Categories Menu

Posted on Aug 17, 2014 in Newsletter, Welcome | 0 comments

TWT Newsletter NG – Issue 15 – Avoiding phishing fraud, vulnerable antiviruses

Click here to go back to the back issues page or click here if you want to subscribe.

Top Windows Tutorials
TWT Newsletter NG – Issue 15

Welcome to the August 2014 TWT Newsletter

It has been the best summer here in the UK in recent memory and still shows no sign of letting up, so this month’s newsletter is going to be cut short so we can enjoy the sunshine. No, just kidding, we’re here again with a great feature packed newsletter to help you get more from your Windows PC!

Important! A number of our subscribers have had difficulty receiving our newsletter. At Top-Windows-Tutorials.com we never send out unsolicited e-mails. To make sure your TWT newsletter reaches your inbox, please add topwindo@top-windows-tutorials.com to your contacts, buddy list or white list.

In  this months issue:-

What’s new at Top-Windows-Tutorials.com
Phishing fraud is on the increase – Here’s what you need to know
Tip of the Month – Poor WiFi reception? Try rotating your router!
Free Utility of the Month –
7-Zip
Windows Store App of the Month –
InstaPic
Software vulnerabilities in… Antivirus software?

 

What’s new at Top-Windows-Tutorials.com?

One new tutorial this month along with a whole series of updates for our Google Picasa tutorials.

 

picture Google Picasa tutorials updated

Are you having a scorching summer? Have you taken lots of photos with your digital camera or smartphone? If so, it’s a great idea to download the photos to your PC to sort through them, edit and enhance them and then share them easily on all your favourite social networks. One great tool for doing this is Google Picasa. With our newly updated Google Picasa tutorials, it’s now easier than ever to work with this program. Click here to read more about the updated tutorials.

 

picture Configuring the Keyboard

There are a number of settings you can change in Windows to help make the keyboard and text entry easier for you. In this video tutorial we’ll take a look at how to access these options and demonstrate how they affect text entry. Click here to see more.

 

Phishing fraud is on the increase – Here’s what you need to know

Top-Windows-Tutorials.com brings you plenty of tips for keeping your PC secure and while PC security is still a big issue, improvements in Windows Vista, 7 and 8 have made it much harder for criminals to infect your PC with malware. Because of this, we’ve seen a big switch to other types of fraud that try and trick or coerce users or even employees of companies themselves into handing over security details. That way, it won’t matter what kind of security software you have installed, since you’ve willingly handed over the keys to your digital castle anyway. This kind of scam is often called “Phishing” and there are several ways the criminals try to get you hooked.

Fake e-mails – This is one of the oldest and most widely used. You get an e-mail in your inbox telling you that there is a problem with your account and you should click the provided link to verify your details. Phishing e-mails vary from those that are laughably poor, with obvious grammar and spelling mistakes, to the highly sophisticated. Here are some examples of Phishing e-mails we’ve received.

– An e-mail telling you your Paypal account is blocked and additional security information is required to unblock it.

– E-mails purporting to be from various banks asking you to either fill in an attached PDF document or follow a link to log into your account.

– E-mails purporting to be from eBay offering a second chance offer on goods that you bid on if you click the given link. These often come from hacked eBay seller accounts and can be quite convincing.

– E-mails from dating sites pretending to be from other members wanting a date.

How can you protect yourself?

Assume all e-mail is fake, don’t follow links given in e-mails. If you need to check something out, ignore the e-mail link and log on manually through the web instead.

Don’t be tempted to “goad” the criminals. For example, don’t follow the links they give to the fake websites and then enter abusive comments. While this might seem like a good way to let the fraudsters know what you think of their despicable activities, the website they linked you to could be infected with auto-installing malware that could compromise your computer.

If your bank wants to communicate by e-mail, refuse to do so. Tell them you don’t consider e-mail a secure means of communication (because, without additional software such as PGP, it isn’t). Never send important details such as credit/debit card information by e-mail.

A call from Windows technical support

We’ve covered this one in previous newsletters, but it doesn’t seem to go away. Out of the blue you receive a cold-call from someone claiming to be from Microsoft, or a PC repair company and they will tell you they have detected viruses on your PC and offer to fix it for you. If you keep the fraudster on the line they will eventually redirect you to a website where they can get remote access to your computer and pretend to fix it for you.

How can you protect yourself?

This one is easy, if you get one of these calls, there is absolutely zero chance it is legitimate. Simply tell the caller to go away as you’re not falling for that one. Tell all your friends and family that this is always a fraudster, Microsoft will never cold call you.

Be aware that there is a small delay between hanging up your telephone and the line becoming free again. Some more sophisticated scams tell the callers to ring back on an official Microsoft number. The fraudster then simulates a dialling tone without actually hanging up the phone on his end, meaning the number the victim dials never actually gets through. If you’re ever asked to hang up and redial a number, hang up then wait at least 20 minutes before redialling.

Fraud on IM or gaming services

This one is particularly nefarious as it often targets children. The fraud goes like this. A fraudster will attempt to gather as much information on the victim as possible, usually from public profiles, before setting up an official sounding account on the game or IM service in question. For instance, if the victim is using the Steam gaming service, the fraudster may try to register an account under a name such as steam_support_1234 for instance. Having got this account, the victim is then messaged by the fraudster, who attempts to convince the victim that they are an official member of staff and that they need to hand over their credentials for one reason or another.

How can you protect yourself?

Support staff will NEVER ask you for your password, if someone does, you know it is a fraud. Report the account immediately to the real staff who are running the gaming/IM service you’re using. Teach your children this simple fact too so they don’t fall victim.

Use common sense and keep your wits about you while you work and play online and you will be safe from these kinds of common fraud. The best defence against these scams is awareness, so remember to warn your friends and family. Finally, remember the old saying “if it sounds too good to be true, it’s too good to be true”. When you get an e-mail claiming that 10 million dollars is yours if you just reply with your bank details, it’s going to be another scam. Unless of course you really do have a rich second uncle twice removed in Nigeria who just passed away. (Even if you do, I’d still advise caution, maybe he left it all to the Nigerian cat protection society instead).

 

Tip of the Month – Poor WiFi reception? Try rotating your router!

No, this isn’t a super late April fools joke! If you find that your laptop is just that tiny bit out of range while you’re sitting outside this summer, it may be enough just to rotate your router or wireless access point 45 degrees in one direction, even if you don’t actually bring the two any closer together. There is some science behind this, to do with how radio signals propagate and how antennas pick up signals, so we swear we’re not just making this up. Give it a try anyway, what do you have to lose?

 

Free Utility of the Month – 7-Zip

Since the dawn of the internet, people have needed to move files between computers. If you have a bunch of files that you need to move quickly and efficiently, the best thing to do is archive them. One way you can do this is by using Zip. Another way is by using Rar, 7zip or a myriad of other formats. Luckily, there’s one free program that can handle them all. 7-Zip can pack and unpack archives in a huge range of formats, meaning that old patch file or 7zip archive from your geeky nephew won’t be a problem any more.

You can download 7-zip here. You can also find some useful tutorials for it here.

 

Windows Store App of the Month – InstaPic

Instagram is a popular photo sharing service that’s heavily optimised for mobile phones and devices. Similar to Flickr or Photobucket, the service allows users to instantly upload photos they want to share with their friends and family.

While there’s no official client for Windows just yet, InstaPic does a fantastic job of filling this gap for Windows 8 users, allowing you to easily and comfortably browse your own photostream and your friends too. You can upload photos from your PC, apply simple image enhancements and also share them on Facebook and Twitter. If you love Instagram or just have friends on there you want to follow, this is a great app to download and best of all it’s free too! Download it here.

 

Software vulnerabilities in… Antivirus software?

In the world of IT, one story that broke last month particularly caught our eye.Security research firm COSEINC decided to perform a security audit on various antivirus software. Now, this is different from the usual tests that are done on antivirus packages that simply test how many malware samples they found. This test instead researched if there were any vulnerabilities in the antivirus software itself. For instance, could a hacker use a bug or programming error in the antivirus suite to launch an attack against your computer.

Shockingly, 14 out of the 17 products tested had such vulnerabilities. This is alarming but hardly surprising. Antivirus software needs to work at a very low level in order to tackle the more sophisticated malware that exists today. The more complex and sophisticated software gets, the more potential there is for errors and bugs, which sometimes result in software that can be exploited. Nevertheless, reading the slides from security researcher Joxean Koret, he makes some pretty damning complaints against major vendors such as AVG, Kaspersky and Bitdefender (whose products we’ve recommended on Top-Windows-Tutorials). We can only hope this report serves as a wake up call to the AV industry and they start adopting better practises while testing their software.

Koret had few good words to say about any of the antivirus packages he tested, but seemed least unimpressed with Avast. This vendor runs a bug bounty program. This encourages skilled security researches to test the program for vulnerabilities and then report them. Any that are confirmed are then fixed and a special bounty is paid to the researcher who found them. This is an excellent way to encourage IT professionals to test your software and find and fix bugs, so well done to Avast for running this program.

Does this report mean you should uninstall your antivirus software? That’s actually a difficult question to answer. Installing antivirus suite may actually make you an easier target for a determined hacker, but most threats home users face on line aren’t targeted at them specifically. In other words, you’re more likely to encounter some malware designed to blanket infect as many systems as possible than you are to be singled out by an evil adversarial hacker. Now that the lack of proper security testing and auditing is out in the open, hopefully customers and reviewers will start to pressure antivirus vendors to take this more seriously. If one security researcher can uncover so many bugs and issues with these products, why isn’t better quality control and auditing being done by the vendors themselves?

The original slides from Joxean Koret’s presentation can be found here. The language used is very technical, but you may wish to click and see if your antivirus product came under fire!

That concludes our newsletter for August. On behalf of the team here at TWT, I’d like to say thank you to all our readers, new and old for your continued support. The TWT Newsletter will return on the 10th September 2014 and will bring you more tips, tricks and techniques to help you get the best out of your PC, be it Windows Vista, Windows 7 or Windows 8. We hope that you found this newsletter informative and useful. If you did not then please let us know why, you can contact us by visiting this page. If you have enjoyed this newsletter, feel free to pass it on to all your friends and family, or better still encourage them to sign up for their own copy. Until next month, keep checking Top-Windows-Tutorials.com and enjoy happy, safe and stress-free computing!

 

Post a Reply

Your email address will not be published. Required fields are marked *

Advertisment ad adsense adlogger