Cybersecurity Blog

Help!! I can’t get into my Gmail account – 03/30/2017

 

You begin your day like any other, logging into your computer and then logging into your Gmail to check the day’s messages.  But this morning is different. For some reason your password isn’t working. You are certain that you are entering the correct password. You have checked to see if Caps Lock is on and still you can’t get in.  What do you do?

Your first step is to call the Service Desk. There is a very big possibility that your Gmail account has been compromised. Especially if you use your Gmail username and password combination to login to other accounts.

Once the Service Desk has reset your password and you can get into your account, you need to check your settings. As mentioned in a previous post, once cyber criminals break into your account they like to change its settings so they can regain control of it once you get wise. By checking your account settings, you can make sure your signature hasn’t been changed, that your name appears in the Sent field, that your mail isn’t being forwarded to the criminal and they haven’t given themselves additional access to your account.

Want to decrease the chance that your account will be compromised in the future? Enable two step verification on your account and don’t use your Gmail password for other accounts.

Adult Websites Delivering Malware via Pop-ups – 03/21/17

 

A new malvertising (malware masquerading as advertising) campaign is targeting popular adult websites in Canada and the UK. Unsuspecting visitors to these trusted sites are clicking on the webpages to view content. Unfortunately instead of being rewarded with juicy pics, they receive a pop-up advertisement loaded with malware.  Normally the user’s anti-virus will detect the malware and block it from doing any damage. However, some of these nasty things are brand new and unknown to many types  of anti-virus software so they are not detected and infect the user’s computer.

Adult websites receive millions of visitors every month and therefore are favorite targets of hackers. However, any site can be hijacked by a cyber criminal and used to deliver malvertising.  How do you protect yourself from being a victim?

  • Keep your anti-virus software up to date.
  • Set your browser to block pop-ups.

Unfortunately, your browser cannot determine which pop-ups are malicious and which ones are delivering legitimate content. How do you know if you are missing out on content because a pop-up is being blocked? Your browser lets you know.

After you have set your browser to block pop-ups, when you visit a website that contains them your browser notifies you.  At that point you can choose to allow pop-ups for that specific site or continue to block them. Do not allow pop-ups unless you are sure the content being delivered is not malicious.  Happy surfing!!

Protecting Yourself from Scams During Tax Season – 03/14/17

 

Every tax season the cyber criminals try to take advantage of tax payers eager to get their refunds.  What do you need to know to protect yourself?

  • The CRA will never communicate with you via email unless you have signed up for online mail.
  • The CRA will never ask for personal or financial information via email.
  • The only time the CRA will send you an email with a link in it, is when you are on the phone with them and are requesting information be sent via email.

If you unexpectedly receive an email from the CRA containing links, delete the email. If you receive an email from the CRA asking for personal or financial information, delete the email. If you are uncertain as to the legitimacy of an email received from the CRA, call them directly using a phone number you have found on the CRA website.  For more information on how to protect yourself from scams, identify theft and fraud, check out the CRA website.

 

Anatomy of a Ransomware Attack – 03/14/17

Your stereotypical hacker used to be an overweight manchild living in his parents basement. Nowadays, however, a hacker can be working for a large organization making billions a year.  Hacking has become big business with ransomware offering hackers the ability to make lots of money quickly and easily.  Everyday you are hearing about companies and organizations being brought to their knees by a cyber attack.  Just how do hackers do it? How do they manage to get through the latest firewalls, anti-virus software and network security protocols to breach some of the highest levels of security found on the planet? Watch the video and find out.

 

What you Should Know Before you Buy an Appliance/Toy that Connects to the Internet. – 03/03/17

 

Technology is an amazing thing.  Everyday we hear about new and exciting technological advances. We can now control our home with our voice, see who is ringing our doorbell at home while we work, track the movements of our teenagers and have our toys interact with us.

Unfortunately manufacturers have been so busy keeping us entertained and making our lives easier that they have forgotten to keep us safe as well.  The majority of these devices do not allow for firmware updates, changing the access passwords or usernames. Security is usually last on the list, leaving many devices with huge holes that cyber criminals can use to gain control of these them.

You may be thinking what is the worst that can happen if they get control of my coffee maker? Well if they gain access to your coffee maker, they can turn your coffee maker into a bot, instructing it to visit a particular website or server. On its own, this is harmless. However if hackers turn millions of devices into bots, it overwhelms the website and crashes the server. This is called a Denial of Service attack. It prevents customers from accessing a site and making purchases,  costing businesses millions in revenue.

Even more concerning are those devices containing cameras or microphones. They can record images of us or our voices and send them to some distant server where security often takes a back seat and our private lives may be monitored. Companies can collect this information and then use it to sell us products. In addition, their often poor security practices can allow hackers to intercept the information or steal it from servers.

So how do you protect yourself and your privacy while still enjoying the wonders of technology?  Here are a few things to consider when purchasing internet connected devices for your home.

  • Do not purchase products that do not allow you to change the default password.
  • Do not purchase products that do not allow the firmware (the software that runs the device) to be upgraded.
  • If the device has a camera or microphone, determine what is being recorded, why is it being recorded and where those recordings are being stored.

Once you have made the purchase and brought your new toy into your home there are some things you can do to protect your data and privacy.

  • Change the default password.
  • Keep the firmware updated.
  • Don’t enable the features that require an Internet connection unless it is really necessary.
  • Disconnect it from the Internet when you are not using it.
  • Cover up recording devices that are not being used.

Don’t give up your privacy or put your security at risk, just because something is super cool.  Not sure if that feature is worth the risk? Ask yourself…is having my coffee pot automatically order beans for me worth loosing access to my bank accounts?