Seven Steps To Take If You Mistakenly Let A Stranger Access Your Computer

by Leave a Comment

The last thing in the world I want to hear from a client is, “I did something really stupid,” because sometimes I am inclined to agree with them.  This was the case the other day.  I received a very distraught call in the middle of the afternoon. My client sputtered, “I should have known better, but I just wasn’t thinking.”  She went on to tell me that she received a phone call from someone who alerted her to the fact that something was wrong with her computer and that he had to remote in to fix it.

What makes this situation a bit puzzling is that she uses a Mac, and most of these fake callers say they are from Microsoft.  Now for the truly terrifying part:  She proceeded to let a complete stranger remotely access her computer for about an hour.

I won’t go into the recriminations she must be feeling.  While I tried to offer as much comfort as possible, I am quite embarrassed that one of my clients would not think to call me, or at least tell the person calling that “I already have a computer guy who takes care of this for me.”  But that is not the point of this security brief.  I need to concentrate your attention on what has to happen after this atrocious event.

Read More →

This is not an April Fool’s Day missive

by Leave a Comment

There is a reason I send out regular security bulletins explicitly warning about malicious email activity and instructing you, my clients, to call me before you do anything that could have serious repercussions.  That is because there is really bad stuff out there!

I received a voice mail from a client saying she received an email from her accountant and it contained instructions for using Dropbox.  (Dropbox is a file hosting service that offers cloud storage and file synchronization.)  When I listened to the recording, I wasn’t sure if she couldn’t follow the instructions or if she couldn’t get Dropbox to open.  Needless to say, she sent the email to her son, and he couldn’t get it to work either.

Then she called her accountant, who told her he didn’t send it, but that other clients also received the email.  After all of that, she ended her message asking me if her computer was OK.

Well, that was a tough question to answer.  Just the same I was able to conduct some forensics into what occurred with this email – and it was most certainly malicious.

Here is the text of the problematic email (unfortunately I couldn’t capture the header information).

apr1

Now, I don’t know how many times I have told you not to click on links from people you don’t know, but that wasn’t the case here. This sender (whose name has been erased) is known to the recipient. However, I strongly doubt that any business person she knows uses arbitrary capitalization like this. I also doubt a professional would ever send an invoice labeled as a “doc” file with a “jpg” file type.
Read More →

Security Update American Express Phishing Attempt

by Leave a Comment

I had purchased software earlier that day, so when an email from American Express Customer Service appeared, I wasn’t surprised.  What astonished me though, was the message:  “For your security, new charges on the accounts listed above may be declined.”  Hmm, there was a minor problem processing the transaction, maybe that’s it.

Looks real, doesn’t it?

AmexSpoof

Nope, this is fake.  What’s missing from this email?  My name, the last four digits of my card, and a phone number…  The link goes to http://american-progrecs.com/americanexpress/.  Investigation shows this to be a web site registered in China, but operating out of Romania!

This is very dangerous, so it bears repeating:  Do NOT click on a link from any email you get regarding “security,” because it is — more than likely — a phishing attempt.

Any questions?  Send me an email.