Author Archive for CSH – Page 6

Mac Computers and Viruses – Truth versus Myth

Compromised app containing a virus

We have lost count of the number of times that we’ve heard the phrase “Macs don’t get viruses” or “I’ve never had protection on my Mac”. Whilst this may have been true in the past it isn’t as cut and dried today and the Mac OSX operating system actually can be vulnerable, so protection is worth seriously considering especially in a work or business situation.

More difficult to exploit

The Mac is based on the UNIX operating system (as is Linux) which is more difficult to exploit as it is built on a sandbox-type principle, where malicious code cannot usually get as far as it might get in a non-UNIX based system.  Also, Apple has built in a certain degree of malware prevention in the Mac, for example their ‘Gatekeeper’ software actually blocks apps that have been downloaded from the internet (i.e. anywhere other than the Apple Store) that do not have a Developer ID supplied by Apple certifying that they are safe to use.

Unfortunately, in spite of this robustness the Mac is now becoming a victim of its own success because its increasing popularity means that cybercriminals are paying more attention to it – and finding ways of making money from you even if you are a Mac user. It’s not just that popularity – Macs are usually much more expensive to buy, so the cybercriminals may believe that Mac users are attractive targets.

Not impossible to exploit

For example, a popular Mac DVD-ripping and Video Conversion app called ‘Handbrake’ was recently compromised, by criminals hacking the software company download server and inserting malicious code into the app download. When this download was installed on a Mac, it also installed a ‘backdoor’ (a means of bypassing security). The user then was asked for their administrator password, which was passed over the internet in plain text so that the criminals could access any part of the system from that point.

By successfully avoiding having to use the ‘direct attack’ approach, this allowed important information such as password keychains and browser data to be extracted and passed to the crooks.

This compromise has now been corrected and the infected code was from a download between 2nd and 6th May 2017. If you have installed Handbrake version 1.0.7, check the SHA1 checksum of the file by opening a Terminal, typing in shasum and dragging the installation file into the Terminal Window.

If the checksum is 0935a43ca90c6c419a49e4f8f1d75e68cd70b274 then the file is malicious.

To disinfect it remove the Launch Agent plist file fr.handbrake.activity_agent.plist, and the activity_agent.app file located in ~/Library/RenderFiles/. Reboot then change your passwords.

In the past year or so a Ransomware-type malware was discovered for the Mac, so this isn’t the first time that there has been a potential issue.

Even though the Mac is more robust and secure than its main competitor, it is by no means invulnerable to malicious code and it is a risk to think otherwise. You may feel that the risk is small enough to continue to use your Mac as you always have, but at least consider the pros and cons first – as well as being very careful about where you get your apps from.

If you would like help in securing your Mac, give us a call on 01455 209505.

Windows 10 Edge and Internet Explorer – More Adverts on their Way

More Windows 10 adverts

With the amount of information passed back to Microsoft in Windows 10, such as the ‘Advertising ID’ feature, many people expected that they would use that data at some point – after all Windows 10 was given away free for a whole year. It now seems that the data has begun to be cashed in.

The latest Windows 10 ‘Creators Update’ will bring various changes as described in our previous Blog article here but it seems that the Update will also be pushing more adverts toward users, through the Edge browser, Internet Explorer and even File Explorer.

When opening Edge, “Where to next” is displayed and now there will be so-called “Sponsored” adverts too. When opening both Edge and IE you will also see a ‘Top Sites & News Feed’ tab with these ads – not just for Microsoft products but for third party products too.

File Explorer (previously known as Windows Explorer) has already displayed some adverts for Microsoft Office and similar products from Microsoft, but people are now also seeing third party adverts in this too – in an essential and basic Windows tool that everyone uses and where you wouldn’t normally expect it.

Of course, it’s no surprise that any company would want to make money from advertising, but this is essentially the start of Windows becoming a monetising product for its makers, when previously it was an Operating System only. It may also be Microsoft just testing the water.

You may not be bothered about the level of adverts or suggestions/nags, but if you are, what can you do if you don’t want ads popping up all over the place?

Stopping Ads in File Explorer

Open File Explorer > View > Options. Go to the View tab and look in Advanced Settings section – uncheck ‘Show sync provider notifications’, then click OK.

Stopping Advertisement App Suggestions

If you don’t want ‘suggested’ apps appearing in your Start Menu, go to Settings > Personalisation > Start and switch off ‘Occasionally show suggestions in Start’.

Stopping Ads on the Lock Screen

Yes, even before you log in! Go to Settings > Personalisation > Lock Screen and set the background as ‘Slideshow’ or ‘Picture’ instead of ‘Windows Spotlight’.

Also, go to the bottom of the window and disable ‘Get fun facts, tips, and more from Windows and Cortana on your lock screen’.

Stopping Cortana Nagging You

Cortana the personal assistant tries to help users – sometimes a little too much – with constant popups making suggestions that sometimes end up just getting more annoying than useful.

Click Cortana bar > Settings icon and go to ‘Let Cortana pipe up from time to time with thoughts, greetings, and notifications in the Search box’. Disable ‘Taskbar Tidbits’.

Stopping the ‘Get Office’ Nags

A ‘Get Office’ app is automatically installed and which regularly makes a suggestion that you try Office 365 free for a month – but you may not want it to keep on asking.

Go to Settings > System > Notifications & Actions, scroll down a bit and switch off notifications for the “Get Office” app. Alternatively, you could also right-click the app on your Start Menu and select ‘Uninstall’.

Solitaire Ads

Windows still has the built-in Solitaire game, but you also get a 30-second advert unless you pay Microsoft $10 a year. If you don’t want to pay, you will have to get an alternative via a search engine – but be careful where you download from.

These are just a few ways to reduce the advert clutter from your Windows 10 Creators Update computer. No doubt things will change in the future and there may even be more adverts as well as more premium content along the lines of the Solitaire game, but only time will tell.

If you would like help in de-cluttering your computer, give us a call on 01455 209505.

How Many Good Battery Habits Do You Have?

Extending your battery life

Batteries are rarely talked about – until they’re drained – then we’ll tell everyone as we beg desperately for a charger, hoping to get enough juice to last the day. The truth is, they’re a miracle of engineering that gets taken for granted and cursed when flat.

When repairing customer laptops we often hear the phrase “the battery died after a year or so” and that was certainly the case with the older type batteries. Luckily battery technology has gone a lot further and Lithium-Ion batteries are the main battery of choice today, together with longer lifespan and longer useful working charge.

If it feels like your battery is running out faster, you might be right. But it’s not because of ‘battery memory’ and needing to be cycled (that’s an older battery type called NiMh), it’s because the modern Lithium-Ion batteries in phones and laptops just simply wear out over time or get affected by heat. Fortunately, extending your battery life is easier than you think!

Which of the following GOOD battery habits do you have?

Charge whenever you can:

Lithium-ion batteries don’t like being charged all the way up and then drained all the way down. No wonder, it even sounds exhausting. Give them a little charge here and there, and they’ll be happy.

Leave your laptop plugged in:

You are very unlikely to over-charge the modern battery, it will just sit there waiting to be used. The laptop also helps out by cutting the flow of power when the battery registers as fully charged.

Watch for overheating:

Your laptop battery won’t overcharge, but it may overheat. You might also consider removing the battery if you’re using your laptop plugged in all the time. Yes, you might lose data if there’s a power outage, but overheating is a far more common occurrence and it’s been proven to degrade battery life considerably. Check your vents are clear with good airflow, and if necessary, help it out with a cooling laptop stand.

Leave your phone plugged in all night:

Just like your laptop, your charger knows to stop when the battery is full. Those chargers do generate heat though, so make sure you have enough airflow around both charger and phone, and never cover them up with anything.

Charge batteries before storing:

If you’re one of the lucky few with backup batteries, make sure to give them a half charge before storing. They’ll naturally discharge and age over time, so this gives them a fighting chance to still be viable when you need them.

Keep your cool:

We know to avoid water with our phones, but we’re less careful about exposing it to heat. This includes leaving it in your car all day, placing it on top of your PC, or even in a sunny spot by the window.

Wireless and rapid chargers can also be an issue, as the amount of heat they generate will affect your battery.

Keeping your Lithium-Ion battery happy is easier than you think. Your battery will wear out over time, but you can push that day a few years into the future if you remember to keep it charged and keep it cool.

Having battery issues? We can help! Call us at 01455 209505.

New Windows 10S to Target Chromebook Education Market

Windows 10S for Education Sector

Microsoft are about to release a trimmed-down version of Windows 10 called 10S, aimed at the Education market which up to now has been taken over by Google’s Chromebook.

Traditionally, Windows had the Education market in its hand due to its lower Academic version pricing (which was much cheaper than retail) for Windows and Windows software such as Microsoft Office. Then the Chromebook came along with its cheap price tag together with its ‘locked down’ operating system making it harder for students to cause much damage. This was ideal for school administrators who wanted to get a working computer at the lowest price, which could also be set up quickly and securely.

Windows 10S will be released on Microsoft’s Surface Laptop as well as some computers from Samsung, Toshiba, Dell and Acer in the near future, and they will be pushing these offerings to the Education sector.

There are ‘pros and cons’ with the release (as you would expect) and what is good for administrators may be cause for complaint by others.

Locked Down and Faster booting

Windows 10S will be ‘locked down’ because only apps from Microsoft and the Windows Store will be allowed to be installed, so schools can relax in the knowledge that it will be less likely for students to be able to install malicious or other unwanted software.

It has also been designed to increase battery life and have a faster boot time, which you would expect with a thinned out version of Windows.

The downside is the reduction of choice – if it isn’t a Microsoft app or in the Windows Store, it will not be available for installation, which gives Microsoft effective control on what is and isn’t used on its machines, although the Chromebook did give Google a large amount of control too.

Another downside will be that schools will no longer be able to use free alternatives to expensive software such as Photoshop, unless Microsoft allow it.

An Upgrade route will be available

The release announcement stated that it will be possible to upgrade 10S to Windows 10 Pro, at a lower price. This may be useful but at the moment we are being told that it is a one-way upgrade – once upgraded you cannot go back and of course, it will not be classroom-proof any more. You will also lose the battery and boot time advantages too.

Cheaper computers in the future…?

Clearly the Chromebook is not just for classrooms and there is a big market for public consumption of a cheaper, trimmed down operating system that lets you do everyday tasks. This is why we expect that at some point Windows 10S (or a version of it) may be available to the general public at some point, for use in the less expensive part of the market. If or when this happens we will have to see.

With Google saying that they have half of the US education market and 20 million devices in education, there is everything to play for for Microsoft. Time will tell if it pays off for them but they are certainly going to give it their best shot.

Helping to Control Spam in your Email

Getting rid of Spam in your Inbox

‘Spam’ emails get into everyone’s email Inbox and are a fact of life these days. Whether its “Russian Brides” or something else, Spam emails are annoying, especially if you regularly get a large number every day. It is not surprising that there is so much, as current estimates put Spam between 60%-80% of global email, depending on which report you read.

What many people do not realise, is that a lot of Spam emails are caught by your email company and discarded before you even get to see them – although some email companies filter out Spam much better than others do.

Having said that, there are ways to help reduce the number of Spam emails that you get – here are a few of them: –

Mark as Spam before doing anything

This is the most important thing. More often than not, we see that customers tend to delete the Spam emails, then carry on reading their ‘proper’ emails as normal – all this does is just delete it, so it doesn’t help you the next time they send an email from that address.

What you need to do is to mark the email as Spam, before deleting it. This tells your email company or email program what to do if this email address sends another email – that is get rid of it before you get it.

Email using Webmail

If you are using Webmail (getting your email through the email company website), mark the Spam email (usually on the left-hand side) and click on the Spam button, which may be marked as ‘Report’, ‘Spam’ or something similar. This identifies the email as Spam and tells the email company that you don’t want any more emails from that email address. The email company should automatically send any more emails from the same address, straight into the ‘Junk’ folder instead of your Inbox.

Email using an Email Program or App

Many email programs include a facility to mark an email as Spam. For example, if using Outlook, right-click the email(s) and select ‘Junk’. You will get options as to what to do, e.g. selecting ‘Block Sender’ (blocking just the email address) or ‘Block Senders Domain’ which will block all emails from the name after the ‘@’ symbol. Note that Outlook diverts emails into the Junk folder – they will still be coming from the email company.

Most email programs will have a similar method of diverting spam that has been received.

Many (non-free) security software programs include an anti-Spam facility, whether it blocks an email that it knows is spam using its own built-in spam filters, or “training” the program by marking the Spam emails and it blocks them for you in the future, in a similar way as above.

Businesses – hardware and online filtering

If you are a business with a business-class firewall, a Spam filtering facility can be included in the appliance, depending on the hardware device chosen, so speak to your I.T. person about this.

There are also ‘Cloud’ solutions that can route emails from your email company through the Cloud filters before you even get them – there are many solutions to choose from.

Third Party Anti-Spam programs

There are a large number of ‘Anti-Spam’ programs which say that they help in blocking and removing Spam – they are essentially adding another filtering layer for your Inbox. Having said that, you do need to check for compatibility with your email program or app, so research is essential, especially as some of these programs are more reliable than others..

As with all things, make sure that you have regular backups, in case the worst happens, but if you do nothing else make sure that you mark your emails as Spam, before getting rid of them.

If you would like help in battling Spam in your Inbox, give us a call on 01455 209505.

Microsoft Says Don’t Download Windows 10 Creators Update Yet

Windows 10 logo

Microsoft has advised users NOT to manually download the latest update to Windows 10 – called the Creators Update – but wait for it to be downloaded in the normal automatic update rollout instead.

Despite the massive publicity surrounding the latest Update release, they are finding issues with it particularly with older machines, such as some components no longer working after the Update has installed. This is why they are automatically updating newer machines first and hoping to identify and iron out bugs before the older systems get it during the normal course of events.

Even though Microsoft are deliberately rolling out the Update slowly, users can download the Creators Update themselves so Microsoft are worried that the issues that they have found will result in normal (e.g. non-geek) users having difficulties should they install the Creators Update before Microsoft want them to.

The Creators Update is the equivalent of an operating system upgrade (Windows 10.2 if you will) and it is a major undertaking even without the threat of parts of your machine not working afterwards. Certainly many of us in the I.T. world remember the problems caused by the last big Windows 10 update (the so-called ‘Anniversary Update’ last year) and even though we have learnt the hard way not to jump into the next ‘latest and greatest’ straight away (there are always bugs to be ironed out) it is surprising that they have asked users to stop manual updating so soon after release, so there must be further bugs that they are dealing with.

On the positive side at least Microsoft are warning people and not just releasing code that they know will cause problems to many people, although it is still a pity that testing didn’t show these issues before the Update was released to the public.

It also doesn’t help when you consider that Home and Small Business customers are effectively testing the Update before Enterprise customers get it, as it will not be released to the Enterprise sector for months – until the bugs have been ironed out.

If you have installed the Creators Update already, there is a way to uninstall it until it is more stable, although be aware that some apps/programs may be uninstalled in the process.Of course, as always, you should take a backup of your important files first just in case.

Go to Start > Settings and click ‘Update and Security’. Click on ‘Recovery’ > ‘Go back to an Earlier Build’ or depending on how long ago it was, click on ‘Go back to the previous version of Windows 10’.

If you are experiencing problems with Windows Update, give us a call on 01455 209505.

Controlling Windows 10 Autoplay Settings

Autoplay settings in Windows 10

‘Autoplay’ in Windows was originally designed to automatically open removable media that you have plugged into your computer, such as CD/DVD or USB media – it was meant to speed things up for you, but it has had a checkered history.

In the old days, putting in a CD/DVD or USB media with Autoplay switched on was a good way of passing viruses from one computer to another, as viruses were automatically executed when the media was opened for you. This is why good security programs today either automatically scan removable media when inserted, or ask you to allow it to do so, but some programs are better than others and some may not stop a virus from executing itself in time.

Later versions of Windows switched Autoplay off by default and Windows 10 asks you what you want to do, when removable media is inserted. However we do see customers that switch it back on, for ease of use but this does pose a risk.

Even today, it is recommended that Autoplay is switched off. You can do this by going to Settings > Devices and select ‘Autoplay’ on the list on the left. Toggle the Autoplay switch to ‘Off’, Autoplay will be disabled and you will not see the pop-up window again. This allows you or your security software to scan the removable media before opening.

Alternatively, or you just find that annoying, the next safest thing is set Autoplay to ask you what to do every time media is inserted, rather than automatically opening it. In Windows 10 you can actually select different actions for different media, for example you can set memory cards to import photos from your camera (which is unlikely to be infected). The settings for this are in the same section as described above, and you go to the ‘Choose a default’ for each media showing in the list.

There is also even greater control of individual media by going to the ‘Autoplay’ setting in Control Panel, where you can choose a default for many more options such as Pictures, Video, Audio etc. that may be present on your removable media.

Rather than just automatically opening media, the final thing that you can do is to set Autoplay to open the media in File Explorer – but as some viruses reside in an area of removable media that is read when opening its file list, this is not that much better than automatic opening. We would recommend scanning all removable media before opening it in File Explorer.

Every day people are using the same USB drive in their home and office/business computers, or putting removable media into their computers that has been used in a friend or relative’s system. This means that the weakest point is the danger point for compromising the security of your computer – so the friend/relative that may not have a good security program, or a compromised office computer are routes to computer infection.

The last thing you want is to have your computer disinfected, so it pays to reduce the risk where possible.

If you would like help in securing your computer or believe that your computer may be infected, give us a call on 01455 209505.

Security – 4 Ways to Travel Safe for Your Business

or aMobile Security for your Business

Working from anywhere is now as simple as accessing the internet on any number of devices. Managers, owners, and employees are all embracing the flexibility of working while travelling, making it the new norm.

But while you were in the office, you were protected by professionally designed firewalls, security infrastructure, and robust software. As soon as you step away from the building, those protections disappear, leaving your device and the data inside at greater risk.

Cyber attackers love to collect any data they can obtain, often preferring to hack first, assess value later. It doesn’t help that almost all data can be sold, including your personal details, those of your clients and suppliers, as well as your proprietary business data. These days, the information stored on your device is usually worth much more than the device itself.

Here are 3 ways a hacker will attack:

Making use of Opportunity – getting hold of the device

Whether an employee left their laptop at a café or a thief stole the phone from their pocket, the outcome is the same – that device is gone. Hackers will take advantage of any opportunity to gain access to a device, including taking them from hotel rooms and even asking to ‘borrow’ them for a few minutes to install spyware, before handing it back.

Have you ever handed your smartphone to a stranger, asking them to take a photo for you?

Spoofing a Wi-Fi Hotspot

We’ve all come to expect free Wi-Fi networks wherever we go – we can even create them ourselves using smartphones. Hackers will take advantage of this trust to create their own free, insecure network, just waiting for a traveller to check a quick email.

When they do, they can monitor traffic and if your device is not secured, hackers can obtain all sorts of information.

Intercepting an Insecure Network

Hackers don’t need to own the Wi-Fi network to steal content from it. Data travelling across an insecure genuine network is visible and available to anyone with the right software.

Taking these four precautions will help to increase cyber safety and help to protect your business data while on the move: –

1.    Make a backup before you travel: In the event that your device is lost or damaged, you’ll be able to replace the device with a new one and quickly restore all the data from a backup, all with minimal downtime. (Also bear in mind that many devices have a remote delete or lock function in the event of a theft – if yours does you may want to consider it).

2.    Don’t use public Wi-Fi: Wait until you have access to a secure network before going online – even just to check email.

3.    Use passwords and encryption: At a minimum, make sure you have a password on your device, or even better, have full drive encryption. That way, even if your data storage is removed from the device, the contents are inaccessible.

4.    Act fast after loss: If your device is lost or stolen, immediately notify the appropriate people. This might include your IT provider so they can change passwords, your bank so they can lock down accounts, and any staff or colleagues who need to be aware of the breach, so they aren’t tricked into allowing further breaches.

So much personal, financial and business information is now held on our mobile devices that they are a potential goldmine for the wrong people. Think objectively and try to minimise the risk now, because a cyber breach is happening to someone else whilst you are reading this – don’t let it be you.

Need help with mobile cyber security? Call us at 01455 209505.

Beware – the fake TalkTalk Scam is Still Going Strong

Keep your computer secure from scammers

A couple of years ago, TalkTalk made the news after admitting that they had been hacked and large amounts of customer private data had been accessed illegally. At that time there were a number of scammers pretending to be from TalkTalk, phoning people trying to get remote access to their computer by saying that they were infected or their emails had been hacked.

The idea was to convince people into paying them a lot of money, by accessing their computers to either create a problem (to pretend to fix), to syphon details to be used later in ID and bank fraud or just to scare the customer.

Scammers are back

We are now seeing an increasing number of cases where scammers are using the TalkTalk excuse but are even more believable, by giving information that a customer would assume could only be from TalkTalk. For example, customers who have had problems with their emails and who have contacted TalkTalk about it, who have then got a call from the scammers.

Even if these calls are just a coincidence, and that the contact information they are currently using is from the original hack, we strongly suggest that all TalkTalk customers be extra vigilant anyway as these people are very believable and make a lot of money doing this. This also applies to ANY other company that calls you out of the blue, as TalkTalk is not the only company name misused by scammers in this way.

Remember that TalkTalk would never call you to ask for passwords, or contact you out of the blue to ask to remotely access your computer for some reason. Also, they could not tell if your computer is infected or not without examining it, so they would not call you to tell you that it was.

What to do if they call

If you do get a call from someone saying that they are from TalkTalk (or other company), no matter how believable, do not let them access your computer. Go to the genuine company website, get contact details and call them, to make sure that the person you are talking to is genuine.

Also, remember that remote connections can be used legitimately too and you should not be put off using it – just be especially careful who you allow to connect remotely to your computer and you should be ok.

If you think that you may have already been scammed or just want help, give us a call on 01455 209505.

Is Anti-Virus Enough These Days?

Is Anti-virus protection enough these days?

Not too long ago, everyone was warned about computer viruses and ‘Anti-Virus’ became the in-word when it came to computers, because the last thing you wanted was for someone to cause damage using a virus program.

Since then, criminals have jumped on board the malicious software scene and big money can be obtained from data – especially yours.

Increasingly the media are telling us that there are more threats than basic viruses now, things like ‘Ransomware’ (a malicious program which encrypts your files so that you cannot access them again without payment), software aimed at stealing your credit card and identity data, telephone scams using remote software, plus others.

Protection – what can you do?

Clearly, if you want to go on the internet you do need anti-virus protection but unfortunately, protection from free programs is not enough these days. Yes they are definitely better than nothing, but you have to ask yourself if big corporations such as Yahoo and TalkTalk can get hacked, maybe minimal protection compared to paid-for protection, is not the way to go.

A good paid-for security suite is the minimum these days and even then, you have to be careful about what websites you visit, emails you open and what you download.

The One Anti-Virus Rule

Traditionally, the rule has been that you must only have one anti-virus program running at any one time on your computer. To have two anti-virus programs was definitely not recommended, as they compete with each other and at the very least slowed your computer to a crawl, if not actually corrupting your data. We have come across many computer systems with two or more anti-virus programs which have caused problems. That was up till now.

There is now a product called Malwarebytes, which has been designed to actually run alongside your traditional anti-virus program, without causing the problems as before. It compliments your current protection by looking for the ransomware / malware-type of threat and assists in the protection of your system by concentrating on the non-traditional danger to your computer, without causing problems having two protection programs.

As it is a paid-for product it runs in real time, bolstering the protection of your system. As the threats particularly of Ransomware are becoming a problem, especially for businesses, it is recommended to seriously think about adding to the scope of your protection.

Ultimately, no protection system is guaranteed 100% effective as they are always catching up with the “bad guys”, but it is worth considering whether or not one protection program is enough these days, bearing in mind online banking and other day-to-day internet use that involves sensitive personal and financial information.

If you do decide to go down the additional protection route, we can supply Malwarebytes at below retail prices, so if interested give us a call on 01455 209505.