​Pay attention to your life

By Chuck Solly

I got an email the other day from an old high school buddy. I was really surprised to hear from him since high school was "far back.”

Well, it turns out that it wasn't him. His email address had been hacked and the hacker had put a link to a virus in the message area of the email disguised as a normal web site.

If I had clicked on it it may have been a virus or worse, ransomware. Ransomware encrypts all of your files and the hacker will send you a message asking for money to get your files back. There aren't too many ways to beat ransomware.

Pay attention to what you get in your inbox. If you didn't ask for a link or attachment in your email, send a separate email to your sender and ask them if they sent it.

As noted in a U.S. Federal Trade Commission Consumer Information page, phishing emails (and phone calls) typically impersonate businesses, and their aim is to trick you into providing information such as bank account numbers, sign-in credentials, Social Security numbers, and anything else they can use to steal your identity.

I have received three phone calls from Microsoft in the last two weeks saying that my computer was sending out email messages with viruses in them and the only way to stop this is to have them (Microsoft) take control of my computer (using software).

First, Microsoft will never call you. Second, Microsoft doesn't care about you! These hackers are using social engineering to try to get into your computer to steal passwords, bank account numbers, etc.

I had a busy week last week. I got a robo-call (pre-recorded) from the IRS!!! The caller claimed that I owed money and I would go to jail if I didn't pay with a prepaid credit card. Pretty scary huh? THE IRS NEVER CALLS TAXPAYERS! Don't be fooled.

The USB drive threat

Does dropping an infected USB drive in a parking lot work when it comes to a hacker luring his prey into a digital trap? The answer is a resounding yes. At Black Hat USA, security researcher Elie Bursztein shared the results of an experiment where he dropped 297 USB drives with phone-home capabilities on the University of Illinois Champaign-Urbana campus.

He also explained how an attacker might program and camouflage a malicious USB drive outfitted with a circuit board to take over a target’s computer within seconds after plugging the drive in.

“Despite the dangers of hackers, viruses and other bad things, almost half of those who found one of our flash drives plugged it into a computer,” Bursztein said.

Don't use any USB drive that doesn't belong to you and don't let anyone you don't know or trust plug one into your system. Go out and buy your own!

There will be software preventing malicious USB drives from harming your system coming soon. Until then, be careful.

Protect your phone

From Threatpost.com: A new Android Trojan called SpyNote has been identified by researchers, who warn that attacks are forthcoming. The Trojan, found by Palo Alto Networks’ Unit 42 team, has not been spotted in any active campaigns, but it is now widely available on the Dark Web and will soon be used in a wave of upcoming attacks.

Unit 42 discovered the Trojan while monitoring malware discussion forums. Researchers say that’s where they found a malware builder tool specifically designed to be used to create multiple versions of SpyNote Trojan. See more at New Trojan. SpyNote Installs a backdoor on Android Devices. Check it out here: https://wp.me/p3AjUX-v6o

Spynote, or something similar, will soon be here on a phone near you. Protect your phone. Don't put it down in public, keep it on your person. Don't install unknown apps.

There will eventually be ways to beat the malware but until then, pay attention to your life!