CompuClever Blog

How to Protect Your Privacy & Identity on Facebook – Part 2

by

In our Part 1 article we covered news related to the Facebook privacy scandal. In Part 2, we will emphasize what you can do.  We’ll provided three best-practice recommendation for protecting your identity and privacy.

Our Private Data

As Facebook users we accept the privacy policies when we sign on.  For the most part we don’t even read over the extensive policy pages.  Instead we set up our account and enter data related to our personal lives.  We understand in the process this information gets recorded and stored.

Take Action:

We recommend that you get a clear idea of how much and what kind of data Facebook collects on you.  Check out the “Data In” section of our previous article for directions on accessing the data Facebook has collected from you.

Facebook is a free service and we can expect that they make revenue by providing our data to advertisers.  What many of us are not aware of is that they pass on our data to third party developers and organizations.

This is why we can sign on to a new app or online service using our Facebook login.  Right away they can access our data so that it is easier for us to create a new account with the third party app rather than having to enter all the personal information they require once again.

But what kinds of control are in place once our data leaves the hands of Facebook?  What kind of regulations are there to protect our privacy and information?  This is what Facebook’s Mark Zuckerberg has to address.

Facebook Updates

In the past Facebook has revised its privacy policies.  However, these previous revisions have been toward openness and sharing rather than protection of privacy.  Unfortunately, “…they were optimizing for profitability rather than security and privacy of their members” says David Kirkpatrick author of the Facebook Effect.[1]

Zuckerberg’s promise at the beginning of this year was to fix Facebook in 2018 – this is no small task.  In fact, he has stated that fixing the company’s problems will take years.

Presently, users are informing users in their News Feed if they’re among the millions of people whose data was improperly harvested by Cambridge Analytica.

Other changes we can expect in the near future: [2]

  • Users will receive notice of all apps they use and what data is shared with those apps.  They then have a chance to delete apps they no longer want.
  • Facebook will restrict access to certain data that applications can acquire.
  • The option to search for users by entering a phone number or an email address will be removed.
  • Facebook will set out to delete all logs after a year and only time of calls will be collected.
  • New policy will also make users aware that WhatsApp and Instagram are part of Facebook and that the companies share information about users.  WhatsApp will still have a separate policy while Facebook and Instagram continue to share one.

Free

Whenever something is offered for free we need to ask: how is this business generating revenue?  Some companies offer a trial license for their software as a means to test drive the service.  Others rely on donation.

In the case of Facebook, it is free to users but there are associated costs.  Not only does Facebook sell data to advertisers who then place ads that are targeted to meet our purchasing preferences, they also harvests our data for app developers as well.

Surveillance Capitalism:

One term being used in many news sources related to this Facebook scandal is “surveillance capitalism”.  Shoshana Zuboff, Harvard Business School professor states that it drives much of the internet.

It’s behind most of the “free” services, and many of the paid ones as well.  It utilizes psychological manipulation in the form of personalized advertising to persuade you to buy something or do something, like vote for a candidate.

“…while Facebook is one of the biggest players in this space, there are thousands of other companies that spy on and manipulate us for profit.” [3]

We need lawmakers to force these companies into the public spotlight and to enforce lawful conduct.

Regulation

Although Facebook is in the process of change and updates we need to ask: how is it possible to keep private data secure after it’s sold to third parties?  Facebook has admitted that it is impossible to monitor what these third parties do with the data once it is out of their hands.  However, Mark Zuckerberg has said that his industry should be regulated.

At present he is facing Congress and has delivered an apology and is answering questions.  But what will be the outcome of this?  What about past regulation?  Zuckerberg has stated they regularly testify before Congress on a number of topics.

In 2011, Facebook offered privacy assurances in a settlement with the FTC (Federal Trade Commission).  Allowing Cambridge Analytica to harvest data could be a violation of that settlement.  The ability to transfer the data of users’ friends should have been banned with the 2011 consent.  But what is the FTC going to do to enforce existing regulations?

Turning Up The Heat:

In 2016, the European Union passed the comprehensive General Data Protection Regulation, or GDPR.  One mandate restricts collection of personal data of EU citizens to be only saved for “specific, explicit, and legitimate purposes” and only with user consent.

This means, consent cannot be buried in the terms and conditions.

This law will take effect in May and companies worldwide are paying attention.  It is expected that this will expose the industry like nothing else.  In preparation for this law, PayPal published a list of companies it might share your personal data with – over 600 companies.

 Best Practices – Privacy at Stake

There is no doubt that privacy of information is at stake.

It’s essential that we throttle back on what information we make available online and what data is stored on our PC.  Here are our recommendations.

    1. We recommend the privacy functionality associated with PC Cleaner. By using the available functionality you can see all the personal and private data you have on your PC which could be accessed by illegitimate means.
    1. When on a public Wi-Fi network, we highly recommend not sharing out any sensitive data. Even downloading records online from a public location or terminal can leave your data vulnerable to hacks.
  1. If you decide to delete your Facebook account, consider the following:
    • You will need to sever all ties with Facebook including Messenger, WhatsApp, and Instagram. Your data can be shared with these apps and policies are similar or, as with Facebook and Instagram, shared.
    • Any apps that you “log in using Facebook“ will no longer work and you will have to enter your log in credentials for these.
    • Delete all Facebook instances from all devices including your mobile ones. Make sure you delete and not deactivate.  Use this link from Facebook.
    • Do not even attempt to log in to Facebook for at least two weeks or you will cancel the account deletion process.

Last Comment

We started out this two part series asking a question of what to do as a Facebook user.  Undoubtedly, the data breach has been the final straw for some and these users are choosing to delete.

Do we throw the baby out with the bath water?

We need to acknowledge that there are positive online developments, and we need to take an active role in shaping it.

With respect to the baby / bath water analogy – we certainly can agree the bath water is dirty!

As for the baby – in the case of social media technology – we need to closely examine if it’s being overfed.

“…the thing we need to understand now,” Shoshana Zuboff states, “is that the online world, which used to be our world, is now where capitalism is developing in new ways.”

[1] http://money.cnn.com/2018/04/09/technology/

[2] https://www.ctvnews.ca/sci-tech/

[3] https://www.schneier.com/

Facing the Truth – Facebook & Privacy

by

Feeling connected is fundamental to the human experience – feeling part of the whole.  What better way to do that then from the privacy of our home?  We pick and choose when and where and for how long we want to connect when using online social media.

In a previous article we examined Facebook and pointed out its allure.  We listed the aspects of this “free” service and we identified “Likes” and “Dislikes”.  Were we too quick to accept at face value, the company’s emphasis on the importance of privacy?

A Bit about Facebook

  • Facebook, launched in 2004, is the most popular online social media and social networking service. It is based in the U.S. and is the creation of Mark Zuckerberg and his fellow Harvard friends and roommates.
  • As of June 2017, Facebook reached 2 billion active users.
  • It is a giant in terms of net worth. According to Wikipedia, as of Mar 25, 2018, it is worth US$62.2 billion.
  • Recently the company has faced considerable scrutiny and public pressure in relation to hate speech, fake news, depictions of violence, and privacy.

Recent News

Facebook has been in the news multiple times of late.  With news related to privacy of data, we need to start with Aleksandr Kogan, a University of Cambridge professor, who created a survey filled out by 270,000 people.  In doing so, he was able to access the data of what was reported as more than 50 million Facebook users – recent news has been released whereby Facebook has admitted that upwards of 87 million people were affected by this breach.[1]

While Kogan gained access to this information using legitimate means, via proper channels governing all developers on Facebook, he violated rules related to passing the data to third parties which included Cambridge Analytica.

Zuckerberg was aware of this in 2015.  The action taken at that time was to ban Kogan’s app and demand legal certification from Kogan and others he shared it with.  According to Zuckerberg[2], Cambridge Analtyica completed certification and told Facebook that they actually hadn’t received raw Facebook data at all.  Furthermore, Cambridge Analytica deleted it and weren’t using it.

This reliance on certification turned out to be, as Zuckerberg admits, one of the biggest mistakes made.

Cambridge Analytica:  Is a British political consulting firm established in 2013, that combines data mining, data brokerage, and data analysis along with strategic communication.  They are in part owned by Robert Mercer and Alexander Nix has been the CEO however, this position was suspended after a Channel 4 news segment was broadcasted.  In this he was videotaped in an undercover, hidden camera video interview during which he spoke to someone he believed would use the firm in Sri Lanka for election persuasion purposes.  Nix speaks of creating sex scandals and using fake news to manipulate voters.

Cambridge Analytica has been involved in elections worldwide.  Their executives claim the company has worked in more than 200 elections around the world, including Nigeria, Kenya, the Czech Republic, India, and Argentina.

In 2016 they became involved in the 2016 Brexit referendum by supporting persuadable voters to vote for leaving the EU.  On 18 May 2017, the US Congress began investigation with their connection to Russian attempts to interfere with the 2016 U.S. presidential election.  Cambridge Analytica worked for Donald Trump’s political campaign but there is some question as to the level of involvement.[3]

Nix has made bold claims and it is uncertain if some statements have been embellished.  He was quoted as saying this in October, 2016:

Today in the United States we have somewhere close to four or five thousand data points on every individual … So we model the personality of every adult across the United States, some 230 million people. [4]

The Data

News reports point to unethical organizations making use of personal data made available by Facebook.  This begs the question: what data do they have on us and how can they use it?

Data In:

As soon as a user signs up, data and information is collected.  This includes all data – conversations, pictures, videos, and even documents sent via Messenger.  Does this surprise you?  Would you want to see what the information on you includes?

Should we be concerned?  If you use Facebook on your phone and your phone is an Android device, or you use Messenger to send attachments… it would be a good idea to take a closer look.

Users are discovering that they can request to have all of their Facebook data in a zip file.  Some are astonished to find that this data can include data on every call made and text sent.  There are users that are discovering that the data held by Facebook includes rental property lease forms, tenant ledger reports, bill statements, and screen shots of bank transfers.[5]


To download your information:

  1. Click the down-pointing triangle at the top right of any Facebook page and select Settings
  2. Click Download a copy of your Facebook data at the bottom of General Account Settings
  3. Click Start My Archive

In about 10 minutes Facebook processes the request and you’ll get an email and notification when the file is ready to download.

Data Out:

Likely no one is surprised to know that our personal data is being used and shared out to advertisers.  Facebook makes money on sharing out data to advertisers and to app developers.  The challenge is that there is no control of how the data is used once passed to these groups.

Indeed the most alarming aspect of Cambridge Analytica’s “breach” is that it wasn’t a breach at all. It happened almost entirely above board and in line with Facebook policy.[6]

World Response

Investigations are ramping up world-wide.

US:   Zuckerberg will testify before Congress.  On April 10, before a joint hearing of the Senate Commerce and Judiciary Committees and the next day before the House Energy and Commerce Committee.  The U.S. Federal Trade Commission are conducting separate investigations. [7]

This is a serious matter as stated by Senator Amy Klobuchar who serves on the Senate Judiciary Committee.  The senator will ask him to explain “what Facebook knew about misusing data from 50 million Americans in order to target political advertising and manipulate voters.” [8]

UK:   Damian Collins, chair for the Digital, Culture, Media and Sport Committee in the House of Commons, questions Facebook user data policies.  “Their answers have consistently understated this risk, and have also been misleading to the Committee,” Collins said. “I will be writing to Mark Zuckerberg asking that either he, or another senior executive from the company, appear to give evidence in front of the Committee as part our inquiry.” [9]

MPs on the digital, culture, media and sport committee have accused Facebook of misleading it in a previous evidence session and called for Mark Zuckerberg to appear before them to answer questions.  They have also recalled Nix. [10]

A U.K. parliamentary media committee summoned CEO Mark Zuckerberg to testify about how Facebook uses data.  U.K. Information Commissioner Elizabeth Denham is investigating how Cambridge Analytica got the data. [11]

Germany: After a meeting with its executives about the abuse of users’ data, the justice minister of Germany stated she wants closer oversight.

Australia: The Information and Privacy Commission has demanded that Facebook provide information on whether any Australian citizens were affected by unauthorized use of profile data. [12]

The Response:  Zuckerberg is set to testify next week before a U.S. congressional committee, and he said top executives at the company would be dispatched to other countries wanting to hold government hearings on the scandal. [13]

User Response

Zuckerberg has stated that the users affected by the misuse of personal data by Cambridge Analytica will be notified.  To date, this has not yet happened.  There are users that are going to delete Facebook as a result of this news and one of the questions we have posed has been: What is the best course of action with regard to Facebook and social media services?

We invite you to give this some thought and to check in with us next week for our Part 2 edition as we outline what Facebook is doing to correct this wrong and we identify the costs associated with what we thought was a “free” service.

We’ll provide out best practices and recommendations for being active on a social media service like Facebook.  However, we’ll leave it up to you to choose your level of exposure and if posting online personal information is worth the associated costs.

This concludes the first part of our Facebook and Privacy article.

We’ll pick it up next week.  Stay tuned!

[1] https://www.ctvnews.ca/
[2] https://www.wired.com/
[3] https://en.wikipedia.org/
[4] https://news.sky.com/
[5] http://www.nzherald.co.nz/
[6] http://money.cnn.com/2018/03/19/
[7] https://www.ctvnews.ca/
[8] http://money.cnn.com/2018/03/19/
[9] https://www.parliament.uk/business/committees/
[10] https://www.theguardian.com/uk-news/2018/mar/22/
[11] https://www.ctvnews.ca/business/
[12] https://www.theguardian.com/uk-news/2018/mar/22/
[13] http://www.metronews.ca/life/2018/04/04/

Five Useful Tips and Tricks for Windows 10

by

Since the launch of Windows 10, Microsoft has released a few major updates, including the Creators Update.

The update gets its name from a variety updates that are intended to allow Windows users to create things on their computer. The Creators Update is also said to give Windows users more control over Windows updates, and solve some other issues.

As a matter of fact, Windows 10 is an amazingly powerful operating system that already offers plenty of hidden features most people don’t know about. To help you get the most out of your computer, here are five tips and tricks for Windows 10.

1. Personalize Windows 10

how to personalize windows 10

While the Windows 10 interface is a big improvement over previous versions of the operating system, it’s always nice to be able to personalize how it looks.

To personalize Windows 10, click on the start button in the bottom-left corner of the desktop. Next, click on the “settings” gear and select “personalization”.

You can change the desktop background here, and also apply different colored accents, based on your personal taste.

2. Customize File Explorer

how to personalize file explorer

What used to be called “Windows Explorer” is called “File Explorer” in Windows 10. File Explorer features something called “Quick Access” that displays frequently used folders and recently used files.

It’s easy to personalize which folders show up in File Explorer. It’s also easy to pin and unpin folders and rearrange them by dragging and dropping. Unpin them with a right-click and Unpin from Quick Access.

To add folders to the Quick Access list, simply drag them over to the left. Remove them with a right click and Unpin from Quick Access.

3. Lockdown Privacy

how to increase window 10 privacy

Privacy is a complicated when it comes to Windows 10. Many experts are worried about how much data Microsoft automatically collects from each and every user. On the other hand, Windows 10 has a ton of privacy controls. If you open in “privacy” in settings, there are more than one hundred settings to choose from. There are privacy setting for everything from your location to your contacts and call history. Microsoft collects data from all of this.

So, the question is, which privacy settings are most important?

For example, Windows 10 collects information about your browsing habits using advertising ID. The ID doesn’t just gather information about you when you browse the Web, but also when you use Windows 10 “apps” or software programs.

To turn off Windows advertising ID, launch the Windows 10 Settings app by clicking on the Start button at the lower left corner of your screen.

privacyNext, type in “privacy” in the search box.

Click on “Privacy Settings” and select “General.” There you’ll see a list of choices under the title “Change privacy options.”

The first option on the list controls your advertising ID.

Move the slider from On to Off. You’ll still get ads delivered to you when you use the Internet Explorer or Windows Edge browsers, but the ads will be generic rather than targeted, and your interests won’t be tracked and sent back to Microsoft.

Ed Bott, writing for ZDNet, has more  recommendations for Windows 10 privacy.

4. Reduce Advertising

how to reduce windows 10 advertising

While it may seem hard to believe, Windows 10 features advertising, and lots of it. There are ads on the lock screen, ads in the Start menu, and little ads pleading with you to try a free trial of Office 365 or switch to the new Microsoft Edge browser.

5. What to Do When Windows 10 Upgrade Process Fails

While purchasers of a computer that comes installed with Windows 10 will never have to worry about this, sometime there is an error during the actual process of upgrading to Windows 10 and everything grinds to a halt.  

Happily, PC TuneUp Maestro does have a tool for addressing a number of Windows Update errors and should be the first thing to try if you have the program installed. Learn how to recover from this problem here.

More Tips?

Click here to read another 5 Windows 10 tips.

If you have Windows 10 tips you would like to share with us, leave us a comment below. In the meantime, stay tuned for more Windows 10 tips and tricks!

Going Incognito – Browse Web in Privacy Mode

by

 

Incognito, according to Wikipedia, from the Latin incognitus, refers to a person who wants to remain anonymous to the world and others, in hiding or shut off from humanity.

Web surfers have the option to enable privacy mode or “Incognito” mode on their browser.  Each of the main browser type offers some level of private browsing.  It is known as Private Browsing, InPrivate Browsing, and Incognito depending on the type of browser used.

Basically – this is a privacy feature that quite simply provides some privacy on your local computing device but, DOES NOT provide hidden detection or stealth beyond that.  Your ISP (Internet Service Provider) and other agencies connected on the Internet can detect your activities via your unique IP address on the web servers.

Disabling functions such as the web cache and browsing history make this a relatively private way of browsing the web.  Cookies, the data holders sent by web sites to recognize or track your online activity, are also disabled.

Items Deleted or Not Saved:

The list  of items that are deleted or not saved when you browse during Incognito or Privacy  mode are:

  • Website history.
  • The cache of files stored during your browse session.
  • History of files downloaded.
  • Search history stored by the browser.
  • Cookies from browsed sites.
  • Data on forms you have filled out.

Items That Are NOT Private:

There are items that are not deleted and the ways you remain exposed to detection:

  • Search histories stored from search providers like Google are not deleted.
  • Websites can identify you and keep a record of your visit.
  • Your ISP can detect your network traffic and identify your IP address.
  • Any malware on your PC or device can track your activities.

Also, it is important that you keep in mind the browser does not likely perform a secure delete and items from your browsing session can be recovered.  Until that data is overwritten with other data it can be undeleted using special recovery software.

Pros and Cons?

So why would you want to use Incognito?  It doesn’t seem entirely private after all.

Pros

The reasons for using this more of browsing include:

  1. Reducing the history, browsing, and personal data stored on your PC or device.
  2. You can prevent storage of sensitive data such as log-in credentials.
  3. You can also use multiple accounts simultaneously using several tabs at once.
    Tip: You can let a friend check their email or log onto Facebook without you having to log out.  Just start up a new Incognito window.
  4. You can perform searches that are not influenced by any prior browsing history.
  5. Browser extensions are disabled so that Facebook and Google and other services can’t track you.

One of the main reasons however is to hide your online interactions on the computing device you are using from those sharing the same device.

In a busy household full of people… using Incognito mode can prevent others from seeing potentially embarrassing items.  It also prevents others from revealing your search history or the cache of browsed files.

Cons

We’ll, conversely, you may want to monitor online activities on your PC or device.  You may be concerned that someone will incur a malware infection or that they are browsing to websites that could be considered risky, unethical, or harmful. This is when you would want to disable Privacy / Incognito functionality as described below.

Also, having a false sense of protection can lead to consequences.  ISPs pass data to copyright holders (such as music, videos, books, or games), who are cracking down on the downloading of copyright materials.  The ISP is required to forward notices from the copyright holder alleging infringement of that work.

And, as we have pointed out, you are not completely stealthy.

How to Go Incognito

So now that you have a better idea of what the limits and benefits of this mode of browsing are, you can follow the easy steps outlined below to activate it.  Of course it will depend on which browser you are using.

  • Chrome: Click on the ellipsis menu () at the right end of the menu bar, and select: “New Incognito Window”.
  • Firefox: Click on the icon with three horizontal lines near the top right corner of the browser, and select: “New Private Window”.
  • Internet Explorer: To change to an “InPrivate” session in Internet Explorer you would hold down Ctrl+Shift and press P (Ctrl+Shift+P).
  • Microsoft Edge: Click the button with three dots (), called the “More” button, and select: “New InPrivate Windows”.

Disabling It

As we mentioned above, you may want to disable this function so that you can detect for yourself the online activities of others in your household. Click the links below to take you to the specific directions for your browser type.

Warning: most of these procedures require a change to the registry.  We recommend you do a backup beforehand and proceed with caution.

For Parents:

If you’re a parent worried about your kids and their private online activities (for example, pornography or social networking sites), then you can first try to disable the functionality as mentioned above.  That way you can check the search and browsing history items.

You can also take the next step and look at filtering software such as NetNanny that will block porn and whatever else you want to filter even when the browser is in Incognito mode.  They have it for computers and mobile devices.  It’s not free but could be worth the peace of mind.

Last Note

We’re in favor of providing information that in the right hands is used with good intent.  To reach a higher level of stealth you would need to look at using a VPN solution.  A VPN masks your physical location and IP address so the website you’re visiting doesn’t really know who or where you are.

We hope this information has been of help to you and enhances your web browsing experiences.  For more information on this topic see our past posts:

Feel free to contact us with any questions or comments on this and other subjects.  Simply send us an email at: newsletter@compuclever.com

Don’t be Held at Ransomeware

by

 

With two prominent malware attacks occurring back-to-back during the past two months, you’re likely familiar with the term  – “Ransomware” – a cyber-crime gaining worldwide attention. In this article we explore ransomware in depth and offer recommendations and instructions to prevent it from happening and to protect your PC.

Ransomware defined:

You can think of ransomware as “data kidnapping”. It is the result of a malware attack that blocks access to a user’s PC data. Once infected, the attackers try to force you into paying money so you can regain access. In some cases there is a threat to publish or delete the data unless the ransom is paid. Data and access is blocked by using strong file encryption.

Computers can be infected whether at home or in the work environment. This includes PCs on an enterprise network or government agency servers.

Some ways of infecting your PC include:

  • Surfing to unsafe or fake websites.
  • Opening emails and email attachments from unknown sources.
  • Opening malicious links in emails, Facebook, Twitter, and from online chat apps such as Skype.

The two main types of ransomware are: Lockscreen and Encryption.

  1. Lockscreen ransomware prevents you from accessing your PC or files and instead displays a full-screen message saying you have to pay a ransom to regain access.
  2. Encryption ransomware prevents you from opening your files by encrypting them. The encryption is very strong (uses an AES-256 “military grade” cipher algorithm), and would take an estimated 3×1051 years to crack. Also, a unique encryption key is generated for each infected computer so you can’t just get someone else’s key.

Note: There are older versions of ransomware that display false messages such as claiming you have performed an illegal activity with your PC. They then state you are being fined by a police force or government agency. We want to stress that these claims are false and can be considered a scare tactic designed to extort money from you.

What is the result of the attack?

While there are various forms of ransomware, all of them prevent you from performing normal PC functions. This includes:

  • Getting locked out! Preventing you from accessing your operating system.
  • Blocked access to files! Files are now encrypted and you can’t access them.
  • Disabled apps! Certain programs (like your web browser), are no longer able to run.

What about the ransom?

Some ransomware attacks involve the victim having to pay money while some make you complete a survey. Payment of money is performed online and sometimes involves the victim having to pay in Internet currency Bitcoins. Due to the nature of those that commit these cybercrimes – there is no guarantee that your data or PC will return to the pre-attack state.

How much do they extort?

Symantec gained access to a malware server in 2012. This provided them first hand insight of the ransoms that were paid out. In a single day 5,700 computers were infected and 2.9% paid the ransom. This comes out to approximately $33,600 for one day.

“Given the number of different gangs operating ransomware scams, a conservative estimate is that over $5 million dollars a year is being extorted from victims. The real number is, however, likely much higher.”[1]

Recent Ransomware attacks…

WannaCrypt; May 12, 2017:

Many users around the world were victims of the malicious “WannaCrypt” software attack which has been considered one of the worst and most widespread cyber-attacks. More than 230,000 computers in over 150 countries were affected. All files on infected PCs were locked and the demanded ransom was 300 dollars in bitcoins.

Interestingly, people running Windows 10 were not targeted by the attack. Despite this, this attack was serious as evidenced in the steps Microsoft took. They took a highly unusual step in providing a security update for all customers to protect even the Windows platforms that are in custom support only. This includes Windows XP, Windows 8, and Windows Server 2003.

Supported versions of the operating system (Vista, Windows 7, 8.1, 10, etc.), have access to the security update MS17-010. If users have automatic updates enabled or have installed the update, they are protected. Microsoft states[2]: “For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010“. They go on to state that this attack may evolve over time and additional defense strategies are warranted.

Petya; June 27, 2017:

Companies across Europe and the US were affected by the ‘Petya’ ransomware attacks. Infected computers displayed a message demanding a Bitcoin ransom of $300. Victims were unable to unlock their computers even if they paid the ransom.[3] The instructions included sending confirmation of payment to an email address. However, that email address was shut down by the email provider and there was no way to contact the attacker for a decryption key to unlock their computer.

This ransomware attack exploited the same Microsoft exploit as WannaCry – the vulnerability known as EternalBlue. Even with the patch, this cyber-attack has two other ways to spread within an organization focusing on the network administrator’s tools. Experts believe the initial infection is suspected to have been delivered through email (as with WannaCry).

If Infected With Ransomware:

You are a victim of a ransomware infection once you see some form of ransom demand appearing in a dialog window, an app, or a full-screen message. Unfortunately, this demand is displayed after encrypting your files or disabling some part of your PC.

Before you try to recover your files, Microsoft suggests trying to fully clean your PC with Windows Defender Offline. After this you can try to Backup and Restore in Windows.

We fully agree with Microsoft: “Do not pay any money to recover your files. Even if you were to pay the ransom, there is no guarantee that you will regain access to your PC or files.”

If You Already Paid:

If you paid the ransom, contact your bank and local authorities immediately. Your bank may be able to block the transaction and return your funds if you paid with a credit card. Inform your bank if you did submit credit card details to the cyber thieves.

We suggest you also contact the following government agencies that deal with fraud and scam reporting:

Prevention:

There are safe measures you can take to lessen the impact of attacks and failures and there are ways to prevent malicious attacks from crippling your PC and network.

  1. Keep a current back up of your data files (images, video, documents and music).
  2. Keep your Windows install up-to-date with the latest Windows security updates.
  3. Keep your antivirus program up-to-date. We highly recommend a reputable AV program with active subscription (one that keeps up to recent malicious attacks). We invite you to check out the performance and protection offered by CompuClever Antivirus PLUS.
  4. Do not open email links or files from a sender you do not recognize. In many cases you can recognize a fake email and webpage because they have bad spelling or look unusual.
  5. Be careful where you surf on the internet especially with less reputable sites. There is a greater chance of contracting a malware virus. Quite often unsafe sites can look convincing and have only subtle differences.

Microsoft states[4]: “Look out for strange spellings of company names (like “PayePal” instead of “PayPal”) or unusual spaces, symbols, or punctuation (like “iTunesCustomer Service” instead of “iTunes Customer Service”).”

Stay Safe:

Hundreds of millions of emails that include a ransomware attachment are being sent out every month. Many of these are being blocked and software vendors are working hard to shrink security holes and fix this ongoing cyber-crime.

As can be seen with the information provided here, staying informed, taking precautions, and using safe practices can help prevent you from getting an infection that could save you time and your data. If you require further information on this subject we recommend Microsoft’s Ransomware FAQ page.

[1] http://www.symantec.com
[2] https://blogs.technet.microsoft.com
[3] https://www.theguardian.com
[4] General information on ransomware