| News of an interesting development from the world of computer viruses. For some time a virus known as "DNS Changer" has been infecting computers around the world. The point of the virus was to mischievously re-direct the internet browser of infected PCs to sites which were linked to "pay per click" adverts. The virus writers would then make money from users clicking on those adverts. When you access the internet your computer goes to a "DNS Server" for information on where to point your browser. This virus pointed you to rogue DNS Servers in a simple scam. The FBI seized the DNS Servers which were running these web sites back in November 2011, and converted them into honest DNS servers. However, they now wish to close them down, as running such servers costs money and it isn't really what the FBI do. The servers are to be closed down on July 9th 2012. But, after that date, infected computers won't be able to access the internet at all. The computer will attempt to find a DNS Server which no longer exists. But all is not lost. To see whether or not your computer is infected visit http://www.dns-ok.us If you get the message "Your computer appears to be looking up IP addresses correctly!" all well and good. If you get a warning you should contact your IT Support company for guidance. ____________________________________________________ | ||
| 
| 
|
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2012 | ||
Wednesday, 23 May 2012
Have you been infected with DNS Changer virus?
Friday, 27 January 2012
What information does your SmartPhone give out?
O2 have recently admitted that their system has been giving out the mobile phone number of users accessing the internet from their smartphones.
If you have accessed a website from your O2 smartphone the website owner would be able to see quite a lot of information about your phone, including the phone number, make, model, software version, etc.
O2 say that this was only the case between 14 Jan and 25th Jan, due to a poorly configured maintenance update. (They haven't stated which year this started, although we assume they mean 2012.) They have now fixed this vulnerability.
However, they do admit that they have always shared such information with "Trusted Partners", and this is on-going. They haven't said who those Trusted Partners are, which has caused a lot of Twitter activity from outraged O2 customers.
It is extremely unlikely that this is limited to O2. It is probable that your own phone provider does the same thing. You may wish to check with them, without holding your breath for any serious feedback.
You can also check for yourself if your information is being given out freely, by using your smartphone to browse to www.mulliner.org/pc.cgi. You must do this through the mobile phone network, so turn off the wireless capability of the phone first. If the page you see is red you may have an issue, if it is green then you should be OK.
____________________________________________________
| ||
|
|
|
|
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2012 | ||
Thursday, 20 October 2011
Beware Gaddafi scam emails
Following the demise of the erstwhile Libyan Dictator, Colonel Gaddafi, we can be sure that there will be an explosion of scam emails. These are likely to take the form of promising you explicit photos or videos of the tyrant's last moments.
We saw such emails in the wake of Saddam Hussein's capture and following Osama Bin Laden's death.
Obviously any email attachments or links to web sites won't serve up gruesome pictures, but they will be likely to install viruses on to your computer.
Don't fall for these simple cybercrime scams!
We saw such emails in the wake of Saddam Hussein's capture and following Osama Bin Laden's death.
Obviously any email attachments or links to web sites won't serve up gruesome pictures, but they will be likely to install viruses on to your computer.
Don't fall for these simple cybercrime scams!
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Saturday, 15 October 2011
Add Google as Search Provider to Internet Explorer
Microsoft seem to have changed the way they allow users to add Search Providers to Internet Explorer.
The default search engine used will be Bing. There are many people who believe that Google is actually a much better search engine.
The Default Search Provider makes a difference in IE8 when you use the Search Box in the top menu of the browser. IE9 has removed this rather helpful box, but uses a Search Engine when you type your search terms directly into the Address Bar.
It used to be the case that adding Search Providers wasn’t that simple, but possible for anyone with a bit of knowledge and patience.
It is actually easier now, but in typical Microsoft fashion they have hidden away the ability to make this simple change.
So, if looking to add a Search Engine such as Google.co.uk, browse to http://www.iegallery.com/gb/
Look in the top bar of the page for “Add-ons” and click that. In the page you are taken to there is a Search Box. In there type the name of the Search Engine you wish to use, such as Google.
Look for the “Search Provider” box in the next page and click that. You can choose if this should be the default Search Provider.
The default search engine used will be Bing. There are many people who believe that Google is actually a much better search engine.
The Default Search Provider makes a difference in IE8 when you use the Search Box in the top menu of the browser. IE9 has removed this rather helpful box, but uses a Search Engine when you type your search terms directly into the Address Bar.
It used to be the case that adding Search Providers wasn’t that simple, but possible for anyone with a bit of knowledge and patience.
It is actually easier now, but in typical Microsoft fashion they have hidden away the ability to make this simple change.
So, if looking to add a Search Engine such as Google.co.uk, browse to http://www.iegallery.com/gb/
Look in the top bar of the page for “Add-ons” and click that. In the page you are taken to there is a Search Box. In there type the name of the Search Engine you wish to use, such as Google.
Look for the “Search Provider” box in the next page and click that. You can choose if this should be the default Search Provider.
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Friday, 29 July 2011
Have you changed your online passwords recently?
Creating many easy to remember but "complex" passwords is something we covered in our Newsletter back in May 2011, (see goo.gl/occvS).
However, many people still prefer to use one, or maybe two, passwords for all of their log-ons. This makes it extremely easy to remember the password, of course! However, it can also make it extremely easy for any hacker to access all of your accounts, once they know that one password.
The recent large scale hacks that have taken place, particularly of the Epsilon system, (see our Blog at goo.gl/oWnsE), mean that your one password is now very likely to be known by several hackers.
We recently had a client whose email account was hijacked, probably because he used the same password for all of his online activity.
The only way to protect yourself, if you don't wish to use the more secure method of having multiple passwords, is to change your main password on a regular basis. This can, of course, seem like quite a hassle, but it is well worth doing at least once a year. Just as you should be changing the batteries in your smoke alarms every year, (which you do get round to doing, don't you?).
Create a new password, of at least 8 characters, which includes CAPITAL letters, lower case letters and numb3r5 and start with all of your Bank Accounts and other online sites. Once you've started the change it is surprisingly simple - and a very good bit of housekeeping.
Job done? You deserve a cool drink in the garden! Mine's a pint, thanks.
However, many people still prefer to use one, or maybe two, passwords for all of their log-ons. This makes it extremely easy to remember the password, of course! However, it can also make it extremely easy for any hacker to access all of your accounts, once they know that one password.
The recent large scale hacks that have taken place, particularly of the Epsilon system, (see our Blog at goo.gl/oWnsE), mean that your one password is now very likely to be known by several hackers.
We recently had a client whose email account was hijacked, probably because he used the same password for all of his online activity.
The only way to protect yourself, if you don't wish to use the more secure method of having multiple passwords, is to change your main password on a regular basis. This can, of course, seem like quite a hassle, but it is well worth doing at least once a year. Just as you should be changing the batteries in your smoke alarms every year, (which you do get round to doing, don't you?).
Create a new password, of at least 8 characters, which includes CAPITAL letters, lower case letters and numb3r5 and start with all of your Bank Accounts and other online sites. Once you've started the change it is surprisingly simple - and a very good bit of housekeeping.
Job done? You deserve a cool drink in the garden! Mine's a pint, thanks.
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Sunday, 26 June 2011
Has the UK Census data been hacked?
A rumour was circulated last week suggesting that the UK Census data from 2011 had been hacked. The data is held by the UK's Office for National Statistics and collated and stored by the US firm Lockheed Martin. Neither organisation was able to immediately deny the story, which first appeared on a website called Pastebin.com (see http://pastebin.com/K1nerhk0).
The light-hearted posting to that site reads,
Interestingly, the fact that neither the UK Office for National Statistics nor Lockheed Martin could categorically deny that such an attack had taken place, suggests that the data is held on internet facing computers. Furthermore, they do not seem to have great confidence in their own security procedures, as they must have believed that there was a chance the data could have been stolen.
A day after this news first surfaced, the British Police and the US FBI arrested 19 year old Ryan Cleary from Essex, allegedly on suspicion of hacking Facebook.
The British newspaper the Daily Telegraph was typical in the manner of reporting of this story (see http://goo.gl/uNK8t). The headline reads, "Ryan Cleary, the Essex teenager suspected of masterminding an international computer hacking ring...". This makes him sound something like Ernst Stavro Blofeld, the leader of the evil criminal organisation Spectre, which James Bond spent so long fighting.
However, further down the article we then learn that Mr Cleary, "...suffers from ADHD and Emotional Behavioural Disorder, tried to hang himself when he was ten and was expelled from both his primary and secondary schools for disruptive behaviour." This suggests he's a sad, spotty geek hiding in his back bedroom and hitting lucky on hacking some poorly secured web-sites, rather than an evil mastermind aiming to rule the world.
The loose grouping known as Lulzsec was then fingered as being the outfit behind many of the recent sophisticated hacking attempts, with Cleary suggested to be their "Leader".
The whole story seems to be a laughable attempt by newspapers and government to create some demon organisation that we can all hate. And now, just to further add to the fun, Lulzsec have announced that they are disbanding, which has created even more press interest, (http://www.bbc.co.uk/news/uk-13918458). But what is there to disband? Do we imagine there is an office block somewhere housing a crew of determined hackers, trying to bring down big business?
The truth is that these hacking "Groups" (such as Lulzsec, and also Anonymous) are unlikely to be anything other than a very disparate collection of individuals all acting with one common aim. In the same way that Al-Qaeda is the terrorist bogeyman which is not just one entity, so we seem to have to give a name to these hackers.
I do not doubt that there are a large number of such hackers, some of whom are capable of hacking major organisations such as Sony and the CIA. But the idea that they are from one organisation which can decide to switch such attacks on or off is simply fanciful.
The light-hearted posting to that site reads,
Greetings Internets,
We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census
We're keeping them under lock and key though... so don't worry about your privacy (...until we finish re-formatting them for release)
Myself and the rest of my Lulz shipmates will then embark upon a trip to ThePirateBay with our beautiful records for your viewing pleasure!
Ahoy! Bwahahaha... >:]
Cap'n Pierre "Lulz" Dubois
Interestingly, the fact that neither the UK Office for National Statistics nor Lockheed Martin could categorically deny that such an attack had taken place, suggests that the data is held on internet facing computers. Furthermore, they do not seem to have great confidence in their own security procedures, as they must have believed that there was a chance the data could have been stolen.
A day after this news first surfaced, the British Police and the US FBI arrested 19 year old Ryan Cleary from Essex, allegedly on suspicion of hacking Facebook.
The British newspaper the Daily Telegraph was typical in the manner of reporting of this story (see http://goo.gl/uNK8t). The headline reads, "Ryan Cleary, the Essex teenager suspected of masterminding an international computer hacking ring...". This makes him sound something like Ernst Stavro Blofeld, the leader of the evil criminal organisation Spectre, which James Bond spent so long fighting.
However, further down the article we then learn that Mr Cleary, "...suffers from ADHD and Emotional Behavioural Disorder, tried to hang himself when he was ten and was expelled from both his primary and secondary schools for disruptive behaviour." This suggests he's a sad, spotty geek hiding in his back bedroom and hitting lucky on hacking some poorly secured web-sites, rather than an evil mastermind aiming to rule the world.
The loose grouping known as Lulzsec was then fingered as being the outfit behind many of the recent sophisticated hacking attempts, with Cleary suggested to be their "Leader".
The whole story seems to be a laughable attempt by newspapers and government to create some demon organisation that we can all hate. And now, just to further add to the fun, Lulzsec have announced that they are disbanding, which has created even more press interest, (http://www.bbc.co.uk/news/uk-13918458). But what is there to disband? Do we imagine there is an office block somewhere housing a crew of determined hackers, trying to bring down big business?
The truth is that these hacking "Groups" (such as Lulzsec, and also Anonymous) are unlikely to be anything other than a very disparate collection of individuals all acting with one common aim. In the same way that Al-Qaeda is the terrorist bogeyman which is not just one entity, so we seem to have to give a name to these hackers.
I do not doubt that there are a large number of such hackers, some of whom are capable of hacking major organisations such as Sony and the CIA. But the idea that they are from one organisation which can decide to switch such attacks on or off is simply fanciful.
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Wednesday, 22 June 2011
The IT Dept on the Sally Naden Show - BBC Radio Lancashire
I was pleased to be asked to appear on the Sally Naden Show on BBC Radio Lancashire today. (The show is available on BBC iPlayer for the next 7 days at http://goo.gl/MoGnF)
Sally makes the whole thing very painless indeed and is a great professional. There seems to be quite a bit going on behind the scenes that isn't heard on the radio show, but she sails through it all and holds everything together exceptionally well.
Appearing with me were Stacy Young who runs a charity called Shade4Ste which helps schools to provide shade for children during the day. Strangely enough, parents cover their kids in sun-cream whenever they're out in the sun, (whether on holiday or just out in the park for the day), then send them off to school to run around in the playground without any protection. Suffering severe sunburn when a child greatly increases your chances of developing skin cancers later in life. (You can donate to Shade4Ste at https://mydonate.bt.com/charities/shade4ste)
Also on the show was an ex-Police Officer called Clive Cope. Clive left the Police Force after 31 years service and became an actor and entertainer. Clive has a great personality (which he says he didn't have to hide when on the beat!) and is likely to go far in his new career.
Sally has a great way of bringing up interesting subjects to talk about, although sadly we didn't get the time to talk about Cheryl Cole's dismissal by Simon Cowell from the US X Factor Talent Show recently!
Sally makes the whole thing very painless indeed and is a great professional. There seems to be quite a bit going on behind the scenes that isn't heard on the radio show, but she sails through it all and holds everything together exceptionally well.
Appearing with me were Stacy Young who runs a charity called Shade4Ste which helps schools to provide shade for children during the day. Strangely enough, parents cover their kids in sun-cream whenever they're out in the sun, (whether on holiday or just out in the park for the day), then send them off to school to run around in the playground without any protection. Suffering severe sunburn when a child greatly increases your chances of developing skin cancers later in life. (You can donate to Shade4Ste at https://mydonate.bt.com/charities/shade4ste)
Also on the show was an ex-Police Officer called Clive Cope. Clive left the Police Force after 31 years service and became an actor and entertainer. Clive has a great personality (which he says he didn't have to hide when on the beat!) and is likely to go far in his new career.
Sally has a great way of bringing up interesting subjects to talk about, although sadly we didn't get the time to talk about Cheryl Cole's dismissal by Simon Cowell from the US X Factor Talent Show recently!
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Wednesday, 1 June 2011
It's our third birthday!
The IT Dept started trading on 1st June 2008, so today is our 3rd birthday. To help us to celebrate we're running a competition to win a Kindle! See our web site for full details at http://www.the-it-dept.co.uk/kindle.html
It's been a great 3 years for The IT Dept, with many ups and only a few downs. Starting out all bright-eyed and innocent in June 2008 seemed a great idea, but after what seemed to be only a few days in business the words "Credit Crunch" entered everyone's consciousness!
But we've managed to keep going through the worst recession the country has seen since the last recession and we are still going from strength to strength.
We have all of our great clients to thank for this - as well as our own very hard work, of course. Hopefully we can continue to support our clients and they will also continue to grow, no matter what the next 3 years (and many more) brings.
Have a drink for us today - and good luck in the competition!
It's been a great 3 years for The IT Dept, with many ups and only a few downs. Starting out all bright-eyed and innocent in June 2008 seemed a great idea, but after what seemed to be only a few days in business the words "Credit Crunch" entered everyone's consciousness!
But we've managed to keep going through the worst recession the country has seen since the last recession and we are still going from strength to strength.
We have all of our great clients to thank for this - as well as our own very hard work, of course. Hopefully we can continue to support our clients and they will also continue to grow, no matter what the next 3 years (and many more) brings.
Have a drink for us today - and good luck in the competition!
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Friday, 20 May 2011
Fake "Anti-Virus" programmes now targeting Apple Macs
Most of the viruses that we see these days masquerade as anti-virus programmes. Users report getting lots of pop-up messages that they can't get rid of, which are warning them that their computer has been infected with lots of different viruses.
The user is asked to click a link to download software which will clean their PC. Before doing so they must pay, of course. The price is usually around £40 - low enough to make many unwary users take the risk.
Of course, the whole thing is a scam. You never do get any software and you slowly realise that you've given out all of your credit card details, so it costs you much more than £40!
These viruses have been around for quite some time for Windows users. What is news is that they are now appearing on Apple Macs, with names such as MacProtector, MacSecurity and Mac Defender - see this article at ZDNet.co.uk by Rich Trenholm, for details.
Apple Mac users have long believed they are immune from viruses (and many Mac users are way too smug about this). Sadly, while Macs are much less likely to contract a virus they are certainly not invulnerable. It is simply the case that there are many fewer viruses targeting Macs as opposed to PCs.
This could be changing with the recent advent of these new viruses. And strangely enough, because it is more challenging to write a virus to attack a Mac, we may see nastier examples! The money making viruses are relatively easy to create, but no fun. The 16 year old spotty youth isn't looking to make money, he's looking to prove himself. And what better way than to attack the Mac Brigade?
The user is asked to click a link to download software which will clean their PC. Before doing so they must pay, of course. The price is usually around £40 - low enough to make many unwary users take the risk.
Of course, the whole thing is a scam. You never do get any software and you slowly realise that you've given out all of your credit card details, so it costs you much more than £40!
These viruses have been around for quite some time for Windows users. What is news is that they are now appearing on Apple Macs, with names such as MacProtector, MacSecurity and Mac Defender - see this article at ZDNet.co.uk by Rich Trenholm, for details.
Apple Mac users have long believed they are immune from viruses (and many Mac users are way too smug about this). Sadly, while Macs are much less likely to contract a virus they are certainly not invulnerable. It is simply the case that there are many fewer viruses targeting Macs as opposed to PCs.
This could be changing with the recent advent of these new viruses. And strangely enough, because it is more challenging to write a virus to attack a Mac, we may see nastier examples! The money making viruses are relatively easy to create, but no fun. The 16 year old spotty youth isn't looking to make money, he's looking to prove himself. And what better way than to attack the Mac Brigade?
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Thursday, 12 May 2011
Should You Fix Your Mortgage NOW!?
In a follow up to my last guest blog for The IT Dept (which you can find here) I thought readers might appreciate a bit of an update on the subject – a synopsis to save you having to read all that opinion out there.
Whilst the immediate threat of an interest rate rise has now passed (many were predicting a rise in May, which of course did not transpire) the question is when will rates rise? Or perhaps more importantly for you – when are my mortgage payments going to start going up?
Industry opinion was swinging towards a May or August 2011 rise a couple of months ago. Now predictions are ranging from a rise in November this year to no rises until 2013. In the short term SWAP rates have been coming down quite steadily. This means that that the cost of lenders buying money is cheaper and the mortgage deals available to you, the general public, are getting cheaper. (In English: the mortgage deals available now are the best that they have been for some time).
Whether you should fix or not is largely down to your own circumstances and your attitude to risk. The tips in the last blog should help you assess this. My current opinion on interest rates is that I would not be surprised if we did not see a rise for another 12 months – beyond that your guess is as good as anybodys.
Rachel Gill
Mortgage Adviser with Aspect Mortgages
www.aspectmortgages.co.uk
Your home may be repossessed if you do not keep up repayments on your mortgage
Whilst the immediate threat of an interest rate rise has now passed (many were predicting a rise in May, which of course did not transpire) the question is when will rates rise? Or perhaps more importantly for you – when are my mortgage payments going to start going up?
Industry opinion was swinging towards a May or August 2011 rise a couple of months ago. Now predictions are ranging from a rise in November this year to no rises until 2013. In the short term SWAP rates have been coming down quite steadily. This means that that the cost of lenders buying money is cheaper and the mortgage deals available to you, the general public, are getting cheaper. (In English: the mortgage deals available now are the best that they have been for some time).
Whether you should fix or not is largely down to your own circumstances and your attitude to risk. The tips in the last blog should help you assess this. My current opinion on interest rates is that I would not be surprised if we did not see a rise for another 12 months – beyond that your guess is as good as anybodys.
Rachel Gill
Mortgage Adviser with Aspect Mortgages
www.aspectmortgages.co.uk
Your home may be repossessed if you do not keep up repayments on your mortgage
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Sunday, 8 May 2011
Why you will soon have more sophisticated spam - and why you should not trust Amazon
We have all heard about the recent hack into the Sony PlayStation Network, in which the details of around 75 million account holders were stolen. So what, you may be thinking, if you are not a Sony PlayStation customer.
What you may not be aware of, due to much less publicity, is the recent hack of a company called Epsilon. Again, you may not be too concerned as you've never even heard of Epsilon. Sadly, you may not have heard of them, but you almost certainly have had dealings with them. And they have allowed a hacker to steal their email address database, complete with names.
Epsilon is the world's largest provider of legitimate email marketing services and many large corporations use Epsilon to send out emails to their customers. According to Security Week, "Epsilon sends over 40 billion emails annually and counts over 2,500 clients, including 7 of the Fortune 10 to build and host their customer databases."
So the chances are very high that the Epsilon database holds your live email address and real name. This is very powerful data for an email scammer who can now use that information to construct a very believable email, which will attempt to entice you to part with your credit card details.
Even if you always "opt out" of marketing emails your details have been stolen. Opting out simply adds a marker to your email address to say that you don't wish to receive marketing emails. Your name and email address are still in the database. (Many companies quietly remove that marker now and again, just to see if you then unsubscribe to their marketing emails!)
Epsilon are US based, which is why the British press haven't commented on the issue. But they are used by many major British companies, although only two seem to have come forward so far to admit that they are involved, (Marks and Spencer and Mothercare).
However, I have good reasons to believe that Amazon - a very trusted name in online retailing - and Play.com have both lost my personal information. Whether or not this is through the Epsilon hack I can not say, but it would seem too coincidental not to be the case.
Why do I think this? I have my own domain - let's call it my_domain.co.uk. This allows me to have an unlimited number of email addresses on that domain, which are all forwarded to my main email address. So, I can set up an address such as amazon@my_domain.co.uk and tell Amazon to use that address when communicating with me.
By this method I can tell when a specific organisation allows my email address to be used by other people, either because they have sold it or carelessly lost it. I can then stop using that company as I no longer trust them.
I send flowers to my Mother (ahh, bless!) through the excellent service provided online by Marks and Spencer. To do this I have given Marks and Spencer an email address of marksandspencer@my_domain.co.uk. As soon as the Epsilon hack had happened I received an email from M & S telling me that this had occurred and warning me that my name and email address had been stolen from their database.
At around the same time I have started receiving junk emails addressed to amazon@my_domain.co.uk and play@my_domain.co.uk. I have asked Amazon to confirm they have lost my email address through the Epsilon hack. They have chosen to stonewall me by saying, "Unfortunately, aside from what is already in print, we are not able to provide the public with any information regarding the inner workings of our company."
So, who do I now trust? Marks and Spencer have had the courage and simple decency to warn me that they have been hacked. I now believe that they will be proactively addressing the issue.
Amazon, on the other hand, have chosen to tell me absolutely nothing, suggesting a holier-than-thou attitude towards MY data. They have ignored the fact that the inner workings of their company are only possible if they have customers and, furthermore, those customers must be kept loyal. I no longer trust Amazon with my details, and I certainly do not trust them with my credit card details!
Because of the Epsilon hack you will notice an increase in more cleverly composed spam. Not only do they know your email address, they know your name.
You can protect yourself to some extent by:
1. Set up a free email address, through Hotmail or Gmail etc, for use when buying online. If necessary you can drop that email address and set up another.
2. Use a false name online. The name you use for a user account can be different to the name used on your credit card.
3. Always use a false date of birth online.
4. Set up a credit card purely for use online. Or, better still, use a pre-pay credit card for online use to limit your exposure.
5. Never click a link to a website in an email. Always open your web browser and write in the address yourself, or use your "Bookmarks" or "Favourites".
6. Never believe an email is from who it claims to be from. It is very simple to "spoof" the address it appears to have come from.
7. Always keep your anti-virus programme up to date, but do not rely on it totally. It relies on you not to click that link!
8. Don't trust online only retailers, such as Amazon, who you can not contact face-to-face and who are in denial of YOUR problem.
The IT Dept was an Amazon Affiliate and we were advertising their goods on our web site. This is no longer the case as we have lost all trust and faith in them. However, you'll be pleased to know that I will still be sending Mother flowers through M & S.
What you may not be aware of, due to much less publicity, is the recent hack of a company called Epsilon. Again, you may not be too concerned as you've never even heard of Epsilon. Sadly, you may not have heard of them, but you almost certainly have had dealings with them. And they have allowed a hacker to steal their email address database, complete with names.
Epsilon is the world's largest provider of legitimate email marketing services and many large corporations use Epsilon to send out emails to their customers. According to Security Week, "Epsilon sends over 40 billion emails annually and counts over 2,500 clients, including 7 of the Fortune 10 to build and host their customer databases."
So the chances are very high that the Epsilon database holds your live email address and real name. This is very powerful data for an email scammer who can now use that information to construct a very believable email, which will attempt to entice you to part with your credit card details.
Even if you always "opt out" of marketing emails your details have been stolen. Opting out simply adds a marker to your email address to say that you don't wish to receive marketing emails. Your name and email address are still in the database. (Many companies quietly remove that marker now and again, just to see if you then unsubscribe to their marketing emails!)
Epsilon are US based, which is why the British press haven't commented on the issue. But they are used by many major British companies, although only two seem to have come forward so far to admit that they are involved, (Marks and Spencer and Mothercare).
However, I have good reasons to believe that Amazon - a very trusted name in online retailing - and Play.com have both lost my personal information. Whether or not this is through the Epsilon hack I can not say, but it would seem too coincidental not to be the case.
Why do I think this? I have my own domain - let's call it my_domain.co.uk. This allows me to have an unlimited number of email addresses on that domain, which are all forwarded to my main email address. So, I can set up an address such as amazon@my_domain.co.uk and tell Amazon to use that address when communicating with me.
By this method I can tell when a specific organisation allows my email address to be used by other people, either because they have sold it or carelessly lost it. I can then stop using that company as I no longer trust them.
I send flowers to my Mother (ahh, bless!) through the excellent service provided online by Marks and Spencer. To do this I have given Marks and Spencer an email address of marksandspencer@my_domain.co.uk. As soon as the Epsilon hack had happened I received an email from M & S telling me that this had occurred and warning me that my name and email address had been stolen from their database.
At around the same time I have started receiving junk emails addressed to amazon@my_domain.co.uk and play@my_domain.co.uk. I have asked Amazon to confirm they have lost my email address through the Epsilon hack. They have chosen to stonewall me by saying, "Unfortunately, aside from what is already in print, we are not able to provide the public with any information regarding the inner workings of our company."
So, who do I now trust? Marks and Spencer have had the courage and simple decency to warn me that they have been hacked. I now believe that they will be proactively addressing the issue.
Amazon, on the other hand, have chosen to tell me absolutely nothing, suggesting a holier-than-thou attitude towards MY data. They have ignored the fact that the inner workings of their company are only possible if they have customers and, furthermore, those customers must be kept loyal. I no longer trust Amazon with my details, and I certainly do not trust them with my credit card details!
Because of the Epsilon hack you will notice an increase in more cleverly composed spam. Not only do they know your email address, they know your name.
You can protect yourself to some extent by:
1. Set up a free email address, through Hotmail or Gmail etc, for use when buying online. If necessary you can drop that email address and set up another.
2. Use a false name online. The name you use for a user account can be different to the name used on your credit card.
3. Always use a false date of birth online.
4. Set up a credit card purely for use online. Or, better still, use a pre-pay credit card for online use to limit your exposure.
5. Never click a link to a website in an email. Always open your web browser and write in the address yourself, or use your "Bookmarks" or "Favourites".
6. Never believe an email is from who it claims to be from. It is very simple to "spoof" the address it appears to have come from.
7. Always keep your anti-virus programme up to date, but do not rely on it totally. It relies on you not to click that link!
8. Don't trust online only retailers, such as Amazon, who you can not contact face-to-face and who are in denial of YOUR problem.
The IT Dept was an Amazon Affiliate and we were advertising their goods on our web site. This is no longer the case as we have lost all trust and faith in them. However, you'll be pleased to know that I will still be sending Mother flowers through M & S.
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Wednesday, 27 April 2011
The Sony data disaster. What does it mean for you?
As recently as last Wednesday we blogged on "How safe is the data on your computers?" (see http://goo.gl/djlw6).
That was the day before Sony took down their Sony PlayStation Network, used by 75 million people worldwide, to protect it against what Sony called an "external intrusion". This is Geek-Speak for a successful hacking attack.
This attack is unlikely to have been perpetrated by a lucky, spotty 16 year old in his darkened bedroom. It is much more feasible that it was a targeted attack by a sophisticated group of hackers.
Their aims are currently unknown, but it is quite possible that they are not seeking to do anything other than to prove that they can. Sony will certainly hit back with whatever powers they can bring to bear and anyone attempting to access compromised bank accounts may quickly find PC Plod knocking on the door.
What is much more important to us, the innocent users, is why on earth all of those details were so easily accessed. The hackers have managed to get past the firewalls which Sony would have definitely had in place. This is the technically difficult, and interesting, part of the hack. But why, having accessed the internal Sony servers, was the data seemingly left wide open? Why was it not held in encrypted files so that such a hack would not be able to access any useful information? This is Sony's main failing in this case.
It would seem that the hackers have accessed user's names, addresses, dates of birth, passwords and possibly credit card details. Armed with these details a very malicious hacker could start stealing user identities. It is also well known that many users have one or two passwords that they use across many services.
If you have ever accessed the Sony Network online then you should now change as many passwords for other online services as you can and closely watch your credit card transactions.
For future information you should never post your real date of birth on any website and you should set up a "throw-away" email address with Hotmail or Gmail for using online.
Even such a global, previously reputable, company as Sony has been found to be very badly wanting in this shocking case. To the IT world they have shown a contemptuous disregard for their users privacy. They now have to deal with a huge loss of trust.
That was the day before Sony took down their Sony PlayStation Network, used by 75 million people worldwide, to protect it against what Sony called an "external intrusion". This is Geek-Speak for a successful hacking attack.
This attack is unlikely to have been perpetrated by a lucky, spotty 16 year old in his darkened bedroom. It is much more feasible that it was a targeted attack by a sophisticated group of hackers.
Their aims are currently unknown, but it is quite possible that they are not seeking to do anything other than to prove that they can. Sony will certainly hit back with whatever powers they can bring to bear and anyone attempting to access compromised bank accounts may quickly find PC Plod knocking on the door.
What is much more important to us, the innocent users, is why on earth all of those details were so easily accessed. The hackers have managed to get past the firewalls which Sony would have definitely had in place. This is the technically difficult, and interesting, part of the hack. But why, having accessed the internal Sony servers, was the data seemingly left wide open? Why was it not held in encrypted files so that such a hack would not be able to access any useful information? This is Sony's main failing in this case.
It would seem that the hackers have accessed user's names, addresses, dates of birth, passwords and possibly credit card details. Armed with these details a very malicious hacker could start stealing user identities. It is also well known that many users have one or two passwords that they use across many services.
If you have ever accessed the Sony Network online then you should now change as many passwords for other online services as you can and closely watch your credit card transactions.
For future information you should never post your real date of birth on any website and you should set up a "throw-away" email address with Hotmail or Gmail for using online.
Even such a global, previously reputable, company as Sony has been found to be very badly wanting in this shocking case. To the IT world they have shown a contemptuous disregard for their users privacy. They now have to deal with a huge loss of trust.
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Thursday, 21 April 2011
Does your IT Support company do too much for you?
In the past couple of days I have found two potential new clients, which is great news! They have both suggested to me that they aren't too sure what their existing support company does, why they seem to do so much of whatever they do, and why the IT guy tends to spend whole days in their offices when they do visit.
Having looked around both client's systems I found one to be configured in what appears to be an overly complex fashion, whilst the other is so simple it couldn't be possible to find a whole days work in their office!
Could it be that in the first example it has been set up for the IT Techie's interest and benefit and not in the best interests of the client?
The second example is simply an incompetent IT guy, who took a whole day to transfer Sage Line 50 Accounts from 1 PC to another, before announcing that he didn't understand why it didn't work on the new PC after all. He still charged for a full day's work, for a job that would take an hour at the most!
The IT Dept believe in Keeping IT Simple. This is in the interest of the client as a simple system will require less support and will be more quickly fixed when issues do occur.
We also provide written "Job Cards" after each visit, so clients can see exactly what we've spent our time doing. And fixed rates whenever we can, of course.
Don't be fooled into thinking IT Support has to be difficult or long-winded. There's nothing wrong with asking for a second opinion sometimes.
Having looked around both client's systems I found one to be configured in what appears to be an overly complex fashion, whilst the other is so simple it couldn't be possible to find a whole days work in their office!
Could it be that in the first example it has been set up for the IT Techie's interest and benefit and not in the best interests of the client?
The second example is simply an incompetent IT guy, who took a whole day to transfer Sage Line 50 Accounts from 1 PC to another, before announcing that he didn't understand why it didn't work on the new PC after all. He still charged for a full day's work, for a job that would take an hour at the most!
The IT Dept believe in Keeping IT Simple. This is in the interest of the client as a simple system will require less support and will be more quickly fixed when issues do occur.
We also provide written "Job Cards" after each visit, so clients can see exactly what we've spent our time doing. And fixed rates whenever we can, of course.
Don't be fooled into thinking IT Support has to be difficult or long-winded. There's nothing wrong with asking for a second opinion sometimes.
| ____________________________________________________ | ||
| If you enjoyed this blog please consider donating £1.00! | ||
| | | |
| Sign up for our Monthly Newsletter | ||
| The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc. | ||
| © Michael Donkin 2011 | ||
Subscribe to:
Posts (Atom)