Rogue Security Software
If you’ve reached this blog post from a Google search for the phone number 4169153536, please be advised that the call you’ve received is a scam. Read on for details.
Rogue security programs look legitimate, but are nothing more than a social engineering tool designed to relieve you of your money.
I touched on rogue security software in my last post (Digitally Transmitted Diseases 101), but a recent experience made me want to revisit the topic.
A member of my family recently fell prey to one of these programs. Setting aside how the program made its way onto his computer, it happened, and it told him that his computer had fallen victim to over “800 hacks.” Not being very technologically savvy, this scared him, as it’s designed to do. He called a number that was given to him (416 915 3536, which has a Toronto area code), and spoke to someone named Steve Dawson.
Unfortunately, my grandfather was convinced to hand over his credit card information, and grant them remote access to his computer. When he started to realize he may have made a mistake, he told Steve that he would ask his grandson to help him. Steve, in an effort to sound legitimate, encouraged him to have me call them. Here’s how that phone call went:
“Hello, thank you for calling Windows technical support!”
Right away, I can tell that this is not a local call, by how it’s ringing. This is a call that’s being routed to another country altogether.
A lady claiming to be named Lucy picks up the call. She has a thick accent. “Hello, thank you for calling Windows technical support. How may I help you?” There’s a tonne of noise and yelling in the background.
“Good evening. Steve Dawson, please,” I say.
She replies, “Oh, Steve Dawson. Yes.” And then, instead of putting me on hold, she just yells, “STEEEEEEEEEEEEEEVE!”
Very professional. Another guy with a thick accent comes on the line. He says he’s Steve Dawson. I ask him what country he’s in. He says New Jersey, United States. Bullshit.
Two minutes into the conversation, he gives up on the lie that he represents Microsoft technical support. When he realizes that he’s actually speaking to an IT professional, he gives up on the lie that he’s a Microsoft-certified engineer. When my grandfather told him he would ask his grandson to help him, he told him to have his grandson call him. I ask what he thought was going to happen when I did call him. He has no answer.
He starts rambling, and I tell him to stop talking. I spend the next five minutes ripping into him over the phone until he gives up and hangs up, but not before he turns it around and starts calling me a scammer.
Did I expect to get anything out of the conversation? Of course not. But sometimes it’s nice to have someone to yell at – someone who deserves it. And for messing with a kindly elderly man, he deserves it.
That takes care of all my pent up aggression this week. I don’t have an asshole landlady to argue with anymore, so who else am I going to unload on?
What do you do if this happens to you?
If you’ve let it get this far already (as in, they have your credit card number and/or remote access to your computer), the first thing you need to do is cut off their access. It may not be easy for you to shut down your computer properly, so hold the power button for a few seconds to cut power if you need to. The important thing is that their access over the internet be cut immediately.
Call your credit card company and report the fraud. Explain what just happened, and have them reverse any charges made. They’ll cancel your current card, and issue you a new one. If necessary, involve the police, as they can file a police report that forces your credit card company to cancel the fraudulent charge.
If you’ve given them your computer’s password, change it immediately. Think about any other online accounts you may use the same password for, and change those immediately, too. This is especially important if you use that password for your email or any online banking.
Call your nearest IT guy and ask them to help you remove the malicious software from your computer, as well as any remote access software left behind. A scan with your antivirus software is recommended, but you may need a professional to look at it anyway, especially if your antivirus software has been disabled.
The Moral of the Story
Don’t trust software you’ve never seen before if it tells you that your computer is infected. Don’t trust someone who calls you and tells you the same.
And the most important point, something I tell my clients all the time: If you have even the slightest doubt or question about something, call your IT guy. Don’t worry about putting them out. Just remember, a five-minute phone call can save you hours of frustration and embarrassment.
Steve Dawson, whatever your real name is, know this: If I ever meet you in person, your testicles will be introduced to my shoe, post-haste.
What do you think? Leave a comment!Digitally Transmitted Diseases 101
These days, more and more people seem to be asking me, “Tristan, I want to become a shark-fighting, syrup-chugging, moose-herding, tree-felling Canadian, too. But first, I’m confused – Can you explain the difference between a virus, a trojan, and spyware?”
You may have read a post I wrote on the digital clap a couple of years ago, Discount Pharmaceuticals – Get ‘em While They’re Hot! Consider this a sequel, if you will. Previously, I offered some helpful tips on protecting yourself online. Now, I’m going to help you understand what you’re protecting yourself against.
Turns out, the digital clap isn’t the only digitally transmitted disease out there. Here’s a brief explanation of the most common types, better known as “malware” (malicious software, get it?).
The Infamous Computer Virus
The virus is so widely known, that people often group all other forms of malware into this one category. However, it’s important to understand that a virus is just one form of malicious software that wants to settle in on your computer.
It’s easy to see why the virus is so widely known, since it’s been around the longest. Before internet use was widespread, viruses were often spread on floppy disks, and other portable media. Today, they most often spread over networks.
They make changes to systems whose results range from simple annoyance to outright destruction of data, and they’re also injected into other files, including Microsoft Word and Excel files.
Since the virus was, essentially, the first form of malware, how do the other forms differ?
The Trojan
The Trojan Horse of Greek mythology seemed, to the inhabitants of the city of Troy, to be a gift. However, concealed inside were enemy soldiers that used it as a ruse to gain entry to the city and destroy it.
Think of a trojan as the software version of that horse – A piece of software designed to seem harmless on the outside, in an attempt to get you to run or install it. Once you do, you’re opening yourself up to attack. Trojans are often used to steal information, or even enable an outside party to gain remote access to your computer. You want that about as much as you want the real clap.
The Worm
Worms are viruses that spread by any means necessary – Usually, over a network directly, or by harvesting your address book and sending itself to your friends. Trust me, they’ll love you for that.
Spyware and Adware
While not usually as destructive as other forms of malware, spyware isn’t any less dangerous. It’ll sit on your computer, collecting information about your habits on the internet, such as what sites you visit, and send that data elsewhere.
Why is this a problem? It’s a privacy violation. How many other people do you really want aware of that embarrassing Google search you did last week about that rash on your buttocks? And for advertising data, no less?
Adware is designed simply to display advertisements on your computer. And where do you think they get the data to target the ads towards you, personally? Bingo. The most annoying fact about spyware and adware is that it’s often installed with software such as browser toolbars, which many people elect to install themselves. The MyWebSearch toolbar is a perfect example of this.
The Rogue Antivirus Application
An example of a piece of rogue antivirus software, pretending to be a legitimate scanner.
Rogue antivirus software likes to get all dressed up for a night on the town. In this case, the “town” is your computer. These tricky bastards are designed to look like legitimate antivirus applications, such as Vipre or (heaven forbid) Norton Antivirus.
What’s funny about these ones is that they actually tell you that you’re infected, in an attempt to get you buy bogus software. Tricky, indeed.
Of course, if they were legitimate, they’d make it easy for you to remove them. Too bad it just isn’t that easy. They often block key programs that would otherwise make stopping or removing them a simple task.
The Keylogger
I don’t have to explain this one, do I? It should go without saying that you do not want to enter a password to your bank account on a computer that’s secretly recording every keystroke on your keyboard, and sending that data to someone on the internet.
Last but not least: The Rootkit!
Always save the best for last, right? Just kidding. Seriously.
A rootkit camouflages itself among your computer’s core systems. It integrates itself into a part of your operating system, and hides itself so well that it is often incredibly difficult to detect, much less remove. Of all the forms of malware out there, the rootkit is most often the one that will make your IT guy throw his hands up in defeat, and just wipe a computer entirely.
It’s not that you can’t remove a rootkit, it’s just that in the time it usually takes to make progress against one, you can often just wipe a computer and reinstall its operating system and applications anyway. Removing rootkits usually ends up being a frustrating exercise that can even lead to significant damage to an operating system, anyway.
The More You Know
This topic is one that confuses a lot of people outside the IT industry, but that’s ok. It isn’t your area of expertise, but you want to better understand what threatens your computer, and even your business.
I hope that I’ve been of some help in this area. And as I said in Part 1, I’m always around if you have questions. Comments, email, Twitter… Get at me.
1 person has commented. What do you think?Mac vs. PC – Put Your Pitchforks Away
I’ve been to the future. What I saw wasn’t pretty. All these years, I was sure Skynet was going to bring about the death of the human race. But who knew it’d be civil war caused by an age-old conflict: Mac vs. PC?
Citizens of the Internet, you see it every day – Mac and PC users blindly firing shots at each other, back and forth, without end. What’s sad is that many of these people (on both sides – don’t kid yourself) do so without any idea as to the facts behind their own statements. They operate on hearsay, rather than formulating opinions for themselves.
I like to think I have a well-rounded perspective on the issue. As an IT guy who supports and uses both platforms, I know that both have their pros and cons. And my personal preference for Microsoft Windows doesn’t mean I’m going to criticize someone for choosing a Mac. That said, for the sake of educating the naive on both sides, here are my thoughts on Mac vs. PC:
“Macs are so over-priced.”
Yes, I’m starting this off by defending Apple. Ignorant PC users often complain that Macs are over-priced. Really? It’s true that you’ll probably shell out more for a Mac at your local Best Buy than you will for a PC. But have you looked at the hardware you get for that price?
Apple designs their hardware to be beautiful. It appeals to the senses. Smooth curves, aluminium unibody construction, sleek form factors… My sister’s iMac looks and feels awesome as part of the decor in her living room. I pick up a Macbook Pro, and it’s clear to me that it’s built well. I have an iPad, and I can tell you that it is solid. I toss it around all the time without ever worrying about it snapping or cracking. That’s more than what I can say about my notebook.
If these are things you place value on, then you aren’t wasting your money. Most PC manufacturers don’t pay that much attention to those details, and that’s why you pay them less. An exception: You’ll usually pay more for a Sony Vaio; But, well, look at them. They’re beautiful, and they’re built with high-quality materials. You get what you pay for.
“Macs never get viruses.”
People who insist that Macs simply do not get viruses – These are the people who make me laugh. Your Mac not getting a virus is not the result of good security. Here’s the truth of the matter:
For years, PCs have held the vast majority of market share in the computing world. If you’re writing malicious software, and you want to hit as many computers as possible, are you going to write it for a platform that only 1% of computers run on? Of course not.
Here’s a scary thought: With Mac popularity (and with it, market share) skyrocketing, virus programmers are seeing a much tastier target in Apple products. And because, up to now, OS X was left relatively untouched, Apple is facing the enormous task of plugging security holes that were largely ignored for years.
The fact is that Macs can and do fall victim to malware, with more and more viruses being written for them.
I use a PC, yet I never get hit by malware. Your best defense on the internet is, as always, common sense. (See: Discount Pharmaceuticals – Get ‘em While They’re Hot!)
“Everything on my Mac just works.”
Come on, people. Your Macs crash all the time. I see it happen all the time. Some of the most unstable computers I’ve worked with were made by Apple. But you know what? PC users don’t have it any better.
Software is written by imperfect developers who miss things and make mistakes. Windows and OS X are both full of bugs, but they’re getting better. Mac OS X is, for the most part, very stable. Guess what? So is Windows 7.
Some Mac users claim that PC users constantly have to deal with installing drivers. I’ve used Windows 7 since it was released, and I can’t remember the last time a peripheral didn’t just work on its own. Granted, you do run into problems with some devices on Windows, but there are simply so many more available. Mac peripherals are fewer in number, so quality control is easier.
Both platforms have some truly amazing and innovative products. Case in point: Time Machine is a superb backup product. Well done, Apple.
“PCs are real computers. You can’t do real work on a Mac.”
Someone said those words to me last week, verbatim. It’s funny, if you consider that the PC is definitely the dominant platform in the gaming community.
You can be just as productive on a Mac as you can be on a PC. You may do it with different software at times, but there isn’t much you can do on Windows that you can’t on OS X, anymore.
Chill Out
There are things I like about Macs and PCs alike. There are also aspects of both that frustrate me immensely.
To PC users: The next time you’re about to blindly criticize someone for using a Macbook instead of a Dell, think first. Consider that calling them a “fanboy” actually makes you seem strangely obsessive, yourself. So just be cool. To each his/her own.
To Mac users: I understand the appeal of the platform you choose to use. Just remember that your computer is not immune to the viruses you tease PC users about, and no computer is 100% stable, all the time. Still, I have to say that Macbook Pros are sexy. I’d love to buy one and put Windows on it 
Kudos to Apple for those funny commercials, but unless you work for their marketing department, this isn’t a war. So if Skynet wants us dead, let’s not make it any easier for it by killing each other over our choice of computers.
This crunchy poast was inspired by a series of tweets by Jeff Broderick. I don’t know him, but he seems like an interesting dude. And he definitely isn’t ignorant or naive. Thanks for the inspiration to write, Mr. Broderick.
1 person has commented. What do you think?Don’t Trust the Internet Today
The morning of April 1 is one of my favourite times of the year. I sit down at my desk with my morning beverage and a leg of lamb (breakfast of champions to the mighty lumberjacks of Canada), ready to see what the internet has in store for its denizens.
It’s when all the companies with a sense of humour litter their sites with fake articles, jokes, and pranks on their userbase for April Fools. It’s the day of the year when you can’t trust anything you read on the internet, and the only thing funnier than the jokes themselves are the people who fall for them.
And the top three runner-ups for Best April Fool Award go to…
I particularly enjoy Google’s April Fools’ jokes, as they put a lot of effort into making them seem like real products and services being launched. Case in point: Their Gmail Motion Beta could have actually been a useful tool, had their demonstration video not been so off the wall and, well, hilarious. The lengths to which they went to integrate the new feature into Gmail made it all the funnier.
Google’s job posting for an “Autocompleter” was another winner, stating that applicants for the position should be able to type at speeds of at least 32,000 words per minute. I sent an email to my colleagues at work telling them that I would be leaving the company to fill this position, and to my delight and surprise, one of them actually fell for it.
I sent this Canon notice to a few of my clients who have Canon copiers in their offices. The new Canon VoiceOver module allows users to scan, print and copy their documents with voice commands. Since the module is still in “learning mode,” it may be necessary for them to repeat their commands several times for them to work. Receiving emails with stories of people standing there, yelling at their copiers, made my day several times over.
My Personal Favourite – Upcoming Features in Microsoft Exchange 2010 SP2
Who says Microsoft doesn’t have a sense of humour? The team responsible for developing the Exchange communications platform published a blog post with details on exciting upcoming features in the next service pack for Exchange 2010. I’ll admit to having been excited to read the article, until realizing a couple paragraphs in that it was an obvious fabrication. But kudos to the Exchange team for a good laugh, and to that one guy in the comments who thought it was real.
Some of the humour here may be lost on those not familiar with running email systems such as Exchange, but here’s an excerpt of some of the great new features they came up with:
1 person has commented. What do you think?
- OWA Automobile Edition: Exchange team and a major US automaker will soon announce OWA integration into new line of cars to maximize end-user productivity. Car windshields are to be replaced with LCDs (who needs windshields anyway?) Additionally, when it’s time for oil change, you will get a reminder popup.
- Twitter-Ready Mail: Exchange 2010 SP2 will enforce a maximum email length of 140 characters to ensure all email is Twitter-ready. If you have more than 140 characters of things to say, you are clearly egotistical and self-centered. To help you save the characters, we will also enforce all email to be in clear text format. An 80-page whitepaper with business-ready abbreviations to use will be published at release time.
- Boss OOFs: Out of Office Assistant (Automatic Replies) now has a “boss” feature, which will send a different message to your upward reporting chain in the GAL than everyone else. Now, you can be “out sick with the flu” to your boss while “kicking ass and taking names” in Vegas to your buddies.
- Active Inbox Rules (AIR) Agent: The Exchange engineering team is especially proud of its extensibility features. The AIR Agent is a step in this direction, allowing you to manage users’ email based on their past behavior, and reduce TCO. The AIR agent interfaces with your helpdesk system and reads the number of “I can’t find my email” tickets created by a user. If the message is found to have been automatically moved by an Inbox rule that the user created, the AIR agent automatically creates a server-side rule to move such items back to the Inbox. This should greatly reduce the number of helpdesk tickets created by the user.If the user creates any additional rules to move messages, the agent responds by creating server-side rules to move messages from all folders back to the Inbox. This action is completely transparent to the user.
- Mobile Read Receipts: Given so many of you now consume email on your mobile devices, we are positive you’ll find this new mobile feature quite useful. When you receive a message with a read receipt requested on your mobile device, the mobile email client will activate the camera on your mobile device and transmit a video to the sender, really proving you’ve actually read the message. Mobile Read Receipts are sent with important metadata information such as your expressions (visual and verbal), and your GPS coordinates.
