Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

The DNSChanger Virus – The Real 411 (NOT “Doomsday”)

There has been much hype about a virus in the news lately that, frankly, shows (some of) the mainstream media for what they are (clueless ambulance-chasing fearmongers?). Today, Woody Leonhard published a detailed article that tells the real deal about “DNSChanger”, and he says it much better than I would.. ‘cuz I am a bit angry, and might not keep a civil tongue.

DNSChanger is not the end of the world

DNSChanger virus spells ‘Internet Doomsday’ … The end is nigh, according to the FBI … ‘Internet doomsday’ will strike us all on July 9 …

That’s what a couple of popular websites had to say about the DNSChanger virus. What a crock!

I’ve been writing about viruses for about two decades, and I don’t think I’ve ever seen headlines that ridiculous from sources that should know better.Read more..”

I highly recommend this read. For everyone.. not just the Geeks. Learn the facts.

And, if you would like a quick check of your PC, to see if your web browsing has been hijacked by DNSChanger, click here. (Green means you do not have a DNSChanger infection.)
Those outside the USA can click here, and scroll to find the checker for your country/language.

Copyright 2007-2012 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

May 3, 2012 Posted by | computers, Internet, News, tech | , , , | Leave a comment

Maybe You’ll Find These Helpful..

Sometimes, I find it very difficult to bite my tongue.. But I’ll be nice. Today I have some good info to share with you. Read on.

Apple (Mac) owners: Apple releases Flashback removal tool, infections drop to 270,000

Apple today released an update to its Java component that removes known versions of the Flashback malware. In a separate study, Symantec reported that it counted only 270,000 infected Macs, down…Read more..

Yes, folks.

The days of “Apples do not get viruses” are O – V – E – R. (Been true for a while now..) Fortunately, there’s an AV for Macs that’s not only good, but free: Sophos Anti-Virus for Mac Home Edition
“Free antivirus that works simply and beautifully.”

Reminder: The deadline for filing with the I.R.S. is mere hours away. To help you meet this deadline, on the IRS website there is a page called “FreeFile”, and here you will find the “partnership links” to the free versions of 19 accepted tax prep programs — of which H&R Block’s Free File and also TurboTax are available.
To qualify, you must have an Adjusted Gross Income of $56,000 or less.

Today’s (2nd) free link: FreeFile at the IRS
(Note: there’s two buttons on the page; “I will choose” and “help me choose”. Though all of the programs there are accepted by the IRS, I would recommend clicking the “I will choose”, and then selecting either H&R Block or TurboTax.)

Best for last department: I met a guy. Think you may want to be aware of him. More precisely, be aware of what he does.

What he does – with his Free Data Recovery site – is help people rescue data from hard drives that have decided to go severely wonky, and/or push up daisies. Die. Go kaput.

A Revolutionary Approach
Welcome, my name is Stephen and I’ve put up this site to begin the roll out of a truly unique remote data recovery service that I think has the potential to revolutionize the field of hard drive data recovery.

Q: Who might benefit from knowing about Steven and his new FDR?
A: Anyone who does not have a proper backup strategy in place (aka “everyone”).

Q: And why is this “revolutionary”?
A: Well, click the link (above) and he’ll tell you. What I’ll tell you is that data recovery is an expensive endeavor (often involving “clean rooms”) and those of you with business critical data (aka “corporate”) should use that kind of (expensive) service — but for us average folk, trying to recover a few photos, say, well Steve is the guy to call.
Seriously.
Click the link, or the image, and find out why. (And when you talk to him, tell him I sent you.) Read more..

Today’s quote:If you want others to be happy, practice compassion. If you want to be happy, practice compassion.” ~ Dalai Lama

Your “Friday Fun”: Today’s funny video is a bit adult (language) and so I am just going to provide the link, and leave it up to you. But it is a classic Chris Rock sketch. http://video.google.com/videoplay?docid=-880897175401400927

Copyright 2007-2012 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


April 13, 2012 Posted by | advice, computers, Internet, tech | , , , , , , , , , | 2 Comments

A Warning For Apple Users

I have long been advising owners of computers – even Apple computers – to make sure they run an antivirus (any device that connects to the Internet needs an antivirus) and keep it up-to-date.  Also true: the outright *myth* that Apple is immune from viruses and hackers persists. Guess what I saw in my InfoSec headlines yesterday?

Attackers set sights on Mac OS X with Apple malware toolkit

“The growing success of Apple’s Mac OS, bolstered by iPhone sales and new iPad tablet users, has caught the attention of cybercriminals who are setting their sights on Apple users.

Danish IT-security firm, CSIS Security Group, has stumbled upon a new Apple crimeware toolkit targeting Mac OS X. Security researchers at the organization discovered the toolkit being sold in low numbers on several black hat hacking forums.Read more..

Also: New MAC OS X scareware delivered through blackhat SEO

Researchers from Intego have intercepted a new scareware sample targeting the MAC OS X. Read more..

(Geek Speak Translation: A “malware toolkit” is a simple-to-use program that creates custom viruses, and takes advantage of known weaknesses. See, http://en.wikipedia.org/wiki/Hacker (computer_security). They are [typically] used by ‘hackers’ who aren’t really into computer programming, called “script kiddies”. “Blackhat SEO” refers to criminal manipulation of search results, so their ‘poison’ websites appear at or near the top.)

I know that my posting this will not do anything to dispel common perception; but for those of you who are Apple Mac owners, and want to prevent Identity Theft and to surf the web (more) safely, I re-recommend purchasing and installing Norton for Mac, or downloading ..

Today’s free download: Sophos Anti-Virus for Mac Home Edition

“Free antivirus that works simply and beautifully. Just like your Mac.

Overview: As Apple computers grow more popular than ever, they’re an increasingly-enticing target for hackers. And these hackers aren’t just mischief-makers — by targeting your computer or applications you use, these criminals are out to steal and profit from your valuable personal information. Don’t let them. Get free Sophos Anti-Virus for Mac today.”

Please! Let your Apple using friends and family know – Apple is in the hacker crosshairs now. (And also tell ’em “hacker” translates to “cyber criminal” these days.)

Bonus:

Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


May 4, 2011 Posted by | advice, Apple, computers, cyber crime, free software, hackers, Internet, News, security | , , , , , , , , , , , , , , , , , , , , , , | 2 Comments

Next Great App for Android, iPhone –> Rootkit

Rootkit, SMS text messages used to build a botnet of smartphones

The “hot” tech items to own these days are the (not inexpensive) iPhone and Android “smart phone” devices. (If you doubt that, ask yourself why does the news infotainment departments send reporters and camera crews to film lines of people standing outside the Apple Store when a new model comes out?)

These phones are really not phones anymore, but mini-computers – which happen to make cellular phones calls. They are Internet-connected, so they can send/receive e-mail, text and ‘chat’, and download files.. such as movies. They contain address books of your friends and family… In short, they have everything a cyber-criminal wants to target.

In the interest of making the world a better place, “a researcher at ShmooCon DC this weekend will demonstrate a smartphone botnet spewing spam, and unleash proof-of-concept code that builds a botnet out of Android and iPhone smartphones.

Yes, that’s right. A “researcher” will show us all how it’s done, and provide the code.

Georgia Weidman, an independent researcher, says her botnet attack evolved out of work she did on making an Android application send SMS text messages transparently such that the user didn’t even know it was happening from his or her smartphone. “As I did more research, I [realized] if I did this in the base operating system instead of in ‘userspace’ where most apps are, it would be a better way to do it,” she says. “If I can remotely control someone’s phone, it can be part of a botnet.”

While there has been plenty of smartphone research that pits one smartphone against another in an attack, she says, a more likely attack scenario would be a user unknowingly downloading an app that contains malicious code. “I think the majority of malware installations will come from a user downloading infected apps,” which can easily be rigged with rootkits given the lack of sufficient vetting of most smartphone apps, she says.

Well.. now that all someone has to do is copy>paste the code, yeah, she’s right. Invisible viruses that turn your smart phone into relay stations for spammers — sending us come on’s for V1@gra and C1al1s, and virus-laden links and attachments are only, I estimate, weeks away.

… and before you get too angry at this particular person, there is a whole industry of people doing this “research”, and several conventions have been going on for years. I believe that (some of) these people actually believe they are doing a good thing.

And maybe they would be.. if they only released the code to the affected device (or software) manufacturers and developers. But you don’t get rich or famous for that. (Maybe you heard about the “teen hacker” who got hired after writing viruses that attacked Twitter? There’s a lot of that kind of idiocy in tech..)

Here is the entire Dark Reading article, Researcher To Release Smartphone Botnet Proof-Of-Concept Code. I suggest you read it. Particularly if you own a smart phone.

In case you don’t know what a “botnet” is, http://en.wikipedia.org/wiki/Botnet
Or why a “rootkit” is the worst kind of virus, http://en.wikipedia.org/wiki/Rootkit

Does your smart phone have an antivirus? A firewall? Maybe you want those things?
Maybe it’s important to know that the apps at the app store are not checked (aka “vetted”) for malware? Doesn’t that *smell*?

IMHO, there is something wrong with this whole deal. Top to bottom.

Related:
* iPhone Users Are About to Be Screwed Over. The addition of the NFC chip to the iPhone isn’t for easy credit card purchases, but so the phone companies can control your financial transactions. Be warned. ~ By John C. Dvorak

“There has been a lot of talk about the addition of an NFC (near field communication) chip to the next-gen iPhone. This will allow the phone to be used as a swipe-it-yourself credit card. I consider this technology to be the most onerous ever.”

* CNet’s roundup of security apps for Android.

Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


January 31, 2011 Posted by | advice, Apple, cellular, computers, cyber crime, gadgets, Google, hackers, hardware, Internet, iPhone, mobile, News, rootkits, security, tech | , , , , , , , , , , , , , , , , , , | 8 Comments

statement.exe

*New* Infected Attachment Scam Returns

Once again your Inbox is a dangerous place…

Subject: funds wired into your account are stolen
From: investigation@fdic.gov

Dear bank account owner,

Funds wired into your account are stolen from innocent account holders through Identity Theft. Please check your account statement (the statement is attached to this letter) and contact your bank account manager.

Federal Deposit Insurance Corporation

poison_attach

POP QUIZ: What’s wrong with this picture? (multiple choice)
a: It came on a Sunday, and the Gov’t doesn’t work on Sundays.
b: There’s no such thing as “innocent” account holders.
c: dot exe’s are “executables” (aka “scripts” and “programs”) and make things happen on machines.. maybe bad things.

Answer: C

Folks, this is a really old attack method, and it preys upon the fact that people (“users” in Geek-speak) are unobservant (won’t notice the .exe) and uneducated (don’t know what an .exe is).

Sadly, those two ideas are pretty close to Fact, and reality hasn’t changed. And so someone is trying this old trick again. The attachment “statement.exe” is a “downloader virus“.
Open the attachment and be “pwn3d“.

Today’s free link(s):
* Top 10 things you should do to your computer–updated
* Internet and System Security – Common Sense Tips

Today’s free link, Part II: I don’t want you to think that I’m a boring and all-business geek, so today’s link is the place to get started building your digital music collection … for free. The music department at download.com is an entirely free collection of music of all genres. Check it out. Have fun, and relax … it’s completely legal, and doesn’t use any of that questionable “file sharing”. (Ahem)

Today’s free download: Is it a game? Is it a typing tutor? 10 Finger BreakOut is a real arcade game, in which you are escaping from invaders, shooting and trying to hit balls, but don’t worry, by playing 10 Finger BreakOut you sure will be learning to type. Improve your typing skills with this free typing tutor – typing game.

Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved. jaanix post to jaanix.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


Share this post :

August 2, 2010 Posted by | computers, Internet, Internet scam, PC, security, spam and junk mail, tech | , , , , , , | Leave a comment

Download Danger – the “Trojan”

That’s a very important concept to grasp: an antivirus does not protect you from yourself, it helps protect you from the Internet..

The Trojan Horse was a tale from the Trojan War. It was the stratagem that allowed the Greeks finally to enter the city of Troy. But the term “Trojan Horse” has come to mean any trick that causes a target to invite a foe into a securely protected bastion or place, and is now often associated  with “malware” computer programs presented as useful or harmless in order to induce the user¹ to install and run them ².

¹ “the user” = you

662px-Theprocessionofthetrojanhorseintroybygiovannidomenicotiepolo

The best part about the Trojan method (from the cyber-criminal’s perspective) is that the user¹ willingly clicks the “Install” (or “Run”) which bypasses any protections they may have — firewall, antivirus, “security suite”.
(That’s a very important concept to grasp: antivirus does not protect you from yourself, it helps protect you from the Internet.)

So where do you run into software downloads that are actually Trojans?
A: Sadly, in the current state of our un-policed Internet, just about anywhere.. but some places to download are safer than others (and some even strive to be 100% safe).
* If you use a peer-to-peer (“torrents”) file-sharing approach to getting free programs, movies, and music – such as LimeWire or BitTorrent – it is not a question of “if”, it is a question of “when”. That Lady Gaga Song you downloaded may very well have had a virus attached. (Please don’t write and tell me how you’ve stolen property with file sharing for years and never been infected..)

* Reputable download sites (aka “trustworthy”): there are several, but when I need to download something, I generally go to download.com, majorgeeks, or filehippo.

² update: That description is from Wikipedia. A man I admire very much wrote and provided me with this clarification on what is a Trojan: “Historically, a Trojan horse attack is accomplished by the perpetrator providing the victim directly or indirectly with a useful computer program (the Horse) that may perform its intended purpose or not but also contains instructions (the soldiers hidden inside) to perform harmful actions for the benefit of the perpetrator. A variation is a program (the horse) that inserts (patches) computer instructions (the soldiers) into some other existing program to perform the harmful acts.

*     *     *

Also – I never click “Run” on a download, but instead select “Save”, and save the file to my desktop. Then I scan it with my antivirus. And, if ‘clean’, then I double-click it to launch the setup/install.


** A Chance To Win A Valuable Prize! **


The folks at Genie-soft have generously donated five licenses for Genie Timeline Professional 2.0 to me, to award to my readers. So I am going to do a random drawing contest from folks who “enter”.Genie Timeline is a program that creates “backup copies” of the files and settings on your computer. With Timeline, you do not have to be “computer savvy”, and you can set-it-and-forget-it. Timeline constantly monitors your file system, automatically, for you.To enter the drawing, please see: Software License Giveaway: Genie Timeline Professional

Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved. jaanix post to jaanix.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


Share this post :

June 8, 2010 Posted by | advice, antivirus, computers, cyber crime, PC, security, tech | , , , , , | 9 Comments

Facebook Password Reset Confirmation! Your Support.

E-mail Attachment Delivers Virus – Old Tricks Die Hard

I got another e-mail from “Facebook support”. This one tells me that my password has been reset, and my new password is contained in the attached Zip file.
[update: I just got two more. This time from “Facebook Networks”, and “Facebook Messages”.]

“Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
Your Facebook.”

Facebook_zip

According to Sophos, the malware inside the .zip is: Malware: Mal/TibsPk-A

Virus Spyware

“About this threat:

Mal/TibsPk-A is a malicious program that contains highly obfuscated code that has been encrypted and compressed. This program typically arrives in the form of a hoax email with an accompanying file attachment.

This program tends to:

Short version: open it and you’re thoroughly hosed.
Sophos continues..

“Fake package delivery or password reset messages trick users

This week, Mal/TibsPk-A arrived as an email attachment in a variety of ways. A typical email containing this malware can be one of the following formats:

Subject: Facebook Password Reset Confirmation! Customer Support.
Attached file: Facebook_password_<random characters>.zip
Subject: DHL Office. Please get your parcel
Attached file: DHL_Label_<random characters>.zip
Subject: Amazon Shop! Your order has been paid! Parcel NR.5014.
Attached file: Postal_label_&ltrandom characters>.zip”

two more attacks same day

two more attacks - same day

I cannot stress enough to you, Dear Reader, that cybercrime is a bigger industry than the illegal drug trade, and they are stealing billions every year. Why not? All it takes is one wrong click!

Don’t be a victim. Exercise “paranoid common sense” when online. This is just one “for instance”.. sent to tens, maybe hundreds, of thousands of e-mail addresses (I never have signed up for Facebook).
Oh, .. and visiting here regularly can help.

Unrelated: Do you like free software? Own a laptop? See my current software license giveaway: Software License Giveaway Drawing. Entering is easy.

Copyright 2007-2010 © Tech Paul. All Rights Reserved. jaanix post to jaanix.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


Share this post :

March 24, 2010 Posted by | cyber crime, hackers, Internet, Internet scam, News, security, spam and junk mail | , , , , , , , , , , , , , , , | Leave a comment