The latest scam making its rounds on Facebook is message that asks users if they want to install a “dislike” button.

When you click on the message link it tries to trick you into letting the rogue application access your profile. Once it has access to your profile, it sends our more spam from your account to all your friends, essentially propagating itself and then makes you complete a survey before you get the dislike button.

Once you complete the survey you are indeed given the chance to download a ‘dislike’ button but at this point your account has already been compromised. It appears that the makers of the dislike button aren’t involved in this scam, their tool is just being used as bait.

The good news is that you CAN get the dislike button without being tricked into compromising your account. The dislike button is a FireFox add-on created by FaceMod and can be found here; https://addons.mozilla.org/en-US/firefox/addon/13672/.

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Things to Think About…

• Check out Graham Cluley’s blog for more detail (http://www.sophos.com/blogs/gc/g/2010/08/16/facebook-dislike-button-scam-spreads-virally/)
• Know the 5 most common Facebook Scams Check out my previous post detailing the 5 most common Facebook Scams (http://www.technologyassociates.net/5-common-facebook-scams/)

Secret details about Michael Jackson’s death!

Salacious details about celebrities is an instant tip off that something is up. These messages normally trick you into clicking a link that promises to divulge secret details, never heard before songs, nude pictures, etc.

When in fact these links prompt you to download and install an update of Adobe Flash but instead of a software update you are downloading a Trojan or malware which secretly installs on your computer.

I’m trapped in Paris! Please send money.

In this scam, the perpetrators use a compromised account (ex: they have someone’s login and password) to send out pleas for help, normally asking for money to be wired to help out a friend. Since the criminals have access to your friends account they can often include details only your friend would know, ex: family members, etc.

OMG! Did you see this picture of you?

This scam directs users to a fake login screen that look just like the Facebook login screen and tricks the users into entering their user name and password.

The fake login screen is a favorite of the scammer because they use your credentials to launch other attacks. This scam may also start with an email directing you to update your Facebook information, etc.

Always check the navigation bar in your browser to be sure you are at the site you think you are at before entering your credentials, ex: it should say facebook.com at the very start of the url.

Test your IQ

One of the more recent scams enticed users to participate in an IQ test and prompted the unsuspecting users for their cell phone number to get the results. In actuality, they were subscribing to a $30 / month text messaging service.

This scam made use of a Facebook application. Many of the games and trivia on Facebook make use of this feature. In order to use the application you must grant it access to information in your profile. Setting privacy and security aside, many of these applications download viruses and malware onto your computer and should be avoided.

UPDATE

On August 16th, 2010 my follow-on post to this one details the latest scam; the fake dislike button. Add this latest scam as an update to this list of 5! Check out this post here; http://www.technologyassociates.net/facebook-dislike-button-scam/

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Things to Think About…

• Social Sites can become very unsociable Remember that wherever people go, the scammers will follow! Just because a site is supposed to connect you with a social network doesn’t mean it is safe!
• When in doubt… If you are using social media for business then I am not sure when you have time to find out more about Michael Jackson or take an IQ test; in any case, when in doubt, avoid clicking on messages and links that are suspicious.

One of the most common uses for print screen is grabbing a quick copy of an error on your screen to send to your support provider. Many times error occur that don’t stop your workflow and you just want to make a record of for future evaluation.

Back in the old days; hitting the Print Screen key (located on the far right of the top row of buttons) would immediately spool the information on the screen to the print queue and you would literally get a print out of what was on your screen!

Now a days, the average user just thinks this key serves no purpose or has never really thought about it.

In fact, when you hit print screen, the computer puts an image of the current screen (all screens if you have multiple monitors) into the clipboard as a bitmap image (.bmp) format.

Once the screen shot is in the clipboard you can then paste it into an email or even into a Word document or spreadsheet be select CTRL-V on your keyboard.

Alternately, you can save the screen shot as a file by selecting CTRL-S

One of the most frustrating things is getting a screen shot image across three monitors in a huge file with a small error window that you can barely make out even after expanding the image.

Here is a trick. If you only want a particular window in a screen shot then simply highlight that window and press ALT-PRINT SCREEN (the same ALT key you use for CTRL-ALT-DEL). This will cause print screen to grab ONLY the active window. This way, when you paste the image you get just that window and not your entire desktop.

Disable New Mail Alert

Turn off your new mail desktop alert. I used to think this was a super-cool and necessary feature of Outlook until I discovered that EVERY time I was alerted to a new email, I would stop what I was doing to attend to it. Constant interruptions break your train of thought and give you a built in ‘excuse’ to wonder off to other tasks instead of attending to more important issues.

To disable new mail desktop alert go to Tools | Options | Preferences tab | Emails Options | Advance Email Options | uncheck the option ‘Display a new mail desktop alert’ under the ‘When new items arrive in my inbox’ section.

Use Sub-folders

The quickest way to empty your inbox is to move email that you have already handled to sub-folders in your inbox. To create sub-folders, just right-click your inbox and select ‘New Folder’. You can create sub-folders for sub-folders.

Think strategically about your folder structure; think about the way you work first and organize tasks. For example; I have a sub-folder for ‘Customers’ and a folder for each customer under that folder.

Many people use mailbox rules to automatically move email from the inbox into the proper sub-folders and then rely on the unread email indicator to help them ‘find’ items that need attention. I would strongly suggest against this as it causes a lot of extra ‘hunting’. Just let your inbound email appear in your inbox, process it, then move copies to the proper sub-folders for proper organization and to decluter your inbox.

Follow-ups

Often times your email people on items that may need followup. The easiest way to do this is to flog your email for followups on a future date and let Outlook tell you when to followup.

To flag an email for followup that is in your inbox/sent items folder; just right-click the email and select Follow Up. A sub-menu will appear where you can select the proper follow up date. You can also flag an email for follow up as you are composing it by selecting the ‘Follow Up’ button at the top and selecting a date.

To view the list of followup items, select View | To-Do Bar | Normal. Your follow-ups will appear arranged by due date.

To ‘clear’ a follow-up, just right click the email (or follow-up in your To-Do Bar) and select Follow-Up | Clear Flag.

Finding Related Emails

Oftentimes I am working multiple tasks/priorities at once. When responding to an email I often spend time hunting for emails that are related to a particular recipient or topic.

The quickest way to find related emails is to right-click an email and select Find All | Related Messages. This function searches the subject lines of all emails for phrases matching the subject line of the email you were viewing.

Finding Emails from a Sender

Even the best filing system trips up under certain circumstances and you need to hunt down all emails from a particular individual (even if they are sorted into different folders).

To do this, right-click an email and select Find All | Messages from Sender.

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

More often that now the 2nd or 3rd hat worn is a position that, because of the businesses size, is hard to justify a full-time person. Roles like IT Manager, Network Administrator, CFO, HR manager, etc. are filled partially by someone on staff whose primary reponsibility is some other function.

We call these people ’slashes’. Because their title always has a slash in it…

• Office Manager / Network Administrator
• Office Manager / HR Administrator
• CFO / CIO

Unfortunately, this doubling up always ends up with NEITHER job being done right, more stress than necessary and important tasks being put off because of urgent items.

In my experience, the most often doubled up position is that of Network Administrator. More often than not, business owners believe that someone on staff (a ’slash’) can be doubed up, doing their ‘real job’ AND that of a Network Administrator.

I have seen it MANY times; a network in shambles, Office Manager duties NOT being done and a key employee pulling his or her hair out trying to keep up with two jobs!

Do yourself, and your Office Manager a favor and partner with a firm that has the experience and man-power to properly handle the Network Manager position!

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

The Insurance Journal reported on July 8th, 2010 that HealthNet, a California based heath insurance company, agreed to pay the State of Connecticut $250,000 for losing a harddrive containing patient data.

HealthNet lost the drive back in May of 2009 but did not tell customers until November of 2009.

In addition to the fine, HealthNet agreed to provide free credit monitoring to customers and to work with state regulators to improve security.

All this despite the fact that there is no evidence of the data being used.

To make maters worse, this same harddrive also contained patient data for customers in New York, New Jersey and Arizona. No word on the settlements from those other states.

More info: http://www.insurancejournal.com/news/east/2010/07/08/111405.htm

While HIPAA is used to punish data breaches, it is almost useless in helping practices PREVENT problems.

Installing encrypted harddrives in workstations would have prevented this particular problem. But unless you have a real IT partner helping manage your network (and your risk) you are just rolling the dice.

There has been a ton of focus on HIPAA and medical data but there are regulations covering ALL personal data. This extends the emphasis on network security from Medical and Dental practices to Insurnace Agencies, Law Firms and Accounting Practices.

All these professions regularly handle personal and private information that, if compromosed, would cause a nasty PR nightmare.

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Things to Think About…

• Network Security is no longer a ‘nice-to-have’ With hefty monitary fines (and ailing state coffers eager to find funds) you can bet your bottom dollar there will be lot’s more fines imposed.
• It is not just patient data If you company keeps ANY confidential customer information, you must safeguard it properly.
• Hardware encryption secures data at the source Encrypting the data on the harddrive itself will go a long ways towards ensuring that accidental data losses can be properly addressed.

You may think it would be relatively easy to keep away from the ‘dark alleys’ on the Internet by practicing safe browsing habits, but alas! The cyber-criminals are now imbeding malware into web ads and succeeding in placing these ads on very popular and main stream web sites.

Web sites like;

• The New York Times
• The Drudge Report
• WhitePages.com

In fact, a recent study by dasient.com found that;

97% of Fortune 500 web sites are at a high risk of getting infected with malware due to external partners (such as javascript widget providers, ad networks, and/or packaged software providers)

You see; the folks that run huge web sites long ago ceded control of web ad content management to outside firms. When you land on a web page you are often being fed content from multiple sources without even knowing it.

Lately, the cyber-criminals have found that they can place ads with content providers that ‘look’ real then switch them out for malware without anyone even knowing it.

It happened to the New York Times recently undoubtedly infecting thousands of users pcs. See (http://www.nytimes.com/2009/09/15/technology/internet/15adco.html).

The most effective way to prevent such malware if by using a Content Filtering system that reviews EVERY packet of data that goes into your network; looking for know issues and threats and cutting of the flow of data before damage is done.

Some folks say they are ‘protected’ because they use such free tools as OpenDNS but if the ad is served to your browser via IP address (which they often are) then these requests don’t even go through a DNS request, leaving you completely open and vulnerable.

The bottom line is that your IT vendor should be locking down your network connection before you become an unwilling recipient of a nasty piece of malware (most of them breeze right on by even the best anti-virus software around!)

If you network is NOT protected by content filtering, give me a shout (our NetAssure Services includes content filtering)

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Things to Think About…

• Anti-Virus is not enough Today’s threats often circumvent even the best anti-virus software on the market
• DNS protection is useless Ad content is often served using IP addresses, avoiding DNS lookups.
• Protect the network edge Installing a centrally managed device or service is the easiest and most secure way to go.

Yesterday, my parents sent me an email relaying the story of some friend who came to fish their pond. 

The pond is the exactly how you would picture a small farm pond; picturesque, bordered by trees and stocked full of brim and bass.

What none of us knew was that a monster was lurking just below the surface.  Covered in moss and hunkered down in the mud it was impossible to spot from the surface.

Only when it decided to show itself did we even know they existed.

As you can see from the picture, this pond monster was fighting over a fish.  The fish was hooked and being reeled in when the turtle decided that IT would like a snack and thought nothing of chomping onto the fish and fighting for possession.

This got me thinking…

Your average small business network is just like my parents farm pond.  On the surface it is placid; even peaceful but you can never be sure exactly what is going on deep down in the depths.  On any given day, there are life and death struggles you never hear or see (until they come to the surface and reveal themselves)

But with a network; when the monster surfaces you are normally in big, big trouble.

So here are 5 ‘tell-tale’ signs you have a monster lurking just below the surface of your network.

1. You pay to fix the same problem over and over
2. Frequent computer problems and glitches are ‘Normal’
3. Your last network upgrade was made spur of the moment to fix a problem you did not see coming
4. Surprise IT support bills have become so regular that they no longer surprise you
5. You don’t have a regular proactive process in place to prevent problems

If any of these 5 warning signs are present in your business then chances are you are going to get a nasty surprise when you get your fish to the surface!

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Since way back in the DOS days chkdsk (pronounced Check Disk) has been the tool of choice to clean up disk errors. But this handy tool can be used to repair damage before it becomes a nightmare.

Running chkdsk periodically is a good practice. In fact, we run this utility on all of our customers’ computers each week to be sure their systems are in tip-top shape.

Chkdsk is run from the command prompt (Start | Run | cmd) by simply typing ‘chkdsk’. If run in this mode chkdsk just inspects your disk for error but since your operating system is also using the disk chkdsk often can’t see all problems that reside on the disk.

To ensure a clean bill of health, run ‘chkdsk /f’ which allows the system to fix problems it finds. When you run this command you will most likely be see something like this;

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\>chkdsk /f
The type of the file system is NTFS.
Cannot lock current drive.

Chkdsk cannot run because the volume is in use by another
process. Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N)

To let chkdsk run without stepping all over the operating system, select ‘Y’ at this prompt and then reboot your computer. Chkdsk will run after the reboot and repair errors.

It is important to remember that if any errors are found, it is best practice to run chkdsk again. Often times all problems on the disk can’t be ’seen’ by chkdsk until other errors are corrected. In fact, keep running chkdsk until no more errors are found.

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Practice Least Privilege Access

There are two basic ways to structure security. The first is an “open access” which assumes everyone has rights to everything and counts on your restricting access to those that DON’T need it. The second, and better structure, is a “closed access” structure that assumes no one has access to anything and you have to grant access to resources.

Obviously, the second (“closed access”) is going to take more time to implement properly AND more time to manage effectively, but it is well worth the time and effort.

Just FYI; most network operating systems (including Windows Server) come out of the box with the “open access” method. Here is the risk..

If you create a directory; ex: “Files” and share it out with rights for everyone, then create a sub-directory, ex: “Administration” then the access that you granted to everyone in the parent “Files” directory flow down hill into the sub directory also, unless you explicitly block it.

This small issue is what gets lots of companies in trouble, they organize file and folders without understanding the implications of security.

Set Very Restrictive Permissions
On The Folder Level Via Group Membership

Data on a Windows network should be stored on an NTFS partition and access controlled via a domain controller, preferably via group membership.

Appropriate permissions on folders is a must. Remember to give users the lowest level of permissions possible to do their jobs. This granting of permissions should be done via group membership.

For example: create a group called “HR” and a directory called “HR”, grant the HR group the proper rights to the HR directory then add the proper people to the HR group. This allows you to easily add or remove peoples access as you add/remove people or as people change roles.

Remember that rights granted to a folder ‘flow down’ to files and folders in that directory. This can be over-ridden via inheritance but it is best to logically organize folders to avoid having to exclude inheritance.

Avoid setting permissions on individual files because this gets hard to manage and even harder to figure out who has access to what.

Audit File Access

Auditing who is access what is a critical piece of the data protection puzzle. Your ability to see who accessed what and when is critical when security questions arise.

There are lots of good file auditing packages out there and Windows Server includes the ability built in; called ‘object access auditing.’

The key here is to only audit the important stuff which make the information you gather more pertinent. For example; maybe you have a folder called “Public” which everyone has access to and is used as a general file share for non-sensitive information. No need to audit file access here; just clogs your audit logs.

A better example would be to audit access to important customer documents.

Control Wireless Access

Lock access points down tight! I don’t care if you have visitors and want it to be easy for them to access your network. Problem with this arrangement is that it is now easy for ANYONE to access your network.

Using WEP and disabling SSID broadcasts are easy overcome with widely available tools available on the Internet.

The best way; use Extended Authentication and hook your access points into your Windows Server infrastructure so that server has to authenticate people who want to log into the access point. The LinkSys WAP54G will do this.

The benefit here is that you can allow your users to access the access point via their network login and password and create logins for visitors that you can easily enable and disable as needed to allow and deny access to the wireless networks.

Centrally Control Remote Access

With some many companies providing and even encouraging remote workers you can’t overlook the dangers of someone grabbing data without ever setting foot on site.

The best way to have some level of control on this is to centrally administer remote access. Many companies I have spoke with use individual PCAnywhere accounts to allow remote access. This is a disaster in the making because it does not give the business owner any control over the remote access.

Ideally you are using Small Business Server which supports Remote Web Workplace and allows you to centrally grant and deny rights for users to remote in to their PC’s

Certainly, there are a ton of other ways your data can walk off. Users can print off reports, email sensitive data to their personal accounts or someone can simply pick up documents from your trash bin. Put some though into these issues; don’t panic, but make some progress towards nailing down the 5 items above and you will have a huge head start on protecting your data

Good Networking!

Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct

Things to Think About…

• Understand where your risks are. Taking the time to understand HOW data can walk off is the first step to locking it down
• Don’t accept any excuses with data security. The data that your company has created is it’s life blood, protect it as such!
• Prepare for the future. Most employers think that they don’t need to worry about a disgruntled employee walking off with data (or giving it to a competitor) because, at the moment, everything is A.O.K. Don’t assume things won’t change.