OK brief education on SSL and HTTPS.
When you go to a website by typing xxx.xxxx.com the browser automatically adds http:// in front of it, this is so the Internet knows what you want.

(FYI, http is NOT secure and NOT encrypted and anyone from your network, home or work, your ISP, and throughout the internet can read the traffic.)

If on the other hand you type in https (Note the “s” at the end) you are telling the browser to go to the Internet in SSL or encrypted mode. If you go to you bank or Facebook with the “s” in place you will land on an encrypted web page that will build an encrypted tunnel to your computer and no one on any network will be able to read it. Thus if you type in your userid and password they will be safely protected from spying eyes! Basically the “s” means safe. Https, use it!

Example:
Facebook would look like: https://www.facebook.com

Your bank would look like: https://www.yourbank.com

The Internet is full of snakes, don’t let them eat you!

-Spike

Videos on YouTube, Facebook, or even CNN are great vehicles for bad guys to install malware on your computer. Videos are large files with lots of room for malware to hide. Most computers will open a video viewing application that allows you to watch the videos. This means you are used to another screen opening and even saying yes to your security system when it asks if the browser can open the application. So next time be careful when watching videos on the Internet. Pay attention to your security systems message and don’t just say yes… Read it first!

If you own a business consider blocking streaming videos at your Internet edge. Lastly, make sure you update your computer regularly.

The Internet is full of snakes, don’t let them eat you!

-Spike

The Internet is full of snakes, don’t let them eat you!
-Spike

Why?  Well many people use Facebook and the culture is more open and sharing.  Many people also use the same password on Facebook as their online banking, which makes it a great target. 

Now, people we have talked about this, right?  Your Facebook password IS different than any other you use?!?  Right?? And because Facebook gets attacked so regularly you change that password every month, right?

The Internet is full of snakes, don’t let them eat you!

Also, “like” the Facebook system Security Page to keep up with them and their own warnings!

-Spike

These phishing attempts pop open a new window either with their home screen or like the most recent and insidious a Facebook logon screen.  In either case they will take your credentials and then ask you to open your profile. 

Now they have your credentials and your friends list and they begin sending to your friends as YOU.  So be careful.  If you have a new page open and it wants your Facebook credentials question how you got there and DON’T PUT THEM IN!

The Internet is full of snakes, don’t let them eat you!

-Spike

Social media is like the Internet in the mid ’90s.  You cannot hide your head in the sand and ignore it.  You cannot just block it like you tried to do in 1995.  You have to embrace it.  Like it or not, your employees, customers and competitors are using it.  You need to take  hold of it and make it a part of your business. 

Two different groups within your business are asking three questions about social media (or should be… hint, hint).  The sales and customer-facing side are asking: What is social media, how can I use it, and how will it help my business?  The security and IT sides are asking: What is social media, how will my business use it, and how can it harm me?  Note the similarities of the two question sets.  These groups SHOULD BE WORKING TOGETHER! 

Social media is here to stay, and from a security point of view, we have to deal with it.  To deal with anything in the security world, you have to understand it (no not the technical details of it, but what it is and how it behaves).  To do that, get both groups together and talk.  Social media is being used whether or not you choose to participate.  You cannot avoid it, or you just end up looking backwards and old-fashioned.  That may be good for some, but not many! 

Once you realize social media won’t go away, your security staff will tell you social media sites are giant virus farms.  Yep, they are right.  But it still won’t go away and your employees will still use it.  So, get your systems the best virus protection, set your Internet edge up with the best malware scanning, and most of all, TEACH your people how to use social media safely as well as the tools you installed on their computer.  Sure, you might get a virus, but your company will be using the best tools available to get to the customers out there.

5 things to do to get in front of the Social Media Train!

1)      Build a companywide social media strategy team and plan for it

2)      Produce a policy about the appropriate use of social media

3)      Train your employees on right, wrong, and what to expect

4)      Get your tools together, update everything, and stay on top of AV Updates and System patches

5)      Take advantage of the social media marketplace

The Internet is full of snakes who change every day; deal with them head on!

Spike

The good folks at Symantec have reported a number of fake emails seen from support@twitter.com.  Twitter doesn’t send out emails with that address, so these should be deleted immediately.  Twitter is not the only victim; these same emails have been seen as originating from Amazon and Apple.  See this Symantec article for more details.

The Internet is full of snakes; don’t let them eat you!

Spike

Watch your email, for messages claiming you have received, won or been gifted an electronic gift certificate. The most common one is pretending to be from iTunes, but they have been seen from other major retailers as well.

The message congratulates you on receiving these gift certificates, and instructs you to download and open the attached ZIP file. DON’T DO IT. The ZIP file contains a virus.

If you receive one of these, just delete it. If you have already opened one of these ZIP files, run your anti-virus program and run another vendors free online scan as well (or use Immunet – you did install Immunet, right?).

The Internet is full of snakes, don’t let them eat you!

-Spike

Videos are one of the most common and easist ways to spread a virus so don’t click on video links or videos posted in Facebook (or just about anywhere else for that matter) unless you trust the content producer and provider.

What to watch for:  A pop up that looks like a windows system message or message from an anti-virus program telling you you have some number of viruses.  These pop ups are very good and designed to make it hard to distinguish from your real antivirus program.  DON’T CLICK ON THESE!! And Don’t panic. 

How to tell the real ones:  Know who your anti-virus vendor is. Open their normal window, and look at how they are formatted.  (Hint: you need to do this BEFORE you encounter one of these pop ups.)  Look at the logo. 

When you get a pop up… Did it look like your purchased system messages?  Did it have the right logo?  If you are still unsure close the pop up window  (ONLY Close these windows from the bottom control bar if you can)  Their should be a little rectangle on the bottom bar that you can right click on and say close.  This is about the only safe (mostly) way to close these… IF you click on the pop up you still might run the malware included, so be careful.  Once you close the box, run a normal full scan on you computer to see if anything got through.  Sadly this may not be accurate.  If you think it did, contact your local computer wiz and have them use an “offline” scanner like Ultimate Boot Disk for Windows on your system (or go get it yourself).

If you have installed one of these, they are very hard to remove.  The best way is to restore you system from a back up and then put your data back… You do back up right????  If not go to a different computer and download a free antivirus remover like Malwarebytes or McAfee Stinger (for fake av) or a specific tool from Symantec.

These things are real pain to deal with.  Be wary of any pop ups and read them carefully.