May 16, 2017

Hacking and Computer Virus 101

Below is a detailed review of hacking (and computer virus infection) and what you can (and should) do to help protect yourself (and anyone connected to you via your "contact lists").

Everyone should pay attention to the security of their smartphone and any other computer because anyone can be a target for hackers.  

All it takes is one device to be compromised and the one infected machine can spread a dangerous virus...just like a dangerous human virus... automatically and secretly infecting every other device it has electronic contact with.

Computers are almost always hacked automatically by SpamBots. Particular users or sites are rarely a specific aim of an attack. In most cases, the hackers just need your system resources. If they gain access, the mailboxes are used for spamming; the hacked websites are used for spamming, launching hacking or DDoS (Direct Denial of Service) attacks against other sites or services, distributing questionable content, and hosting advertising or fraudulent pages and malware.

This is why everyone should take proper measures to keep their services secure. No site is too small or an e-mail account too unimportant, as the service is almost always hacked just for its resources.

Of course, your business or you personally may be a specific target for attackers. This may be due to personal reasons, it may be initiated by competitors, or the hackers may be planning to demand a ransom from you to stop attacking your service. 

This is one more reason why you should pay attention to the security of your accounts. If you receive threats that your service (provided by Cole WebMarketing) will be attacked, you should immediately notify us.

PASSWORD DO's AND DON'Ts

When choosing a password, you should avoid using:
  • a very common password, such as the word "password" (in any language), "abc123", "letmein" and "newpass" or a dictionary word;
  • identical password for different services; for example for other e-mail services, forum registrations, online banking, etc;
  • passwords containing characters that are located next to one another on the keyboard like ytrewq, aassdd, qweasd, etc;
  • passwords similar to the username, for example having username/password combination such as webmaster/webmaster12;
  • passwords based on personal information that can be obtained via social engineering tactics;
  • passwords based on a word with some letters replaced by similar-looking symbols; for example: p@ssw0rd, 1l0v3y0u. This is quite a common practice, and the hackers are well aware of it;
  • simple word or phrase, combined with the current or a recent year; for example: 2014pass; new2015.
One method to create a strong password that you can remember is to use a so-call "passphrase" -- a string that consists of multiple words; it is strongly recommended that it includes other symbols and/or digits too.

Another popular option is to use randomly-generated passwords, and store them in a password manager software (such as RoboForm).

Be sure not to share your password with anyone. Sending login credentials via e-mail, or an instant messenger that does not encrypt the data, is considered unsafe.

YOUR FIRST LINE OF DEFENSE - EMAIL:


There are a few things you need to do in order to keep your e-mail account safe:
  • Taking proper care of the security of your own devices. Passwords are often stolen via malware. If a device of yours is compromised, and you check your mailbox through it, the hackers may obtain your login credentials.
  • Using only trusted devices to check your e-mail. Logging via a shared computer at a hotel or an Internet cafe should be avoided. Such an insecure device could be infected with malware, or it may have a keylogger installed on it intentionally.
  • Choosing strong passwords, and changing them regularly. 
  • Connecting over an encrypted connection. Our Webmail interface uses encryption by default (there is an option for this on the login screen).  
If your mailbox gets compromised, the attackers may use it to relay spam, or they may manually look through your stored messages for data that may be valuable for them. It is also possible that your login credentials will be sold in bulk along with more compromised accounts to other malicious entities who will utilize them as they decide.

To help protect all customers using website/email hosting services by Cole WebMarketing, please note that immediately upon detection of any spamming or virus infection, the outgoing email service of the afflicted customer will be shut down until all connected devices are scanned and all passwords are changed.

KEEP SOFTWARE UPDATED (INSTALL PATCHES):

You should be sure that any third-party software packages that you install into your account are kept up-to-date. All plugins and themes you add to such an application also need to be updated regularly. Otherwise, your software may get hacked through a known security vulnerability that has already been fixed in the current version.

The administrative interfaces of your applications must be protected with strong passwords. It is a good idea to look for security tips specific to the software that you are using. You should be careful with the information sources though. For example, a badly written security plugin may actually make your application vulnerable.

Be sure that you have no leftover test or obsolete software installations still available over the web. An outdated package - such as an old version of WordPress - can easily let hackers into your account. Any software that you do not need should be removed or should have its access limited.

SAFEGUARDING YOUR COMPUTER

There are many reasons why you should pay attention to the security of your local devices. As far as our hosting service is concerned, you should know that the hackers are after your login credentials for your e-mail accounts, your FTP accounts, and any web-based interfaces you may be using with your hosting service. Below you can find some general tips on how to keep your devices secure. If you feel that you need to know more on security, you should do your own search for information that matches the level of your computer knowledge, and the devices and operating systems that you are using.

  • Always keep updated both your OS and the software that you run on your computer.
  • You need to always run an antivirus application with updated virus definitions, and your devices should be behind a firewall.
  • It is a good idea to disable any running services you do not need. In general, any software and service that you run is a  potential security risk, so it is a good practice not to run services you do not actually need. Also, some operating systems come with particular services enabled by default that are considered insecure by design or require special measures to have them secured.
  • You should avoid installing pirated software. Such applications may come infected with malware; serial key generators and similar tools may actually be trojans.
  • Malware is often distributed either as a file attachment or as a link that is being sent over the e-mail or some messenger service. Such messages may appear to be coming from people you know. This may be due to the fact that their own computers are already infected, and the malware is utilizing their system to distribute the messages to their contacts. If such a message appears suspicious to you, you should not open the attachment or click the link; you should rather check with the senders if they indeed sent the message to you intentionally.
  • When following links, you should pay attention to the URL in the address bar of your web browser. Fraudsters often upload fake login or product pages at URLs that are misspelled/altered variations of the real address you expected to visit, or at hacked sites whose domains have nothing to do with the service you actually expect to use.
  • It is important to be careful about the sources of both information and software you install. For example, it is usually a bad idea to install anti-malware software that was offered to you in a pop-up window while you browsed the Internet. Such a software may be of bad quality, or it may even be a trojan. You should do your own search on the software you are about to install and the reputation of its vendors.
  • If your computer triggers pop-ups with unexpected requests while you browse the web, for example asking you to give administrative permissions to a program that does not appear to be related to what you are doing at the moment, to install an additional application on your device, or to do something else that does not appear to be right at this time or is otherwise suspicious, you should always proceed with care. This may be a result of you visiting a malicious site or a legitimate site that has been hacked.

PROTECTING YOUR EMAIL FROM THE BAD GUYS:

Spammers use many different methods to obtain e-mail addresses to send unsolicited messages to. Bots crawl the web to collect e-mail addresses listed on websites. These bots are called harvesters. Hackers also obtain the addresses of the correspondents of their victims. They collect them from hacked mailboxes or infected machines. Some companies also sell people's personal data to spammers.

There are some things you can do to reduce the chance of your e-mail address ending up in the hands of spammers.
  • Avoid listing e-mail addresses directly on your web site. If you need to provide means of contact, it is recommended that you have a Contact Form instead.  Having a contact form will prevent spammers from obtaining your e-mail address. If you get too much spam that is being posted directly through the contact form, you may consider adding a CAPTCHA protection to it against bots
If you must list contact e-mail addresses on your web site, you should not list them in plain text. There are techniques you can use to make it harder for spammers to collect the addresses from the web site automatically. All of these methods have downsides, so you need to decide which one suits your needs best.

You can replace the @ symbol in the email address with the word "at", and the dot(s) with the word "dot", eventually surrounded by some characters, such as square brackets, for example, if your e-mail address is contact@example.com, you can write it this way:

contact [at] example [dot] com

Another similar method is to display the e-mail address as an image such as:

example image

You may also utilize a script that will scramble or encode the e-mail address. You can look for such a script online, or a professional can implement such a solution for your website.

Harvesters will need more resources to interpret an address displayed using the above methods, while the majority of your web visitors will easily understand the actual address. They may only experience the minor inconvenience that they will not be able to simply copy-paste your e-mail address directly, and there is a possibility of mistakes while entering it. You should note that no solution is perfect. If an e-mail address is visible to a human, it may be interpreted by a bot.
  • With Website/Email Hosting Services by Cole WebMarketing, there is no limit on the number of e-mail addresses we can create, and we can set up e-mail forwarding. This gives you the opportunity to use different e-mail addresses for different purposes: registrations, online forums, contact forms on youwebsitete, etc. If a forwarding e-mail address starts receiving too much spam, you can simply delete it. 
  • You must keep your devices free of malware, as hackers may steal your own e-mail address and the e-mail addresses of your contacts.  
  • You should never follow unsubscribe links in apparent spam messages or in messages sent from services you have not subscribed for. In almost all cases, these links are either invalid, or, even worse, they prove to the spammers that their message reached a real person who monitors the mailbox. This raises the value of your e-mail address on the illegal market where it will be again sold in bulk with others.
For the same reason, you should not respond to suspicious or spam mails, and you must not click any other links in them.
  • Do not list your main contact e-mail address in the WHOIS details of your domain name. Spammers target the listed contacts of domain names. You can list a forwarding e-mail address as contact. Over the time, it will be getting more and more spam. You should replace this address periodically.
Although there is much you can do to limit the exposure of your e-mail addresses to spammers, there are some things that you can hardly control.

Common addresses such as webmaster@example.com, info@example.com, contact@example.com, ceo@example.com, etc, are a default target of spammers. Such mailboxes exist at many domains, so spammers send messages to them blindly, presuming their possible existance. You should avoid having such mailboxes, unless it is necessary for your business.

Another way your address may end up with spammers is if a correspondent of yours gets infected with malware and their contacts are stolen. The same may happen with a company that has your e-mail address -- they may get hacked, and their user database may be obtained by spammers.

===============================================


If you have your website/email hosted by Cole WebMarketing
and would like to learn more,
or would be interested in switching to our hosting services,
please call us at 704-4456-9321.  


WannaCry Virus Locking Computers Worldwide + How To Protect Yourself



THIS IS NOT FAKE NEWS -- if you use a smartphone or any other computer connected to the internet, you should read this right now.

Originally posted 5-15-17 by a major US News organization - Condensed Here To Reduce Size:
A ''ransomware attack'' that began in Europe on May 13th is still hitting new targets. The WannaCry Virus has locked hundreds of thousands of computers all over the world. Infected users are confronted with a screen demanding payment to gain access again to their files!

The cyberattack has hit more than 300,000 computers, White House homeland security adviser Tom Bossert said at Monday's midday White House briefing.  
The WannaCry software — also known as WannaCrypt, Wana Decryptor or WCry - has been wildly successful at infecting and spreading and continues to grow.
STATUS UPDATE - May 15, 2017:
In the U.S., "the list of victims is very small," a Department of Homeland Security official tells NPR, noting that it's still relatively early in the attack
The victims, a US government official says, range widely in scope, from a few computers at companies and organizations to networks of many more. Cyber Security Agencies worldwide are now in a "sort of cat-and-mouse" competition with hackers, as variants of the software that foil previous solutions emerge, the official says.
While ransom payments for users' stolen data had been notably low, the Security Response blog notes that a bitcoin address linked to the hackers showed a "spike in payments" to the account that began at 8 a.m. Greenwich Mean Time on Monday.
WannaCry's Origins
The identity of whoever deployed the software remains unknown. "The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency," Microsoft President and Chief Legal Officer Brad Smith says. He says that when the NSA lost control of the software behind the cyberattack, it was like "the U.S. military having some of its Tomahawk missiles stolen."
Theft of the software was reported in April 2017, when it was published by the Shadow Brokers, a group that has been linked to Russia. In March 2017, Microsoft had released a patch targeting the vulnerability. But the success of the attack shows that not enough people took advantage of the patch.
"This was not a tool developed by the NSA to hold ransom data," homeland security adviser Bossert said at Monday's White House briefing. He said the software attacking a vulnerability had been incorporated with other software and delivered in a way to cause "infection, encryption and locking."
THE FIX
Windows users should update their software to avoid the ransomware, security experts say.  In addition to Microsoft's Security Bulletin MS17-010 that patched the vulnerability in March, the company also issued a separate patch on Friday for users of older and unsupported operating systems such as Windows XP.  
RELATED ADVICE ON HOW TO PROTECT YOURSELF:
  1. Back up your computer and store the safety version in the cloud or on a drive that is not connected to your computer.
  2. Use robust antivirus software.
  3. Keep all the software on your computer up-to-date. Enable automatic updates.
  4. Never open attachments in emails from someone you don't know. And remember that any account can be compromised.
  5. Enable the "Show file extensions" option in the Windows settings on your computer. This will make it much easier to spot potentially malicious files. Stay away from file extensions like ".exe," ".vbs" and ".scr."
  6. If you find a problem, disconnect your machine immediately from the Internet or other network connections (such as home Wi-Fi).
The information above courtesy of National Public Radio