SOS Blog

  1. home
  2. blog
  3. SOS Blog

The Case of the Lost Web Page

The Case of the Lost Web Page

We design custom 404 pages for your site so that you can make the best out of an unfortunate situation when your clients get lost. 404 pages done well can be entertaining as well as help your clients back to your site through some actions that benefit you both.

Why do they happen?

404 errors can occur on websites from time to time when a client is able to communicate with a server but the server can’t find the page requested.  This could be due to the page having been removed (or moved and the URL was not changed).  Or it could be because there is a typo in the address bar.

Whatever the case, it’s a good idea to anticipate the error with a strategy to help keep your brand in good stead and your client not only helped but entertained, even leaving them in good humor where possible.

What does a custom 404 page look like?

Below is our own 404 page as an example.  Note that there are no less than 5 alternatives to allow your client to get back to doing something on your site.  They can go to your about page, browse your portfolio, go to your blog, go back to your home page or check your social media out.  They can even complain on your contact page and let you know what page they were trying to get to.

Give us a call (317.747.0622)  or contact SOS if you want to add a custom 404 to your site so that you don’t lose important clients.  Custom 404 pages start at $100. Don’t wait and don’t lose potential clients.  SOS – Help for your website when you call.

September 1, 2018 Melanie No comments
MelanieThe Case of the Lost Web Page
read more

SOSSeo: The Google Penalty Box – The Difference between Landing pages and Doorway pages

SOSSeo: The Google Penalty Box – The Difference between Landing pages and Doorway pages

SEO

In mid-March, Google made another change to their SEO ranking algorithms.  This time to distinguish between Landing pages and Doorway pages.  And to penalize a site if it was using Doorway pages.  If you might be confused on which is which, you’re not alone. According to wikipedia:

Landing pages are regularly misconstrued to equate to Doorway pages within the literature. The former are content rich pages to which traffic is directed within the context of pay-per-click campaigns and to maximize SEO campaigns.  wikipedia

What is a Landing Page?

Obviously, Google does not think Doorway pages have such useful and noble aims. In fact, they don’t want to rank Doorway pages in their search engine results at all.  Pretty serious stuff.  So it will pay you to know the difference.  Simply put, a Landing page is a page that features one of three things:

  • an upcoming event or
  • a featured product or
  • new information about your site

All three of which directs your visitors somewhere on the page to some call to action (button) either to register for an event,  purchase a product, sign up for a newsletter or signup to receive a free product or download.

What is a Doorway page?

It’s a page that doesn’t add clear or new useful content to the Internet.  Its main purpose is to increase the site’s “search footprint” in order to gain an unfair advantage in Google’s search rankings.  The new algorithm promises to put a stop to that.  So how do you know whether you have a Landing page or Doorway page on your site?  Google suggests you ask yourself the following questions.  And hopefully avoid getting put in the search engine penalty box!

  • Is the purpose to optimize for search engines and funnel visitors into the actual usable or relevant portion of your site, or are they an integral part of your site’s user experience?

  • Are the pages intended to rank on generic terms yet the content presented on the page is very specific?

  • Do the pages duplicate useful aggregations of items (locations, products, etc.) that already exist on the site for the purpose of capturing more search traffic?

  • Are these pages made solely for drawing affiliate traffic and sending users along without creating unique value in content or functionality?

  • Do these pages exist as an “island?” Are they difficult or impossible to navigate to from other parts of your site? Are links to such pages from other pages within the site or network of sites created just for search engines?

April 30, 2015 Melanie , , No comments
MelanieSOSSeo: The Google Penalty Box – The Difference between Landing pages and Doorway pages
read more

Why Is My Website Getting Hacked?!

Why Is My Website Getting Hacked?!

Hacker

Last month when multiple security weaknesses were discovered on Open SSL – the software used by thousands of companies to encrypt online communications – the world got reminded of how interdependent we are on everyone maintaining his or her website security – especially those who maintain the web components we all share.  The fact is, we have come to expect security of the Internet and our web sites as almost a given.  But the reality is that much of the Internet, as security expert Krebs points out, “…runs on technology maintained by a handful of coders working on a shoestring budget.”   It’s amazing what has been done to protect and secure our web sites and the Internet they run on.  That said, the question remains for many website owners, why could my website get hacked?  I’m not a big corporate presence on the web. Who would want to bother me?

Automation

One of the reasons why its so critical that small to mid-size  businesses and organization websites like yours take your security more seriously is because you are the new targets….of automated attacks.   Hacking as a web service has grown and is being made available to a large number of those interested in the hacking arts regardless of skill.  And these tools can make even those with little skill successful.

Random Attention

It could be a plugin or exposed information about your website’s platform, Crawlers take about a month or so to actually find something about your site that looks interesting. Then they are looking for some identifying markers like whether your’re running a CMS platform or bugs in the code or some component vulnerability.  Once you have been crawled, you’re on the list for attack.

Targeted Attacks

In recent days, we’ve had an example of a targeted attack.   Sometimes these include a form of Hacktivism which can include defacement.  The FBI and US-CERT both issued warnings on a probable defacement hack campaign suspected of being generated by ISIS against WordPress sites.  Several types of sites of small to mid-size business and organizational sites were included in that notification.  At the same time an XSS vulnerability was found in a common WordPress component and again, a warning was issued. These and other exploits happen now on a somewhat regular basis for most CMS platforms.

What Are They Getting Out Of It?

What are hackers getting out of attacking your site?  More than you might think. Of course, there is the financial aspect.  You probably already know about malware that can be loaded onto your computer from an infected site, which then looks for and gathers enough information to be able to drain your bank account or access medical records and other sensitive information.  Then there is affiliate revenue that can be generated by site redirects through what is known as Black Hat SEO Spam campaigns (injection attacks).

There are gains to be had from farming your actual resources: your computing power.  Hacking groups can use your system resources for themselves or lease them.  Then the combined resources are used for brute force attacks (DoS or DDoS) .

As mentioned above, there are also hacktivists: people or groups trying to make a statement  by defacing or taking down a site.  Recent examples have been the ISIS defacement attack as well as taking down the Indiana gov site in defiance of the RFRA.

Last but not least is the boon of just being able to do it because they were bored.  These are not always limited to but usually are the “script kiddies”, unskilled when compared to sophisticated big time hackers but still dangerous exploiters of security lapses in a website.

So now that you know why, give SOS a call to help you to protect your web site with a monthly security package! 

April 21, 2015 Melanie , No comments
MelanieWhy Is My Website Getting Hacked?!
read more

Which is better for your website: Email Marketing or Social Media?

Which is better for your website: Email Marketing or Social Media?

So when Elegant Themes established that a newsletter subscriber is between 10 and 20 times more valuable, in terms of product engagement, than a social media follower, they set out to find a way of maximising newsletter signups. The result is Bloom, a WordPress widget that promises to increase the number of subscribers to your newsletter with clean, responsive design, and a simple UI. – Web Designer Depot

http://www.webdesignerdepot.com/maximize-customer-engagement-with-blooms-newsletter-sign-ups

March 18, 2015 Melanie , No comments
MelanieWhich is better for your website: Email Marketing or Social Media?
read more

Freak Attack: What You Need To Know

TLS640Remember the Heartbleed vulnerability in SSL/TLS (Security protocols for the Internet)?  There is a newly discovered vulnerability called the Freak Attack that was making the rounds in the cryptography talk circles on the night of March 3, 2015. RSA Export sites are highly vulnerable to this bug and that’s quite a number of sites (into the millions) including many government sites, not the least of which was the NSA site, the IRS, the whitehouse.gov and the FBI tip reporting site. Even the site that supports the Facebook “like” button (connect.facebook.net) was vulnerable. If you run a server,  you were being told to disable support for any export suites.

You can read more about what happened here: http://www.washingtonpost.com/blogs/the-switch/wp/2015/03/03/freak-flaw-undermines-security-for-apple-and-google-users-researchers-discover/

Patches are getting rolled out so this should be closed up soon. But what’s interesting (and also appropriate) according to Matt Green, cryptographer and Research Professor at Johns Hopkins University is that this latest vulnerability was really a result of some decisions made in the 80’s to weaken cryptography so that the NSA could “access” information it deemed it needed but that would give a grade of passable security to be used commercially.  You can read about how China now wants to do the same .  In that regard, it seemed fitting to a number of us that the NSA site was the first affected.

What’s being done

4 things. 1) Apple and Google have released patches so the TLS vulnerability will be addressed. 2) US CERT has issued a vulnerability release with actionables. 3) This headline: Outdated Encryption Keys Leave Phones Vulnerable to Hackers  Note: this is the second article in the last few days that I have observed pointedly spelling out “National Security Agency” in every instance its mentioned which obviousness points to the current negative connotations of the acronym “NSA”. It also leads one to ask: who made the request to the news agencies to spell it out, (if it was made), and 4) It looks like its showdown time between the big techs and the Gov on this issue. Because if they (the security folks) lose, there is no way any of us providing security can honestly assure you of a high uptime or protection

How to protect your Windows system, well sort of…

You can test your browser support and if you haven’t already tested your Windows system for FreakAttack, (Specifically your IE browser) Here’s the link where you can do that: https://freakattack.com/clienttest.html  My advice?  It would also be a good time to say goodbye to IE and switch to Chrome or FireFox. Because MS only has a workaround for some systems as of their security update as of yesterday. Your system has to have a Group Policy Editor for the work around to, uh, work. But, hey, if you have Group Policy Editor, here’s the fix:
1) Tap on the Windows-key and type gpedit.msc and hit enter.
2) Use the left sidebar to navigate to Local Computer Policy > Computer Configuration > Administrative Templates > Network > SSL Configuration Settings.
3) Double-click on SSL Cipher Suite Order.
4) Switch the policy to “enabled”.
5) Copy the Cipher suite order from Microsoft’s advisory page to the clipboard, and paste it into the SSL Cipher Suites form.
6) Click ok and restart your computer.

Of course, once you do this, Windows won’t connect to systems that have unsupported ciphers (not on the list you have added to Group Policy Editor) You can disable this in future if needed. Take my advice – switch to Chrome

Image source: Bounceweb.com

March 10, 2015 Melanie , , No comments
MelanieFreak Attack: What You Need To Know
read more

The SOS Newsletter: Help for your web stuff – August 2014

Logo4640

dit-dit-dit/dah-dah-dah…

August has come and gone and its back to school for many.  Malware seems to be in the rise.  What can you do if you find malware on your Facebook account?  How can you decrypt your files being held for ransom by malware?  In this newsletter you can learn how to handle both successfully.  What’s the best malware protection out there?  We’ll take a look at the ratings   And my home tech tip is a car hackability chart!

SOS Security Support

 DecryptDecrypt Those Ransomed Files for Free with DecyptoLocker

We’ve talked about CryptoLocker before (Ransomware) – that malware that likes to hold your files for ransom until you pay up.  There are several variants out there but one in particular, CryptoLocker, has now got a fix: DecryptoLocker  provided by FireEye and FoxIT.

When you provide the site with your email address (which will not be given out or sold) and an encrypted file, they will email you a master decryption key to be used along with their recovery program.

They advise that you don’t give them any files of a sensitive or personal nature.  And each infected system will need its own master decryption key.

 

MalChart

What’s the Best Malware Protection For My Computer?

In a recent test done by the independant Anti-virus research group, AV-TEST 
Malwarebytes came out on top as the best malware protection with a score of 100% in total system repair!   They beat out even paid security programs like Bit Defender, F-Secure and Kaspersky.  While Malwarebytes doesn’t include anti-virus support and protection, it says a lot for a FREE security program.

How did the FREE anti-virus programs fare?  AVAST! and AVG came out on top ahead of MSSE.  But read the report for yourself

 

SOS Featured Social Media Security Support

FacebookStrange “likes” and Posts Showing Up On Your Account? You May Have Malware

When you have a malware infection from Facebook it can show up as strange “likes” to many pages or comments or postings you didn’t make or a sudden surge in following a lot of people on Facebook. One particular malware that’s been recently re-spotted on Facebook this August is the “Color Changer” app.   According to Information Week:

Cheetah Mobile found that this iteration of the scam stems from an apparent vulnerability in Facebook’s app page. This vulnerability lets hackers implant viruses and malicious code into Facebook-based applications, which direct users to phishing sites, it said.

The latest version of the scam works in two ways. First, it asks users who click the link to view a color changer tutorial video. If users view the video, it steals their Facebook access tokens, which gives the hackers temporary access to the user’s Facebook friends, Cheetah Mobile said.

What should you do if you suspect malware on your Facebook account?  Go to the “Apps” tab and remove it.  Then the following steps apply to any and all other malware scenarios on Facebook.

  1. Change your password
  2. Scan your computer.  Use a couple of anti virus programs (internal and external)* and a Malware scan
  3. If you are using Chrome, use a browser-specific scan.
  4. Make sure you are using the latest browser version.  If not, Upgrade!
  5. Remove suspicious browser-add ons
  6. Review your recent account activity and delete anything you did not post.

Facebook provides the links to some scanners and you can review the steps there.  *While I normally recommend MSSE (Microsoft Security Essentials), I’m recommending a switch to a combination of Avast! or AVG and Malwarebytes for now (as far as FREE Anti-virus goes) PAID Anti-virus such as Bit-Defender, F-Secure, and Kaspersky will give you stronger anti-virus protection .  If you continue to use MSSE, please use it in combination with Malwarebytes.

Home Tech SOS

Access the ‘Hackability’ of Your Car 

Questions have been raised since 2 hackers successfully hijacked the steering and brakes of both a Ford Escape and a Toyota Prius.  Want to assess the ‘hackability’ of your car?  Try the *chart below from Wired.com:

CarHackChart

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

*DISCLAIMER: This chart is not considered conclusive or comprehensive.  According to the article:

All the cars’ ratings were based on three factors: The first was the size of their wireless “attack surface”—features like Bluetooth, Wi-Fi, cellular network connections, keyless entry systems, and even radio-readable tire pressure monitoring systems. Any of those radio connections could potentially be used by a hacker to find a security vulnerability and gain an initial foothold onto a car’s network. Second, they examined the vehicles’ network architecture, how much access those possible footholds offered to more critical systems steering and brakes. And third, Miller and Valasek assessed what they call the cars’ “cyberphysical” features: capabilities like automated braking, parking and lane assist that could transform a few spoofed digital commands into an actual out-of-control car.

August 31, 2014 Melanie , , , No comments
MelanieThe SOS Newsletter: Help for your web stuff – August 2014
read more

The SOS Newsletter: Help for your web stuff – JULY 2014

Logo4640

dit-dit-dit/dah-dah-dah/dit-dit-dit…

July has just whizzed right on by.  Seems like its been packed with a lot of things to do like work, maintaining security on your sites, summer vacations and Client events.  So let’s try to catch the last of July before it runs out on us.

Passwords.  They have to be strong and long to be effective.  And that’s a PAIN!  You know it.  So before we do a lot of other things, let’s get this password thing down so its a lot easier as well as safer for you.  I’m going to give you a couple of sites that will help you create a password without having to think one up.  And then, a PASSWORD MANAGER,  so you don’t have to remember them.  How cool is that?!  Plus, I have a home tech tip that will help you maximize your bandwidth

SOS Security Tips

password_strengthYou didn’t just use “iloveyou” or “monkey” for your password, did you?

In a recent talk by privacy/security expert, Lorrie Faith Craner, it was cited that the 2 most popular passwords are “iloveyou” or “monkey”  and when asked to add punctuation to their password to make it harder to hack, 40% of people chose an exclamation point!  (And we just told the hackers, right? Shhhhhh!)  😉   Lorrie is the director of the Carnegie Mellon Usable Privacy and Security Laboratory at Carnegie Mellon University and a member of the Electronic Frontier Foundation Board of Directors.  (Love the EFF!) 

Also cited in the talk were the following problems with getting users ( busy folk like you my readers) to choose strong passwords (at least 16 characters) :

  • Even when people are told to choose long passwords or password phrases, they often chose something easy to hack like “passwordpassword” or “baseballbaseball”.
  • Random-word password phrases while long, are not easy for users to remember or use.
  • Pronounceable gibberish passwords like “vadasabi” worked very well and users could remember them.

All good points.  However, the debate – passphrases vs strong passwords (which is better?) – continues. And I, myself, favor long, strong and ugly passwords.  Clint Eastwood passwords; good, bad, and ugly.  There’s no social media hack aspect to them whereas with passphrases there is the possibility of a social hack – especially if you use familiar words any hacker can pick up  by doing a search on you and scanning your social media posts.   Also, there’s a maxim that’s worked well for me for a number of years: If its easy for you to remember, its easy (or will be) for the hacker to hack.

Why all the concern about passwords in the first place?  Because hackers have password cracking software.  That software is now easier and cheaper to get because its being sold as SaaS (software as a service)  And hackers have the computing power now in a single pc to very easily hack your short, easy to remember passwords in a shorter amount of time.  (There are also easy ways now to hack into the computing power of other devices without the user knowing it to multiply the power and speed the hacker has available – but that’s another newsletter. ) That’s why I tell you to make a password at least 16 characters long or longer.  I would add to that: 16 random characters long including punctuation.

That said, the most annoying aspect is making passwords up.  Second annoying thing is remembering them.  So I am providing you two password generators to make the whole thing easier to create.  One is a passphrase generator and the other is a strong password generator.  Both are excellent and easy to use.  Second, so that you don’t have to remember them, I am recommending a password manager so that it will remember your individual passwords for each of your online accounts and all you have to do (once its set up) is remember ONE PASSWORD for everything you have online.  You even get notification if there is a security breach.  How great is that?!

The XK Passphrase Generator (image source)

The Strong Password Generator

Go ahead.  Try them out.  Have a little fun.  Then start converting your current passwords to these new, stronger passwords.  Bookmark these links in your browser.

A Password Manager To Rule Them All

LastPassLogo300Then go to LastPass and get yourself set up so that you only have to remember ONE PASSWORD for all of your online accounts.  (It’s like “One ring to rule them all!” sort of thing)  LastPass is based on a freemium model so you can choose either the free or the premium account.  Another password manager is KeePass.  It’s an open source option but I find that it is not as user-friendly.  It is highly-recommended though.

A note of caution on password managers:  they, too, have their problems.  If you have been keeping up with this newsletter, you know I try to keep you informed of the most current and dangerous hacks.  But hacks at every level of our infrastructure go on all the time.  So password managers are no exception.  The security advantage is that they will keep you in an instant notification loop. They do have a password generator of their own, but I recommend the two above first.

Home Tech SOS

The BEST Wi-Fi SetUp Tip EVER! 

Where should you point your Wi-Fi Router antenna ?  UP!  Right?  Nope.  Here’s a great tip for setting up your wi-fi router antennas for the most optimal coverage from LifeHacker.com along with WHY it works better!

WiFiSetUp

July 29, 2014 Melanie , , , No comments
MelanieThe SOS Newsletter: Help for your web stuff – JULY 2014
read more

The SOS Newsletter: Help for your web stuff – JUNE 2014

Logo4640

dit-dit-dit/dah-dah-dah…

You probably recognize that familiar morse code for “sos”, the call  for help.  It also happens to be the caps of my website – Switched-On-Sites.  More importantly, SOS stands for the kind of web help I want to provide you with my services.  If your web site is in trouble, I’m here to help.  So I thought why not make that the new focus of  the SOS newsletter!

Starting with this newsletter I’ll be covering  the kinds of information that will likely be most helpful to you: website security, social media, SEO, and home tech help and tips.   Let me know how you like it or if there is something you’d like me to add.

SOS Security Alerts

CLockerPicCryptoware Through Malicious Ads

You remember seeing that familiar screenshot on this blog from past alerts about Cryptoware (Ransomware) – that malware that likes to hold your files for ransom until you pay up.   Well, a new variant is on the loose, this time called Cryptowall.   And it showing up at some famous (and BIG name) sites like Disney, Facebook, The UK’s Guardian and more through malicious ads.

When you click on these infected ads, you are redirected to an infected advertisement site (called a malvertisement) and the malware is then downloaded to your computer.  Your files are then encypted with a very strong RSA encryption ( RSA 2048) and you are informed how much (Currently $500 USD) you have to pay to get them decrypted.

As I have warned in the past, prevention is the best cure on this nasty malware – DON’T CLICK THE ADS!  How widespread is this malware?  According to The Hacker News: 42% of the infections are centered in the US, followed by England and Australia.

 

HackFlag

Help! My Site’s Been Hacked!

Have you ever been searching for a site, put in some search terms and come up with this little warning: “This site may be hacked”?  Well, its not all that unusual given that there are billions of sites on the web  and hacking of small business sites has increased.  According to Symantec’s Internet Security Report companies with less than 250 employees made up 31% of the  targeted hacks in 2012.    But many small businesses still do not know about the resources needed to fend off these attacks.  And often times, you may not even know you have been hacked until you are told by a customer who goes to search for your site and finds Google’s “hack flag” warning.  When that happens, its time to identify the type of attack, do clean up and remedial security protection for the site and appeal to Google for the flag to be removed so that your organic searches are not compromised.   As with all things, an ounce of prevention is worth a pound of cure.  This is something I can help you with here at Switched-On-Sites.  I specialize in the security concerns of your small but growing business!  Give me a call if you need help setting up your site security or need a hack fixed.

SOS Featured Social Media Tips

FacebookHow to turn it off: Facebook is using your browsing history for ads

You know by now how deeply the NSA surveillance of ordinary citizens is, but did you know how closely Facebook is watching every web site you go to?   Well, lets review a small paragraph in Facebook’s famous ever-changing TOS (Terms of Service) :

We and our affiliates, third parties, and other partners (“partners”) use these technologies for security purposes and to deliver products, services and advertisements, as well as to understand how these products, services and advertisements are used. With these technologies, a website or application can store information on your browser or device and later read that information back.

How are they doing that?  Well, those famous social media sharing buttons we put on your sites.  Or even with Oauth that allows you to login to other sites using your Facebook credentials.  That’s how.  It’s a double-edged sword.   It gives you and I the exposure we want for our sites and it makes logging in a lot easier than creating umpteen accounts all the time, but its also collecting browsing data about other personal things like your geographical location, personal demographics, medical information, online shopping habits , anything a third party website might collect from you and storing this in their databases.

So if you don’t want  Facebook to use your browser info to target ads toward you (shades of Minority Report!) then you can go to the Digital Alliance Website and opt out of interest-based ads.  It won’t stop them from collecting the information for other purposes, but it will stop them from using it to target ads.

You can also start using Duck Duck Go for browsing and while there at the Digital Alliance Website opt out of Google, Yahoo and other large sites tracking you for ads as well

SOS/SEO

SEOAre 301 Redirects Helping Your SEO?

At some point, you’re going to want or need to move your website.  Site migrations involve a great deal of planning to make sure nothing physical is lost during the transfer and traffic loss is kept to a minimum.  But there is one other consideration and that’s  maintaining your link equity (ranking power) in the best way which up till now has involved using 301 redirects.   But 2 weeks ago, Google updated their site move documentation to  recommend 302 redirects when it addressed separate smartphone URLs to Desktop URLs  .  Why?

As you may know, 301 redirects are permanent.  And in this particular scenario, you may want to change those redirects in the future.

 

 

Home Tech SOS

Low Tech Cord Management 

Tired of tracing wires back to their source?  Stop pulling the wrong plug!  Here’s a great idea for cord management from PinTriedIT.com:

CordManagement

June 18, 2014 Melanie , , , No comments
MelanieThe SOS Newsletter: Help for your web stuff – JUNE 2014
read more

May: Scams and Viruses on Facebook and Other Security Issues

LOL Trojan Is “laughing” at the Facebook Messaging Service

Malwarebytes  is warning FB users to beware of a new scam and trojan called the “LOL” malware.  It’s a message that appears to be from one of your FB friends with a photo file attached named “IMG_xxxx.zip”.  Clicking on it allows a Facebook user’s data and login credentials to be accessed.

What to  look for…

Messages like “LOL” or “I can’t beleive someone posted this” or “OMG, have a look at this” catch users off-guard. After downloading and unzipping the jar file named IMG_xxxx.zip, the malware executes and infects your system.The jar (or Java)file itself is the agent that actually downloads a pre-defined file from a select DropBox account. This is the file that infects the user’s machine. In the background, messages are being sent to the rest of the FB user’s friends’ accounts.

This sort of attack works because it goes through several steps to evade detection and to trick the user into trusting and opening. Once on your computer it further escapes detection by injecting itself (injection attack) into a legitimate process running on your computer.

How to protect yourself

Change your Facebook password if you receive one of these and delete the message.  Then notify Facebook and your friendson a wall post.

Inside That Postal Stamp Kiosk May Be A Scam

It looks as if a fraudster gang is installing skimmers on postal vending machines across the US.  The Banking industry started issuing reports earlier this month of fraudulent activity on debit cards used on postal vending machines such as stamp dispensers.  According to the USPIS, the following warning has been urged to customers using the machines:

“USPIS recommends customers who use the APC machine should personally visually inspect the machine prior to use,” the USPIS said. “Look for any type of plastic piece that looks like it has been slid over the actual credit card reader. Look for any other type of marking on the machine that looks as though it has been applied by a third-party.”

Krebs on Security had this to advise on protecting yourself when using these vending machines:

One way to protect yourself against this type of fraud is to use a credit card in lieu of a debit card whenever possible. With a credit card, your liability is maxed out at $50 in the case of fraudulent transactions. Things get more complicated with debit cards. Although many banks also will observe the $50 limit on debit card fraud, customers could be facing losses of up to $500 if they wait more than two business days after learning about the fraud to report it. Also, while your bank is straightening out the situation, any cash you may be missing could be held in limbo, and other checks you have drawn on the account may bounce in the meantime if the fraudsters manage to clean out your checking account.

In addition, it’s a good idea to cover the PIN pad when you’re entering your PIN. Doing so effectively prevents thieves from stealing your PIN in cases where a hidden camera is present.

May 15, 2014 Melanie , , No comments
MelanieMay: Scams and Viruses on Facebook and Other Security Issues
read more

RansomWare Strikes Again: CryptoLocker

CLockerPic

That nasty thing above is the screen for a new, on the rise RansomWare called CryptoLocker.  We’ve discussed RansomWare before in a previous couple of posts here and here.   As a review of what this malware does – it locks your computer and then holds it for – yep, you guessed it – a ransom fee.  Hence the name.

However with this particular RansomWare it encrypts all your files and then offers, as above in the screen shot, a way to decrypt them –  for a price – anywhere from $100 – $700 or in some cases, 2 Bitcoins – 10 Bitcoins ( $450 – $2100).   In fact, with this new attack, they offer a “Decryption Service” that allows victims to purchase a “decryption key”.  Of course, that’s the last thing you want to do.  Bottom line: your files get encrypted and you may lose them forever and ever.  Amen.  …unless you have the decryption key.

How do you get infected?

CryptoWare is spread through email attachments and it ihas been noted that the hackers are targeting companies through phishing attacks.

What kind of files are  being targeted on an infected computer?

The file extensions, according to MalwareBytes, are listed below:

3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx

How far has this malware spread?

According to The Hacker News, “…64% of its victims are from the US.”   It targets Windows systems.

Removal:

Regretfully, there is no specific tool known to be able to decrypt and restore asymmetrically encrypted files except a private key.  MalwareBytes will detect CryptoLocker as “Trojan.Ransom” but it also cannot restore your encysted files.  Your best defense is to back up your files frequently.  And since this malware can cross through external drives such as USB and mapped drives, don’t leave X-drives mounted.   Keep your anti-virus up to date and work at using file sharing services rather than relying on email attachments.

November 6, 2013 Melanie , , No comments
MelanieRansomWare Strikes Again: CryptoLocker
read more