. If you know the sender, does the subject line of the email look like something they would say? “Hey! Look at this hot pic I just took!” is an example of something you shouldn’t open, let alone download the attachment.

D. Are you expecting an email with an attachment from someone you know or a company you deal with. Is the company you contacted sending you the manual for something you bought? Is a government agency sending you a new tax form? Did you request something from this person or company?

You’ll have to answer these questions yourself but A. is a definite NO, right? C is very popular now, specially on social media sites but often in emails. Basically, you have to use your head. If you delete an email that has an attachment, don’t worry about it. The rule here is to protect your computer and your identity first. If the attachment was legitimate, that person or company can always send it again.

TIP : Outlook/hotmail has a cool feature that locks attachments and pictures in emails from persons or companies that are not on your contact list or who you haven’t certified as being safe. Here’s what this looks like:

Photo of Outlook protection — **This is why we suggest that you use an online email client.**

Don’t know the sender? They’re not on your contact list? Outlook protects you from the hidden dangers in these emails. You have two choices besides deleting these. If you know the person or company, click ‘Wait, it’s safe!’. If you’re uncertain, click ‘I’m not sure. Let me check’. If you choose this one, Outlook shows you a bit more of the email but still keeps some things locked down. In the photo above, there are two attachments and we know for sure that these are malware/viruses or other nasty things. Besides, we’ve never heard of the sender. We’d have to go way out of our way to get infected by this email but, unfortunately, people do this every day. Now you know the dangers.

Thanks for reading! Let us know if you have questions or suggestions about this or anything else ‘techish’. Like us on Facebook so you can keep up with our posts and tech tips: Computers Made Simple on Facebook

Email, Hotmail, Keep Safe Online, Phishing Scams, Security

Viruses, Malware and Worms, Oh My! – Part 1

November 11, 2013 Computers Made Simple Leave a comment

All this week we’re posting tips on ‘safe computing’; how to keep safe online. While we write about PCs mostly, these tips will apply to Macs too, most of them anyway. If you use an Apple computer (a Mac), don’t assume that you’re safe from these exploits. You’ll need to stay on your toes no what what type of computer you use.

Email – Threats in your Inbox:

We all get large amounts of spam email every week. Normally any junk email easy to spot. Some types of phishing emails are a little bit harder to pick out. Here’s an example of a phishing email in one of our junk folders:

Photo of Phishing Email 1 — **We don’t have a Discover card but if we did, we just might open this.**

Out of the millions of people who receive an email like this, a certain percentage would almost certainly have a Discover card, right? Let’s see what the email is all about:

Photo of Phishing Email 2 — **Oh no! ‘Irregular activity’ on our non-existent Discover card.**

Whether these emails mention Discover cards or bank accounts or airline tickets, there is one simple way to check if they are phishing emails. Aside from the fact that your credit card would call you on the phone to report ‘irregular activity’ on your card or account, don’t you think they would know your name? Any emails from these kinds of institutions, and they don’t send out many at all, would always have your name in the subject line as well as in the body of the email.

We get a notice once a month about our account statement being ready, complete with our name in the subject and our name in the salutation of the email. We also get emails from PayPal about different specials they are running and, again, our name is right up front in the subject line.

Obvious Clues:

Aside from the name issue, this email has a couple of other clues that it’s a fake. At the top, you’ll see that it purports to be from ‘discover@email.discover.com, which is probably a legitimate address. If that’s the case, why would the link in the body of the email lead to ‘cicfif (dot) cn’? That .cn is the top level domain for China, in case you didn’t know. When did Discover start using a domain in China for their security office?

Besides that, as we mentioned before, credit card companies don’t email their customers when there is a problem. Speed is of the essence in these situations. The companies don’t want to interfere with their customers activities but they do want to minimize any fraudulent use of the credit card in question. There’s nothing faster than a phone call to settle these issues. An email would never be used.

Phishing. What the heck is it?

Any unofficial (fake) email or website that asks you to fill in your personal information is said to be phishing for that information. While a virus is bad and malware can really slow down your computer, phishing can hit you right in the purse or wallet. If someone gains access to your bank account or credit card details, they can clean you out in a matter of minutes. Depending on which bank or credit card company you are with, you may or may not be liable for these losses. It’s always a good idea to check out the fine print before something like this happens.

How to Protect Yourself:

1. We strongly suggest that you use an online email account, as opposed to one that is with your ISP (Internet Service Provider). We use outlook.com (formerly hotmail), gmail and yahoo for our various accounts. Why is this important? Primarily because none of the emails from your online accounts are actually stored on your computer. Since you have almost unlimited storage space with these companies, as opposed to the limits set by your ISP, you don’t have to download the emails to read them. As a matter of fact, outlook doesn’t even let you download your inbox. Dangerous or phishing emails never reach your computer, they stay on the online servers.

All of these online email companies have very strong anti-virus/malware filters in place, far stronger than what your ISP probably uses. Before an email gets into your inbox, it must pass through very strict screens. If you have set up your account correctly, most junk emails will end up in your junk folder. You will not be able to click on any links contained in them until you certify that they are safe.

2. Don’t click on any link in email that is not from someone you know or a company that you do business with and has mentioned you by name in the email. Even if the email is from a friend, we’d suggest not clicking on it until you can verify that they actually sent you something. If their email account has been compromised, whatever form of malware that did it will now be accessing your contact list and sending out emails as soon as you click on the link.

3. Since email links can be faked, think about alternative ways to access your credit card or bank account online. Type the address into your browser yourself if you feel the email might be legitimate. Here’s how a link in an email can be faked, in case you didn’t know. Click on this link (it is totally safe, believe us): www.freestuffforyou.com What? No free stuff? Not today, just free information.

4. Here’s a trick for you, one that might keep you safe in the future. Your browser has a cool feature in it that you probably never use. Hover over any link that you see, no matter if it’s in an email or on a website. Don’t click on it, just hover over it with your cursor (mouse). Down on the lower left, right at the bottom of your screen, you’ll see where the link really leads. Try it with our fake link just above this.

That’s it for today, just some simple tips on keeping out of trouble with email scams and phishing. These are things that you actually have to try to get stung with. Your actions in these situations control whether you get into trouble or not. Later on this week, we’ll deal with things that are out of your control. Stick around. Better yet, like us on Facebook and keep up with our tips, tricks and posts: Computers Made Simple on Facebook

Thanks for reading!

Keep Safe Online, Security

Things That You Shouldn’t Click On

October 28, 2013 Computers Made Simple Leave a comment

In actual fact, there are probably thousands of things you shouldn’t click on when you’re on the Internet but we’ll deal with some that might pop up when you’re simply surfing. Here’s what got us started on this path.

We love Formula 1 racing, actually all forms of car racing. Unfortunately, our local networks don’t carry every F1 race. Luckily we’ve found several sites that stream these events live using TV feeds from around the world. While the commentators might not be speaking English, we don’t really care since a car race is pretty self-explanatory. Now, we’ll be the first to admit that this kind of streaming isn’t exactly kosher. It’s on the edge of what some people would consider being legal. Regardless, we’re hooked on F1 so we do it.

The sites that we use, which will remain nameless, are full of pop-ups and adult ads. On top of that, every page has warnings that suggest your browser is out of date, you need a plug-in to watch the video (you don’t) or your computer has a virus and clicking on a link will fix it. In reality, all of these warnings are false. The links look very official, however, and we think that you may find this kind of malware in other places on the Internet. Here are some examples of what we are talking about:

Photo of Ten Things 1 — **This looks official right? It’s not.**

Photo of Ten Things 2 — **Your browser will play any video on the Internet. You do not need any other media player.**

Photo of Ten Things 3 — **If you use Chrome, everything is up to date as soon as you open the browser. It’s done automatically.**

Photo of Ten Things 4 — **Wrong. No plugin needed.**

Photo of Ten Things 5 — **Chrome updates itself. Don’t click on anything like this.**

Photo of Ten Things 6 — **This looks official but it isn’t. Internet Explorer is upgraded with Windows Update, not in the middle of browsing the Internet.**

OK, you get the point. If you only surf well known sites, you’ll be fine. The problem comes when you step off the main road a bit and click on a link in Google that just might lead you to a site that installs malicious software if you click on the wrong button. Chrome will try to protect you from all of this but it’s not perfect. New malware sites pop up every day. You have to learn to protect yourself.

When you come across things like this, simply close the browser completely. When you restart it, don’t restore the last session, otherwise the whole thing will start again. Now, the problem that might come up is that some of these malware popups won’t allow you to close your browser, even if you click the little X on the top right. In fact, if you do click on that X, a whole other window might pop up! What to do? Here’s where we need the old ‘three finger salute’, the magic buttons that bring up the Windows Task Manager. Look for these keys:

Photo of Ten Things 7 — **Control (CTRL) Alt and Delete (Del). Press all three at the same time.**

By pressing these keys, you bring up this screen:

Photo of Ten Things 8 — **Click on Task Manager down at the bottom.**

Once you click on Task Manager, this is what you see:

Photo of Ten Things 9 — **Look for Chrome or whatever browser you are using.**

What you are looking at is essentially the On/Off switch for everything that is running on your computer at this point in time. Once you find the program that won’t shut off, highlight it by clicking on it, then click on End Task down at the bottom. This applies to any program, of course, not just browser windows that won’t close. Say you’re using VLC or Media Player and it won’t close. Use this technique to shut it down.

TIP: Why is all of this important? If you do happen to click on any of these things, malware (bad software, like a virus) will be installed on your computer. Once this stuff is installed, you probably won’t notice much difference but, and this is the bad part, a key logging program will be running in the background, sitting there waiting for you to log in to your bank account. Once you do that, your password and credentials are sent off to a third party who can now steal your identity and, of course, some or all of your money.

We’ve shown you how to spot bad links and how to resolve a window that won’t close. Your job is to make sure that you and everyone who uses a computer in your house is aware of this. Tell your friends, share this post, tweet about it! Be the town crier, if you want everyone to be safe. We’d advise you to use Google Chrome as well as good anti-virus, anti-malware software. We like Windows Defender (Windows 8) or Microsoft Security Essentials (older versions of Windows). Both are free, by the way. You don’t have to pay for protection.

Thanks for reading. If you have questions or comments, use the form below. Better yet, like us on Facebook and you’ll be able to keep up with everything we post there. Here is the link: Computers Made Simple on Facebook

Keep Safe Online, Security, Strong Passwords

The Only Password You’ll Ever Need

September 27, 2013 Computers Made Simple Leave a comment

Security experts tell us that we should have a different password for every account we use. That’s easier said than done, isn’t it? If you’re tired of trying to remember obscure passwords for all of your online accounts, here’s a quick and easy way to streamline the process. There are a few ways that you could integrate this into your daily routine but that’s up to you. We’ll give you the basics, you adjust the parameters. Let’s get going:

First:

Make a reasonably strong initial password. Here’s a link to our post on how to do exactly that: Passwords – How to create a good one. You can actually write the password down, that part won’t matter too much if someone else finds it.

System A:

2. Let’s say that you’re going to sign in to your Outlook or email account. You would use the password you just created then add a letter that corresponds to the account you’re currently using. If your password is AbC54F (bad example, we know) then you would add an ‘o’ if you were using Outlook or a ‘g’ if you were signing in to Gmail. Whether you add the letter at the start or the end or the middle wouldn’t matter, as long as you remember where it goes, as in: oAbC54F or gAbC54F or AbC54Fo or AbC54Fg. Caps are possible too, of course.

You’re using a different password for each different account, that part satisfies the security experts, plus you’ve got only one thing to remember for each account, aside from the password itself. That one thing, the letter, is staring you right in the face so it’s a bit hard to forget. To make things a bit more complicated, you could add the same letter or the first two letters, one at the start and one at the end, to make your gmail password gAbC54Fm or oAbC54Fu for Outlook.

System B:

While system A keeps the experts happy, you still have to remember the password as well as the lettering system you’ve set up. System B eliminates that problem but won’t satisfy the security peeps. For any account you use, add a punctuation mark or letter or number to one end of the password. In other words, you would enter the password, such as AbC54F, then put an ! at the start or a ? at the end, something like that. It doesn’t matter what you use, just remember where you put it. If you use the same punctuation mark, number or letter for every account, there’s virtually nothing to remember, except the initial password.

Photo of Mnemonic — **Create your main password with mnemonics, then add something to it to keep it secure.**

Mnemonics

Use mnemonics to create the main password as described in our post, the link is at the top of the page. If that password is strong enough, and easy to remember, then you can use it for all of your online accounts using our ‘add something to it’ technique. Better yet, make up your own system using our basic instructions. A word, a year, something that is unique to you but, best of all, something that will be totally secure, even if someone gains access to your main password. Now you can forget obscure combinations of numbers and letters, leaving you more memory room for birthdays and anniversaries. How cool is that?

Thanks for reading. Like us on Facebook and you’ll make us very happy. Here’s the link: Computers Made Simple on Facebook Thanks!

a little bit of hi-tech, a little bit of common sense and a lot of fun