Be safe from online threats! part 1

Many people think that security begins and ends with antivirus software. However, it is not enough. Yes you have to have an antivirus software, but there are cautions you have to take.

So let’s say that you’re running a well-supported, up-to-date security program—whether you use a PC or a Mac. What else do you need to do? Here I will share the steps I teach clients, friends and family members who want to avoid malware, phishing sites, and other online scams.

First of all, you should expect to be attacked if you download porn or pirated software. But just staying out of bad online neighborhoods isn’t sufficient anymore.
These days, threats can come from unexpected places: Google (and Bing) search results, compromised websites, deceptive ads, seemingly innocent downloads. You don’t have to be doing anything out of the ordinary to inadvertently stumble across one of these potential threats.
Their goal is to appear when you don’t expect them and convince you to act hastily. Online criminals often play on fear (your PC or Mac is infected with malware!) or simple social engineering (try these smiley’s! oh, and you need this codec—fake, of course—to play an enticing video clip).

When in doubt, stop. Think. Ask for help. If you’re truly worried, pull the plug on your Internet connection temporarily until you can call a knowledgeable friend or drag the machine in to a specialist for a thorough diagnosis.

You should, of course, have a regular backup routine. Mechanical failures (a crashed hard drive or a dropped notebook) can be even more devastating than a malware attack. With Windows 7, you can use the built-in backup program to save an image backup on an external hard drive; you can do the same thing on a Mac using Time Machine. Restoring a full backup is easy, especially if the alternative is spending hours trying to track down a well-hidden infection.

Virus. What is it?

A virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
A worm is a program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer’s resources and possibly shutting the system down.

Also called adware, spyware is any software that covertly gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.
Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today.

A Trojan horse is a destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

If you have a virus in your computer and need help to destroy it, you do not need to wipe out your computer, just call our specialists at VA Denver Computer Services and they will be happy to help you get rid off virus without deleting any important documents.

E-mail marketer Epsilon reveals client’s email addresses for numerous companies.

As many of you may have already heard, e-mail marketing company Epsilon announced that their servers were compromised and that hackers obtained client’s customer data. This data supposedly only includes customer’s names and email addresses. Many of you may be thinking that it does not affect you as you are not a client of Epsilon, but as the list of companies that are a client of Epsilon grows, there is a good chance that you are a client of at least one of their customers.

The total amount of companies that have been affected is not currently known, but the current list is long. The known companies whose information have been accessed include Barclay USA, Disney Destinations, Capital One, Fry’s, Marriott Rewards, Ritz Carlton, Best Buy Rewards Zone, Walgreens, TiVo, Home Shopping Network, JP Morgan Chase, McKinsey Quarterly, New York & Co., and The Kroger Co. These companies have already started to send out emails to their customers explaining that their information has been accessed and to be wary of any emails from them that request personally identifiable information or financial information.

Now you may be wondering what this means to you? On one hand, it may mean nothing and you have nothing to fear. On the other hand, this information may be used to launch Spear Phishing campaigns against the customers of the companies whose data was stolen. A phishing campaign is one where fake emails that impersonate a company are sent to various emails in order to trick recipients into revealing personally identifiable or financial information. Spear Phishing is different because the targets are highly targetted based upon information that the criminals already know about you. As the hackers already have your name and email, these phishing attempts may be highly specific to you and therefore the emails may seem more believable when you receive them

With this said, if you receive any emails from the above companies, or any other company for that matter, that state that they need you to update your password or provide personal information, please do not do so. Instead go to the companies website and contact them on the phone numbers given there to confirm if the email is legitimate. Do not contact them via any email addresses or phone numbers that may be present in the email as they may be fake. Once you call the companies directly and determine if the information they requested is legitimate, you can then provide whatever information they need over the phone.

www.bleepingcomputer.com

HDD Low virus

HDD Low is a fake computer analysis and optimization program that displays fake information in order to scare you into believing that

there is an issue with your computer. HDD Low is installed via Trojans that display false error messages and security warnings

on the infected computer. These messages will state that there is something wrong with your computer’s hard drive and then

suggests that you download and install a program that can fix the problem. When you click on of these alerts, HDD Low will

automatically be downloaded and installed onto your computer.

Once installed, HDD Low will be configured to start automatically when you login to Windows. Once started, it will display

numerous error messages when you attempt to launch programs or delete files. HDD Low will then prompt you to scan your

computer, which will then find a variety of errors that it states it cannot fix until you purchase the program. When you use

the so-called defragment tool it will state that it needs to run in Safe Mode and then show a fake Safe Mode background that

pretends to defrag your computer. As this program is a scam do not be scared into purchasing the program when you see its alerts.

To further make it seem like your computer is not operating correctly, HDD Low will also make it so that certain folders on your computer display no contents. When opening these folders, such as C:\Windows\System32\ or various drive letters, instead of seeing the normal list of files it will instead display a different folder’s contents or make it appear as if the folder is empty. This is done to make it seem like there is corruption on your hard drive that is causing your files to not be displayed.

HDD Low also attempts to make it so you cannot run any programs on your computer. If you attempt to launch a program it will terminate it and state that the program or hard drive is corrupted. It does this to protect itself from anti-virus programs you may attempt to run and to make your computer unusable so that you will be further tempted to purchase the rogue. The messages that you will see when you attempt run a program are:

Windows detected a hard drive problem.

A hard drive error occurred while starting the application.

Or

Windows cannot find notepad. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.

After you close this alert you will be presented with another alert that pretends to be for a program that will attempt to fix your hard drive.

Fix Disk

Windows Disk Diagnostics will scan the system to identify performance problems.

Start or Cancel

If you press the Start button, it will pretend to scan your computer and then state that there is something wrong with it. This message is:

Windows Disk Diagnostics

Windows detected a hard disk error.

A problem with the hard drive sectors has been detected. It is recommended to download the following sertified <sic> software to fix the detected hard drive problems. Do you want to download recommended software?

These are just further alerts trying to make you think your computer has a serious hard drive problem. It should be noted that if you attempt to run a program enough times it will eventually work.

When you perform the scan or use the fake HDD Low it will state that there are numerous problems on your computer, but that you first need to purchase it before it can fix any of them. Some examples of the fake problems it detects on your computer are:

Requested registry access is not allowed. Registry defragmentation required

Read time of hard drive clusters less than 500 ms

32% of HDD space is unreadable

Bad sectors on hard drive or damaged file allocation table

GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash

Drive C initializing error

Ram Temperature is 83 C. Optimization is required for normal operation.

Hard drive doesn’t respond to system commands

Data Safety Problem. System integrity is at risk.

Registry Error – Critical Error

While HDDLow is running it will also display fake alerts from your Windows taskbar. These alerts are designed to further scare you into thinking that your computer has an imminent hardware failure. The text of some of the alerts you may see include:

Critical Error!

Damaged hard drive clusters detected. Private data is at risk.

Critical Error

Hard Drive not found. Missing hard drive.

Critical Error

RAM memory usage is critically high. RAM memory failure.

Critical Error

Windows can’t find hard disk space. Hard drive error

Critical Error!

Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Critical Error

A critical error has occurred while indexing data stored on hard drive. System restart required.

System Restore

The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Just like the fake corruption messages and fake scan results, these alerts are only designed to scare you into purchasing the program.

As you can see, the warnings issued by this program are all fake, and once you realize that, the alerts become more of a nuisance rather than a concern. Therefore, do not purchase HDDLow for any reason, and if you already have, please contact your credit card company and state that the program is a computer infection and a scam and that you would like to dispute the charge. To remove this infection and related malware, please call our specialists and we will help you.