Security Archive

Fake Paypal phishing email of the day

This is an easy one. The scammers put no effort at all into hiding their nefarious intentions.

I’m confident none of you would ever fall for this! But someone will. And if they click on the link, they’ll arrive at a page that looks very similar to Paypal’s own website. But it’s not. And they’ll attempt to login to their own Paypal account. But when they submit their username and password, they won’t be logged in. Instead, they’ll have just given their credentials over to the scammers, who will surely use it for evil, not good.

If you receive an email that pretends to be from Paypal, but isn’t, please report it to Paypal’s Fraud Department. Then delete the email and move on with your day, after patting yourself on the back for refusing to be fooled.

Browser pop-up security scams

Ars Technica posted yesterday about an issue that many of my clients have been and/or will be plagued by: Those nasty, scary-looking “CRITICAL SECURITY ALERT” pop-up ads that take over your web browser (Safari, Chrome, Firefox, etc) in order to get you to call some toll-free phone number so that they can save you from the horrible virus/trojan/malware that’s infected your system. If you call the number, the scammers will usually tell you that your computer is infected in some way and you’re at great risk. They’ll use frightening words like Virus! Trojan! Malware! Spyware! Infected! Firewall! Malicious attack! Security compromised! Danger! Risk! But really, the only thing you’re at risk of at this point is of being scammed and the only danger is to your credit card.

Most of the time, the scammers will tell you that they need remote access to your computer so they can show you “proof!” that your computer has been compromised. And if you agree to that they’ll direct you to a LogMeIn Rescue or TeamViewer or GoToMyPC page where you’ll download a small piece of software that will grant them access to view and control your computer (unfortunately often using the same software that *I* use for legitimate purposes to provide remote support). Once they have access they’ll open up the Terminal app on your computer and type in some commands that you won’t understand and they’ll show you the output, which will look very scary and official and technical. At that point they’ll tell you that they can help! They can fix this mess for you! They can clean up all the horrible things that have infiltrated your system and make sure it stays clean and healthy from this day forward… all for the low price of $199 (or similar number). Billed yearly for your convenience. You’ll be so worried that it won’t take much convincing and you’ll gladly read off your credit card number to them because they are doing you a great favor and you want these bugs eradicated.

Some of you have already fallen for this. That’s ok. You’re only human and these scammers really are very convincing. If I’ve been made aware of it after the fact, I’ve already helped you get the credit card charges reversed and cleaned your system of all the nasty bits the scammers leave behind (bloated and mostly unnecessary antivirus programs and spyware of their own, for example). Most of you have been suspicious enough to call me before calling them and I’ve been able to help you get rid of the obstructive pop-up and regain use of your computer without the scammy ad continuing to re-open, effectively preventing you from doing much else.

If it hasn’t happened to you yet, congratulations! But be aware that there’s a good chance you will be hit by it eventually. It’s very common now and no one is immune. Knowing how to react when it does happen to you is what counts. Here’s how:

Force quit Safari to get rid of the ad (Apple menu > Force Quit > select Safari in the list > click the Force Quit button at the bottom of that window).

When you re-open Safari, do so while holding down the SHIFT key on the left side of your keyboard. That will prevent any windows from re-opening in Safari when it opens. 

Then you can go to the File menu in Safari (upper left of the menubar) and select New Window to begin a new browsing session. If you’re still concerned that you might have clicked something nefarious earlier, are seeing other suspicious behavior or these tips aren’t working for you, get in touch and we’ll schedule a checkup and a malware and security audit. And if you want to be a good Netizen, consider reporting the scam to the FTC.



Adobe updates aplenty

adobe-logoIt seems like every time I sit down at a client’s Mac, I see an Adobe updater icon of some kind in the dock. Sometimes it’s bouncing (hint: bouncing icon means “click me, i have something to tell you!”), other times it’s just sitting there idly waiting for someone to pay attention to it.

I get that these update notifications are intrusive and you have better things to do, but most of these updates are important and you really shouldn’t ignore them indefinitely.

Adobe issued a boatload of updates this week that address a myriad of security issues and vulnerabilities that impact Adobe Acrobat, Reader, and Flash. There’s a good chance you’re using one of more of these apps or plugins on your system. Please update accordingly since “exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.”

Read more at Graham Cluley’s site

You can always download the most current version of any of your Adobe apps and plugins from Adobe’s website if you’re not sure how far behind you are.

Find | Follow | Fave | Friend