Security Advice For New Computer Owners

New PC

 

Security isn’t always the first thing you think of when you get your first computer.

The excitement of getting it out of the box and working your way through the setup procedure is much more fun.

You can’t wait to get on the internet and besides, all that security stuff is just hype to get you to spend more money, right?

Wrong.

Online security threats are real, and if you don’t take it seriously, you could end up losing your data and watch your beloved computer slowly curl up and die.

Here are our top 10 tips for new computer owners. None of them are complicated, but they’re all important.

  1. Your computer is a sturdy piece of kit, but it’s not indestructible. It does like to be cleaned (see your computer’s guide), and it doesn’t like liquid or food
  2. Even though you write a document on your computer, it doesn’t mean it’s there forever, even if you save it – back everything up
  3. The best policy is not to trust anything that comes from the internet until it’s proven safe
  4. Saving is not automatic. If in doubt save it again
  5. The internet is a public entity. Only post things you’re happy for everyone in the world to know
  6. Don’t attempt any DIY fixes. If in doubt don’t touch your machine and get someone who knows what they’re doing (it will be cheaper in the long run)
  7. If you get a call from “Microsoft” hang up, it’s not them
  8. Get paid antivirus
  9. Set a strong admin password and use a non-admin account for everyday use
  10. Above all, if it sounds too good to be true, it probably is

If you follow those tips as you start to get to know your computer, you won’t go too far wrong.

Above all, take care of it, and it will take care of you.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Don’t Get Caught Out By The Phone Scammers

Have you ever received a call from someone who claims to be from Microsoft Windows Security?

They tell you your computer has been infected by a virus that’s about to take over the world! OK, not the world, but definitely your other devices. They make it sound like Armageddon, but really it’s a con. All they want is to gain access to your computer so they can steal your data.

More often than not, these calls happen during the day when the scammers hope to catch people unawares at home, thinking they are more likely to be elderly and therefore not very tech or security savvy.

I want to draw you attention to an article written by Jane McCallon in PcPro.co.uk. It’s a fantastic read. Jane talks about her experience of such a call and how, after adopting the Scam Gran persona, she wound up the bogus caller so much he threatened to kill her!

Jane’s article ends with 3 top tips for thwarting the phone scammers. Here there are:

1) Don’t click that link!

“Dear sir or madam, we’ve noticed some unusual activity on your account. Please follow this link to reset your password.”

No matter how legitimate an email may look, never click a link like this. Your bank, email provider, or internet provider will never ask you for this kind of information. Many banks have a section on their website – which you should navigate to directly – where you can report scams like this, usually referred to as “phishing” attacks.

2) Microsoft Windows (in)Security

As with Scam Gran’s experience, there are ruses that will try to frighten you into giving control of your computer to a scammer, handing over sensitive information, or directing you to a malicious link.

“Microsoft Windows Security” won’t call you about a virus or malware on your computer – Microsoft doesn’t monitor for that kind of thing. Anyone claiming to be from this organisation is a liar.

3) Phone phishing 

Another common phone scam is a caller pretending to be from your bank. As with phishing emails, they will often say they’ve seen unusual activity on your account and then encourage you to hand over your sort code, account number and secret answer, or perhaps your credit card number and signature strip security code.

These scams can, in some cases, be extremely sophisticated, fooling victims into thinking they have hung up and called back a legitimate number, whereas in reality the scammer has just held the line and played a dial tone.

Remember, you bank won’t call you and ask for your full account and security details. If you are unsure who’s on the phone, make an excuse to hang up and then call someone else you know to check your line really is clear.

It’s so important you remain vigilant at all time. OK, I’m not suggesting that you should also adopt the Scam Gran persona, but if you know of anyone who may be vulnerable to such calls, perhaps it’s worth sending the link to this blog post so they can read up on how to stop the scammers.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Protecting Your Computer From Viruses

Let’s face it, computer viruses are a menace. They cause untold damage to your files, Protecting yourself from computer virusesbusiness and even your reputation. So how can you protect yourself from them?

There are a number of steps you can take, but here are our top tips.

1. Education

Learning about viruses and keeping up to date with the latest threats, protections and industry news will help you stay safe from the nasty little suckers.

If you understand what you’re dealing with, the easier it will be to not only identify when you’ve been hit by one, but it may also prevent that from happening in the first place.

2. Anti virus

Prevention is always better than cure, so arm yourself with effective anti virus software. If you don’t, your PC will become a target for viruses as soon as you start to surf the net.

3. Updates

Keeping both your Windows operating system and virus software up to date is essential, so make sure you regularly download the updates.

Virus creators are always refining them and coming  up with new ways to bypass security systems, so if your software isn’t up to date, it could offer the opportunity a new virus strain needs to slip in unnoticed.

4. Downloads

Whenever you download something from the web, make sure it comes from a trusted source.

5. Be vigilant about emails

How many spam emails do you get in a day? And how many of those have attachments?

Many are easy to spot, but there could be one or two that aren’t. Never be tempted to open an attachment from an email if you don’t know the sender, or if it doesn’t quite ring true. If in doubt, get in touch with them – it’s better to be safe than sorry.

Over to you

Do you have any other tips you’d like to add?

If so, leave a comment below.

Beware of the Trojan

“A Trojan horse, or Trojan, is a type of malware that masquerades as a legitimate file or helpful program with the ultimate purpose of granting a hacker unauthorized access to a computer. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses can make copies of themselves, steal information, or harm their host computer systems.” (Wikipedia)

Trojans represent the biggest threat to home and business computer users. Not only because of how many there are in circulation, but because of their sophistication and the threat they pose.

With the ability to steal information and passwords, the Trojan allows the hacker to take complete control of your system. Which is why it always pays to be vigilant when it comes to opening emails and attachments or downloading files from unknown sources.

In this post, we want to draw your attention to one particular type of Trojan…

Ransomware – The Police Virus

This particular type of nasty ‘kidnaps’ or holds your computer files or system captive and then demands a ransom for a fix.

If your computer is infected, you will get messages displayed on your screen with logos of international law enforcement agencies. The effect is to trick the user into believing that their computer has been locked by the authorities for visiting inappropriate websites or making illegal downloads.

You will then be told that to unlock your computer you have to pay a fine, usually £100 (euros or dollars).

These messages actually come from the Trojan itself, which is hidden within your computer.

What should you do if your get this or indeed any Trojan or virus on your computer?

Go to someone that knows what they’re doing. Find your local IT specialist and invest in some quality virus protection software.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders
and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Are You Aware of the Dangers Lurking in Your Office?

Antivirus software – great, install it, forget it and continue to work in blissful harmony safe in the knowledge you are protected.

But are you?

To highlight the case that, especially in the business world, you may not be as protected as might like to think you are, we would like to draw your attention to an article that appeared in PC Pro called Why Antivirus is Fighting a Losing Battle in Your Office.

Antivirus software is hamstrung by poorly coded business apps and daft users, says Steve Cassidy

Whenever I’m called upon to deal with a virus infection inside a business network, I find myself having to swim desperately against a gigantic wave of sheer user incredulity.

Occasionally, I wonder whether I encounter this effect so often because I manage to explain myself more clearly in writing than I do face to face (despite always going into such meetings equipped with the most sophisticated visual aids, such as my Cross fountain pen and a sheet of A4 paper). So here is a handy summary of what happens to your business PC when a virus comes to call, and how this differs from what happens when a similar misfortune befalls your home PC.

Badly behaved business apps want all their users to have admin rights to their local PC, and require all sorts of hacking about

The first and most obviously incredulous reaction I encounter is always “we have antivirus, so that isn’t possible”. I shudder to imagine how many businesses are sitting there wide open as a result of accepting this fallacy (and as for home users, I refuse to imagine at all). If our antivirus program didn’t put up an alert, they say, then there can’t have been a virus attack.

I suspect that where my explanations really run onto the rocks is when I’m groping around for real-world metaphors to illustrate this appalling error of logic, which deludes so many management minds. That old joke about a guy falling off a skyscraper and exclaiming “so far, so good!” to the people he passes on each floor implies a suitable specific degree of complicity in the situation, but clashes with other observations about the nature of infectious processes.

Talking about biological infections doesn’t work very well either, because animals have immune systems and computers don’t, and whoever first thought of deploying such a metaphor clearly didn’t understand much about the nature of the immune response, the crucial role of pain and inflammation, and so on. If I make reference to Carl Zimmer’s utterly fantastic book Parasite Rex – which provides an in-depth look at a vast area of biology that actually makes a better metaphor – then people tend to look a bit uncomfortable and freaked out. “Parasites! Yuck! Guinea worms! Liver flukes! Ewww!”

The devils you know

So let’s go bare and brutally literal about this subject. Certainly your antivirus software knows about existing viruses, and it knows how to prevent certain types of virus infection that arise from files downloaded via your browser, or from traffic over your LAN, or from attachments to emails. There may be a few other types of presentation or infection that various different antivirus products manage to catch too, but I’m sorry to have to tell you that the products most favoured by businesses tend to be rather less all-encompassing with the protection they offer. I’m not intending to blacken the reputation of any particular antivirus software company by saying this, since quite apart from any other factors, the “rule of rubbish applications” trumps all other cards inside a business network.

That’s the rule that says businesses have to put up with incredibly badly coded applications, which would send home users running for a refund. Generally speaking, the more general purpose a piece of software is, the better coded it is likely to be. When did you last hear of an incompatibility or a crash in a zip compression utility? But how about the application that runs your business’ accounts, or operates your stock control system, or the parts-ordering interface to your supplier or manufacturer?

Those are all more specialist applications, so they tend not to suffer many competitors in their sectors, which means they’re insulated from the bracing forces of natural selection, and tend not to evolve very far or fast. One common consequence of this overall flakiness and indifference to progress is that these accursed programs are inclined to ignore all the layers of OS-level user security that Windows has been adding for the last half a dozen revisions.

Badly behaved business apps want all their users to have admin rights to their local PC, and require all sorts of hacking about – time-consuming, annoying and often repetitive hacking about – if this level of access is denied to them. This design decision (although it’s stretching a point to dignify it with the name “decision” at all) is so widespread and so continually rediscovered, because it’s useful and saves coding effort. But unfortunately, it wipes away swathes of sensible and elegant anti-infection measures, and puts antivirus software writers (who by contrast are intensely competitive, massively technical, and by definition must occupy the cutting-edge of their business) at a huge disadvantage.

In the home PC sector they can rely on the presence of fairly basic but highly effective OS-level precautions, but in the business arena these features are sometimes bypassed by various workarounds. Okay, let’s upgrade that “sometimes” to an “almost always”.

Admin rights

This notion, that badly behaved software can be fixed by granting admin rights to everybody, has attained the status of Professional Sacred Cow in the world of corporate IT, and I’m sorry to have to report that nowadays, I find people doing it almost as a reflex action, part of a body of false knowledge that shouldn’t be applied in such an unquestioning way.

The crucial ability that having admin rights confers, the one that fixes so many flaky applications, is the ability to write to directories in the Program Files folder tree. If only this single right were to be conferred, instead of the whole great package of other permissions that go with full “administrator” status, life would become much less tough for the antivirus software that has to keep out the bad guys.

Source: http://www.pcpro.co.uk/realworld/373726/why-antivirus-is-fighting-a-losing-battle-in-your-office

 MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Destroy Your Data–5 Ways to Say Goodbye

goodbye

The thought that you could unwittingly open your data up to unscrupulous hackers is at the forefront of most peoples’ minds. But what about when you dispose of your old computer, hard disk, or USB stick?

If you don’t destroy your data before disposing of your hardware or dropping it off at your local recycling centre, you could see your personal data fall into the wrong hands.

Here are 5 top tips for data destruction from PCPro – well worth a read.

1. Overwrite it

Simply deleting files or formatting them won’t do it. Although they appear removed from your OS, they’ll still be lurking in the recesses of your hard drive.

The answer is to overwrite the data at least 3 times. The article in PCPro suggests using the Gutmann method, which ‘writes a series of 35 patterns over the hard drive’, their preferred free tool is Eraser.

2. Smash it

To eradicate the data you have to physically destroy the hard drive, or more accurately, the platters within the hard drive.

This can be done using various methods: hammering large nails through it, using a sledgehammer to pummel it, take an angle-grinder to it, or dunk it in dilute hydrochloric acid.

The easiest method is to unscrew the hard drive using a Torx screwdriver and remove the platters, which can then be sawn and generally destroyed.

3. Demagnetise it

Although this method won’t work on USB sticks or SSDs (because there’s nothing magnetic about those data storage devices), it can be used on hard drives.

But be warned, waving a household magnet over it won’t be enough to delete your data. Demagnetising (or degaussing) isn’t a viable home data destruction method as degaussing machines are rather expensive.

4. Disc destruction

We’re not talking about scratches as they would have to be pretty deep to make any impact, so you might as well go the whole hog and destroy the disc.

Cut it up using a strong pair of scissors or shears, or, if your shredder has a slot for CDs, use that and dispose of the bits in separate bins to make sure it can’t be put back together again.

5. Purge your printer

Believe it or not, lots of printers have built in hard drives and may automatically store a copy of any document that passes through it – bet you didn’t realise that.

Assuming you’re not planning on selling on the printer (or returning it to the lease company), remove the disc and destroy it. If you do want to sell it on, connect the printer to a PC and wipe it using the a data erasure tool.

So there you go, 5 ways to make sure you don’t pass on any of your sensitive data without realising it.

 

Author: MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

How Safe is Your Email?

safe email

As an email user I’m sure you get loads of spam and phishing emails every day.

They are a nuisance but so long as you don’t click on any dodgy links or attachments you’re generally fine.

But there’s another threat – one that’s a bit sneakier and can catch out even the most careful of people.

Take a look at this headline that appeared on itsoluti0ns blog last month:

Hotmail and Yahoo Mail hit with similar attacks as GMail, says report

Now that’s not something you want to read while having a coffee.

According to itsoluti0ns, last month Google announced that hundreds of its GMail accounts has been affected by an attack that forwarded the account’s emails to other accounts.

If that wasn’t bad enough, a report from Trend Micro said that similar attacks have recently hit accounts at Microsoft’s Hotmail and Yahoo! email services.

The report states that Trend Micro team members discovered a “phishing” attack on Hotmail that disguised itself as an email from Facebook’s security team. Unlike other attacks users would be affected by the email just by previewing – they didn’t even have to open it. The report then goes on to say “We recently alerted Yahoo! of an attempt to exploit Yahoo! email by stealing users’ cookies in order to gain access to their email accounts. While this attempt appeared to fail, it does signify that attackers are attempting to attack Yahoo! email users as well.”

Fighting back

With increasingly sophisticated attacks you may wonder how on earth you can protect yourself from these threats.

One method to action is to use a two step email verification system to help you make sure the emails you receive are genuine.

Other than that check out the spelling and grammar in the so-called ‘official emails’ from companies (particularly unsolicited emails).

Ultimately, if you’re not sure press delete – better to be safe than sorry.

Author: MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Computer Security for Businesses on a Budget

padlockSecurity of your IT systems is, or at least should be, paramount.

As a small business, a crash of systems or data loss, could cause untold damage to your business – it could even close you down.

Therefore, regardless of your budget, you must ensure your security measures are adequate.

 

To help you out, here are 5 ways to enhance your security settings.

1. The weakest link

The weakest link in your small business security chain is your staff.

It doesn’t matter how much you spend on fancy security systems, one careless click on a dodgy link, an insecure password or unsecure download could undo all your good intentions.

Staff education is the key. By instructing them in good practice you will minimise the risks of human error leading to a security breech.

2. Don’t waste money

Where is your largest security spend? Make sure the data you are protecting warrants that level of protection.

Not all the data you have will be attractive to potential thieves. Remember one size doesn’t fit all so make sure you look objectively at your systems and allocate the lion’s share of your security budget on the areas it is needed most.

3. Patch

Patches and software updates are generated for a reason, not just to annoy you. They don’t cost you anything other than a bit of time to install them. Make sure you check and install updates regularly to make sure your systems are as secure as possible.

4. Be strong

Make sure you all your staff are aware of the need for strong passwords. Creating a proper password policy within your company will have a dramatic effect on the security of your systems.

5. Lock it

The other points have looked at keeping your software and systems secure but you also have to keep your hardware secure too. It sounds obvious but make sure your building is securely locked after hours because your IT security is only as good as your building’s security.

These simple 5 steps will help you achieve a standard level of security for your systems. IT security should always be at the top of your list – how safe is yours?

Author: MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.