Cybersecurity Blog

Harrassed online? Here’s what you do- 07/12/18

 

 

If you are on social media, there is a very good chance that at some time you have been attacked by an internet troll.  Usually they can be shut down by simply ignoring them and not responding to their attempts to create conflict.  However, every once in a while the troll continues to harass and they go from being annoying to being abusive.  Thankfully, it is possible to have these people brought up on criminal charges. However, you do need to do some homework. The process is not an easy one. Here are a few tips to get you going:

  1. Get screen shots.
    You never know when a troll is going to cross the line from annoying to abusive, so any harassing posts should be captured in a screen shot. Trolls can delete posts and cancel accounts when they are being investigated. You cannot rely on them being archived. A screen shot preserves the evidence for future prosecution.
  2. Print out your screen shots.
    Technology fails, always have a paper backup.
  3. Record dates and times of harassing.
    You need to create a chronological record of the harassment. If authorities see it escalating over time, they will be more likely to intervene.
  4. Know the terms and conditions as well as the rights and responsibilities of the social media site you are using.
    Be aware of what can and can’t be reported.
  5. Report the bullying to your internet and mobile service providers as well as the social media site.
    Give them your screen shots and record of harassment.
  6. Block the troll from your account.
    Most social media sites allow you to block messages or posts from specific individuals. If the troll creates another account and continues to harass, this further supports your case.
  7. Report the harassment to the police.
    If you continue to be harassed even after you have not responded to their taunts and have blocked them from accounts, you have grounds to report the harassment to the police.

To get help with the documenting process and gain support, visit HeartMob a non profit organization dedicated to ending online harassment.  Their website is full of resources including a twitter bot that replies to harassers with a disincentive.

 

 

 

The password to your internet connected device is on the web – 07/04/18

 

Have a thermostat, doorbell or baby monitor that connects to the internet? How about a router? Have you changed the default password that came with the device? No? Well, you might want to get right on that. Why? Well, the default passwords of most devices can be found on the internet. Yup, that is correct.  You can do a simple search of the make and model of your device and in most cases get its default password.

This is very handy when you are setting up your device for the first time or you have to perform a factory reset. It is also very handy for hackers who count on consumers leaving the default password as is.  Once criminals have the password, they can easily gain control of the device. Numerous instances of baby monitors scanning rooms on their own and devices being turned into bots for deny of service attacks have been documented.

This is just another gentle reminder to change your default password and keep the device firmware up to date on anything that connects to the internet. Want to learn more about internet connected devices? Check out this blog post.

Adidas is not giving away free shoes – 06/19/18

 

 

From the Too Good to Be True file, comes the Adidas anniversary giveaway.  Messages are  currently circulating in WhatsApp promising a free pair of Adidas shoes in celebration of their anniversary.  Initially messages referred to a 93rd anniversary, however the hacker decided to do some basic math and more recent messages correctly refer to a 69th anniversary.

You might be asking, why on earth would someone fall for this? Well once the scammers sorted out their math, they were clever enough to spoof the official Adidas site. The fake URL is exactly like the legitimate one with only the i replaced with a vertical line with no dot.  This is an easy thing to miss when one is being tempted with free footwear.

In addition the scam is quite sophisticated.  They don’t just come right out and say, give me your personal information and I will give you free shoes. Instead, they give the whole thing a legitimate feel by making the victim qualify first by answering a short survey and requiring them to share the offer with their WhatsApp contacts (just for the record, there is no way for them to determine if you have shared a message or not). Once you qualify, you are told you can claim your shoes for a dollar. Of course as payment is now required (but it’s only a dollar, so it’s nearly free), you are sent to a webpage that collects your payment card information. Having jumped through multiple hoops to claim your prize, you now feel like you have earned the free shoes and all thoughts that this are a scam are gone from your mind.

That is until you see the confirmation of payment web page that includes a line in the footer saying you will be charged $50 per month if you don’t cancel your subscription in seven days.  Of course they now have your payment card information and will charge you what they want for as long as they want until you cancel the card.  Even worse if you fail to read the footer, they will have access to your card until you notice the charges.

Anytime someone is giving something away, assume it is a scam. If you are tempted by the sparkly giveaway being dangled in front of you, visit the company’s website using a bookmark or search engine result. If they are giving something away, it will be advertised on their official site.  Remember if it is too good to be true, it probably is.

Is that app really as popular as it seems? – 06/15/18

 

 

Cyber criminals are getting wise. They have noticed that if an Android app has lots of downloads listed, the odds are pretty good that others will download it as well. They are using this phenomenon to trick people into downloading their malicious apps.

How are they doing it? When you browse the app store,  the only information that you see is the app name, app icon and the developer name. Creative criminals are taking advantage of this by entering their developer names as 100 Million Downloads, Installs 1,000,000,000 + or simply 5,000,000,000.

Criminals aren’t stopping the deception there. They are also using Verified Application or Legit Application as their developer names. Never mind that Google Play doesn’t have a developer account verification service, it looks good anyway.

This is just a reminder that when you are looking for apps to download stick to Google Play and read reviews carefully. Stay away from apps that use deceptive tactics, have few reviews or few downloads.  Happy and safe downloading!

 

 

Some Google Groups are leaking data – 06/05/18

 

Have you checked the settings on your Google Group lately? By default when you create a group, only group members can post and view messages  and people must ask to join the group. However, researchers have discovered that thousands of Google groups have their permissions set to allow the general public to view the group posts.  This would not be an issue if the people posting information to the Google Group understood that their posts could be viewed by the public. However, sensitive and private information has been found within these group posts suggesting that they really have no idea.

If you are the owner of a Google Group, please take a moment to check your permissions. To check permissions:

  1. Open the Google Group.
  2. In the title bar of the Google Group,  click Manage. The left menu changes.
  3. In the left menu, click Permissions. A list of permissions appears.
  4. Click to select each permission type and review its settings.

Please note that if you have selected All organization members, to View topics or Post anyone with an @mtroyal.ca email address may do so. This includes students, staff and faculty. If you have selected All members of the group, users must actually join the group to be able to post or view emails/topics.

If you wish to email/post to a Google Group, check the settings of the group to see who can see the messages you send. To check the settings:

  1. Open the Google Group.
  2. In the title bar of the Google Group, click About.
  3. Scroll down to find the Access section. The posting and viewing permissions of the group are listed here.

If you have questions or concerns about setting permissions, please contact Bernadette Pasteris at bpasteris@mtroyal.ca.

Hackers using calendar events to deliver malicious links – 05/23/18

Hackers have discovered a new way to deliver malicious links, through your Google calendar. How? Simply by creating a calendar event and inviting you.

By default when you are invited to a Google calendar event, the event appears in your calendar whether you have responded to an invite or not. The sneaky hackers know that if you receive an email with an invite from someone you don’t recognize, the odds are great that you will simple delete it or ignore it. So, they create an event with a vague description and include a link to the meeting agenda but choose to not email the guests.

What the hackers hope is days or weeks later when you receive a meeting notification or see the event sitting in your calendar, you will think you have forgotten about a meeting and will open up the event and click on the link to view the agenda.  I know what you are thinking, I wouldn’t fall for that because I would check the meeting owner’s email. Ideally that is exactly what you would do, however when humans think they have messed up they tend to panic and click.

How do you protect yourself from the panic and click? You can change your event settings on your Google calendar. Go to Settings and select Event Settings. In the Automatically add invitations section, select No, only show invitations to which I have responded. This prevents events from being added to your calendar without an email invite so you can’t be ambushed.

Watch out for the Facebook video scam – 05/15/18

 

 

Facebook users around the world are being taken in by the latest video scam. They are receiving Messenger messages containing a video link. When they click on the link, they are taken to a fake Youtube web page and asked to download a browser extension so the video can be viewed.  Of course when they do, they load malware onto their machine that harvests their data and then sends out the same message to all their Facebook friends.

This newest scam is just one of several that use Messenger to deliver malicious links.  These links as well as those in text messages or other messaging apps should be treated the same as links in email:

  • If it is from someone you know, call the sender to make sure they sent it before you click on it.
  • If it is from an organization, visit their website directly to get the information.
  • If you don’t recognize the person or organization, delete the message.

 

Twitter asking users to change their passwords – 05/04/18

 

Why is twitter asking all its users to change their passwords? They discovered that login credentials were being stored unmasked in an internal log.  This means anyone at the company who opened this log could see users’ passwords and usernames. A HUGE no no.  The good news is, they have no evidence that suggests any passwords or account information have been stolen.  Now this doesn’t mean that some Twitter systems analyst hasn’t taken down your credentials to use at a later date, it just means they don’t think it has happened.

While this is a huge embarrassment for Twitter, for most of its users it will likely be nothing more than a lesson on the importance of having two step verification enabled.  Those lucky ones who reuse passwords will also be reminded why it is better not to as they scramble to remember all the accounts that use the newly exposed password.

Help! I think I have a virus! – 04/24/18

Is your computer acting weird? Is it suddenly working really slowly? Are pop-ups all over your screen? Are folders graying out and can’t be opened? Are files suddenly unavailable or can’t be found? Is your mouse moving on it’s own? Has the text become unreadable? Do you have a virus alert? If you are experiencing any of these, you could have a virus or malware on your computer.

If you think you have malware on your machine, do not turn off your machine, some types of malware load on start up. Do not run a virus scan, some types of malware corrupt anti-virus programs.  Do not try to fix the problem yourself. Do not panic, help is available.  So what do you do?

  1. Don’t touch anything. Many types of malware are loaded by clicking anywhere on a pop up window. If you don’t click, you may be able to prevent an infection.
  2. Disconnect from the Internet. On your workstation, unplug the network cable. On your mobile device, disconnect from wifi.
  3. Call the IT Service Desk.

Not sure what a network cable looks like?  It looks like a phone cable, but comes out of the back of your computer.  It can be red, white, black, blue, gray or yellow.  Still not sure? Here is a photo for you:

Network Cable. Does not come with little blue men.

 

Worried about getting into trouble and you don’t want to call the Service Desk? Please don’t be. IT Services has service in the name for a reason. We are here to help you. We know you are human. We know people make mistakes. We like to get your calls.

Cyber Safety Summit 2018 – 04/23/18

The Cyber Safety Summit 2018 will be held on October 2, 2018 at the Lincoln Park room in the Main Building of Mount Royal University’s campus.   The summit will include experts speaking on home security, social engineering, fraud protection and how to recover from a cyber attack.  In addition  we are  adding a new topic this year, protecting your privacy.  Registration is free.

Spend the whole day with us or just come by for your favourite session. Either way you have the opportunity to hear from the experts themselves how to keep your family and home cyber safe.  Come with your questions and concerns, leave armed with the knowledge you need to keep hackers at bay.

Can’t attend the summit? We will be live streaming all sessions.  Visit the website to review last year’s program and to sign up for Summit updates.

Mark your calendars now!!  See you on October 2, 2018!!