Your IT Solutions Expert

You've heard over and over again that you must have a secure backup of your company data, but have you stopped to consider what you'd do in the event of a disaster?  How would that data be restored to a fully functioning office environment?

The answer to those questions hinges on two variables - first what was the nature of the disaster? Second what type of backup do you have?

Put in slightly different terms, having a backup of your company's data merely means that you have a copy stored somewhere, it does not mean you have an instantaneous way to restore your company's network back to full functionality.  This is not what you want to hear and comes as a shock to many business owners who thought they'd done what they needed to do by having a backup of their data.

Welcome to your next parental nightmare!  Boys at one local Reno high school, are reportedly coaxing topless photographs out of high school girls then trading and collecting them like baseball cards. This information has been brought to us by a high school student's parent who says her son informed her of the trading game. It is unclear if the school's administration is aware this game is going on.

As parents we know that sexting is a serious problem and do the best we can to dissuade girls from turning themselves from young women into mere sex objects, but this account takes the issue to a level only seen in a handful of cases, like the Vermont Sexting Ring. Not only are these girls sharing naked photographs with one boy, possibly believing that he will keep it to himself, they are literally sharing it with most of the boys in the school and depending on the true extent of this game perhaps across multiple local high schools.

Recently we've had several people come to us having been hit by a nasty piece of Adware.  This particular pop-up is insidious as it's a two part pop-up, see the attached screenshot.  First you have the large underlying pop-up with the information that says "Call XXX-XXX-XXXX immediately."

Have you been locked out of an account due to entering the wrong password too many times? That was rhetorical; unless your password is "password" (and it better not be) everyone has managed to lock themselves out. Even someone using "password" can manage it if they don't realize Caps Lock is on. But here's the real question - why don't hackers get locked out when attempting to get into their victim's accounts?

If you've been watching USA's new serious Mr. Robot you might be under the belief that, like Elliott, hackers research you and then using a well thought out plan they try passwords that include information about your birth date, family, pets, sports teams, nicknames, address/phone numbers, etc until they find the magic combination to your password.  That scenario doesn't hold water when you look at the facts of an account lockout - it doesn't matter if it's you or a hacker if the lockout says 5 tries and you're locked out, that's what's going to happen.  Even the few variables listed above amount to thousands of options.

So how do hackers do it?

Today we did an experiment with an Internet Tech Support Scam that is reportedly being found online by many in the Reno Sparks area.  Below is a screenshot of what first appears when you happen upon the website at online-system-scan.net.

More than likely you were redirected here by a malicious advertisement on another website or a redirect from a fake article; you know all those interesting top 10 articles that look too tempting not to click on, well some of them are not so innocuous.

Late last year Google made an important change in their ranking system that has received relatively little coverage.  Google has added to their search ranking algorithm a query to determine if a site is being served over HTTP or HTTPS. If a site is being served over HTTPS it ranks higher.

Here's an example of HTTP vs HTTPS:

We don't normally write about threats in the real world, focusing more on the online world, but in this case there's a real threat coming from the online world - specifically Craigslist locally in the Reno / Sparks area.

For those who sell items on Craigslist there has always been a certain amount of risk involved. Some of the crimes associated with Craigslist include:

• Georgia January 2015- Elrey & June Runion went missing and were later found murdered after contacting a car seller on Craigslist.

We saw it for the first time this weekend and because the devil is in the details, I mean in the Terms of Service, with Web.Com we just had to go look and see how this one will be biting unsuspecting business owners in the rump later.

For those who haven't seen the commercial click here.  The gist of it is they'll build you a "free" Facebook page, get it likes and manage it.  The "free" word is thrown in there a lot, but hopefully most of you realize it's not free, as in without money changing hands.

While not in person, this kind of email is as much an attack using social engineering as some unknown tech who shows up saying they are there to repair your copier when you weren't expecting it, but is really there to gain unauthorized onsite access to your network.

The desired outcome is the same - access!  Their weapons is social engineering, cunningly forcing the person in front of them to suspend doubt and allow them access to the building (in the case of the copier repairman) or access to launch an attack on the company's network (in the case of the zip file).

The response to this email is natural, what do you mean my account was declined?!?

And before common sense kicks in the zip is opened the files extracted and wham the malicious content of the zip file is let loose on your company's network.