David Snell

Security Alert – WannaCry Ransomware

WannaCrypt Ransomware, also known by the names WannaCry, WanaCrypt0r or Wcrypt is a ransomware which targets Windows operating systems. Discovered on 12th May 2017, WannaCrypt was used in a large Cyber-attack and has since infected more than 230,000 Windows PCs in 190 countries.

wannacry

How does WannaCrypt ransomware get into your computer?

As evident from its worldwide attacks, WannaCrypt first gains access to the computer system via an email attachment and thereafter can spread rapidly through LAN. The ransomware can encrypt your systems hard disk and attempts to exploit the SMB vulnerability to spread to random computers on the Internet via TCP port and between computers on the same network.

Our Immediate Recommendations are to AVOID clicking on any attachments sent to you via Email. EVEN IF THEY APPEAR TO BE LEGITIMATE!

Although the first wave of this Ransomware was stopped we are already seeing new variations if it hitting computers around the world. Finally – If you see the message as shown in this email blast, it’s already too late for you – IMMEDIATEL SHUT DOWN YOUR COMPUTER and call support.

ACTSmart Support Team

Is A Video Phone On Your Tech Wish List?

The new Amazon Echo, now with a 7-inch touchscreen, could be officially announced as early as this morning (Tuesday May 9th, 2017) according to The Wall Street Journal. The device will support video calling as its new premier feature in addition to Alexa’s current plethora of “skills” and compatibility with smart home gadgets and popular services. It will also be able to place phone calls in a manner similar to Microsoft’s Skype.

The Wall Street Journal believes that Amazon will price its latest Echo at more than $200. The regular Echo speaker, first introduced in late 2014, currently sells for $149, with the Echo Tap and Echo Dot devices beneath it at lower price points. Amazon’s employees have been testing the new product for several months, and it’s expected to ship sometime in June. Images of the device first surfaced on Friday.

Calling features in the new Echo could be rolled out “in stages,” the report notes. Amazon is said to be experimenting with intercom capabilities between the various Echo products in a consumer’s home, for example. That would partially mimic the functionality of some third-party products like the Nucleus, which also supports Amazon’s Alexa platform. Recode previously reported on Amazon’s plans to turn the Echo into a phone.

Amazon’s flagship Echo is also likely to support “at least some” of the features offered by the Echo Look, a camera that can help users make fashion and outfit choices with the assistance of artificial intelligence. That product is currently available on an invite-only basis, whereas this new Echo will undoubtedly see a huge marketing push by Amazon. You can put an Echo speaker in every room of your house, but this is going to be the experience’s centerpiece. As Amazon’s tech rivals including Google and Apple try to play catchup at building a voice-controlled speaker “assistant,” the company is already moving on to the next piece of its Alexa strategy.

It’s been rumored for a while now that Amazon is working on a touchscreen version of the Echo speaker, and today we’re finally getting some evidence and a sense of what it might look like.

 

Another Possible Facebook Identity Theft Scam

Be careful posting about the 10 concerts you’ve attended. Before you join in with the social media crowd and let everyone know about the first concert you attended, you might want to think twice — hackers would love to have this information.

This past week, one of the most popular Facebook posts had people asking friends to figure out which of 10 concerts they didn’t really attend — and their answers have often been accompanied by a comment noting the first concert they ever attended. This is a common security question — along with the name of the street you grew up on or your first job — and it’s the sort of information that hackers can use to break into your online ID.

The best advice in this type of scenario is to ignore the game and not to answer those questions, just delete the concert posts or set them to private. Don’t make those kinds of answers about your life public. It’s just not worth it.

This particular Facebook game probably started as good-natured fun but as it grew in popularity, it signaled hackers that good, readily available online information was there for the plucking.

This type of exposure calls into question the still popular use of security questions, which are most often used by banks and other financial institutions to guarantee your identity.

A common bank security question asks your mother’s maiden name. As an alternative, use a password application to generate secure passwords comprised of numbers, letters and symbols that would make no sense to anyone, and store them within your chosen password manager. These types of passwords will never be guessed by anyone so it better protects your online identity.

Another Facebook user says he deals with security questions by answering them with lies. “First kiss: Farrah Fawcett”, “Favorite Color: polka dot”, Street You Grew Up On: banana”, “Mother’s maiden name: thermostat.”

The only challenge with this solution is remembering all your “little lies” if the time comes and you need to have your password sent to you.

Take our advice and just say no. Don’t get caught up in the ever changing Facebook game of the week.

Chrome and Firefox Phishing Attack

Very important for anyone using Chrome or Firefox as their primary Internet browser!

There is a new phishing attack that is receiving a lot of attention today in the security community. This new attack is capable of using domain names that are identical to known safe websites.

As a reminder:

A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on the link because it appears to be a trusted site. Simply visiting the website may infect your computer or you may be tricked into signing into the malicious site with credentials from a site you trust. The attacker then has access to your username, password and any other sensitive information they can trick you into providing.

This variant of a phishing attack uses unicode to register domains that look identical to real domains. These fake domains can be used in phishing attacks to fool users into signing into a fake website, thereby handing over their login credentials to an attacker. This affects the current version of Chrome browser, which is version 57.0.2987 and the current version of Firefox, which is version 52.0.2. This does not affect Internet Explorer, Microsoft Edge or Safari browsers.

What Can You Do?

Currently we are not aware of a manual fix in Chrome for this. Chrome have already released a fix in their ‘Canary’ release, which is their test release. This release should be available to the general public within the next few days

For Firefox, do this:

In your firefox location bar, type ‘about:config’ without the quotes.

Do a search for ‘punycode’ without quotes.

You should see a parameter titled: network.IDN_show_punycode

Change the value from false to true.

Unfortunately this attack makes it impossible to tell if you are on a safe site or a malicious site by looking at the location bar in your browser. Until Firefox and Chrome fix their vulnerabilities you need to be very ever vigilant. Please manually check for your chosen browser updates until this is resolved.

Wordfence security has published a public service announcement that provides a working demonstration using a health care website. They also let you know how to fix the issue if you use Firefox and what to do if you are using Google Chrome.

You can find the full post on their blog…

https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/?utm_source=list&utm_medium=email&utm_campaign=041417

 

Are RoboCalls Taking Their Toll On You?

If you’re like most people, you happily answer your home phone hoping perhaps it’s a friend or family member only to hear seconds of silence…. before you realize your mistake.

Few things can be more annoying than answering the phone while you’re in the middle of something — and then being greeted by a recording or perhaps a sales person trying their best to sell you something you don’t want or need.

The FCC says, If you receive a robocall trying to sell you something (and you haven’t given the caller your written permission), it’s an illegal call. You should hang up. Then, file a complaint with the FTC and the National Do Not Call Registry.

I’m all for following the FCC’s directions but if I followed their reporting steps for every unwanted robocall, I’d be spending all my free time filling out reports and forms trying to stop something I never opted in for in the first place.

Now there’s another way to try and beat these callers. Say hello to NoMoRobo!

How does Nomorobo work? Nomorobo uses a feature known as “Simultaneous Ring”.  When simultaneous ring is enabled, your phone will ring on more than one number at the same time. The first device to pick it up gets the call and the other phones stop ringing.

So, when the Nomorobo number is enabled as a simultaneous ring number it is the first number to screen the call. If it’s a legitimate call, the call goes through to your number. If the call is an illegal robocaller, Nomorobo intercepts the call and hangs up for you. Your phone will ring once letting you know that the robocall has been answered and stopped.

WHAT HAPPENS WHEN NOMOROBO BLOCKS A CALL? When NoMoRobo blocks a call it gives them a message saying we have blocked the call. The message requests that the caller re-enter the phone number of the person they are calling. If by chance a legitimate caller gets stopped they will know the number to enter. RoboCalls and RoboSales people have no idea what number was dialed so they can’t respond and they get disconnected.

WHO CAN USE NOMOROBO? The NoMoRobo service works with phone lines provided by Verizon FIOS, Comcast Xfinity, AT&T, Vonage Time Warner and a host or other landline providers.

WHAT DOES NOMOROBO COST The best thing about NoMoRobo is that the service is absolutely FREE for landlines. This makes it pretty much a no brainer for many of us. They also have a version that works on mobile phones as well which only cost $1.99 per month. If you have one of those phone plans that charge for minutes, then this $1.99 could save you money if you get numerous RoBoCalls on your cell. I’ve just started getting these unwanted calls on my cell recently and it seems they are becoming much more frequent as time goes by.

For more information and to sign up for either the free or paid service here’s the link to their site: www.NoMoRobo.com

I’ve only just signed up so my “first hand” experience is limited. There are other Call Blocker technologies out there but they all cost some amount of money. NoMoRobo is the only FREE service currently available.

Landmark FCC Privacy Rule Reversed

Internet providers now just need a signature from President Trump before they’re free to take, share, and even sell your web browsing history without your permission.

The House of Representatives passed a resolution last Thursday overturning an Obama-era FCC rule that required internet providers to get customers’ permission before sharing their browsing history with other companies. The rules also required internet providers to protect that data from hackers and inform customers of any breaches.

The resolution was first passed by the Senate last week and now heads to the president, who’s expected to sign it. At that point, there’ll only be a vague baseline of privacy rules governing internet providers and some promises from them not to misbehave.

It’s hard to see this as anything but a major loss for consumers.
While reversing the FCC’s privacy rules will technically just maintain the status quo — internet providers have actually been able to sell our web browsing data forever (it’s just not a thing we think about all that much) — they were about to lose permission to keep doing it, unless they got explicit consent or anonymized the info.

This is an increasingly important issue as Americans spend more and more time online — and keep more and more devices with us at all times. Internet providers can see what sites you visit and what apps you use, and they can see how long you’re using them for. That information is extremely revealing, and it’s easy to imagine most people would prefer to keep their reading habits private.

So why did Congress block the rules from being implemented?
Republicans bought into internet providers’ arguments that the rules discriminated against them and could confuse consumers. The rules would prevent internet providers from selling your web browsing history even though, the argument goes, websites like Google and Facebook would remain free to do the same thing. ISPs say that’s unfair and makes it hard for consumers to understand who gets to see their browsing data.

Internet providers want to pretend they’re just like Google and Facebook
But the argument is extremely misleading, if not outright wrong: Google and Facebook can’t see your web browsing history, they can only see what you click on while you’re on their own websites or on websites connected to their ad networks. Meanwhile, internet providers get to see a bit of nearly everything you do and visit; and even with the rules in place, they have every right to build the kind of ad-tracking websites that Google and Facebook have built. It’s just hard work, and they don’t want to do it.

Here’s a link to more information as well as a list of the 265 members of congress who sold us out to ISP’s and how much it cost to buy them.

http://www.theverge.com/2017/3/29/15100620/congress-fcc-isp-web-browsing-privacy-fire-sale

It’s important to note that the communications industry has always been one of the largest lobbying groups in US history; internet providers and the telephone companies before them were notorious for spreading wealth across the aisle.

Special thanks for background info from THEVERGE.COM – one of our favorite information resources.

Don’t say ‘Yes’ when robocall scam rings

A new report on the say “Yes” telephone call scam we talked about back on February 6th.

Anyone who still has a traditional home phone (myself included) dreads those irritating robocalls. As part of the latest scam, the caller, instead of mentioning who they are, simply asks “Can you hear me?” That seemingly innocent question could be a sign that a scammer is on the other end of the line.

The Federal Communications Commission issued a consumer alert against just such scammers yesterday, Monday, March 27, 2017. When you reply and say, “Yes,” that you can hear the scammer, your reply is recorded and used to authorize fraudulent charges via telephone on the victim’s utility or credit card account, the FCC says.

The scam must be much more prevalent, based on complaints the agency has received and from news reports across the U.S. The fraudulent callers may even try to impersonate familiar organizations to get you to answer and talk.

“Robocalls are the number one consumer complaint to the FCC from the public. And it’s no wonder: Every month, U.S. consumers are bombarded by an estimated 2.4 billion robocalls,” said FCC Chairman Ajit Pai last week at the agency’s March meeting, during which the commission voted to begin a rulemaking process to eliminate robocalls. “Not only are unwanted robocalls intrusive and irritating, but they are also frequently employed to scam our most vulnerable populations, like elderly Americans, out of their hard-earned dollars.”

What should you do?
According to the FCC, if you receive this type of call, immediately hang up. If you have already responded to this type of call, review all of your statements such as those from your bank, credit card lender, or telephone company for unauthorized charges. If you notice unauthorized charges on these and other types of statements, you have likely been a victim of “cramming”.

Anyone who believes they have been targeted by this scam should immediately report the incident to the Better Business Bureau’s Scam Tracker and to the FCC Consumer Help Center.

Now back to my thoughts on this “Scam”…
At first glance, this warning sounded reasonably valid: major news outlets covered it as recently as last night on the 6:00 ABC news hour. But just because the media is running around reporting that the sky is falling doesn’t mean you have to duck for cover. A closer examination of the purported scam reveals some questionable elements.

First, we’ve yet to identify any scenario under which a scammer could authorize charges in another person’s name simply by possessing a voice recording of that person saying “yes,” without also already possessing a good deal of personal and account information for that individual, and without being able to reproduce any other form of verbal response from that person.

Moreover, even if such a scenario existed, it’s hard to imagine why scammers would need to utilize an actual audio recording of the victim’s repeating the word “yes” rather than simply providing that response themselves. As far as we know, phone companies, utilities, and credit card issuers don’t maintain databases of voice recordings of their customers and use them to perform real-time audio matching to verify identities during customer service calls.

So – once again, I believe the media is simply reporting on something they found on the wire without doing any due diligence as to the authenticity of the scam. Even though the FCC has issued an alert – it’s not backed up by any concrete, documented evidence of people actually getting scammed. It’s simply the result of people reporting that they got the “Can You Hear Me” phone call and are worried about what to do next. To answer that question, the FCC has provided the following information.

Directly from the FCC website (web link below)
Consumers should always be on alert for telephone scams. The following tips can help ward off unwanted calls and scams:

• Don’t answer calls from unknown numbers. Let them go to voicemail.

• If you answer and the caller (often a recording) asks you to hit a button to stop receiving calls, just hang up. Scammers often use these tricks to identify, and then target, live respondents.

• If you receive a scam call, write down the number and file a complaint with the FCC so we can help identify and take appropriate action to help consumers targeted by illegal callers.

• Ask your phone service provider if it offers a robocall blocking service. If not, encourage your provider to offer one. You can also visit the FCC’s website for information and resources on available robocall blocking tools to help reduce unwanted calls.

• Consider registering all of your telephone numbers in the National Do Not Call Registry.

Better Business Bureau Scam Tracker:
https://www.bbb.org/scamtracker/us

FCC Consumer Help Center
https://www.fcc.gov/consumers

Have You Been “Pwned”?

pwnedWe always seem to be talking about another security breach or hacked web or email accounts and so on. Many of us have multiple email addresses and it would probably be good to know if any of our many different email addresses have been hacked (or pwned).

You pronounce pwned as p-owned as it is an abbreviation of professionally owned. “Owned is a slang word that originated among 1990s hackers, where it referred to “rooting” or gaining administrative control over someone else’s computer. The term eventually spread to gamers, who used the term to mean defeat in gaming.”

Here’s a free website that will search your email address and report when and where your email was “pwned”. This site will even notify you when future pwnage occurs and finds your email account has been compromised.

Https://HaveIBeenPwned.com


What is the site all about?

This site came about after what at the time, was the largest ever single breach of customer accounts — Adobe. Post-breach analysis of user credentials kept finding the same accounts exposed over and over again, often with the same passwords which then put the victims at further risk of their other accounts being compromised.

The FAQs page goes into a lot more detail, but all the data on this site comes from publicly leaked “breaches” or in other words, personal account data that has been illegally accessed then released into the public domain. Have I been pwned? aggregates it and makes it readily searchable.

Why build the site?

This site serves two primary purposes: firstly, it obviously provides a service to the public. Data breaches are rampant and many people don’t appreciate the scale or frequency with which they occur. By aggregating the data here, it not only helps victims learn of compromises of their accounts, but also highlights the severity of the risks of online attacks on today’s internet. Secondly, the site provided its developer, Troy Hunt, with an excellent use case for putting a number of technologies through their paces and keeping his hands-on skills somewhat current.

Who is behind Have I been pwned?

I’m Troy Hunt, a Microsoft Regional Director and Most Valuable Professional awardee for Developer Security, blogger at troyhunt.com, international speaker on web security and the author of many top-rating security courses for web developers on Pluralsight.

I created Have I been pwned? as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach. I wanted to keep it dead simple to use and entirely free so that it could be of maximum benefit to the community.

Short of the odd donation, all costs for building, running and keeping the service currently come directly out of my own pocket. Fortunately, today’s modern cloud services like Microsoft Azure make it possible to do this without breaking the bank!

 

 

How to find out if someone is using your child’s images online

Just when you thought the internet couldn’t get any creepier. There is apparently a disturbing trend going on called “digital kidnapping.” And if that phrase is new to you, allow me to fully weird you out. “Digital kidnapping” is when someone steals a stranger’s baby photos and reposts them on the Internet. Sometimes, these virtual photo thieves will pass the snapshots off as their own. But other times, it goes a step further. Just last week, a couple took the photos of a child suffering with cancer from a Go Fund Me page and went door to door trying to collect money for funeral costs. They weren’t the sharpest knives in the drawer because they got caught after going to the child’s grandparents work place…

Another example found on Instagram, accounts were being set up specifically to encourage others to join in on “adoption role playing,” inventing new identities for each child and inviting users to chime in.

So, in the wake of recent news reports about digital kidnapping, it’s important that parents know what can be done to see if anyone is using your child’s photo.

Once you post a picture online, it’s hard to know where it’s going to end up. Most likely, it will be one of the millions that people scroll past on their Facebook feed every day. Considerably less likely, it could go viral and become a meme. But somewhere in between those possibilities, is the potential for that image to be used by strangers for all the wrong reasons. Pictures of your children could end up in the hands of people with intentions that would make you cringe.

Here’s a quick, simple tutorial on how to do a reverse image search on Google so you can find out where your personal pictures might have gotten to beyond where they were originally posted.

1: Go to google.com and click “Images.” 2: In the search bar, click the camera icon. 3: Either upload a picture from your computer or enter the URL of a picture to search for it. 4: Google will return every instance of that image they can find

Ultimately, the most important thing for anyone to do is to be careful of what you post online and to always enable the privacy setting on your accounts. When you do a reverse Google image search, hopefully you will find that your, or your child’s photos, aren’t anywhere they’re not supposed to be. Google isn’t the only company to offer this service. You can also search for specific images using TinEye, BING and Copyscape.

  1. Google Reverse Image Search.  This is my default go-to for looking out sources of images.  You click on the camera icon in the search bar and upload the image.  Google then brings up the sources for the image that you searched for.
  2.  TinEye.This works in a similar way as Google Reverse Image Search and the results are usually the same but not always.
  3.  Copyscape.This works in the same way as the above but for written words instead of pictures.

(Unfortunately, you cannot do this on your phone. So if you want to check any images shared on a social media app, you’ll have to log into their website.

More information on how to find out if your images have been stolen: http://stopstealingphotos.com/find-images-stolen/

If you find your intellectual products or images are being used, here’s some info on what you can do. https://ongoingpro.com/copyright-find-stolen-photos-online-reverse-image-search/

Passwords You Should Change Immediately

Here we go again. Right on the heels of the latest revelations from the Yahoo hack, another popular web company has been seriously compromised.

Cloudfare, a popular web performance and security company, is the newest addition. Over 5.5 million websites who use Cloudflare, including Fitbit, Uber, OkCupid, Medium, and Yelp, may have been compromised.

If you have or had accounts on Fitbit, Uber, OkCupid, Medium, or Yelp, you should probably change your passwords. In a blog postthe web performance and security company Cloudflare said it had fixed a critical bug discovered over the weekend that had been leaking sensitive information such as website passwords in plain text from September 2016 to February 2017.

What should you do?

1: Change your passwords and make them very strong. Consider using a password manager like LastPass to create a long, random string of characters for every online account.

2: Where possible – enable two-factor authentication. Two-factor authentication requires a code sent to your mobile phone, in addition to your password.

3: While you’re at it, add a PIN to your phone number account.

A dedicated Hacker can bypass two-factor authentication by providing your name and the last four digits of your social security number to your mobile carrier. Simply call the customer care number at your mobile provider/carrier to enable this feature.

There’s a list available of all the websites identified so far if you want to see if you might be at risk. See the link at the end of this article. There’s also a list of many potentially affected IOS apps as well.

Thanks to BuzzFeedNews for this very relevant information.

List of Websites available here: https://github.com/pirate/sites-using-cloudflare/blob/master/README.md

IOS Apps potentially affected: https://www.nowsecure.com/blog/2017/02/23/cloudflare-cloudbleed-bugs-impact-mobile-apps/

ActSmartDentalThe Most Dental IT Experience
on the South Shore!

David’s Blog Archives
Our Clients Say:
Everybody @ ActSmart is WONDERFUL! We are very relieved to have you on our team & know that we are in great hands. ~Leslie, Glivinski & Associates
Proud To Be:
Attention Dental Practices:

We Offer:
Follow Us: