Your IT Solutions Expert

A client of ours arrived at work to discover an email from the IRS in her inbox.  Concerned about it's legitimacy she contacted us.  Below is a copy of the email.

The first hint that this is fake, for those who haven't heard the IRS announcements that they will never email you, is the email was in her Junk mail. Typically important / legitimate emails don't get routed directly to the Junk mail box.  Sure it happens occasionally, but it's certainly an easy first test of legitimacy.

As per their MO we see the scammers are hoping to work on people's fear instead of common sense, with the last line being the threat of "Failure to comply..."

So you're busy shopping on the Internet when for one reason or another, you've clicked on a website link, clicked on a link in an email, etc, and this Paypal page opens. But did you check to see if it's really Paypal before attempting to put in your username and password?

While this website is an awfully good imitation of Paypal the domain name / web address is the giveaway. preinformized.com is most certainly not Paypal.

For reference, here is what Paypal's website currently looks like.  Notably, until very recently Paypal did have the login on the top right of the front page of the site, however as their website is being spoofed frequently it is good to make frequent changes, like this, to help consumers differentiate their site from the fake ones.

Business owners love planning, creating, promoting and selling their business, and most dread dealing with technology – so then why do so many insist on trying to manage it?

The answer for many is simple, it’s a nuisance that is an absolute requirement for their business’s functionality, any down time hurts the bottom line, but it can be so hard to find a company you trust to take care of your technology for you.

How many have experienced hiring a new IT company only to have them come in and start putting their stickers on everything? Or more concerning to the bottom line, come in and tell them it’s all old, out of date and needs to be replaced? Have you become accustomed to wait times for service of a day or longer, making it easier to just try and fix it yourself? Or worse a persistent problem, like a virus on a computer that no matter how many times your IT company comes out they just can’t seem to get it removed?

You've heard over and over again that you must have a secure backup of your company data, but have you stopped to consider what you'd do in the event of a disaster?  How would that data be restored to a fully functioning office environment?

The answer to those questions hinges on two variables - first what was the nature of the disaster? Second what type of backup do you have?

Put in slightly different terms, having a backup of your company's data merely means that you have a copy stored somewhere, it does not mean you have an instantaneous way to restore your company's network back to full functionality.  This is not what you want to hear and comes as a shock to many business owners who thought they'd done what they needed to do by having a backup of their data.

Welcome to your next parental nightmare!  Boys at one local Reno high school, are reportedly coaxing topless photographs out of high school girls then trading and collecting them like baseball cards. This information has been brought to us by a high school student's parent who says her son informed her of the trading game. It is unclear if the school's administration is aware this game is going on.

As parents we know that sexting is a serious problem and do the best we can to dissuade girls from turning themselves from young women into mere sex objects, but this account takes the issue to a level only seen in a handful of cases, like the Vermont Sexting Ring. Not only are these girls sharing naked photographs with one boy, possibly believing that he will keep it to himself, they are literally sharing it with most of the boys in the school and depending on the true extent of this game perhaps across multiple local high schools.

Recently we've had several people come to us having been hit by a nasty piece of Adware.  This particular pop-up is insidious as it's a two part pop-up, see the attached screenshot.  First you have the large underlying pop-up with the information that says "Call XXX-XXX-XXXX immediately."

Have you been locked out of an account due to entering the wrong password too many times? That was rhetorical; unless your password is "password" (and it better not be) everyone has managed to lock themselves out. Even someone using "password" can manage it if they don't realize Caps Lock is on. But here's the real question - why don't hackers get locked out when attempting to get into their victim's accounts?

If you've been watching USA's new serious Mr. Robot you might be under the belief that, like Elliott, hackers research you and then using a well thought out plan they try passwords that include information about your birth date, family, pets, sports teams, nicknames, address/phone numbers, etc until they find the magic combination to your password.  That scenario doesn't hold water when you look at the facts of an account lockout - it doesn't matter if it's you or a hacker if the lockout says 5 tries and you're locked out, that's what's going to happen.  Even the few variables listed above amount to thousands of options.

So how do hackers do it?

Today we did an experiment with an Internet Tech Support Scam that is reportedly being found online by many in the Reno Sparks area.  Below is a screenshot of what first appears when you happen upon the website at online-system-scan.net.

More than likely you were redirected here by a malicious advertisement on another website or a redirect from a fake article; you know all those interesting top 10 articles that look too tempting not to click on, well some of them are not so innocuous.

Late last year Google made an important change in their ranking system that has received relatively little coverage.  Google has added to their search ranking algorithm a query to determine if a site is being served over HTTP or HTTPS. If a site is being served over HTTPS it ranks higher.

Here's an example of HTTP vs HTTPS: