On-Site Computer Service & Repair – Southeast Wisconsin – Ted E's Computer Services http://www.tecs-onsite.com Mon, 19 Jun 2017 19:55:12 +0000 en-US hourly 1 https://wordpress.org/?v=4.7.8 How to Spot an Email Phishing Scam http://www.tecs-onsite.com/spot-email-phishing-scam/ Thu, 15 Jun 2017 23:38:49 +0000 http://www.tecs-onsite.com/?p=2803
Countless scam emails are being circulated throughout the web everyday in the hopes of catching an unsuspecting victim.  A phishing email is an email message that seeks to obtain important information about you by impersonating a legitimate company, organization or someone familiar to you. 

For example, you may receive an email from Amazon stating that there is a problem with your recent order and you will need to log in to view and resolve the issue.  A link to log in will be provided in the email for your “convenience”, however instead of going to Amazon.com, you are directed to a fake login page where the email scammer can obtain your login credentials, and then ask to verify your credit card number or any other type of valuable information they want from you.

There are a number of tactics these phishing emails use to fool you, however with a bit of knowledge and careful inspection you can learn to identify most common ones and keep your sensitive information out of the wrong hands.  Here are some ways to spot a phishing email:

  1. Email sender and domain are mismatched
    Continuing with our Amazon email example, the email you receive says it’s from Amazon Customer Service, however the email address next to it says help@amzn.biz or some domain that looks similar to but is not amazon.com.  Another tactic is to use the name amazon.com as a child domain to an entirely different parent domain.  A child domain is placed on the left side of a parent domain, so for example amazon.com can be placed on the left side of maliciousdomain.com to form amazon.com.maliciousdomain.com.  Although amazon.com is found in the email domain, it has no relationship to it whatsoever and can mislead you if you don’t look closely at the full address.
  2. Link text in email and link address is mismatched
    A phishing email will often have a link to a open a web address in your browser called a hyperlink.  The link text in the email may say Amazon.com login, which appears to look OK, however the actual address that is linked to the text but not immediately visible may be pointing at amzn.biz.  The way to identify the hyperlink in the email is to hover your mouse pointer over it, which will usually cause the full web address beginning with http:// to appear down at the bottom of the email window or off to the side.  As a general rule of safety, it is best to have a policy of not clicking on links in emails at all, but rather to visit the website manually in your browser if you do believe you have received a legitimate email requiring your attention.
  3. You have no relationship with the sender
    This may sound obvious, but if you haven’t ordered anything from Amazon.com, at least not recently, then clearly the email is a scam.  Phishing attacks count on at least some recipients having a connection with the purported organization which lures them in.
  4. Emails from the government or a financial institution asking for sensitive information
    In general, government agencies and financial institutions do not ask for important information in an email.  For example, phishing emails will often pose as being from the FBI, IRS or your local bank to scare you into thinking it’s serious business that must be attended to.  Such agencies will not use the email system to correspond with you about important matters requiring your immediate attention.  If you are unsure, log into your bank or government website in your web browser the usual way you do to see if there is something important for you to respond to, or contact them directly by telephone and verify whether the email is from them or not.
  5. It just doesn’t look right, or looks too good to be true
    Emails making exaggerated claims such as “You won the lottery!”, or that your grandson is stuck in London without his passport and needs a $2000 money wire immediately should be viewed with suspicion.  Always follow your gut when something doesn’t look right.
  6. Poor spelling and grammar
    Emails from reputable companies and organizations are not going to be laden with spelling and grammatical errors and are an immediate tip off.
  7. Email contains attachments
    An email from a known company or organization will usually not have an attached document unless you specifically requested it from someone.  Never open an email attachment that you aren’t expecting from someone, as many kinds of viruses and malware are circulated this way.

For additional insight and to practice spotting a phishing scam, AVG Technologies posted an exercise on their website called Spot the Scam! , which will help you spot phishing clues in an interactive environment.  Give it a try!

~Ted Eiler

]]>
WannaCrypt Ransomware Infects Thousands of Computers Worldwide http://www.tecs-onsite.com/wannacrypt-ransomware-infects-thousands-computers-worldwide/ Fri, 26 May 2017 13:51:24 +0000 http://www.tecs-onsite.com/?p=2785 ]]> WannaCrypt Ransomware

On the morning of Friday May, 12 2017, a worldwide ransomware cyber attack called WannaCrypt or WannaCry was launched, infecting over 230,000 Windows computers in 150 countries currently to date.  Many corporations and government agencies have been affected, including Britain’s National Health Service and Telefonica of Spain, one of the world’s largest telecom providers. 

Ransomware is a type of malware which locks your PC and/or encrypts your important data files, leaving a note about what has occurred and demanding a payment (ransom) in order to regain access to the computer or decrypt the data files so they can be opened again.

The WannaCrypt ransomware exploits a Windows vulnerability in the SMB protocol (used for network file sharing) called ‘Eternal Blue’, which was discovered by the US National Security Agency and subsequently stolen and leaked out to the public.  The ransomware uses the vulnerability to gain access to the machine, encrypt its files and then leave a ransom note asking for several hundred dollars payable in bitcoin to get the user’s files back.

The ransomware is known to spread by tricking users into opening malicious email attachments or clicking on malicious web links.  It is also actively searching out computers that are susceptible to the Windows vulnerability and may infect a machine without any user interaction.

Fortunately, there are steps that can be taken to prevent WannaCrypt from infecting your computer:

  1. Keep Windows up to date:  Microsoft released a security update MS17-010 in March that addresses the vulnerability that this malware is exploiting.  By default, Windows computers are configured to install updates automatically, so if your computer is actively updating Windows you should already have the patch in place.
  2. Keep your antivirus software up to date:  Many major antivirus programs have been updated to detect and block or remove WannaCrypt.  While most antivirus programs update automatically, you can manually open your antivirus program and check for updates just to be sure.
  3. Don’t open email attachments that you are not expecting or click on links to unfamiliar sites.  Check out my article Tips for Preventing Malware Infection for more info about this topic.
  4. Always have a backup of your important files on a separate device such as a flash drive or external hard drive.  As an added precaution, also have a file backup on a device that is disconnected from your computer, or subscribe to an online backup service such as Carbonite to keep a safe copy of your files offsite.

~Ted Eiler

]]>
FTC Cracks Down on Computer Tech Support Scams http://www.tecs-onsite.com/ftc-cracks-computer-tech-support-scams/ Tue, 16 May 2017 12:27:32 +0000 http://www.tecs-onsite.com/?p=2763

Have you received a phone call recently from a supposed Microsoft tech or seen a pop up message in your internet browser saying that something is seriously wrong with your computer and to immediately call an 800 number for tech support? 

Be assured, Microsoft is not in the business of monitoring and soliciting computer users for tech support services, however a growing number of tech support scammers are aiming to take advantage of less tech savvy people with various scare tactics. 

Their goal often is to get you to allow them remote access into your computer, and after showing you a multitude of bogus critical errors, security risks and/or virus infections, push to sell you a service plan that often costs several hundreds of dollars.

On Friday, May 12, 2017 the Federal Trade Commission announced the roll out of  “Operation Tech Trap” to combat the explosive rise of such computer tech support scams.  Quoting from the FTC’s press release:

 

As part of this coordinated effort, the FTC and its partners are announcing 16 new actions, including complaints, settlements, indictments, and guilty pleas, against deceptive tech support operations. This brings to 29 the number of law enforcement actions brought by Operation Tech Trap partners in the last year to stop tech support scams.

 

While tech support scammers will unfortunately always be a part of our internet culture, recent and forthcoming legal actions taken by the FTC will hopefully deter more would be cyber criminals from engaging in these practices.

 

~Ted Eiler

]]>
Windows Vista Support Ending April 11, 2017 http://www.tecs-onsite.com/windows-vista-support-ending-april-11-2017/ Mon, 03 Apr 2017 20:27:51 +0000 http://www.tecs-onsite.com/?p=2755 windows-vista-logo

Microsoft will be officially ending support for the Windows Vista operating system on April 11, 2017.  After this date Windows updates will cease and Vista will no longer receive security patches and bugfixes.  Microsoft recommends moving to a newer version of Windows to continue to stay secure and up to date.

While in some cases it may be possible to install a current version of Windows on hardware running Windows Vista, it is usually best to upgrade to more up to date hardware along with the operating system, in other words, purchase a new computer.

Please feel free to contact me with any questions or concerns about transitioning from Vista to a new version of Windows.

 

~Ted Eiler

]]>
Reduce Monitor Eye Strain and Sleep Better with f.lux http://www.tecs-onsite.com/reduce-monitor-eye-strain-sleep-better-f-lux/ Mon, 03 Apr 2017 20:12:16 +0000 http://www.tecs-onsite.com/?p=2747

Have you noticed that your computer monitor is bright and readable during daylight hours but intense and overwhelming during night hours? f.lux is a program available on Windows and Mac that adjusts your monitor’s color temperature according to where you live and the time of day. 

A higher color temperature is displayed during the day that is crisp and invigorating like the sun, and a lower color temperature is displayed at night that is more warm and calming like light from a candle or fire seen at night.

The lower color temperature at night is easier on you eyes and also has significantly reduced blue light emission which can actually help you get a better night sleep.  Studies show that blue light exposure close to bedtime can suppress the secretion of melatonin and interfere with sleep patterns.  For more info on this check out this article from Harvard Health Publications: 

http://www.health.harvard.edu/staying-healthy/blue-light-has-a-dark-side

To try out f.lux, all you need to do is download and run the installer found at https://justgetflux.com/ , set your preferred type of day and night lighting, your location, and f.lux will gradually adjust color temperature automatically as time progresses from sunrise to sunset!

 

~Ted Eiler

]]>
Major Windows 10 Update Arriving April 11, 2017 http://www.tecs-onsite.com/major-windows-10-update-arriving-april-11-2017/ Sat, 01 Apr 2017 18:00:23 +0000 http://www.tecs-onsite.com/?p=2717

 

Named the Creators Update, Microsoft is issuing it’s second major update to Windows 10 since it was released in July of 2015. 

Some key new features being added:

  • A tab preview bar in the Microsoft Edge browser that shows thumbnail images of all your open tabs for easy identification. A “set aside tabs” feature is also added to allow you to group tabs that aren’t immediately needed in a list on the side of the browser window to be revisited later.
  • A Game Mode that gives CPU processing priority to a game being playing over other applications running on the system.
  • An upgrade to the Windows Paint program called Paint 3D, which as the name implies adds 3D image manipulation and the ability to convert 2D images to 3D objects.
  • A simplified privacy dashboard that allows you to control whether Windows or apps can track your location or serve targeted ads based on your interests, and other data collection and sharing settings.
  • Virtual Reality headset support
  • An improved Windows Update system that allows you to defer or schedule update installations for a later time, and an expanded active hours window so you don’t get surprised during the work day with an automatic reboot that ties up your machine.  Additionally, Windows 10 is switching to the Universal Update Platform, which will reduce the size of update files and the processing power required to install them.

For additional information on new features being added to Windows 10 in the Creators Update, check out the following article from PCWorld:

http://www.pcworld.com/article/3157039/windows/the-windows-10-creators-updates-best-new-features-dynamic-lock-game-mode-privacy-tweaks-and-more.html

 

~Ted Eiler

]]>
Stop Unwanted Windows 10 Upgrades http://www.tecs-onsite.com/stop-unwanted-windows-10-upgrades/ Wed, 29 Jun 2016 20:52:37 +0000 http://www.tecs-onsite.com/?p=2693

People continue to experience hit and miss success with the free Windows 10 upgrade, often running into problems with certain programs no longer functioning, printers not working, and network file sharing breaking, to name a few.  In some cases the Windows 10 upgrade installs so poorly that the user’s computer becomes non-bootable afterward.  In light of these potential problems, many users are erring on the side of caution and avoiding the upgrade to Windows 10 altogether.

On a mission get users aboard the Windows 10 train, Microsoft has become very aggressive at pushing the Windows 10 upgrade on people by automatically scheduling the free upgrade for the user, who then has to deliberately go into the Get Windows 10 App and cancel the reservation.  To make matters worse, Microsoft has resorted to sneaky tactics whereby clicking on the red “X” which would presumably cancel the automatic reservation actually authorized it!

For those who want to ensure that they do not start their computer one morning only to find out that they have unexpectedly received the free Windows 10 upgrade, I highly recommend a free piece of software that will disable and remove all Windows 10 updates called GWX Control Panel.

The setup and configuration of GWX Control Panel is very straightforward and simple.  First, download and run the installer located here:  

http://ultimateoutsider.com/downloads/GwxControlPanelSetup.exe

Walk through the setup wizard, and after clicking finish the program should open.  Check the box to accept the terms of the agreement then click ‘Continue’.  You will now see a screen that looks something like this:

GWX-pic1
I recommend selecting all of the options outlined here in red:

GWX-pic2
This will disable and remove the Get Windows 10 App and related files and prevent future Windows 10 upgrades.  Enabling the Monitor Mode will inform you if anything Windows 10 related tries to sneak back in your computer in the future.  I recommend leaving “Automatically install Windows Updates?” enabled. 

After all options are selected the program display should look like this:

GWX-pic3
That’s it, you’re done and can rest assured that you will not receive the Windows 10 upgrade without your knowledge or permission!

 

~Ted Eiler

]]>
Common Sense Password Practices http://www.tecs-onsite.com/common-sense-password-practices/ Wed, 29 Jun 2016 19:00:57 +0000 http://www.tecs-onsite.com/?p=2686 password

With all the online hacks and security breaches going on these days, I would like to share a few pointers on what goes into a good strong password.

  • Complexity:  In general I recommend a password that is at least 8 characters, contains a number, an uppercase letter, and a special character such as ! or @ if allowed.  Although common words and names are easy to remember, you want to avoid these and go with a sequence of characters that are more random and obscure.  If you insist on using common words and names for memorability, try replacing letters in the word or name with numbers or special symbols.  For example, you could take the word list and turn it into 1i$t.

  • Uniqueness:  Use a different password for each account you create, that way if one of your accounts ever becomes compromised the hacker will only have access to that one account.
  • Use two-factor authentication:  Two-factor authentication adds another layer of security to an account by requiring something you have (your cellphone etc.) in addition to something you know (your password).  Many sites offer this feature now and can be configured for example to require that you enter a code sent to your cellphone when signing in on a new or different computer.  This way, if your password gets compromised, the hacker still will not be able to sign in as you on their computer (unless they have possession of your cellphone too!).  For convenience sake, you can choose not to require two-factor authentication on your own personal computer(s) going forward after the initial verification.
  • Use a password manager:  If keeping track of a unique password for every online account is too daunting as task, consider using an online password manager that keeps all your login credentials in a secure encrypted vault that is accessible with a master password.  Although making all of your passwords accessible by one master password defeats the uniqueness principle above, some password management services have gone to great lengths to make this method as safe as possible while providing the convenience of only needing to remember one master password.  One such password manager that is highly regarded by security experts is LastPass, which supports two-factor authentication.
  • Periodically change your password:  As passwords can become lost or stolen over time, it is good to periodically change them.  Stanford University recommends that passwords be changed every six months or so for good measure.

 

~Ted Eiler

]]>
Google Chrome Ends Support for Windows Vista and XP in April 2016 http://www.tecs-onsite.com/google-chrome-ends-support-for-windows-vista-and-xp-in-april-2016/ Thu, 03 Mar 2016 17:39:16 +0000 http://www.tecs-onsite.com/?p=2647

Google will stop releasing updates for its Chrome web browser running on the Windows XP and Vista operating system starting April 2016.  Although Microsoft will continue to support and update Windows Vista through April 11, 2017, Google has decided to abandon Chrome support under Vista a year early, focusing its development efforts on more current versions of Windows.

You may continue to use Google Chrome on these platforms after the end of support date, however Chrome will longer receive updates and security fixes and could become more vulnerable to hacks and malware infection over time.  The best recommendation is to move to a newer version of Windows, or if you would like to keep your Windows Vista operating system, switch to using Mozilla Firefox as your web browser, as it is still supported under Vista at this time.

Please feel free to contact me with any questions or concerns about transitioning from Google Chrome to Mozilla Firefox, or to a new version of Windows.

Mozilla Firefox Download Page:  https://www.mozilla.org/en-US/firefox/new/

 

~Ted Eiler

]]>
Should I Install the Windows 10 Upgrade? http://www.tecs-onsite.com/should-i-install-the-windows-10-upgrade/ Mon, 09 Nov 2015 15:01:00 +0000 http://www.tecs-onsite.com/?p=2612 Windows 10

While features such as the return of the Windows start menu and the Cortana personal assistant sound great, upgrading your Windows 7 or 8 machine to Windows 10 may not be the best idea at this time.

I have received a number of phone calls recently from people who performed the free Windows 10 upgrade and ran into all kinds of problems, including system freezes and lockups and in some cases Windows became completely non bootable.

Microsoft does give you a 30 day window of time to decide whether of not you want to keep Windows 10, and if not, you can roll back to the previous version of Windows you had.  In many cases however the rollback feature can fail to run correctly, requiring a backup and clean re-installation of the original operating system and all programs.

In general I recommend waiting at least a good six months before jumping into a major new version of Windows, as a lot of major bugs and issues tend to surface early in its release which will be addressed over time with updates and Service Packs.

~Ted Eiler

]]>