Archive for Computer virus

Why Spam is a Small Business Nightmare

Why Spam is a Small Business Nightmare

15 years after the world united to crack down on spam emails, we’re still struggling with overloaded Inboxes and estimates of the extent of global spam, range from 60% to over 80% of email traffic. All that unwanted email continues to flood the internet, much of it targeted towards small businesses, and the impact goes wider than you might think.

Here’s the full breakdown of how modern spam works and how it’s hurting your business.

What is spam?

Generally speaking, spam is any unwanted message that lands in your email, comes via text, social media messaging, or other communication platform. It might be sent to your main business account, eg your ‘contact us’ email, or direct to your employees. Most of the time, spam is annoying but relatively innocent messages from another business inviting you to buy/do/see something. They’re newsletters, reminders, invitations, sales pitches, etc. You may know the sender and have a previous relationship with them, or they might be a complete stranger.

Occasionally, spam may even be part of a cyber attack.

Why you’re getting spammed.

Maybe you or your employee signed up for a newsletter or bought a raffle ticket to win a car. Perhaps you got onto the mailing list accidentally after enquiring about a product, not knowing that simply getting a brochure sent through would trigger a spam-avalanche. Often there’s fine print that says they’ll not only use your details to send you their marketing, but they’ll share your details with 3rd parties so they can send you messages too. That single email address can be passed around the internet like wildfire, and before you know it, you’re buried under spam.

Sometimes, and more than we’d like to think, your details are found illicitly, perhaps through a hacked website for example, like the recent LinkedIn leak. More often though, your email is simply collected by a computer ‘scraping’ the internet – scouring forums and websites for plain text or linked emails and selling them as prime spam targets. It’s easy to see how individual office employees receive an average of 120 emails daily, over half of which are spam!

Spam is not just annoying.

We all know spam is annoying, but did you know it’s also resource hungry? Your employees are spending hours each week sorting their email, assessing each one for relevance and deleting the spam. Too often, legitimate emails from clients and customers get caught up and are accidentally deleted. Add in the temptation to read the more interesting spam emails and productivity drops to zero.

On the other side of the business, your email server might be dedicating storage and processing power to spam emails, occasionally to the point where inboxes get full and real mail is bouncing out. While most spam is simply an unwanted newsletter or sale notice, there’s also the risk that any links may be a cyber-attack in disguise. After all, one click is all it takes to open the door to viruses, ransomware, phishing or other security emergencies.

How to reduce the spam.

Normally, spam is filtered out locally by your antivirus security software (depending on your choice of software of course) and all email servers have the capacity to use in-built filtering software before you get it – one of the most common software packages being called ‘SpamAssassin’. On top of that, there are third-party anti-spam companies which you can use to add further filtering, where typically the third party gets all your emails first and processes their filtering on them, before it even gets to your server.

Also the 2003 Can Spam Act is a global set of anti-spam laws that was set up that requires all marketers to follow certain rules, like not adding people to mailing lists without their permission, and always including an ‘unsubscribe’ link. This why many companies send you an email to confirm that you want to be added to their mailing lists, even when you have asked for it in the first place.

So firstly, make sure you’re not accidentally giving people permission to email you – check the fine print or privacy policy. Next, look for the unsubscribe link at the bottom of the email. Unfortunately, not all of them include the link, or they hide it somewhere impossible to see.

The worst spammers use that ‘unsubscribe’ click to confirm that your email address is valid/active and then sell it on, so don’t automatically go for the ‘unsubscribe’ link – look at the email first and decide before clicking.

If you need help with your anti-spam protection, call us on 01455 209505.

Why People Create Viruses

Why people create viruses

You’d be right in thinking it’s hard to program a computer virus that can spread across the world in a flash – we’re talking days of constant computer nerd-work. So why do they bother? Well, it generally comes down to 3 reasons: Money, showing off their skill, or to simply be a pain – but mainly its money.

Here’s how people are making money with computer viruses: –

Bank account theft:

Virus creators are more than happy to help themselves to your bank details, sneaking in to grab your login details or credit card info. They can either transfer your funds away or use your credit card details to go on a shopping spree. Sometimes they’ll leave the fun to another person though, and simply sell your details to the highest bidder.


Rather than a financial snatch and grab, sometimes a virus will encrypt your files and demand money for the unlock code. Without a true backup plan in place beforehand, you’re completely at their mercy as the encryption strength is usually pretty strong. You’ll be given very helpful information on how to pay, plus a firm deadline before your files are destroyed permanently.

Ad swappers:

A cheeky technique, this is when they create a virus that either puts annoying ads on websites you visit, or places affiliate codes on pages so that when you buy something legitimately – eg, from Amazon – they get a percentage as a ‘referral fee’. Their kickback doesn’t make your purchase cost more and you may not even know you’re supporting their activities, but its there.

Bitcoin mining:

You might have heard of digital currencies being used for payment, but did you know you can also earn them with your computer processing power? Unfortunately, ‘renting’ out your computer’s processing power means paying more in running costs than you’d make – especially if you didn’t know that your computer was doing it in the first place.


Infected computers can be remotely controlled to do whatever the virus creator wants. In this case, they’ll usually set the infected ‘bot’ computers to overwhelm a target web server, like an e-commerce store. Sometimes it’s done as revenge, but more often it’s blackmail. The ‘Botmaster’ says “pay me thousands or I’ll crash your site during the biggest shopping day of the year” and uses a network of potentially thousands of infected computers to do the dirty work.

Account stealing:

Subscription accounts like Netflix are often hijacked, leaving you to pay the bill for someone else’s entertainment. But sometimes, virus creators go one step further with online Gaming accounts. All those Gaming digital items that you played so hard for (special clothing, weapons etc.) can carry real world value and be stolen from your account and sold on a black market. Yes, that’s cheating!

Should this make you paranoid? Of course not, but it does reinforce the need to keep your devices secured, especially computers.

Give us a call on 01455 209505 to help make sure your computer is secure and protected.

How to Stay Safe from Scams or Malware on Facebook

Facebook scams

At last count, Facebook has clocked up over 2.7 billion users, which makes the platform more attractive than ever for scammers and hackers. While you may be logging in to share your latest family photos or catch up with friends, the chances of accidentally triggering a scam or malware are increasing.

Here’s how to stay safe on Facebook and stop the spread.

Look out for freebies and surveys

Everybody loves a freebie and for the most part the competition posts on Facebook are legitimate. Having said that, when you see a giveaway for vouchers for a mega-store, alarm bells should ring. ‘Do this quick survey and we’ll send you a £50 Amazon Voucher!’ – it’s too good to be true.

Even one click can take you on a journey through the underside of the web, picking up trackers and malware at every stop and at the end, you’re asked to share the post so your friends can get a voucher too…except nobody ever gets the reward.

Check your permissions with games and quizzes

Whenever you access a new game or quiz, you’ll need to give permissions for it to access your Facebook profile. Most people click the okay button without any thought, but if you review the permissions you’re giving, you’ll often find they’re asking for a massive amount of personal data; public profile, friend list, email address, birthday and newsfeed. Do they really need ALL this information?

Sometimes it is from necessity, but bear in mind that some apps can be preparing to launch attacks against you both on and off Facebook. For example, when you call your bank they ask certain security questions like your full name, birthday and maybe which school you went to. All that information is in your Facebook profile and is now shared with your permission.

Don’t friend people you don’t know

Having lots of friends is nice, but that friend could end up costing you. It might be someone pretending to know you, or a picture of a pretty girl to entice men (and vice versa). Once you friend them, they get access to everything your friends can see. In this case, it’s more than the risk of someone knowing your personal data, you’ve just given them intimate access to your life.

If it’s weird, forget it

It doesn’t happen very often, but hackers find ways to take advantage of flaws in Facebook. A common hack that keeps popping up in various forms is to embed malware in a link. The virus then infects your machine and contacts all your friends with an enticing message, like asking whether a picture is of them.

When they click to view the picture, the virus catches them and their friend list, and so on. Facebook is pretty good at staying on top of these flaws, but they need time to fix it. Just like if you got a weird email with an attachment from a friend, make sure that you use that same level of scrutiny in your Facebook and don’t open messages or links that seem out of place.

Need help securing your privacy? Call us on 01455 209505.

4 Reasons to use Anti Spam Filtering in your Business

Anti Spam for your emails

Remember when spam was obvious and it was easy to identify and ignore? Those were the days! The impact on your business would have been minimal, as spam was more an annoyance than anything else.

Spam has matured into an aggressive threat, marked by sophisticated attacks and rapidly evolving techniques. It’s not just random electronic junk mail anymore and it’s putting a costly strain on your business resources, as well as global resources as spam email accounted for a whopping 85% of all email in January 2018 (source: Cisco Talos).

Unfortunately built-in spam filtering from your server or security software may not be enough to fight the spam threat effectively.

How Spam Impacts Your Business

Spam now contains malware, with hackers sending cleverly disguised emails to your business. Once clicked by an employee, it infects your computer system (virus) or steals your private data (phishing) or even both. The malware can then spread across the entire computer network and beyond, including to your clients and vendors.

The very fact that your employees must pause and examine every single link and attachment adds hours of lost productivity and occasionally, spam is so convincing that only an expert would be able to visually identify it. Employees are also more likely to miss an important email, either not seeing it arrive at the same time as a spam attack or becoming overwhelmed with the sheer number of emails.

How Anti-Spam Filtering Can Save Your Business

1. Block threats:

The spam filter’s purpose is to block the spam from ever reaching your employees’ screens. The threat is automatically identified and either held securely or immediately deleted. This is the best way to avoid activating spam malware, as it’s so easy to click through links in an email that seems authentic and important. The effects of that one spam click may be instantaneous or may lie hidden for months. Removing the email before it becomes a risk is a much better option.

You should get a spam filtering solution that provides you with your own control panel, which allows you to identify any spam that gets through as well as being able to check for any false positives (although this should be minimal with a good filtering system).

2. Filter legitimate emails:

Real mail needs to be able to stand out and avoid the trash. Anti-spam filtering has sophisticated recognition abilities which block spam only and allow real mail to land safely in mailboxes.

3. Meet data regulations:

Many businesses are subject to strict privacy and data storage regulations, some more so than others. To continue operation, they have to meet conditions including always using spam filtering to reduce the risk of data breach.

4. Protect your business reputation:

You can see how uncomfortable CEOs are when they hold press conferences to admit a breach. They must acknowledge that they failed to protect client data, or that users may be infected with a virus. Not only do they then face financial loss, their business reputation takes a nosedive. Anti-spam filtering can help to prevent these types of scenarios from happening to you.

Filtering has come a long way in recent years, with complex algorithms identifying and catching spam before it becomes a risk to your business. Real emails can now pass safely through without the classic cry of ‘check the spam folder’, and businesses can work with greater productivity and safety than ever before.

You need email, but you definitely don’t need spam or the chaos it brings to your business.

We can block spam and keep your legitimate emails flowing. Call us on 01455 209505.

New Google Chrome Browser Scam

New Chrome browser Scam

A new scam targeting the popular Google Chrome browser has been reported, which attempts to panic users into calling a number and – you guessed it – providing a card number to pay to ‘fix’ the non-existent problem.

The way they do this is to display a fake error message in the Chrome browser: –

Fake Chrome Scam Security message

As well as displaying this message, they make the browser completely unusable by making Chrome download and save high numbers of files at so fast a pace, that the browser freezes.The notification that the downloads are happening can appear so fast and then disappear, so that users may not see it and be warned by it.

Chrome Scam downloads

Pretty soon, the computer processor and RAM resources gets used up, leading to the point that the whole computer is rendered useless, which adds to the panic.

The scammers hope that by the user panicking, the phone number is called.

This scam can be introduced onto systems through a website that has been hacked or by malicious advertisements.

What to do if you get this Scam message

In Windows, press the Control + Alt + Delete keys and select Task Manager – with the Chrome browser highlighted, click ‘End Task’. Then the usual virus/malware scanning should be done.

In MacOS, select ‘Force Quit’ by pressing Command + Option + Escape, to do the same.

So if you are unlucky enough to get caught in this scam, whatever you do, do not call the number. Close the browser and run thorough scans using a good security package.

If you need help, call us on 01455 209505.

Search Google More Safely

Search Google more safely

We all use Google, quickly finding everything we need on the Internet. It’s replaced dictionaries, encyclopedias, instruction manuals, newspapers and in many cases, even doctors (not such a good thing!).

However, sometimes your search results aren’t the real thing and can be downright malicious. For example, we regularly find that customers search for, say, a printer driver software update and they type in something like “XP442 printer driver” . A close look at some of the results shows things like ‘ ‘ or ‘ ‘ – not the manufacturers official website – so you may get a driver but you are very likely to get something unwanted too!

Here’s how to search more safely: –

Pay attention to the URL in Google

Below every result title there’s a URL (website address) in green. No matter what the title says, this URL is where your mouse click will take you. Unfortunately, cyber-criminals will often list their site with a familiar and trusted title but link you to their scam/malware pages.

Another example can be the title of your bank name (eg, Example Bank), which seems legitimate, but the URL could be which is obviously not your bank. Sometimes they’ll attempt to trick you by putting the real site into the link too, eg which makes it even more likely to catch you out when skimming through results quickly. When you visit the page, it might look exactly like your bank’s site and ask for your login details, which are then harvested for attack.

Whilst jibberish in the link is pretty easy to spot, sometimes they’ll take advantage of a small typo that you can easily miss. For example, (missing the letter L).

Notice Google search results v paid adverts

Google does a pretty good job at making sure the most relevant and legitimate sites are at the top of the list, however paid adverts will usually appear above them. Much of the time, these paid ads are also legitimate (and you can quickly check the URL to verify), but occasionally cybercriminals are able to promote their malicious site to the top and catch thousands of victims before being removed.

Similarly, well known businesses can pay for adverts, even though much of their software is classed as ‘Potentially Unwanted Programs’ and technicians remove them from computers every day.

Believe Google’s malicious site alerts

Sometimes Google knows when something is wrong with a website. It could be a legitimate site that was recently hacked, a security setting that’s malfunctioned, or the site was reported to them as compromised.

When this happens, Google stops you clicking through with a message saying “this website may be harmful” or “this site may harm your computer”. Stop immediately, and trust that Google has detected something you don’t want in your house.

Turn on Safe Search

You can filter out explicit search results by turning on Google Safe Search. Whilst not strictly a cyber-security issue, it can still provide a safer Google experience. Safe Search is normally suggested as a way to protect browsing children, but it also helps adults who aren’t interested in having their search results cluttered with inappropriate links, many of which lead to high-risk sites.

Switch Safe Search on/off by clicking Settings > Search Settings > Safe Search.

These are just a few tips to make your searching safer, but the most important is you – never take your internet security for granted and always be cautious when using any search engine, as they can only display what they find out there on the internet – good and bad.

Need some help securing your system? Give us a call on 01455 209505.

How to tell if your Computer has a Virus

How to tell if your computer has a virus

Sometimes computers do strange things that ring alarm bells and the next thing is that you’re running virus scans and demanding everyone come clean about their browsing habits. Fortunately, not all weird occurrences are caused by viruses – sometimes your computer is simply overloaded, overheating or in desperate need of a reboot.

Here are some tell-tale signs of a malware attack:-

1. Bizarre error messages

Look for messages popping up from nowhere that make no sense, are poorly worded or plain gibberish – especially if they’re about a program you don’t even have. Take note of anti-virus warnings too, check the warning is from YOUR anti-virus software and also that it looks like it should.

If a message pops up that isn’t quite right, don’t click. Not even to clear or cancel the message. Close the browser or shut down the computer instead, then run a full scan.

2. Suddenly deactivated anti-virus/malware protection

Certain viruses are programmed to take out the antivirus/antimalware security systems first, leaving you open to infection (this is why we advise our customers to always have all the system tray icons visible on the taskbar, on the bottom right-hand side). If you reboot and your protections aren’t back doing their job, you may be under attack. Attempt to start the anti-virus manually.

3. Social media messages you didn’t send

Are your friends replying to messages you never wrote? Your login details might have been hacked and your friends are now being tricked into giving up personal information or worse. Change your password immediately, and advise your friends of the hack.

4. Web browser acting up

Perhaps you’ve noticed your homepage has changed, it’s using an odd search engine or opening/redirecting to unwanted sites. If your browser has gone rogue, it could be a virus or malware, usually one intended to steal your personal or financial details.

Skip the online banking and email until your scans come up clear and everything is working normally again.

5. Sluggish performance

If your computer speed has dropped, boot up takes longer and even moving the mouse has become a chore, it’s a sign that something is wrong – but not necessarily a virus. Run your anti-virus scan and if that resolves it, great. If not, your computer possibly needs a tune-up or quickie repair.

6. Constant computer activity

You’re off the computer but the hard drive is going, the fans are whirring, and the network lights are constantly flashing? Viruses and malware use your computer resources, sometimes even more than you do. Take note now of what’s normal, and what’s not.

Got a virus? Give us a call at 01455 209505.

CCleaner program hacked

Popular Ccleaner program hacked


Many people use the free CCleaner program which is used for computer maintenance and file cleanup and it is so popular that millions of downloads take place very week.

Unfortunately Piriform, the company which makes the program, has announced that one of the program versions downloaded by millions of users over a four-week period, had been hacked and has been used to install what is called a ‘back-door Trojan’ virus on people’s systems.

The versions which are affected are CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows – which were downloadable between 15th August and 22nd September.

The hack allowed the program to cause the download of further unwanted software, possibly including keyloggers and ransomware and initial investigations show that that the program was hacked at the company, before being released to the public using their normal download servers.

Information relating to the infected computer may also have been sent to the hackers servers during this period.

CCleaner users with the above versions should immediately uninstall the program and download the latest version as soon as possible. Although the company states that only the above versions are affected, we recommend uninstalling any version downloaded between those dates before reinstalling, just in case investigations later show that more versions were affected.

We also recommend that if you have the one of the versions mentioned above, you should take the usual common sense precautions such as full scanning of your computer with a good security product, as well as keeping an eye on your bank statements, etc.

This incident is not only potentially serious for users it is also embarrassing for the parent company that now owns Piriform – the antivirus security company Avast. Although further investigations are taking place to find out how this happened, many people may now lose confidence in the CCleaner product.

NHS Cyber Attack – how to build up your protection

Malware terms

Here is some more information about the NHS cyber-attack that started on Friday.

The Ransomware variant is called WanCrypt0r and 81,000 infections were reported in the first 12 hours. It has not only targeted the NHS but has also gone for Banks, Telecoms and Utilities worldwide.

It has been established that the criminals are exploiting a known vulnerability in Windows (MS17-010)  which has already been patched, but those computers which do not have up to date Windows Updates are still vulnerable.

We have warned customers before about the Ransomware threat and the extent of this attack means that we should all consider increasing our defences, especially businesses but also homes, as Ransomware can be spread via emails.

As there is no way to guarantee 100% protection against threats, we have to make it as difficult as possible for the threat to take hold and how much you decide to do depends on the level of risk you wish to take.

1. Ensure that Windows Updates is kept up to date

Windows Updates contain security fixes (amongst other things) and computers that have not been kept up to date are vulnerable, as in the case in this attack. Admittedly Windows 10 gives you little choice when it comes to Updates (you have to have them) but if you are using any previous version of Windows – make sure that Updates are kept up to date.

If you are still using Windows XP or Vista, you shouldn’t be. These versions of Windows no longer get Windows Updates.

Microsoft have now issued a patch for XP and Vista. Go to this web page to download the patch if you are still using XP and Vista (demand is high so it may take more than one try). Please note – this patches this vulnerability only so you should still move away from these unsupported operating systems.

2. Make sure that you have a good antivirus product that is kept up to date

Good security products give a better degree of protection but they have to be kept up to date, with active subscriptions. Free antivirus is better than nothing but does not give protection that is as comprehensive as paid versions.

3.    Install extra protection.

Usually, you should not have more than one security product installed on your computer at any one time, but there is a product called Malwarebytes, which can be installed as well as your existing antivirus. This increases your protection especially from Ransomware, if you install the premium version.

4.    Consider your backup situation

If a computer is infected, the virus goes across a network and it is possible that any connected storage will also get infected – this includes cloud storage such as Dropbox. Having said that, Dropbox state that within 30 days of the event they can restore your files (here) and you can subscribe to extend the 30 days to 1 year if you choose. If you are using any other Cloud storage, check with them to see if they have a similar service.

It is vital that your important files are backed up and a copy kept separate from your computer. In the event of an infection, you can at least relax a little that your important data has not been encrypted.

5.    Consider downtime – system backups

When a computer has Ransomware, if you have backups of important files you will not need to pay the criminals. It is likely that the computer will need to be wiped clean and Windows reinstalled, which takes time.

There is software available that can take a copy of your whole computer, which could be used to reinstall the whole system in much less time than a full reinstall. A copy once every 2 or 3 months would allow you to get back up and running in much less time.

As mentioned earlier, many viruses are spread through emails, so never click on links in emails and do not open attachments unless you know that they are genuine emails – if in doubt call the sender.

If you would like help with any of the above, give us a call on 01455 209505.

Mac Computers and Viruses – Truth versus Myth

Compromised app containing a virus

We have lost count of the number of times that we’ve heard the phrase “Macs don’t get viruses” or “I’ve never had protection on my Mac”. Whilst this may have been true in the past it isn’t as cut and dried today and the Mac OSX operating system actually can be vulnerable, so protection is worth seriously considering especially in a work or business situation.

More difficult to exploit

The Mac is based on the UNIX operating system (as is Linux) which is more difficult to exploit as it is built on a sandbox-type principle, where malicious code cannot usually get as far as it might get in a non-UNIX based system.  Also, Apple has built in a certain degree of malware prevention in the Mac, for example their ‘Gatekeeper’ software actually blocks apps that have been downloaded from the internet (i.e. anywhere other than the Apple Store) that do not have a Developer ID supplied by Apple certifying that they are safe to use.

Unfortunately, in spite of this robustness the Mac is now becoming a victim of its own success because its increasing popularity means that cybercriminals are paying more attention to it – and finding ways of making money from you even if you are a Mac user. It’s not just that popularity – Macs are usually much more expensive to buy, so the cybercriminals may believe that Mac users are attractive targets.

Not impossible to exploit

For example, a popular Mac DVD-ripping and Video Conversion app called ‘Handbrake’ was recently compromised, by criminals hacking the software company download server and inserting malicious code into the app download. When this download was installed on a Mac, it also installed a ‘backdoor’ (a means of bypassing security). The user then was asked for their administrator password, which was passed over the internet in plain text so that the criminals could access any part of the system from that point.

By successfully avoiding having to use the ‘direct attack’ approach, this allowed important information such as password keychains and browser data to be extracted and passed to the crooks.

This compromise has now been corrected and the infected code was from a download between 2nd and 6th May 2017. If you have installed Handbrake version 1.0.7, check the SHA1 checksum of the file by opening a Terminal, typing in shasum and dragging the installation file into the Terminal Window.

If the checksum is 0935a43ca90c6c419a49e4f8f1d75e68cd70b274 then the file is malicious.

To disinfect it remove the Launch Agent plist file fr.handbrake.activity_agent.plist, and the file located in ~/Library/RenderFiles/. Reboot then change your passwords.

In the past year or so a Ransomware-type malware was discovered for the Mac, so this isn’t the first time that there has been a potential issue.

Even though the Mac is more robust and secure than its main competitor, it is by no means invulnerable to malicious code and it is a risk to think otherwise. You may feel that the risk is small enough to continue to use your Mac as you always have, but at least consider the pros and cons first – as well as being very careful about where you get your apps from.

If you would like help in securing your Mac, give us a call on 01455 209505.