Better protect your computers, other internet connected devices and more

cyber-security-vs-dave

Mar 5 2015 – Your Friendly Neighborhood IT Guy – http://wp.me/p1fJaD-1V

Updated Oct 22 2016 – Link to “Blame the Internet of Things for today’s web blackout” and related links

I wanted to share several things I do at home to help protect our computers, other internet connected devices and our confidential information from malware and malicious actions.  The better people and companies protect their computers and devices the less there will be spreading of viruses including crypto or ransomware, malware, hacking, botnets etc…

Most of you are probably aware that there is more and more of this going on but did you know a recent international organized hacking operation silently netted between $500 Million and $1 Billion over one year and involved over a 100 banks. More in this NY Times article here.  Credit card and identity theft is on the rise and causes financial hardship and stress to victims as well as combined loses in the $ Billions annually to financial institutions around the world.  This trickles down to cost most people something in the long run.

Many people think it wont happen to them but some websites are infected on purpose or hacked without the owner being aware.  Then when visited known viruses or worse unknown (undetected) viruses or malware will look for vulnerabilities in web browsers or add-ins like java or flash, Apps and Operating Systems.  If these are out of date for updates or if the malware using unknown or not publicly reported vulnerabilities it can infect your device and sometimes silently.  Once infected it may try and collect confidential info including passwords, encrypt your files, change your DNS settings or host file to redirect you device to look alike sites, send spam, spread to or attack other computers or sit silently until instructed to act (zombie on botnet until needed or sold on the black market to someone else to use).  Organized criminals pay so much per bot, SIN, credit card # etc… on the black market or dark net.

The following are examples of things you can do for free that and reduce these risks.

Some of the following also helps P2P download clients work better.

** Please share this with others ***
I know some of you IT guys likely know about a lot of this but hopefully somethings new for you.
Even if you or someone you know can do some of this or help you with some of this it will help.

Learn more about each of these below and some links to related info to reduce risk of hacking and theft

Support SCAMs and similar

OpenDNS

Risks using Public or Free VPN / Proxies

Beware very weary of free apps or utilities for computers or devices

PeerBlock and IP Filters

Transport Encryption for P2P clients

Update your Computer, Router and device software and firmware

Secure devices and routers and change default pswds

Be weary of free or Open Wi-Fi

Consider separate User account vs Admin account for normal use

Clipboard history

Family Safety (Parental Control)

Mobile phones, tablets and other internet connected devices

Firewall

MS / Windows Updates and Anti-Virus / Anti-Malware Updates

If virus detected or you realize you entered your credentials in an un-trusted site

Consider using pswd safe app

Consider using a reputable protection service for you browser(s)

Help avoid phishing emails and spam / junk mail

Risks in Jail breaking, Rooting or moding your phone, tablet or apps

Related:

Massive Ad Poisoning scam and what you can do to protect against it

https://yaworski.net/2015/08/18/massive-ad-poisoning-scam-and-what-you-can-do-to-protect-against/

Blame the Internet of Things for today’s web blackout

Flashpoint says hacked cameras and routers enabled a Mirai botnet to take out major websites on Friday.

https://www.engadget.com/2016/10/21/mirai-botnet-hacked-cameras-routers-internet-outage/

Uber, mini cabs and safely using your credit card

hackers-1-billion-bank-breach/

Warning to vehicle owners with passive keyless entry (PKE) or standard remote KE or Garage door openers.

Truck owners lock your tailgate if you can or consider installing a lock or deterent if you can’t

Support SCAMs and similar
Do not let anyone you do not personally know control your computer remotely.  Some scammers call or send links saying they are from Microsoft or … and are getting alerts from your computer of major problems.  This is a scam and they will use it to try and install virus’s or get you to pay to have non existent or over exaggerated problems fixed.

OpenDNS
I use their personal / free service to help block malware and phishing sites etc…
There is also a OpenDNS agent you can install at least Windows that will pop up and tell you if you are not using OpenDNS.  It can be customized to set how aggressive it filters and filter adult content if you want.

We almost never get any legit pages blocked but if needed you can allow sites or domains or if needed temporarily change your DNS on your computer back to your ISP’s DNS servers.
Personal use link: https://www.opendns.com/home-internet-security
There is a paid option with more features including some geared toward businesses and other services that are similar but make sure they are reputable.

Risks using Public or Free VPN / Proxies
Some people try these for downloading P2P content etc… anonymously or access content only available in the USA etc…
Many of these are run by malicious people or organizations and they all allow a connection directly to your computer which bypasses your router or firewall which is there to protect you and your devices etc….  Paid services maybe more trust worthy but some have gotten hacked.  If this is a must have for you consider using a virtual machine  (VMware player, Virtual Box or others) that you can lock down and easily isolate when needed.

Beware very weary of free apps or utilities for computers or devices
This used to be more of a PC problem and less so from Macs and official app stores but still be weary as even these have been compromised and infected with Malware.
These free apps or utilities can be filled with spyware and sometimes virus’s etc…  Check for an Open Source version or equivalent of the app or tool you looking for (e.g. from http://sourceforge.net or other popular ./ reputable site).  If installing free or open source apps always check if there is lots of good reviews and forums posts etc… only download from trusted source and when installing use the custom install and don’t install toolbars etc…  Some of them don’t give you this option so shy away from these. Sometimes you can un-select but maybe in the fine print or a small box to uncheck or check.  Also never trust free or commercial software, music or videos, code generators etc… from P2P networks or 3rd part download sites etc… These are often infected with viruses or malware.

PeerBlock and IP Filters
PeerBlock is a utility for at least Windows which helps block Anti P2P organizations and Spyware / Malware etc… Some people use IP Filter settings in their P2P client (e.g. Vuze) but PeerBlock is better as it supports multiple lists and it tries to protect all traffic to your computer.  It can be temp disabled or tweaked if needed.  It supports free or paid lists that get updated and downloaded regularly.  It may need to be tweaked or temporarily disabled to allow some legit sites.  If needed it can be enabled just when using p2p clients.
http://www.peerblock.com/

Transport Encryption for P2P clients
Transport encryption can be enabled on many P2P clients to reduce the chance of being throttled by ISPs.

Update your Computer, Router and device software and firmware

e.g. OS and Bios updates etc…

Some virus’s / malware can wipe newer computers with new UEFI type bios if not updated.  Update your bios to try and prevent this.  Not sure if bios entry pswd (not boot pswd) would help prevent.  Always keep these up to date and backup before updating.

http://betanews.com/2015/03/21/lighteater-malware-attack-places-millions-of-unpatched-bioses-at-risk/

Secure devices and routers and change default pswds

Some malicious websites, malware or viruses will try and exploit vulnerabilities in your web browser, computer or device OS or other apps (if not up to date or hidden / unknown vulnerabilities).  If your computer or device is compromised the malware may try and make changes like disabling firewall or DNS servers assigned so your computer or device is more vulnerable or gets re-directed when visiting certain sites like banking sites to fake sites that look exactly the same but used to capture your credentials.  It may try to do same on your router if you have not changed the default pswd or using a very simple / common pswd.

Do NOT allow open (free Wi-Fi) on your Wi-Fi and if your router supports secure guest internet access enable this so your guests devices don’t see your internal network and just the internet.

Be weary of free or Open Wi-Fi

Some free access points can be comprised if not setup securely or purposely configured to try and eavesdrop or allow man in the middle attacks.  If you have enough data on your plan and are not sure the wifi is safe use your mobile data or wait till you have wifi you trust.  Especially for online banking etc…

Consider separate User account vs Admin account for normal use

It is recommended to have a regular user account (not admin) to login for normal use and a 2nd user account with admin for installing apps.  Most of the time you can still install from normal login and it will prompt for admin user & pswd if needed.  If computer has finder print sensor and software you can use 1 or 2 fingers for normal login and 1 or 2 for admin so you don’t have to type in pswds. These also available as USB device.

Clipboard history

Some MS office versions and possibly other apps have a clipboard history feature.  This can be a security risk if using copy and paste of confidential info.  This feature can be Turned off.  Also see related info below under pswd safe and mobile phones.

Family Safety (Parental Control)
If you have children MS Windows Live Family Safety Parental control (free) to block adult content or limit what your child can use on Win 7.  It comes built in Win 8 as an option to turn on.  This can be disabled temporarily or sites allowed if it is blocking legitimate sites.  You require a MS live ID (you can use a hotmail, outlook.com login or create one with your current email) this is easy to setup if you don’t have.  If you want it can log traffic or just what blocked and give you other info etc…

Mobile phones, tablets and other internet connected devices

Disable clipboard history especially if shared device.  For the same reasons mentioned above.  Some devices like Samsung Galaxy Note 4 with Android v4.4 and possibly others have this feature and not possible to turn off.  Install “History Eraser” app from Play store and enable auto start and clear history when screen off Options.  Remember to start again if you use end / close all apps.  Apparently in v5 you maybe able to turn this on or off.

– Phones & tablets used by children:

Use restrictions or parental controls to limit content to what is appropriate.  E.g age rating for apps, TV, movies. Restrict explicit music, books & creating or modifying accounts etc… “Find my phone” requires location services on and turning off can be restricted.  There maybe more support for this with iOS devices but apparently improvements are being added to Android.

We sometimes have to set restrictions to allow no apps for a while when our kids use there phones more than they are allowed or are not getting there responsibilities done.  They can still use for calls, texts, calendar and email. Other times we may limit to just 4+ apps so we can still message them with BBM or Hangouts. It is amazing how much this motivates them to do their responsibilities without having to nag them 🙂

Firewall
Always leave you computer and router firewall on and just allow apps / traffic you trust (especially for mobile computers).

MS / Windows Updates and Anti-Virus / Anti-Malware Updates
Always keep this software up to date (auto updates).
Have it check daily for updates and install.

I use MS Security Essentials (MSSE) which is free for at least Win7 and built into Win 8.
I still supplement it with at least 1 more free Anti-Malware app like:
Lavasoft Ant-Virus (aka Ad-aware) which can run in compatibility mode when using MSSE or other primary A/V.
MalwareBytes free edition is another that is available (use end trial button to switch to free edition).  Both available in paid versions with more features.

I rarely find anything on my computers other than tracking cookies with these extra apps but once found some spyware.  This likely because of the things I do already as mentioned above & below.  I have found this has not been the case for others using MSSE or other A/V when they ask me to help them cleanup their computer and these tools find tons of Malware etc…

I recently helped my dad cleanup their computer and it was filled with quite a bit of malware which MSSE didn’t detect but Lavasoft and MalwareBytes did (a few known virus’s / Trojans and 180+ tracking or spyware / suspicious objects).  Most of this was from using public VPN / Proxies or installing free apps.

If virus detected or you realize you entered your credentials in an un-trusted site
Hopefully your Anti-Virus / Ant-Malware software will be able to remove it and if it has an option to lookup what the virus does read this and see if there is anything else you need to do.  If it was a very malicious one that does keystroke logging or sends confidential info you are best to change any pswds you used on the computers (e.g. online banking etc…) and check you statements /  transactions.

Consider using pswd safe app
These can allow you to store your website links, usernames pswd’s etc… and it will let you copy and paste and auto clear your clipboard after a few seconds.
Make sure pswd to get into it is strong but still easy for you to remember.
Close when not using and enable option to lock after inactivity in case you forget.
e.g. Keepass

Consider using a reputable protection service for you browser(s)
I use Trusteer which is recommended by ScotiaBank and other institutions but there is other reputable services / apps.
http://www.trusteer.com

Help avoid phishing emails and spam / junk mail
Setup a separate online email account you use just for subscribing to newsletters or to download trustworthy apps etc….  Then you can check this email when you need and periodically to unsubscribe or set up forward rules for the stuff you really want to see in your normal email.
Beware of unsubscribe links in dodgy looking emails (something you don’t recall subscribing to) as they may ask you to enter your email address and then send you more spam.
The dodgy companies / sites often share their email lists with each other so you get more spam / junk mail.

Risks in Jail breaking, Rooting or moding your phone, tablet or apps
Some sites or apps require you Jail Break or Root your device before you can install but there is security risks as well as it will likely void your warranty and may render you device useless.  It can leave your device more vulnerable to hacking, malware etc…
If an app you want is asking for this check for an equivalent app that does same or similar thing without requiring this.  Also some mods to try and get free in app purchases etc… can be risky and code generators, installers or scripts may be infected.

If you have anything to add, change or comment on about this please do not hesitate to comment or email me.

Related:

Massive Ad Poisoning scam and what you can do to protect against it

http://wp.me/p1fJaD-4o

 

About Kevin Yaworski

I use my blog to write about things I find interesting or that I think others should know about.
This entry was posted in Computers and Internet and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s