Power UP
Hacking People: How the Art of Hacking is more about social than computer engineering has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/2014/10/hacking-people-how-the-art-of-hacking-is-more-about-social-than-computer-engineering/

Hacking People: How the Art of Hacking is more about social than computer engineering

Hacking People

When you imagine hackers, what do you see?

Nerds slouched over their keyboards? Computer whizzes looking to earn an extra buck? Punk kids doing it for the thrill?

Truth is, hacking is often more simple than that. With the technological leaps and bounds that have been made in the last couple years, it has become harder and harder to trick computers. Many hackers have therefore turned to a much older and more stable art: that of tricking humans.

You’re probably familiar with some of these scams, which have managed to seep their way into the public conscious.

Microsoft Calling You? Not Likely

In Ohio, people have been receiving phone calls from a phone support person with an accent introducing themselves as Microsoft. They also indicate that your computer is laden with viruses and malwares and for a small fee they can remotely assist you. We have a customer who used this service out of fear that something must be very wrong if Microsoft is going to call and had 3 credit cards maxed out in fifteen minutes. They told her the charge was $30 but each time she provided a card# she was informed that card did not go through and asked for another card. My own father received this call. As soon as he informed them his son was in the IT business, they abruptly hung up. These calls and scams have become so severe that our Secretary of State John Husted has made finding a solution a priority. Check out these Bing search results for this hack: http://www.bing.com/search?ei=UTF-8&pc=AV01&q=ohio+microsoft+scam&FROM=AVASDF

From The Emperor’s Clothes to the Emperor’s Bank Account

The most famous is the Nigerian Prince Scam. The way this scam works is that the sender claims to be a member of Nigerian royalty, who is currently unable to access his savings account. If the recipient can send the prince a certain amount of money, then the prince says that he will be able to access this savings account. The sender/prince then promises that as soon as he gets access to his savings account, he will send the recipient his initial investment and then some.

Of course, it’s all a lie. When people send the money, one of two things happens. Either the email sender simply disappears, or they invent more charges that the email recipient must pay.

This scam might seem like an obvious ploy to some. Why would a Nigerian contact a random person, who’s generally unimportant on the geopolitical scale? But the incredulity is half the point. The Nigerian Prince Scam is often sent to a variety of individuals. Those who don’t believe it usually don’t reply, which weeds out the people who are the least likely to believe the scammer. That leaves the rest of us to get duped.

Phishing for Information

There are many other examples of Social Engineering, most of which don’t involve such sensational content. For instance, you might get an email that claims your bank needs you to verify your account information. Sometimes they might ask you to click on a link, which will send you to a login page that looks just like the login page that your bank actually uses. You provide them with the username and password, which they promptly use to steal money from your account.

Acts such as these are known as “phishing,” i.e. when a hacker pretends to be someone they’re not: a bank employee, a Microsoft tech, etc. They contact you and “fish” for information, hoping that you’ll give them the information they need to take your money or identity.

Protect Yourself

This leads us to the most important question of all. How do you protect yourself against these scams? You’ve already done the first and most important thing, which is to know that they exist. Oftentimes the people who are getting hit hardest by these scams are the ones who just don’t expect them.

But it takes more than knowledge to avoid these scams. Many of us know that people lie on the Internet, but there’s still a knee-jerk reaction to try and have faith in humanity. Sometimes, we don’t want to believe that people are lying. We especially want to believe them if they’re offering something to us, like extra cash.

The trick is to be savvy. Now that you know about social engineering scams, you just have to apply common sense. When opening an email from someone you don’t know, ask yourself why this person would send you this email at this particular time. It’s rare for a company to ask you for your login information, unless you’re logging onto their site, just like it’s rare (and perhaps inconceivable) that a Nigerian prince would contact you and ask you for money.

Know How They Know What They Know

Even if you’re careful, detecting scammers can still be tricky. For instance, what if they have your personal information? If a scammer contacts you claiming to be a “long lost son,” you might be suspicious. But what if they know where you go every Memorial Day Weekend? What if they know your name, the name of a family member, where you work and what your interests are? Would that convince you?

It’s horrifying to think about, but much of that information is available online. Through social networks like Facebook, Twitter, Tumblr, and Linked In, many of us are giving away our personal information. This isn’t necessarily a bad thing–sharing is one of the points of social media, anyway–we should still be conscious of what we’re putting out there. One quick Google search, and a scammer may know everything they need to know to dupe you. But if you know what information you’ve put out there, you’re better equipped to know who’s trying to trick you.

Contact Your Local Tech Support Professional

Often at PC Handyman, we get phone calls where people just want some reassurance. We don’t mind letting people know that they may have been the victim of social engineering. Many times, we have received the call and jumped on remotely to ensure no lingering pathways to the client’s machine exist. Feel free to call us 216-236-8743 with any questions about potential social hacks.

The Bottom Line

Here’s a quick summation of what you need to know.

  1. It’s easier for hackers to get the information from people than from computers.
  2. Hackers often engage in “Phishing,” which means they’re pretending to be someone they’re not.
  3. Use common sense when providing personal information, making sure to ask yourself why people need to know what they say they need to know.
  4. Hackers have a lot of your personal information at their disposal already. Don’t trust them just because they provide information that only your friends should know.
Definitions of Malwares has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/2014/10/definitions-of-malwares/

Definitions of Malwares

bigstock-Hacker-Typing-On-A-Laptop-44548564In our daily work, (hardware upgrades, virus removal, reinstallations, all things technology) we come across lots of malware/virus removal jobs and are asked by our client base what specifically did the damage and how could they avoid it. In order to simplify things we decided to give a list of malwares/viruses and how they infect machines typically. The motivations of hackers is difficult to answer. Some people do it for money while others do it just to prove how smart they are. To make things simpler and to provide a resource for customers who want to know, I have compiled a list of different types of malwares and viruses as defined by the Virus Removal people I trust. This list was made possible with the assistance of Kaspersky Labs Malware Tree and other sources. While it is true that most viruses/malwares target Windows machines, there have still been crimekits developed for the Mac operating system. As the numbers of Mac users grows,

This list is ranked with different types and begins with the least harmful and works its way over to the most damaging.

Exploit Malwares- Exploits are given the name because they do just that; they exploit weaknesses in software that all computer users have running on their machines. They can be difficult to identify because they are taking advantage of software that is ubiquitous (either a framework for the web, or programs we use every day). Exploits target: Java, HTML/Javascript, and documents (Word and PDFs). Here are the common Exploit malware types:

  • Constructor Exploit – The Constructor exploit is a program that once installed on your computer plays advertising, popups or random noises on your machine. It uses up resources and overall slows down the computer. We have seen the KNCTR many times.
  • DoS Exploit – The DoS exploit is a malware program that informs the user that they cannot connect to the internet even if Windows is telling them that they have a solid internet connection.
  • Spoofer Exploit – The Spoofer Exploit pretends to be an antivirus program that tells the user that they have multiple threats that can be removed only if they spend a certain amount of money.
  • Flooder Exploit – The purpose of the flooder exploit is to send mass lures of reinfection to the contacts of an infected user. The below list of flooders specifies the delivery system of the exploit.
    • Email-Flooder Exploit – Email Flooder Exploit targets contacts in email programs.
    • SMS-Flooder Exploit – SMS Flooder Exploit targets contacts in an Android phone.
    • IM-Flooder Exploit – IM Flooder Exploit targets instant messaging services like Yahoo Messaging, or Google Chat contacts.
  • Hoax Exploit – The Hoax Exploit takes advantage of popular culture. For example, many times Michael Jackson has passed away. On the web, people find a site looking for scandalous details and end up in the dubious position of getting infected. Gossip has never been good for anyone.
  • VirTool Exploit – There is a reason why updates are important. The Virtool exploit takes advantage of people not doing regular maintenance on their computers. If you have an outdated version of Flash Player or Java, this exploit notifies you and then your attempt at updating causes the infection.
  • HackTool Exploit – The hacktool exploit attacks programs that use databases. Examples of programs that use databases are Quickbooks, Access, Content Management programs like WordPress, Joomla, Drupal, etc. This exploit uses SQL injection to hack the database and extract passwords and other sensitive information.
  • Drop Exploit – The drop exploit is used to drop rogue antivirus programs onto infected computers. The user is told that they have false viruses and must purchase full versions of the software to remove infection.

Rootkits – Rootkits are tools originally designed for UNIX/Linux operating systems. Those operating system refer to administrative level access of a user as the root and hence the name. What makes a rootkit dangerous is its intent and difficulty to discover. Rootkits by design access a computer at the administrative level and then obscure themselves from detection. Oddly, hackers are not the only people responsible for creating rootkits. In 2005, Sony installed copy protection on its CDs. This copy protection wasn’t noticeable until a purchaser installed the CD on their computer using ITunes, Windows Media Player, etc. Loading the files on your computer installed a rootkit that limited what you could do with the music once it was on your machine.

Viruses – Viruses are what everyone has known and loves. It is a specific piece of code created to damage or steal intellectual data. They come in many forms but have similar purposes. There have been hundreds of variations but viruses tend to come in these types:

  • Trojans – Trojans might represent that largest proportion of viruses out there on the web. I was once asked, “Why are people still making computer viruses? “I answered them by using the toilet seat or public phone analogy. A lot of these viruses were made years ago and don’t always have someone at the switch. Often times, a hacker will monitor a virus for a short period of time and then move on to better grounds. It is better in hacker parlance to get in and out quickly to avoid detection. They are called Trojans because they pose as something else in order to gain access to your computer and information. It is possible for someone’s computer to get infected with a Trojan that has characteristics of all the below mentioned types.
    • Trojan Downloader – Typically is the delivery program that an exploit uses to take advantage of that exploit. Often times, the infected person gets an email (exploit) or downloads an image or free program on the web and then installs malware onto their computer.
    • Trojan Dropper: In virus parlance, the dropper is the action of dropping viruses onto the computer. The dropper itself is a program that hides itself in the infected system and delivers viruses to the computer. They are hard to detect because they do not target specific vulnerabilities of known programs (like other viruses do). Instead, they hide and deliver slews of viruses in their payload to an infected machine. It is very possible to removed lots of viruses without actually removing the dropper itself. Soon enough, the computer is reinfected with hundreds of viruses again.
    • Trojan PSV – Like other Trojans, PSV infects your computer and can offer false antivirus programs as well as interfere with the ability of installed antivirus programs to work correctly.
    • Trojan Spy – Trojan Spyware has the ability to stealthily monitor what a user is doing. They can also turn on webcams and microphones to record/monitor everything a user is doing.
    • Trojan DDoS – DDos is a Denial of Service Attack. Spending time on hackforums, I have noticed that people target other websites. Maybe that website is a rival or doing something a group does not approve. There are lists of sites that people want DDos’d. I once had an employee who donned himself an ethical hacker who introduced me to this site. Once he no longer worked for me, I noticed hundreds of visits to the PC Handyman site in a 10 minute period. The Trojan infects the user’s system in the same manner of all Trojans and makes your machine a pawn in a massive DDoS strike. Once there is a critical mass of infected machines they all attack the targeted site in hopes that the overwhelming numbers of visitors in a short amount of time will crash the system.
    • Trojan Ransom – Trojan Ransoms usually occur when people participate in downloading porn pictures or download free pornography. Sometimes, it doesn’t require downloading the porn but attaching this Trojan to an exploit that asks you to update a Flash Player for example, and then you get infected with the Ransom Trojan. This Trojan shuts down your task manager, antivirus programs, and then puts up an image threatening to turn you in if you do not use MoneyPak or any other prepaid card services to make this little problem go away.
    • Trojan GameThief – The Game Thief happens when people download pirated games on their computers, the most common path of infection is based on people who play World of Warcraft. Since it is one of the biggest pay to play games in the world, capturing user account Warcraft data is a common currency in the hacker world. I have discovered hacked Warcraft accounts on hacker sites for sale and people are still mining virtual gold, weapons, and items to sell on EBay. They end up with Trojans that cause constant instability like the above mentioned viruses.
    • Trojan Rat – The Trojan Rat is a program that sits on your system and allows the hacker to monitor and control your machine. Hackers do this to either take data from a person (like banking and credit card information) or to cause additional mayhem using your machine to do it. Hackers can even turn your machine back on with a Wake on LAN command if you are hardwired to the network.
    • Trojan Banker – The Trojan Banker does exactly what its name dictates and targets your browser to capture username and password data for your banking purposes. A lot of times, Phishing sites do some of this work. They may look like your bank website but make sure that the domain truly belongs to your financial institution.
    • Trojan Mailfinder – Similar to the Banking Trojan, Mailfinder is looking for sensitive information. These tools can also do screenshots when certain activity takes place all helping the hacker gather email addresses, and sensitive information either in your inbox or based on web activity.
    • Trojan SMS – SMS Trojans are those that target users with text messaging. Since the iPhone, for the moment, is immune to this kind of attack, the victims of these attacks are Android operating system users. The intent of the Trojan is the same as that of the computer hide in the system and target sensitive information.  It is vital that Android users install antivirus software.
    • Trojan Clicker – Trojan Clicker also called Facekiller is a Trojan that takes over people’s Facebook Accounts to increase the likes of that particular page. It is a JavaScript code that hides in your browser and forces you to like the page.
    • Trojan Proxy – Trojan Proxy changes proxy settings in people’s browsers. Proxy settings are codes that tell your machine which servers to use when searching the web. Microsoft has servers and so does Google. Our Internet Service Providers (ISPs) also have their own proxy servers. Once you have been Proxy infected, your browser will share anything you type into the browser with the hackers.
    • Trojan Notifier – Notifier is typically a Trojan written in Delphi (a Pascal based programming language) that encrypts itself and infects computers to gather emails from a user’s Outlook or mail client and then sends that information to the hacker.
    • Trojan ArcBomb - The ArcBomb is a veritable hodge podge of all the above Trojans all at once to a system.

Backdoor Viruses - This term refers to all viruses that share the qualities of being able to give a hacker remote access to a machine for the same ends as above.

  • Worms - Worms are self-replicating standalone programs. They are unlike viruses in that they do not require a program to do their damage. Viruses typically target vulnerabilities in Java, HTML, Word, Email Clients, etc. Worms only need a vulnerability in security software and can infect a machine and replicate themselves sending themselves out to the world with one of the below pathways/
    • IM – Worm – Targets Instant Messaging as the path to infect other machines. Yahoo Instant Messaging, Google Chat, etc. are pathways to get infected with a worm.
    • IRC-Worm – IRC worms use old technology that hackers and programmers still use. IRC Chat is a program that does the same things instant messaging does.
    • P2P Worm – Peer to Peer worms infect people by attaching themselves to communication that occurs through group sharing sites like BitTorrent. They are nasty because they can come through with anything someone downloads from those sites. That is why I do not use those programs at all and also find many clients with worms on their computers that we must remove.
    • Email Worm – The Email Worm uses the pathways of email clients to spread their infection to other users. Typically the worm waits and attaches itself to emails that the infected client sends.
    • Net Worm – Like the others, the net worm replicates and delivers itself over a network. All it takes is to have 1 infected computer on a network with thousands of machines to have an infestation in no time. When I worked IT at CSU, the net worms were living on the network. Whenever we installed new versions of Windows on a machine, we had to do updates and install antivirus protection before ever connecting the machine to the network. Otherwise, the machine would immediately be infected.

Here at PC Handyman, we are highly trained in the removal or malware/viruses and the overall maintenance of Windows and Mac systems. With 25 combined years of experience, we have seen every issue and can promptly resolve anywhere in Greater Cleveland including: Cleveland Heights, Shaker Heights, University Heights, Beachwood, Orange, Pepper Pike, Solon, Aurora, Chesterland, Willoughby, and Chardon.

 

Future is Made of Augmented Reality has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/2014/09/future-is-made-of-augmented-reality/

Future is Made of Augmented Reality

While it has been around a bit, I have been shown some interesting videos lately regarding augmented reality. For those who don’t know, it is a way of using smart devices to look at the real world with embedded digital content. Someday when everyone is wearing their computers, you will be able to walk down the street and have navigation popup on media all around you (billboards, movie posters, and office door) with options to access different bits of digital content.

Here is an official definition of augmented reality that is not only exciting but literally a can’t wait moment in our history.

http://youtu.be/tnRJaHZH9lo

People are doing it with still images and printed media materials (like jusgomobile

http://youtu.be/niPrt9PIyxc

And doing it with a lot of social flare with iTagged

http://youtu.be/vszrV-4SReA

The options are plentiful and soon enough our websites will not only be static pages but all over our walls and cars!!!!! Very exciting! What kinds of cool things can you imagine doing with augmented reality.

Dreamweaver Goes Mobile has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/2014/08/dreamweaver-goes-mobile/

Dreamweaver Goes Mobile

If you are like me and like to use Dreamweaver as the one source for working with different languages, you gotta love the new mobile features being offered in Dreamweaver CC

 

PC Handyman Proudly Joins BitCoin Boulevard has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/2014/07/pc-handyman-proudly-joins-bitcoin-boulevard/

PC Handyman Proudly Joins BitCoin Boulevard

WeLv_BC_Badge_128pxFar be it for us to not want to be a part of something new and exciting like crypto currency. Bitcoins have been around for a long time and businesses have figured out a way to take advantage of it! Thanks to Quickbooks Online (our bookkeeping service) we can now accept BitCoins from any of the population of miners in Northeast Ohio for computer repair and anywhere in the world for remote support, SEO, and website developent!

Check out the other participating merchants in Bitcoin Boulevard.

Give the Gift of Tech Support has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/give-the-gift-of-tech-support/

Give the Gift of Tech Support

PC Handyman is now offering Gift Certificates. If you are happy with the support we offer throughout the year, why not Give the Gift of Tech Support with your friends and family. We can provide PC or Mac support anywhere in Northeast Ohio physically but also remotely anywhere in the world as long as the recipient of the gift has a broadband connection to the interwebs!!!!

Use the Gift Certificate for:

  • Labor towards computer repair for you Mac or PC
  • Refurbished machines
  • Classes for Adults and Children (private lessons just call and schedule, group classes on the calendar)
  • Web Development
  • SEO consultations
  • Cloud Storage
  • Virus Removal
  • T-shirts, flash drives, and other g33k gear!!!


 

PC Handyman is now offering Gift Certificates. If you are happy with the support we offer throughout the year, why not Give the Gift of Tech Support with your friends and family. We can provide PC or Mac support anywhere in Northeast Ohio physically but also remotely anywhere in the world as long as the recipient of the gift has a broadband connection to the interwebs!!!!

Use the Gift Certificate for:

  • Labor towards computer repair for you Mac or PC
  • Refurbished machines
  • Classes for Adults and Children (private lessons just call and schedule, group classes on the calendar)
  • Web Development
  • SEO consultations
  • Cloud Storage
  • Virus Removal
  • T-shirts, flash drives, and other g33k gear!!!



PC Handyman Goes Mobile!

Use this area to offer a short teaser of your email’s content. Text placed here will show in the preview area of some email clients.

We Have Gone Totally Mobile has been published on PC Handyman East

New Post has been published on http://clevelandheightscomputerrepair.com/2014/04/we-have-gone-totally-mobile/

We Have Gone Totally Mobile







Use this area to offer a short teaser of your email’s content. Text placed here will show in the preview area of some email clients.
Is this email not displaying correctly?
View it in your browser.



PC Handyman Has Gone Mobile!

216-236-8743 Now Serving the Heights, Chardon, Mentor, Aurora, Solon, Chesterland, Willoughby, and more!

We would like to thank you for your continued patronage of our business and announce that effective April 2014, we have changed our business model to be mobile and in your home or business. We realized that after 3 years at our Cedar-Fairmount location, that what customers prefer most is our ability to come to you and assist with your computer issues rather than expecting you to come to us. To accommodate our customer base and control our bottom line, we now come to you in these ways:

 

Onsite Computer Repair

We now have the ability to assist you anywhere in Northeast Ohio by coming to your home or office. We can work on your machines onsite and provide instruction to new operating systems. You no longer have to pack up your gear and bring it to us!
 

Pick Ups and Drop Offs

Sometimes, a repair job can take many hours. We want to control costs to you by setting a cap to the job and taking the machine back to our workshops and returning to you. This saves you money and allows us to work on multiple machines at a time. 

Remote Support

We can also provide remote support to resolve many computer issues. The only requirement is that you have a solid internet connection. 

Monthly Service Plans

If your needs exceed our typical customer of 1 – 2 times per year, we offer monthly service plans to individuals and small business. Give a call and we can discuss your particular needs.

Web Development and SEO

We are also proud to offer website development, Search Engine Optimization, and Social Media Management. We can help you develop solutions to make your web presence stronger to find more customers that require your goods and services. Call 216-236-8743 to discuss options

Cloud Storage Options

We are still resellers of LiveDrive (a popular Cloud Storage option) for our customers. Get 2 TB of storage for up to 3 PCs or Macs for $20 per year. Click here to sign up!

Loyalty App

Try out our new loyalty app and get discounts on our goods and services. If you sign up by clicking here, you can get 1 year of free cloud storage!

Schedule an Appointment Online!

Sign up for Service when it works for you with our online scheduling tool! Click here to schedule an appointment.

Copyright © *|CURRENT_YEAR|* *|LIST:COMPANY|*, All rights reserved.

*|IFNOT:ARCHIVE_PAGE|*
*|LIST:DESCRIPTION|*

Our mailing address is:

*|HTML:LIST_ADDRESS_HTML|*

*|END:IF|*
*|IF:REWARDS|* *|HTML:REWARDS|* *|END:IF|*