Computer Repair San Antonio-Watch Out For Fraudulent Tax Emails

by

Scammers Portray IRS in Latest Phishing Scam

Earlier this week, the IRS issued a warning to taxpayers regarding a fraudulent email that has been impersonating the agency.  The email includes tax transcripts, in an attempt to get the users to click on the documents, which contain malware.  The biggest risk would be employees clicking on these emails on company networks.  By doing so, the malware would spread network-wide.

The scam email includes an attachment labeled “tax account transcript” or something similar, with a subject line using some variation of the phrase “tax transcript.”

According to KLFY News 10, this malware, known as Emotet, generally poses as specific financial institutions in its effort to trick people into opening infected documents.  This time, they’ve portrayed the IRS.  Cybersecurity experts have labeled Emotet one of the most costly and destructive malware variants in the wild.

Proceed with Caution

The IRS has the following suggestions if you receive this email scam:

  1. Do not open the email or attachment.
  2. Delete or forward the email to phishing@irs.gov.
  3. If an email goes to your business, notify the company’s technology professionals.

The bottom line – the IRS does not, and will not, send out unsolicited emails.  Therefore, if you receive an unsolicited email claiming to be from them– do not open it, it is a scam.

Computer Repair San Antonio-More Than A Virus, Common Malware to Watch Out For

by

More Than A Virus, Common Malware to Watch Out For

The term “virus” is often used to describe many different types of infection a computer might have.  Virus, when used as a blanket term, can describe any number of potential computer programs. What these programs have in common are they are typically designed to cause damage, steal data, or spread across the network.
Malware describes software designed to act maliciously on a personal computer.  The name ‘malware’ is a shorthand for ‘malicious software’ and describes exactly what it is. A computer virus is a single type of malware that can cause harm to your PC, but it is only one of many.

Adware

Short for advertising-supported software, adware is a type of malware that delivers advertisements to your computer.  These advertisements are often intrusive, irritating, and often designed to trick you into clicking something you don’t want. A common example of malware is pop-up ads that appear on many websites and mobile applications.

Adware often comes bundled with “free” versions of software that uses this intrusive advertising to make up costs.  Commonly it is installed without the user’s knowledge and made excessively difficult to remove.

Spyware

Spyware is designed to spy on the user’s activity without their knowledge or consent.  Often installed in the background, spyware can collect keyboard input, harvest data from the computer, monitor web activity and more.

Spyware typically requires installation to the computer. This is commonly done by tricking users into installing spyware themselves instead of the software or application that they thought they were getting. Victims of spyware are often be completely unaware of its presence until the data stolen is acted on in the form of fraudulent bank transactions or stolen online accounts.

Virus

In technical terms a computer virus is a form of malware that is installed inadvertently, causing damage to the user.  A typical virus may install a keylogger to capture passwords, logins, and bank information from the keyboard.  It might steal data, interrupt programs, and cause the computer to crash.

Modern virus programs commonly use your computers processing power and internet bandwidth to perform tasks remotely for hackers.  The first sign of this can be when the computer sounds like it is doing a lot of work when no programs should be running. A computer virus is often spread through installing unknown software or downloading attachments that contain more than they seem.

Ransomware

A particularly malicious variety of malware, known as ransomware, prevents the user from accessing their own files until a ransom is paid.  Files within the system are often encrypted with a password that won’t be revealed to the user until the full ransom is paid.

Instead of accessing the computer as normal, the user is presented with a screen which details the contact and payment information required to access their data again.

Ransomware is typically downloaded through malicious file attachments, email, or a vulnerability in the computer system.

Worm

Among the most common type of malware today is the computer worm.  Worms spread across computer networks by exploiting vulnerabilities within the operating system.  Often these programs cause harm to their host networks by consuming large amounts of network bandwidth, overloading computers, and using up all the available resources.

One of the key differences between worms and a regular virus is its ability to make copies of itself and spread independently.  A virus must rely on human activity to run a program or open a malicious attachment; worms can simply spread over the network without human intervention.

If you would like us to make sure your systems stay safe from malware, give us a call at 210-549-6477.

Don’t unplug your Computer to Shut It Down!-Computer Repair San Antonio

by

Can I Just Unplug My Computer to Shut It Down?

You may damage your computer.

By pulling the plug or forcing a power-off by holding down the power button, you risk corrupting data on your hard drive and damaging hardware.

I’m not sure what kinds of problems you’re having with the power button, but even that needs to be used correctly, or you could end up with the very problems you’re seeing.

[Read more…]

If you have been scammed by Fake Tech support follow this advice-Computer Repair San Antonio

by

1.Report the scam

In the US: File a complaint (FTC) | More information about online fraud

In Canada:  Contact Law Enforcement

In the UK: Report fraud | Report cold call (cold calls are illegal in the UK)

In Australia: Report a scam | Report telemarketing abuse

 

2.Report misleading ads
“TrustInAds.org comprises a group of Internet industry leaders that have come together to work toward a common goal: Protect people from malicious online advertisements and deceptive practices.” Report misleading ads here.

 

3.Shut down their remote software account

Write down the TeamViewer ID (9-digit code) and send it to TeamViewer’s support (they can later on block people/companies with that information)

LogMeIn: Report abuse

 

4.Spread the word
You can raise awareness by letting your friends, family, and other acquaintances know what happened to you. Although this may be an embarrassing experience if you fell victim to these scams, educating the public will help someone caught in a similar situation and deter further scam attempts.

If the scammers represent themselves as working with or for Malwarebytes, please make sure to contact Malwarebytes support – we are actively working to combat these scammers. Any information you can provide about these scammers will help us prevent those scammers from targeting other people.

 

If you already paid:

Contact your financial institution/credit card company to reverse the charges and keep an eye out for future unwanted charges.

If you gave them personal information such as date of birth, Social Security Number, full address, name and maiden name you may want to consult the FTC’s website and report identity theft.

 

If you have been contacted by a company that you think may be attempting to scam you, please see the following list of confirmed scammers (please make sure to click on the “Tech Support Blacklist” link for the up-to-date list).

Credt: https://support.malwarebytes.com/docs/DOC-1905

HP Recalls Batteries for Notebook Computers and Mobile Workstations Due to Fire and Burn Hazards-Computer Repair San Antonio

by

HP Recalls Batteries for Notebook Computers and Mobile Workstations Due to Fire and Burn Hazards

Consumer Contact:

HP toll-free at 888-202-4320 from 8 a.m. to 7 p.m. CT Monday through Friday or online at www.HP.com/go/batteryprogram2018 or www.hp.com and click “Recalls” for more information.

Description:

This recall involves lithium-ion batteries for HP Notebook computers and mobile workstations.  The batteries were shipped with or sold as accessories for HP ProBooks (64x G2 and G3 series, 65x G2 and G3 series), HPx360 310 G2, HP Envy m6, HP Pavilion x360, HP 11, HP ZBook (17 G3, 17 G4, and Studio G3) Mobile Workstations. The batteries were also sold as accessories or replacement batteries for the HP ZBook Studio G4 mobile workstation or for any of the products listed above.

Remedy:

Consumers should immediately visit www.HP.com/go/batteryprogram2018 to see if their battery is included in the recall and for instructions on how to enable “Battery Safety Mode” if their battery is included in the recall. The website provides consumers instructions on how to initiate the validation utility to check their battery and what to download if their battery is included in the recall. These batteries are not customer-replaceable. HP will provide free battery replacement services by an authorized technician.

Incidents/Injuries:

HP has received eight reports of battery packs overheating, melting, or charring, including three reports of property damage totaling $4,500 with one report of a minor injury involving a first degree burn to the hand.

Sold At:

Best Buy and other stores and authorized dealers nationwide and online at www.Amazon.com, www.hp.com and other websites. The batteries were shipped in notebook computers and mobile workstations sold from December 2015 through December 2017 for between $300 and $4,000. The batteries were also sold separately for between $50 and $90.

Importer(s):

HP Inc., of Palo Alto, Calif.

Manufactured In:
China
Recall number:
18-077

Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch SAPC Upgrades

by

Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch

Antivirus firms are gradually adding support for Microsoft’s Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.

As Microsoft warned this week, it’s not delivering its January 3 Windows security updates to customers if they’re running third-party antivirus, unless the AV is confirmed to be compatible with it.

Microsoft’s testing found some antivirus products were producing errors by making unsupported calls into Windows kernel memory, resulting in blue screen of death (BSOD) errors.

Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update.

To make matters more confusing, only some antivirus vendors are actually doing both, while others require admins to set the registry key themselves, using Microsoft’s instructions. Additionally, some antivirus companies haven’t completed compatibility testing.

Microsoft hasn’t said which antivirus products are compatible beyond its own Windows Defender and Microsoft Security Essentials. However, security researcher Kevin Beaumont has created a public spreadsheet that may help IT admins prepare for installing Microsoft’s mitigations for the attack techniques that affect CPUs from Intel, AMD and Arm, albeit to differing degrees.

windowspatchav.png
Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update. Image: Kevin Beaumont

Credit. http://www.zdnet.com/article/windows-meltdown-spectre-fix-how-to-check-if-your-av-is-blocking-microsoft-patch/

Call 210-549-6477 with questions

All You Need to Know About the WannaCrypt Ransomware

by

WannaCrypt is a ransomware program targeting Windows. On Friday, 12 May 2017, a large cyber-attack using it was launched, infecting more than 230,000 computers in 150 countries, demanding ransom payments in the cryptocurrency bitcoin in 28 languages.

 

It was being spread primarily by phishing emails (most commonly links or attachments) and as a worm on unpatched systems.

The attack affected Telefónica and several other large companies in Spain, as well as parts of Britain’s National Health Service, FedEx, Deutsche Bahn and LATAM Airlines. Other targets in at least 99 countries were also reported to have been attacked around the same time.

WannaCry is believed to use the EternalBlue exploit, which was developed by the U.S. National Security Agency (NSA) to attack computers running Microsoft Windows operating systems. Although a patch to remove the underlying vulnerability for supported systems (Windows Vista and later operating systems) had been issued on 14 March 2017, delays in applying security updates and lack of support by Microsoft of legacy versions of Windows left many users vulnerable. Due to the scale of the attack, to deal with the unsupported Windows systems and to contain the spread of the ransomware, Microsoft has taken the unusual step of releasing updates for all older unsupported operating systems from Windows XP onwards.

Shortly after the attack began, a researcher found an effective kill switch, which prevented many new infections and allowed time to patch systems. This significantly slowed the spread. It was later reported that new versions that lack the kill switch were detected. Cyber security experts also warn of a second wave of the attack due to such variants and the beginning of the new workweek.

As always, be sure your Windows is up to date. XP users should consider upgrading where possible. The vulnerabilities for that operating system will not go away. Don’t click links in an email. Don’t open file attachments.

And, our longest running advice; back up regularly. You can back up to the cloud, or another drive. Programs like Macrium Reflect can Image your drive essentially restoring everything at any time.

Animated Map of How Tens of Thousands of Computers Were Infected With Ransomware

by

https://www.nytimes.com/interactive/2017/05/12/world/europe/wannacry-ransomware-map.html

SPECIAL BULLETIN

by

SPECIAL BULLETIN
Malwarebytes www.malwarebytes.com

Dear ,

A massive ransomware attack spread across the globe today, locking up thousands of hospital, telecommunications, and utilities systems in nearly 100 countries. The attack used data stolen from the NSA to exploit vulnerabilities in Microsoft Windows and deliver the WanaCrypt0r ransomware. The demand was for $300 per PC.

While the ransomware was first detected wreaking havoc in emergency rooms and doctors’ offices in the UK, the infection quickly spread worldwide, including to the US.

We’re alerting you to reassure you that if you’re currently using the premium version (or the premium trial) of Malwarebytes with real-time protection turned on, you are protected from this threat. Our premium technology blocks the WanaCrypt0r ransomware before it can encrypt your files. (The free version of Malwarebytes, however, does not protect you against WanaCrypt0r. To see which version you have, open up your Malwarebytes software and look for the version name at the top of the window.) Learn more about Malwarebytes

If you’re not currently using the premium version of Malwarebytes, we recommend that you update your Microsoft Windows software immediately. Microsoft released a patch for this vulnerability in March, but many users haven’t updated, leaving their computers open to this attack.

Here at Malwarebytes, we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.

Sincerely,

The Malwarebytes team
P.S. Learn more about this threat here.

Massive Global Ransomware Attack Underway, Patch Available

by

This is a public service security announcement for all users of computers running any version of Windows.

We have confirmed that a serious virulent ransomware threat known as WannaCrypt0r/WannaCry has affected Windows computers on shared networks in at least 74 countries worldwide, with 57,000 reported individual cases being affected. And according to the analysis team at Kaspersky Lab, that number is growing fast.

Once one computer on a network is affected, the malware infection easily spreads to other Windows computers on the same network, shutting down entire government agencies and national infrastructure companies. Hospitals across the UK were being forced to divert patients and ambulance routes as of Friday afternoon, and several utility companies across Europe reported infection across their computer networks according to BBC News.

What Is Ransomware?

Ransomware is a kind of malicious script or software that installs itself on your computer without your knowledge. Once it’s installed and running, it will lock down your system and won’t allow you to access any files or programs on that computer. Usually, as in this current WannaCry exploit, it will alert you to the lockdown with an impossible-to-ignore pop-up screen which informs you that your computer is being held for ransom. To unlock your system and regain access to the computer being held hostage, the lock screen informs you that you must purchase an unlock tool or decryption key from the hacker.

Where Did This Threat Originate?

In this case, Microsoft has been aware of the vulnerability since March 2017, when it published a Security Bulletin covering the potential risk. According to the Spanish newspaper El Mundo, early indicators seem to point to the attack originating in China, but more information is needed.

How Can You Tell If Your Computer Is Infected?

The most obvious way to tell if your computer has been affected is if you are seeing a ransomware pop-up screen when you start up your computer. But because we don’t know how long the malware sits on your computer or network, not seeing this pop-up isn’t necessarily an indication that you haven’t been infected. The bottom line: if your Windows computer has connected to a shared network, such as those found in schools, public places, cafes and businesses, and you don’t have complete control over every computer on that network and haven’t been keeping Windows up-to-date, your computer may be infected.

How to Protect Yourself From the Vulnerability

According to Microsoft a fix for this vulnerability was released on March 14th for all affected versions of Windows. If you are running Windows and have automatic updates enabled you should be okay. If you don’t and haven’t updated recently you should update to the most recently released version immediately. It is important to note that unsupported versions of Windows, like XP, did not receive this security update. Those systems should either be isolated or shut down.

Please pass this along to your friends and family. Those that are less technical may not have updates auto-enabled, and may need a helping hand updating their operating system.