Sunday, May 26, 2019

Scammers Now Use Google Ads To Steal Information

There's a new scam afoot that involves using Google Ads.

We're frankly surprised that it's working, but apparently, it's drawing some unsuspecting customers in. It appears to be an organized campaign.

The unknown scam artists are creating ads with phrases like:
  • "Amazon.com - Best place to get dream products. Best deals - Best support - Best price."
  • "Paypal.com - Discover how easy and safe it is to pay for goods and shop. Free Return Shipping.  180-day Refund Windows.  No funds needed."
  • "Ebay.com - Find the best selling Cell Phone Cases, Covers and Skins. Get the best deals for cell phones and smartphones.  Dream Garage Spring Event..."
These ads contain phone numbers with an invitation given to ad viewers to call them.  Of course, the numbers displayed in the ads aren't the real support numbers for those companies. If a user should call one, he'll be greeted by someone claiming to work for the support department of the company displayed in the ad.

Early on in the conversation, the scammer will announce some type of problem with the user's account, and inform them that they can fix the issue, but to do so, they'll need a code found on the back of a Google Play Store gift card.

Why this doesn't raise an immediate red flag to users is a mystery. Apparently some users are handing over the information if they have a gift card, which the scammers promptly make use of. For Google's part, they are working to remove the ads but it's a bit like playing Whack-A-Mole.  For every one they identify and take down, a new one seems to appear.

In any case, the company did issue an official statement which reads as follows:

"We have strict policies that govern the kinds of ads we allow on our platform, and ads that conceal or misstate information about their business are prohibited on our platform.  When we find ads that violate our policies, we remove them." You also have the option to seek out IT consulting services to help you secure your company information and computer network.

Call SpartanTec, Inc. if you need reliable IT services to keep your network safe and secure from potential online breach.


SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantecwilmington.business.site

Wednesday, May 22, 2019

Password Policies Getting Update From Microsoft

Industry experts have been predicting the death of the humble password for decades.  To date, those predictions have amounted to nothing.

Passwords are still with us, and still serve as the cornerstone of security, even as other measures have arisen alongside them to help better secure your all-important data.

Even though passwords aren't gone, the security landscape is changing. Recently, Microsoft has announced another step down that path of change.  They're doing away with the notion of forced password changes.

The logic is hard to argue with.  The policy of forced password changes really doesn't offer all that much in the way of protection. It often creates as many headaches and problems as it solves, because users tend to make small, virtually meaningless and easy to predict changes to their passwords. Or, they often forget their new ones anyway.

While Microsoft is no longer forcing password changes at periodic intervals, they are leaving the option available for Enterprise users to establish their own forced password change thresholds if they choose to do so.  In tandem with the coming change, they're also recommending that security professionals perform a periodic review of passwords to ensure that the passwords in use aren't on the list of the UK National Cyber Security Centre's list of the 100,000 worst passwords.

One important thing to note is the fact that the company isn't making any changes to its requirements for minimum password length, complexity, or history. That is essential in terms of keeping users from simply recycling the same two or three passwords, switching endlessly back and forth between them.
It's also worth mentioning that these changes could benefit companies that are currently under audit. That is if the auditing agency is using Microsoft's security baseline as a guideline. That makes this seem like a small , but it is more significant than it may first appear.

Call SpartanTec, Inc. if you wish to know how to secure your online information.


SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Tuesday, May 14, 2019

Persistent Banking Trojan Virus Launches New Phishing Scam


The venerable banking Trojan known as Q-bot is back in the news, having recently been spotted in the wild as part of a sophisticated new phishing campaign designed to claim a new generation of victims.

Q-bot is one of the oldest banking Trojans still in use, and has a history that stretches back more than a decade.

In this most recent incarnation, the malware is being delivered via an email which appears to be a reply to an existing email chain.  The body of the email contains a poisoned link which, if clicked will install the malware in the background.

Once in place, it creates a backdoor to the compromised machine in question, allowing hackers access any time they like.  It also serves as a key logger and general spy. It can steal financial data, banking data, other logins, credentials, and of course, makes it possible for the hackers to install additional malware as they see fit.

The reason Q-bot is still enjoying use of stolen data is that it's very good at what it does, and the developers of the code have taken steps to keep it up to date.  This, combined with finding new and innovative ways of introducing the Trojan onto target systems has made it as close to a persistent threat as we've seen when it comes to malicious code.

The latest campaign appears to borrow from the success of a similar campaign launched last year involving a Trojan with comparable functionality called Emotet.

This serves as confirmation that different hacking groups around the world are learning from one another, comparing notes, and developing an increasingly robust set of best practices. All this makes it increasingly more difficult to effectively defend against such threats.  Stay vigilant and be sure to remind your employees never to open emails or click links inside emails, even if they appear to be from a trusted source.

SpartanTec, Inc. can provide training for your employees to ensure they are not inadvertently allowing this malware into your computer systems via their email practices. We are located in Wilmington and provide managed IT services including a free dark web scan and employee awareness training. Contact us today to ensure the safety of your data. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255


Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro


Monday, May 6, 2019

Issue With Internet Explorer Could Affect Most PC Users


Are you still surfing the web with Internet Explorer?  If so, you're not alone.  Four years after Microsoft announced Edge as its successor, the company's old browser still has a few stubborn holdouts who continue to use it for various reasons.
Unfortunately, security experts keep finding critical security flaws in the code that make it something of a ticking time bomb.

The most recent of these was unearthed by an independent researcher named John Page. He published a proof of concept that demonstrates a flaw in the way the old browser handles MHT files, which are used by Internet Explorer for archival purposes.

If any computer running Windows 7, Windows 10, or Windows Server 2012 encounters an MHT file, it will attempt to open it using Internet Explorer.  This fact represents a tremendous opportunity for a savvy hacker.  All he has to do is present a specially crafted MHT file containing malicious code to a user and use a bit of social engineering to open it.  Using history as a guide, convincing users to open files from untrusted sources is not especially difficult to do.

Even if you don't currently use Internet Explorer, your system is still very much at risk from this type of attack, because IE 11 still ships with every Windows-based PC, including the latest Windows 10 machines.  The only potential saving grace here is that on Windows 10 machines, Internet Explorer is not enabled by default and needs to go through a user-initiated setup process before it could be used.
The solution then, at least if you've got a Windows 10 machine, is simply to avoid enabling Internet Explorer or, even better, simply uninstall it from the Control Panel altogether.

Mr. Page reported the issue to Microsoft on March 27, and received the following reply:
"We determined that a fix for this issue will be considered in a future version of this product or service.  At this time, we will not be providing ongoing updates of the status of the fix for this issue and we have closed the case."

Unfortunately, that's a canned response that amounts to a dismissal. So for the foreseeable future, you should operate under the assumption that no help will be forthcoming from Microsoft on this issue.  Make sure your IT staff is aware.

SpartanTec, Inc. serves small to medium size business with outstanding IT support in both North and South Carolina. Call us today to ensure your data is safe.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255


Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro