New Ransomware Ups the Extortion Scheme

It was only a matter of time I guess.  The latest ransomware targeting businesses has upped the ante by not only encrypting your files, but threatening to publish them as well.  And again we ask Symantec, MacAfee, AVG and , yes we’re looking at you Kaspersky – what exactly are we paying you guys for? This one’s in German – English is coming soon to a mail server near you!

Screenshot 2015-11-05 at 9.29.01 PM

Read more here =>

Secure your mobile phone and tablet – NOW!

If you haven’t done this already, you have no more excuses.  You need to protect your mobile devices from theft and loss and you need to do it now. The 2 best available solutions (for Android and iPhone) are both simple, free and easy to use.

Lookout_PhotoFor Android phones and tablets – go to the Google Play store and download the Lookout Mobile Security App.Lookout is a multipurpose app that protects your devices from all kinds of security threats.  If you lose your phone, Lookout can locate it.  If you misplace your phone, Lookout can make it wail and scream until you find it (my favorite and most used feature).  If your phone or tablet is stolen, you can not only locate it but you can lock or wipe it completely.  Add to that virus protection and automatic backups of your phone or tablet data and you have a complete (and did I mention free?) protection suite.

Simply create an account at the Lookout website to register your phone or tablet and have fun exploring the security features.  It really is amazing how accurate the auto-location feature is, even with the phone’s GPS turned off.

Want to read up on the app a bit more? Go to




If you’ve got an iPhone or iPad, head over to the iTunes store right now and search on Find My iPhone.  You will get all the same features that Lookout gives you on Android including the ability to lock and wipe your device.  Note that Lookout also has an iOS app but it does not include the lock and wipe features found in Find My iPhone.  Apple has made that capability proprietary to their own devices and software.FindMyiPhoneI


Find My iPhone has a neat little feature that prevents the phone from being turned off when lost and locks the phone with a notice providing the “finder” with the option to call you and arrange for the return of the phone or tablet.

You will need an iCloud account to register and use the app, but if you have an iphone or iPad, you’ve probably already got one.

If you want to read up on Find My iPhone go here =>

Google takes the next step toward global domination…

2014-06-13_162151“…for the convenience and safety of our customers of course.”

Don’t you love shopping at Home Depot and finding aisles closed off…for the safety and convenience of our customers?  Well Google has taken it’s next step toward omnipotence by restricting users from installing perfectly legitimate Chrome browser extensions just because they were not obtained from the Chrome Web Store.  The timing is somewhat suspicious, since Chrome has recently risen to leadership in the browser market with well over 50% of total market share – numbers previously attained only by the ubiquitous Internet Explorer.

Recently many Chrome users were left stranded and unable to utilize even secure business applications like LogMeIn and Sonicwall NetExtender VPN because those apps were not downloaded from the Chrome Web Store.  Google took an additional goose-step forward by actually disabling those extensions for existing users. When users went to their Extensions page in Chrome Settings (chrome://settings/) they found that there was no way to re-enable or re-install those extensions.  The outcry in Google forums was immediate and somewhat entertaining.2014-06-13_162656

Now you can’t blame Google completely for not wanting it’s flagship browser to become Internet Explorer.  If you have ever tried to remove the MySearchDial or Delta malware extensions, you know exactly what I mean.  So there is something to be said for only allowing extensions previously approved by the G-men themselves (and yes they are all men – but that’s a different article).  So on the one hand, with these new restrictions, Chrome could be a very good browser choice for Grandma, 4th graders and HR professionals.

For the rest of us though, this is America and our in-borne creativity and entrepreneurship impels us to find loopholes in the law that ultimately allow us to shoot ourselves in the foot.  If you’re like me however, a flesh wound is a small price to pay for our god-given right to refuse to be vaccinated.    So here are 2 ways to stick it to the man by completely overriding all security in your browser.

1)  Download, Extract, Unpack and Load – yes it sounds like a gun law that might have passed in Texas, but here’s what you do

  • 1. Download the extensions file from the developer or program you are using
    2. Enable developer mode at the very top of your extensions page (Settings/Extensions in Chrome)
    3. Locate the .CRX file inside the downloaded file using  Winrar or 7-Zip then open it to find its contents.
    4. Extract all contents of the .CRX to a new folder in some place you can remember
    5. Click the load unpacked extension button near the top of the page Extensions page
    6. Find the folder you extracted the contents of the .CRX file and select it then click the ok button

2)  Go Full Nerd  with a developer channel version of Chrome – which you can download here.  I highly recommend the Stable Channel for Windows.  This will update Chrome to a “developer” version but will retain all your user settings and will give you full control over your Extension page.

Needless to say, if you are not feeling any ill effects there is no need to discontinue Google’s new prescription. If on the other hand, you choose to go holistic, please don’t expect any support from me when things break – that means you Grandma!


Paranoia is Good – Beware the latest Phishing Emails

Remember – just because we’re paranoid doesn’t mean that someone isn’t out to get us. You may have heard that the international Zeus botnet was broken up recently after scoring over $30 million in ransom from infected Cryptolocker victims. Unfortunately, the Zeus masterminds had previously sold a coding kit to other criminals who are now flooding the internet with fake email messages with virus payloads attached or linked to them.  If you fall subject to one of these attempts, not only will all the files on your computer be encrypted, any files on mapped drives pointing to a server will also be encrypted. The only way to get the files back is either to pay a ransom to the hackers, or to find and restore them from a backup.  Either way, the cost of retrieving the files is very high both in terms of dollars and elapsed time.

The most recent variant of the virus comes to you in the form of an email telling you have a fax or voicemail waiting to be downloaded. A link in the email points to a URL.  If you are naive enough to continue on to Dropbox you will be asked to download and unzip your voicemail/fax – at that point you will be contaminated and your personal and network files will be encrypted.  You will not know this is happening the the process is complete and all files are encrypted.,

2014-06-11_172638 2014-06-11_172624 If you suspect any of your emails, do not click on any links or download any attachments – the safest thing to do is to forward the email to me and I can scan it for potential malware off-line. Other potential email subject lines include these:

USPS – Your package is available for pickup ( Parcel 173145820507 ) USPS – Missed package delivery (“USPS Express Services” <>)

USPS – Missed package delivery FW: Invoice <random number>

ADP payroll: Account Charge Alert ACH Notification (“ADP Payroll” <*>) ADP Reference #09903824430 Payroll Received by Intuit Important – attached form

FW: Last Month Remit McAfee Always On Protection Reactivation

Scanned Image from a Xerox WorkCentre Scan from a Xerox WorkCentre scanned from Xerox Annual Form – Authorization to Use Privately Owned Vehicle on State Business Fwd:

My resume New Voicemail Message Voice Message from Unknown (675-685-3476)

Voice Message from Unknown Caller (344-846-4458)

Important – New Outlook Settings Scan Data FW: Payment Advice – Advice Ref:[GB293037313703] / ACH credits / Customer Ref:[pay run 14/11/13] Payment Advice – Advice Ref:[GB2198767]

New contract agreement. Important Notice – Incoming Money Transfer Notice of underreported income Notice of unreported income – Last months reports Payment Overdue – Please respond FW: Check copy Payroll Invoice

USBANK Corporate eFax message from “random phone #” – 8 pages (random phone # & number of pages) past due invoices FW: Case FH74D23GST58NQS

Symantec Endpoint Protection: Important System Update – requires immediate action


Although our customers pretty well protected (some more so than others), the volume of these emails that are hitting our spam filters are extraordinarily high, so it’s always possible that some newer variants will get through. If for any reason you suspect you are infected with this (for example you notice that you can’t open certain word, excel or pdf files), shut down your computer immediately and make sure it is not connected to your network.  Then of course, call me or IIT for help. Thanks Mike