Infected Computer Archives - Smeester & Associates - Denver, Colorado USA

Category Archives for Infected Computer

Don’t Be the Low Hanging Fruit for Cyber Criminals

While cyber attacks can happen to anyone regardless of the size of your company or what sector you’re in, there are some exceptions. Though hackers are good at what they do, you can make it harder for them to target your company. Even if everyone is a potential victim, you can make sure you’re not at the bottom of the totem pole. Don’t be the low hanging fruit for cyber criminals.

Follow these tips to make you less desirable or less obvious to hackers on the prowl.

Don’t keep your passwords simple

While you might want an easy way to remember all your passwords, keeping them all the same is essentially asking hackers to come knocking at your door. And, they probably won’t be so polite that they’ll knock first. Your passwords should not only be unique and very difficult to figure out, but they should be different for each one of your accounts associated with your website or business.

It’s also a good idea to use fake answers for security questions and two-step verifications, as any cyber criminal with a little but of time can figure out your personal answers. If you’re worried about remembering all these passwords, you can use a password manager to help. Additionally, think twice before saving your password on websites (and credit card information) when your browser asks you.

Use a VPN

Using a VPN is a great way to protect your connection, especially if you’re hooking up to a public WiFi network. That’s because a VPN hides your IP address and encrypts all traffic coming in or out over a certain internet connection. This is one of the easiest ways to avoid being the low hanging fruit for cyber criminals.

Encrypt your hard drive

Don’t make your hard drive an open door. Encrypt it. There are thousands of ways hackers can get into your hard drive, sometimes even physically. Block it off and make sure you’re the only one that can access it.

Spread your data out

In addition to encrypting your hard drive, you also shouldn’t keep everything in one place. Sensitive information should be spread out among different places to make it harder for a cyber criminal to really cause damage.

Don’t open anything “phishy”

We shouldn’t have to say this, but if you need a reminder, please, oh please, don’t open anything in your email that looks suspicious. A lot of the times, hackers use phishing as an easy way to hack your system. Anything that looks out of the norm probably is. DELETE and notify the company that someone is using their name and logo to try infect you.

Take advice from the experts

An easy way to be the low hanging fruit for cyber criminals is by simply ignoring the issue of cyber security. Even if you’re a small business (actually, especially because you’re a small business), you should really take advice from someone who knows best. Using a managed security service is one way to go about it. Another way is to talk to us at Smeester & Associates, because we can steer you in the right direction.


Will You Be Prepared When a Downtime Event Strikes? [CHART]

Did you know that 50% of small- and medium-sized businesses (SMBs) have no backup or disaster recovery plan in place? With all the risks that come with severe data loss and extended downtime, it’s surprising that IT decision makers aren’t doing more to safeguard their business.

SMBs should not have to experience downtime if they simply implement a business disaster and recovery solution before downtime occurs, so that they can restore essential data quickly and painlessly, and resume normal business operations. Consider CloudEndure’s 2016 Disaster Recovery Survey.

will-you-be-prepared-when-a-downtime-event-strikes

Here are four things to know about downtime:

  1. Downtime can happen more often than you think. This chart shows that 57 percent of companies have experienced a downtime event within the past three months or earlier! With a reliable backup and disaster recovery (BDR) solution in place, you can mitigate the damage when problems do arise. Make sure your BDR is able to provide a quick recovery and optimal recovery point, with troubleshooting on the issues to prevent them from occurring again.
  2. Not only does downtime happen more frequently than you think, it’s also one of the biggest IT expenses a business can face.
  3. A well-known fact of modern business is that backups fail – and when they do, you are unable to access any file changes or data created after the last successful backup. That can be very problematic for your business, especially if you rely on critical data in your daily operations. Your BDR solution needs to be backed by round-the-clock support. As such, you need regular backups – and verify their viability through backup tests – as frequently as your business or organization demands. As a result, you can focus on growing your business without worrying if you’ll be able to access critical files, or if you’ll have data in its most recent form.
  4. Only 6 percent of businesses have never experienced a downtime event. As a business owner, you don’t necessarily have time to worry about when downtime will strike or the safety of your network – nor should you have to. That’s why you should seek 24x7x365 support for complete peace of mind with a reliable BDR solution. Get business continuity solution to act as your safety net so that if you’re a part of the 94 percent who do experience downtime, you won’t have to worry about it having negative, long-term effects on your business.

Tech Stuff :: What You Need to Know About Pokemon GO

Pokemon GO is creating some major mobile security concerns.

Pokemon GO is creating some major mobile security concerns.

If you haven’t already heard, Pokémon GO has quickly become the biggest mobile game in U.S. history. However, the game’s rapid rise in popularity has also raised some major mobile security concerns. Its millions of users may not be aware of the many data vulnerabilities that lay hidden within the game and its privacy policy. Are you one of them? Here are the answers to your most pressing Pokémon GO questions.

  1. What Is Pokémon GO’s Privacy Policy?

Like most apps out there, Pokémon GO does collect data about its users. When first downloading the app, users need to sign in with a Google account and grant access for the app to use your camera, data and contacts. According to the Pokémon GO privacy policy, Niantic may also collect your username, email address, IP address, the web pages you were using before logging into the game and your entire Google account. In addition, the privacy policy gives the company wide latitude for using all of this information. Niantic can hand personally identifiable information (PII) over to law enforcement, sell it off and even share it with third parties.

This full access can be a huge security risk, and Niantic recently addressed this concern with a statement saying they are fixing the bug that allowed the app to gain full access to users’ accounts.

  1. Why Is Pokémon GO a Target for Cybercriminals?

Niantic’s gigantic database of data is full of information provided by its users, which makes it the perfect target for hackers and criminals. If the Niantic servers are hacked, the hijackers could potentially have access to all of your personally identifiable information (PII). The company has offered minimal details on how it plans to store all that data, but promises that it is taking the appropriate measures to protect the large database of PII – the type of information that hackers have been increasingly targeting.

  1. What Are Other Major Security Concerns with Pokémon GO?

The public nature of Pokémon GO has caused some unforeseen side effects and attracted other cybersecurity concerns. Many fake versions of the app have been uncovered, which contain malware that can lock your smartphone and cause more harm. Also, criminals have reportedly been able to use the geolocation feature to lure players to remote areas and rob them at gunpoint. This shows that although the new game has received an abundance of positive feedback, there are some major dangers that players aren’t aware of.

  1. What Problems Can Pokémon GO Present with the Rise of Bring Your Own Device (BYOD) in the Workplace?

The vulnerability of mobile data within Pokémon GO means that there’s a greater need for managed IT security. Especially with the ongoing trend of BYOD, the likelihood of introducing unwanted cyber activity and harmful attacks via these connections is at an all-time high. If your employees are using unprotected devices when using the game, it could lead to exposing sensitive business data in the event of a hack.

  1. How Can I Stay Protected When Using Apps Like Pokémon GO?

Pokémon GO is a prime example of the various security risks that are presented with unprotected mobile devices and the growing need for managing these endpoints. By leveraging a solution like mobile device management (MDM), you can greatly reduce these risks. MDM gives you the ability to remotely wipe an individual’s data if a device is compromised. An MDM solution will also allow you to implement app management policies and put restrictions on app purchases from non-validated markets.

Holiday Cyber Scams – How to Avoid The Grinch Who Stole Christmas

Hacker On Your Computer

Now that we’re officially in the middle of the holiday season, there’s a flood of emails flying through cyberspace from family, friends, online retailers and charities. This heavy online traffic makes it easier than ever to sneak in malicious emails, targeting unsuspecting users looking to connect with old friends and find holiday deals. Whether it’s a phishing scam that is trying to snag your credit card number or a malware campaign that installs unauthorized code on your system from an email link, ‘tis the season to protect yourself.

Taking Precautions

So where, exactly, do these seasonal cyberscams come from? Many of these malicious Grinches send emails from fake URLs, disguising them to appear legitimate. Faux charities are another common scam designed specifically to take advantage of your generosity during the season of giving. Even friends and family may send what looks like an innocent forward your way, only to discover that they inadvertently launched some decidedly un-cheery, unpleasantness to your inbox instead.

However, if you take some basic online protective measures you’ll be in a lot better shape to avoid the latest cyberscams this holiday season:

  • Change your email settings so that attachments aren’t automatically downloaded. This gives you more control over what gets into your system.
  • Never open attachments or click URL links in emails from unknown or unverified senders. Even be cautious of known senders.
  • Remember that cyberscammers can spoof return addresses; their malicious emails might look like a holiday e-greeting from Grandma judging from the subject line alone. If there’s nothing specific in the subject or body of the message (i.e. “Check out the great Holiday pics I took!”), it’s worth verifying with the sender before opening the attachment.
  • Never respond to requests for financial information that arrive via email. Instead, visit the applicable site or account directly from your web browser to verify any claims.
  • Always research charities and other organizations before you donate a penny.
  • Keep your antivirus and anti-malware software updated and run regular scans to keep your system squeaky clean.  Also assure that patches are applied regularly to the operating system.
  • Listen to your intuition. If something seems fishy about an email, even if it’s from someone you know, don’t download any attachments or follow embedded URLs. Again, return addresses can be spoofed to look authentic and familiar, so use caution even with trusted senders.

Spread Cheer, Not Fear

There’s no better time than the holidays to wrap up a nice bit of malicious code masquerading as an online promotion for a major sale or a holiday e-card. That’s why the U.S. Computer Emergency Response Team (US-CERT) has released asecurity alert that focuses specifically on how to avoid holiday-related cyberscams. Additionally, the Anti-Phishing Working Group (APWG) offers a comprehensive list of suggestions on avoiding phishing scams that are good any time of year.

The holidays should be a time for celebration. Use smart online practices to help spread seasonal cheer, and stay safe this holiday season.


4 Immediate Action Items Following a Ransomware Infection

Frustrated business woman in front of computer at office desk

It is always best to do everything you can to stop your computer from getting infected with any malicious software. Taking some simple steps, like having adequate security software (antivirus and anti-malware) installed on your computer, applying OS security patches, not clicking on suspicious email links that you don’t recognize and not opening unexpected email attachments, are all sensible precautions that everyone should take.

What to Do If You Get Infected with Ransomware

Even if you do try to protect yourself from attack, sometimes malicious code can still end up on your computer. If your computer does become a victim of Ransomware (such as Cryptolocker) there are some steps you can take to mitigate the damage.

  • Ignore the ransom demand – DO NOT even think about paying the ransom demanded. The demand does not come from any legitimate authority and there is no guarantee that if you pay the money you will ever get your files unlocked. If you pay, you are just passing your money into the hands of criminal gangs and encouraging them to continue with their illegal activities.
  • Remove the Ransomware from your computer – Although Ransomware may appear particularly threatening, it is just another form of malware. There are many companies online that offer malware removal tools, including Microsoft and Bitdefender. Both of these sites offer detailed instructions on how to eliminate the Ransomware from your computer. It is wise to remove the Ransomware as soon as possible. The longer that you leave it on your system the more opportunity you are providing for the malware to spread, both encrypting your files further and potentially spreading to others’ computers.
  • Update your antivirus, anti-malware software and patch your OS – If your current antivirus protection lets the Ransomware get on to your computer, then there is likely a problem with it. It may be corrupted, or perhaps it is not being updated regularly with the latest antivirus definitions. If you are going to properly protect your computer system in the future, it is vital that you have a working antivirus program installed. If your software isn’t up to date, either update it immediately or uninstall it and replace it with a new one that will offer you adequate protection. Once you have the new antivirus software installed it is always a good idea to run a full scan of your system to make sure there are no further problems that need to be dealt with on your computer.
  • Update your passwords – Once you regain access to your computer it is a sensible precaution to change all of the passwords that you use to access websites. If your anti-virus protection has been breached you have no idea what information may have been gathered from your system. The safest approach is to change all of your passwords and access codes and then monitor your accounts for any indications of suspicious activities.

Always Backup Your Files

Once your system is infected with Ransomware, it is likely that you are going to suffer some damage or loss to your computer files. The best preventative measure you can take is to regularly backup your files on an external system (either other hard drive or in the cloud – or both!), so that if your computer is taken hostage, you have your files in another location. However, if you do find yourself infected, removing the malware quickly and following these simple steps can minimize the damage and reduce the risk of further infection as much as possible.