Category: Security

Final Word on Windows 7

Final Word on Windows 7

You are probably aware that Microsoft ended support for Windows 7 on January 14th of this year (2020). On January 14th, Microsoft released the last batch of security updates for Windows 7. Going forward, there will be no more security updates to Windows 7. New security vulnerabilities are discovered in Windows every week. Those newly discovered security vulnerabilities will no longer be fixed in Windows 7. Only Windows 8 and Windows 10 will continue to have these fixed. Windows 8 will stop receiving security updates after January in 2023 for the few of you who have Windows 8.

If you still have a computer with Windows 7 on it, you should consider either upgrading to Windows 10 or replacing the computer. There are some situations, usually in business environments, where older software or hardware won’t work on Windows 10 and they must keep Windows 7, at least for now. But for most of us, upgrading or replacing is not only a good thing to do, it’s something we really must do.

You may be thinking, “Since I have good, unexpired, up-to-date security software, I should be OK, right?” Actually, no. Computer security software works like the flu shot. It protects you against known strains of the flu, but not all strains of the flu are known. And since there are always new ones being discovered every day, you can’t rely solely on that. Using Windows 7 on the internet after end of support even with good security software is a risky thing to do.

In Summary, if you have a Windows 7 computer, you should upgrade or replace it as soon as possible. Whether or not your computer can be upgraded depends on the computer. We can take a look at it and tell you. You may be wondering how much it costs to upgrade to Windows 10. Upgrading from Windows 7 or 8 to Windows 10 is free if you have a valid license for Windows 7 or 8 to upgrade from. If we do the upgrade for you remotely, the cost is generally $80, give or take $40 depending on your computer. If a remote upgrade is not possible, then the cost will be $105 – $150.

Microsoft to Nag Windows 7 Users to Upgrade

Microsoft to Nag Windows 7 Users to Upgrade

We’ve told you here in our newsletter that Microsoft will stop supporting Windows 7 on January 14, 2020. We’ve recommended that those of you still running Windows 7 upgrade or replace by the end of the year (don’t wait until the last minute). Now, Microsoft will be nagging you too.

If you still have Windows 7 and haven’t already, you will soon be seeing a message pop up on your computer from Microsoft telling you about the end of support for Windows 7.

What does end of support really mean? Microsoft hasn’t added any new features to Windows 7 since January 2015. It’s currently in extended support which means they only release security updates for it. And they do that every month. Why? To keep your computer as safe as possible from threats. After January 14th, 2020, Microsoft will no longer release any security updates for Windows 7. From that point forward, your computer will be more and more vulnerable to attack.

You are probably wondering if you should upgrade your computer to Windows 10 or replace your computer. The answer to that question will be different for everyone depending on their computer. If you have this question, let us know, we can take a quick look at your computer and give you our recommendation.

You may also be wondering how much upgrading to Windows 10 costs. If you have a valid license for Windows 7, the cost of a Windows 10 upgrade is free. However, the process of upgrading is not for the average person, so you will probably need us to do it for you. If we can do it remotely, the labor cost would be $80 give or take $40 depending on any issues that may arise.

However, if you have an older computer, this would be an excellent time to upgrade to an SSD and breath new life into your older computer. For that, we would have to do the work on your computer in our office. Contact us for a quote.

How to Spot  a Fake Email

How to Spot a Fake Email

You get an email from your bank or some other company you do business with. But you aren’t sure if the email is really from that company or if it’s fake. The name of this type of email is a Phish email. It can be hard to tell because the fake emails are often pretty good forgery’s.

So, in this article, we are going to try and educate you on how to tell if an email is fake or legit.

Here are some general rules to follow:

  • If there are a lot of spelling and/or grammatical errors in the email, it may be fake.
  • Does the email make sense? If not, it may be fake.
  • Does the email address you by name or is it generic? If it’s generic or addresses you by a name that you don’t use with that company, it may be fake.
  • Is the content of the email generic or specific. Generic emails may be fake.

In general, if you aren’t sure, assume it’s fake and don’t click on any links in the email or open any attachments. Go to the company’s real website manually they way you normally would instead of clicking on a possibly dangerous link in an email. Or call the company to see if it’s legit.

Now look at the example fake email below.

Look at the top where the yellow circle is. It’s says it’s from UPS View. But look at the email address. It’s not an email address on ups.com. In fact, it’s not even from this country. The fact that the email address ends in .ve says its’ from Venezuela. Red flag #1.

Notice how the email gives no name or address. It’s not specific. It’s general. Red flag #2.

It lists a shipment number which doesn’t make sense in this country because we call them tracking numbers. That’s red flag #3.

See how the shipping number is blue? That’ means it’s a link that I can click on. If I hold the mouse pointer over it, being careful not to accidentally click, then at the bottom of the email in the status line (yellow arrow is pointing to this) it shows where the link goes. Notice that the link does not go to ups.com. It goes to tdcind.com. Red flag #4.

How many red flags mean it’s a fake email? For me, it’s 1. My rule of thumb is that you should be suspicious of every email. Even if the email appears to be from someone you know. Even family. If there is even one red flag or if you just have a bad feeling, then assume the email is fake.

Internet Explorer Not Safe

Internet Explorer Not Safe

In the last 4 years, we have been recommending that use of Internet Explorer (IE) be avoided for many reasons.
Those reasons included the fact that IE is slow and not as safe as other browsers. Since the release of Windows 10 in 2015, Microsoft has been phasing IE out and phasing Edge in. Microsoft Edge is their replacement for Internet Explorer.

It has now come to the point where the avoidance of IE is no longer a simple recommendation. It is an urgent recommendation now. We urgently recommend that you do not use Internet Explorer. The primary reason for the change in the urgency of this recommendation is that Internet Explorer is even less safe to use than it was because it has not kept up with changing technology. Microsoft hasn’t been releasing any security updates for IE for some time. In addition, more and more websites simply won’t work with IE. And it’s still slow.

What browser should you be using? There are more than 50 web browsers floating around the Internet. Many of them are very good. You can even get Apple’s Safari web browser on your Windows computer. However, our recommendation for web browser has not changed in years. We still recommend using either Google Chrome or Mozilla Firefox. That goes for both  Windows and Mac computers.

By the way, if you are using a Mac, you know that Internet Explorer was never an option for you as it was Windows only.

When Internet Explorer’s replacement, Microsoft Edge, was first released along with the first release of Windows 10, it had a lot of problems and was missing a lot of features. Over the past 3 years, Microsoft has improved it and added many of the missing features. While we don’t recommend Microsoft Edge, it’s pretty good now and if you use it and like it, you should continue using it.

The icon for Internet Explorer was a light blue lowercase ‘e’ with a golden halo around it.
Microsoft made the icon for Microsoft Edge very similar to Internet Explorer’s icon. It’s a darker lowercase ‘e’ but the ‘e’ has a little break in it. We’ve included the two icons here so you can compare them. Because the two icons are so similar, many people think they are using a newer version of Internet Explorer when, in fact, they are using Edge.

As always, be careful downloading programs from the internet. You can end up getting a fake program that is really a virus. Below are safe places to download Firefox and Chrome.

Firefox:                http://www.getfirefox.com

Chrome:              http://www.google.com/chrome

To the right are the icons for Chrome and Firefox. Chrome’s icon looks like a multicolored doughnut with a blue center. Firefox’s icon looks like a fox wrapped around the world.

You don’t have to choose one browser. You can have many browsers installed on your computer and you can even use them at the same time. In fact, it can be helpful to have both. When a website is created, it is often only tested with one browser and may not work with other browsers. So if a website doesn’t work right with one browser, you can try another one. Not including Edge or Internet Explorer, which come with Windows 10, I personally have 4 browsers installed on my computer and I use all of them for different purposes every day. Most people don’t need that many though. In case you are wondering, the other 2 browsers I use heavily that I didn’t mention in this article are Vivaldi (https://www.vivaldi.com) and Opera (https://www.opera.com).

One of the great things about these browsers is all of the add-on;s available. However, one of the worst things about these browsers is all of the bad add-on’s available for them. Browser add-on’s can enhance security, add features, and make your browsing experience much better and safer. However, there are a lot of malicious add-on’s and there are a lot of add-on’s that are poorly written and end up messing up your browser.

Some security related browser extensions we recommend are:

  • Bitdefender TrafficLight
  • uBlock Origin
  • Ghostery

These are available for both Chrome and Firefox (and many others). You don’t need all three. We recommend that you either use a combination of Bitdefender TrafficLight and uBlock Origin, or use Ghostery. We aren’t recommending one over the other. If you don’t want to fool with an ad blocker (they can cause issues), then just install Bitdefender TrafficLight. There are many other useful extensions. These are just the security related ones that we recommend. Note: Don’t go crazy with extensions as each one takes system resources and if you have too many it can slow down your computer.

While we are on the subject of web browsers, let’s touch on smart phones and tablets. These browsers, and many others, are available on your mobile devices as well. Like Windows, you don’t have to use the web browser that came with your device. Android devices usually come with Chrome as the default while Apple devices come with Safari.

As usual, let us know if you have any questions or need help with any of this, or anything else on your computer.

Passwords…Again

Passwords…Again

Passwords…Again

I know we keep writing articles about passwords, but it’s because they are so important. And we have some new and interesting information for you.

Having a good password is important. Many people set a password and say, “Nobody will guess that password.”. However, the truth is, most of the time a password is cracked, not guessed. Password cracking programs use many different methods to try and crack a password. That’s why having a strong password is so important.

What are most likely ways a hacker can get your password?

  1. They hack into a vendor’s system and steal all of their customers passwords. There’s not much you can do about this other than keep an eye on your account and on the news and change your passwords every so often.
  2. Malware, phishing emails, or fake websites trick you into telling them your password. To avoid this, make sure you have good security on your computer, be careful what you open and where you click, and keep tabs on your accounts.
  3. They use a password cracking program to figure out your password.
    Have a strong password to prevent this. Use a different password for each account.

As you know, there have been a lot of hacks in the last few years and a lot of passwords were stolen. Wpengine.com recently analyzed a large set of Gmail accounts and their passwords that had been stolen and posted online. The results of their analysis were very interesting. You can read their full article by going to http://www.wpengine.com/unmasked.

The first thing I found interesting were the 50 most common passwords used.
The most common ones were numbers from 1234 to 123456789. The word “password” was the second most common password. Not surprising at all. Other common passwords in the top ten were qwerty, 111111, and dragon. I didn’t expect dragon, but the other two were no surprise.

The most common passwords on the list in positions 11 to 50 that were no surprise to me were 123123, abc123, letmein, 666666, 123321, and 7777777. I have encountered customers with all of these passwords.

If you use any of the passwords on that list, you might want to change your password.

As you know, most services require you to include a number in your password. Wpengine.com’s analysis revealed that the vast majority of people just add the number 1 to the end of their password. The number 2 was a distant second.

The average length of all the passwords was eight. The vast majority of passwords were between 6 and 10 characters long. As you know, the longer your password is, the harder it is to crack.

Something you might have noticed in the most common passwords list is that first names are commonly used as passwords. The article also lists the most common words used in passwords. They categorized them too. Categories included nouns, verbs, colors, animals, fruits, I Love, My…, superheroes, first names, and days of the week.

There are several lessons that can be learned from that article.

  1. Don’t use common or obvious passwords.
  2. Don’t use words and names in your password.
    1. If it’s in the dictionary, don’t use it in your password.
    2. Don’t use proper names like names of your family members, pets, etc.
  3. Don’t put the number 1 on the end of your password.
    In fact, use several numbers throughout your password.
  4. Don’t just use capital letters at the beginning of passwords.
    Use them throughout.

Do you know who takes note of these types of lessons? Hackers. That’s right. They are going to use these lessons to try and hack into accounts and they will be successful. They could hack into your account if you don’t have a strong password.

For more information on creating a strong password, click here read this article on our website.

Meldown & Spectre CPU Vulnerabilities

Meldown & Spectre CPU Vulnerabilities

You may have heard on the news about vulnerabilities in Intel, ARM (Apple), and AMD processors that lets a hacker access your system. You may not be aware that CPU makers knew about this problem for 7 months before someone discovered it and told the world. But I digress. Here’s what you need to know

This affects any computer (desktop, AIO, laptop), tablet or phone that has an Intel, AMD, or ARM processor in it. That’s pretty much all computers, many tablets, and many phones.

We don’t have all of the answers yet since it’s a developing situation. But based on what we know right now, here’s what you should know and what you should do.

This is a hardware issue. But CPU manufacturers won’t be replacing the CPU’s in everyone’s devices. What they are doing is releasing updates to the operating systems (Windows, MacOS, IOS, Android, Linux, etc.) to help plug the security hole in the CPU. If you heard these fixes can slow down your computer, that’s true. But it’s not a massive performance hit on most computers.

If your computer or tablet is running Windows 7, Windows 8 (or 8.1), or Windows 10, keep running Windows Update over and over and apply all of the important updates (don’t worry about optional updates) until there are no more updates to install.

If you are running Windows XP or Windows Vista, they won’t be updated with the security fix and we highly recommend that you replace these computers with new ones.

For Macs, make sure you are running the High Sierra version of MacOS and that you have all of the latest updates. If you have an older Mac that won’t update to High Sierra, consider replacing it with a newer model. To update your Mac, click on the App Store and go into the updates tab.

For IOS devices (iPhones, iPads), make sure you update these to IOS 11. Again, if you have an older device that won’t update to IOS 11, consider replacing it with a newer device. To update your IOS device, make sure your device is connected to Wi-Fi and plugged into a charger. Go to settings, General, Software update. You can also update by connecting your device to your computer and updating through iTunes.

For Android devices (phones and tablets), go into settings, about phone and it should tell you what kind of processor you have. If it says intel, AMD, or ARM, then you’ll want to update to the latest version of Android, is possible. If it doesn’t have Intel, AMD, or ARM, then your safe.

Probably none of you have a ChromeBook, but if you do, it needs to be updated as well.

So, once you get Windows/MacOS/IOS/Android/whatever updated, what else do you need to do? Nothing except all of the standard security precautions we recommend. Check out this article on our website that tells you what we recommend to keep your computer safe.

http://www.ct-cp.com/?p=567

Note, if your computer is covered under our SAM plan, then we have you covered and you don’t have to worry about your computers.

As always, if you have questions or need help with your computers, don’t hesitate to contact us.

Security Software Roundup

Security Software Roundup

(Updated December 19, 2018)

This is a roundup of security software packages. For the purposes of this article, we are focusing on consumer versions targeted at residential customers and small businesses that do not have a server. We will cover business oriented security products in a separate article.

After reading this article, see what security software you have and where it falls on the list. You may also want to forward this to your friends and family so they can see where their security software falls on the list.

We evaluate based on our own tests, personal experience, customer’s experience, and reviews by other credible sources. The criteria used to evaluate these products includes:

  1. Automation. We want to set it and forget it. It should automatically update, automatically scan, and automatically clean. It should not be popping up asking us if we want to allow something or not.
  2. Configuration. Can we configure it the way we want to?
  3. User interface. Does it make sense or is it confusing?
  4. How well it prevent infections
  5. How well it removes infections
  6. Annoyance factor. We don’t want any pop-up ads. We don’t want it to constantly talk to us or ask us a lot of questions. We don’t want it to block us from doing what we need to do, as long as what we are trying to do does not infect our computer.
  7. Performance. Does it slow down our computer?
  8. Price. Is the price reasonable?

No security software gets a perfect score because none of them can completely protect your computer. Thousands of new infections come out every day. They just can’t keep up. But the better the protection, the less likely your computer is to become infected. But you don’t want to go too far and make it harder to use your computer. Computer security is a balancing act.

When you purchase security software, they usually come in different editions. You can generally get a full security suite or just the more basic protection. Most people don’t need the full security suite. It adds a lot of features you don’t need and slows your computer down even more. We generally prefer the more basic packages with a few free utilities added in for extra protection.

We have organized this list of Security software into 3 categories. Not recommended, Neutral, Free, and Recommended. In addition to these three categories of software, we are also including a section of free security add-ons that you will want to check out to help keep your computer safe from infections.

So without further Ado, here is the list!

Not Recommended

We don’t recommend using these products. If you have one of these products on your computer, we urge you switch to one of our recommended products as soon as possible.

  • Avira
    There’s a free version, a premium version for $30, an Internet Security version fo $60, and an Internet Security Plus version for $80. Doesn’t provide very good protection and tends to slow your computer down more than other products.
  • Comodo
    Comodo makes several different security products. We like their firewall, although most people don’t need a software firewall since Windows has one built-in and your router does too. Their other security products provide good protection, but they are way too intrusive. The only product that we might recommend is their free Cloud Antivirus. However, for it to be useful, you have to disable the sandbox feature, the widget, and they web protection.
  • Kaspersky
    Provides good protection. The biggest problem with it is that it’s way too expensive. You can often find Kaspersky on sale on their websites and in stores, but even their sale prices are higher than most others normal prices.
  • McAfee
    There was a time, long ago, when McAfee was our favorite. But somewhere along the line it changed. Of the infected computers we find, of those that had any kind of protection, more than half had McAfee. It fails to protect.
  • Panda Internet Security (Paid version only)
    The paid version provides good protection but too intrusive and annoying. Slow performance too.
  • PC Tools Spyware Doctor w/Antivirus
    Intrusive. Not very good protection.
  • Trend Micro Internet Security
    Slows your computer way down. Too intrusive. Not very good protection.
  • Spybot Search and Destroy
    Spybot used to be free for home use. There was a time when we recommended Spybot Search and Destroy, but times have changed. This product has not kept up with the times. It only provides mediocre protection with an antiquated user interface.
  • Ad-Aware
    The story for Ad-Aware is similar to Spybot Search and Destroy. There was a time when we recommended it, but not anymore. Although Ad-Aware’s user interface is much better than Spybot’s, like Spybot, it only provides mediocre protection.
  • Webroot SecureAnywhere
    It provides pretty good protection, but not quite as good as our recommended products. It tends to slow your computer down more than other products.
  • Windows Defender
    Windows Defender is the security software built-in to all versions of Windows starting with Windows 8. On it’s own, it does not provide adequate protection.

Neutral Products

These products offer pretty good protection, but have some issues. If you have one of these products, then you probably don’t need to switch right away but we recommend you switch when your current subscription expires.

  • Bit Defender
    Bit Defender provides very good protection, but unfortunately, it’s a little heavy on resources and tends to slow your computer down.
  • AVG (Free and paid editions)
    Provides good protection if you change the settings to be more aggressive. You’ll need to change the advanced settings after install it to tell it to provide better protection. When major revisions of AVG come out, the free version won’t automatically update to it. You will have to manually download and upgrade. The free version of AVG is very intrusive. Pop’s up ads frequently. Also tries to trick you into getting paid version by converting free version to trial version.  Then the trial runs out and wants you to renew, even though you never bought it in the first place.
  • SuperAntiSpyware
    The interface is kind of clunky and is lacking some minor features. But although it’s not fancy, it does an excellent job of protecting against and cleaning up spyware. But not viruses. That’s why it should be used in conjunction with another security product. Most security products protect against both viruses and spyware. So there’s really no reason to have this additional product. The one thing this product is good for is removing spyware from an infected computer. But you can use their free version for that. No need to pay $30. The free version should not be your primary protection since it does not provide active protection and does not protect you from viruses.
  • Norton
    There was a time when Norton was at the bottom of our list because it was too restrictive and slowed your computer WAY DOWN. But Symantec has really made strides in improving it and they have done a good job. However, we still see a lot of infected computers come in that had Norton on them. I guess the hackers have figured out how to get around it. Since Norton is the best selling security product, it makes sense that the hackers would go after it.
  • Panda Cloud Antivirus Free Edition
    Good protection for the casual, non-adventurous user. There is a pro version that costs $30, but don’t bother. The nice thing about this one is that it is so easy to use. Basically, you don’t have to do anything. This is nice most of the time, but if it blocks something it shouldn’t, then telling it to not block it can be a pain. It’s pop-ups are really annoying.

Recommended Free Products

In recent years, some free antivirus products have really improved. So much so that they are probably fine for most home users who aren’t too adventurous on the Internet.

Here are our favorite free products:

  • Avast Free Edition
    Good protection. Requires that you register your email address and receive a license. It talks to you telling you that Avast has been updated. Some people find that annoying. Note that there is a free version for businesses too.

Recommended Products (Paid)

Although not perfect, these products are the best available in our experience. These are the products we use on our systems. these are the products we recommend to all of our friends, family, and customers.They are in order starting with our highest recommendation

  • Cyber Tek Computer Pros Security And Maintenance (SAM) Plan
    Our SAM plan offers the ultimate protection plus a lot more including free infection removal if your computer does become infected. Click here for more information our this service plan.
  • MalwareBytes
    MalwareBytes provides very good protection.
  • Vipre
    For many years Vipre was our number one recommended security product. We still recommend it because it provides very good protection without slowing your computer down. However, in 2018 they DRASTICALLY raised their prices making it less of a value.
  • ESET
    Provides very good protection without slowing down your computer a lot. The interface is OK.

Free Add On Products

Whether you use a free security product or a paid one, we recommend that you use these two free add-on security products.

  • uBlock
    Some security software includes ad blocking functionality, but most don’t. None of our recommended security products include it. We recommend blocking ads because many infections get on computers through third party web banner advertisements. But never fear, you can get free ad blocking software for your browser as long as you don’t use Internet Explorer or Edge. We recommend you use Google Chrome or Firefox as  your browser and install the uBlock add-on.
  • BitDefender TrafficLight
    This add-on isn’t available for Internet Explorer or Edge. It helps keep you from going to an infected website. Again, we recommend Google Chrome or Firefox with this add-on installed.

Computer security is a balancing act. Not enough security and your computer can easily become infected. Too much, and your computer can become slow and hardly usable.

The bottom line is that we recommend you use one of our recommended products (free or paid) and then add on ad blocking and website rating software.

How to Create a Good Password

How to Create a Good Password

With all of the hacking going on these days, it’s important to have good complex passwords on your important accounts. Important accounts include email, online retailers, banks and other financial institutions, etc.

When you create a password you want it to be something that nobody could guess, but you also want it to be something that a password cracking program cannot easily crack. Cracking is using sophisticated software to figure out someone’s password.

With that in mind, your password should NOT include any of the following:

  • Personal data; Your name or initials or the name or initials of your spouse, kids, grand kids, other relatives, pets, date of birth, year of birth, phone number, street number, street name.
  • Avoid using any words that are in the dictionary.

You may be wondering why you shouldn’t use any words you might find in the dictionary. That’s because of the password cracking software out there.

The experts say you should pick a password that you can remember and not to write it down. However, this contradicts the rule about not using any words in the dictionary. If you don’t use words, it’s hard to remember. Also, you have to have a different password for each account. That too makes it impossible not to write them down. There’s no way you could remember all of those passwords and which account they go to.

The truth is, if you get hacked, it’s probably not going to be by someone who is physically at your computer and finds your password list. So do write it down. Don’t leave it in plain site though. In fact, you should hide it. Keep in mind that if someone broke into your house and took your computer and other things, they shouldn’t easily find your password list when they take those things.

Different websites have different password restrictions. Some have a minimum length of 6 while others it’s 8. Some allow symbols, some allow no symbols, some allow only certain symbols. A good website will tell you the password restrictions when you are prompted to create a password.

When you need a new password, use the following rules:

  1. Your password should be at least 8 characters long. The longer the better.
    But not so long that it takes 5 minutes to type it in.
  2. Should contain at least 2 uppercase letters.
  3. Should contain at least 2 lowercase letters.
  4. Should contain at least 2 numbers. Preferably not next to each other. And not at the end of the password.
  5. Should contain at least one symbol if allowed.

I good trick is to think of a phrase and use the first letter of each word in the phrase or a lyric from a song.
The first thing I thought of was: “You can’t always get what you want.”. In case you don’t recognize that, it’s a song by The Rolling Stones.
If we take the first letter of each word we get: ycagwyw
Now we need to modify that to make it a good password.
First, we see that it’s kind of short. What I like to do is put the phrase in there twice. The first time in all caps, the second time in lowercase letters.
So in this exaple, we would end up with: YCAGWYWycagwyw
Now we need to throw some numbers in there: YCAGWYW489ycagwyw
Now we need to throw a symbol in there (if the system allows it): YCAGWYW=489%ycagwyw

Now that’s a good password.

Another good trick is to deliberately misspell words.
Let’s take the word: computer
If we misspell it, add uppercase letters, a number, and a symbol: k0Mp@t3r

You get the idea.

If you don’t want to go through all of that to figure out passwords, there’s an easier way. A password generator. The one I use is https://www.roboform.com/password-generator. When you go to that website, you can specify how long the password should be, what types of characters should be in it, etc. Click the generate new button and viola. There’s a good password.

Once you have a good password, don’t use it for all of your accounts. If you do, when one account get’s hacked, they all get hacked. Use different passwords for each account. This rule makes it impossible for you to remember which password goes with which account. You simply have to make a note of them somewhere. Most people have a notebook, Rolodex, or some place where they write them down. Others make a Word document or Spreadsheet on their computer and have them there. Each has pros and cons. A written down list of password on paper is safe from hackers, but can be access by friends and other visitors, or it can be stolen by a thief. A digital list of passwords (document or spreadsheet) is vulnerable to hackers but there are things you can do to make them safer. Another good way to note all of your passwords is to use a password manager although some of them have been hacked too. With a password manager, you only have to remember one master password and the password manager fills in the correct password for the account in question. LastPass is the most popular one, but it has been hacked before. I’ve been using RoboForm for many years. I can find no evidence that RoboForm has ever been hacked. The problem with RoboForm is that it’s not quite as easy to use as LastPass.

For your average residential user, a paper written list is probably best. Keep it hidden out of view.
If you are keeping your passwords in digital form, it is possible to password protect a Word document or Excel Spreadsheet. It’s not great security, but it’s better than nothing. If you keep your passwords in one of those forms, add a good password to the document so that when it’s opened you have to provide the password to read the contents.
Try a free trial of a password manager and see how you like it. They don’t cost much if you end up subscribing.

How to Encrypt Your Email

How to Encrypt Your Email

In past newsletters, we have told you how email is not a secure form of communication. As an email travels from one sever to another, it can be intercepted and read by programs (called bots) that harvest information from email. We told you to never send sensitive or important information of any kind through email. We have been asked several times if there’s a way to set up secure email. The answer was always, yes, but it’s not easy and it probably doesn’t work like you think it would.

Recently, however, we have been testing a Firefox add-on called “Encrypted  Communication”. This add-on is limited in what it will work with and there are still extra steps you have to go through. But using this add-on, you can indeed send an encrypted email.

First, you need Firefox (http://www.getfirefox.com) and you have to install the “Encrypted Communications” add-on(https://addons.mozilla.org/en-US/firefox/addon/encrypted-communication/).  Next, you must be using webmail. You can’t be using Windows 10 Mail, Thunderbird, Windows Live Mail, Outlook, or anything like that. You must be using the webmail interface to your email, which all email has. To access your webmail, open Firefox. In the top address bar (not the search bar) enter the address for your webmail. Here is a very partial list of the most popular ones.

If your email address ends with Go to
Gmail.com http://www.gmail.com
Yahoo.com, att.net, sbcglobal.net, prodigy.net http://mail.yahoo.com
Austin.rr.com http://mail.twc.com
Hotmail.com, outlook.com, msn.com, live.com http://www.outlook.com
AOL http://mail.aol.com

Once you have Firefox and Encrypted Communications all set up, use Firefox to access your webmail. Compose a new email. When you are ready to send, right-click anywhere in the body of the message and choose Encrypt Communication. It will then ask you for a password. STOP!!

Make sure you use a good password. The longer the better. It should include multiple uppercase letters, lowercase letters, numbers, and symbols. There should not be any words in it that appear in the dictionary. It should not include any names of any kind. It should not relate to any information about you (dates of birth, phone numbers, kid’s birthdays, street address, etc.). Can’t think of a good password? Use a password generator to make this easy https://www.roboform.com/password-generator.
Use a password manager to safely store and manage your passwords.
For more information about how to create a good password, read this article on our website. For more information about password managers, read this article on our website.

If I didn’t make that clear, make sure you use a good password. It will ask you to verify the password, so you’ll have to enter it twice. After that, your email is now encrypted. You can now press the send button.

Now, the person you are sending the email to will also have to use Firefox. They will also have to have the Encrypted Communication add-on installed. And, you will have to tell them what the password is for that email. No, don’t email them the password. Call them, text them, send them a letter, whatever. Assuming the recipient of the email has all of that, they will get an email that looks like a bunch of random characters. All they have to do is right-click on the body of the message and choose Decyrpt Communication. It will then prompt them for the password. Once the correct password is entered, the email will be readable. If they close the email and re-open it, they will have to re-input the password.

So, there you have it. You can send encrypted email. And that means absolutely nobody can read that email except you and the recipient, right? Unfortunately, no. Encrypting an email as described above will prevent almost everyone from reading it, but not everyone. The NSA, for example, can get around just about any type of encryption according to documents leaked by Edward Snowden.

Yet Another RansomWare

Yet Another RansomWare

Last month we had the WannaCry Ransomware attack. WannaCry was squashed by the discovery of a “kill switch” that killed WannaCry. But now, this month, there’s a new one called Petya. Like WannaCry, Petya has mostly affected Europe. However, it has affected the US. One of the victims in the US was the Pennsylvania’s Heritage Valley Health System. No “kill switch” has been found for Petya yet, but it’s only been a couple of days. Hopefully they will find one and kill it.

We like to keep you informed about this because we have several customers who have lost important data to RansomWare infections. RansomWare doesn’t reveal itself until it’s too late. It works in the background encrypting your files and once encrypted, it reveals itself. At that point, you have two options. You can pay the ransom, or restore from backup.

We strongly discourage everyone from paying the Ransom. Don’t let these criminals profit from their crimes. That’s why it’s so important to have a good backup. But not all types of backups protect you from RansomWare. If you back up to an external hard drive, for example, RansomWare will encrypt that too so you won’t be able to restore from backup.

You need a backup that can restore previous versions of files. That’s why we recommend Carbonite for residential customers and CrashPlan for business customers. These online backup services allow you to restore previous versions of files. This is important because when the RansomWare encrypts your files, those encrypted files are backed up. Even to services like Carbonite and CrashPlan. That’s why you have to be able to restore previous versions of files because the most recent version that was backed up was encrypted by the RansomWare.

But having a good backup is Plan B. Plan A is preventing the RansomWare infection in the first place. That’s where really good security is a must. The best security you can get is through our Security And Maintenance (SAM) plan. Not one computer covered under the SAM plan has ever had its files encrypted. We had one SAM customer who got one of those fake emails from Fedex and opened the attachment. The RansomWare got on his computer, but our security kept it from encrypting his files so all we had to do was remove the RansomWare.

In summary, make sure you have good security to avoid RansomWare, be careful what you click on and what you open, and make sure you have a good backup system that allows you to restore previous versions of files. Do that, you will lessen your chances of getting a RansomWare infection, but if you do, your data is protected.

Theme: Overlay by Kaira Extra Text
Cape Town, South Africa