Client Alert #35 Security Commonsense
Common Sense Tips For Staying Safe on the Internet
In the past few months, we’ve been seen an huge uptick in a disturbing trend: A marked increase in the number and variety of attacks on our customers’ computers. These attacks are taking a variety of forms: phishing email, web site alerts, phone scams, etc. Regardless how or where you may come across these attacks, read on to know how to recognize them and what to do when you encounter them.
Here are the three main types of attacks we’re seeing. In each case, the attacker is attempting to get you to give up personal information, account credentials, or simply extort you to pay for their “service”:
Web Site Pop-Up Alerts:
While surfing the web, you encounter a web site which causes a pop-up to appear informing you of a virus or other problems with your computer. You’re instructed to call a phone number to have a “technician” assist you to fix the problem.
Here’s an example of a website pop-up warning of a “firewall breach”:
These “technicians” will often identify themselves as working for Apple or Comcast (they don't), and they’ll want you let them log into your machine.
The next step is that they will look at either Terminal or Activity Monitor and tell you that several of the processes that your computer is running are malware or viruses.
If you continue to engage with them, they will request a credit card for special software that will take care of the problem.
An email which appears to be from a web site or service you use, asking you to click a link to a web page, where you would then provide personal information.
Here’s an example of a phishing
email asking Max to “update his Apple ID Profile”:
You receive a call from a person informing you that your computer has been compromised, your network has been hacked, or some other frightening story. They offer to remotely log in to your machine to fix it.
How to keep yourself safe:
Never click on a link in an email related to an account. If you need to verify the status of your Apple ID or your online banking information, go to the web site manually. If you suspect an email is a phishing attempt, look closely at the message. Does it use your real name, or simply your email address? Are there grammatical errors? Does the website or email domain look suspicious? If any of this is true, don’t click on the link.
Don’t believe alerts telling you the computer is “infected” or otherwise compromised.
When surfing the web, your browser is not able to diagnose problems with your computer or network. Any alert warning you about problems is most likely attempting to get you to call for support or download malicious software. Quit your browser and ignore the scare tactics.
Never consent to remote access from a stranger.
As much as Apple and Microsoft don’t want computers to become infected with viruses or other malicious maladies, a representative from those companies will never call you to help you fix your computer. If someone who’s called you out of the blue asks for remote access to your computer, end the call immediately.
When in doubt, Call Andy!
If you encounter emails, phone calls or web sites that you suspect may be a scam, don’t hesitate to contact your Call Andy! engineer or forward a suspicious message to us. We’re happy to answer any of your concerns or questions relating to safety and security on the Internet. We’re here to help and keep you safe.