You’re Not Paranoid If They’re Really After You

You're not paranoid if they're really after you

Here’s a roundup of some of the latest reasons that you should be absolutely terrified when you sit down at a computer.

Wire transfer fraud

Businesses have lost more than $2.3 billion in the last couple of years to the wire transfer scam, according to a warning from the FBI this month. The bad guys impersonate company executives in emails that order a staff member to transfer money to accounts controlled by criminals. The FBI is aware of more than 17,000 reports to law enforcement since October 2013, and has seen a sharp spike in them in the last year. Typical losses range from $25,000 to $75,000.

This scam is one of the most scary because it’s targeted: the bad guys research their targets by combing everything from the company website to social media sites. They might mimic the email signature of the company CEO or owner; they’ll determine which employee is most likely to have authority to approve a wire transfer; they  might register a domain name that is confusingly similar to the real one so the error in the return email address is more likely to be overlooked; they’ll use dollar amounts that lend legitimacy; and they might try to arrange messages while the boss is out of town and difficult to reach for confirmation.

You’re not exempt. I’ve had several reports about attempts to run this scam on tiny Sonoma County businesses.

If you might ever be asked for a wire transfer, set up processes to make sure requests are legitimate. If an email request comes in for money, scrutinize it – but also, pick up the phone!

Bad Google results

One of the Rules for Computer Safety: Just because something is listed in a Google search doesn’t mean it is safe. A client googled the support number for Quicken last week and dialed the number in the first search result. I looked at it with her later. It had no obvious indication that it was anything other than Quicken tech support. The tech support rep connected remotely to her computer and after looking around, informed her that Quicken wasn’t working correctly because her drivers were out of date; since that’s not covered by Quicken, she would have to subscribe to Premium Support for $350 to have them correct the problem.

Fortunately she disengaged at that point and called me before she suffered any damage. The number she called had nothing to do with Quicken. She was talking to criminals who would have stolen her credit card. Fortunately they did not appear to have installed any malware while they were remotely connected. The “driver” stuff was just nonsense they made up to sound scary.

Security problems in old programs

Apple used to install Quicktime as one of the unwanted programs included with iTunes. Quicktime was never necessary and now is completely irrelevant. Trend Micro issued an alert this week that Quicktime still has two well-known vulnerabilities that bad guys can use to do the usual awful things – not easily, but possible to imagine. Apple has been slowly retiring Quicktime for the last few months but didn’t bother to tell anyone that it has no plans to issue any more security updates.

You won’t find Quicktime on new computers but it might be hanging around on older Windows 7 PCs. Trend Micro says you should uninstall it. Sure, whatever. The bigger issue is what to do about aging computers with older programs that aren’t being kept up to date – this week it’s Quicktime, next week it will be something else. Security might become a driving force towards Windows 10, which has many architectural improvements to make it safer than Windows 7.

Ransomware

Ransomware – viruses that encrypt all your files and all the company files and offer to sell you a key to regain control – is getting worse. It might arrive as an email attachment or be delivered by a poisoned website. A single errant click can take down your company. Over in Germany, a new variation encrypts the master boot record (MBR) of the computer. Once that happens, victims are completely locked out of the computer, which displays only the payment instructions from the bad guys until the ransom is paid.

I’m so concerned about ransomware that I’m going to be talking to all my clients with domain servers about removing local admin privileges from employees.

Do not call the 800 number!

It’s all too easy to click onto a poisoned website that causes a window to appear with a warning of terrible problems and an 800 number to call to fix them. Do not call the 800 number! The latest incredibly annoying variation: blast a loud voice through the speakers that can’t be turned off. “Your computer has a virus! You must take action immediately! Dream on, dream on, of bloody deeds and death, if you do not act quickly!” Something like that. They might not quote Shakespeare. But it is unnerving to have a voice blaring about viruses, which is the point. The bad guys want you to be startled and confused and especially they don’t want you to have time to double-check whether there’s a real problem.

As always:

Memorize the Rules For Computer Safety.

And be careful out there!