Wednesday

Sextortion Scams


SEXTORTION SCAM
Have you ever received one of those emails that didn't really make sense but still made the hair stand up on the back of your neck? One of those could start with a message like:  “Send bitcoin right away or else I am sending compromising photos or information to your friends and family.
This is a new variation of an old scam. A little fear-inciting jolt that has you unsure of the nature of what the scammer is talking about… your mind races … How would they have anything I would not want to be exposed? What item or video could they have that I would want to hide? Then you think about the privacy in your own home? What device did they hack? Even if you know the claim is impossible and untrue, it is still very unsettling and a bit frightening. This new version of an old scam is called Sextortion and it preys on your fear of the unknown.
How does this scam work?
The bad guy tells you they have hacked your device/computer and they will release embarrassing information. They don’t tell you what they have, only that they have something from your personal device. It could be photos, emails or text messages. Most of the time the bad guy vaguely threatens to release the information they have stolen to your employer, your friends and your family. Sometimes the bad guys describe details of what they allegedly have on you.
What is it that they want? They’ll tell you that to avoid having your personal items exposed to everybody you have to pay them immediately using bitcoin.
Here’s the catch:
What would make you believe their claims are right when you know it can’t be right. The scammer provides just enough information from one of your hacked accounts. Equifax, Target, Facebook, Marriott, MANY more! Mine was my old MySpace account. There are too many breached companies to list them all, but in all likelihood, some of your information has been stolen. They give you just enough information, that adds credibility to their claim, to make you believe they may have something of yours that you want back. They’ll show an exposed password and/or your user name which they purchased on the dark web. By matching your email address with passwords, they have enough information to make you a little frightened. The scammers assume a small percentage of their chosen victims will react and pay the extortion fee. It’s in the numbers, 1 million emails sent, 50,000 people get nervous, 5,000 pay the $1,000 ransom and they have a $5,000,000 payday. 
That's only .5%  response on the 1,000,000 emails sent for a HUGE payday.
The 50,000 nervous people have a jump in their fear level start a Google search for how to purchase Bitcoin or think about what could they have.  OK DEEP BREATH, if you are like 99.5% of us you know you're being scammed but let us give you some advice in case you're still nervous. Don’t fall for it and don’t pay the ransom.
As proof, they may provide you with a legitimate username and password, most likely from an old account because those are the cheapest to obtain. Regardless if it is old or new, stop using the password they provided, change it immediately, especially if it is one of the 3 passwords you use. Using the same password will eventually lead the bad guys to an account that does have items you want to keep safe and private. If you use your password manager, it will assist you in changing that password as well as do a security search of your accounts for the same password. Change those as well. Rest assured, if the password they show you has been used to secure some of your other accounts, all of those accounts are also compromised. That is where the hair on the back of your neck should raise up.
If you really want to be secure and keep information private, use the two-factor authentication on your password manager. Consider the advice below by covering your camera lens with a piece of tape, post-it note or slide cover.

What should you do if you get a Sextortion email?

Even though there is no real bit behind this scam doesn’t mean you should not take some sort of action. Use the extortion scam as a cue to protect yourself online. The Federal Bureau of Investigation aka FBI advises:
  • Do not pay
  • Do not respond to the email
  • When opening unexpected attachments from people you know, use caution because their email addresses may have been spoofed
  • Change your passwords often
  • See if your other email addresses and passwords have been pawned or stolen
  • Stop using the password immediately (and while you’re at it, update any old passwords — using a password manager, like LastPass, is fastest)
  • Never ever send compromising photos of yourself to anyone unless you want everybody to see them.
  • Don’t open attachments from strangers
  • Turn off your computer’s camera or put a piece of tape over it when you’re not using it
I'll reiterate, DON’T reply to the email. The more you reply, the more likely you are to expose other items or information that they will use to manipulate against you.

Thursday

Why you need a Battery

Call 10D Tech at 541-243-4103 for local advice and assistance in Salem, Keizer, Corvallis, Albany, Lebanon, and Eugene. We provide Avaya Business Phones, Managed IT, Internet Services and Cyber Security through out Oregon.


The following article is copied and pasted from the Tech Advisory - June, 2017 blog. They could not have said it better.


https://www.techadvisory.org/2017/06/why-businesses-need-a-ups/


"Why businesses need a UPS

Power outages caused by utility failure, accidents, and natural disasters such as storms, flooding, or earthquakes are inevitable. There’s very little you can do to prevent any of these from happening, but you can avoid the consequences to your business by using an Uninterruptible Power Supply (UPS).
What is an uninterruptible power supply?
An uninterruptible power supply is an essential piece of hardware that protects both your computer and your data. It provides a backup power source in case of main power failures caused by electrical current problems such as blackouts, brownouts, and power spikes.
Smaller UPS units can protect individual computers while larger models can power multiple devices or an entire office. Small businesses can opt for individual UPS units, which should be enough to back up critical computers and other devices that are key to business continuity.

Benefits of having UPS

It’s a known fact that power outages can damage or completely destroy electronic equipment, especially computers. Unexpected computer shutdown can cause great damage to your computer hardware and make you lose unsaved data. A UPS ensures you never experience such a scenario.
Here are other ways that a UPS benefits your systems:
  • Uninterrupted power flow during power surges

When you have UPS, the voltage that passes from the main electrical lines to your devices is consistently stabilized. This protects your computers from power surges, which happen when the voltage in other equipment suddenly rises.
  • Refined and filtered power supply

It normalizes power levels so that your computers are protected against dips and spikes caused by lightning or an abnormal power supply that usually comes from restored power after a blackout.
  • Instant power during brownouts

An uninterruptible power supply guarantees your operations’ continuity. In the event of short-term interruptions, it gives you enough time to switch to a larger, more stable power supply such as a generator. But unlike a generator, it provides instant power to your equipment at the exact moment the power goes out.

Does your business need a UPS?

If you’re purchasing new computers for your small business, a UPS is an invaluable add-on. Businesses that require constant power to function such as hospitals, banks, academic institutions, manufacturing companies, and any business for which storing and processing data are critical tasks can benefit from uninterrupted power.
Determining the type of UPS for your business as well as installing and maintaining it may require the expertise of professionals. We have experts who could provide you with information on properly operating a UPS, replacing its battery, identifying devices that should never be connected to it, and other safety tips. Call us today for advice."

Tuesday

Simplify your life

#1 Priority: Passwords!  


Password Manager: This is the most important of all priorities in securing your network. When we do security talks to groups, nearly everybody raises their hand when asked if they use the same password or a similar password for more than 1 account or website. By using a password manager, you only need to remember a single Master password. We can show you how to make a password that is very difficult to break but easy to remember. A password manager remembers and encrypts the other 587 passwords to your accounts, websites and portals and inputs them securely when you log in. We use LastPass www.lastpass.com  

We don’t sell it but we use #LastPass because it works and it does simplify our lives.  If you are already using a password manager, Thank you. The basic #LastPass version is free, but you can upgrade to Premium #LastPass for a couple dollars a month. The free versions work great, we have upgraded to premium for some convenience features.


Reminder: Never use the same password for multiple sites.

From #Sophos here is a 30 second smile, who can relate?

8 questions about Windows 7 End of Life - #3 of 10 Cybersecurity for 2020

Frequently Asked Questions: Windows 7 End of Life (EOL) We know it is not easy to make changes, especially to the computer that you are f...