Spoofed emails and the repercussions

A spoofed email is one in which the sender’s address has been forged. It’s not hard to do…..really!

I’ve sent emails to friends in the past appearing to come from ghengis@themongols.com threatening invasion but like to think I’ve matured since then.

You’re thinking “Big deal, I can recognise a fake email and I wouldn’t do anything silly anyway” which is great. Well done you.

However, you can be the victim of a spoofed email that’s directed at someone less smart that you.

For example: Someone sends an email to school spoofed as having come from you and saying that Uncle Buck will collect your 8 year old son from school early to take him to a dental appointment that you’ve just remembered. OK, that’s unlikely with the security in modern schools but you get the picture. More likely is that an email arrives with one of your customers or suppliers purporting to come from your accounts department informing them of a change of bank and providing new transfer details to be used for the payment of invoices. Hell, it might even offer a 25% discount for the settlement of current outstanding amounts if completed within 24 hours. By the time you realised it would be too late.

So – you’ve been warned but what can you do?

You can’t stop the spoofing. The security measures available will help but it’s a constant battle between the bad guys and the good guys and it’s always going to be a neck and neck race with the lead constantly changing.

We’d suggest you think about the procedures you have in place. Inform your business partners that they need to verbally confirm any changes in payment (and other) processes. Remind them that email is NOT secure. Point them at this blog post and suggest they subscribe as knowledge combined with common sense is free and very important.

Also, enquire with us if you would like to know about secure, signed and encrypted email options which can all help.

Again, remember standard email is NOT secure.

Windows Versions and support expiration.

 

Please note that Microsoft and Lorica no longer support Windows XP. Vista will no longer be supported in 6 months.

Windows 7 will come out of support in 4 years. I’d suggest missing out on Windows 8.

(NOTE : Windows 8/8.1 is perfectly OK, I just don’t like it! J )

 

Windows 10 for free

 

The offer of free Windows 10 from Microsoft has expired.

You Can Still Get Windows 10 for free with a Windows 7, 8, or 8.1 Key

While you can no longer use the “Get Windows 10” tool to upgrade from within Windows 7, 8, or 8.1, it is still possible to download Windows 10 installation media from Microsoft and then provide a Windows 7, 8, or 8.1 key when you install it.

Windows will contact Microsoft’s activation servers and confirm the key to the previous version of Windows is real. If it is, Windows 10 will be installed and activated on your PC. Your PC acquires a “digital license” and you can continue using and reinstalling Windows 10 on it in the future.

Microsoft hasn’t communicated what’s going on here, or whether it will block this method in the future. But it still works right now. Even if Microsoft blocks this trick in the future, your PC will keep its digital license and Windows 10 will remain activated.

Andrew’s opinion : I am running Windows 10 on a desktop, laptop/tablet and a phone. I find it more responsive, reliable and enjoyable to use than previous version of Windows. It seems to have all the benefits and bells and whistles of Windows 7 combined with Windows 8/8.1. I would suggest a clean install rather than an upgrade and know for many people the cost and trouble of this is not worth the return. I would not go back to an earlier version and find it frustrating when I need to use an earlier version.

How to Protect Yourself Against Ransomware

Firstly, do you know what ransomware is?

If not, find out. Here’s a possible introduction link.

http://www.trendmicro.com/vinfo/us/security/definition/ransomware

 

Get Smart. Get Protected

The pernicious rise of ransomware is a frightening prospect for everyday users and companies alike. By the end of 2015, Trend Micro predicted 2016 would become the Year of Online Extortion—and unfortunately, that prediction has proved true. In the first half of 2016 alone, a total of 79 new ransomware families were discovered by Trend Micro—marking a 172% increase over the whole of 2015—while nearly 80 million ransomware threats were detected and blocked by Trend Micro over the same timeframe. (cf. The Reign of Ransomware, TrendLabs 2016 1H Security Roundup). Sad to say, mobile devices are now also being targeted. Android™ mobile ransomware grew 15 times higher by June of 2016 than the level it was at in April of 2015.

So, what can the everyday user do to protect themselves from ransomware? The answer is twofold: get smart—and get protected. Getting smart means understanding how you can get infected by ransomware in the first place and taking steps to prevent it from happening. Getting protected means installing Trend Micro™ Security on your computers and mobile devices to help stop ransomware in its tracks. It also means learning how to use the security software’s features, such as Trend Micro Security’s new Folder Shield, to assist in that process.

How you get infected by ransomware

Ransomware can arrive on your desktop or mobile device from phishing emails, compromised websites, malvertisements, social media, instant messages, or infected or fake apps you unwittingly install. All it takes is for you browse an infected website (which initiates a drive-by download of ransomware), unwittingly click a link in your email that takes you to a bad website or downloads a file, or that you do the same from your mobile instant messaging program. Once installed, the ransomware either locks your screen or encrypts your files, and the cybercriminal demands a fee to release the hostages. And though you may pay the fee by the designated date (never recommended)—which can be as much as $600 to $1200 or more in cash or its bitcoin equivalent—there’s no guarantee you’ll get your stuff back.

How to guard yourself against ransomware infections

You need to get smart, first of all, by taking precautions so you don’t get infected by ransomware in the first place, or can recover your precious devices or data if you do:

  • Avoid opening unverified emails or clicking on their embedded links, which can start the ransomware installation process—and be careful about doing the same on social media.
  • Back up your important files on a regular basis using the 3-2-1 rule: create three backup copies on two different media, with one of the backups in a separate location. Cloud-sync backup services can help to fulfil the last requirement.
  • Regularly update your operating systems and applications, to ensure you’re current, with the latest protections against new vulnerabilities.