Computer Security Northwest

Computer Security Information and News You Need to Know – From the Pacific Northwest

When your email account gets hacked into, the first thing to do is the change your password on that account! This will keep the hacker from sending out more impersonating emails. However, there are some other things you must also do immediately.
(You also should consider sending out an email to your contact list telling them your account was hacked into and to ignore many emails they could have received from you; that is up to you personally, depending on the seriousness of the emails sent from your account. Most people are probably aware that if they get an email from you without a subject and just with a random webpage link, that your account has been hacked.)

First, consider if you use this same (or similar) password on other accounts. If so, you need to change the passwords on those other accounts also. The hackers may try similar usernames and passwords on other important accounts. Never use the same password on multiple accounts; if one gets compromised, they could possibly all be compromised. This is especially true for social networking sites (Facebook, LinkedIn, etc.) and financial or purchasing accounts (e.g. your bank, PayPal, Amazon, etc.).

Next, this is a good time to consider your “security posture”; i.e. what security measures you employ based on what you have to lose. You should take some thought about how your account could have been hacked. Was it from one of the large free email accounts (like Hotmail, Yahoo!, Gmail, etc.) and did it have an easy password that could have been cracked if someone was able to find out some personal info about you by searching the Internet? If so, then you could have just been one of the many that are hacked into all the time. A difficult password should keep this from happening.

However, since your account has been hacked, you now have to consider another way people break into accounts, and that is by answering the “forgot/reset password questions” that you are required to answer, such as “what is your mother’s maiden name?”, “what is your favorite pet’s name?”, etc. Many of these pieces of information about you can be found out from your public face on the Internet. That is why for these types of questions, I most often “consistently lie”. Please see my “Essential Security Measures” document where I talk about this more. (E.g. you must remember these non-truths so you can get back into your accounts if you need to!)

Also, for every account that allows me to do so (like Facebook and my bank), I set up the feature that requires me to get and respond to a text message on my cell phone whenever a new computer tries to access my account. I highly recommend this.

While you are at it, consider other ways your usernames and passwords can be stolen. Here are some possibilities for even a tough password to be hacked:
1) Do you have a good, up-to-date antivirus program, or a few of them (like Microsoft Security Essentials, AVG Free, Malwarebytes, etc.)? If not, you could have a virus or keyboard logger that is reading all the info you type on your computer.
2) On our home network, do you have a “home router” (not just the modem given to you by your Internet Service Provider [ISP])? You need one. And if you have one, make sure you change the administrator password.
3) At home, do you use “unsecured WiFi”? You should use WPA2 encryption on your wireless network at home; otherwise you may have someone eavesdropping on your network communication.
4) If you do WiFi in public locations, there is the possibility all your Internet traffic can be read, even your password. I suggest you use a VPN when entering any passwords or using private accounts in a public location.
5) Never use public computers to check your email; chances are they are infected by viruses or keyloggers; and your email account name and password may very possibly be compromised.

These are some things to consider immediately. However, if you have not looked at and implemented the “Essential Security Measures for Home Computers” that I have suggested at www.ComputerSecurityNW.com, then I suggest you do so. I talk about all these issues there and give details and suggestions for implementing them.
Please let me know if you have questions about any of this or if I can help you further.

Here is a great article that talks about this more in-depth and give some other great ideas: http://www.switched.com/2011/02/24/what-to-do-email-account-hacked/

Other people suggest you actually change your email account. I am not sure if that is necessary if you take all the above measures, but you can read this and consider it for yourself: http://answers.yahoo.com/question/index?qid=20100919082120AAfIHW6

Here is a warning to “Beware of fake Amazon account confirmation emails”: http://www.net-security.org/secworld.php?id=12051
Just a little reminder that you should NEVER click on a link or download a form sent to you via email, no matter how legitimate it may appear! (Even if it IS legitimate!) If you get an email informing you about fantastic news, or dire results, or any other kind of action, that tells you to click on this link, or download this file, etc., Just DON’T do it! Instead, open up a web-browser and go to the website (in question) as you normally would. If there are messages for you, then they will be on that site. You can always contact their support (or send them the email) to ask if it is real. Please ask me if you have questions about this. Cheers! Corey.

There is a huge attack going on right now, affecting hundreds of thousands of websites. When you go to an infected website, you get redirected (I believe via a pop-up window) to a malicious site that tells you that you have malware on your computer and tells you that you can clean it by installing the free antivirus software called Windows Stability Center. If you click on that link, you will infect your system and eventually ask you to purchase other antivirus software.
NEVER click on a link that pops up like this. If you think you might have a virus, close that window and run you well-trusted antivirus software. (Please see my “Essential Security Measures for Home Computers” document if you need help with choosing and antivirus solution. If nothing else, download the free version of Malwarebytes )

Here is a great (and short) little article about a few simple things you can do to help keep your personal information from being stolen as we all prepare to file our taxes. Obviously, your tax return has a lot of personal information on it that could be used to steal your identity. Take a quick look at this article: http://www.net-security.org/secworld.php?id=10837

Hey everyone, did you know that today is World Backup Day? Probably not; it was not that well advertised. However, it is a great reminder that if you don’t have a current backup of your important data (like pictures, documents, emails, financial data, etc. – on your PC or smart phone), then take today to make that copy on a separate device.
If you don’t yet have a backup plan, you can read my document entitled, “A Simple Backup Strategy for Home Computers” or you can look at the official World Backup Day site for some ideas: www.worldbackupday.net
Don’t procrastinate; just do it! Ask me if you need help.

If you have not been receiving UPS notifications, you most likely will be as this one of the latest scam email schemes going around. I have been getting them for the last few days now. See the article link below for more details, but the attachment carries a nasty package of fake antivirus software.
This is a good reminder to be wary of unsolicited emails and always be aware of what you are doing when opening attachments of any kind. Even if you are expecting a package from one of these services, there are a few things in the email that should alert you.
1) The ones I got were sent out to many people in the “To” address line; how could this be if it is personalized for me?
2) No notification service would send out a “.zip” file for you to unzip; they would just give you the info in the body of the email.
3) The “From” address was a little suspicious, even if some of them did come from letters-numbers@ups.com
For more info on this scam: http://www.raymond.cc/blog/archives/2011/03/29/beware-of-fake-ups-dhl-post-express-email-notification/
If you have fallen victim to this scam, please email me for suggestions on how to correct it. Cheers, Corey.

This week I got an email from a friend of mine asking for money since he was stranded overseas because his wallet had been stolen. Although the whole scenario sounded reasonable (I have had friends that this has happened to and this friend does do some traveling), I was skeptical since I knew of this scam. I used a different email address I had for him and confirmed it was indeed a scam. Please see this article about what these scam/spam emails look like and some hints on how to spot the scam: http://www.net-security.org/secworld.php?id=9150

“Millions Continue to Click on Spam” – PLEASE do NOT open spam email; just delete them!! And NEVER purchase something advertised by spam [which won’t happen if you don’t open the email, will it :-) ]. By purchasing something: at worst you are infecting your computer, having your identity stolen, or your bank account tapped into; at best you just made 1 million spam messages worthwhile by funding their efforts. As Yogi Bear :-) said, “Only you can prevent spam“. The following article explains some very alarming statistics, such as, “Even though over 80% of email users are aware of the existence of bots, tens of millions respond to spam in ways that could leave them vulnerable to a malware infection,” but, “less than half of the consumers surveyed saw themselves as the entity who should be most responsible for stopping the spread of viruses.” They rightly state that, “this is a problem because spam is one of the most common vehicles for spreading bots and viruses.” http://www.net-security.org/secworld.php?id=9063

“Hackers steal $50,000, bank refuses to assume responsibility.” The reason the bank refused to refund the money was because their policy stated, “the bank must return the money on such occasions only when it is proven that it is the bank that has been compromised, and not the customer’s computer. The bank says it’s probably through a banking Trojan or keylogger installed on [the] computer that the criminals managed to steal his login credentials.” Follow the suggestions in the document above to make sure YOUR computer is not compromised! http://www.net-security.org/secworld.php?id=8864

Not convinced you need to take serious steps to secure your computer? Take 5 minutes and read this NY Times article, “Hacking for Fun and Profit in China’s Underworld” http://www.nytimes.com/2010/02/02/business/global/02hacker.html Are you on his list of infected computers?