News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – 31 days of paranoia – day 7

    Posted on October 7th, 2018 at 21:41 Susan Bradley Comment on the AskWoody Lounge

    Patch Lady here with a kind reminder that at this time the release of 1809 has been paused while Microsoft investigates.  If you’ve been hit by the bug, Woody’s got some advice. If you are already on 1809, I would stay on it and not roll back.  The bug occurs during the install, not the running.

    It’s now been seven days of paranoia and today’s topic is about social engineering.  Or as the FBI puts it in their video designed to help train political campaign workers to not be tricked… “targeted lies designed to get you to let your guard down”.  Social engineering is now one of the key ways that attackers use to get into our systems, however, it is not new.  Back in 1995, Kevin Mitnick was arrested for breaking into computer systems, often without cracking passwords, merely tricking the person on the other end of the phone call with key information to get them to trust him to turn over more information.  He now is the “Chief Hacking Officer” of Knowbe4 a security awareness company.  What worked then, still works now, except what often worked then had to do with a human, Kevin, calling the victim over the phone and gathering information to trick the person on the phone to turn over key information.

    Now we use phishing and spear-phishing (targeted attacks) via email to get to the same target.  As is noted in the video by the FBI, be careful what you share online and on social media.  Often you “leak” key personal information in social media posts.  Often password reset questions can be googled.  How many times have we seen reports of key individuals whose email accounts got hacked by being able to google up key questions in the person’s biography like where they went to school and so on.

    90% of breaches start with social engineering/phishing attacks.  Read that stat again…. 90%.  Ransomware containing emails have increased 6000% between 2016 and 2017.

    Bottom line they are out to get you so watch your email carefully.  For all the automatic tools and filters I have on my email, often the only thing between me and an attacker is a bit of skepticism and paranoia and not immediately opening up emails.  Don’t open attachments you weren’t expecting.  Run files through www.virustotal.com just to be safe.  Empower yourself it not immediately take action on email.  Be more suspicious of what comes into your email.  The vast majority of email in your inbox is there to attack you.

    Remember if you do want to buy that heavy duty Reynolds Wrap to get you through the next 24 days, make sure you buy it using the affiliate link so that Woody can get a small bounty.  😉

    If that helped, take a second to support AskWoody on Patreon

    Home Forums Patch Lady – 31 days of paranoia – day 7

    This topic contains 18 replies, has 11 voices, and was last updated by

     GoneToPlaid 5 months, 2 weeks ago.

    • Author
      Posts
    • #222657 Reply

      Susan Bradley
      AskWoody MVP

      Patch Lady here with a kind reminder that at this time the release of 1809 has been paused while Microsoft investigates.  If you’ve been hit by the bu
      [See the full post at: Patch Lady – 31 days of paranoia – day 7]

      Susan Bradley Patch Lady

      3 users thanked author for this post.
    • #222663 Reply

      Latka
      AskWoody Lounger

      This one looks really good.  I wonder if I can get updates monthly on a TFHaaS plan.

      https://www.amazon.com/Electro-Deflecto-Unisex-Foil-Size/dp/B01I497JAM/ref=sr_1_1

      1 user thanked author for this post.
      • #222665 Reply

        OscarCP
        AskWoody Plus

        Oh my, Latka, and what a wonderful gift for that “very special” friend this could be!

        And it’s a coed model too!

        Now, if we are going to discuss social engineering, I must have a degree on that from Somewhere U by now, as every year, for more years now than I care to think of, I have had to do a required course on IT security, including a lesson on the number of ways one can get abused or worse on line and even in person or over the phone. And social engineering, of course, is always one of those dirty tricks covered in that lesson. So what the Parch Lady has written in the Main page and started this thread with sounds pretty familiar to me. (Although I don’t really know about the vast majority of my still unread email just sitting there waiting for me to open it in order to get me…) Which means that I am now a totally paranoid old guy that does not thrust anyone on line he does not know really, really well. But always with that distressing idea at the back of his mind that, on the Internet, one’s interlocutor or correspondent can really be a dog. Grrrr… Arf!

        1 user thanked author for this post.
    • #222666 Reply

      samak
      AskWoody Plus

      “The vast majority of email in your inbox is there to attack you.”

      That doesn’t sound right to me. If it isn’t a mistake, what is this assertion based on ?

      W7 SP1 Home Premium 64-bit, Office 2010, Group B, non-techie

      2 users thanked author for this post.
      • #222824 Reply

        Susan Bradley
        AskWoody MVP

        https://gulfnews.com/news/uae/crime/two-thirds-of-emails-sent-this-year-were-malicious-1.2278892

        Two-thirds of more than half-a-billion emails sent during the first half of 2018 were malicious, making email-based threats a popular means of cyberattack, a new report revealed on Sunday.

        Based on Email Threat Report, released by FireEye Inc, an intelligence-led security company, only one-third of more than half-a-billion emails sent during the same period were considered ‘clean’. In fact, one in every 101 emails had malicious intent.”

        By the time it gets to you, your ISP or email platform has probably cleaned and blocked a lot of that… so my apologies I shouldn’t have used the words “In your inbox” …rather “sent to your inbox” as a better way to put it.

        Susan Bradley Patch Lady

        6 users thanked author for this post.
        • #222840 Reply

          b
          AskWoody Plus

          https://gulfnews.com/news/uae/crime/two-thirds-of-emails-sent-this-year-were-malicious-1.2278892

          Two-thirds of more than half-a-billion emails sent during the first half of 2018 were malicious, making email-based threats a popular means of cyberattack, a new report revealed on Sunday.

          The linked headline is misleading (in its use of two-thirds malicious). The actual report included spam in its figure of 68% blocked (and not actually delivered to an inbox):

          The majority of emails organizations receive daily are considered spam or malicious. This point is highlighted in the data by the fact that only 32% of traffic seen was considered clean and sent through to an inbox.

          Based on Email Threat Report, released by FireEye Inc, an intelligence-led security company, only one-third of more than half-a-billion emails sent during the same period were considered ‘clean’. In fact, one in every 101 emails had malicious intent.”

          Yes, the report identified less than 1% as malicious.

          The real message in the report is that 90% of malicious emails were phishing attacks and only 10% contained malware:

          New FireEye Email Threat Report Underlines the Rise in Malware-less Email Attacks

          Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker "Saluted blockhead" (Group ASAP)

          1 user thanked author for this post.
    • #222705 Reply

      geekdom
      AskWoody Plus

      Set mail to text only — read and write.

      Prohibit mail HTML.

      Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
      • #222762 Reply

        OscarCP
        AskWoody Plus

        geekdom:

        ”  Prohibit mail HTML.  ”

        What if one’s boss sends all the emails in HTML? As do a lot of people one wants to receive the emails from — even some whom one hasn’t even thought of, but what is in their messages is important — so one cannot whitelist them all? Perhaps you could elaborate on your comment? You might have a good point there, but it does not come through, at least to me, in that terse statement.

        • #222766 Reply

          PKCano
          Da Boss

          My email providers give me a choice between “classic email” and “enhanced email” (or some similar description). The Classic email is text only, the enhanced allows HTML. You might check to see if you have the same options.

          • #222772 Reply

            OscarCP
            AskWoody Plus

            Thanks. I have that option only for sending email, and I prefer to send text only unless, for some unusual reason, I need to use HTML. For example when I reply to a message sent as HTML that I need to have a copy fully preserved in the reply.

            But I have understood, perhaps incorrectly and that is why I would like to see this clarified, that the point made by geekdom in his entry is about blocking all incoming HTML mail, not sending it.

    • #222703 Reply

      anonymous

      It stuns me time and again that many people cry out loud if the government tracks or collects some data from them, via computer on filling mandatory forms or intel services collecting data in the background – but considering they voluntarily hand over FAR MORE data about themselves to PRIVATE BUSINESS COMPANIES operating outside the counter-monitoring of democratically legitimized institutions with their checks and balances, the yelling silence and the carelessness and mindlessness is breathtaking.

      Its as if you leave the house  not minding to close – not to mention: locking – the door, or getting to terms with your loved one in the bedroom and not caring for closing the window curtains first. But when the government calls for a census, the emotions spike high!

      Absurd.

      Marc

    • #222739 Reply

      anonymous

      Kevin Mitnick is not a real hacker. He should be chief officer. Most of his exploit were minor and had minor impact. Plus his train gives zero help and some of it has tracking/hacking stuff embed in it. Beware of his training courses.

    • #222810 Reply

      anonymous

      If you upload a file to VirusTotal. It is theirs to keep. I would never upload any document that has personal information.

      1 user thanked author for this post.
      • #222831 Reply

        Susan Bradley
        AskWoody MVP

        Remind me to blog about how you can upload the sha1 value to test rather than the file itself.

        Susan Bradley Patch Lady

        1 user thanked author for this post.
      • #222931 Reply

        OscarCP
        AskWoody Plus

        I do not know about Virus Total, but have Webroot’s “WebrootSecureAnywhere” and perhaps both do the same thing. Although WSA works in part from the Cloud, it does not send one’s files to the Cloud. As I understand it, it makes hashes of new files in one’s PC and then sends those hashes to the Cloud to compare them with those of known malware kept in their very large and up to date data base there. If it finds a match it rises a red flag and alerts the user. So it scans and compares hashes, not files and signatures, which is also faster than the usual approach of checking every file in the PC against all viruses’ signatures kept in a data base also in the PC, a data base that needs frequent updating. In my 11-year old PC it takes some seven or eight minutes to check for malware (and, if found, have options given as to how to deal with them), while in my new, faster Mac that takes between one and five minutes, depending, I suppose, on how busy their servers are at the time.

        This is from an article in Quora:

        SecureAnywhere is not signature based and does not require signature updates. It does not need to scan files to make determinations, but calculates a simple MD5 hash of each file and checks those MD5s with our database in the cloud. There are no processor-intensive file scans and database look-ups like traditional anti-virus software. A simple MD5 string pushed up to the cloud is all that is needed for new files arriving on the system to be vetted. ”  ” As soon as someone sees a new piece of malware, the MD5 hash and other metadata are transmitted to the cloud, and within minutes, that information is available to every other computer running SecureAnywere, every where in the rest of the world.

    • #222818 Reply

      GoneToPlaid
      AskWoody Plus

      I am the only one at the office who does not use Outlook for my email. Instead, I use a really old email program. I deliberately never set up Outlook when I installed Office 365 on my home computers since Outlook sends everything through Word.

      • #222855 Reply

        Tom in Az
        AskWoody Plus

        I would be interested to know which mail program you use.

        At my last job, we had to set Outlook to not use Word for composing mail as that caused problems with an enterprise system which also used Word for creating documents.

    • #222821 Reply

      rc primak
      AskWoody_MVP

      I wish what I am posting now could be applied to the general population. I have Asperger’s Disorder, a form of autistic disorder. This means for the purpose of this discussion that I don’t receive social cues in a normal way, and I miss a lot of the “conversation” in most social situations. One effect of this disorder is that I don’t get the kind of social manipulations which can rope a lot of “neurotypical” people in. Combined with a lifetime of learning to be skeptical, I have managed to avoid most (but maybe not absolutely all) social engineering schemes.

      I wish I could codify what it is about me that filters out the most common scamming techniques. But I haven’t got the research or social tools to make a full accounting of what the useful differences are, and to teach people how to ignore the cues I naturally miss.

      Another side-effect of my disorder is that I just don’t have much interest in social media platforms or the kinds of feeds they promote. Maybe that’s not always a good thing, but maybe my missing out is something not to be feared or disrespected by others, but something to be emulated from time to time.

      More research would seem to be justified. Just don’t use me as a “lab rat”, please. I prefer genuine friendships when I can sustain them.

      -- rc primak

      8 users thanked author for this post.
    • #223480 Reply

      GoneToPlaid
      AskWoody Plus

      I would be interested to know which mail program you use. At my last job, we had to set Outlook to not use Word for composing mail as that caused problems with an enterprise system which also used Word for creating documents.

      Can you explain how to do that? The office has occasional issues of Word and Excel docs occasionally locking up (can’t save them) when Outlook is running.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – 31 days of paranoia – day 7

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: