Category: Maintenance

Backups are essential. We cannot stress this enough. As we use our devices to run our lives more and more, protecting the data on them is more important than ever. We deal with customers all the time who lost all their data because they don’t have backups. In today’s post, we cover the different ways to back up your device.

Where To Start?

Before we get into how to backup your data, we need to start with what you should back up. The first thing to back up is your personal data. While you can backup your operating system or programs, these could be reinstalled in the event something went wrong. However, your personal data is irreplaceable. To that end, consider your documents, photos, videos, things you’ve created (photoshop, etc.), and anything else you wouldn’t want to lose in the event something happened to the computer.

As mentioned earlier, backing up your operating system and programs is also an option. This method will save you time and a headache in the event of a complete system failure. Full system backups are also good if you alter the system files or registry, and something goes wrong.

Backup Options

There are several different options to backup your data. Some may work better for your situation than others, so evaluate your options before selecting which method to use.

External Drives

External drives and, in some cases, flash drives are a quick way to back your data up to a secondary device. Both Windows and Mac operating systems have back up utilities. Windows 10 uses File History, and Mac uses Time Machine. Both have settings where if you leave the drive plugged into the computer, backups will happen automatically. Pro: Easy, fast, cheap way to back up your data. Con: If your house is damaged or robbed, chances are the backup, and the computer will be lost.

Internet Backups

Choosing an online service to handle your backups is a great way to have a copy of your data that is safe, regardless of what happens at your computer. Popular backup services include Backblaze or Carbonite. These programs install on your device and backup your data in the background. Pros: Offsite data backups protect you against any natural disaster or robbery. Cons: These services usually cost money, restoration of data can take a long time and can slow your computer if a big backup is taking place.

Cloud Storage Options

This technically is not a backup in the sense of the options mentioned earlier. However, these will serve the purpose of a majority of users who just want to have copies of their data. These include Dropbox, Google Drive, Microsoft OneDrive, and others. They sync your data across any device that has your account installed. These backups will happen automatically, as long as the account is configured correctly. Pros: Backups are easy to complete and maintain, protect data regardless of what happens to your device, accessible anywhere with an Internet connection. Cons: These services have free trials but cost money for large amounts of data, not an ideal method depending on the file type.

Multiple Backups!

Ideally, you should have a combination of the methods mentioned. Local backups (external) and offsite backups (cloud) are important. Local backups are faster and act as the first line of defense in the event of data loss. In addition, you don’t need an Internet connection to access your information. The main downside to local backups is they are going to be near your computer. If your home gets flooded or burned down, your computer and external drives will be destroyed. Offsite Backups are advantageous because they are protected from anything that happens locally. You don’t need to worry about external drives failing or a natural disaster.

If you found this article interesting or helpful, check out our other posts!

Facebook released a new tool showing users how ads arrive in front of you. With this ad tool comes the ability to opt-out of the digital tracking. The feature is called Off-Facebook Activity and provides the data that Facebooks collects while you are on its site. Interestingly enough, this tool is only accessible through its mobile app. In order to use it, you will need a mobile device with the Facebook Mobile app installed.

No More Ads

Open up the Facebook app and hit the three lines in the top right. Scroll down to the Settings menu. Once in the settings, scroll down to the Your Facebook Information section. Within it, you will find Off Facebook Activity. The next page describes how the new settings work. Essentially, businesses or organizations provide information to Facebook. For example, John bought a drill from Home Depot. This information is attached to your account, and target ads become more targeted.

There are three options for handling this process. The first is to simply manage the Off Facebook activity, meaning you can control which companies can and can’t share information with Facebook. Secondly, you have the option to erase your history or view other possibilities like download details about your browsing on Facebook.

In order to stop all sharing with Facebook, select the More Options. Select Manage Future Activity and turn the toggle for sharing off. It can take up to 48 hours for the changes to take effect. The caveat, Facebook will still receive the information, but it will not be attached to your account.

If you found this article interesting or helpful, check out our other posts!

So your scrolling through your inbox, and you see that you received a phishing email. First, don’t panic; bad actors send millions of these a day. The good news is that as long as you do not click on anything in the email, your computer will not be infected. Here is what you should do next.

Again, Don’t Panic

Most email clients like Apple Mail, Gmail, and Outlook catch a majority of spam emails containing malicious attachments or code. Even if one sneaks through to your inbox, it doesn’t mean your computer is infected. Even if you open the email by mistake, your computer is still safe. Email clients will not allow any code to run when an email is opened.

With that said, remember phishing emails are a legitimate security risk. The purpose of them is to get you to lower your defense so the bad guys can access your information. Do NOT click on any link or attachment in the email if you suspect that the email is a phishing attempt.

In addition, never reply to the sender. Scammers will send these emails to as many addresses as they can, and when you reply, you become a bigger target for more spam emails. Once the scammer knows you viewed their email, they will send you more emails.

Verify The Sender

When the email comes from someone you know or a company you associate with, check with them to see if it’s legitimate. If you’re concerned about the message, create a new email, text or call the person and confirm that they sent the email.

If the email comes from a company or bank, go to their website to contact them. Do NOT search the company online and call the first number that pops up. Always call the number on the company’s website to avoid other potential scams.

Report The Email

Below is a list of places you can report phishing emails.

• Your email provider: Most email providers will have a process to report spam emails. This process varies depending on the email provider.
• Your company: If the email comes to your work email address, follow your company’s policy in handling it. Some companies have certain IT security procedures to deal with spam emails.
• A government body: In the US, the Department of Homeland Security handles these emails. A branch of the department, Cyber Security and Infrastructure Security Agency, requests that the email is forwarded to phishing-report@us-cert.gov.
• The organization from which the email came: Most companies and agencies will have dedicated forms or processes for reporting phishing emails. This is usually found on their website or run a quick search for [organization name] report phishing.

Mark The Email As Spam

Marking the email as spam will prevent any more emails from the sender from reaching your inbox. In addition, you can add the sender to a spam list on any client.

Delete The Email

Lastly, delete the email. This will remove the email from your inbox. As long as you didn’t click on the link, you will not need to run a virus scan or delete your browser history. However, it is vital to run scans regularly to maintain a healthy computer. Once the email is reported and deleted, relax, and continue your web surfing.

If you found this article interesting or helpful, check out our other posts!

Clients have asked us about where the best place to position their desktop computers would be. Some people prefer it on their desk, but most people put it on the floor. Wherever you decide to position your desktop, you should consider the ventilation of the computer. Below are some things you should take into account when setting up your desk space.

Airflow

Most desktop cases are not flat on the bottom. Several have feet that will help keep the computer from sliding around and allow air to be sucked in through the bottom of the case. If you put your computer on the carpet, it can inhibit that airflow and allow heat to build up. This can lead to performance issues with your computer. If you have hardwood or tile flooring, you shouldn’t have any problem. If you have carpet, and you want to put the computer on the ground, consider getting a board or a stand to sit your computer on.

Dust

Since your computer’s fans will be pulling and pushing air around the case, it will inevitably suck in dust. However, placing your computer on the floor can increase the amount of dust that it sucks up and accelerate the buildup. Dusk will make your computer not cool itself as efficiently as it would without dust. It is always a good idea to clean out your desktop with compressed air to limit the buildup. If you place your desktop on the floor, check it every few months to see if it needs to be cleaned.

Other Considerations

If you can control the airflow and the dust, then having your desktop on the floor is fine. Overheating is ultimately what you want to avoid as your computer’s components can be damaged due to excessive heat. If your home is prone to flooding, the floor is not the most ideal position. On the flipside, some people are hesitant to place their desktop on their desk because they do not want it to get knocked over. Another reason the floor might be more desirable is the ability to hide cables easier, prevent cords from running all over the place. While there is no wrong way to set up your system, these are just some ways you can keep it running strong for years to come.

If you found this article interesting or helpful, check out our other posts!

Man-in-the-middle (MITM) attacks happen when a bad actor intercepts traffic between two computers, like a laptop and a remote server. The person will be able to listen in to any communication between both machines or steal information. MITM attacks are a serious concern for businesses, especially as more people work from home.

Access Without Direct Access

The attacker does not have to have direct access to your device to execute a MITM attack. They just need to be on the same network as you. Crafty attackers will sometimes create their dummy networks, similar to the real thing to trick you into connecting it.

A common target area is locations with an unencrypted public network like an airport. The attacker connects to the network, then downloads a tool that captures everything going back and forth over it. Once the information is collected, the attacker can analyze it to find useful information.

This approach is less effected since the rise of HTTPS, which provides encrypted connections to websites. Even if its capture, the information can not decrypt the information. An HTTPS connection does not guarantee that you’re safe. Attackers developed ways to sometimes trick a computer in downgrading the connection, making it unencrypted.

Rogue Routers & Network Based Attacks

Another form of this attack is called an ARP Cache Poisoning. This is where the attacker attempts to associate their MAC address with someone else’s IP address. A MAC address is like a serial number for the device, and MAC addresses are how networks differential between different devices. If successful, the data intended for the victim goes to the attacker.

DNS spoofing is an alternative form of this attack. The DNS is similar to a phonebook, just for the Internet. It associates the name of a website (thecomputerwarriors.com) with a numeric IP address. When successful, an attacker forwards real requests to a fake site then captures the data.

Protect Yourself

Thankfully, there are a number of ways to prevent this type of attack from happening to you. The biggest component is staying vigilant. Avoid public WIFI hotspots, and most phones can become a hotspot. This will use your cellular data but allows you to keep control of the network.

In addition, using a VPN on your computer will encrypt all the traffic from your computer before it leaves. There are multiple VPN providers, offering different features and pricing models. Do your research before purchasing a service, that way you will feel comfortable using it.

If you found this article interesting or helpful, check out our other posts!

If you ever lost your smartphone, you have probably been filled with anxiety and worry. It’s not a pleasant feeling. Our smartphones have become gateways into our lives, with contacts, pictures, social media, and financial information all packed into a pocket-sized device. While physically losing a device is stressful, having it hacked like a computer is almost worse. It is like someone broke into your house and stole your essential information. Good news is you there are steps you can take to help protect your device and information in the physical and digital realm.

Update, Update, Update

Updating your operating system (OS) and applications can be annoying. They always seem to come at inconvenient times and introduce new features that can be confusing to use. However, they also will often contain critical security patches and improvements. In the digital space, for every one person making systems more robust, move people are trying to break in. Updating your phone can help close avenues that digital thieves may have found to get into your device.

Don’t Use Public WiFi

Shopping centers and stores are offering public WiFi for their customer’s convenience, but public WiFi can be a breeding ground for all kinds of digital trouble. Thieves can set up their networks that look very similar to the public ones. Unsuspecting users can connect and essentially hand their digital traffic and logins to the thieves. There are also ways to exploit the Bluetooth on some phones. As a result, we recommend turning off these features when you can to help keep your device protected.

Put A Lock On Your Phone

Make your phone password or PIN protected. You also can set biometric locks if you do not want to enter a password or PIN each time. However, don’t forget your PIN or password because if your phone restarts you will have to enter it in one time to allow the biometrics to function. It is also a good idea to log out of any critical applications when not using them.

Two Factor Authentication (2FA)

Most people don’t like this because it adds an extra step to logging into an application or program. Ultimately, this is why 2FA is effective in protecting your logins. For example, if I were to try to login to your email from my desk, I wouldn’t be able to with 2FA turned on. Even if I had your password, 2FA would send a 6-digit code to your phone via text message. I would need to enter this code in to finish the sign-in and without I can’t access your email. More information about 2FA here.

Robust Passwords

A strong password is the oldest trick, but still very true. Never make your password something obvious, like a birthday or a pet name. The password should include a mixture of symbols, numbers, and lower/ uppercase letters. For example, if you were to set your password as ‘password,’ change it up like this: P@$$w0Rd. This mixture makes it harder for your password to be hacked. Also, don’t use password as a password, that was just an easy example.

Also, most sites will have you fill out security questions when you set up your account. Never answer those answers honestly, it can make them easier to guess. If you set an item to ‘What is your favorite car?’ and your social media page is filled with a Mustang. A hacker wouldn’t have to work too hard to figure out the answer. Change up your answers for different sites.

Phishing & Spam

Beware of these emails that are sent to your inbox trying to trick you into logging in. They are getting more convincing by the day. Avoid clicking random links and NEVER sign in through a link in the email. If you have a feeling, your account has been compromised. Go to the app and follow the security steps. It will most likely involve an email, but it will be sent almost immediately after you initiate the process.

Built-In Protection

Turn on ‘Find My iPhone’ for Apple devices and ‘Find My Phone’ for Android devices. They can help locate your device on a map if you lose it. They also can erase your phone remotely so if you can’t get it back your information within it will be inaccessible. In addition, they can ping your device, making it ring to help you find it.

A/V For Your Device

Most of the antivirus companies that have programs for your computer also have them for your phone. These apps will ensure that apps, images, PDFs, and other download content to your phone aren’t laced with malware.

Application Permissions

Check to see if your applications are using more of your phone then they need. Companies love data, especially social media companies. Those free apps are usually paid for by harvesting your information and then selling it to all sorts of companies. You can limit what the application has access to on your phone without severely affecting the overall experience. These permission settings can be accessed in the app or phone settings.

Backup

As always, back your device up. Let’s face it; life happens, often when we least expect it. Backing your device up is the best way to ensure if anything happens to it, you will have your data backed up. Better to lose a weeks’ worth of new data than a years’ worth.

If you found this article interesting or helpful, check out our other posts!

It has happened to you. You turned on your computer only to find that it has Ransomware. Your files are locked, there is a timer, and thieves are demanding payment. Should you pay them? This is a difficult question. The ransom can be expensive, and if you don’t know what Bitcoin is, the preferred payment method, where do you begin the process. You also have to weigh whether or not you will get your data back if you pay. So what should you do?

Don’t Pay – According to Some Experts

McAfee fellow Raj Samani says don’t pay. That may seem like an easy thing to say when your files aren’t being held, but it is solid advice. The US government does not negotiate with terrorists, and you shouldn’t either. By paying the ransom, it will encourage the behavior.

Ransomware has become so successful in recent years that hackers have prepared and sell ransomware kits. These turnkey solutions give anyone the ability to launch attacks with the little technical experience needed.

But what if you are a city or healthcare facility that has been attacked? In 2017, ransomware affected 16 hospitals. These entities had little choice but to pay because the cost of not paying was far greater than the price of the ransom. It is a grey area, but the victim will need to weigh the value of the data against the cost of the ransom.

And If You Pay?

Experts may disagree on whether or not to pay but consider this. What happens if you pay the ransom, and you are not given access to your data, or the key doesn’t work. There is little recourse in this scenario. Thieves prefer digital currency payments since they are untraceable, and once it’s gone, it’s gone.

Some security firms state that if a victim pays, they will potentially open themselves up for more attacks in the future. The victim will get placed on a list of people willing to pay. If you do pay and get your files back, you need to have your computer looked at ASAP. Have any malware removed and step up the security.

What If You Don’t Pay?

There are several things to do if you choose not to pay, and if you prepare correctly, you shouldn’t have to. Firstly, update your computer when they come out. Turn on and update the antivirus installed on the computer. McAfee has launched a project with several law enforcement agencies and about 100 government and corporate partners to help recover files. No More Ransom is also free to use, but not guaranteed.

The best solution to put you in a position to tell the thieves to shove it is to have a separate backup of your data. Whether local or cloud base, your files will be safe from their hands. Once you get your computer cleaned up, everything can be pulled down from the cloud.

If you found this article interesting or helpful, check out our other posts!