Category Archives: Computer Security

3 things to think about before you’re scammed

It’s easy to say ‘just hang up’ when you get a phone call from a company or a person saying there’s a problem with your computer. It may be that you are having problems and here’s someone who can help, or you’re being given a sales pitch which sounds inviting. Here are three things to think about before you’re scammed.

  1. How did the person get your number?

Your phone has probably been generated randomly by the person calling you. Even if you have caller display, the caller’s number can be ‘spoofed’ and can appear to be from the UK. If the caller really wants to speak to you, they’ll leave a message.

  1. So long as you have up-to-date internet security on your computer, it is very unlikely that anyone can ‘know’ what state your computer is in.

Computers running Windows 10 are much safer than ever before, but additional internet security is always a good idea. Apple users are the safest online users. But never be complacent.

Unless you’ve ignored warnings from your computer to stay away from a website you’ve come across or you’ve ignored warnings about downloading new software from the internet, it is very unlikely you’ll be tracked by a potential scammer. Windows 10 and Apple OS will automatically update its own software and the apps you have installed. If you’re unsure of requests to update, then decline the request.

  1. Unless you give explicit permission, it is virtually impossible for anyone to access your computer.

Computers are designed to be accessed remotely. In other words, someone can look at your computer from down the street or from the other side of the world and see what you’re doing, if you need help. I have worked with customers remotely, but only with their permission. You have to give explicit permission for this to happen, usually by giving them an access code and sometimes a temporary password. If you’ve followed the advice in step 2, the person will have to ask for the code. And hopefully, alarm bells will be ringing if you’ve got to this stage. Don’t be frightened to end the call at any time.

So ‘just hang up’ is good advice and I know lots of people who do just that, usually because they’re annoyed at being interrupted in the first place. Some folk even reply saying something that’s probably not repeatable here. So stick to that and be assured if you’ve followed steps 2 and 3 that only you can see what’s happening on your computer. And if you do need help, give us a bell.

Scam, scam, scam, scam and more scams

Scams come in various forms but are different methods used by criminals to get you to part with personal information or your money and are full of pitfalls for the less tech-savvy amongst us.

The latest email scam I’ve come across relies on your familiarity with the sender. We’ve all had messages from HSBC, Lloyds or RBS and wondered why a bank who you don’t have an account with is sending you messages. So they’re easy to delete, whether you know they’re a scam or not. Well they are, so delete, delete, delete.

But now emails purporting to come from BT (how many of us either have a BT landline or use them for broadband) asking you to reply confirming your personal details and in some cases, your email password. Never under any circumstances reply to emails like this and certainly never hand on your personal details. BT would never contact you in this way and would never ask for such information. Replying to an email like this only confirms to the scammer that your email address exists. Your address will then be used to send out the same sort of scam email that you received in the first place to thousands if not millions of other people. What will probably happen, is that your email account will be suspended by your provider – and it’s a bit of a nightmare to get it back. So keep your wits about you when handling your emails.

I’ve written before about those phone calls from ‘Microsoft’ or ‘Windows’ telling you that you have a problem with your computer. These people are becoming very clever – and very persistent. Now there are reports of calls coming from BT telling you that you haven’t paid your bill and you’ll be cut off if you don’t pay it there and then. Don’t start a conversation with the caller, it only encourages them. Just hang up and don’t answer the phone for the next hour.

Most of us have an answering service, so why not make more use of it? If a friend or family member wants to talk to you, they’ll leave a message if it’s important. Otherwise, if it’s a scam phone call they’ll ring off if you don’t answer. Gone are the days when we felt we had to answer a ringing phone – just let it ring and if someone really wants to speak to you, they’ll leave a message.

Please feel free to leave a comment.

More on Java and other updates

You may remember that I mentioned security flaws related to Java in a recent blog (Do you really need Java? – 17 Sept 2012). Well a report from Kaspersky, the security giant, details that Java is now the number one attack target, accounting for more than half of all malware exploit attempts. In other words, hackers are using the flaws in Java the most, to gain access to people’s computers.

Kaspersky doesn’t give any firm figures, but I’m assuming we’re talking significant numbers. According to Java, it is installed on 1.1 billion computers around the world. So rich pickings for hackers. Number two in the attack list is Adobe Reader.

According to W3Tech 0.2% of websites use Java. That’s 2 in every 1000. Confusingly, Java is not the same as Javascript which is used by 92% of websites. Websites that offer you the chance to book seats (say at a theatre or on a train), games sites, some learning sites which use animation all require Java. If you use OpenOffice or LibreOffice, or Adobe Creative Suite, then you’ll need Java.

In my recent posting I suggested that you could keep Java (in case you came a across a site that worked better with it) and change the update frequency, with the thought that Java would take these security flaws seriously and issue updates more regularly until it was fixed. The Kaspersky report is dated late October and implies that Java is not playing its part.

You have to make a decision. If any of the above apply to you, don’t ignore Java updates. But, if you are in the habit of ignoring requests from Java to update itself, then I suggest you uninstall it altogether. Far better ridding yourself of it, than hanging on to a version that is out of date. To uninstall Java:

  1. Go to the Control Panel through the Start menu
  2. Click Add/Remove Programs (in Windows XP) or
  3. Programs and Features in (Windows Vista and 7)
  4. Click the Java entry followed by the Install button the toolbar
  5. Follow the instructions on the screen
  6. Repeat for any reference to Java in the list.

If you then come a cross a webpage that requires Java for the page to work properly, then install it again and if the service that webpage is offering will be useful to you in the future, then make sure you don’t ignore Java update requests.

Adobe Reader, not surprisingly, is the number two target. I travel around and see a lot of different computers in a week, and frequently the session is preceded, or interrupted by a request to update Adobe Reader (and Java, for that matter). Too many people ignore these requests either because they think they have to pay something, don’t know what it means, or don’t have the time.

Think about it. An update request is coming from a program or feature that is already in use on your computer. The program’s engineers have developed a better way to run the program, or more likely have discovered a security flaw which can be exploited by hackers and have issued a patch (to use the jargon) to repair the flaw. The fact that a patch has been issued means that the hacker can then work out where the flaw is and exploit it on any computer that hasn’t applied the patch. So if you ignore update requests you are running software that is vulnerable. No matter how good your anti-virus and anti-malware protection is, your system is potentially open to attack.

Updating Adobe Reader is even easier than updating Java. Just don’t put it off. Adobe Reader is needed in lots of instances when you’re on the internet, so don’t uninstall it. It would be too inconvenient to be without it. Just keep it update.

What we need from companies like Java and Adobe is updates that are handled automatically (as Windows updates are) by default, without us having to intervene. Out of date software is like a free meal to hackers. So why not withdraw the invitation?

This article applies to Windows users, but if you’re using an Android smartphone and have Adobe Reader installed on it, this article applies to you too.

Please feel free to leave a comment.

Upgrade to AVG 2013 Free

AVG released the 2013 upgrade of its free version about a month ago. Most users will have been asked to upgrade by the software itself. Some people go ahead and complete the process without any problems, while many other ignore the request in the hope that it will either go away, or that they’ll get around to somehow.

Upgrading, as opposed to the regular updating that AVG does on its own, is very important because by ignoring it you will eventually be left with an out of date version which will be pretty useless at doing what it was originally designed to do – protect your computer from viruses and malware.

So for those of you who have continued to use the older version on a wing and a prayer, here are the few steps you need to follow:

  1. Click on this link to go to the AVG download page on the cnet.com site.
  2. Click the green Download Now button.
  3. Click the Run button  at the foot of the screen if you’re using Internet Explorer.
  4. Firefox and Chrome users download settings work. In Firefox, double-click the file once you’ve downloaded it. In Chrome, once the file has been downloaded you get the chance to click on a link at the foot of the screen.
  5. Follow the instructions on the screen.
  6. Remember to stick to the basic protection offer, avoiding anything to do with the a free trial.
  7. Sit back and wait for the installation to complete. This may take a few minutes depending on your computer. If you mess up, you can always start again, by clicking the Cancel button in the Installation window.
  8. Click the Finish button when it appears.

Don’t forget to pat yourself on the back and congratulate yourself for taking control of a vital piece of software on your system.