TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Researchers Turning To Algorithms To Combat Phishing

Chris Myers is a field service technician for Tech Experts.

Phishing is a type of social engineering attack used to steal user information such as login credentials, bank account information, or credit card numbers. The most commonly seen phishing attack is when an attacker, posing as a legitimate source, tricks a victim into clicking on a malicious link in an email. Once clicked, the link installs malware on the user’s computer and possibly gives the attacker access to other devices on the same network.

Often, the link opens a website owned by the attacker, specifically designed to look like a normal login or account validation page. However, when users enter their information into this website, all they are doing is giving that information directly to the attacker.

Phishing emails have been around since the dawn of the Internet, even having a paper and presentation discussing their use at the 1987 conference for the International HP Users Group, “Interex.”

While the basic premise hasn’t changed since then, attackers have had decades to improve their technique and automated delivery systems.

A New Defense
Jeremy Richards of the mobile device security company Lookout has been developing a novel solution to this problem. Lookout records the network traffic of over 60 million mobile applications and, as such, has a large amount of real-time data it can analyze.

After manually tracking phishing websites through this network, Richards discovered many telltale digital signs of phishing websites. He started creating tools to assist in this detection, but those quickly evolved into their own automated search engine.

The program now goes through several steps to algorithmically narrow down and positively identify malicious websites. For example, the program will check new domains (website addresses) for misspellings of technology or financial companies, or special characters used in place of normal lettering.

Once it spots a suspicious website, it will take a screenshot of the homepage and then automatically search for the logos of thousands of companies. Phishing websites almost always try to look official by using the actual logos from companies like Apple, Microsoft, and Google.

Once a site is confirmed to be malicious, Lookout can report them to the authorities, download the specific phishing code used by the attackers, then look for that code in future scans to find additional websites.

As phishing attacks occur with increasing frequency, these automated solutions will be necessary for us to stand any chance at stemming the tide of cybercrime.

How To Spot Phishing Emails
Here are some common characteristics of phishing emails that you can identify:

Poor grammar – Since most emails aren’t composed by native English speakers, they usually contain many grammar, spelling, and capitalization mistakes, along with unusual phrasing.

Generic or informal greetings – If a message doesn’t address you by name, it’s another sign that it is from an unknown attacker.

Sense of urgency – Most phishing emails want you to rush through the message and click on a link without looking at it too closely.

Hyperlinks – Hover over any links to make sure they go where they say they are going.

Attachments – Many phishing emails will include malware in attachments.

Unusual sender – If it’s from someone you don’t know, pay extra attention to the contents.

How Much RAM Does Your PC Really Need?

Frank DeLuca is a field technician for Tech Experts.

First off, note that how much RAM (along with the type and speed) that your system supports will depend on your motherboard.

Consult your PC/motherboard manual, or, if your PC was manufactured by an OEM, use a system checker such as the one found on Crucial.com to find out what RAM is compatible with your system.

Adding RAM to your computer is not a process that will magically make everything run faster. But it can aid your PC in multitasking and performing intensive-heavy tasks like loading 20+ browser tabs, content creation like editing videos or images, editing multiple productivity documents, and running more programs at one time.

Computers may experience significant slowdowns when running a large number of programs at once with low memory.

If all RAM space has been used when trying to open programs, the computer resorts to using virtual memory on the hard drive, which slows the computer down quite a bit.

Upgrading or adding additional memory can eliminate this problem as the computer doesn’t have to resort to using the hard drive for slower pagefile memory.

How much RAM you need in your computer depends heavily on what you use your PC for on a day-to-day basis and on how long you intend to keep the computer.

If you are thinking of investing in a new machine in the near future, waiting things out until your purchase might be the best bet.

If you already have a computer you love but want to shift gears into a different daily task that requires better performance, then upgrading your RAM as part of the process is a great idea and can breathe some extra life into your computer.

Productivity
If you use your Windows 10 computer for word processing, checking emails, browsing the Internet, and playing Solitaire, you should have no problem using 4GB of RAM. If you are performing all of these activities at once, however, you might experience a dip in performance.

Many budget PCs come with 4GB of RAM as a base option. If you plan on keeping your machine for several years, then opting for 8GB of RAM is the safer bet, even if you use it for light tasks.

Video and Photo Editing
This really depends on your workload. If you are editing quite a bit of HD video, go for 16GB or more. If you’re working mainly with photos and a bit of video thrown in, 8GB should get you through. Again, in this instance, it may behoove you to opt for 16GB to give yourself more future-proofing headroom as photo and video quality is only getting better with file sizes exponentially increasing and becoming more memory intensive. Editing will work on lower amounts of RAM, but you’ll become so frustrated with the poor performance that you’ll soon start yearning for an upgrade.

In a nutshell, here are some simple guidelines that apply to most PC devices:

  • 4GB: Entry level memory. Comes with budget notebooks. Fine for Windows.
  • 8GB: Excellent for Windows and Mac OS systems. We recommend this for most people.
  • 16GB: Ideal for professional work and the most demanding tasks.
  • 32GB and beyond: Enthusiasts and purpose-built workstations only.

Remember, buying more RAM than you need doesn’t net you any performance benefit. It’s effectively wasted money.

Buy what you need, and spend what’s left of your budget on more important components such as the CPU or faster storage space like a solid state hard drive (SSD) which can be 10 times faster than a conventional hard drive.

Are IT Issues Ruining Your Workplace Productivity?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Studies conducted by CareerBuilder Harris Poll in the US showed that at least 22 minutes a day are wasted by an average worker dealing with IT-related issues.

According to the poll, the leading cause of time wasted in the workplace is related to cell phone use, which ranked the highest at 50%, gossip which followed at 42%, and closely behind was internet use at 39%. This article will briefly outline how companies can work through IT issues so that they can save on time. And time is money.

How Much Time Is 22 Minutes Really?
Going by the average time in a 40-hour workweek, 22 minutes a day is close to two hours of work time lost each week. Imagine what that equals for a full year or 52 weeks. It comes out to be over 95 hours per year. When translated into days, that is close to two weeks spent dealing with IT-related problems. [Read more…] about Are IT Issues Ruining Your Workplace Productivity?

RAM And You: How Much Memory Do You Need?

Jason Cooley is Support Services Manager for Tech Experts.

Is there anything as frustrating as experiencing issues with your computer? There are many different performance issues that can affect your experience as a user.

If your computer is running slower than normal (or slower than it should), there are so many things that can factor in. One of the more common causes is system memory being over utilized.

First, we have to understand the different types of “slow” your computer expresses.

If Internet pages are slow to load but programs like Microsoft Word are quick and responsive, your speed issue is Internet related.

If programs are slow, lag out, or won’t respond, you are dealing with a system issue.

In these cases, a restart can be your best friend. If a restart doesn’t help your system, take a look at your resource usage. The task manager will show in real time the usage of your CPU and memory (RAM).

Let’s say your RAM usage is high, even after a restart. This is a problem and you just don’t have enough system memory to support your daily tasks.

How does this affect your system? What can you do about it? How much is enough?

A shortage of RAM on your computer wreaks havoc on the system performance. It not only limits the work that the RAM is capable of handling, but it also affects the CPU and the hard drive performance.

When applications need more than the available RAM, they use virtual memory from the hard drive. The amount of virtual RAM can be increased in your system by increasing the size of your paging file.

While this may help to run your programs, your system performance will suffer greatly.

The virtual RAM your system will use is much slower than physical RAM, causing a bottleneck where you are now reliant on the speed of your virtual memory. This limits the speed of data traveling between the CPU and RAM as well.

We know the RAM is limiting our performance. While the paging file allows you to run the programs you need to work, your system performance will make multi-tasking nearly impossible.

The best thing at this point is to upgrade to more physical memory.

There are some limitations to upgrading your RAM. Operating systems have a maximum supported amount of RAM. This varies from operating system versions, from year to year, as well as 32-bit versus 64-bit.

Your motherboard and CPU could also have a maximum amount of RAM.

RAM sticks come in different memory quantities as well and each slot in your computer may have a maximum, as well as an overall system maximum as well. A single stick of RAM can be 512mb or 8gb and anywhere in between.

RAM also comes in many types that can vary based on your specific motherboard. Upgrading your RAM can make your system run better, but there are many things to factor in when you upgrade your RAM.

So how much RAM do you need? It varies for everyone, but the more programs you use, the more RAM you need.

If you are buying a new computer for modern business, a minimum, of 8gb is strongly recommended and 16gb is even better. If you run many programs, especially things like graphic and video editing software, you may want more. If you are upgrading your current system RAM, similar rules apply.

Your tasks and usage dictate your needs; don’t be afraid to give yourself one of the best performance upgrades out there by adding more memory to your system.

What Is The Difference Between Backups And Redundancy?

Chris Myers is a field service technician for Tech Experts.

Modern businesses can generate massive amounts of data in a short period of time. As such, a vital topic of research are ways to project that data.

There are two main categories of data protection: redundancy and backups. These two types of data protection are both very important, but they are not interchangeable.

Both must be understood so that you are not caught unprepared when catastrophe strikes.

What Is Redundancy?
On a single hard drive, data is saved just one time. If that hard drive fails, then that data is lost. In order to prevent this from happening, multiple hard drives are used to store multiple copies of each piece of data.

This setup is called a “RAID,” which stands for Redundant Array of Independent Disks.

When a single hard drive fails in a properly set up RAID, the other drives change how they operate and continue saving files with very little interruption and no loss of data. In a business such as a doctor’s office where appointments are booked out three months in advance, redundancy can be the difference between a service call with less than thirty minutes of downtime and a multiple day outage affecting hundreds of patients and staff.

What Are Backups?
There are many other ways in which data can be lost, including file corruption, accidental deletion, fire, theft, malware, and more.

Redundancy can protect against hard drive failure, but in cases such as these, it is of no help. For example, if the user accidentally deletes a file, all redundant copies of that file will be deleted.

This is where backups come in. Backups copy your data onto a completely separate storage device.

The most secure backup systems are called offsite backups, because the data is copied to another geographic location entirely. If a user accidentally deletes a file that is backed up, that file can be restored using the backup copy.

However, restoring files from an offsite backup can take quite a long time depending on the amount of data and available network bandwidth. Due to this, many businesses keep another backup on a different device in the same building.

This is referred to as a local backup. Since restoring from a local backups only involve sending the data over the internal network, or even directly copying onto another drive, they can greatly reduce downtime.

So, Which Solution Should You Have?
None of these data protection methods are mutually exclusive and each of these methods has strengths and weaknesses.

With that in mind, most businesses will get the most benefit by having all of them in place because each one fills a gap in coverage left by another.

Redundancy will save data if a single drive is lost to mechanical failure, with very little downtime. However, it can’t protect against almost all other types of data loss.

A local backup will protect against all types of data loss except when both the default and backup locations are lost at the same time. Restoring takes longer than a redundant drive, but is still quite fast.

An offsite backup takes the longest to restore from, but protects against almost all scenarios.

So, the next time you want to impress your coworkers and possibly save the company, ask whether your server or network-attached storage has both backups and redundancy in place.

Nine Useful Windows 10 Features You Probably Never Use

Frank DeLuca is a field technician for Tech Experts.

Microsoft’s operating system runs on nearly half a billion PCs and laptops worldwide. It’s so commonplace that most of us don’t pay attention to the ways it can make our lives easier.

These are not secret features that Microsoft doesn’t want us to know about by any means. We may have just forgotten that these powerful tools exist.

Disk Cleanup
Disk Cleanup is a simple way to delete files you no longer need and to ensure your recycle bin is cleared out.

On Windows 10, type “disk cleanup” into your taskbar where it says, “Type here to search.” Then, click on the Disk Cleanup app.

Click on any of the entries in the list to see a description of what the files are and how much space can be reclaimed by removing them. Place a check mark in the box next to each entry you want deleted, such as temporary files.

Malware Removal
It’s more important than ever to have a multilayered approach to cybersecurity. Windows Defender is a security tool that can be set up to block malware attacks in real time or you can perform a scan when you need it.

To make sure Windows Defender is running, type “Windows Defender” into your taskbar. Select Windows Defender app.

Make sure it is set to real-time protection and that virus and spyware definitions are up to date.

Quick Assist
We all have that tech-challenged family member, but did you know that you can remotely manage a friend or family member’s computer (or vice-versa) so you can help fix their tech-related problems?

This handy feature is called Quick Assist and it can really be a lifesaver when offering IT assistance.

In Windows 10, type “Quick Assist” into your taskbar. Select Get Assistance or Give Assistance and then follow the onscreen instructions. You’ll thank me later.

Video Streaming
Windows 10 comes with its own built-in DLNA video and media streaming protocol. All you need is a DLNA-compatible device to stream to, like an Xbox One or Roku.

Type “Media Streaming” into the Windows 10 taskbar. Select Media Streaming Options and follow the instructions.

Task Scheduler
Task Scheduler helps you schedule tasks on your computer, like turning your PC off at a specific time each day. Type “task scheduler” into your taskbar to get started.

Virtual Desktop
The little rectangular box to the right of your “Type here” taskbar will change to display all windows you have open. Or you can click on New Desktop to create a new workspace without closing the windows you have open.

Find Missing Files
The command prompt can help you find files that your Windows operating system needs to work properly. It can also help you fix problems.

Type “cmd” into the taskbar. Right click on Command Prompt and select Run As Administrator. To find missing files, type “sfc /scannow.” To check for system problems, type “chkdsk /f.”

Print PDF
PDF is a print format that is compatible across multiple operating systems and software programs. You may not know that you can print in PDF format from any program running on Windows 10.

To do this, just go through the steps to print that you normally would. When you see the option to choose a specific printer, select the one that says, “Microsoft Print to PDF.”

Record Screen Activity
Did you know you can record videos on Windows 10? Just click the Windows key and the letter ‘G’ at the same time – then follow the prompts to record.

The Ransomware Threat Is Growing – Here’s Why

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

One of the biggest problems facing businesses today is ransomware. In 2017, a ransomware attack was launched every 40 seconds and that number has grown exponentially in 2018. What are the main reasons for this type of escalation and why can’t law enforcement or IT experts stop the growing number of cyber-attacks?

Ransomware Trends
One of the reasons involves the latest trends. The art of ransomware is evolving. Hackers are finding new ways to initiate and pull off the cyber-attack successfully.

Hackers rarely get caught. So, you have a crime that pays off financially and no punishment for the crime. The methods of attack expand almost daily. Attack vectors increase with each new breach. If cyber thieves can get just one employee to click on a malicious link, they can take over and control all the data for an entire company. [Read more…] about The Ransomware Threat Is Growing – Here’s Why

Work From Anywhere: How A VPN Can Help You

Jason Cooley is Support Services Manager for Tech Experts.

Work. Most of us have to do it and, typically, we spend around a third of our lives doing it. While you are already dedicating a third of your life to your job, sometimes there is a need to get more work done.

The old statement that “there aren’t enough hours in the day” really applies to a lot of hardworking people who go above and beyond the expected contribution.

The dependency on technology is constantly increasing and, because of this, many of us have jobs that depend on computers.

Often, these jobs require us to be at work in our office, whether it be to run applications hosted on the work server or to access documents.

So, say you have a few extra hours of work to do. You need to use a program at your office or maybe just some stored documents. Now, you have to go in to the office on a day off… unless you have a VPN setup.

What is a VPN?
VPN stands for Virtual Private Network. The internal network at your office would be considered a private network.

The IP addresses are not broadcasted for everyone to see and there is almost certainly some sort of security device keeping unwanted traffic out.

With a VPN, it creates a tunnel from your computer to your office, creating the illusion that you are actually inside that private network.

The VPN program will put your computer on the network virtually, hence the name Virtual Private Network.

The concept of a VPN and how it works is fairly straightforward. You may be asking yourself how safe it is. A VPN is typically viewed as one of the best layers of protection, not just for connecting to a network offsite, but for also hiding the data transmitted while doing so.

In theory, data transmitted over a VPN cannot be accessed or intercepted. This is why a VPN is viewed as a simple and safe way to access your private network, as well as to browse the Internet privately (private does not mean anonymous).

What are all the things a VPN can do for you?
A correctly configured VPN can put you on a network from anywhere where you have an Internet connection.

With a VPN setup, you can now work on those documents. You can use your software that is only available in the office where the database is hosted. You can even send print jobs over the VPN to a printer in your office. A fellow staff member needs a document printed and you are at home? No problem, you can send the request just like you were at your desk.

Who needs a VPN?
While a VPN doesn’t benefit everyone, it sure can make your life a little easier if you’re a road warrior, and maybe even score you some more time at home.

The cost and setup of a VPN is not at all daunting, making it a viable option for anyone with a need to access files and programs they normally couldn’t without being in their office.

Attackers Embed Malware In Microsoft Office Documents To Bypass Browser Security

Chris Myers is a field service technician for Tech Experts.

Cyber attacks continue to increase at a rapid rate. In 2016, there were 6,447 software security vulnerabilities found or reported to authorities. In 2017, that number rose to 14,714, more than double the previous year. Halfway through 2018, we are at 8,177 with no signs of slowing.

One of the biggest avenues of attacks is Adobe Flash Player, which has been a leading source of vulnerabilities for over 20 years.

Modern browsers have been phasing out Adobe Flash over the past 5 years. In December 2016, Google Chrome completely disabled Flash Player by default.

Mozilla Firefox started to block the most vulnerable parts of Flash Player by default in 2016 and 2017.

The latest Flash Player vulnerability, designated CVE-2018-5002 by Adobe, aims to circumvent those browser changes by hiding the attack in a Microsoft Excel file, which is then distributed by targeted emails disguised as legitimate bulletins from hiring websites.

To hide this from anti-virus software, the hackers went another step further by not including the malicious code directly in the Excel file. Instead, they just embed a small snippet that tells the file to load a Flash module from somewhere else on the Internet. Due to this, the file appears to be a normal Excel document with Flash controls to anti-virus applications.

CVE-2018-5002 is what’s known as a Zero Day vulnerability, which means it was used by attackers before it was discovered and patched.

This particular vulnerability appears to have been used in the Middle East already.

In one instance, businesses in Qatar received an email that mimicked “bayt.com,” a Middle Eastern job search website. The attackers sent the email from “dohabayt.com.”

With Doha being the capitol of Qatar, it was easy to assume that dohabayt was simply an extension of the main website.

However, a true branch of bayt.com, known as a subdomain, would be separated by a period like so: doha.bayt.com. Once the target was tricked into opening the email, they were directed to download and open the attached Microsoft Excel file named “Salaries.”

This was a normal-looking table of average Middle Eastern job salaries, but in the background, the attack was already going to work.

How To Avoid Being Infected
The fake email scenario described above is known as phishing. Phishing is the attempt to disguise something as legitimate to gain sensitive information or compromise their computer.

The word phishing is a homophone of fishing, coined for the similarity of using bait in an attempt to catch a victim.

The attack described above was a type of phishing known as spear phishing, where the attacker tailored their methods specifically to the intended victim.

They disguised the email as a local site used for job or employee hiring, and the file as a desirable database of salary information.

Phishing emails are most easily identified by checking the sender’s email address. Look at the unbroken text just before the “.com”.

If this is not a website known to you or if it contains gibberish such as a random string of numbers and letters, then the email is almost always fake.

While the attack above was sophisticated, most phishing emails simply try to trick the user by saying things like “Your emails have been blocked, click here to unblock them” or “Click here to view your recent order” when you did not actually order anything.

Always be vigilant. When in doubt, forward the email to your IT department or provider for them to check the email for viruses or other threats.

How Can You Improve Your Online Privacy?

Frank DeLuca is a field technician for Tech Experts.

You have probably heard about the myriad of security blunders that have plagued the business and IT worlds. We’ve seen considerable security and privacy miscues from some of the world’s biggest businesses, organizations, and government agencies.

This includes data breaches, attacks from hackers, privacy concerns, and theft where massive amounts of private user data were lost and/or misplaced. If major institutions can fall victim to these privacy and security lapses, then so can individuals and society at large.

The Internet can certainly be a scary, confusing place, especially for the uninitiated, but there are many ways in which you can protect yourself, mitigate risk, and increase your privacy while having an online presence.

Use Strong Passwords For Your Sensitive Accounts
Using strong, unique passwords (symbols, long phrases, capitalization, punctuation) can help you avoid that gut-wrenching feeling that you get when you realize that someone has hacked your account and has access to your personal information. Not knowing what’s going to happen to your work or your memories is something no one wants to experience.

Creating strong and unique passwords for each of your online accounts is a smart practice. The reason is quite simple: if one of your online accounts is hacked, then the others will soon follow. Consider a password manager like LastPass or Keeper to create, store, and manage your passwords.

Don’t Allow Or Accept Cookies From Third Parties
The purpose of the computer cookie is to help websites keep track of your visits and activity for convenience. Under normal circumstances, cookies cannot transfer viruses or malware to your computer.

However, some viruses and malware may try to disguise themselves as cookies, replicating after deletion or making it easier for parties you can’t identify to watch where you are going and what you are doing online.

Because cookies are stored in your web browser, the first step is to open your browser. Each browser manages cookies in a different location. For example, in Internet Explorer, you can find them by clicking “Tools” and then “Internet Options.” From there, select “General” and “Browsing history” and “Settings.”

In Chrome, choose “Preferences” from the Chrome menu in the navigation bar, which will display your settings. Then expand the “Advanced” option to display “Privacy and security.” From there, open “Content settings” and “Cookies.”

Use A VPN Or VPN Provider
A virtual private network, or VPN, can help you secure your web traffic and protect your anonymity online from snoops, spies, and anyone else who wants to steal or monetize your data.

A VPN creates a virtual encrypted tunnel between you and a remote server operated by a VPN service. All external Internet traffic is routed through this tunnel, so your data is secure from prying eyes. Best of all, your computer appears to have the IP address of the VPN server, masking your identity.

To understand the value of a VPN, it helps to think of some specific scenarios in which a VPN might be used. Consider the public Wi-Fi network, perhaps at a coffee shop or airport.

Normally, you might connect without a second thought. But do you know who might be watching the traffic on that network? If you connect to that same public Wi-Fi network using a VPN, you can rest assured that no one on that network will be able to intercept your data.

Additional tips: keep your Windows operating system and your applications such as Microsoft Office up to date at all times, don’t post private information on your social media accounts, and use browser ad/tracking blockers.