Archive for October 2018

How to Tell if You Have Been Hacked

How to Tell if You Have Been Hacked

Being hacked is the single biggest fear of most computer users. Many believe that the first sign of strange behaviour or errors on their PC is a sign that hackers have taken control. But are hackers really inside your machine, stealing your information? Or should we be on the lookout for more subtle signs? What does being hacked really look like?

There is an important distinction to make between being hacked by a person and being infected with a virus or malware. Virus software and malware are automated processes designed to damage your system, steal your data, or both. There are of course ways that we can defeat these processes, but what if we are instead hacked by an individual?

Remote Connections

Our previous blog posts have warned people about not allowing strangers to remotely access their computers unless they are 100% sure that they are genuine.

Remote Support technology is a very useful tool but if you allow the wrong people to remotely connect, they can be doing things in the background that you may not be aware of. For example, whilst speaking to you they can be downloading software that they can then use to convince you that your computer has a problem – i.e. displaying fake error messages. Needless to say, they can also be gathering information from your computer too.

They can also leave software on your machine which in many cases is very difficult to spot. You should only allow people to connect when you have approached them – never from a phone call or email coming to you out of the blue, no matter how believable or what they appear to know about you.

Logins not working

One of the first steps a hacker might take would be to change the computers passwords. By doing so, not only do they ensure future access to the account, they prevent you from accessing the system to stop them. For the hacker, this is a crucial step that keeps them in control.

Being hacked is not the only reason why you may not be able to login, but it is a possible symptom that you need to bear in mind. We always need to make sure to keep on top of our own login details and how often we change them.

Security Emails or SMS’s from online services

Many services track which device and location you logged into your account from last. If your account is accessed from a new device or a different country it might trigger an automated email or SMS to ask if this new login is your own.

If you have logged in using a new computer, tablet, or phone; an email that asks “hey, is this you?” need not be cause for alarm. If you haven’t, it may be time to investigate further. This service is an important part of information security and may be a key first step to identify someone else gaining access to your account.

Bank accounts – strange transactions

Most commonly today, hackers commit crimes to steal money. The end goal for hackers is typically to profit from their crimes by taking money from people online. Obviously it pays to keep a regular eye on your financial transactions to make sure you know what money is coming and going from your account, especially when doing online banking.

Whilst you may see a large sum missing where hackers have attempted to take as much as they can in a single transaction, this is not always the case. Alternatively small, hard to notice transactions may sometimes appear. These often account for small purchases where attackers have tested the details that they have, to make sure they work. Hackers may even wait months before attempting a transaction.

Either way, the sooner you spot unusual or unrecognized transactions, the better.

Sudden loss of cellular connectivity

Mobile network interruption is a symptom that few people expect but occurs commonly when hackers attack. Many banks and online services use a security feature known as Two-factor authentication. To do this they send a short code to your phone or app when you log in. Two-factor authentication is ideal in most cases and is a great boost to security.

Determined hackers can try to work around this by calling your mobile service provider to report your phone as lost or stolen. During this call, they will request your phone number be transferred to a new sim card that they control. When your bank sends its regular two-factor authentication code to the number registered, it goes instead to the hacker who may be able to log in. From your perspective the phone service will simply stop working.

Unusual or unrecognized icons

In many cases hacking software tries to be stealthy and not be seen, but there are some that do not hide themselves so much because the hackers believe that it may not be noticed. A common one is remote connection software that can only be seen as a tiny icon in the bottom right-hand corner of a Windows computer, which automatically starts up every time you switch the computer on. It is hiding amongst all the other small icons and is frequently overlooked.

Similarly there may be an icon appearing on the Desktop which you do not recognize or remember installing, or your normal search engine changes to something else – if a virus or malware has caused this, what else is going on?

Keeping vigilant and maintaining security

These are only some of the modern techniques that hackers can try to use to gain access to your accounts. You don’t need to be paranoid but it pays to be extra vigilant and pay close attention to the signs and signals that indicate you may have been hacked.

Also, make sure that you have a good security product installed – it makes it that much harder for hackers.

If you suspect that you might have been hacked, or would like help to prevent hackers in future, give us a call on 01455 209505 and we’ll help improve your security.

Top 5 I.T. Problems for Businesses

Top 5 I.T. Problems for Businesses

Companies that suffer security breaches nearly always have at least one of these IT security problems. Do any apply to your company?

No Backups

A shocking number of businesses are not backing up their data properly. According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months.

Not only should every business be fully backing up their data, but their backups should be regularly tested to work too. It’s a step that businesses miss surprisingly often. Many businesses don’t find out that their backup can’t be used until it’s already too late.

Reactive and not proactive

The world is constantly changing. The IT world doubly so. Attackers are always figuring out new ways to break into businesses, hardware evolves faster than most can keep up, and old systems fail due to wear and tear far quicker than we would like. A huge number of businesses wait until these issues impact them directly before they respond.

The result is usually higher costs, longer downtime, and harder hitting impacts.

By responding to hardware warnings before it fails, fixing security holes before they’re exploited, and upgrading systems before they are out of date: IT can be done the right way. Being proactive about your IT needs means systems don’t have to break or compromised before they are fixed. The result for your business is less downtime, fewer losses, and lower IT costs.

Weak Passwords

A surprising number of people will use the password “password” to secure some of their most important accounts. Even more still will write their own password on a post-it note next to their computer or allow everyone else to know what the password is. In some cases, many will even use no password at all.

Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too. When system changes are made it’s often essential that the account that made changes is secured to the right person. With an insecure password or worse; none at all, tracking the individual responsible for reports or accountability becomes impossible. This can result in both auditing disasters on top of technical ones.

Insufficient Staff Training

Humans in the system are commonly the weakest point in IT security. Great IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate. If staff aren’t trained to use the lock, it’s worth nothing at all.

Many times businesses can justify spending big on security for the latest and greatest IT defences but the very same firms may exceed their budget and spend almost zero on training staff to use them. In this instance, a little goes a long way. Security training can help staff to identify a threat where it takes place, avoiding and mitigating damage, often completely.

Weak Data Controls

Some companies can take an ad-hoc, fast and loose approach to storing professional data. Often crucial parts can be spread across many devices, copied needlessly, and sometimes even left unsecured. Client data can be found regularly on employee laptops, mobile phones, and tablet devices. These are famously prone to being misplaced or stolen out in the field along with vital client and security data.

It can be easy for both employees and firms to focus on the costs of devices and hardware purchased for the business. The reality is that the data held on devices is almost always worth many times more than the device that holds it. For many firms, their approach to data hasn’t been changed since the firm was first founded. Critical data is often held on single machines that haven’t been updated precisely because they hold critical data. Such machines are clearly vulnerable, outdated, and prone to failure.

Common problems with simple solutions

Each of these common issues have simple solutions to secure against IT failure. With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.

If you need help securing your IT to protect your business, give us a call on 01455 209505.

Are Registry Cleaners a Good Idea?

Are Registry Cleaners a Good Idea?

We regularly see programs on customer computers that claim to be “Registry Cleaners”, “PC Boosters” or similar names, so we thought it best to talk about these so-called ‘helpful’ bits of software.

For example, a recent virus infection near Lutterworth was the direct result of one of these software programs.

You may have been alerted by popups while browsing the web, by (often flashing) advertisements claiming that your computer has hundreds or even a thousand errors requiring urgent attention to fix. Perhaps helpfully, these popups offer a solution to cure your computer with a click of the mouse and buttons marked “fix now” appear to offer a simple fix to all your computer troubles.

These advertisements are often described as “Registry Cleaner”, or by a few other names that attempt to convince the user they will somehow clean or improve their computer, such as “Optimizer”, “Tune Up” and the like. Within the IT industry they are known as “scareware” – they are software programs designed to convince you that your computer has problems that it might not have.

Are they trustworthy?

Almost all popups and advertisements that use banners saying “Fix now for free” are not trustworthy at all. They are little more than a scam attempting to take your credit card details, PC data or both. These programs might claim to scan your computer and show a convincing list of plausible sounding computer problems. Using this, they will ask for payment to “fix” these problems, to get your PC back in shape again.

At worst, these advertisements can be downright malicious. Some may attempt to use fake warnings and scare tactics to trick customers into installing spyware on their own computers. When installed, spyware will attempt to steal information in the background. Attackers may use this technique to steal usernames, passwords, emails, and credit card details and sometimes the first sign a user has that something is wrong, is when a virus scan detects software doing something it shouldn’t be.

Quite often, you can find that the program itself will automatically download further scareware or malware.

Do I need to clean the Registry?

The Windows Registry is a collection of settings that essentially cover everything on your computer, from the desktop that you see when you log in (which may be different to someone else’s) to important settings for programs that are installed. The Registry is vital to your computer and if it is corrupted or incorrectly modified, it can cause your computer to be unusable.

As professional technicians, we do not go into the Registry unless we have to and then only after backing it up first, so that it can be replaced if necessary. Even though searches on Google, Bing etc. and forums show entries routinely talking about changing this and modifying that in the Registry, we do not recommend doing so.

More importantly, we do not recommend letting any computer program do it either, but don’t just take our word for it. Microsoft do not supply a Registry Cleaning program for good reason and they actively discourage people from using one.

What about Optimising?

The Windows system and various applications installed on your PC do leave files stored your computer. These files can stay behind or go out of date even after the application that initially made them has been removed. These files can use up a little space on the hard drive and generally cause minor clutter within the system.

Despite the large amount of “scareware” and fraudulent computer cleanup scans out there, legitimate applications designed to clean your system do exist. This can be something we cover and is often done as a single small part of a complete computer tune up. Keeping up with out of date files and freeing up unused space is worthwhile and can be considered “good housekeeping”.

However, the vast speed boosts many online advertisements claim to unlock, by simply moving files around are almost always false.

Do your research before installing any program that purports to “Optimise” your computer, especially from an advert or worse still, a pop-up. Also check to see if that program has a Registry cleaning module and if it does, switch that module off.

Remember that computers are commonly upgraded and can be boosted by more conventional means. If the speed of your PC is no longer up to the task, there are ways in which we can unlock far greater gains than simple housekeeping chores.

PC “Boosters”

Some programs claim to boost the performance of your computer, but again we do not recommend letting a computer program automatically change important system settings, which may have a negligible impact anyway.

Relatively low-cost hardware components such as memory can often be added to boost the speed of even an older PC and unlock a new lease of life. Depending on the computer, upgrading the computers RAM can double the working memory available to the operating system. With extra memory, many programs can keep more information available to work with and this upgrade can reduce loading times and increases the computers ability to run more programs at once.

Another common speed boosting upgrade involves how we store and load data from the computer. Switching from an older style mechanical hard drive to a modern Solid State Disk (SSD) can bring down the startup and loading time of any PC – again depending on the age and condition of the computer in the first place.

These upgrades offer boosts in speed to rival a modern system at only a fraction of the cost originally paid for the computer. Upgrading the RAM, swapping to an SSD, or doing both will provide an instant, dramatic, and safe improvement to the speed of your PC, without introducing dodgy or po.

The most important thing to remember, is to not trust Registry Cleaning programs if at all possible and if you must access it, back up first or better still, get a professional to help you. When it comes to Tune Up programs, check the programs out by reviews and search engine research, before letting that program anywhere near your computer, let alone paying for it.

If your computer is running slow give us at a call on 01455 209505 to arrange a real and professional cleanup.