Don’t open unsolicited email attachments without checking them first!
Ransomware is on the increase and shows no signs of abating. And as Trend Micro detail here, the criminals involved are getting more creative in their money making approaches:
At the tail end of 2016, ransomware operators were still hard at work. Distributors probed targets with new spam campaigns, while others experimented with unorthodox business strategies that involved selling ransomware products with “features” and add-ons that were marketed and sold separately. Operators also played around with alternative payment options that involved their victims in distribution. And, we saw malware authors fine-tuning their tools while again misusing ‘educational’ open-source ransomware.
One of the more interesting developments from these two weeks was a unique payment scheme pioneered by the creators of the new malware Popcorn Time (detected by Trend Micro as RANSOM_POPCORNTYM.A), which has no relation to the multi-platform media service of the same name. Aside from accepting payments in Bitcoin, the creators also provided an alternative payment option: pass on a malicious URL provided by the operators and try to infect others with the ransomware. If two of the ‘referred’ victims pay up, a decryptor tool is given for free.
More from this story – http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-recap-dec-5-to-dec-16-2016]]>
What’s most worrying about this one, is that so many people have had a Yahoo account at some point – whether you have used Flickr, Yahoo Messenger or just their email services.
The important thing is: Have you used the same username or email address and password combination anywhere else? If you have then you need to be changing your password at those sites asap.
Password re-use is a highly risky strategy. Once your password has been discovered and tied to you, it will be tried everywhere. The always amusing XKCD even has a strip on it here https://xkcd.com/792/
Using a password manager, which will generate secure passwords for you as well, is a good start and LastPass is a good one. Obviously it’s important that your master password is a strong one!]]>
Criminal gangs are now able to buy ransomware packages “off the shelf” and then deploy it themselves, passing on a percentage of their ill-gotten gains to the developer.
Once your systems are encrypted, a backup is your only hope. There are a number of attack mitigation strategies, but for the smaller business the expense and inconvenience of implementation is often too high. A low – or even zero cost – option is CryptoPrevent. This uses Group Policy to try to prevent the software from installing in the first place.
The folk over at Bleeping Computer report on ransomware called 7ev3n which demands 13 bitcoins (around £3500) to give you access to the files it has encrypted. So far it appears to not be too widespread, but give it time…
Once again, the advice is the same – don’t open attachments you aren’t 100% sure of and make sure you have a backup!
So why, after all this time do viruses still arrive in your inbox, hidden in attachments, ready to do harm to your system? Why are the criminals still using the same methods as they were at the turn of the century?
Because they work. Curiosity didn’t just kill the cat, it also encrypted all your files, stole your bank details, and hacked into your social media.
Over and over, employees and the public are warned to be wary of unsolicited attachments. Yet, day after day, millions of these emails are sent out, because someone will *always* open them.
Don’t be that someone.
Spam filters are by their very nature, reactive. They can only work based on a set of algorithms derived from historic emails. So, if it’s a new pattern that doesn’t match the algorithm it finds its way into your inbox.
Only one filtering system remains at that point – you.]]>
Is that a creepy, some might say, horrifying thought?
Well, you’ve no need to imagine it, because that’s exactly what the latest legislation – the IP Bill – will enable. Except the man with the notepad doesn’t need to follow you around, he can do it all from his desk at the local council office. Or the HMRC office. Or Whitehall. Or the local Police Station.
Are you really comfortable with that level of intrusion?
When RIPA (an early predecessor of this legislation) was introduced, the same arguments were trotted out:
There have been approximately 60 deaths on UK soil since September 2001, due to terrorism. In that time, 14 years, the death toll from Cancer in the UK alone is approximately 2.1 million people.
Even if you think this tiny “threat” to your life is worth the massive every day intrusion into it, is it really money well spent?]]>
The pole damage was reported to OpenReach at 7:45am and an engineer arrived around 10am to check out the damage. He took all the details and went away again.
On Monday 19th October I rang to chase, as nothing had been done. Without the original reference number, nobody can search their system for a status update. Only the ref number is searchable – not postcode, street name, nothing else! So a new reference was raised and later that day another BT engineer appears. It transpires there was no record of the pole being reported on the previous Thursday, so nothing had so far been actioned. This is a common occurrence I am informed.
On Tuesday morning a helpful woman at OpenReach informs me a pole team will be out to replace it that day.
On Tuesday afternoon, a man at OpenReach informs me nothing has happened as the earlier call was closed and it will likely be another week before anything happens!
On Wednesday a BT chap came out and “surveyed” the pole. (So, that’s three visits so far to just look at a pole).
Today (Thursday), I called OpenReach for an update – twice.
The first call – the woman said she couldn’t tell me anything I would have to call my phone provider and then hung up on me.
The second call – a chap said he would see what he could find out and ring me back. No call 90 minutes later.
So far, still no word of when it might be fixed.
UPDATE: One week later, the pole was stood back up and cables reconnected. With no update or feedback from BT at all I might add. There appears to be an intermittent HR (high resistance) on the line. Did you know it’s now nigh on impossible to resolve an intermittent fault?
This is how a telecoms company with a monopoly operates.]]>
Please find attached an invoice that is now due for payment.
Lyn Whitehead (10688)
Business Support Department – Headquarters
The attachment is a .doc Word document with a macro which, if opened, apparently tries to download Dridex. This in turn tries to steal bank login information.
You should delete this email and not open the attachment.
Some more technical information on Dridex is here:
This isn’t altogether surprising and there are a number of factors at play. The biggest of these, and the one that affects all customers of broadband that uses the BT telephone line (regardless of your actual ISP) is your physical distance from the exchange or street cabinet.
The length of copper wire between your home or business and the exchange (for ADSL) or the street cabinet (for FTTC – Fibre To The Cabinet) directly impacts your speed. The further you are away, the higher the signal loss, the lower your speed. Of course, if you’re on an old circuit with poor connections (bad kroning by engineers, dry joints etc), then things get even worse.
The problem is confounded by the fact that BT don’t cable cabinets in an obvious manner. As an example, here at MultiTask Computing, we have just had FTTC installed to a brand new cabinet. We are so close to the exchange that previously we were directly cabled to it, not using a cabinet at all. The new cabinet is less than 100 meters from our door so you might expect we would attain the maximum 80Mb sync speed available from the service. So did we. However, as is often the case with BT, things aren’t that simple. Rather than wire properties directly to the shiny new cabinet as you might think, the new cabinet is tied it to another cabinet (the PCP) in the opposite direction, then to a DP (Distribution Point) and then finally all the way back to here. Thanks to this hugely increased run of copper wires, the sync speed is just 40Mb – *half* of what it should be.
In our case, ESCC have paid a staggering £34m to BT for the rural parts of the county to be upgraded to FTTC, and yet due to the distances involved, many properties will still get far less than they imagine they might. If BT had installed a combined PCP/FTTC cabinet for properties so close to the exchange, then speeds could be greatly improved. But I guess that costs money…
This is an article from 2010, which gives a good indication of where we are http://www.computerweekly.com/opinion/Why-FTTC-isnt-enough-and-how-the-UK-might-do-more
It’s a shame that when BT were privatised, this key part of the nation’s infrastructure was left in the hands of a single company with no effective competition. Fundamentally, that is the problem.
Ofcom is today outlining three measures to help consumers. First, Ofcom has secured a strengthened Code of Practice on broadband speeds with the UK’s largest providers: BT, EE, KC in Hull, Plusnet, Sky, TalkTalk and Virgin Media. The new version of the Code improves consumers’ right to leave their broadband contract when speeds fall below acceptable levels. New customers signing up will be able to walk away from providers during the whole term of the contract, not just the first three months, if they suffer problems that cannot be resolved.
Second, Ofcom will next month outline plans to make it easier for mobile phone customers to change provider.
Third, Ofcom is improving the process for millions of customers changing broadband and landline provider.
From 20 June, it will be much simpler and smoother to change between landline and broadband providers who use the Openreach network – such as BT, EE, Sky and TalkTalk. A new ‘one touch’ process will place the responsibility for the switch in the hands of the company the customer is moving to. Ms White will say: “This will make a real difference for consumers and will encourage more people to take full advantage of competition in the sector. “Once this is in place we will next month turn our attention to improving consumer switching between mobile networks.” Ms White will conclude: “We have set the bar high for ourselves but also for industry. If we deliver then everyone benefits: consumers and citizens of the country and the businesses who deliver the services we regulate.” Ms White will be speaking at a conference hosted by consumer organisation Which? on 11 June. A copy of the speech is published on the ofcom website.
Whether this will work in practice is anyone’s guess – the big ISP’s have a habit of obfuscation when it comes to reporting problems. How do you prove your speeds are poor when the provider claims they aren’t? Here is the Consumer Guide to the Code of Practice from Ofcom.
If you want to check your speed and you’re on a copper circuit (provided by BT), then the only official tester is BT’s own at http://diagnostics.bt.com/login/?workflow=Speed – you will need to be using a wired connection to eliminate any wireless router of course. If you only own an iPad, I have no clue how you’re supposed to get past the dreaded BT “help” people. If you do, I’d love to know.]]>