“Hey yourname” from earthlink.net emails – spam

Just a quick post to show you some spam emails I’ve been receiving. My fantastic spam filter (
http://www.ctscleanmail.com/
) has been quarantining this stuff, but the subject AND the fact they are coming from the same domain name earthlink.net made me curious enough to do a little more research.

Spam list earhlink.net

 

 

 

A quick internet search shows that while earthlink.net is a valid email provider, it has been known to have issues with spam from user’s accounts in the past, especially spam that has been coded to include your name in the subject. See this July 2011 blog post 
http://blog.onlymyemail.com/endless-spam-from-earthlink/

So, delete I go! Moral of the story: Don’t trust emails just because someone has mentioned your name.

-SCuffy

BigPond ADSL – Your ADSL Service Cancellation Notice email

Disturbing email doing the rounds over the long Easter weekend in Australia, pretending to be from BigPond. I’m blogging about this in the hope that you’ll find this entry if you receive that email and Google it first.  It’s a scam, and a very clever one.

First the details: sender address ebilling@bt.com (that’s your first alarm bell-bt.com is not a bigpond or telstra domain name)

Subject: Your ADSL Service Cancellation Notice (second alarm bell – I am not and have never been a BigPond ADSL customer)

Text: Dear BigPond User,

Telstra BigPond is sending you this e-mail to inform you that our service to you could be suspended. This might be due to either one of the following reasons:

1. You have changed your billing address.

2. You have Submitted incorrect information during bill payment process. (third alarm bell – bad english & capital letter in middle of sentence)

3. Your credit/debit card has expired.

4. You didnt update your bigpons profile. (fourth alarm bell-missing apostrophe and now bigpond has lost its capitals)

According to above(more bad english), and to ensure that your service is not interrupted, we request you to confirm and update your billing information now BY CLICKING HERE. (another alarm bell-Telstra will never ask you to do this and definately never in capitals)

If you have already confirmed your billing information then please disregard this message as we are processing the changes you have made.

Regards,

Telstra

Billing Department

Thanks for your co-operation

Accounts Management As outlined in our User Agreement, Telstra (r) will periodically send you information about site changes and enhancements.

OK, so there are a few things in there to make you question the email, but the real surprise is the lengths they have gone to with the fake website, and what they have the cheek to ask you for.  When you click on the link, you are taken to a page that looks very much like a Telstra website:

The logo is there and the links at the bottom even point to pages on the real Telstra website.  But the big alarm bell here is this statement: “This is a secure page. Telstra has implemented SSL security technology designed to prevent unauthorised people from reading this page, or the information you send to us via this page.”  Ah no, actually that page is not secured by an SSL certificate, as the address at the top does not appear as https:// and there’s no little golden locked padlock showing in my browser.

So let’s see how far we can push this thing?  Enter a username & password – just anything, make it up .. and you get to page 2 – Thank you for confirming your identity.  And now the fun begins. They want your name, credit card details, billing address, phone number, home phone, date of birth and drivers license number.  Excuse me? I don’t think so.

So we make up some more fake info and submit it, and we get a short confirmation page which then redirects us to the real Telstra website.

Apart from wondering how on earth it can validate a completely made-up username and password, there are elements in there to really make you think it is legitimate.  The site is hosted by e3event.com which is in Indian company.  I’ve forwarded this email to Telstra to get their comment, but I’m betting my money it’s a fake. And if it is, it’s a good one.

The best scammers know that instead of spending their time trying to break technology’s security measures, they just need to take advantage of our human nature and gain our trust. With a few chosen words and a carefully placed logo, we believe they are Telstra and we’re going to lose our internet connection. The easiest way for them to gain access to your personal information is for them to to ask you for it. 

Another concern is the timing of this. It was reported to a few Computer Troubleshooters franchisees as appearing over the Easter long weekend, which was a 5 day public holiday in Australia this year due to the ANZAC Day commemoration.  The billing departments of all corporations were closed (internet providers only run technical support on weekends) and who wants to be without their internet for 5 days because you decided to wait & phone Telstra to check it out first?

So, now you’ve been warned, and you’ve seen why I think this is a scam. I’ll let you know Telstra’s reply when I get it (hopefully tomorrow – at 9pm their privacy department isn’t open).

-SCuffy

Logitech Harmony One Review – Logitech Australia Product Tester

Logitech Australia Product Tester – Harmony One Remote (Dec 2010)

Logitech Australia reached out to its social media community and asked for volunteers to test some of their products.  I was accepted as one of the ‘chosen few’ and here is my completely unbiased report on their product.  Enjoy!

On arrival, the Harmony One remote was staring at me through clear plastic, just waiting to escape!  The packaging did a clever job of hiding all of the boring bits (software installation CD, instructions, charge cradle and cable), whilst leaving the feature product on clear display.  The plastic was a bit of a mission to get in to… or maybe that was just my impatience!

The first step was to charge the remote, as it had a Li-Ion rechargeable battery (like most cordless phones).  It fitted snugly into the cradle.  The downsides to the charging process were 1) the lack of indication as to whether it was still charging or had completely charged (you needed to press a button on the remote to find out – a colour changing LED on the cradle would have been great, or the ability for the remote screen not to ‘sleep’ during this process so you can see the on-screen indicator all the time) and 2) the cradle took up a bit of bench space, being slightly larger than the remote itself (would have been great to be able to charge it vertically, but with the battery contacts being near the top of the remote, a stand-up cradle would mean you’ve have to place the remote in upside down).

While that was happening, I wandered around and gathered the information for the devices I wanted to control (TVs, games machines, DVD players, set-top box, VCR etc).  Once the remote was charged, I installed the software onto my Windows 7 Professional laptop and connected the remote via the USB cable, and received an error (Step failed Updating region: 0x10a00102 – The information was not sent.  Check your USB cable and try again.  If the problem persists, contact customer service. Step 2 of 4 Applying settings 80% complete).  To fix this, I tried a different USB port on my laptop, and then it had no problems.

Adding devices was easy, and I was surprised to see cheaper & older devices listed (eg DSE DVD, DGTEC Set-top box and 10yr+ old Panasonic rear projection TV).  Unfortunately neither the Installation Guide nor the device worksheet tell you to note your input channels for your devices, so I had to wander around again to check which AV channels were needed for which devices.  With that information, setting up Activities (like Watch TV) was also easy.  It was great to see that I could have a ‘TV’ and ‘TV2’ and also multiple games machines etc, so this one remote could be used in both rooms where I have AV gear.  Though the remote can’t natively control a Nintendo Wii (Wii’s limitation of being a bluetooth device though you can buy a Wii IR receiver), I could still setup an activity so my TV and Amplifier would come on and set to the right channels for the Wii.  Only downside to the software was a full-screen limitation where the software doesn’t ‘maximize’ to the full edges of my screen (the icon areas stays the same and it just extends the grey background).  It would also be nice to have the Activities in a vertical list, instead of tiled with big icons.

The remote is comfortable to hold, with the buttons in the right places and a gloss finish matched with an underside rubber grip right where it’s needed.  The screen also sleeps automatically when you put the remote down, and lights up when you pick it up again.  A friend commented that it would be nice to have hard red, yellow, green & blue buttons (eg used by Foxtel), but I don’t have Pay TV and apparently they do display onscreen as touch buttons.

It’s fairly intuitive to use and the remote assistance feature is great when things don’t seem to go quite right.  Watch the screen and follow the prompts and it will sort everything out for you.  Remember that some devices will have to be physically turned on at the switch and in standby mode before the Harmony One (or any remote) can talk to them.  Once it’s configured to turn on and set the correct devices to the correct channels at the press of one icon (Watch DVD, Play Game etc), it’s just like having a teenager in the house .. but significantly less expensive!

The Slideshow is a little gimmicky but my family loved seeing their photos on the remote.  It only allows for 8 photos of max 160kb each, so I had to resize them before loading them on.  The only way I can find to display them is through the Options menu, and then you can turn the slideshow on to run once.  It would be great if this had more options, or could be set as a ‘screensaver’ though ultimately that would affect the battery life.

The battery life is really the only other negative, it seems I have to charge it every 3 days or so.  Perhaps that’s just because I’m using it so often to test it?

Overall, this remote is fantastic.  It has easily replaced 8 other remote controls in my house and sits there looking unobtrusive, even stylish, on my coffee table.  If you are looking to consolidate the number of remotes you have, or if you are looking for an easy way to control multiple devices and make them simpler to use, I would highly recommend the Harmony One.

Issues with security update patch for IE7 WinXP KB2416400?

Our friends at the Kaseya NOC have decided not to rollout out a Microsoft security patch just released for Internet Explorere 7 machines (on Windows XP).  They’ve seen some issues once it’s been installed and there are a few blog sites with people reporting problems.  Suggest hold off installing this one for a while until it’s sorted:

“Post: We have noticed that after applying the patch KB2416400 (MS10-090), when browsing a particular site, all links stop working following clicking a link to open a java script pop-up window. Hitting F-5 to reload the page restores functionality of the links. So to avoid this miss-functionality we have denied this patch from all Virtual Manage machines.

http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/eec87070-61eb-4fbd-aa45-911206f7039b

https://blogs.technet.com/b/wsus/archive/2010/12/16/important-questions-regarding-ms10-090-kb2416400-internet-explorer-cumulative-security-update.aspx

https://blogs.technet.com/b/sus/archive/2010/12/16/update-on-a-couple-issues-we-are-seeing-related-to-detection-and-installation-of-ms10-090-kb2416400.aspx

-SCuffy

Attention!!!! All your personal files were encrypted with a strong algorythm RSA-1024 …

.. and you can’t get an access to them without making of what we need!

Read ‘How to decrypt’ txt-file on your desktop for details

Just do it as fast as you can!

Remember: Don’t try to tell someone about this message if you want to get your files back! Just do all we told.

*Eeek*  If your computer’s desktop has suddenly turned very pale and is displaying the above message, I hope you have a good backup*.

Computer Troubleshooters franchisees started to see reports of this from November 25, 2010.  The virus ‘Trojan.Ransom-U’ is ransomware – it hijacks your files and renders them unreadable, threatening to delete them completely unless you wire transfer $120 and email datafinder@fastmail.fm  The ransom note is contained in the How to decrypt files.txt file on your desktop.

Your virus scanning software may detect a strangley named executable file (.exe), where the name is a random string of  numbers and/or letters. 

At the time of writing (Nov 29 2010 AEST), there is no known way to clean or un-encrypt your files.  The only recovery steps are to turn off Windows System Restore, scan and clean your computer in safe mode and restore your files from your last known-working backup. 

If you are fortunate enough to be reading this BEFORE your own PC has become a victim, follow the advice from Lloyd Borrett for AVG to secure your Adobe Acrobat PDF Reader software, with a few changes to its settings:
http://ctaspley.wordpress.com/2010/08/24/protect-your-pc-against-adobe-pdf-reader-security-flaws/

Oh, and make sure your backup is working

*  For single PCs, we recommend Carbonite Online Backup

Protect your PC Against Adobe PDF Reader Security Flaws

Not an original blog entry this time, but advice definately worth sharing from the security experts at AVG – thanks Lloyd!

Melbourne and Amsterdam, 13 August 2010 – It should go without saying that the best way to deal with malware is, of course, not to get infected in the first place.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) says, “Being aware of what products are being targeted by the bad guys may help you as well, so it may be useful to know that at the moment Adobe products are virtually the number one target across the world with millions of PCs being hit by infected Adobe PDFs. Others are being pwned via Adobe Flash ads via Facebook and other social media web sites.”

Attackers send a file that has malicious code embedded in it. Once the file is opened, the computer is infected, typically with some form of identity theft malware that then steals data.

The Adobe PDF and Adobe Flash browser plug-ins are also used in “drive-by download” attacks where malware is downloaded onto the PC while the user is surfing the web.

“Adobe products, just like Microsoft Windows and Microsoft Office, have near universal use on home and business computers making these applications prime targets for the bad guys,” Borrett continues. “Unfortunately, since the bad guys realised this and turned their attention to finding security holes in them, they have been very successful.”

Of course, the easiest way to avoid the risk of being compromised via these Adobe products is not to install them! However, this is virtually impossible for most home and business Internet users.

So if you must use Adobe Reader, then please take the time to secure it.

How to secure Adobe Reader  

1. Open the Adobe Reader application and choose ‘Edit’ and then ‘Preferences’.
2. On the left you will see several different categories of options to modify.
3. Under the ‘JavaScript’ category there is a checkbox ‘Enable Acrobat JavaScript’. Make sure this checkbox is not ticked/selected so that you disable Adobe Reader’s ability to run dangerous JavaScript from a PDF.
4. Under the ‘Security’ category, to specify that digital signatures are handled securely make sure the ‘Verify signatures when the document is opened’ checkbox is ticked/selected.
5. Under the ‘Security (Enhanced)’ category, make sure the ‘Enable Enhanced Security’ checkbox is selected to help with data protection and privacy.
6. Under the ‘Trust Manager’ category we’d recommend you disable Acrobat’s ability to call external applications to handle non-PDF file attachments. So, after the ‘PDF File Attachments’ heading, make sure the ‘Allow opening of non-PDF file attachments with external applications’ checkbox is not ticked/selected.
7. Then click on ‘OK’ to exit changing the preferences.

Adobe is working to address the security vulnerabilities in its products, so it’s vital to make sure you regularly check for updates to Adobe Reader, Adobe Flash and other Adobe applications. Turn on the automatic updates so that your Adobe software stays up-to-date.

Borrett adds, “And also don’t forget to install a complete security suite solution like AVG Internet Security that will provide you with total protection as you work, shop, bank and play games online.” 

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

About AVG (AU/NZ) Pty Ltd — www.avg.com.au

Based in Melbourne, AVG (AU/NZ) Pty Ltd distributes the AVG range of Anti-Virus and Internet Security products in Australia, New Zealand and the South Pacific. AVG software solutions provide complete real-time protection against the malware, viruses, spam, spyware, adware, worms, Trojans, phishing and exploits used by cyber-criminals, hackers, scammers and identity thieves. AVG protects everything important and personal inside computers — documents, account details and passwords, music, photos and more — all while allowing users to work, bank, shop and play games online in safety. 

AVG provides outstanding technical solutions and exceptional value for consumers, small to medium business and enterprise clients. AVG delivers always-on, always up-to-date protection across desktop, and notebook PCs, plus file and e-mail servers in the home and at work in SMBs, corporations, government agencies and educational institutions.

Talk to Us

Siobhan MacDermott

AVG Technologies – Investor Relations

E-mail: siobhan.macdermott@avg.com

US Mobile: +1 415 299 2945

For more detailed information please contact:

Lloyd Borrett         AVG (AU/NZ)      03 9581 0807

Shuna Boyd         BoydPR      02 9418 8100

Technology considerations for your new startup business

If you’re thinking about starting a business (congratulations!!), then technology might be the very last consideration on your mind.  With a long list of tasks in front of you (like getting a logo and stationery designed, finding an office, and working out your marketing plan), you may just requisition your home computer to start running your new business.  Let’s look at some of your very first technology decisions.

New computer or your home PC? – For a while, your home computer may be adequate to handle the necessities of your business.  However, if your computer time is conflicting with the children’s need to surf the internet for their homework, it may be time to consider a dedicated business computer.  Study any system specifications carefully and check the manufacturer’s websites.  Many ‘cheap’ retail deals are superseded models, cannot be upgraded easily or may not connect to a bigger computer network, which will all be important as you grow.  Also, talk to your accountant about any tax benefits that may be gained from leasing instead of purchasing your IT assets.

Voice over IP – When considering a phone number for your business, take a look at your Voice over IP options.  The quality of this technology has improved significantly and it can provide great local, national and international phone rates.  Today’s systems can plug into a standard cordless phone and your internet connection, so your computer doesn’t have to be turned on for you to make and receive calls.  It makes a fantastic ‘second line’ for businesses that run from your home.  You can have your office phone answered outside of business hours and still receive personal calls on your standard home phone line. 

Internet domain name – Once you have decided on your business name, look at registering your internet domain name.  This will prevent someone else from registering it.  Having your own domain name (like marysmith.com) will give your emails a more professional look and enable you to have a simple webpage established.  Don’t think you have to spend a fortune on a comprehensive website before your first day of actually doing business.  As long as your contact details (phone number, email address, fax number, and location) are easy to find and you have some great information about why your business is different from your competitors, you will be giving the search engines something to find.  This is much better than an ‘under construction’ picture or no internet presence at all.  Use your domain name in your email address to look much more credible than someone operating from a free email account (like myname@gmail.com).  You can still use your internet provider for your email service.  Make certain to check what protection they have in place against email viruses and spam.  Remember to include your website and email address on all of your stationery and marketing materials.    

Email marketing – Investing in an email marketing program provides you with a great communication channel to keep your business in front of your future customers on a regular basis.  Supplement your email marketing with monthly newsletters and occasional special offers.  Get permission to store your customer’s email address from the day they start doing business with you and you’ll build up an impressive database.  

Talk to your local Computer Troubleshooters about how to make the right technology decisions that match the needs of your new business.

Planning the survival of your business

If your technology stopped working, would your business stop functioning too? Is your business totally reliant on the information stored on your computer systems or could you continue to deliver 95% of your products and services and catch up on the computer work later? No matter which end of this scale your business is at, you will fare much better during a major technology outage if you plan in advance, before it happens. This month we take some of the mystery out of Business Continuity Planning.

Business Continuity Planning (BCP) is the process of working out how your business will continue to function during a disaster. These threats to your business could include:
Fire      Burst water pipes      Burglary       Flooding (severe rainfall)      Earthquake      Influenza outbreak      Hardware failure      Software Failure      Internet outage       Tornado/Hurricane/Cyclone      Severed phone cabling      Security breach       Damage by disgruntled employee      Employee error      … And many more!

BCP begins with identifying the possible risks and the impact they would have on your business. What functions would be affected if your main administration PC crashed? How long could you be without internet access? It’s important to evaluate the probability of these incidents occurring and the severity of their impact. This will help you to determine which incidents are the highest priorities to be addressed.

Next, you look at how these risks can be prevented, or the impact of them lessened. This could include copying data to a different site or having a laptop that has the same business-critical software applications as your administration PC.

Finally, you plan the actions that would be needed to help you respond when this incident occurs. Do you need to go to another site to get a copy of your data or bring the laptop in from home? Do you need to temporarily relocate to another site that does have internet access? Can you run a paper-based system until you can access your computers again? Think about who will be responsible for doing what and what resources they will need. This also needs to include any third-party suppliers of your business, like your local Computer Troubleshooter.

Your Business Continuity Plan should be examined, tested and maintained on a regular basis. This is to ensure it still reflects the changing needs of your business and also to make sure that the key parties within your business understand their roles in the process.

Whilst it may seem a little daunting, some forethought and planning will save you a lot of time, stress and money when things do go wrong.

Office 2010 – great new features!

Written for the Computer Troubleshooters franchise for distribution to our global client base:

Microsoft’s release of Office 2010 has been somewhat overshadowed by the recent Apple iPad release, however the new version of Office has some fantastic improvements that are worth shouting about. This month, we highlight a few of the features that will make your life easier.

Work better together – Do you e-mail files for people to review, managing revision numbers and tracking editing changes? Or do you use technology like Google Apps for internet-based sharing and collaboration? With Office 2010, your document can now be shared easily on the internet and edited by multiple people at the same time (for real-time co-authoring). This feature alone may change how teams work together internally and how businesses work with their customers.

Office wherever you need it (and it’s free!) – Office Web Apps will offer lightweight versions of Word Excel and PowerPoint from your web browser, for free. Whilst these products are missing many features, they’re designed to complement the full products and provide great basic editing from any location.

Look before you paste – Even the humble paste feature is overhauled, with the new Paste Preview. You can now choose to keep the source formatting, merge the formatting or keep the text only of your pasted content. As you hover the mouse over these options, you’ll see a preview of what your content will look like before it’s inserted. There’s now also a built-in screen capture tool and screen clipper giving you more control over the screen images you wish to copy.

PowerPoint embraces multimedia – Microsoft has stepped up the video capability of PowerPoint with advanced video editing functions now built into the application. You can also embed YouTube videos into your slides, though you’ll need an internet connection to display them when you run your presentation. You can also distribute your slides as a video, or easily broadcast your presentation over the internet.

E-mail’s new look – Outlook inherits the wide ‘ribbon’ toolbar that other applications had in Office 2007. The new Conversation View lets you follow the threads of a discussion more easily and inside an e-mail you’ll see meetings, attachments and other emails that are related to the sender. You’ll even be able to include them as a social networking contact with the Add button. For repetitive tasks, Outlook introduces macro-like QuickSteps, enabling you to action several tasks with one click (e.g. reply to a message and delete the original).

Never lose a document again? – If you’re not happy with the latest changes to your file, the Autosave feature now keeps the last 5 versions that it saved and you can preview and compare their contents. If your computer crashes or your laptop battery dies and you suddenly remember that you haven’t saved the masterpiece you’ve been working on for the last hour, Office now keeps unsaved documents for 4 whole days before automatically deleting them.

Talk to your local Computer Troubleshooter about how you can take advantage of these features and other software and technology benefits.

The 5 things YOU must know about your business’s computers

If someone else is responsible for the technology in your business, it can feel fantastic that you don’t have to worry about that part of your business operation.  But whether that person is an employee, a freelance computer guy or a larger I.T. support company, the responsibility for this part of your business still ultimately lies with you.  Here’s a list of what all business owners should know about their own computers: 1. Administrator passwords – ‘Local administrator accounts’ have full access to make changes to your computers.  If you have a server, there may also be a ‘domain administrator’ account.  Make sure you have a record of these account passwords in a safe place.  If your business provides laptops and mobile phones to your staff, also keep a record of any passwords or PIN numbers that are used to secure these mobile devices (e.g. are prompted for when the device is turned on).  This may seem a bit over the top, but it only takes a disgruntled employee or an issue with your support provider and you can find yourself locked out of your own systems, at the mercy of someone else who knows the passwords when you don’t.  I’ve actually seen I.T. companies refuse to release administrator passwords.  Remember, your information is your property, not theirs. 2. Domain name details – If you have your company name registered as a domain on the internet (e.g. for your website or email addresses), make sure you know when your domain is due to expire.  Domain name registration only lasts for a certain period (commonly 1, 2 or 5 years) and must be renewed.  We’ve seen websites and emails stop in their tracks because the domain name registration company couldn’t (or didn’t) contact the business owner to process the domain name renewal.  Also associated with your domain name is a password or PIN number (sometimes known as a registry key).  This proves you are the rightful owner of the domain and is required for making any changes.  It’s a long process if you need to get this password reset because it’s been forgotten, so make sure it’s stored in a safe place. 3. Internet connection details – The modem that connects your computers to the internet is configured with some details that are specific to your account with your internet provider.  This may be as simple as a username and password, but may also include security settings or even ‘port numbers’ for allowing or denying internet access to some software programs.  If you have internet connection problems and the modem needs to be reset back to the factory defaults, this information will be lost.  It can also happen due to a power failure or if the modem is faulty.  Once again, this only takes a few minutes to document, but can save you a huge amount of time when you need it. 4. Last successful backup test – Your backups are only as good as your last successful ‘test restoration’.  If someone else manages your backups, ask them to test that they can restore the data and provide you with a monthly report so you know it’s been done.  If you look after your own backups, make sure this testing is performed by someone in your company and that you receive a report from them to show when it happened.  5. Software licensing proof – Like the financial and taxation side of your business, the responsibility for legal software ownership rests with the business owner.  Don’t think that you’re only a small business so no-one would audit you.  Keep a safe record of your software license keys and proof of ownership (e.g. purchase receipts).  This also makes license numbers easy to find if your computer software needs to be re-installed or moved to a different computer. Please make it your ‘New Financial Year’s Resolution’ to obtain this important information and store it safely.