Free pirated software is expensive

Millions of users, instead of checking out the latest movie listings, were greeted with a warning from Google upon visiting Kickass Torrents. Photo: KAT.cr

Cutting costs using pirated software can quickly become stressful, expensive and time consuming.

Since pirating websites aren’t strongly policed it’s easy for cyber criminals to infect a program with malware, which can then spread to thousands of users.

Google often flags these websites and warns you if there is a high chance of stumbling across malware.

Google’s Safe Browsing page again includes an advisory to avoid Kickass Torrents. The free movies just aren’t worth a potential computer infection. Photo: Google

Beware of the .exe extension

Cybercriminals will often try to prey on your inattention and carelessness. One of the simpler methods they use is by making the name of an executable malware seem like a different program.

For instance, they might name it something like: VID004.mpeg.exe or Job Position.docx.exe.

If you are in a rush and just glance over the first few words and then click it, you will accidentally execute the malware and infect your computer.

Dangerous File Extensions

The easiest way to identify whether a file is dangerous is by its file extension, which tells you the type of file it is. For example, a file with the .exe file extension is a Windows program and should not be opened. Many email services will block such attachments.

However, .exe isn’t the only type of dangerous file extension. Other potentially dangerous file extensions that can run code include: .msi, .bat, .com, .cmd, .hta, .scr, .pif, .reg, .js, .vbs, .wsf, .cpl, .jar and more. This is not an exhaustive list — there are many different file extensions in Windows that will run code on your computer when executed.

Office files with macros are also potentially dangerous. If an Office document extension ends with an m, it can — and probably does — contain macros. For example, .docx, .xlsx, and .pptx should be safe, while .docm, .xlsm, and .pptm can contain macros and can be harmful. Of course, some businesses use macro-enabled documents. You’ll have to exercise your own judgment.

In general, you should only open files with attachments that you know are safe. For example, .jpg and .png are image files and should be safe. .pdf, .docx, .xlsx, and .pptx are document files and should also be safe — although it’s important to have the latest security patches so malicious types of these files can’t infect you via security holes in Adobe Reader or Microsoft Office.

Equifax isn’t calling | Consumer Information

by Lisa Weintraub Schifferle

Ring, ring. “This is Equifax calling to verify your account information.” Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue.

That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal information. Here are some tips for recognizing and preventing phone scams and imposter scams:

  • Don’t give personal information. Don’t provide any personal or financial information unless you’ve initiated the call and it’s to a phone number you know is correct.
  • Don’t trust caller ID. Scammers can spoof their numbers so it looks like they are calling from a particular company, even when they’re not.
  • If you get a robocall, hang up. Don’t press 1 to speak to a live operator or any other key to take your number off the list. If you respond by pressing any number, it will probably just lead to more robocalls.

If you’ve already received a call that you think is fake, report it to the FTC.

If you gave your personal information to an imposter, it’s time to change any compromised passwords, account numbers or security questions. And if you’re concerned about identity theft, visit IdentityTheft.gov to learn how you can protect yourself.

Source

Avoid hurricane clean-up scams | Consumer Information

by Colleen Tressler

After natural disasters like Hurricanes Irma and Harvey, unlicensed contractors and scammers often come into the affected area promising immediate clean-up and debris removal. Some demand payment up-front for work they never do. Others simply lack the skills, licenses, and insurance to legally do the work.

Here are some tips to protect yourself, your property, and your money:

  • Check with local consumer protection officials to find out whether tree and debris removal contractors need to be licensed in your area. If so, check out the license for the contractor you’re considering. Never sign any document or pay any contractor before verifying their license.
  • Ask contractors for references and, if possible, call previous clients. Talk with your neighbors about what they’re paying for similar work.
  • Write down the contractor’s driver’s license and vehicle information (make, model, and license plate number) in case you need to report the contractor to authorities.
  • Ask a contractor to give you their license and certificate of insurance once they are on your property. If a contractor tells you certain work is covered by your insurance, call your insurance company to confirm.
  • Get a written estimate and sign a written contract. Make sure it includes a description of the work, the materials included, when the work will be finished, the price, and the address and phone number of the contractor. Read all contracts and make sure all the blanks are filled in before you sign.
  • Pay with a credit card or check so you can dispute charge or cancel the payment if there are problems later. Be wary of contractors who ask you to pay them in cash – even for a deposit. Negotiate a reasonable down payment, and only pay in full when the work is done to your satisfaction.
  • Trust your gut. If you have any doubts about hiring someone, take your business elsewhere.
  • If you have second thoughts about the contractor you hired, you have the right to cancel a contract within three days if you signed it in your home or at a seller’s temporary location, like a hotel room, convention center, or restaurant.

Source

The Equifax Data Breach: What to Do

by Seena Gressin

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com.

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until November 21, 2017 to enroll.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Source

Getting in control of your security

From our experience, there are two general types of approaches when it comes to cyber security: reactive and proactive.

Having a reactive attitude entails only doing X because Y happened. This is often the case with people who get hacked, who lose their data to ransomware, who have their bank accounts plundered, etc.

They don’t think it’ll happen to them, so they ignore the issue until they become a victim. It’s a lesson learnt the hard way, which can have deeper consequences than just losing a few gigs of data.

In their case, cyber attackers make the rules.

Being proactive about your Internet security comes with many benefits:

  • it puts you in control
  • it helps you build your safety to prevent attacks
  • it shapes your mindset to plan ahead (which can also benefit other areas of your life)
  • it enables you to learn new concepts, which you can then teach your family and friends about.

It’s time you made your own decisions, don’t you think so? 

Traveling abroad? Be prepared to face these card issues

Before traveling, have you ever asked yourself what you should do if your card ends up stolen, damaged or lost?

And what if your bank doesn’t acknowledge that you left the country and may consider that your financial account is in danger and they block your card?

These scenarios can happen to anyone of us, so you need to be prepared.

Here a few starting points:

  • Contact the bank before leaving. Inform them of where you’re going, what countries you’ll be visiting and for how long.

  • Keep their phone number at hand, in order to contact them immediately in case anything happens.

  • Always have some cash with you. You never know when you might need it.

Internet Safety for Kids in 10 Steps

These 10 actionable tips will improve the Internet safety for your kids and we recommend that you follow them now.

1. Make sure to always have access to your child’s computer.

It doesn’t mean that you need to verify every day what happens on the computer. But once in a few weeks, you can take a look on what websites have been accessed or what kind of content has been downloaded on the system. If you have the possibility, monitor the chat rooms, the IM applications and the received e-mails.

2. Teach your children about online dangers.

Learning is not a destination, it is a process. In a changing environment we need to establish fast the limits of our liberty to access unfiltered content and the potential dangerous phishing attempts that could pose a threat to our families.

3. Let them teach you. Or simply listen to them.

Staying online is a risky business and we cannot really predict where a discussion or comment will take us or what type of people we may encounter on a social media platform.

4. Online actions have real consequences.

It is difficult to understand for a child that Internet is a dangerous location. How could anyone explain a child what a sexual offender is, when they didn’t even start their sexual education?

5. Install a good antivirus product on the computer.

Are your children using a separate computer from you? Are you using the same computer? It doesn’t really matter. Security is security and each computer should be protected from online threats and malicious software.

6. Use parental control software to monitor your child’s online behavior.

Software companies have already considered the possible issues that could appear from kids’ unrestricted access to online content. For this reason, we find many parental control solutions that address and try to limit this problem.

7. Keep your child’s software up-to-date.

Make sure the Windows operating system used by your child has all the latest security patches installed. These updates are important because they contain stability and security fixes that shield the system against cyber-criminals attempts.

8. Don’t let them go online without anti-spyware protection.

Spyware is a software program that monitors your private Internet connections. But, as everybody knows there are many signs of alarm that could indicate such an infection on the system.

9. Secure your Home Wireless network.

The home Wi-Fi network is usually accessed only by members of the same household, but that doesn’t mean that dangers don’t exist and additional steps should not be followed to increase the home network security level.

10. Pay attention to WiFi networks outside your home.

Your children may be safe at home, but with so many Wi-Fi public networks they connect to, how can we be sure they will remain safe?

What’s the future of cyber security?

People ask us all the time: what will the future of cyber security bring?

The truth is, I have no clue. I’m not an oracle, I can’t predict the future. Nobody does, nobody knows what will happen.

What we can do instead is focus on the fundamentals.

Here’s what will never change:

  • It’s wise to have multiple layers of cyber security. Just like a fortress, you need to protect the valuable core with as many walls as possible. In case one of them falls, you’ll have others standing in place.
  • Always expect the best but prepare for the worst. Have backups. Yes, backups, in plural. This way, even if something bad happens, you won’t lose any important data.

Hurricane Harvey Scams: Callers lie about flood insurance

 

by Colleen Tressler

One thing we’ve learned at the Federal Trade Commission (FTC) is that scams often follow the news – especially when there’s a natural disaster, like Hurricane Harvey, in the headlines. Case in point: Colleagues at the Federal Emergency Management Agency (FEMA) tell us homeowners and renters are getting robocalls telling them their flood premiums are past due. In order to have coverage for Hurricane Harvey, consumers are told they need to submit a payment immediately. Don’t do it. Instead, contact your insurance agent. The agent who handles your homeowners or renters insurance policy could be the same agent who handles your flood insurance policy. If your agent can’t help you, contact your insurance company. If you have a policy with the National Flood Insurance Program (NFIP Direct), call 1-800-638-6620.

If you suspect fraud, call the FEMA Disaster Fraud Hotline toll free at 1-866-720-5721. Also report it to the FTC. Your reports help the FTC and other law enforcement agencies bring scam artists to justice and put an end to unfair and misleading business practices.

Source