Author: Sandilyan

The passwords we use secure our identity, and treasured belongings can be potentially harmed if these credentials become compromised.

As technology advances, so does the need for strong, complex passwords. Multi-factor authentication is another security step commonly used to advance security.

How do you create secure passwords and keep them safe?

There are multiple answers to this question.

Until recently, passwords were “good passwords” if they had six to eight characters.

Use Entropy, Don’t Make Your Password Predictable

Now we gauge password strength by the measure of predictability, also known as entropy (Weaver, C. 2016, January 19).

Using this strategy allows the user to break down their password by the likelihood it will be guessed. The more complex the password is, the harder it is to guess. An example of a good password includes a mix of upper and lowercase letters, symbols, and numbers.

Adam Pittman of Computerbilities recommends passwords should be at least 12 to 16 characters and changed at least every 90 days.

Passphrases Are Easier To Remember

When you have multiple passwords logging into critical accounts daily, remembering such long/ complex sequences of letters can be challenging and time-consuming. To create easy to remember and complex secure passwords. Start with a sentence you will remember and add numbers and symbols that correlate to the sentence. A great example would be:

Lucylovesbagels,4dinnner$

Using this formula to create a password is also known as a passphrase. Create secure and complex passwords can take time to master, so don’t stress if you don’t create the perfect one the first time.

Password Managers Simplify Many Complex Passwords

Now that you’ve created that password, I am sure you will need to make more for the many accounts that you have. Even with password creation strategies such as passphrases, there are still many passwords you will have to remember. This is where password managers come into play.

Password managers such as Passportal make it easy to keep passwords in a secure vault and accessible to each user in the company. It’s almost impossible to remember all your passwords without a password manager.

Want to learn more about good password creation and get some advice from the experts? Watch this live stream conducted by nine technology experts across the United States:

Don’t have time to watch the video? Schedule a call with Cybersecurity Expert and Computerbilities President Adam Pittman to discuss any of your password questions or concerns. Email apittman@computerbilities.com to request your call.

Weaver, C. (2016, January 19). A Somewhat Brief Explanation of Password Entropy. IT Dojo.

38-year-old Raymond Abbas, also known as Hushpuppi, by his Instagram handle, has been arrested for funding his extravagant lifestyle through hacking scams, mainly targeted all through Europe, Nigeria, and the United States. The most common scamming tactics that he used were:

• Business email phishing scams
• Money Laundering
• Computer hacking (CNN,2020)

Abbas would in no way shy away from flaunting his enormous wealth.  He would often post photos showing his 2.5 million Instagram followers his many designer clothes, luxury jets, and fancy cars. For all of this, he accredited to as being a successful real estate investor (Salo 2020). His Instagram latest post reading:

“May success and prosperity not be a “once upon a time” story in your life… ?. Thank you lord for the many blessings in my life ?? continue to shame those waiting for me to be shamed”

Investigators ironically connected Abbas’ crimes to his social media accounts. On his Instagram, Abbas had a phone number, and email saved that connected authorities to the trace of large cash amounts being transferred (CNN 2020).

Snapchat, Apple ID, and birthday celebration posts also gave him away, further confirming his identity and connections to other suspects.

According to a source, Abbas had been sending a partner in crime his Romanian bank account information, which was explicitly for his vast sums of cash, while he used his Dubai bank account for deposits he would receive from his hacking scams in the United States (CNN 2020).

In June, Abbas was arrested in his apartment in Dubai by the United Arab Emirates, later to be given over to the FBI flying to Chicago on July 2. He is to be transferred and then tried in Lost Angeles to face his alleged cyber-crimes (CNN, 2020).

Unfortunately, Raymond Abbas is only one of the many hackers that make a living by preying after the public through their scams.

The first step to take so you won’t be the victim is to educate yourselves and others around you on proper internet etiquette!

IT companies exist to create proper security and precautions for their businesses to follow to prevent these scams. Contact a local IT company in your area to make sure that your cybersecurity solutions are up to date, and you have the right procedures in place in case there was an attack on your business!

It is much better to be safer than sorry! Especially when there are thousands, maybe even millions of dollars at stake! Contact Computerbilities for a FREE Dark Web Scan! (919)276-0282

Sources:

CNN, J. (2020, July 12). He Flaunted private jets and luxury cars on Instagram. Fed used his post to link him to alleged cyber crimes. Retrieved July 14, 2020, from, https://abc17news.com/news/national-world/2020/07/12/he-flaunted-private-jets-and-luxury-cars-on-instagram-feds-used-his-posts-to-link-him-to-alleged-cyber-crimes/

Salo, J. (2020, June 29). Nigerian Instagram star known as Hushpuppi busted in $431M cyber scam. Retrieved July 14, 2020, from , https://nypost.com/2020/06/29/nigerian-scammer-known-as-hushpuppi-busted-in-431m-scam/

We are not only a company that provides assistance with business’s IT systems and functionality, we also can help you understand isolated issues!

THE WINDOWS 10 DILEMA

This past week we got a lot of questions regarding an issue with Windows 10. Many people contacted us saying that the search menu on their Windows 10 computer would stop working out of the blue and would show a grey blank screen if you tried to get back to any home screen, a blank search screen would show.

Below is an example of a screen shot somebody took with this problem:

We heard your complaints! And we have information!

The Explanation

Don’t fret! You haven’t done anything wrong! If you haven’t yet, reboot your system and try the search again. If that doesn’t work, hang in there! Microsoft is undergoing some system changes that is causing problems with a lot of their products.

They didn’t hack into your system and change it all, but their systems are all interconnected and their switching of systems has caused issues for many Windows owners. The simple answer: Windows broke their search function, and you’ve sadly been affected.

The long answer is more complicated. Search software takes a lot of memory on a computer’s hard drive. One click on the search function will automatically take up over 120 MB of capacity.

It takes up so much memory because many different apps and software are included. In the mix of these is mostly JavaScript and React, and the combination of the two is just proving to be too much for some Windows systems to handle at once.

If you find you or your business having problems like this often, tell us! We are IT experts at Computerbilities and we are willing and able to help!

The fake coupon scam gained traction in 2016 and is still tricking consumers to this day. It becomes even more prominent around back-to-school, Thanksgiving, Mother’s Day, Black Friday, and Christmas.

These bogus coupons claim to be from well-known companies such as Target, Starbucks, Whole Foods, Food Lion, Kroger, Aldi, Lowe’s, Dunkin Donuts, Kohl’s, Publix, Dollar General, and Bed Bath and Beyond. The coupons often claim to be in celebration of the company’s anniversary or birthday. Some of the offers that have been used in the past, include:

• Free $30 gift card
• 50 percent off store wide
• $75 off any purchase
• $50, $100, and $200 off

Usually “all you have to do” to get the coupon is like the page, share the coupon with your friends, and fill out a survey.

Once you click on the fake coupon, a couple of things may happen:

You’re taken to a bogus website asking for personal information such as your name, phone number, age, email, and home address. You’ll find yourself completing survey after survey and never actually getting the coupon. Scammers often get paid for every completed survey, so it’s possible that they phish enough information out of you to retrieve passwords and access your accounts. Best case scenario, you just get bombarded with spam emails.

Worst case scenario, you’re taken to some website you’ve never head of and that site starts installing malware on your computer.

If at any point, you’re told to download an app or software to get the coupon, DON’T do it. It’s a scam.

My Experience

If I’m being completely honest, I fell victim to this very scam a few years ago. I saw several of my friends share an awesome Target coupon and figured if they posted it, it must be fine. I don’t remember the exact details, but I know it took me to a website where it asked me to fill out a survey. I completed the survey, only to have it redirect me to another survey. I really wanted that coupon, so I took a few more surveys before finally giving up. Next thing I know, I’m getting messages from friends telling me that my Facebook account was hacked. I went through my account activity and saw that hackers posted in groups and commented as me. It probably would have taken me weeks (or longer) to discover my account was compromised if my friends didn’t tell me. I immediately changed my password and started unsubscribing from the dozens of spam emails in my inbox.

Lessons Learned

Anything that seems too good to be true, almost always is.

Businesses do not celebrate anniversaries by giving away hefty coupons to Facebook users who like and share posts.

You know better. Nothing is ever free. Most companies can not afford to give out $200 to every person who likes their Facebook post. And when was the last time Starbucks handed out $100 gift cards like candy? That’s what their reward program is for.

How to Spot a Fake Coupon

Check to see if the Facebook page is legitimate.

The Facebook page may look real. Scammers often steal logos and photos from the official page. Check to see if the page is verified (it’ll have a blue or grey circle with a check mark next to the name).

Scammers will change the name of the Facebook page slightly. The official Facebook page may be called Aldi USA and the fake one may be called Aldi US. They also might use a page called “Aldi coupons” or “Aldi Deals”

Not every company has a verified Facebook page. If you’re unsure if the page is official, go to the company’s website and look for their Facebook information there. You can also contact them directly to verify the name of their page or simply ask about the coupon.

Pay close attention to the link destination, before even thinking about clicking on it.

If the URL is Target.com-holidays.xyz it’s a scam. Make sure the link goes to the official company website BEFORE clicking on it.

Check for fine print.

All legitimate coupons have fine print containing terms and conditions, exceptions to the sale, and an expiration date.

You’re required to fill out a survey, like or share.

I looked at Facebook pages for several of the companies that are often targeted in this scam (Kohl’s, Target, and Starbucks) to find legitimate coupons for comparison. Out of the three companies, not one of them posted an actual coupon. They gave information about sales and deals, links to deals on their websites, and information about in-store freebies. Not once, did they ask you to share, follow, like, or fill out a survey to access the deal, offer, or in-store freebie. Note: things are slightly different regarding social media contests and giveaways. However, as far as coupons go, you will NEVER need to give out personal information or like and share a post.

Check for low resolution or grainy images.

If you’re still unsure of the legitimacy of a coupon, check out Snopes.com or the BBB scam tracker. Even better, contact the company directly to inquire about the coupon. 

What to Do If You Spot a Fake Coupon

Report it to the retailer mentioned so they handle it as they see fit (press release, warn customers, try to get it removed from social media, etc.)

Don’t share it or click on it.

If you see that your friends already shared it, tell them to change their passwords.

Report it to Facebook.

Examples

What is a tech support scam?

Tech support scammers want you to believe you have a serious problem with your computer. They want you to pay for tech support services you don’t need, to fix a problem that doesn’t exist. They often ask you to pay by wiring money, using a gift card, or a money transfer app. Tech support scammers have two main methods they use to trick people:

Phone Calls

Tech support scammers call and pretend to be a computer technician from a well-known company such as Microsoft, Dell, or Norton. They may even spoof the caller ID so that it displays a legitimate support number from a trusted company. They’ll then ask you to install applications that give them remote access to your computer and pretend to run a diagnostic test. Then they try to make you pay to fix a problem that doesn’t exist.

If you get an unsolicited call claiming there’s a problem with your computer, hang up. Microsoft and Norton have confirmed they will NEVER call you unless you request it. Dell will never call you unless you’re signed up for their enhanced monitoring and support services, but they will never call you unsolicited.

Pop-Ups

Tech support scammers may try to trick you with a pop-up window that appears on your screen. It will look like an error message from your operating system or antivirus software. It might use logos from trusted companies or websites. The message warns of a security issue and tells you to call a toll-free number for help.

Do NOT call the number. Real security messages will never ask you to call a number. Microsoft and Norton have both confirmed that they will NEVER give you a pop-up telling you to call for help. If you get one of these pop-ups, shut down your computer right away.

Additional Tips

If you need to contact Microsoft, Dell, or another well-known company’s support, get the number directly from the official company website.

Never give control of your computer to a third party unless you know it is the representative of a computer support team you contacted.

If you think you’ve been scammed: 

1. Change ALL of your passwords. Change passwords for your computer, online banking, social media, email, and any other password protected websites that you visit.
2. Contact your bank to report that there has been fraud performed on your account.
3. File a complaint with the Federal Trade Commission and let the company know. Example: If the scammer was pretending to be from Microsoft, let Microsoft know.

When you dispose of, donate, or recycle an electronic device, you may disclose sensitive information which could be exploited by cyber criminals.

There are a few ways to effectively remove all data from your devices. The method will depend on the type of device (ex. laptop, cellphone, digital camera).

Keep in mind that simply deleting files from your computer doesn’t actually remove them from the device. Even if you empty the trash, the deleted files are still on the computer and can be accessed.

How do I remove all data from my computer?

To permanently delete data from your computer, you can use a disk cleaning software specifically designed to erase data.

Another method to permanently remove data is overwriting. Overwriting deletes sensitive data and writes new binary data over it.

The last method is physical destruction. Note: While fun, hitting your computer a few times with a baseball bat is insufficient. There are services that will disintegrate, burn, or melt your computer drive. If you choose not to use a service, you need to remove the hard drive and destroy it. Don’t try to use a magnet, don’t scratch it or just crack it in half. Smash or shred it into as many pieces as possible, or for best results, drill holes into it.

Check out this interesting article about extracting data in criminal cases and where most criminals go wrong. (Obviously, we’re not condoning you destroy evidence. Only wipe old electronics to protect your personal information, not cover up a crime!!)

What about my phone?

Before disposing of a smartphone or tablet, be sure to remove all data by performing a hard reset, also known as a factory reset. This is done differently depending on the device but is usually done through the settings. On an iPhone you go to Settings >> General >> Reset >> Erase all content and settings >> Erase iPhone. Also, if your device has a memory card, physically remove it.

Where can I dispose of my devices?

After wiping your devices, you may choose to donate, discard, or recycle them. To find out where you can recycle electronics in your area, visit: http://www.ecyclingcentral.com/. To find out where you can dispose of electronics in your area, visit: https://www.epa.gov/recycle/electronics-donation-and-recycling.

Wake County residents and businesses are lucky enough to have several special Wake County Recycling Facilities that accept old electronics.

Of course, if you need help wiping your devices or disposing of them, we’re always happy to help.

Call us today to schedule a FREE Cyber Security Assessment. We provide managed IT services for small to medium businesses in Raleigh, Cary, Durham, Apex, Clayton, Wake Forest, Chapel Hill, Holly Springs, and surrounding areas. Call today: 919-276-0282.

RALEIGH, N.C. – North Carolina Employer Support of the Guard and Reserve, a Department of Defense program, announced Adam Pittman, the owner of Computerbilities, Inc. of Raleigh, was honored Dec. 15 with the Patriot Award for his support of Sgt. Justin Rowley, 492nd Signal Company, U.S. Army Reserve. The ceremony was hosted by ESGR volunteer, Griff Bartlett.

“This is a small company, but Adam always went out of his way to make adjustments for my service,” said Rowley.  “I know it was difficult for the business but he made it work and I really appreciate it.”

The Patriot Award recognizes individual managers nominated by an employee serving in the National Guard or Reserve for support provided directly to the nominating Service Member. The Patriot Award reflects the efforts made to support Citizen Warriors through a wide-range of measures including flexible schedules, time off prior to and after deployment, caring for families and granting leaves of absence of needed.

During the presentation Adam Pittman said “I appreciate what Justin and all our Service members do and just try to help by doing what I can.”   Pittman also signed a Statement of Support during the ceremony.

The Statement of Support Program is the cornerstone of ESGR’s effort to gain and maintain employer support for the Guard and Reserve. The intent of the program is to increase employer support by encouraging employers to act as advocates for employee participation in the military. Supportive employers are critical to maintaining the strength and readiness of the Nation’s Guard and Reserve units.

“Organizations like Computerbilities, Inc. recognize the extraordinary value Guard and Reserve employees bring to the workplace,” said North Carolina ESGR Committee Chair Ron Bogle. “Hiring National Guard and Reserve members is not just the right thing to do; it is the smart business thing to do.”

Employer Support of the Guard and Reserve was established in 1972 to develop and maintain employer support for Guard and Reserve service. ESGR advocates relevant initiatives, recognizes outstanding support, increases awareness of applicable laws, and resolves conflict between service members and employers. Paramount to ESGR’s mission is encouraging employment of Guardsmen and Reservists who bring integrity, global perspective and proven leadership to the civilian workforce.

More information regarding ESGR Outreach Programs, or ESGR volunteer opportunities, is available at www.ESGR.mil or by calling Darrell Johnson at 984-664-6902 or email Luther.D.Johnson.ctr@mail.mil. Also, you can follow the North Carolina ESGR Committee on Twitter @NC_ESGR or Facebook at www.facebook.com/ESGRNC.

Pictured left to right; Sgt. Justin Rowley, US Army Reserve, Adam Pittman, Computerbilities, Inc. and Griff Bartlett, ESGR

Source: http://www.esgr.mil/News-Events/ESGR-In-The-News/articleType/ArticleView/articleId/6553.aspx