Cybersecurity Blog

Preventing Identify Theft – 09/12/17

 

With the news of the Equifax breach consumers are left reeling, not sure what action to take to prevent identity theft.  There are tons of articles talking about credit freezes, alerts and monitoring. Most of this information refers to laws and services particular to US citizens. Some are not even available in Canada.  As a Canadian, what do you do?

1. Contact Equifax
  • Visit the Equifax site for details.
  • All impacted customers will be contacted directly. If you have not been contacted, call them at 1-866-699-5712.
2. Set up a credit file alert.
  • With a credit file alert, a request for a new credit product or a change in a credit product cannot be approved without confirmation with the consumer who owns the credit.  This prevents fraudsters from signing up for new credit cards or loans as well as preventing them from increasing credit limits.
  • A credit file alert should be set up with both Equifax Canada and TransUnion Canada. Each provider has different types of alerts and they don’t share information. Contact the companies for details.
  • Equifax will be providing free credit monitoring and identify theft protection for 12 months to everyone who is impacted. Equifax will contact you directly with the details.
3. Check your credit report monthly.
4. Sign up for credit monitoring.
  • Be notified of new debts.
If your identify is stolen or accounts are accessed:
  1. Contact your local police department and get a police case number.
  2. Contact all your financial institutions and give them the police case number to  hold in your file.
  3. Call Equifax Canada and TransUnion Canada and have them place the police case number on your credit reports.
  4. Report the incident to the Canadian Anti-Fraud Centre.

Don’t enable Excel or Word Macros without reading this – 04/24/17

 

In Microsoft Office’s attempt to make life easier and our work more efficient, they have a handy little tool call a macro.  In its simplest form, a macro allows you to record a series of routine tasks so they can be replicated in an instant using a short cut key. However macros can also be very complicated programs interacting with other applications, making them ideal malware delivery tools for cyber criminals.

For that reason, it has long been a recommendation that macros be turned off or disabled in both Word and Excel. This prevents them from running automatically when a Word or Excel document is opened. As a result, a nasty virus cannot be uploaded onto your machine.

How do you disable macros? In both Word and Excel:

  1. Select File>options>Trust Center.
  2. Click the Trust Center Settings button.
  3. Select Macro Settings from the left menu.
  4. Select Disable all macros with notification.
  5. Click the OK button to exit the Trust Center Settings.
  6. Click the OK button to exit the Trust Center.

Note: Disabling macros in Word does not disable them in Excel and vice versa. You must change the settings in each application.

Once macros have been disabled, whenever you open a document that contains a macro you will be notified and asked if you wish to enable it. Some nice hackers even include detailed instructions on how to do that on the document itself.

DO NOT enable macros unless you know the email sender and have directly confirmed with them that the macros are essential to the functionality of the document. Of course if you have documents that you currently use that contain macros, you can enable them in order to use the documents. Just be aware that with macros enabled, you will not know if a Word or Excel attachment contains a malicious macro until it is too late and your machine is infected.  To prevent unintentional downloading  of malware, it is recommended you call the email sender to verify an attached Word or Excel document is legitimate before you open it.

Note:  This article applies to macros in Word and Excel. If your department uses Access databases that contain macros, they may not function if the macros are disabled. Please talk to your supervisor before you disable macros in Access.

Watch out for Fake Apps!!!! – 11/16/16

retail_apps

 

 

 

 

 

The holidays are here and the scammers are out in force. Their latest trick is fake apps. Starbucks started the first “retail app” it, and many stores have followed.
But scammers are now creating fake retail apps, trick you into downloading them to your smartphone or tablet, and ask you to load your credit card information in these apps. You can guess what happens next.

Here are 5 things to keep in mind about this Scam:

  • Be very judicious in deciding what app to download. Better safe than sorry.
  • If you *do* decide to download an app, first thing to check is the reviews,
    apps with few reviews or bad reviews are a big Red Flag.
  • Never click on a link in any email to download a new app. Only go to
    the website of the retailer to get a link to the legit app on the AppStore
    or Google Play.
  • If you want to download a retail app, get the link from the app on the retailer’s website. If they don’t advertise an app on their website, they don’t have one.
  • Give as little information as possible if you decide to use an app.
  • Be very, very reluctant to link your credit card to any app!

There is more information about this at the New York Times:
http://www.nytimes.com/2016/11/07/technology/more-iphone-fake-retail-apps-before-holidays.html

Staying Safe on Public WiFi

Using a public WiFi connection can expose your device to hackers. A few simple precautions can make your public WiFi use safe and fun.