Technology by Design

Technology news, reviews, and how to keep your technology running fast and smooth!

  • Home
  • About TbyD
    • Who is TbyD
    • Why Choose TbyD?
    • 16 Things
    • Your Computer Guy
  • Products and Services
    • Business Services
      • Monthly Service Plans
        • Enterprise Service Plan
        • Business Service Plan
        • Personal Service Plan
      • Performance Analysis
      • Optimization
      • Core Security Solution
      • Managed Backups
      • Computer and Network Systems
      • Computer Setup
      • Domain Names
      • Email Services
      • Extended Warranties
      • Network Cabling Services
      • Security Camera Systems
      • Managed Spam Filters
      • VoIp Phone Systems
      • Websites
    • Services
      • Monthly Service Plans
        • Enterprise Service Plan
        • Business Service Plan
        • Personal Service Plan
        • Computer Setup
      • Core Security Solution
      • Managed Backups
      • Extended Warranties
      • Performance Analysis
      • Optimization
      • Network Cabling Services
      • Security Camera Systems
      • Managed Spam Filters
      • VoIp Phone Systems
    • Products
      • Computers
      • Servers
  • Testimonials
    • What Our Clients Say About Us
  • Blogs
    • ALERTS
    • FAQ
    • How To Videos
  • Newsletters
    • TechTips Newsletters
  • Reviews
  • Media
    • Email Red Flags
    • E-Books
    • Disaster Prevention Planning Kit
    • Free Reports
  • Contact Us
    • Contact Us
    • Quick Support

ALERT: Celebrity Death Scams

June 11, 2018 by The T By D Team Leave a Comment

scam

Celebrity Death Scams

Celebrity designer Kate Spade and celebrity chef Anthony Bourdain committed suicide last week.  

 

 

Unfortunately Cybercriminals are going to do what they do best…exploit human tragedy for their own personal gain.

They will use any number of ways to phish for new victims in order to fill their pockets with $$.  So be careful with anything related to this sad new:  emails, “news” releases, attachments, any social media (especially Facebook), texts on your phone…literally anything! 

You can guarantee that Cybercriminals will be trying anything & everything that will make them money!

When opening emails, do NOT open anything from someone you don’t know, haven’t subscribed to, or looks suspicious.

If you, or someone you know, is thinking of suicide, please call:

In Canada – Canadian Suicide Prevention Hotline:                                1-833-456-4566

In the United States – National Suicide Prevention Hotline:        1-800-273-8255

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS

ALERT: Uber Hacked

November 30, 2017 by The T By D Team Leave a Comment

Uber

Uber Hacked

…But Covered it up for Over A Year

The infamous & controversial Uber fell victim to social engineering and, as a result, the personal information of 57 million people were stolen (including Uber drivers and customers).  Uber paid off the hackers, to the tune of $100,000.  Supposedly the hackers deleted the information upon payment, but it’s doubtful.  Hackers are not known to be upstanding citizens…  More likely, the information was sold to the dark web, or will be.  

Even worse…Uber did not disclose the theft for over a year.  Not great business practice to cover up a theft, especially one this massive.

What does this mean for any past Uber drivers or customers?

Be wary of any emails related to Uber.  They will likely be the usual “your account has been compromised”, in an attempt to gain even more information.  However, it’s just speculation at this point.  They could use anything to try to get your password, or more personal and/or financial information.

It could look something like this…

Uber Hack

 

 

 

 

 

 

NEVER click on a link in an email. 

ALWAYS go to the website yourself through your browser’s address bar, or a bookmark you have set earlier.

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS

ALERT: Netflix Email Scam

November 8, 2017 by The T By D Team Leave a Comment

ALERT:  Netflix Email Scam

Cybercriminals are at it again, trying to trick people out of their hard-earned money!

Emails stating that your Netflix account has been suspended are being received, and they look legit!

BUT, they are just criminals trying to get your login information and credit card data.

The emails look similar to the one below:

Image result for netflix phishing email

NEVER click on links in any email.

If you want to check the status or change the settings of your subscription, manually type in the company’s website into the address bar, and go into your login screen.

 

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS

ALERT: Bad Rabbit

October 25, 2017 by The T By D Team Leave a Comment

Bad Rabbit

ALERT:  Bad Rabbit

Not all Bunnies are Cute & Cuddly!

 

Bad Rabbit, a new strain of ransomware, has been freezing computer systems throughout Europe since Tuesday, and has begun spreading to the U.S. and Canada.

The U.S. Department of Homeland Security’s Emergency Readiness Team has issued an alert stating it had received “multiple reports” of infections.

The Bad Rabbit outbreak seems to have started from files on hacked Russian media websites, using the popular trick of pretending to be an Adobe Flash installer.

The ransomware is a “disk coder”, which means it first encrypts files on the user’s computer, then replaces the MBR (Master Boot Record).

Once your computer is infected, the ransomware demands a payment of 0.05 bitcoin (approx. $275 USD), and gives you only 40 hours to pay.  It’s not clear yet if your computer is actually unlocked upon paying the ransom…

Bad Rabbit message

 

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS

Scam – Reset Password Alert

October 16, 2017 by The T By D Team Leave a Comment

Scam – Reset Password Alert

Amazon

Yet another scam making the rounds…

This one is a spoofed email from Amazon, claiming that Amazon has detected an unauthorized attempt to reset the password on your account.

The notice users are receiving are similar to the one below:

Amazon Reset Password Alert

 

 

 

 

A 6-digit code is provided, along with instructions to call the number provided to “verify your identity”.

When users call the number provided, reports indicate the call is answered by an individual who attempts to direct them to a website in order to input more information.

Although the details about this scam are sketchy, it’s likely an elaborate credentials phish, or the set up for yet another “tech support” scam where the cybercriminals inform users that they must download a (infected!) file to allow their personnel to “clean” their computer of malware.

If you receive a notice, whether it’s via voice mail, email, onscreen, or text, asking you to call the number provided…
NEVER call the number provided.  ALWAYS look up the phone number on your own, using a verified website. 
NEVER click on links provided in emails, texts, or onscreen messages, unless you can verify where it is from.  

 

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!

 

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS

Locky Ransomware Back With New Strain

August 14, 2017 by The T By D Team Leave a Comment

Ransomware

Locky Ransomware Back With New Strain

Locky is back, and is infecting computers worldwide.  

The new Diablo6 strain of the Locky Ransomware is being distributed through spam emails.  It arrives in your inbox with subject lines such as “E 2017-08-09 (698).docx”.  The message body simply says “Files attached.  Thanks”.

Locky Diablo

The emails have ZIP files attached that use the same name as the subject line.  If you click on the attachment, it will download the new Locky ransomware & run it on your computer.

As of this morning, the Locky Decryptor TOR payment site has the ransome set to .49 BTC, or approximately $1,600 USD.

Diablo6 Ransom Note

The encrypted files cannot be recovered without either paying the ransom…OR you have reliable backups.

 

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!

 

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS

New Hybrid Support Scam/Ransomware

March 7, 2017 by The T By D Team Leave a Comment

virus-detected_GJngUYHO_LRansomware and Support Scams used to be separate entities, but now there is a new breed that is basically a hybrid of the two.  If a user unsuspectingly downloads the malware from a phony Adobe update link or comprimised ad, the malware will automatically run at each startup, taking over the entire screen with the fake warning.  Advanced users may know how to dismiss or remove the screen, but to the untrained eye, these do look like Microsoft alerts.  Seemingly for them the only way to fix the issue is to contact support at an 800 number.  Once the victim calls they are asked to launch a built in Teamviewer feature and pay $250 for the fix.  Infected and need help?  Give us a call.

Filed Under: ALERTS, Featured

ALERT: Double-Ransomware Attack

December 14, 2016 by The T By D Team Leave a Comment

homer-any-key

Double-Ransomware Attack

A new, and very scary ransomware strain has surfaced, called Goldeneye.  It encrypts the workstation TWICE:  First it encrypts the files, then it encrypts the Master File Table.

The attack is received as spam phishing email (HINT:  Need a Spam Filter!), and presents itself as a job application form to be filled out.  Attached is an infected PDF with the “application” which claims will get the process started.  In the PDF is a polite reference to the also attached Excel file, which it states “contains more details”.

When the victim opens up the Excel file, they get a suggestion on how to display the “aptitude test”.

Sophos, the company that first reported Goldeneye, states,

“The crooks don’t openly ask you to do anything obviously risky, such as “Enable macros” or “Turn off the default security configuration”, but they do encourage the victim to make a change to their Office settings, something that Excel will invite you to do because the file contains what are known as Visual Basic for Applications (VBA) macros.

If you permit macros to run in this Excel file, you will quickly regret it.  The VBA downloads a copy of the Goldeneye ransomware, and immediately launches it.”

The VBA programming language used in Office macros is powerful enough to allow CyberCriminals to control Word or Excel progammatically, but also to perform more general functions…such as downloading files from the web, saving them to disk, and running them.

Once the Excel file is activated, all the malicious activity happens in the background.  However, when the encryption is completed, there’s a whole bunch of files left behind called: “YOUR_FILES_ARE_ENCRYPTED.TXT”, which announces the infection:

goldeneye

Most file-encrypting ransomware strains stop here.  But Goldeneye’s developer has experience, and does a double-whammy attack similar to their Petya/Misha strain and encrypts the Master File Table (MFT) of that machine as well.

Goldeneye works a bit different than previous strains in that first it encrypts the files, then performs a “UAC bypass” and the low-level MFT attack, then reboots and pretends it’s doing a CheckDisk.

goldeneye-check-disk

Once the “check” is finished, another reboot sounds the alarm with some rather dramatic ASCII art:

reboot-alarm

Pressing the “Any Key” (anyone else hear Homer Simpson in their head right now?) gives you this:

any-key-result

**In case you’re wondering why Sophos redacted the so-called personal decryption codes in the images above, the encryption is different for your files and for your MFT: the malware uses different algorithms and different keys each time.**

Long story short, if you pay to unlock your scrambled MFT so you can reboot into Windows, then (assuming the CyberCriminals actually send you the decryption key) you’ll get back into Windows only to face the “YOUR_FILES_ARE_ENCRYPTED.TXT” pay page as well.  

If you don’t have reliable backups, you get to pay 1.4 Bitcoins all over again.  

Yes, that’s 2.8 Bitcoins total, which starts to get very expensive!

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS, Blogs

Coming Soon to An Internet Provider Near You: Infected Routers!

December 8, 2016 by The T By D Team Leave a Comment

hacking-routersComing Soon to An Internet Provider Near You:  Infected Routers!

One of the latest attacks to be unleashed upon the public:  routers infected by internet-of-things botnet-building malware such as Mirai.

One of the latest victims is London-based TalkTalk, or, to be precise, many of its broadband customers who were issued routers that contain a vulnerability now being exploited by at least one Mirai variant.  Security researchers report that the vulnerability appears to relate to a poor implementation of the TR-064 “LAN-Side DSL COE [Consumer Premises Equipment] Configuration” protocol in its routers.

talktalk

Although TalkTalk has begin to fix the vulnerability, infected routers are already being used as IoT launch pads for distributed denial-of-service (DDoS) attacks.  Researchers at the security firm Incapsula reported in a December 7/16 blog post that one of its customers (an unnamed bitcoin website) was hit with a DDoS attack on December 5th.  Incapsula states it traced the attack back to 2,398 Mirai-infected TalkTalk routers located in the U.K.  

Another security researcher, speaking on condition of anonymity, told the BBC that he’d exploited the flaw in TalkTalk routers to scrape 57,000 subscribers’ devices and retrieve each one’s service set identifier (SSID) code and media access control (MAC) address, as well as Wi-Fi password.  The researcher said his intention was to highlight that a malicious attacker could have also gained access to the devices, for example, to infect them with Mirai malware, which is known to target known vulnerabilities (including default access credentials) in dozens of different types of routers and other internet-connected devices, including digital video recorders and IP cameras.

Think just because this happened in the U.K. that you shouldn’t worry?  Think again.

Most routers are very similar, no matter where you live.  The UK just happened to be targeted first…this time.  And you can bet that the U.S. and Canada aren’t far behind.

Most people do not change the default settings, including default password, from the one which comes with their equipment.  This provides quick & easy access to your equipment, information, and your business.

A lot of small businesses tend to try to save money by doing their own IT, or by having a friend or family member that “knows a bit about computers” do it.  I’m all for saving money, but on the right things.  If you partner up (yes, your IT person should feel like a partner) with the correct IT company, they can help you protect your business, while saving you money by cutting out stuff you simply don’t need.

Want help?  Need an IT partner that cares as much about your business as you do?
Call Technology by Design.  We’ll build a custom IT plan to suit your needs AND your budget!
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-292-8293

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS, Blogs

URGENT ALERT: AdultFriendFinder Scams

November 14, 2016 by The T By D Team Leave a Comment

adultfriendfinderURGENT ALERT:  AdultFriendFinder Scams

A massive data breach of the adult dating and entertainment company Friend Finder Network has exposed more than 412 million accounts including over 15 million “deleted” records that had not been purged from the company’s databases.

The exfiltrated records included 339 million accounts from AdultFriendFinder.com, which the company promotes as the “world’s largest sex and swinger community.”  62 million accounts from Cams.com, and 7 million accounts from Penthouse.com were stolen, as well as a few million from other smaller properties owned by the company.

The data accounts for 2 decades worth of data from the company’s largest sites, according to breach notification LeakedSource, which obtained the data.

Why does this matter?  Because outside of the fact that people, even people who had deleted their accounts, private and personal information was stolen, CyberCriminals will be using this information to victimize these people again, and again.  Spammers, phishers, and blackmailers will be rubbing their hands together in anticipation, never mind the divorce lawyers and private investigators that will be pouring over their data for clients.  

All of these 339 million registered AdultFriendFinder users are now a target for a multitude of social engineering attacks.  People that had straight or gay extramarital affairs can be made to click on links in emails that threaten to out them.

As in the Ashley Madison case a while ago, you can expect phishing emails that claim people can go to a website to find out if their private data has been released.  A sample of one of the phishing emails sent out in the Ashley Madison case is:

Unfortunately, your data was leaked in the recent hacking of Ashley Madison and I now have your information.

If you would like to prevent me from finding and sharing this information with your significant other send exactly 1.0000001 Bitcoins (approx. value 625 USD) to the following address:

1B8eJ7HR87vbVbMzX4gk9nYyus3KnXs4Ez [link added]

Sending the wrong amount means I won’t know it’s you who paid.

You have 7 days from receipt of this email to send the BTC [bitcoins].  If you need help locating a place to purchase BTC, you can start here…

On the other side of the spectrum, other phishing emails will be received that lures people into clicking on a link to a website to see if their spouse has not been faithful.  The subject line will likely be something similar to “Your spouse was found on the AdultFriendFinder list”.

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

Filed Under: ALERTS, Blogs

  • 1
  • 2
  • 3
  • …
  • 15
  • Next Page »

Sign Up For The Monthly TechTips Newsletter!

* = required field
unsubscribe from list

powered by MailChimp!

Recent Posts

  • ALERT: Celebrity Death Scams
  • ALERT: Uber Hacked
  • ALERT: Netflix Email Scam
  • ALERT: Bad Rabbit
  • Scam – Reset Password Alert

Recent Comments

  • ALERT: New Ransomware Targets MS Office 365 Users - Technology by Design on Managed Backups
  • ALERT: FBI Warns Email Extortion Heating Up for Summer! - Technology by Design on ALERT: AshleyMadison Hack Blows Up
  • ALERT: Evil Android Trojan Empties Your Bank Account - Technology by Design on Definition: Phishing
  • ALERT: HTML Attachments - Technology by Design on Definition: Phishing
  • ALERT: New Ransomware Also Steals Your Bitcoins - Technology by Design on Managed Backups

Copyright © 2023 · Dynamik Website Builder on Genesis Framework · WordPress · Log in