Scammers that call you

A little while ago on our facebook page we advised of a new scam which was doing the rounds. It seems to be ramping up and so we just thought that we would remind people about this latest nuisance.

The scam basically works like this:

1. Some one will ring you on your home or mobile phone and claim to work for a software company like Microsoft or McAfee.
2. They will tell you that they have detected a problem with the security of your computer and that they need you to install a patch or new program to protect it. They will help you do do this over the phone.
3. When you install the program (normally some sort of claimed "security software") it will then pop up lots of annoying reminders saying that you need to purchase it.
4. The software serves no useful security purpose, and between annoying you into paying for it, also seems to take the opportunity to embed itself into your system so you can't remove it.

So the short version is the bad guys con you into installing something on your computer which then annoys you until you pay it some hush money to make it go away. Needless to say the software is hard to uninstall - certainly beyond most people's skills.

At this stage all the reported cases we have heard about involved someone with an obviously foreign accent so that is one thing to keep in mind. But there is an overall message to consider here about scammers and the tricks they are using - when some person's or business's behavior doesn't line up with what you would think of as normal then you probably need to be more skeptical than usual.

In this particular case - have you ever had a software company call you to tell you that their software isn't working? If you've ever rung a software company to tell them their software isn't working you know they barely have enough people to answer the phone, let alone make outbound calls.

Lock Up Your VOIP Trunks

ZDnet is reporting that some businesses are losing thousands of dollars in attacks against poorly protected VOIP services.

The way the scam works is that the hackers use the Internet to break into a company's VOIP service, and then use the VOIP service to make calls to premium overseas numbers (pay per minute) etc. They collect the revenue from the pay per minute service while the company is left with a massive bill. It's yet another inventive way to use the Internet to try and rip people off.

The scam often works because it crosses International boundaries and because Telcos can be remarkably unsympathetic to the plight of customers who have quite obviously had some funny business happening on their phone system.

So - how does a business protect itself?

First things first - while VOIP is about telephones it's also just as much about computer networks - your telephone and network people need to work together.

Secondly - you need to take advice on which ports etc to leave open from your security, firewall and network people, not your phone people. No offence to the phone people but in general they know next to nothing about network security.

Third - if you are exposing your own hosted SIP service to the Internet it would be well worth getting some vulnerability assessment and assurance performed.

Finally - as always good operational monitoring provides the final backstop. Not only is there a good chance you would pick up the increased network traffic, but it will also help you manage your ICT more effectively.

Virus That Wont Go Away

Got an infection that just wont go away?

Has your computer got a virus that just wont go away? You've tried disinfecting it, scanning it with different anti-virus scanners and had a friend (or us!) look over it and for a little while it seemed okay, but then it all went bad again?

In this blog post we talk about 3 other possible problem sources that you might need to check.

Other Computers

If you have other computers on your home network then they are a potential source of the infection. It's a bit like having nits in the house - to eliminate the virus completely you will need to isolate all the computers and individually disinfect them before reconnecting them to the home network.

Don't forget to pay particular attention to computers that connect wirelessly. In these cases it is easiest to either turn off the wireless access point, or disable the wireless adapters on the affected computers.

As a general rule if one computer on your home network is infected it is fair to assume they will all need some attention (if they are all Windows computers).

Infected Router

It's possible that the problem isn't your computer at all, it's your Internet router instead.

Some older Internet routers have security flaws that allow hackers to break into them over the Internet. In these cases a hacker may have broken into your router and reprogrammed it to direct your computer to sites were it gets infected. Needless to say this affects all computers on the network.

If you have an older router (normally anything less than 3 years old is unaffected) and virus infections keep on coming back it is probably worth replacing your router, or at least reloading the firmware and changing the default passwords (for many people buying a new router will be much simpler).

Pretend Anti-Virus Software

Sometimes people find themselves being tricked into installing anti-virus software which really isn't anti-virus software. As a general rule of thumb if a site pops up a message saying "your computer is at risk" or something similar, it is selling "junk" anti-virus software. Rather than stopping viruses this software often does the opposite and loads software you don't want on your computer.

If you don't have any anti-virus software, and you use your computer just for home use we strongly recommend AVG Free Edition. Even if your computer is used for work the commercial version is good value.

And if none of that helps we can always have a look at your computer for you. Our fixed price service includes a deep-scan anti-virus check which eliminates viruses that onboard AV scanners can't get rid of.

We are moving

Green Light IT will shortly be moving to our new premises in Albany Street, Fyshwick.

Our new address will be 2/1 Albany Street, Fyshwick (behind Kennards) but our phone and postal address will remain the same. We will be taking advantage of the summer lull to move into the new premises over the next couple of weeks, and anticipate operating from the new location from the 25th of January.

The new office is the former premises of an alarm monitoring company, and so has been constructed to a very high standard of physical security - in fact we have taken to calling it the bunker, but we will have to see if that name sticks. If you want to see what we are on about please feel free to drop by from the 18th of January.

Christmas Trading Hours

Over Christmas Green Light IT will be taking a break will be closing on the 23rd of December, and re-opening on the 4th of January.

Feel free to leave us a message on the phone or drop us an email over this time. All the best for Christmas and we look forward to talking to you in 2010.

Internet Explorer Freezing

We've noticed in the last few days that customers that are using Internet Explorer, and have their default home page set to "ninemsn", seem to be having some issues with Internet Explorer freezing, and not letting them type anything in.

By the looks of it "ninemsn" is giving some information to IE which is causing it to lock out for a while.

If you are affected you have three options:

1. Update Internet Explorer (new versions don't seem to be affected). You can get Internet Explorer 7 here (we aren't recommend IE8 at this stage).
2. Use Firefox instead (it is a better, more secure browser all round). Firefox Download Site.
3. Change your home page away from Ninemsn - instructions below.

Changing your home page is the quickest fix to the problem, but to some extent only a temporary one. Never the less, here is how you can do it on Windows XP, without having to re-open Internet Explorer. If you have Windows Vista you already have IE7 - if your browser is running slowly chances are it is because of viruses and spyware. You should probably book it in for a service.

To change your home page without having to open Internet Explorer (because it will freeze again) open your control panel

and choose Internet Options.

Once you have Internet Options open then choose the general tab. Your home page setting is right at the top of the window. You can either type in a new home page, or choose "Use Blank" which will just give you a blank screen. Using either a blank screen, or a minimalist home page like Google are both pretty good choices.

Here we are using a blank page:

Note your window may not look exactly like this. This is actually the IE7 dialogue. IE6 (the browser that is having trouble) is quite old - we couldn't even quickly find one to get screen shots from, so change your home page in the short term, and plan to either update to IE7, or install Firefox in the near future using one of the links above.

Don't Be The Catch of The Day - Avoiding Phishing Scams

(Note: This is an extended version of our article from the June 2009 Newsletter)

Phishing (pronounced “fishing”) emails and websites are created in order to trick you into divulging confidential information, like passwords, bank account information or credit card numbers.

The most common type of phishing scam is an email with a link to a website which looks like the genuine article, but is just pretending to be the real thing to trick you into entering your real username and password. This is how much of credit card and bank account information is stolen online.

The most recent phishing scam, which started targeting the Commonwealth Bank and then moved onto other banks was a step up from what we have seen in the past, with vastly improved English, and a number of clever psychological tricks to make a person feel compelled to act quickly. Some of the most effective messages even claimed to be a “Security Alert” or claimed that your account had been compromised. Other emails included topics such as “There has been an error in an online transaction. Please log into your account via this link to verify the transaction.”

The whole purpose of a phishing attack is to get you to click the link.

From here, one, or possibly both of the following will occur:

1. This link will take you to a webpage that looks quite similar or even identical to the login page for whatever banking site you use and there will be a field for your username and password. After you have typed in your information, the information gets sent off and recorded so that they may use it to log into the real account and steal your money.
2. The fake website will install malicious software on your computer.

Because of this, as a general rule, banks and financial institutions will never send you emails with direct links to a login page (and if they ever do perhaps you should move your money to another bank).

You need to always be vigilant about links in emails simply because it is so easy to make fake emails that look like the genuine article. If you receive an email from a site you signed up to, or you went to a site and asked to have your password reset then those links are probably okay. If an unexpected email arrives asking you to log in to a system then you should treat it with a great deal of suspicion.

So if you ever receive an email claiming to be from the bank asking you to “Click this link,” or “Click here to enter your financial details,” or “Login here to verify your account” then treat them with a great deal of suspicion. If you are still not sure, call the organisation that claims to have sent the email. Alternatively, if you know how to login to the page then use your browser and navigate yourself there. Don’t click the link in the email