Google+ How to avoid phishing attacks like the one that hit the DNC by Daniel Howley ~ High Tech House Calls
Expert Computer Consulting for Homes and Small Businesses

Let there be hope...

Life has changed there is no doubt and we wanted to reach out to see how you are doing.

As we go through this interesting time, we are trying to look at this as an opportunity to focus on our family and on friends like you. Let us use this extra time to catch up and talk more. Let us cook food that is not fast, but interesting and satisfying. Let us learn to enjoy a time to try new things. Let us find ways to enjoy time at home!

Computer Security

If my client base is any experience, anyone can be a victim of a Ransomware, Malware or Virus attack.

What can you do about it?

I conduct audits of your entire computer infrastructure and apply best practice solutions to plug the security holes on your computers, Smartphones and networks.

Now offering consultations to give you the best protection possible:


404.229.0839
carlthorne@hthcatlanta.com

Jack of All Trades, Master of Many

Jack of All Trades, and Master of Many

We provide technical support for:


Homes and small businesses

Windows and the Mac OS platform

iPhones and Android Smartphones

Wireless and wired networks

New device setup

Old device upgrade or repair

One-on-one training

Remote assistance


How To Stop Malware

Friday, December 16, 2016

How to avoid phishing attacks like the one that hit the DNC by Daniel Howley

DNC phishing email. 
This is the phishing email used to hack the DNC’s network. (image: The Smoking Gun)
On Tuesday The New York Times published an extensive report on this year’s cyberattacks on the Democratic National Committee’s computer systems by hackers working with the Russian government. The piece is well researched and worth the read. But the most jarring tidbit from the report is how the hackers gained access to the DNC: a common email spear-phishing scam.

According to The Times, emails were sent to members of the DNC disguised as notifications from Google’s (GOOG, GOOGL) Gmail telling them someone had attempted to sign into their account from Ukraine. The phony messages included instructions for recipients to click an embedded link in order to change their passwords.

And, it worked.
Employees clicked the links and essentially handed over the keys to their email accounts and the DNC’s network. The saddest thing is that by following a few basic steps, employees might have realized the phishing email was fake and saved a lot of headaches.

But phishing attempts are so scary because of how simple they are to pull off. Just a quick message, a dash of social engineering and you’ve got an international news story.

“It’s pretty amazing,” Kevin Haley, director of product management for Symantec Security Response, told Yahoo Finance. “When you look at those attacks, those are basically the standard bread and butter phishing attack. Although all of the things around it are extremely well done.”

Criminals are a bigger threat than foreign governments

Now before you work yourself into a frenzied panic for fear that a foreign government is lurking online hoping to crack into your email and steal your backlog of chain letters from your uncle Ted, it’s important to note that Google says fewer than 0.1% of users receive phishing emails from state actors. What’s more, the company says targeted individuals generally include “activists, journalists and policy-makers.”

If, however, you receive a phishing email from a foreign government, Google will provide you with a special warning alerting you to the fact.
Google email warning.
Google will provide you with this warning if it believes your email is being attacked by a foreign government. 
 
Unfortunately, the sad truth about the internet is that there are still plenty of other criminals and malicious actors who would be more than happy to set up shop in your email account or break into your computer and hold it for ransom. Even more likely are attacks aimed at your work email to attack your company’s systems. 
 
Computer security company Kaspersky Labs reports that its anti-phishing system was triggered more than 30 million times in Q2 2015. And that’s just on computers that use Kaspersky software. 
 
So how can you protect yourself against similar attacks? With a little knowledge and some patience. 
 
Staying safe 
 
According to Haley, the biggest giveaway that the email you’re reading is a phishing attempt is if it has typos or poor grammar. 
 
More sophisticated attackers, though, will ensure their emails are crisp and typo-free, so you’ll have to do a bit more investigating. Kaspersky recommends hovering your pointer over any links in emails to preview them for typos or inconsistencies. If it’s a phishing scheme, the link preview will point to the wrong site. So if you get an email from Amazon and the link points you to stealyourstuff.com, you know it’s a fraud. 
 
Better yet, don’t even bother with the link in your email and go to the official website named in the message instead. In other words, if you get a email from FedEx or Google asking you to click the link in the message to check your account, just go to FedEx or Google’s website instead. 
 
And don’t fall for messages urging you to click on any links in your email immediately. “When you see that kind of urgency of getting you to try to click on something that’s a big warning sign,” Haley said. 
 
Outside of links, you’ll also want to avoid downloading any files you’re not expecting to receive, even if they come from family or friends. There’s no reason for major companies to ask you to download invoices or order forms via your email unless they’ve already told you to look out for them. And while you might think you can trust your friend’s email, there’s always the chance that it too has been hacked and is being used to attack others. 
 
Naturally, one of the best ways to prevent a phishing attack is to install a solid anti-virus security program on your computer. Many modern AV solutions offer protection against spam and phishing attempts. 
 
If, however, you think you’ve already been the victim of a phishing scam, the best thing to do is disconnect your computer from the internet. Haley says this can prevent any malicious software on your system from sending your data back to the criminals. Next, you’ll want to run your AV program to try to remove any malware that you may have. If none of that works, Haley suggests seeking professional help to clear out your system.