How to Protect Your Privacy on Social Media

Guest writer Sarah Clare tackles the thorny issue of Internet privacy and offers spot-on advice  to help you keep your online information private.

This week, social media was abuzz over reports that Instagram’s new terms of service allowed the photo-sharing site to hock its users personal photos for advertisements and other promotions. The story prompted outcry about the privacy that members can expect (or not expect) on social media sites like Instagram and Facebook, which purchased Instagram and which has a spotty history when it comes to its users’ privacy.

Understanding your rights and how you can protect your privacy on social media is important. The things you do online leave a virtual footprint that can be traced back to you for years to come. If you really want to protect your privacy on social media, here are a few things you can do:

Use a Dummy E-mail

One of the easiest ways that other users can find you on social media is by searching for your e-mail. You can make it harder, if not impossible, for people to find you by using a dummy e-mail. That way, only your close friends or family who you give the e-mail to can find your profile. Be sure to use an e-mail that does not include your name and that you only use for this purpose.

Use a Fake Name

Of course, even if you’re using a dummy e-mail, if you’re using your real name, anyone can find you. Make it harder for others to connect your profile to you by using a fake name. An easy way to do it is to simply drop your last name, using your first and middle name instead. Or you can use a nickname instead of your first name. Or you can make up a new name entirely.

Again, be sure you keep this name private and only give it to close friends and family who you want to know about your profile. Don’t use the name for any other purposes.

Set Privacy Options

Every social network has options for allowing you to control what you share with your network and with the public. You can control your privacy settings for your whole profile and for individual posts. Take the time to investigate your options and to set what you can to private. In many cases, you can lock down all your information so that it is visible only to your contacts (or even only to yourself).

Keep Business and Personal Separate

Most of us want to maintain some privacy online to protect our professional identities. You can help do this by using one profile for your private connections and another profile for your business connections. Of course, you would use your real name for your business profile and would share little to no personal information on it. You can then share personal information on your personal profile kept private through the previous steps.

Control What You Share

Of course, the easiest way to keep your information private online is not to share it. No matter what you do to protect your information, there will be some way for businesses or other people to see it. Keep your information private by keeping it offline, especially personal photos, information about your children, or thoughts about your political or religious beliefs.

Online privacy is a serious issue, and one which requires a greater level of personal responsibility as the options for connecting online continue to expand. These tips can help you to keep your personal information private while you connect with friends and business contacts online.

Sarah Clare is a writer and oversees the site projectmanagementsoftware.com, where she has recently been researching bug tracking software. In her spare time, Sarah enjoys cooking and scrapbooking.

Though There is Much To Be Desired, Online Schools Have Come a Long Way

In today’s guest post, Estelle Shumann explores the recent advances made in online education and the steps still needed before online education will be a viable and secure platform.

Online education has taken enormous strides in 2012. If progress continues at this pace, there may soon be a low-cost, high-quality alternative to traditional education widely available to students of every stripe. In fact, free learning may become a possibility for everyone with an Internet Service Provider (ISP) and computer or mobile device.

In this article, we will take a look at some of the big milestones reached, as well as the areas that need improvement before learning becomes completely democratized.

Why was 2012 such a groundbreaking year? Firstly, Internet connection speeds have increased, so most people can stream video easily and without interruption. This format allows professors to speak directly to students, even if they are thousands of miles apart.

As studies and experience have shown, there is simply no decent alternative to watching and listening to a real person discuss a topic. Tone of voice, gestures, and demeanor are crucial to the successful transmission of complex ideas. Moreover, recent experiments have demonstrated that classes are more successful when offered in real-time segments. Lectures may be recorded, but are released on a weekly or bi-weekly basis. The past decade has allowed institutions to gain experience with online class environments, making them more efficient and effective.

The University of Phoenix and Khan Academy are no longer the only entities trying out new ideas. There are now a vast number of traditional universities experimenting with online education. Stanford University has been a pioneer in this arena offering online classes for over a decade. MIT started offering open courseware in 2011, which gave anyone interested access to video-lectures, assignments, tests, and quizzes. In the fall of 2012, MIT and Harvard will join forces and offer a combined platform, called EdX.

Also in 2012, a team of Stanford professors came together and went live with Coursera, a collaborative approach to online education that allows any university to join and offer free classes through its website. Thus far, 16 universities have joined, including Stanford University, Princeton University, University of Pennsylvania, and University of Michigan. Institutions in France, Canada, and the United Kingdom have also joined what is now an international effort. These universities are adding their prestige and pull to Coursera and online education in general.

Despite the advances in online education, there remain some large problems to solve before it will become universally useful to consumers. One major issue involves certification and assessments. Many classes on Coursera, for example, offer certificates signed by professors, but the value of these remains dubious.

The reputation of these certificates is hampered by the possibility of hacking and cheating. It would be impossible for these universities to monitor individual students and ensure fairness. Until there is a secure way to know that students have completed their own work without external help, online classes will not mean very much to prospective employers.

Also problematic is the limitation of single-course offerings. In order to prepare for a profession in the real world, students need to earn some type of certification or degree, which requires a prescribed set of completed classes. Thus, students may still need to attend traditional university programs if they want to significantly improve their earning potential.

Online classes fail to meet the goal of democratizing the education system, but they are progressing rapidly.

Author Bio:

Writing for the education resource OnlineSchools.org, Estelle is familiar with the benefits and drawbacks of both online and traditional schools. Estell’s article builds on a December 2011 post from Bill Mullins’ Weblog, which suggests that online education resources like Khan Academy are proof that the content of online course offerings remains more important than the method of delivery.

Online Paperless Billing – The New Attack Vector For Cyber Crime

I’m very much in favor of online paperless billing and, virtually all of my reoccurring monthly bills are delivered this way – directly to my inbox. For example (shown below), is a snapshot of the regular monthly email notice from my natural gas supplier.

A simple click on the embedded link, and …..

there’s the bill – which is identical, I might add, to the bill delivered by regular mail.

A couple of extra clicks to reach my online banking and, the bill is paid.

No stacking up bills to be dealt with (along with all the other bills), at a later date. Done – fini – terminado!

I like it and, I’m sure my utilities suppliers love it – since, in most cases, they get paid far in advance of the required payment date. A perfect system it seems – except, this is the Internet.

Ah, the Internet – the playground of every scumbag cyber criminal from Moscow to Montreal – and, beyond. So, it’s hardly surprising to see online paperless billing come under attack.

Yesterday, Commtouch let me know of an ongoing attack – directed at AT&T  customers – which automatically embeds malware onto the targeted machine, once the user clicks on the embedded link in the  billing notice.

Since the billing email shows an outrageous balance (in the following screen capture, $943.01), theoretically, the response ratio should be significantly higher than it might otherwise be.

Several months back, I received a billing notice from my cable supplier totaling $650 – versus the normal $150 – and, I can assure you, I clicked on the embedded link, immediately.

It was, of course, a massive screw up at their end. Never the less, I instinctively (and, without thinking) clicked on the link . Being frustratingly annoyed is often a powerful call to action. Cyber criminals know exactly how to wind us up –increasing the odds that we’ll respond inappropriately.

Graphic courtesy of Commtouch.

According to Commtouch, who generously shared their research –

The pattern to be aware of in this case is: <legitimate domain>/<recurring set of random letters>/<index.html>

The index.html file tries to exploit at least the following known vulnerabilities:

·Libtiff integer overflow in Adobe Reader and Acrobat       CVE-2010-0188

·Help Center URL Validation Vulnerability       CVE-2010-1885

Every link in the email (there are 9 links), leads to a different compromised site with malware hidden inside. Recipients who are unsure whether the email they have received is genuine or not (the malicious version is a very accurate copy), should mouse-over the links.

Genuine emails from AT&T will include AT&T website links.  For example the “att.com link will be the same in both places that it appears in the email – unlike the malicious version which uses two very different URLs.

I might add, that I use the WOT Browser add-on and, you’ll notice in the first graphic (at the top of this page), the green circle indicated the embedded link is safe. I strongly suggest that if you currently do not have WOT installed, that you consider doing so. As well, I use the Redirect Remover add-on which removes any redirect links in Firefox. An appropriate way to become aware of redirected links.

Four years ago, when I stated writing this Blog, I was hopeful that the cyber criminal threat to Internet users would be actively addressed. That at some point, governments and law enforcement would step up and actively seek out, and punish, the criminals who have turned the Internet into a minefield.

Governments, (the U.K, the U.S., Canada, Australia, India …) it seems, don’t give a fiddler’s f*ck – they appear to be much more interested in passing regressive Internet legislation directed at you – not cyber criminals. Legislation designed to massively infringe on individual personal privacy, and individual human rights. In the meantime, cyber criminals continue to roam freely.

As for law enforcement agencies – just try reporting a cyber crime to your local police department and, you’ll find that they couldn’t care less. Their focus is on low level behavioral crimes, like busting teenage Pot smokers. Just how much safer does that make you feel on the Internet?

Unless, there is a concerted effort on the part of all of us – and yes, that means you need to get involved – demanding a responsible approach to this outrageous criminality on the Internet – we will all, at some point, become a victim of cyber crime.

Do I sound angry? You bet I am.

Fraudulent Technical Support Calls – The Scum That Scam The Unwary

Regular readers might remember my article (April 2011), on fraudulent online technical problem solvers – Is Online PC Care A Scam? – and, several additional articles dealing with this company’s attempts to have me remove what they considered an “offending” article. Fat chance of that happening.

When an unsolicited telephone call (from India), focusing on errors in Windows Event Viewer, is used in an attempt to convince me that my computer has serious problems, including a non-existing malware infection, then by any measure – that’s a scam.

Since this first experience with a “your computer is ready for the scrap heap” telephone call, I’ve had more than a few similar calls. My normal response is to simply disconnect the call – except for yesterday. I had a few spare minutes so, I decided – why not listen to the latest bullshit baffles brains sales pitch.

Having identified me by name and address – the “tech support specialist” led off by introducing himself as a representative of the “Windows Technical Department”. Better yet, I was assured that he was a “direct employee of Microsoft.”

Since Microsoft keeps a close eye on all computers running Windows (according to the support specialist), it had come to their attention that my machine was teeming with serious problems – with, a series of malware issues being most significant.

Wow, says I – how do you know that? Easy, says he – we keep track of your Event Viewer system logs. At which point, the scripted conversation got down to the “nitty-gritty” – with an instruction for me to open Windows Event Viewer. Since Event Viewer system logs can look pretty scary to an average user (despite the fact, that the event recorded is often insignificant), this is the heart of the scam.

Here’s an example of an insignificant recorded event. In the following graphic, Event Viewer indicates that the Volume Shadow Copy Service on this machine failed to start on boot.

This is not an unexpected event – given that I have disabled  this service. If the Event Viewer didn’t show this error, then, I’d have something to worry about.

Once the “sales” process has gotten to this point, I suspect that the sales closing ratio is fairly high. After all, who wants to run a wonky machine when a solution is right at hand?

I had yet to get a word in edgewise as the caller ran through his script. Finally, I took control of the conversation and overpowered him with a rapid-fire series of technical questions – that’s when the script was dropped and the backtracking began. Since this is a PG rated site – I won’t relate the colorful language I used to callout this scammer. Except to say – my cursing vocabulary got a workout.

This scam technical support nonsense has been going on for so long now, that you might assume it has had its day – that we’ve reached the point where a typical user would know better than to be taken in.

Unfortunately not – typical computer users continue to pay little attention to warnings and alerts designed to warn them against sophisticated scams. On top of which, consumers are easily manipulated by well trained and persistent cold callers into ignoring common sense safety precautions.

As always, I ask that you as an experienced computer user, be kind to your friends, relatives, and associates, particularly those who are new computer users, and let them know that this type of scam continues at an epidemic rate.

Canada’s Proposed Preventing Criminal Electronic Communications Act – Open Season For Police To Spy On Canadians Online

In 2005, Canada’s current Prime Minister Steven Harper made the comment – “You won’t recognize Canada when I’m done with it.”   He was right – the values that have defined Canada are gradually being replaced by values more appropriate to those of a quasi-fascist state. To those of my generation, Canada is indeed, becoming unrecognizable.

Canadians, much like their American cousins, post 9/11; continue to be coerced by government’s trump card – the war on terrorism. As a result, Canadians blindly continue to accept the invasion of their personal lives and, infringements on their right to privacy.

In a statement reminiscent of George Bush’s – “you’re with us or you’re with the terrorists”, Canada’s Minister of Public Safety, in an overreaching attempt to squash dissent on the recently introduced Preventing Criminal Electronic Communications Act – let loose with an outrageous slogan meant to vilify opponents – “stand with us or with the child pornographers”.

In other words, anyone who dares to oppose the Preventing Criminal Electronic Communications Act – which, will allow carte blanche government spying on Canadians’ Internet activities – without judicial oversight – is supportive of child pornography.

Those of us who disagree with the need for this legislation which would, in effect, place Canada in the same company as China, North Korea, Saudi Arabia, Iran and Syria – who subject their citizens to Internet surveillance – run the risk of being classified as criminals, perverts, and low life’s. As  Cicero, the Roman philosopher, statesman, lawyer, orator, and political theorist reportedly said – “When you have no basis for an argument, abuse the plaintiff.”

This attack on reasonable and responsible discourse is hardly surprising, coming from a government intent on stripping away, layer by layer, the fundamental freedoms fought for, and won, by generations of Canadians.

To the historically challenged, and those that are less technology savvy, an intrusion into the sacrosanct ground of personal privacy – to protect children – may appear to be both reasonable, and prudent. After all, society’s protection of children must be part of the driving philosophy of any mature civilization.

But the curtailment of personal liberty – ostensibly for the common good – as this legislation supposedly is – has a rather unpleasant history. A history worth considering.

—————————————————————————————————

“The state must declare the child to be the most precious treasure of the people. As long as the government is perceived as working for the benefit of the children, the people will happily endure almost any curtailment of liberty and almost any deprivation.”

–  Adolf Hitler (Mein Kampf)

More appropriate perhaps –

“Necessity is the plea of every infringement of human freedom. It is the argument of tyrants. It is the creed of slaves.”

–  William Pitt (British Prime Minister, 1783)

Equally as appropriate –

“Of all tyrannies, a tyranny exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies.

The robber baron’s cruelty may sometimes sleep, his cupidity may at some point be satiated. But those who torment us for our own good will torment us without end, for they do so with the approval of their consciences.”

–  C.S. Lewis

—————————————————————————————————

Just one of the many corrosive  provisions included in this legislation, would require Internet service providers to hand over subscriber data to the Police –  without a warrant. The familiar argument often pushed forward by supporters of this type of regressive legislation – if you have nothing to hide….. – simply doesn’t hold water.

Resistance to this legislation is not about being law abiding, it’s not about protecting children from the .0000001 %.

It is about not having every aspect of one’s life subject to close examination.

It is about not allowing Big Brother to spy on one’s Internet activities.

It is about a disturbing tendency of this particular government’s interest in knowing – and controlling – the Internet activities of Canadian citizens.

Thankfully, privacy and consumer advocates – including Federal, Provincial, and Territorial privacy commissioners – have taken a hard line and, have been speaking out against this proposed thugary. Even so, given the unyielding positions previously taken by this current regressive government – the consensus of opinion seems to indicate; this nonsense will pass into law. Ensuring that Canadians, will get a taste of what was once East German life under the Stasi (The Ministry for State Security).

The sad part of this whole exercise in repression is – it’s pointless as a control against child pornographers. Since the minds behind this abomination appear to be barely computer literate, they seem to be unaware of the following –

VPN applications (Secure Virtual Private Network Connection), commonly used in repressive countries such as Iran, China, and so on – which allow untraceable encrypted data (preventing disclosure of private information), are readily available for download on the Internet. Once connected to a VPN, an ISP no longer has the ability to follow.

I suspect that child pornographers are generally computer literate and, are well aware of the practical methods that can be used to avoid detection. VPN applications are just one such method.

The unpleasant reality is simple – unfettered government surveillance directed at Canadian Internet users.

If you are a Canadian, and you believe that it’s time to fight back against unreasonable control of your rights to access the Internet without censorship, and surveillance, you might consider joining OpenMedia.ca, which describes itself as “a grassroots organization that safeguards the possibilities of the open and affordable Internet.”

Finally, let me say – I considered long and hard as to whether I should post my opinion on this issue. The number of comments on the Net (and, in more than one national newspaper), in which personal fear of this government’s response to criticism was mentioned, weighed on my mind.

I find it stunning, that I’m living in a time in which some Canadians are fearful of their own government. The unfortunate reality is – they may have ample justification for those feelings.

Way To Go WOT! – Now Protecting 30 Million Users

The Internet is one kickass place – survey after survey continue to show that cybercriminals are picking off unaware/undereducated users, as if they were shooting fish in a barrel.

It’s hardly surprising then, that an enormous industry (no, not big, not large – but, enormous) has developed, based on the principal that technology can act as a counterfoil  to the most nefarious cyber criminal schemes. Criminal schemes which are, after all, technology driven.

I’ll leave it to you to decide if this has been an effective solution.

No matter the side you come down on regarding this complex issue, dancing around naked (so to speak ) on the Internet – that is, without adequate Browser protection, is akin to fumbling and stumbling through the toughest neighborhood in your area – after dark.

Internet security starts with the Web Browser (it does not end there – but, one step at a time), and WOT (Web of Trust, which passed the 30 million user mark yesterday – January 9, 2011), substantially reduces the risk exposure that comes with wandering through the increasingly risky neighborhood that the Internet has become.

Based on the way that I surf the Web, there’s no contest as to which of the 17 add-ons I have installed on Firefox, is most important to my piece of mind. The hands down winner – the single most important add-on for my style of surfing is WOT (Web of Trust).

Sure, that’s a pretty bold statement – but, since I frequently hear from readers who, after installing WOT on their computer systems, feel reassured that they are safer than ever before, and who express a renewed sense of confidence, and  a new level of enthusiasm, while surfing the Internet, I’ll go with it.

If you’re not yet a WOT user, read the following in-depth review – you may reconsider.

What is WOT?

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

Take a look at what happens if, in fact, you do end up on an unsafe web site. WOT’s dropdown warning curtain blocks access to the site until you determine otherwise.

WOT operates in a unique fashion in order to offer active protection to the Internet user community. It stands out from the crowd of similar applications, by soliciting the opinions of users/members whose views on web site safety are incorporated into the overall site safety rating. According to WOT, the user community now has reputation data on over 35 million sites worldwide.

The shared information on a site’s reputation includes trustworthiness, vendor reliability, privacy, and child safety. As well, in order to achieve maximum security coverage, WOT uses thousands of trusted sources including phishing site listings, to keep users protected against rapidly spreading threats.

WOT integrates seamlessly with search engine results from popular search engines including Google, Yahoo, MSN and other popular sites, and provides impressive protection against Internet predators.

WOT recently added the top three web-based email services – Google Gmail, Windows Live Hotmail and Yahoo! Mail, to its free security protection. You can now feel more confident and secure, since WOT checks links embedded in your email, and warns you of dangerous web sites so that you can avoid spyware, spam, phishing, identity theft and other Internet scams; before you click on dangerous embedded links.

How WOT works:

The Browser add-on icon, displays a color rating for each site you visit, indicating whether a site is safe to use, should be used with caution, or avoided entirely.

Using traffic light colors, (green, yellow, and red), WOT leaves you in no doubt as to the safety rating of a web site. An impressive feature of WOT is the dropdown transparent warning curtain, shown earlier, triggered on visiting a dangerous site.

Recognizing that up to ten percent of Internet users are at a disadvantage however, due to colorblindness, and cannot rely on an Internet safety system based on color coding, the Web of Trust development team recently released an adaptive version of WOT. This version incorporates equivalent alternative information, through assistive or adaptive technology, for colorblind users.

This colorblind accessible application provides the same critical benefits to those individuals who have to contend with visual impairments, as it has to those of us who have come to rely on WOT as a major defense against the pervasive hazards we encounter on the Internet.

Quick facts – WOT checks the following on each web site visited:

Trustworthiness

Vendor reliability

Privacy

Child Safety

More quick facts:

Ratings for over 30 million websites

The WOT browser add-on is light and updates automatically

WOT rating icons appear beside search results in Google, Yahoo!, Wikipedia, Gmail, etc.

Settings can be customized to better protect your family

WOT Security Scorecard shows rating details and user comments

Works with Internet Explorer, Firefox and Chrome

Interface supports English, French, German, Spanish, Italian, Russian, Polish, Portuguese, Swedish and Finnish.

System requirements: Windows (all), Mac OS X, Linux

Download at: MyWot

Surf more securely by installing this browser add-on which will provide you with an in-depth site analysis based on real world results. Keep in mind however, that you are your own best protection. Stop · Think · Click.

ElfYourself – That’s right (Go ElfYourself)!

Again this year, as they have for the last 5/6 years or so, OfficeMax is offering the charmingly humorous ElfYourself, an online animated Christmas greeting creation tool.

Working with ElfYourself is actually a bit of fun, and while the end product is not “professional”, in any sense, the result is pretty cool – especially when one considers the price; FREE.

Once the project is completed (it takes just a few minutes), you can then share your Christmas greeting by email, or post it to either your Facebook Wall, or to a friend’s Wall. This year you can even share on Twitter.

Go to ElfYourself to get started.

Once on the site, follow the simple instructions. The following screen captures will give you some idea of how uncomplicated the process is.

The cropping tools could be a little more robust, I think. But, free is free – so, who’s complaining.

The interface allows a number of minor adjustments.

Once the face has been adjusted to your liking, the next step is choosing a dance to accompany the animation.

Luckily, there’s a fair number of choices.

New, this year – you can now download the finished video and save the file locally.

Once you’re satisfied with the results – sharing your creation is a breeze.

If you’re tired of the same old, same old, Christmas greetings, then visit ElfYourself and get creative. You’ll have a bit of fun at the same time.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

PC Tools Exposes “Harry Potter and the Deathly Hallows Part 2” Cyber Threat

The waiting game is almost over for Harry Potter fans who are hungry to feast their eyes on the much-anticipated final chapter in the Harry Potter franchise – Harry Potter and the Deathly Hallows Part 2.

There are always those of course who won’t wait – in this case until July 15. You know the type – the buttinskis who push ahead of you in line, or cut you off on the expressway – the ones you’d like to clunk upside the head.

Unfortunately, the obnoxious dimwits who behave in this way, tend to repeat this behavior across a broad range of personal activity, and I suspect, that the niceties of copyright law is well below their personal radar horizon.

The reigning experts in social engineering – cybercriminals (who, in my view, could teach “legitimate social engineering experts” a thing or two), are well aware of the “can’t wait buttinskis”, and in a perfect replay of the old “there’s no honor amongst thieves”, have made available through free torrent downloads –Harry Potter and the Deathly Hallows Part 2, except…

Except – PC Tools, the company which brings you PC Tools Firewall Plus (free), ThreatFire (free), and of course a complete line of award-winning commercial grade security offerings, has discovered that these free torrent downloads are nothing more than a new online malicious scam. Gotta admit – I love Karma payback!

I’m posting the bulletin PC Tools sent me yesterday on this, since it’s very instructive in terms of just how much effort cybercriminals will go through, in order to penetrate a target’s computer.

It’s not often possible to capture an online attack as it occurs, but in this case, PC Tools managed to do just that – see images and links listed below.

Here’s how the malicious scam works:

• First, a user searches torrents for free downloads of the final Harry Potter movie
• Results claiming to offer a free download of the new movie appear
• Once users download the file, .RAR file and password.txt downloads appear
• Users receive a message saying, “This video is password protected to stop automated leeching and detection. To get your password, please visit:
• Here, users are taken through a series of instructions to obtain their password.

One of which is choosing a link for a special offer while the site “verifies” the password

• Once users click on an offer, a new tab and pop-up open, asking users to save what seems to be a legitimate file
• After saving the file, cybercriminals have access to your computer—and the movie, of course, never appears on the screen

Harry Potter Threat  Exposed

Here’s what victims find while searching for the Harry Potter and the Deathly Hallows Part 2 movie or videos:

Users can discover apparently ripped versions of the new Harry Potter movie on file-sharing websites.

It looks like the movie is being downloaded on the victim’s computer.

The victim is instructed to decompress the archive.

RAR and password.txt files suddenly appear.

User is told to visit separate website by password.txt file.

The victim then sees this screenshot, claiming to be MovieYT.com.

User follows 3-step instructions, which takes them to a verification code check.

User clicks on VLC Player and a new tab is opened.

When hovering over the download button, the download executable file looks real.

Once the user clicks on the file, they are prompted to save it – this, of course, contains malware.

While all this is happening, the user is still waiting for the “Verification Check” from MovieYT – but the cybercriminals now have access to the victim’s computer. They have your password and other personal information that they can use to further attack you, your finances, your friends and social networks.

Worth repeating: Consider the trade-offs, and the very real risks involved with Peer to Peer and Torrent applications.

Privacy: When you are connected to file-sharing programs, you may unintentionally allow others to copy confidential files you did not intend to share. So be sure to setup the file-sharing software very carefully.

If you don’t check the proper settings when you install the software, you could allow access not just to the files you intend to share, but also to other information on your hard drive, such as your tax returns, email messages, medical records, photos, and other personal and financial documents.

It’s extremely important to be aware of the files that you place in, or download to, your shared folder. Don’t put information in your shared folder that you don’t want to share with others. Your shared folder is the folder that is shared automatically with others on peer to peer file sharing networks.

Copyright Issues: You may knowingly, or otherwise, download material that is protected by copyright laws and find yourself caught up in legal issues. Copyright infringement can result in significant monetary damages, fines, and even criminal penalties.

Some statistics suggest as many as 70% of young people between the ages of 9 – 14, regularly download copyrighted digital music. If you are a parent, you bear the ultimate responsibility for this illegal activity.

Adult Content: Again, if you are a parent you may not be aware that their children have downloaded file-sharing software on the family computer, and that they may have exchanged games, videos, music, pornography, or other material that may be unsuitable for them. It’s not unusual for other peoples’ files to be mislabeled and you or your children can unintentionally download these files.

Spyware: There’s a good chance that the file-sharing program you’re using has installed other software known as spyware to your computer’s operating system. Spyware monitors a user’s browsing habits and then sends that data to third parties. Frequently the user gets ads based on the information that the spyware has collected and forwarded to these third parties.

I can assure you that spyware can be difficult to detect and remove. Before you use any file-sharing program, you should buy, or download free software, that can help prevent the downloading or installation of spyware, or help to detect it on your hard drive if it has been installed.

Viruses: Use and update your anti-virus software regularly. Files you download could be mislabeled, hiding a virus or other unwanted content. Use anti-virus software to protect your computer from viruses you might pick up from other users through the file-sharing program.

Generally, your virus filter should prevent your computer from receiving possibly destructive files. While downloading, you should avoid files with extensions such as .exe, .scr, .lnk, .bat, .vbs, .dll, .bin, and .cmd.

Default Closing Behavior: It is critical that you close your connection after you have finished using the software. In some instances, closing the file-sharing program window does not actually close your connection to the network. That allows file-sharing to continue and will increase your security risk. Be sure to turn off this feature in the programs “preferences” setting.

What’s more, some file-sharing programs automatically run every time you turn on your computer. As a preventive measure, you should adjust the file-sharing program’s controls to prevent the file-sharing program from automatically starting.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

The Never Ending Debate: Does Social Belong in Business?

Guest writer Grace Kang takes a look at social media, and lays out a logical and persuasive case for employing social media tools as a business builder. 

The term “social” may sound like it belongs anywhere but the office, but the truth is, the success of the world’s best businesses can be traced to their leadership’s reliance upon increasing their workers’ networking, relationships and and transparency.

Instead of having individual employees focused on completing tasks alone, by encouraging employees to expand their own networks formally and informally, businesses are able to leverage their employees’ communications for better growth. Business collaboration software and online tools can help make the process easier.

Why does social belong in business?

• People everywhere are choosing to communicate through social media. In a survey by Central Desktop, the participants indicated that 49% were using document collaboration tools, 19% said internal social networking tools, 18% were using wikis, 9% using discussion threads, and 5% using activity feeds.
• Social media is a great place to build long term relationships
• It makes it easy to engage prospects and customers with games, contests and more. In the survey, 22% said they used social tools to connect with customers, and 18% to win customers.
• Social software for business is getting better. To see the evolution of social collaboration tools, check out “The State of Social Collaboration”, a neat infographic that illustrates how social tools have changed since they were first introduced in the 1970’s.
• Its only going to get bigger, and you need to be there.

Even if a business is physically spread out across the country or even the globe, using social networking within the organization can have a dramatic positive impact on the company’s current and future returns. Collaboration software and online project management meld together through Central Desktop, which is a social software for business that provides employees who are located at separate locations a cohesive means of sharing ideas, planning projects and ultimately adding value to their shared business.

As transparency increases between groups located on different continents and between business units and functional centers, efficiency also will increase. Concerns that would normally have to be fed up and down their respective feeding chains are shared immediately for a fast response from the appropriate personnel.

Avoiding triangulation, wherein a the party in need of assistance goes to a third party instead of the party who can actually assist him or her, reduces staff time devoted to a project while empowering employees to take ownership of their work. As a result, employees take more pride in their work, act more efficiently and are more likely to produce a high quality product.

Social Collaboration Promote Employee Ownership and Morale

Employee ownership of work also makes it easier to identify supply chain problems early on and correct them before they snowball into larger concerns. The increased communication between departments bleeds into increased communication within departments. Greater clarity of duties, concerns, issues and other tasks at all levels reduces the chances that employees will spend their time working on the wrong types of projects, while increasing employee morale.

Allowing employees to mingle at a virtual water cooler means fast tracking discussions of interdepartmental issues, so that resolutions can be found in a timely manner.

A business group located in Buenos Aires, Argentina, can benefit greatly from learning about the solution that a group located in New York City or Hong Kong implemented, rather than working to try to figure out a solution to the problem themselves, which would take more time that they may not have to spend on the problem. Business collaboration software and tools like Central Desktop are leading the way.

Bio:

Grace Kang is a writer for Central Desktop, the leading social collaboration software solution for mid to large sized businesses.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Is Online PC Care A Scam?

It finally happened! I finally got an unsolicited phone call from Online PC Care, a company which advertises – “instant support for all your computer related technical problems is just a click away” and “Online PC Care is the right place to resolve all your technical problems.”

I was well aware that many consider this type of online service (Online PC Care is just one of many companies saturating this market), to be an outright scam. Nevertheless, accepting the phone call and working through the sales presentation (which is effectively what it’s all about), was an opportunity to engage with a self described “technical expert”, that I couldn’t pass up.

Based on errors in Windows Event Viewer (which Charlie, calling from India, walked me through), the diagnosis indicated my PC was “pretty sick” – infested with malware, and pretty much ready for the scrap heap.

But luckily, there was a solution to this sad state of affairs – the purchase of a plan from Online PC Care – ranging in price from $120 (6 month Bronze Plan), to $200 for the (12 month Ultimate Plan). Or, a more specific Incident Based (Malware) Plan.

Click graphic to expand

Event Viewer system logs can look pretty scary to an average user despite the fact, that the event recorded is often insignificant. Here’s an example – the Event Viewer, in the following graphic, indicates that the Volume Shadow Copy Service on this machine failed to start on boot this morning.

This is not an unexpected event – given that I have disabled  this service. If the Event Viewer didn’t show this error, then, I’d have something to worry about.

Charlie, who was extremely polite throughout the phone call, focused on a more specific error reported by the Event Viewer – a display driver crash (numerous crashes, in fact). Charlie, then laid out a convincing scenario in which he led me, step by step, into agreeing that the crashes were directly related to multiple malware infections.

Malware infections that could easily be removed – if I agreed to allow remote access to my machine, provided credit card details, and purchased either a Duration Based Plan, or an “Incident Based Plan at a cost of $35.

It took all the patience I could muster, as I was led through the process, not to inform Charlie that the crashes were caused by a hardware acceleration bug in Firefox 4. My tongue is still sore from the number of times I bit down.

Eventually, rather than have to listen to the sales presentation again and again (a continuing focus of the phone call), I let Charlie know that he was full of s*it, and referred him to this Blog. Strangely, Charlie took the subterfuge very well, and disconnected only after apologizing profusely.

It’s a fair assumption that the number of average computer users being taken advantage of by unscrupulous online organizations like Online PC Care, has to be considerable. The sales presentation is slick, the “proof” of computer malfunction is convincing since the “malfunctions” are readily apparent in the Event Viewer. What could be more convincing than a series of neatly packaged Warnings, and Errors?

To add credibility, many of these online technical problem solvers will misrepresent themselves as either being associated with Microsoft or, working directly for Microsoft.

In this particular case, Online PC Care did not misrepresent their position and readily supplied the name, web site address, and the location from which the phone call originated.

That’s little consolation though, since the overall presentation was structured in such a way, as to attempt to fraudulently convince me I had serious computer problems, including a non-existing malware infection.

It’s discouraging to think that legitimate online computer technicians, who provide a much needed and valuable service, could be easily tainted by the number of scam artists who are now active in this field.

As always, I ask that you as an experienced computer user, be kind to your friends, relatives, and associates, particularly those who are new computer users, and let them know that this type of scam has reached epidemic proportions.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.