PayPal accounts integrated with Google Pay are hacked

Earlier this year users of PayPal accounts that have been linked to Google Pay have reported unauthorised transactions on their PayPal accounts.

According to a number of victims, the illegal transactions have taken place at shops in the US with purchases particularly prolific at Target stores in New York.

Most of the victims appear to be from Germany and the costs of the transactions run as high as €1,000 in some cases.

PayPal has created a virtual payment card with a number, expiration date, and CVC number. When a Google Pay user makes a payment using PayPal funds, the transaction is done via the virtual card.

Researchers believe hackers could have found a way to discover the details of the virtual cards, though this is by no means certain.

PayPal said it has now resolved the issue without giving further details.

PayPal flaw

Two security researchers said last year they discovered a flaw in PayPal that allowed hackers to read the card details of a virtual credit card from a mobile phone if the mobile device is enabled.

This could likely happen via a near field communications (NFC) reader app. NFC is used when you tap your card on a payment device. For security purposes, the signal range is meant to be no more than about 20 centimetres. However, if a mobile device is being used to make a payment it has been proven that attackers can read the signal from up to 10 meters away with special equipment.

Given that only users from Germany, some of whom have never even visited the US, are affected suggest that their virtual card details are being picked up at contactless payment facilities in Germany and then brute-forced to reveal the full payment numbers.

For instance, in Germany the first eight digits of the virtual card are always the same, leaving 7 digits left to guess. The researchers who first discovered the flaw said attackers would only need 170 guesses to establish a valid credit card number and card expiry date.

With automated software, this could be discovered in seconds and online accounts could be filled up with funds from hacked PayPal accounts within minutes.

What to do?

  • Google has reportedly said that fraudulent payments need to be cancelled through PayPal.
  • PayPal advises reporting fraudulent transactions immediately so they can be cancelled.
  • PayPal users can also avoid using contactless features and remove Google Pay from their PayPal accounts.

Be vigilant everyone.

The MPMIT Team, offering local IT support in byte sized chunks to Micro businesses and Sole Traders in the Ipswich, Bury St Edmunds, Stowmarket and the surrounding areas.

Climate Recovering as Global Emissions Down due to Coronavirus!

With an increasing amount of people changing their everyday lives to follow government guidelines, more and more companies and businesses are encouraging their staff to work from home to try and prevent the spread of coronavirus. This has had many effects on the amount of emissions released into the atmosphere globally, raising several hypotheses that perhaps the way we are working now is a method for the future in order to help save our planet from climate change.

An image from the BBC below represents the drastic decrease in emissions of greenhouse gases into the atmosphere from China since the coronavirus caused lockdown to occur, a country not known for its low-greenhouse gas emissions.

The change demonstrates a huge benefit to our atmosphere and the deceleration of climate change. Similarly, in the picture below, a map of Italy showing their change in emissions since lockdown has been in put in place represents a similar trend, which once again more people working from home, giving off less greenhouse gases.

Another image below from the European Space Agency represents the pollution levels China before and after their lockdown, showing once again the positive impacts coronavirus is having on the environment, as less people travelling around due to lockdown.

Scientists are now realising the huge benefits we are seeing to the environment due to this pandemic, and wondering how much of an effect this will have in the future if all countries switch to low-carbon lifestyles, through working at home and less travelling, and reducing the overall emissions produced by people.

So, what can you do to help maintain this lower level of global emissions? Are you one of many people who has switched to work at home and use your vehicle much less than you normally would? Think to yourself, can I moderate the amount I travel from now on, even after this pandemic is over? If everyone was to alter their lifestyle by travelling less and working from home a bit more than usual, even if by a couple of days a week, we would see a difference. Our planet would benefit massively, species of birds and other wildlife would be saved, climate change would be massively slowed down, and the rising of sea levels due to polar ice caps melting would also reduce. All of these processes are affected by the way we all live our lives. Do your bit, and reduce your carbon emissions, and our planet will be saved.

The MPMIT Team, offering local IT support in byte sized chunks to Micro businesses and Sole Traders in the Ipswich, Bury St Edmunds, Stowmarket and the surrounding areas.

Keeping Your Online Gadgets Safe

A wide range of household gadgets are being targeted by hackers, now that a gap in their security has been revealed. It is vital that for your own safety and security that you know how easy it is to keep your gadgets free from hacking by burglars and other criminals, so I shall outline very easy ways to enable this safety.

Gadgets that are being targeted include televisions, kids’ toys, smart thermostats, smart speakers, baby monitors and smart cameras. Most experts within this field have stated that the security of these devices is very good, but devices that use wireless technology is a criminal’s path straight into your own home, as they can easily be hacked. Similarly, Bluetooth connections between gadgets is another method of access into your own private life within your home. These have all come about due to the passwords attached to the gadgets being easily predicted, and not changed by house owners, leaving them vulnerable to hacking by burglars. Below, we look at the gadgets listed above, and advise you with some very easy steps to make them much safer and resilient to hackers.

Televisions:

Televisions come with cameras, microphones and web connection, all of which are accessible for hackers, potentially being able to use these means to broadcast inappropriate videos directly onto your TV. To resist this from happening, put some black tape over the top of the camera on your TV, and tweak your security settings to make it harder for hackers to get through (reset password etc.).

Kids’ Toys

Your children could be contacted by perverts through their gadgets where offensive images, videos or voices could be broadcast to them. Which? Has stated that karaoke machines, robots and walkie talkies all had security flaws, and 3 of the 7 toys tested could allow strangers to be in contact with the user. To improve the security of these gadgets, alter the PIN numbers and passwords, and turn the gadgets off when not in use by the children.

Smart Thermostats

The altering of your heating in your house could leave clues to hackers and burglars as to whether or not you are home, where if the heating is off for a long period, it would suggest to them that you are not in your house, leaving it vulnerable to burglary. To avoid your thermostat being hacked, again alter your password to something strong, and potentially allow two-step authentication, making your gadget more resilient and less likely to be hacked.

Smart Speakers

One of the best speakers in the market is Amazon’s Alexa, a gadget found in within most families now-a-days. However, there are some security fears that hackers are listening or even watching your daily activities through the cameras that some of the products are equipped with. Look for cameras on the product, and cover these up. There is also an option to opt out of being listened to, and manually programme instructions to Alexa through a tablet, being more secure, if strong passwords are set up between the two devices.

Baby Monitors and Smart Cameras

Some video cameras that can be bought cheaply on online shopping markets such as amazon have been tested to have security flaws, making it easier for hackers to access your gadgets. Weak passwords and remote access for strangers were noticed as key factors that meant hackers could easily use the cameras to investigate your homes. Before you buy a product such as this, use products that are well-known such as Arlo and Nest, which all have a high level of security.

If you require any help or advise whilst setting up your gadgets please get in touch with us here https://www.mpmit.co.uk/contact-mpm-it-computer-support-services/

The MPMIT Team, offering local IT support in byte sized chunks to Micro businesses and Sole Traders in the Ipswich, Bury St Edmunds, Stowmarket and the surrounding areas.

Top Tips For Working From Home

As increasing numbers of people work from home because of the Coronavirus, MPMIT provides top tips to help you maintain your professional poise and manage your time so you can keep your balance and avoid burning out.

Will it be tea (or coffee) and biscuits, the sofa and Netflix or fevered squirrelling away at the computer? Clearly, there are distractions at home but many people actually tend to work harder than when in the office, simply because there are fewer interruptions.

You don’t have to travel, which can save a few hours, and you don’t have the distractions of office life such as loud co-workers, endless meetings, chatter, answering the phone for colleagues and so on. As a result, you can concentrate solely on work if you can successfully navigate the pitfalls of working from home.
So how can you best manage your workload, maintain your professional poise and still work like a champion from home?

Your very own space

If you’ve got a dedicated workspace at home, that’s great. You can use it as an office. If you don’t you need to carve out a workspace that’s off-limits to other family members. You don’t have to set landmines and roll out barbed wire but there need to be some clear boundaries. There’s nothing worse than being on a work call, in a virtual meeting or trying to get something finished than being plagued by children’s endless waves of screaming, a yapping dog, mewing cat or doorbell ringing.

Always there

Be responsive. Get in the habit of sending a prompt reply whenever you get an email, even if it’s just to say, “Got it,” or, “I’ll get back to soon.” If you don’t, your colleagues might assume that you’re slumped on the sofa, tea and biscuits in hand, and binge-watching Netflix. And it goes without saying that you need to do your best to be available for conference calls or other collaborations, even if you don’t have strict work hours and other participants are in a time zone from hell.

Virtual dress code

Virtual meetings will surely play a part in your home-based work and may even require your video presence. Is there a dress code for video calls? Common sense dictates that you look reasonably polished, from the waist up at least. Pyjamas, vests and bed hair are probably best avoided.

Present and able

When your presence is required in a virtual work meeting but you don’t need to speak, it’s a good idea to be present rather than doing the ironing, putting the kettle on or tickling the baby, even if you are on mute. You never know when somebody is going to say; “What do you think…?” and you suddenly have to be ‘creative’ because while you were listening in you were also not listening at all.

Be equipped

Who was it who said, “Be Prepared”? It doesn’t really matter but it’s a handy motto for working from home.  In practical terms, this means ensuring your computing equipment is in tip top shape and loaded with the latest in protection and privacy. Working from home sometimes translates to working where ever you are, which sometimes may not necessarily be at home. It goes without saying that antivirus protection is essential but have you ever considered a VPN (virtual private network)?  A VPN keeps all your communications with the office private, whether you’re at home, visiting a client or travelling. For secure communications between you and your clients, colleagues, boss it’s just as essential as antivirus software.

Sharing docs and backing up

You may have some monster-sized docs to work on from home which are too heavy for email even when compressed. Or there might just be a lot of docs flying back and forth. As such it’s a good idea to have cloud-based storage service that can be shared between colleagues. It’s simpler than sending and receiving docs and makes it easier to work on documents that other people are contributing to, so you’re always working from the latest version. And of course, it goes without saying that back-ups at the end of the day are essential to safeguard against loss.

Keep it clean

Here’s an odd thought; every minute of the day we lose about 30,000 to 40,000 dead skin cells from the surface of our skin. In practice, this means lots and lots of dust on your computers on top of the accrued detritus that’s already there. Cleaning your computers, including your smartphone, is important so it’s a good idea to use a proper cleansing agent. Computers are generally not amenable to water. Alcohol wipes are a good alternative and also keep your devices free of bugs when you’re out and about.

Nail down time management

When working from home time can blur and it’s easy to find yourself working without taking a break, which of course, will backfire at some point with mistakes, over tiredness and a creeping reluctance to drag yourself back to the computer. This is why breaks are important. Think of your work from home as a day in the office and don’t deprive yourself of breaks. You’ll find that you can work consistently well rather than go through the peaks and troughs of unstructured working days.

The MPMIT Team, offering local IT support in byte sized chunks to Micro businesses and Sole Traders in the Ipswich, Bury St Edmunds, Stowmarket and the surrounding areas.

Home Workers – This is for you

The interests and cyber security needs of our customers are at the heart of everything we do. This is particularly important during these unprecedented and challenging times.

Millions of people the world over have made a sudden shift to working from home due to the current global circumstances. With our customers in mind we are developing material to help you stay safe and secure when you are online.

Protect those around you by staying connected, private and by sharing valid information.

Unfortunately, as you may be aware, cyber criminals are taking advantage of the anxieties and concerns around the coronavirus, Covid-19.

This has led to a flood of phishing mails that either attempt to steal log-in details belonging to remote workers or install malware on to a victim’s computer. Other infection methods are also being used such as websites that harbour malicious code and apps that are actually fronts for ransomware among other things.

To Protect yourself here are a few useful tips……

Mac malware email draftsEmails
Whenever you receive an e-mail that asks you to click or open a link, take a GOOD look at the sender’s actual email address, not just the displayed name (which could be a trick). You can usually see this by hovering your mouse over the sender’s name.

teleconferencing makes the world smallerWebsites
If opening links from within an e-mail, look in the URL address bar to see the domain hosting the web page, is it what you would expect – or is it a website you have never heard of? Again, you can hover your mouse over the link without clicking to see the destination website.

Dr Larry RobertsYour Systems
Keep your operating system and apps updated – this ensures you have the latest patches against any known exploits

Snoopers' charterLock or close your laptop when you’re taking a break, this will ensure that others in your home don’t accidently click on malware links or otherwise mess up your work.

With these tips in mind, please take an extra moment to review incoming emails, and the websites you visit to avoid becoming a victim of these attacks. Be extra careful around your online banking and financial investments and don’t be fooled by easy money. If it’s too good to be true, it usually is.

We express our gratitude to those of you who are working on the frontline to combat this virus and offer our sympathies and best wishes to those who have been impacted.

We’re in this together! Stay safe both online and offline!  If you need any help with anything mentioned in this blog please get in touch.

With Kind Regards

The MPMIT Team, offering local IT support in byte sized chunks to Micro businesses and Sole Traders in the Ipswich, Bury St Edmunds, Stowmarket and the surrounding areas.

World Backup Day – without data where would we be now?

Covid-19, and the subsequent lockdowns, has proven just how data-dependent we are. Millions of people are now working from home and if it wasn’t for the internet and data, economies the world over would crash spectacularly.

Data allows us to withdraw cash from ATMs, make remote payments and buy things in shops even as high streets are shuttered up. We can remotely communicate with friends, families, and colleagues and keep things ticking as the world limps along.

Of course, we don’t think of data as enabling us to work from home, it’s all about the internet and broadband speeds but without data where we would be now? We’d be in a world of filing cabinets, mountains of paper, clickety-clack typewriters, and clipboards.

As such the current situation drives home the importance of this week’s World Backup Day, which was on the 31st March.

Your data is more valuable than your smartphone, laptop, and Mac

Believe it or not, hardware is cheap compared to your files. Lose your smartphone or laptop and you can replace them. Lose your data and you’re in trouble if it’s not backed up.

Think of all those tunes, videos, films, contact numbers, letters, photos, work, research, work projects and anything else you hold valuable – they’re all gone.

Maybe you can put a financial value on them; perhaps you’ve spent lots of money on music and videos, perhaps you’ve spent endless hours on work and personal projects, maybe you’ve been gathering photos over the years?

It’s hard to put a price on these personal, and often precious, things.

What do you do?

You back everything up that you hold valuable and don’t want to lose.

It’s a simple thing to do. You’re making a second copy of everything that would result in a lot of weeping and wailing if you lost it.

If something happens to the original files you can restore the backups to your computer, smartphone, tablet or laptop.

Why should you back up?

There are some very common situations in which people lose their data. Your smartphone is lost or stolen, a hard drive crashes, you leave a laptop on a train, plane or bus, your device is infected with malware that locks up your files or you accidentally delete important files.

Backup options

Simply put a backup refers to any piece of data that exists in two places. It’s essentially a recovery plan and as such it’s common to keep backups offsite such as in the cloud or at the very least on an external or storage device.

Using a cloud backup service is the easiest, most economical and most effective way of keeping your important data safe.

BullGuard Premium Protection and BullGuard Internet Security both have integrated cloud backup for DropBox, Google Drive and OneDrive, and external storage such as standalone hard drive or USB.

You simply create a profile then decide what you want to back up, where you want to back it up and when. It’s as simple as that. And all your invaluable data is safe. What better than that on World Backup Day to make a plan for backing up your data?

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, Stowmarket and all surrounding villages.  

Openreach has declared a Matter Beyond Our Reasonable Control (MBORC)

BT Openreach – the organisation that maintains the UK PSTN & ISDN infrastructure which supports traditional (non-IP) based telephone lines, along with ADSL and fibre broadband connections – announced on Tuesday that it had closed its overseas call centre due to a lockdown in India. This has now restricted all orders and faults to key critical services until at least 1 June.

In addition, Openreach has declared a Matter Beyond Our Reasonable Control (MBORC) on ALL products, effective 24 March 2020 at 23:59. The declaration of MBORC means Openreach may not be able to meet its normal Service Level Agreements (SLAs) / Guarantees and removes the recourse normally available to suppliers when these are not met. This also unavoidably impacts all communication providers, including Chicane Internet, in ensuring services are provisioned and repaired within the normal guaranteed timescales.

The news means that no new business orders will be looked at until this time, including PSTN (single analogue telephone lines); ADSL, FTTC and FTTP broadband services; and fibre Ethernet where any visit to site is required. In some cases, a self-installation option may be available (for example, on broadband services being added to an existing telephone line), but even these could be impacted if Openreach subsequently deems a site visit may be required.

Openreach will now prioritise only essential work and absolutely minimise work that requires its engineers to enter end customer homes or business premises.

Provision work (new services) will be limited to:

  • Self-Install activities (i.e. where there is no engineer visit to the customer premises, this is normally limited to the addition of broadband services to an existing line)
  • On-premise work for Critical Network Infrastructure customers (NHS, pharmacies, utilities, emergency services, retail and wholesale food distribution outlets, financial services business and other categori
  • es defined by the government)
  • Services to vulnerable customers (in-home and carried out safely only where essential)
  • Customers that have no other form of broadband or telephony available

Repair work will focus on restoring service with safe working practices with revised processes to further reduce social interaction wherever possible.

With immediate effect

  • New installation/provide orders will be closed until the 1 June.
  • In-progress appointed (where an installation date has been confirmed) orders will be attempted to completed outside of the customer premises
  • Non-appointed orders will continue to go ahead where no visit is required to the premises (for example, upgrades to fibre-to-the-cabinet)
  • Repairs can still be reported but non-urgent repairs may be reviewed
  • Engineers will be asked NOT to enter customer premises and to enable/restore service where possible from outside of the premise
  • Chicane Internet will work with Openreach to identify Critical Network Infrastructure and vulnerable/Covid “at Risk” customers in order to prioritise these

Please be aware that our engineers are also following BT Openreach guidelines and are prioritising the critical jobs while suspending the day-to-day site visits.

Our priority is to ensure that you remain connected at this time and we will work with you, where applicable, to identify where alternative means of connectivity is available.

ADSL broadband and Fibre-to-the Cabinet (FTTC) services

Products which may be impacted as a result of the above announcement include but are not necessarily limited to:

  • Analogue single lines (often referred to as PSTNs) & multi-analogue lines
  • ISDN2 and ISDN30 services.
  • Generic Ethernet Access (GEA) services including G-Fast, Fibre-to-the-Premises (FTTP)
  • Fibre Ethernet
  • Any new business orders which may utilise Openreach or Chicane Internet engineering resource

In addition to the above, the Openreach Number Portability helpdesk has been closed. This will impact any orders where number porting is required, for example, from fixed-line services to an all-IP solution.

As the situation is changing daily, we aim to provide more detail as we have it, including answers to the questions you’ll no doubt have after reading this.

As soon as we have more relevant information from our carrier partners, we’ll share that with you.

How To Avoid Dry, Sore, And Itchy Eyes

Dry, sore, and itchy eyes are not just due to hay fever.  They can also be caused by prolonged exposure to screens.

Today, many of us spend hours in front of computer screens. With technology such an integral part of our daily lives, our eyes are taking a battering, more so than ever before.

Away from work, you probably spend many hours looking at your smartphone, tablet, and TV, so your eyes never get a break.

So what can you do to prevent or at least reduce the problem?

Give your dry, sore, and itchy eyes a break

When staring at a screen for hours and long periods, your blink frequency and can lead to dry, sore and itchy eyes. It doesn’t sound like a major problem, but it is annoying and unpleasant.

To remedy the situation, make sure you drink plenty of water to help keep mucus membranes hydrated and use eye drops for short-term relief.

Another great bit of advice is to stick to the 20/20/20 rule.

For every 20 minutes you spend looking at a screen you should look 20 feet away for 20 seconds.

You see, it’s the small things that make the difference.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  

Watch Out For Malicious PDF Attachments

Malicious PDFs are another hacker’s favourite. Over the past few weeks, we’ve been looking at ways you can be vigilant in the fight against hackers. So far, we’ve looked at two-factor authentication, encryption, and avoiding public WiFi.

This time we’re going to look at PDFs attached to emails.

Why PDF attachments can be bad news

Hackers are sneaky by nature.

On the face of it, a PDF looks quite an innocuous document. After all, you open them every day during your regular working practices. However, there is a darker side to the humble PDF.

Its called steganography – derived from the Greek language meaning ‘covered writing’, where a data file or malicious code can be hidden within another file.

A PDF file is a perfect vessel for hackers because they’re generally thought to be safe. However, if you receive one that contains malicious code, opening it will drop the code on to your device in a similar manner to clicking on a malicious link on a website.

How to stay safe from malicious PDFs

They are challenging to catch and check. That’s why it’s best that whatever PDF reader you use, your anti-virus or endpoint protection is up to date and that your email servers are running current and updated filters.

Software is also available that can test the PDF file before allowing it through to the intended user.

Be vigilant. Stay safe.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  

Why You Should Avoid Using Public WiFi

Using public WiFi is a no-no unless you want to hand your private data over to hackers.

This is another example of how to fight hackers. We’ve already looked at two-factor authentication and encryption.

Public WiFi might seem like the perfect way to make your monthly-allocated data usage go further, but it’s fraught with dangers.

Public WiFi opens the door to hackers

When you’re out and about, your smartphone will detect many WiFi networks. Some will be locked, requiring a password to log on. Others will purport to be public access, free services.

However, the thing you have to remember is that these free, public access networks are also insecure.

What does that mean?

It means that when you use them, everything you type is in clear text and can be read, accessed, recorded or taken over by anyone with the correct equipment.

Can you make public WiFi safe?

If you rely on these public WiFi services, there is a solution to remove, or at least reduce the risk of hacking.

The solution is to use a Virtual Private Network (VPN), which scrambles your communications making them unreadable.

If a VPN isn’t provided by a business firewall, you can buy applications for about £3 a month. These will scramble all communications through insecure connections.  Once a VPN is being used, there’s no way the ISP or anyone else can read or record what you’re browsing.

The moral of this post

If you have to use public WiFi when you’re out and about, make sure you use a virtual private network. If you don’t you run the risk of losing your privacy and, possibly, your data.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.