Windows Ransomware Attack Underway

Patch Available for Ransomware Attack

microsoft icon

You are going to want to cry–unless you make sure you are protected

WannaCry Ransomware

Wordfence security software has announced they have confirmed a serious virus called  WannaCrypt0r/WannaCry has affected Windows computers. Reputed to affect computers on shared networks, the virus has been reported in at least 74 countries worldwide.

According to Kaspersky Lab there have been more than 57,000 individual instances reported to date. And that number is growing rapidly.

Once one computer on a network is affected, the malware infection easily spreads to other Windows computers on the same network, shutting down entire government agencies and national infrastructure companies. Hospitals across the UK were being forced to divert patients and ambulance routes as of Friday afternoon, and several utility companies across Europe reported infection across their computer networks according to BBC News.

This virus is of the type known as ransomware.

Why ransomware? Because it will take over your computer, completely locking it down. You can’t access anything. Then a pop-up screen appears, announcing that you can liberate your device by paying them for a special tool or decryption device.

Is Your Windows Computer Safe from this Ransomware Attack or Infected?

Clearly, if you see the ransom notice on your computer, then you have been compromised.

However, experts don’t yet know how long the virus may be resident on your computer BEFORE it actually takes over and locks up your system.

Have you accessed a public network with your computer? If you took your laptop to a cafe, used it at another place of business, for example, they you may have received the infection.

microsoft building ransomware attack response

The Good News

Microsoft has been aware of this vulnerability and released a fix back on March 14th for Windows. If you have automatic updates enabled, you should be fine.

If you don’t have updates automatically, be sure to check to see that you have the latest release.

Click to read more about Microsoft’s take on ransomware attacks.

There are older versions of Windows, (XP, for example) that are no longer supported by Microsoft. These did not receive the security update–although there are reports that Microsoft is changing that policy and may issue, or may have already issued a patch for these users as well.


This report is courtesy of our friends at Wordfence.com, to read more about this specific attack, please read their May 12, 2017 blog post.

Kaspersky Lab is a  multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia and operated by a holding company in the United Kingdom.

Learn more about internet security and keeping your online business safe.

Banner Ad Scams Too Good To Be True

Banner Ad ScamsIf you have a website or blog you have probably been hit up by “professionals” who are interested in “helping you” in a variety of ways. Sadly, many of these so-called pros are actually out to scam you. They may be after your money or they may be looking to infect your computer or your website with malware.

I am not an IT expert, I know enough about my computer and coding to get the job done–most of the time. I do have a good sense when something feels squirrelly. One of my sites was hacked once and I can tell you from personal experience that it was a royal PIA to get it cleaned up. Frankly, I don’t understand how people get their jollies this way–that site was not making any money, so it certainly wasn’t to make financial gain!

I digress…as I so often do 😉

The latest came through my contact form. The good news is that I can safely read the messages from my contact form. The other good news is that I was smart enough, awake enough, alert to the possibility enough (you choose the descriptor you think is right) to NOT click on the link.

Whenever I have a question about if something is legitimate I do a simple Google search. And guess what I found this time? Yep, lots of people are reporting this scam.

Here is the content of the message I got (please do not go to the URL listed–I have definitely NOT activated the link, but want you to be able to see the full scam)

Subject:     Contact Form Results
From:    Josephine Bergson <josephine.bergson@lltconsulting.net

Josephine Bergson wrote:
Hello!

My name is Josephine Bergson representing the advertising department of the LLT
Consulting company. We are interested to place ads (banners), of your choice, on
your websites.

Design and sizes can be seen on our website at www.lltconsulting.net/id_fvo24fca/
Depending on the banner size you choose we can pay up to $950.00/month.

If you are interested to become an advertising partner please let me hear from you.

Kind Regards,
Josephine Bergson
josephine.bergson@lltconsulting.net

Website:
IP: 209.222.26.85

Sounds great, doesn’t it? Too good to be true? That’s because it is!

This might be a great deal, but one of the flags is the dollar amount the are “offering”…but you don’t have to just take my word for it.

Read what a couple IT/high tech guys have to say about this scam (this links ARE active and click away!)

Michael Sheehan AKA HighTechDad: http://www.hightechdad.com/2015/01/22/blogger-warning-llt-consulting-banner-ad-scam/

and Len at Telapost: http://www.telapost.com/bloggers-scam/

Both these guys give good hints on how to determine if what you are being offered is spam. I love this part, do a simple “who is” search and “if the domain is new, registered to a funny name, in a foreign country, renewed recently, and does not belong to a legitimate sounding company you can be sure that the email has ill intentions.” (Thanks Len for that quote).

Also, be realistic, not greedy. If your site doesn’t get significant traffic (yet) then you probably won’t be getting these kinds of offers. If the money seems to good to be true, it probably is.

Clicking on links can load your computer with a malware or trojan. Len stated that he believes this single scam has affected hundreds of machines or more already. If you are one of the unfortunates who did click the link, check these guys out for suggestions on how to clean your machine.

To your successful online business–and pooh on scammers!

Bit of Delicious Links Social Media Disaster for Local Businesses

Social media tip for local businesses: Google declares twDeliciouso sites contain malware, using them can result in YOUR site being blocked. Reconsider your links, on your site and also what you use in your social media campaigns.

While Google is not the only search engine around, it still is the kingpin. And what Google wants, Google gets. Or rather, what Google doesn’t want, Google slaps. This is an important social media tip for local businesses to keep in mind.

Case in point, this weekend two popular sites were blacklisted by Google.

In order to “protect” us, Google often declares that sites are malicious. This may or may not be true, but that is actually beside the point. Once blacklisted, sites will be flagged as contained Malware–especially if you (or your potential customers) use the Google owned Chrome browser.

According to Google’s Safe Browsing page on del.icio.us:

Of the 370 pages we tested on the site over the past 90 days, 69 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-10-26, and the last time suspicious content was found on this site was on 2014-10-26.

Malicious software includes 17 trojan(s), 14 scripting exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine

If you want to know more details about the most recent blacklist, read this article on WordFence: http://www.wordfence.com/blog/2014/10/a-malicious-del-icio-us/

A general rule of thumb is don’t click on a link you don’t know. If you use a link shortener (like bit.ly, which was also blacklisted, albeit temporarily) you may want to reconsider. If you use Twitter a lot for your business you may want/need to use the shorteners in order to not exceed the character limitations, but still it is good to keep in mind that many people will not click a link they can not read.

 

Facebook Dangers to Avoid

Facebook is a wonderful tool, but unfortunately there are people out there who are abusing it–and you can create SPAM and spread viruses if you are not aware of some of the issues that are going on. Wording on these posts varies…but when in doubt, don’t click it!

Recent developments to be aware of:

Private photos

There is a post that is circulating that claims your private photos are actually owned by Facebook and are being used in advertisements without your permission. Generally the post gives instructions on how to change your settings to prevent this.

First Facebook does not claim to own your photos and Facebook is not putting your private photos on ads without your permission.  It is possible that other people who are “friends” may be using your photos. Sure, you can make your photos “private” but the truth is, if a photo is in cyber-space (www. or mobile) it is never truly private.

BTW, this is an old post that has been circulating since 2009!

Bottom line: don’t put photos up on the internet that you wouldn’t want your mother/grandmother/daughter/boyfriend/husband/minister/boss/etc to see.

I Have Hacked–Check it Out

Don’t click the link and don’t approve the application and do not reply to the message. Instead let the person know they have an infected account by posting a (brand new) message on their wall. Let them know they are infected and they should remove the app and change their password.

Stik.com and BranchOut

These are SPAM application that look real, but that you should consider infections. The message will ask you to help them spread their profile or reputation or something similar.

If you get messages like these, do not click the Recommend button, do not visit your friend’s profile through that message.

Again, let your friend know by posting a NEW message on their wall that they have been infected, they should remove the app and change their password.

See What You Look Like When You’re Old

Some of us are old enough that there is no appeal to this sort of scam 😉 but this is an infection app. Do not click the link, don’t approve the application.

Once again, let your friend know by posting a NEW message on their wall that they have been infected, they should remove the app and change their password.

The best Facebook policy is to be safe rather than sorry. If you receive something that seems out of character from someone, go directly to their profile page (not through a link) and ask them if they actually sent a message out. If they have not, they will thank you for alerting them that they have been hacked.

If you find that you have been hacked, remove any applications that you recently allowed, change your password, and let your friends know to NOT click on the links that might have gone out.

Don’t let this keep you from enjoying Facebook for personal or business reasons! You just have to be smart about how you use it.

And it is better to wait before clicking unless it is an application that you are 100% confident in.

eMail Safety Tips for Local Businesses and Their Customers

Anyone with an email account, local businesses and your customers, is subject to a variety of email nuisances.

We’re all familiar with SPAM, those unwanted emails that arrive in your inbox and can take up your valuable time.

Other people seem to get their kicks out of spreading viruses and they can do this through attachments that when opened infect your computer.

Even worse than that are those nefarious folks who are goin’ Phishing.

Phishing is when someone sends an email that asks for personal information like financial or account information or personal details like birthdate or social security number. What makes Phishing so bad is that often these people are posing as reputable companies or even friends, which often leads people to think it is safe to respond.

If you get a request via email for any vital information, including passwords, account numbers or security questions do not respond and certainly do not provide private information. Anyone who actually SHOULD have that information will have it.

Sometimes the Phishing expedition is even more sly than that and they will actually not request information but include a link to their store or corporate website. If you click on that link you would then be redirected to a site where they can capture your keystrokes or gather information without your even realizing it.

Recently Facebook users were finding their accounts hacked and their photos placed on X-rated sites. The users had responded to a “friend” either on Facebook or via email who asked for private information.

If you receive an email that seems odd from a friend, family member or business that you frequent contact that person/business. If they have been hacked they will appreciate the heads up. But do not contact them by clicking “reply” instead give them a call or contact them through their official website, Facebook page or Twitter account–some alternate method you have to reach them.

Suspicious emails may be reported to the local Better Business Bureau (BBB) or www.ic3.gov

This can happen to anyone--a recent breach in the Epsilon database has affected customer records for numerous financial institutions and shopping sites including:  BJ’s, Barclays Bank of Delaware, Best Buy, Brookstone, Capital One, Chase, Citi, Disney Destinations, Home Shopping Network, JPMorgan Chase, Kroger (that’s King Soopers here in Colorado), LL Bean, Marriott Rewards, McKinsey & Co., New York & Co, Ritz-Carton Rewards, The College Board, TiVo, US Bank, Walgreens.

Defense Strategies:

Update your spyware, virus protection and spam filters and keep them current. This will help prevent these emails from getting through.

Back up your computer regularly. This is great protection for a lot of reasons, but one of them is that if you are the unfortunate victim of a computer hack you are better able to get your system back up and running quickly–an important point for businesses and home users.

Social Media Managers can clean up your email inbox to help keep your email safe. Not only will the SMM will get rid of SPAM for you, he/she will also be sure the most urgent emails are flagged for your attention. You can work with the SMM to set up procedures on how some emails are handled so you may be able to offload some correspondence and customer service issues to your SMM saving you a lot of time.

Summary of Best eMail Safety Tips:

  • Don’t click on links in emaileven if it appears to be coming from a reputable company. Instead use your search engine (Google, Bing, Yahoo, etc) and contact the company that way.
  • Never provide passwords, social security numbers, account details or birthdates to people via email.
  • Don’t open attachments in email unless you are sure the email is real. If a friend never sends attachments be wary if you get one!
  • Report suspicious emails.
  • Keep spyware, virus protection and spam filters up to date
  • Back up your systems regularly.