You may have heard of, or experienced, browser jacking malware. You're trying to visit a website, and your browser goes crazy with pop-ups warning of an infection. It may even flash colors and make alert noises. Older versions of this form of malware included a "link to support," a malicious website that would download additional malware to your computer or direct you to call a suspicious number.
These types of attacks have become a new version of "crime for sale." These pre-written programs would-be criminals purchase and use for their own gain. They contain a spot in the code for them to insert their own phone number. They plant the program on the web, and when your computer runs into it, up pops all the old warnings, and now it includes a phone number right there to directly call this particular criminal.
Once you do, the scam can proceed in a few different ways. First, the number itself can be the scam, racking up huge phone charges. Or, there will be a criminal or even a call center of criminals waiting to talk you into handing over access to your computer and credit card information.
The only good thing about this form of attack is that usually, the initial pop-up isn't causing any lasting harm to the computer. Close the browser (use task manager if the browser doesn't want to close by the usual method.). Once the browser is closed, try reopening it, you should be able to visit sites normally again. As an additional precaution, before resuming your regular browsing activity, clear the cache and cookies on your browser. It certainly wouldn't hurt to take this as an opportunity to run a full virus scan on your computer too.
So don't panic if you get one of those urgent infected pop-ups, and never click any links or call any numbers from them. Reach out to Vsquared for help with suspicious pop-ups, emails, or any computer issue, we're here to help!
It can be difficult for a business to make the jump from one operating system to another. Businesses tend to have a large number of devices compared to home users. The software cost is higher, more testing needs to be done to make sure important software and hardware is still supported, more time and effort is involved in the upgrade, and there’s more users to train. All of these have a big impact on production and budgets. In general, as long as the operating system is still being updated and supported, it’s acceptable and logical for a business to take its time in making the transition, often only upgrading a few machines at a time, after substantial testing has been done.
Unfortunately, even though Windows 7 and 8.1 are still being supported and updated by Microsoft, they’re no longer a secure option. Part of the reason the WannaCry/ NotPetra ransomware spread so quickly was due to a security issue in the Windows operating system. Windows 10 had received a patch several months prior to the attack that protected it. But Windows 7 didn’t receive the patch automatically, and was left vulnerable. Now, Microsoft is fixing issues in Windows 10 on a regular basis, but not pushing the same fixes to Windows 7 & 8.1, or pushing them much later. When Microsoft only patches one of the three, the bad guys are able to compare the code for both versions. They can backtrack their way to the weakness in the older version.
Even though the Windows 7 and 8.1 versions are technically still supported by Microsoft, they’re not receiving the same care and attention as Windows 10, and they’re just not as secure as Windows 10. Moving to a new operating system is a big step, but it’s definitely time.
Once obscure, ransomware now keeps small business owners up at night. The worry is “when” it will strike, rather than “if.” Protecting against these sophisticated malware attacks can seem a daunting task. But don’t give up hope, there are several simple steps you can take to defend your business’ sensitive information.
1) “Think Before You Click.” Most ransomware infections occur from clicking a malicious email link or opening an infected email attachment. Unlike the crudely designed spam of a few years ago, ransomware can come in well-designed emails, crafted to be difficult to separate from genuine sources. Don’t open email attachments you weren’t expecting. If you’re ever in doubt as to a link’s safety, open your web browser and directly type the address, to ensure you get to the right place.
2) Yes, you still need antivirus. It’s important to keep antivirus protection installed and up-to-date. Modern A/V programs include browser monitoring and mail scanning features, for additional layers of protection.
3) Backup, Backup, Backup. You need two types of backup, a cloud backup and a physical backup stored off-site. Many computers don't ship with recovery disks these days. If you don't have one, create one today and keep it in a safe place. Use a backup program to create an image backup. Update the image backup at least monthly. Having an image backup will let you fully restore your system in the event of a ransomware attack.
4) Update! Many of the recent Wannacry infections could have been prevented had the computers been fully up to date. It's easiest to allow your programs and apps to update automatically. If you don't want to do that, schedule time each week to run updates manually.
If you do get infected, don’t panic!
First, disconnect your computer from the internet.
If you have your image backup, you can restore the system and disregard any ransom demands. It’s never recommended to pay the ransom demands because:
1) Some versions of ransomware cannot be decrypted even by the creator of the ransomware
2) By giving in to their demands you’re confirming to them that ransomware works.
Many of the common ransomware strains have decoders available now to help recover your files. Visit www.nomoreransom.org for more information and for further help recovering encrypted files.
This year, authorities warn of a massive wave of W-2 tax form phishing scams. Cyber criminals are sending "spoofed" emails that look like they come from the CEO or another C-level executive and ask for a PDF with the W-2 tax information of all employees. The W-2's have all the information needed to file fraudulent tax returns and steal anyone's identity.
Here are five steps to prevent an incredible amount of hassle and possible damage:
1. If you receive any email requesting any kind of W-2 tax information, pick up the phone and verify that request before you email anything to anybody.
2. File your taxes at the state and federal level as quickly as you can, or file for an October 16 extension early, before the bad guys can file a bogus claim.
3. Consider filing form 14039 and request an IP PIN from the government. Form 14039 requires you to state you believe you are likely to be a victim of identity fraud. Even if cyber criminals haven’t tried to file a bogus tax return in your name, virtually every American's data has been stolen which can lead to stolen identities.
4. Every 4 months, get a free once-a-year credit report from the three major credit bureaus. Get them on your calendar (cycle through them) and dispute any unauthorized activity.
5. Place a "security freeze" or "credit freeze" on your files with all three credit bureaus. This can prevent ID thieves from assuming your identity and opening a line of credit in your name.
Many of these W-2 phishing scams originate from the same part of Nigeria as the “Nigerian Prince” email scam. Even data security firms have fallen victim to these phishing schemes. It only takes one click, or one instance of forwarding secured information without verifying the recipient. You can read more about the IRS’s warnings regarding w-2 fraud here - https://www.irs.gov/newsroom/dont-take-the-bait-step-6-watch-out-for-the-w-2-email-scam
You may not give much thought to your business email address. You check your email as it comes in, respond when you can, and for many of us, watch the unread count tick ever higher. But little thought goes into the mechanics behind the email account. Many small businesses start out with a very basic email account. Maybe you switch from using your personal email account to creating a free account using your new business name – like email@example.com or @gmail.com. It’s free, fast, and easy, so why not?
Several reasons. That “free” email account has some big hidden drawbacks.
The biggest is professionalism. Having a what’s called a “domain-based” email account can instantly make your business seem more professional, established, and even larger than it really is. Not having a domain-based email account makes you look much smaller, and less professional. Which looks better – firstname.lastname@example.org or Vera@V2ITandDesign.com? Your customers form an opinion of you based on your web presence. Having a professional website and domain based email makes a stronger first impression. It shows that you’ve put time and effort into establishing your company, giving you more credibility. You could lose 00s of dollars in sales because your company isn’t viewed as trustworthy or professional.
Another big concern is security. Not all free email providers are created equal. I’ve yet to hear of any Gmail-based account breaches, but many other providers have. Yahoo has had multiple large account breaches in the past few years. I recommend moving away from their email service as fast as possible. A security breach can lead to the exposure of sensitive business information. Such breaches carry an immense cost in damages.
Performance is another key issue. Many free email accounts lack robust email handling tools and features. They are often hosted on poorly performing servers. Using an email client (a program that manages your email and calendar, such as Outlook) is one solution. Keep in mind, the most top-performing email clients aren’t free, and can have issues syncing fully with Gmail. Wasted time spent trying to manually manage email is wasted money. Not having a solid email managing plan in place can cost 0s of dollars a week, per employee. Not to mention the risk of losing emails that aren’t archived.
So, what can you do, to present a professional appearance and maintain a secure email account? It’s easier than you may think.
Purchase a domain name, if you don’t have one already.
Choose an email hosting solution
Move your address book and calendar data to the new account.
Share your new email address!
What email challenges has your company faced? Tell us in the comments below:
Windows 7 fixed so many of the issues I had with Windows Vista, it was my favorite Windows operating system since Windows 2000. It worked smoothly, had some great shortcuts, and managed a lot of the admin settings in the background, making it very stable and easy to work with. It had its quirks, but overall it was solid and most businesses completed the transition from XP to Win7 smoothly.
Windows 8 & 8.1 I hated from the get-go, it felt clunky, disorganized. Using it on a tablet was bad enough, but trying to use it on a desktop? Impossible. I have more than 20 years’ experience with all sorts of devices, operating systems, etc. And after 30 mins of using it I wanted to throw it out the window. So when Windows 10 came out, while I was excited, I was highly skeptical.
I prefer to be an early adopter of new tech whenever possible. I signed up for the Windows 10 upgrade as soon as it was available, upgrading all my personal computers and my business laptop. The upgrade process went smoothly on all my devices, even though it seems to take forever to complete. To my surprise, Windows 10 ran pretty smoothly even from the start. It seemed to have a good blend of the best of Windows 7 and Windows 8. It was new and feature-rich. (Yes, I’m ignoring the fact that most of the “new” features Windows introduced are highly similar to ones available on Mac and Unix systems for ages.) The ease of use and relatively easy set-up gave me false confidence, and I did something that I now think of as one of my biggest IT mistakes.
Several months had passed since installing Windows 10 on my business laptop without issue, and the deadline for the free Windows 10 upgrade was rapidly approaching. I made the call to upgrade the entire office to Windows 10. All at once, over the course of a weekend. Most of the computers made the transition without issue, but one had an outdated video card that wouldn’t work with Windows 10. That shouldn’t have been a major issue, Windows 10 allows you to roll back to the previous version for 30 days after it’s installed. I started the rollback procedure, and it failed. Tried again, still failed. Tried to restart the computer and look for a different driver for the video card, and it wouldn't load Windows 10 either. It got stuck in the middle of 7 and 10, and wouldn’t work for either one. This is why backups are critical! Anyway, I had to do a clean install on that one and leave it at Windows 7; it was old enough that it wasn’t worth the cost of replacing the video card.
So with the one exception, I had the whole office on Windows 10. While I was very aware that there’s always an adjustment period when switching to a new way of doing things, I wasn’t prepared for what came next. First, there was driver conflicts, miscellaneous devices that worked perfectly now had all kinds of quirks. Then, program conflicts. Especially with QuickBooks desktop. Any versions older than 2014 were giving all sorts of errors, with the oldest versions not working at all. But all that pales to the biggest issue – with Windows 10, the system does a lot more in the background, and will override settings seemingly at will.
I’ll post more in depth later about all the sneaky settings that need adjusted to get the best performance out of Windows 10. All I’ll say for now is that it took more than a year to track down all the ways these settings were causing t...
I was already planning a post for today outlining the many reasons why it was time to transition away from any remaining @ yahoo.com email accounts you may have. I logged on today to find there's yet one more, and this one is big. Yahoo revealed yesterday that while investigating their data breach of 500 MILLION user accounts in 2014, that a year prior, they experienced one double that size! And this is just now coming to light. That's three years of exposure for sensitive data including names, birthdays, phone numbers, and security questions. Having your email compromised is bad enough, but there's the potential for this leaked data to be used to access much more sensitive information and financial access. Another aspect of this threat is the use of the same password for multiple accounts. One of the first things done with this type of stolen data is to try it against other types of accounts, and if you're using the same password for multiple websites, then you're in danger.
What to do now:
1) Log into your yahoo account and change the password to a secure password, that you haven't used on any other websites or accounts. Also update your security questions. (Link to instructions on updating your Yahoo account - )
2) Change the password on any other accounts you may have used the same or a similar password one, or that you used the same security questions for. If you've used the same security questions, update those as well.
3) If you don't already have a separate account, create a new email account with a provider such as Microsoft or Gmail (Internet providers also offer free email accounts, but keep in mind that those are tied to your services, and if you change providers you'll have to move your account again or generally pay a fee to retain the email account). There are free, secure accounts available.
4) Once you have your new email account, you can import your contacts and old emails into it from Yahoo. (Here's a walkthrough for switching from yahoo to Gmail). You can also turn on forwarding to make sure emails sent to the old account show up in your new email.
During the transition period, update your email on the websites and apps you use, with any companies that use it for contact, and your friends and family. Once you feel confident that people are using your new email address to contact you, close your yahoo account. (Link to account closing instructions).
It can seem overwhelming to leave an email provider, but following the steps above will guide you through the process. If you're currently using Yahoo mail for your business, contact Vera at email@example.com for information on how to get an email address @[yourbusinessname].com. Help is also available in completing the email transition process, email Vera for details.
Title of your posts.
By Author's Name
January 1, 2030
Category: Category Name
This is where the post content will show up. The font color, font size, line-height, and other styles related to the font, as well as stroke, corner radius and backgroung color / image can be styled. Simply use the text / color / stroke panel to style any of these elements! You can also change the spacing by clicking on the top right arrow near this field. Again this is a sample text and will be replaced with the content of each post.
Tags: Tag Link