Police warn of 'ransom' spam targeting UK users

Tens of millions of UK internet users could be at risk from "ransom" email spam seemingly sent from financial institutions.

Read the full story here: http://www.bbc.co.uk/news/technology-24964426

The email has an attachment that looks legitimate but is malware that encrypts computer files.
If the attachment is opened, a displayed countdown timer demands a ransom to decrypt the files.
Small to medium businesses seem to be the target and the National Crime Agency says there is significant risk.

Lee Miles, deputy head of the National Cyber Crime Unit, says: "The NCA are actively pursuing organised crime groups committing this type of crime. We are working in co-operation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public."

The malware installs a piece of "ransomware" called Cryptolocker on computers running the Windows operating system. The ransom demands that the user pay two Bitcoins, a virtual currency, that would be worth £536 to release the decryption key.

Reports suggest that people who have paid the ransom have not had their files decrypted and it has been impossible to restore encrypted files.
  
The NCA said it would never endorse the payment of a ransom to criminals and warns that there is no guarantee that the people behind the demand would honour the payments.

An NCCU investigation is seeking to identify the source of the email addresses used.
Computer users are being warned not to click on any suspicious attachments, to have updated antivirus software and to regularly back up files. If a computer is infected the advice is to disconnect it from the network and seek professional help to clean the device.

The NCA said that anyone infected with this malware should report it via actionfraud.police.uk.

For more information on how better to protect your business or customers please contact the IT Support Experts at Click Networks on 0141 530 9116 or visit our website: www.clicknetworks.co.uk for more information on how to clean an infected device of harmful malware.

Precautions against CyptoLocker and other malware attacks!

What can you do to prevent cybercriminals locking all your personal files and demanding money to free them?

 

A few sensible precautions will help minimise the chances of a CrytoLocker attack. So what are our top tips?

• Back up your files. If you use an external hard drive, don't leave it connected to your PC unless you are backing up. Alternatively, pay for an online back-up service – but bear in mind you may still be vulnerable if your backed-up files are mapped as a network drive. Check with your provider if you are unsure.

• Create files in the Cloud and upload photos to online accounts like Flickr or Picasa.

• Switch to a spam- and virus-filtered email service. Google Mail, for example, does not allow you to receive or send executable files (that can install viruses) as email attachments, even if they are hidden in zip files. (It also does not allow you to send them).

• Don't go to online porn sites, which are often the source of malware downloads. Take care when clicking on adverts; never open Twitter links and attachments from people you don't know or trust.

• Make sure your operating system is up-to-date with the latest security.

• Install the latest versions of your internet browsers and update add-ons such as Java and Adobe Flash.

• Get reputable anti-virus software and ensure you update it frequently.

• On Windows 7, double-check that you have set up System Restore points or, if you are using Windows 8, configure it to keep the "file history".

• Act quickly. If you do accidentally download a dodgy attachment, bear in mind it is likely to take some time for the encryption to take place. If you immediately download and run an anti-virus programme, such as the free anti-virus toolkit available from Sophos, it could destroy the CryptoLocker before all your files have been encrypted – however, you will permanently lose affected files.

• Encrypt the files you particularly want to keep private, such as documents containing your passwords or personal information, to prevent criminals from reading what's in them. Read this useful "Ask Jack" post on the Guardian technology blog to find out more about encrypting your files.

For more information on Malware attacks or anything you have read in this article please contact the IT Support Experts at Click Networks. Vist our website: www.clicknetworks.co.uk or call us on 0141 530 9116 

3 Essential Employee Tech Security Steps

Due to the populartiy of our last article on some of the misconceptions of computer viruses and steps to avoid them, below are 3 more essential tech security steps you can teach your employees.

 Think about your office and the people you have sitting behind the computers.  Or think about your remote workforce in their home offices or on the road with their laptops and mobile devices gripped firmly in their hands.  Whether you realize it or not, all of these workers play a vital role in protecting your company from a security breach.

You may feel pretty safe and secure with all of the latest and greatest security innovations installed, but if your employees don’t adhere to safe computing practices and use the technologies properly, you may be at risk, even more than you think.  Many small businesses don’t have an IT staff so it takes time and training to get employees to maintain data security.
Here are some tips to ensure that your work force is ready to defend your business and its valuable data.

1.  Email Responsibility:  The level of sophistication in targeting individual email accounts has become even more threatening by hackers and scammers.  How many times have you received an email trying to get you to click on this or that?  One simple click can expose business and personal information without your employees even knowing they have done anything wrong.
E.D.S.C.B. to protect your valuable business information: 

• Exercise judgment before opening email attachments. Suspicious emails or email attachments should not be opened.
• Disable the option to automatically download attachments. As a convenience, some email programs will offer automatic download, but if a harmful attachment comes through, it can lead to big trouble.
• Scan attachments with antivirus software before opening or downloading to your computer.
• Complex email passwords. Include upper and lower case letters, numbers and punctuation marks or other symbols to make passwords more complex.
• Beware of any attachment with an “.exe” filename extension, which may begin executing a program as soon as the attachment is opened.

2. Wireless internet connections merit caution:  
Wireless internet connections are a remote worker’s best friend.  But public wireless hotspots can be a cybercriminals playground when open networks don’t encrypt data, emails passwords or other information.  Remind your employees when they have the choice between a secure wireless connection, which will require a password, and a public hotspot, they should always choose the secure connection.
However, there will be times when employees may have to use a public hotspot Therefore, they should know how to make sure their firewall is on.  They should also know how to disable file and printer sharing and how to make their folders private.
Manage these tasks through the computer’s System Preferences or Control Panel, where the internet, user settings and security can be reviewed and adjusted.  If you need advice on managing these tasks, go to your computer’s help and support index.
Another option you can utilize to safeguard data is by protecting it on a corporate network or in the cloud.  There are numerous cloud storage options for small businesses.

3. Use smartphones conscientiously:
Employees commonly do work related tasks from their personal mobile devices, which opens new opportunities for security breaches.
Consider developing a Bring Your Own Device (BYOD) policy that includes parameters on how and when employees can use their personal mobile devices for work purposes.  Make sure your policy includes specific guidelines for smartphone security, like a password policy, list of supported devices and others that are not allowed to be connected to the network and a protocol for installing applications.  These can become easy entryways for malware if not attended to properly.
A lost or stolen smartphone can also open up an opportunity for a data breach.  You can require your employees to use tracking services offered by carriers like AT&T or Verizon to find the location of lost devices, remotely lock them or erase data.  For more assistance in developing a BYOD policy that’s right for your business, consider getting guidance from a local IT provider or expert.

Read the full article here: http://blog.computerservicenow.com/posts/2013/03/06/teach-your-employees-3-essential-things-about-tech-security/

For more information on anything you have read in this article or about any IT related issues, contact the IT Support Experts at Click Networks today. Call us on 0141 530 9116 or visit our website: http://www.clicknetworks.co.uk

Internet Security: Fact and Myth

Myth #1: Viruses and other malicious software (“malware”) only affect computers and laptops.
Reality: Mobile malware, which affects smartphones, tablets and other mobile devices, increased by 58% last year. This malware can steal information such as phone numbers and email addresses (32% of the time), or use the phone’s GPS to track the user (19% of the time).

Myth #2: I can’t get a virus or be attacked on popular social networking sites.
Reality: Many well-known social networks, including several of the newest ones, are prime targets for scammers, with 56 per cent of social media attacks involving fake gift cards and survey scams.

Myth #3: Apple products aren’t susceptible to viruses and online attacks.
Reality: While hackers still primarily target PCs, more than 600,000 Mac computers were infected by one attack   last April; just one example that no operating system is safe from online threats.

Myth #4: Free antivirus software on my computer provides complete protection.
Reality: “Ransomware” (where cybercriminals lock you out of your computer unless you pay their “ransom”), is one example of the trend toward increasingly vicious malware, which is known for being harder to undo, more aggressive and more professional than other malware. This malware requires protection beyond what basic, free antivirus software can offer.

Myth #5: It’s easy to tell if a site is fake -- typos or foreign characters are dead giveaways.
Reality: Many spoofed sites today look exactly like the websites of legitimate brands, down to the smallest details. Additionally, the number of fake sites that imitated social networks more than doubled in 2012.

Myth #6: My computer won’t get infected since I don’t visit risky sites.
Reality: 61% of malicious sites are actually legitimate websites that have been compromised and infected with malicious code. Business, technology and shopping websites were among the top five types of sites hosting infections.

Myth #7: I’ll know right away if my computer is infected.
Reality: Cybercriminals today rely on stealth – the longer they’re on your machine undetected, the more damage they can do. Your computer could even be part of a “botnet” – a network of remotely-controlled computers that send spam emails or participate in widespread attacks – and you might not even know it.

Luckily there are still a few things you can do if you're guilty of falling for some (or indeed all) of these Internet security myths. We recommend:

• Stick to trusted websites when possible. When purchasing items online, check for security marks on the site before entering in your payment details.
   
• Limit your sensitive transactions when using public Wi-Fi networks or use a Virtual Private Network (“VPN”). Wi-Fi networks can allow other people to more easily snoop on your activity.

Common-sense should also dictate the following:

• Use complex and unique passwords for each site, including upper and lowercase letters, numbers and symbols.
  
• Never click on links or open attachments from people you don’t know. Also, if you receive a strange message from a friend, take a moment to verify it – it’s possible their email or social networking account was hacked.

 Read the full article here: http://tech.uk.msn.com/features/internet-security-myths-debunked 

For more information on anything you have read here or any IT Support queries please contact us on 0141 530 9116 or email us at info@clicknetworks.co.uk. To learn more about us please visit our website: http://www.clicknetworks.co.uk

Whats new from Click Networks in 2013

Happy New Year from everyone at Click Networks
New for 2013 - Professional IT Support without hidden costs

Why choose Click Networks to support your IT
Quite simply, we have been around long enough to understand what our clients want and what they expect to pay for. Therefore we have listened and are proud to be different from most other IT companies.

It is very common practice in our industry for most IT companies to charge anything from £95- £115 per hr to install a single PC, Printer or even a smartphone!!

Click Networks do not charge our managed service clients for installing new Printers, PC's, or even migrating data from their old PC's to the new ones. This could save you £100's each time you add or replace some PC's.

We even offer our managed service clients a free configuration service to set up their Smartphones, Ipad's Tablets and similar devices. This costs us time and money, but we believe it demonstrates our total commitment to providing a unique managed IT Service.

If you want to save money in 2013 with your IT Support and associated services, call our sales team today on 0141 530 9116 and see how much we could save you.