The SOS Blog

The Silence of the Clamps

And I'm not even sure what the picture should be. I'm thinking two circus clowns dancing. You?

Cops, another community I’m not part of. You all right, Dexter? Like a sloth. I can do that. I’m a sociopath; there’s not much he can do for me. You’re a killer. I catch killers. I’m not the monster he wants me to be. So I’m neither man nor beast. I’m something new entirely. With my own set of rules. I’m Dexter. Boo.

I think he’s got a crush on you, Dex! I’ve lived in darkness a long time. Over the years my eyes adjusted until the dark became my world and I could see. He taught me a code. To survive. I feel like a jigsaw puzzle missing a piece. And I’m not even sure what the picture should be.

June 25, 2014 Movies, Uncategorized No comments

Sing along fellas!

I just told you! You've killed me! Why am I sticky and naked? Did I miss something fun? Oh Leela! You're the only person I could turn to; you're the only person who ever loved me.

I never loved you. I feel like I was mauled by Jesus. And why did ‘I’ have to take a cab? I’ve been there. My folks were always on me to groom myself and wear underpants. What am I, the pope? Leela, Bender, we’re going grave robbing. OK, if everyone’s finished being stupid.

June 25, 2014 Art & Culture, Sports, Travel, Uncategorized No comments

Cops, another community I'm not part of. God created pudding, and then he rested. I've lived in darkness a long time. Over the years my eyes adjusted until the dark became my world and I could see. I'm going to tell you something that I've never told anyone before. God created pudding, and then he rested.

Dexter

The SOS Newsletter: Help for your web stuff – JUNE 2014

dit-dit-dit/dah-dah-dah…

You probably recognize that familiar morse code for “sos”, the call for help. It also happens to be the caps of my website – Switched-On-Sites. More importantly, SOS stands for the kind of web help I want to provide you with my services. If your web site is in trouble, I’m here to help. So I thought why not make that the new focus of the SOS newsletter!

Starting with this newsletter I’ll be covering the kinds of information that will likely be most helpful to you: website security, social media, SEO, and home tech help and tips. Let me know how you like it or if there is something you’d like me to add.

SOS Security Alerts

Cryptoware Through Malicious Ads

You remember seeing that familiar screenshot on this blog from past alerts about Cryptoware (Ransomware) – that malware that likes to hold your files for ransom until you pay up. Well, a new variant is on the loose, this time called Cryptowall. And it showing up at some famous (and BIG name) sites like Disney, Facebook, The UK’s Guardian and more through malicious ads.

When you click on these infected ads, you are redirected to an infected advertisement site (called a malvertisement) and the malware is then downloaded to your computer. Your files are then encypted with a very strong RSA encryption ( RSA 2048) and you are informed how much (Currently $500 USD) you have to pay to get them decrypted.

As I have warned in the past, prevention is the best cure on this nasty malware – DON’T CLICK THE ADS! How widespread is this malware? According to The Hacker News: 42% of the infections are centered in the US, followed by England and Australia.

Help! My Site’s Been Hacked!

Have you ever been searching for a site, put in some search terms and come up with this little warning: “This site may be hacked”? Well, its not all that unusual given that there are billions of sites on the web and hacking of small business sites has increased. According to Symantec’s Internet Security Report companies with less than 250 employees made up 31% of the targeted hacks in 2012. But many small businesses still do not know about the resources needed to fend off these attacks. And often times, you may not even know you have been hacked until you are told by a customer who goes to search for your site and finds Google’s “hack flag” warning. When that happens, its time to identify the type of attack, do clean up and remedial security protection for the site and appeal to Google for the flag to be removed so that your organic searches are not compromised. As with all things, an ounce of prevention is worth a pound of cure. This is something I can help you with here at Switched-On-Sites. I specialize in the security concerns of your small but growing business! Give me a call if you need help setting up your site security or need a hack fixed.

SOS Featured Social Media Tips

How to turn it off: Facebook is using your browsing history for ads

You know by now how deeply the NSA surveillance of ordinary citizens is, but did you know how closely Facebook is watching every web site you go to? Well, lets review a small paragraph in Facebook’s famous ever-changing TOS (Terms of Service) :

We and our affiliates, third parties, and other partners (“partners”) use these technologies for security purposes and to deliver products, services and advertisements, as well as to understand how these products, services and advertisements are used. With these technologies, a website or application can store information on your browser or device and later read that information back.

How are they doing that? Well, those famous social media sharing buttons we put on your sites. Or even with Oauth that allows you to login to other sites using your Facebook credentials. That’s how. It’s a double-edged sword. It gives you and I the exposure we want for our sites and it makes logging in a lot easier than creating umpteen accounts all the time, but its also collecting browsing data about other personal things like your geographical location, personal demographics, medical information, online shopping habits , anything a third party website might collect from you and storing this in their databases.

So if you don’t want Facebook to use your browser info to target ads toward you (shades of Minority Report!) then you can go to the Digital Alliance Website and opt out of interest-based ads. It won’t stop them from collecting the information for other purposes, but it will stop them from using it to target ads.

You can also start using Duck Duck Go for browsing and while there at the Digital Alliance Website opt out of Google, Yahoo and other large sites tracking you for ads as well

SOS/SEO

Are 301 Redirects Helping Your SEO?

At some point, you’re going to want or need to move your website. Site migrations involve a great deal of planning to make sure nothing physical is lost during the transfer and traffic loss is kept to a minimum. But there is one other consideration and that’s maintaining your link equity (ranking power) in the best way which up till now has involved using 301 redirects. But 2 weeks ago, Google updated their site move documentation to recommend 302 redirects when it addressed separate smartphone URLs to Desktop URLs . Why?

As you may know, 301 redirects are permanent. And in this particular scenario, you may want to change those redirects in the future.

Home Tech SOS

Low Tech Cord Management

Tired of tracing wires back to their source? Stop pulling the wrong plug! Here’s a great idea for cord management from PinTriedIT.com:

June 18, 2014 Melanie June 2014, SOS Blog, SOS Newsletter, Uncategorized No comments

May: Scams and Viruses on Facebook and Other Security Issues

LOL Trojan Is “laughing” at the Facebook Messaging Service

Malwarebytes is warning FB users to beware of a new scam and trojan called the “LOL” malware. It’s a message that appears to be from one of your FB friends with a photo file attached named “IMG_xxxx.zip”. Clicking on it allows a Facebook user’s data and login credentials to be accessed.

What to look for…

Messages like “LOL” or “I can’t beleive someone posted this” or “OMG, have a look at this” catch users off-guard. After downloading and unzipping the jar file named IMG_xxxx.zip, the malware executes and infects your system.The jar (or Java)file itself is the agent that actually downloads a pre-defined file from a select DropBox account. This is the file that infects the user’s machine. In the background, messages are being sent to the rest of the FB user’s friends’ accounts.

This sort of attack works because it goes through several steps to evade detection and to trick the user into trusting and opening. Once on your computer it further escapes detection by injecting itself (injection attack) into a legitimate process running on your computer.

How to protect yourself

Change your Facebook password if you receive one of these and delete the message. Then notify Facebook and your friendson a wall post.

Inside That Postal Stamp Kiosk May Be A Scam

It looks as if a fraudster gang is installing skimmers on postal vending machines across the US. The Banking industry started issuing reports earlier this month of fraudulent activity on debit cards used on postal vending machines such as stamp dispensers. According to the USPIS, the following warning has been urged to customers using the machines:

“USPIS recommends customers who use the APC machine should personally visually inspect the machine prior to use,” the USPIS said. “Look for any type of plastic piece that looks like it has been slid over the actual credit card reader. Look for any other type of marking on the machine that looks as though it has been applied by a third-party.”

Krebs on Security had this to advise on protecting yourself when using these vending machines:

One way to protect yourself against this type of fraud is to use a credit card in lieu of a debit card whenever possible. With a credit card, your liability is maxed out at $50 in the case of fraudulent transactions. Things get more complicated with debit cards. Although many banks also will observe the $50 limit on debit card fraud, customers could be facing losses of up to $500 if they wait more than two business days after learning about the fraud to report it. Also, while your bank is straightening out the situation, any cash you may be missing could be held in limbo, and other checks you have drawn on the account may bounce in the meantime if the fraudsters manage to clean out your checking account.

In addition, it’s a good idea to cover the PIN pad when you’re entering your PIN. Doing so effectively prevents thieves from stealing your PIN in cases where a hidden camera is present.

May 15, 2014 Melanie Security, SOS Blog, Uncategorized No comments

All the Presidents’ Heads

The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.

The plans you refer to will soon be back in our hands. A tremor in the Force. The last time I felt it was in the presence of my old master. Don’t act so surprised, Your Highness. You weren’t on any mercy mission this time. Several transmissions were beamed to this ship by Rebel spies. I want to know what happened to the plans they sent you. You mean it controls your actions?

May 1, 2014 Art & Culture, Uncategorized No comments

RansomWare Strikes Again: CryptoLocker

That nasty thing above is the screen for a new, on the rise RansomWare called CryptoLocker. We’ve discussed RansomWare before in a previous couple of posts here and here. As a review of what this malware does – it locks your computer and then holds it for – yep, you guessed it – a ransom fee. Hence the name.

However with this particular RansomWare it encrypts all your files and then offers, as above in the screen shot, a way to decrypt them – for a price – anywhere from $100 – $700 or in some cases, 2 Bitcoins – 10 Bitcoins ( $450 – $2100). In fact, with this new attack, they offer a “Decryption Service” that allows victims to purchase a “decryption key”. Of course, that’s the last thing you want to do. Bottom line: your files get encrypted and you may lose them forever and ever. Amen. …unless you have the decryption key.

How do you get infected?

CryptoWare is spread through email attachments and it ihas been noted that the hackers are targeting companies through phishing attacks.

What kind of files are being targeted on an infected computer?

The file extensions, according to MalwareBytes, are listed below:

3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx

How far has this malware spread?

According to The Hacker News, “…64% of its victims are from the US.” It targets Windows systems.

Removal:

Regretfully, there is no specific tool known to be able to decrypt and restore asymmetrically encrypted files except a private key. MalwareBytes will detect CryptoLocker as “Trojan.Ransom” but it also cannot restore your encysted files. Your best defense is to back up your files frequently. And since this malware can cross through external drives such as USB and mapped drives, don’t leave X-drives mounted. Keep your anti-virus up to date and work at using file sharing services rather than relying on email attachments.

November 6, 2013 Melanie Security, SOS Blog, Uncategorized No comments

SOS SEO Tips: Searcher Intent and Relevant Key Phrases vs Key Word Searches.

Most people understand about keywords when it comes to meeting the basic requirements of search engine optimization. If you are selling ice cream, then you’re going to have the words “ice cream” in your meta tags. But search engines look for more than just single keywords these days.

Why?

Because their algorithms are much more complex than when search engines started and that’s because the way people search for what they want is more complex, too. It has to do with the Searcher’s intent.

Searcher Intent

Breaking it down, there are 3 basic ways that people search:

Navigation: The searcher is going for a specific site he or she knows they want to visit. The means? The site’s search box or the browser Address bar. Doe s it make a difference which they use as to site rankings? Definitely. Its your site search box competing against the address bar of the browser . Which does the site user trust to find them what they want?
Information: The searcher wants to know how to do something, or where to find some ice cream in the city. They are searching about some idea or more information about a category of products. A good example is “Where is the best ice cream in my city?”
Transactions: This is very straightforward. The searcher wants to sign up for something, like email. Or purchase a product from an online store. Or perhaps download a coupon file.

Key Phrases: Relevance and Authority

Since its much more costly to compete with the big search engines on navigation searches, its best for smaller businesses and organizations to focus on information and transaction searches. How do you do that?

Let’s say your site sells ice cream ( I like to stick with what I know, er, like a lot). You may side specialize in selling dietetic ice cream so you might want to rank your site for “diet foods”. Diet foods is a big market and getting even a small percentage of those searches would mean a chance of converting at least some to sales, right? But here’s where the relevance factor comes in because that is how you will be ranked by the search engines. The question to ask yourself is this: Is my eCommerce ice cream site really relevant for “diet foods”? No, its relevant for ice cream – that’s how the search engine will look at it. So, unless you plan on building up a lot of content and promoting your site as an authority on ice cream as a diet food, there’s a better and less costlier way. Using a relevant key phrase like “best tasting diet ice cream” will gain you more searches in your niche, especially adding the city.

It’s a good idea though to work on a plan to promote your business as the authority in its niche and do so in a relevant way. You do this by listening to your customers: what they do like and what they don’t. In the “old days” it was more about link-building. Now its all about the content on your site. So make your content relevant to your customers and be determined to be the authority in your niche.

Now, I wonder if my favorite ice cream site will show me how to build the best tasting diet banana split? I think I’ll do a search…

Image Source: Handel’s Homemade Ice Cream

Want to know more about how Switched-On-Sites can help you with your SEO?

[maxbutton id=”1″]

September 15, 2013 Melanie SEO Tips, SOS Blog, Uncategorized No comments

Will Linkedin Finally Challenge University ePortfolios For Students?

I’ve decided to focus on a little Back-To-School social media with this post of the SOS blog. So this is for all you parents and students out there.

As of September 12, Linkedin has just updated their TOS (Terms of Service) with what appears to be an interesting challenge to the lifetime aspect of the university ePortfolio site. Their new User Agreement now states the following:

We are updating our User Agreement to make LinkedIn available to students 13 years and older, depending on country. Smart, ambitious students are already thinking about their futures when they step foot into high school – where they want to go to college, what they want to study, where they want to live and work. We want to encourage these students to leverage the insights and connections of the millions of successful professionals on LinkedIn, so they can make the most informed decisions and start their careers off right. (Eric Heath, LinkedIn Blog)

They are calling this new feature University Pages. And promising:

… we are providing a new way for schools, students, and alumni to connect, communicate, and explore unique insights about the full range of career possibilities – wherever your educational starting point may be.

Basically, students can check schools out on Linkedin using University Pages and start their networking with University representatives and future classmates before they even meet them face to face. Below is a sample page:

So while University Pages is not ePortfolio replacement, it is a big inducement for students to further focus on developing their Linkedin accounts in connection with the networking advantage of University Pages. What seems to be the unique challenge now to universities espousing ePortfolios is that Linkedin has beat them to the punch on a unified global system for pre-university students that actually has the capability to do what ePortfolios have been promising: to allow a student a way to collect and house a student’s artifacts that will follow them throughout their scholastic career and into the job market for a lifetime. Its likely that Linkedin won’t stop with the current interface features that highlight work artifacts and could easily expand its capabilities to support students.

Linkedin has also implemented some extra security and privacy features to protect user that are under the age of 18:

Minors will have different default settings to protect certain sections from public view
Minors will have select service for trouble tickets
Minors will have easy access to LinkedIN’s Safety Center and Family Center support

If you are a student or a parent with a student in school, University Pages are definitely worth a looksee as Linkedin is here to stay for awhile. As of June 2013, Linkedin reports more than 225 million acquired users according to Wikipedia.

September 15, 2013 Melanie Social Media Tips, SOS Blog, Uncategorized No comments