Scam Alert – Fake American Express notification

Uncategorized
Beware of scammers trying to use phishing tactics like security notifications to lure you into clicking a malicious link The whole "there's something horrible about to happen if you don't click this now" scam is nothing new, but the scammers are getting really good at making their bait look legit.  I received an email earlier today, reportedly from American Express, and thought that it would be a good example of what to look for.  Some interesting things to note: The email looks legitimate.  It has the American Express logo, mailing addres, etc., but doesn't include a telephone number. The link, even though the text presented to the victim says http://americanexpress.com, the actual link (e.g., where you're going) is http://amelican-excress.com/americanexpres .  The domain name amelican-excress.com is registered to a Chinese company with a…
Read More

Disturbing but not surprising news about Internet Explorer.

Uncategorized
Bad things keep happening to Internet Explorer.  Why that's a big deal and what you can do to avoid it. What is Internet Explorer?  Internet Explorer or, 'the big blue e' is an Internet web browser.  An easy way to think of it would be to liken the Internet to an object in a square room with four windows.  One 'window' would be Internet Explorer, one 'window' would be Google Chrome, one 'windows' would be Mozilla Firefox and one 'window' would be Apple Safari.  There are other web browsers, but those seem to be the 'big ones' at the moment.  The important thing to note here is that, when you view the object inside the room through the window that is Internet Explorer, you're viewing the exact same object that…
Read More

Beware of fake tech support call scams (again)

Uncategorized
So, you're sitting at home, perhaps on your computer and perhaps not, but the telephone rings.  On the other end is a very friendly person who identifies themself as an employee of Microsoft who, while monitoring your computer noticed that you were infected with a virus, malware, spyware or whatever the latest buzz word for malicious software is and they're calling you to take care of it.  It sounds official and, more importantly, it sounds urgent, there's no time to confirm who they are or call your 'regular' IT guy, you've gotta fix this NOW.  Thankfully, the nice person on the other end of the phone offers to remote into your computer and fix it for you.  Unfortunately, the person on the other end of the phone is a scam artist and,…
Read More

The hard lessons learned this week about switching telephone and Internet service

Uncategorized
Thinking about switching your telephone and / or Internet service to get a better deal?  A little pre-planning can save you a lot of money and heartache. Customer : Hello, computer support company?   Tech Support : Yes, can I help you? Customer : Yes, please help.  I just upgraded or changed my telephone and / or Internet service and now nothing works.  The tech that the phone / Internet company sent out broke it and now says that he's not allowed to fix it. Tech Support : Is the tech from the provider still there? Customer : No, they've already left.  They said that their stuff was good and that it was our problem. Ok, so here's the deal.  You have a small business.  You have a few computers, maybe some…
Read More

June 2014 News and Updates

Uncategorized
What's New Is TrueCrypt Gone? - The short answer is, as far as the name "TrueCrypt" is concerned, it likely is.  On 28 May, SANS reported that TrueCrypt had been effectively taken offline and replaced with a warning that TrueCrypt was no longer secure.  We are currently reviewing a numbef of alternatives to TrueCrypt for partial / full disk encryption and will post our recommendations soon.  One thing to keep in mind is that, although the license for the TrueCrypt project prohibited it's continued development under the moniker "TrueCrypt", the project was open source and used / loved by literally millions.  The code audit is not complete but, at this time, no actual threat to data encrypted by TrueCrypt has been found.  A number of well renound authorities on security have noted that,…
Read More

Issue with Inbound email

Uncategorized
We found out today that, for some reason, some inbound email is being *extremely* delayed.  After digging into the issue a bit, it looks like some nameservers (Google's public nameservers in particular) have just lost our domain name.  Our authoratative nameservers (GoDaddy) seem to be in tact and most of the nameservers that we have checked (Comcast, MIT, OpenDNS, etc.) but a few (Google) is intermittent.  If you are trying to send us email from an @gmail.com account or an account hosted with Google Apps, please note that it may be seriously (hours) delayed.  Until we can find out what's going on, please feel free to submit support requests directly via the helpdesk at http://helpdesk.cybertechcafe.net . 
Read More

May 2014 Updates and News

Uncategorized
What's New Internet Explorer Zero Day - There was a nasty zero day vulnerability discovered in Internet Explorer this month.  The vulnerability was very similar to countless other zero day vulnerabilities found in Internet Explorer in past months / years but this one seemed to seize the attention of the media, so it got a lot of press.  One thing that it did that was good was it reiterated the importance of using an alternate web browser (Google Chrome, Mozila Firefox, even Apple Safari or Opera).  Basically, anything but the 'big blue e'. First month with no Windows XP Updates - As many / most of you know, 8 April was the last update for Microsoft Windows XP and a number of other Microsoft products.  This does not mean that…
Read More

April 2014 Updates and News ** Windows XP Has Reached End Of Life (EOL) **

Uncategorized
  What's New Two Big Stories This Month RIP Windows XP - As of 8 April 2014, Microsoft will no longer be providing support for Microsoft Windows XP, Microsoft Office 2003, Windows Server 2003 or Exchange Server 2003.  If you are using any of these products, you need to consider upgrading as soon as possible.  If you are subject to compliance regulations like HIPAA or PCI, you need to review these compliance guidelines and plan accordingly. PLEASE READ THIS - We reported that the Cryptolocker virus was making it's way around the Internet again back on 17 October 2013 and have reported a few additional times since then of specific incidences.  We have seen a few computers in the shop with this virus from people with no backups of their data and…
Read More

Less than 7 days until End of Life (EOL) for Windows XP

Uncategorized
Just a quick reminder that we are now less than a week away from the end of life for Microsoft Windows XP, Windows Server 2003, Exchange Server 2003 and a number of other Microsoft Products.  If you have any of these products in use, you will no longer receive updates to them to address usability or security problems and are encouraged to upgrade as soon as feasible.  If you are a HIPAA covered entity or are required to maintain any level of PCI compliance and still have any of these products in use, you should check with your compliance officer to review the HIPAA and / or PCI compliance issues and work to address those as soon as possible.
Read More

Another Cryptolocker virus victim. Do you have a backup? Are you *sure*?

Uncategorized
I've written a number of times on the Cryptolocker virus but just got a call from a client that walked into her office this morning to find that all of her files had been encrypted and she had no backup.  I know that folks are busy and I know that backups can slip to the last thing on your mind very easily but I can't stress enough that, if you get nailed with this thing, your *only* options to get your data are a) restore from backup or b) pay up (in this case, it's a $400 ransom).  If you don't have a backup, you're left with a single option (pay up).   Readership on the out of band emails that we send is generally very low so I will…
Read More