Send me Bitcoin or I will expose you for visiting porn sites – scam / sextortion

JohnMHoyt Computer Security Leave a Comment

Public Service AnnouncementHey friends, I woke to find an email from a client who said they were being extorted for thousands of dollars and wanted help in securing their computer.

Turns out, I also received an email today from Spiceworks which addressed the exact same email…  The email looks like this:

From: Ciel Quan <mxwendelcs@outlook.com>

Date: July 12, 2018 at 12:43:49 PM EDT

To: “user@ourorganization.org” <user@ourorganizatrion.org>

Subject: user – password

I’m aware, <AN ACTUAL PASSWORD THE USER USED>, is your password. You don’t know me and you’re probably thinking why you are getting this e mail, correct?

actually, I placed a malware on the adult video clips (porn) web site and you know what, you visited this website to experience fun (you know what I mean). While you were watching video clips, your internet browser started out functioning as a RDP (Remote Desktop) with a key logger which provided me accessibility to your display screen and also webcam. Immediately after that, my software program obtained every one of your contacts from your Messenger, Facebook, as well as email.

What did I do?

I made a double-screen video. First part displays the video you were watching (you’ve got a nice taste : )), and second part displays the recording of your webcam.

What should you do?

Well, I believe, $2900 is a fair price for our little secret. You will make the payment through Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).

BTC Address:

(It is cAsE sensitive, so copy and paste it)

Important:

You now have one day in order to make the payment. (I’ve a unique pixel within this email message, and at this moment I know that you have read this email). If I don’t get the BitCoins, I will, no doubt send your video recording to all of your contacts including close relatives, co-workers, etc. However, if I do get paid, I will erase the video immidiately. If you really want proof, reply with “Yes!” and I definitely will send out your video recording to your 9 contacts. This is a non-negotiable offer, thus do not waste my personal time and yours by responding to this email message.

The good news is that there is (most likely) no recording… And there’s no actual malware (most likely)… Therefore this person is totally safe (most likely).

The scammer has made this very creative post, and it’s got factual information in it to help give it some bite.  But, they didn’t get that password from malware they planted, they instead pulled it from one of the previous breaches.

So, don’t fall for this. Nobody saw you doing something you would be embarrassed by (most likely).

Here’s a link to the Spiceworks article:

https://community.spiceworks.com/topic/2147924-sextortion-scam-campaign

And another article worth reading:

https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/

Be careful out there!

If you do feel your business may have been affected by malware, or could be, let’s talk.  Homeland Secure IT helps businesses in the Greenville SC area. Use our CONTACT FORM or call 864-990-4748.

We’ve been nominated Best of the Upstate – Best Computer Services!

JohnMHoyt John M. Hoyt's Personal Stuff, Pamela's Personal Stuff Leave a Comment

In this day and age, where the “big boys” are the only ones who can afford TV and print ads, it’s amazing when a small, local business gets a little blurb out there… Especially when it’s “free” so to speak….

You see, each year, for as long as I can remember, The Greenville News has sponsored a reader driven “Best of the Upstate” awards system. Sure, the big box stores get in there and they win, quite frequently, because lots of customers equals lots of votes. Heck, lots of employees equals lots of votes.

Anyway, we were nominated by you, and we are honored to even be nominated! It means a lot to us that you took time from your busy schedule to do that!!!!!!

But, now, the voting has begun and we’re just one of many who are up for the one award.

If you would be so kind as to give us another minute of your time to vote, we would appreciate that very much as well!

Here’s the things my family are up for:

Culture, Arts & Entertainment – Best Local Band

Services – Best Computer Service – Homeland Secure IT

Shops and Wares – Best Carpet Store – McAbee’s Custom Carpet

http://greenvilleonline.secondstreetapp.com/l/The-Best-of-the-Upstate-2018/Ballot/CultureArtsampEntertainment

Like last year, you can only vote ONCE per email address….

This is what we are after:
Best Computer Services - Best of the Upstate 2015

You can bet I am voting for our clients and friends too!   If you have been nominated and want my vote, email me… Chances are good I have already voted for you, but I don’t want to miss anyone!

 

Thanks so much for everything!!!!!

 

— John & Pamela Hoyt

 

 

 

 

 

We’re about to celebrate our NINTH YEAR!

JohnMHoyt Business, Computer Service, Homeland Secure IT Leave a Comment

Public Service AnnouncementCan you believe it? Homeland Secure IT opened our doors in 2009 and here it is 2018.

When we took our first call it was during one of the worst economic times Pamela and I had seen. Businesses were closing, the market was flooded with IT professionals looking for work.

But we didn’t let that deter us from taking the bull by the horns and trudging forward because we knew we had a good service plan, and wanted to form long-term relationships with businesses and individuals that would survive the worst of times.

Now as we look back, we can see the things we did right, and what we can improve upon.

One area that has not served our clients well is residential service. So starting June 1st 2018, we will be dropping residential services with a few exceptions:

  • We will offer managed services – remote maintenance and monitoring, backup and more to home users.
  • We will offer on-site premium services to current clients who have a business account with us.
  • We will work with new on-site premium clients who have a home based business.

Another area that has been lackluster has been repairs at our office. Due to being in the field quite frequently, and not wanting to hire a receptionist that we would have to pay to be here (and in-turn pass that cost on to our customers), there have been far too many times when a client has come to our office to drop off a computer only to find the door locked. This is both inconvenient to them as well as frustrating!

With that in mind, we also decided that beginning June 1st, we only accept walk-in clients with an appointment.

These changes should help us to focus on the services that we excel at, and most importantly, keep our clients smiling!!!!

We look forward to more years serving you and want to hear from you if you have suggestions and recommendations on how to do that better.

If you are not a Homeland Secure IT client currently and need BUSINESS IT services, consultation or sales in the Upstate of SC, give us a call at 864-990-4748 or use our CONTACT FORM.

THANK YOU FOR YOUR SUPPORT!

– John, Pamela & Wes

 

Stop using Microsoft IE right this minute – Exploit Warning

JohnMHoyt Business, Computer Security, Computer Support, Microsoft, Secure IT Alert, security, Windows Leave a Comment

Public Service AnnouncementA few days back, security experts started reporting that an existing vulnerability in Microsoft Internet Explorer had been leveraged in a “Zero Day Exploit”.

What does this mean for you? You could open a specially crafted document and become compromised.

Microsoft has not released a patch as of this moment so they are advising the use of Microsoft Edge for the time being. I personally prefer Google Chrome, however, that’s entirely up to you.

Bottom line – avoid IE, or if you MUST use it, as we do for banking – consider using it only for the site/s that force you to do so and set something else as your “default browser”.

Here’s some more details:

https://www.zdnet.com/article/internet-explorer-zero-day-alert-attackers-hitting-unpatched-bug-in-microsoft-browser/

https://www.bleepingcomputer.com/news/security/internet-explorer-zero-day-exploited-in-the-wild-by-apt-group/

 

As always, if you require assistance with this or any other computer support issue for your business computer or network in the Greenville, Spartanburg, Anderson, Pickens, Oconee County South Carolina area, just give us a call at 864-990-4748 or use our CONTACT FORM.

 

Windows 10 mouse and / or keyboard stops working after reboot

JohnMHoyt Business, Computer Repair, Computer Security, Computer Service, Computer Support, Microsoft, Windows, Windows Server Leave a Comment

Public Service AnnouncementWe encountered a couple of clients who had something similar in common yesterday. They came into work and found that their mouse and/or keyboard was not functioning though they had not done anything different or applied updates.

The culprit was an update from Feb 16 that simply had not applied until after the machine had rebooted.

This was very frustrating for them as you can imagine, but honestly, it was just as frustrating for us. If you don’t have a keyboard and mouse you can use to manipulate the system, you cannot very well repair it.

If this happens to you, what can you do?

One solution is to plug in a device that has a different driver. Most standard keyboards & mice use the same drivers, so just swapping them around didn’t work for us, but a Microsoft wireless mouse with it’s own USB transceiver did the trick, giving us control of the machine.

Once you do have control, you can use appwiz.cpl to remove the KB4074588 and then disable Microsoft Updates before rebooting (it will reinstall itself if you don’t).

Disabling updates is a bad idea, but until this patch is fixed, to have a usable machine, it may be the easy way out.

Microsoft used to allow you to hide updates, but they removed that feature in Windows 10, then turned around and offered a tool that allows you to do the same thing – if you are technically inclined, you may want to try the troubleshooter package known as KB3073930 which gives you the ability to block or hide Windows Updates. You can find that tool here:

https://support.microsoft.com/en-us/kb/3073930

 

Fortunately for clients who use our managed services, their machines did not receive this update, saving hundreds of people from potential headaches.

If you need assistance with this problem, or you are interested in a patch management system for your business that can help keep your machines current with security patches and updates, please give us a call at 864-990-4748 extension 0, or use our CONTACT FORM.

Digium adds new product line of budget-friendly IP phones for Asterisk

JohnMHoyt Business, Sales, Technology, VoIP (Voice over IP) Leave a Comment

Digium A30

On February 14th, 2018, Digium announced their latest product, the A-Series IP phone, aimed at the budget-conscious business.

These phones were designed to work with your Asterisk IP PBX, including our personal favorite flavor, FreePBX. The line includes 4 models ranging from an entry level to an executive phone.

The combination of open source Asterisk and the Digium A-Series IP phones enables you to create a customized communications solution on a budget. Standard features, such as call waiting, call transfer, and auto-answer, make them an affordable option to complete to your Asterisk-based phone system. With four models to choose from, you can find the handset that is right for each of your users – from the receptionist to the CEO. Everyone in your organization will enjoy the simplicity of the A-Series IP phones for Asterisk.

Keep your project costs to a minimum without sacrificing quality. The A-Series IP phones are equipped with full-color LCD screens, HD Voice and multi-line functionality, giving you the most value for your budget. Each model supports Power over Ethernet (PoE) and features electronic hook switch (EHS) capabilities, and most models offer gigabit passthrough ports to support advanced network needs.

The D-Series will continue to fill out the Digium offerings and are supported with Switchvox.

Model features at a glance:

The Digium A-Series IP Phones for Asterisk include the following models:

  • A30 – An executive-level gigabit phone with 6 line registrations, full-color LCD display, a scroll key for accessing up to 45 contacts, and 2 switched 10/100/1000 Mbps Ethernet ports.
  • A25 – A mid-level gigabit phone with 4 line registrations, two full-color LCD displays, a scroll key for accessing up to 30 contacts, and 2 switched 10/100/1000 Mbps Ethernet ports.
  • A22 – An entry-level gigabit phone with 2 line registrations, a full-color LCD display, and 2 switched 10/100/1000 Mbps Ethernet ports.
  • A20 – An entry-level value phone with 2 line registrations, a full-color LCD display, and 2 switched 10/100 Mbps Ethernet ports.

Homeland Secure IT is a Digium and Switchvox partner. If your Upstate / Greenville South Carolina based business is considering a new IP based phone system, please reach out to us by calling 864-979-1224 or use our CONTACT FORM for more information.

 

Meltdown and Spectre CPU design flaws – massive security vulnerabilities for your business

JohnMHoyt Apple, Computer Security, Computer Service, Computer Support, Microsoft, Secure IT Alert, security, Windows, Windows Server Leave a Comment

What ever you do - don't panic!

Whatever you do – Don’t panic…

The IT big news in 2018 has been about Meltdown and Spectre, two CPU design flaws that affect virtually every modern Intel processor with the exception of the Intel Itanium and Intel Atom prior to 2013.

These flaws affect desktop computers, notebook & laptops, tablets, mobile phones, servers and even hosted servers “in the cloud”.

What do you have to lose if you have an unpatched OS and a vulnerable processor? Literally, everything.  Between the two, data can be leaked through various means.

So what do we do?

Right now, we are told it is NOT being exploited in the wild. But there’s no guarantee that it is not happening, or will not begin to be in the very near future by opportunistic hackers ready to make a dollar or two and create havoc. So, we must do everything we can to help protect ourselves.

As soon as patches are available from your OS provider, they must be installed.  And BIOS patches from your system manufacturer must be installed if required. Unfortunately, these patches are not available for the majority of users, though they are in rapid development by manufacturers. Continuing to check may be your best bet.
If you use a patch management system like AutoTask Endpoint Manager (AEM), this may be leveraged by your IT provider to expedite the updates.

The bad news (there’s worse news?) – There may be a downside to the patches – there is a good chance that the security enhancements will cause systems to slow. Probably not enough for higher end systems users to notice, but those using the older machines or who opted to employ under-powered or budget processors may see significant changes.

In the mean-time, keeping all updates on your firewalls, workstations, servers, and using trusted software with main-stream anti-virus is wise, as well as using caution with attachments.

In reality, this is business as usual, you should always be on guard.

If you would like to know more, visit https://meltdownattack.com/ or CONTACT US if you would prefer to talk with someone in person, on the phone or in email who cares about your small and medium business security here in the Upstate of South Carolina. We can provide you with a managed services solution that will keep your computers up to date and monitored 24/7.

Avast’s CCleaner distributing malware

JohnMHoyt Computer Security, Managed Services, Microsoft, Secure IT Alert, security, Windows, Windows Server Leave a Comment

What ever you do - don't panic!

Whatever you do – Don’t panic…

This is a shocking bit of news. The popular “CCleaner” application from Avast which is used by millions of people, may have been distributing malware via a backdoor.

Just as shocking is the fact that Avast didn’t notify users. (Avast is security software company and provider of anti-virus/anti-malware products).

An update has been released, however. You should install if it you have not.

Here’s information from another article on the subject:

Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast’s own figures, 2.27 million ran the affected software, though the company said users should not panic.Forbes Article

Many of Homeland Secure IT’s clients have used CCLeaner, and we have used it ourselves. Our customers who use our Managed Services platform should receive an automatic update and a notification that it was updated.

Should you have any questions or concerns about this, please call us at 864-990-4748 or use our CONTACT FORM.

Ask about AutoTask Endpoint Management / CentraStage – it can help us keep your computers and servers up to date – and Trend Micro’s Worry-Free Business Security products can keep your network safe from malware!

Trend Micro Worry Free Business Security 9.5 Released

JohnMHoyt Apple, Computer Security, Computer Support, Mac, Microsoft, Microsoft Exchange, OS X, Windows, Windows Server Leave a Comment

Trend Micro Partner LogoWe are excited to announce the release of Worry-Free Business Security version 9.5.

Worry-Free Business Security now includes:

  • User notification for when new versions, service packs, and patches are available
  • Enhancements to the ransomware protection features
  • Support for Microsoft Exchange Server 2016 (WFBS Advanced)
  • Windows 10 Pro and Windows 10 Creators support

We have updated most of the customers we maintain already, and will get the rest up to date as soon as possible.

If you are not using Trend Micro Worry Free Business Security for your business network and would like to hear more about how it can help protect your servers and computers from viruses, trojans, worms, malware, data loss and more, just use our CONTACT FORM or call us at 864.990.4748

 

Thank you for the nomination for Best of the Upstate!

JohnMHoyt Business, Computer Service, Computer Support, Fun Stuff, Homeland Secure IT, Social Media, Technology Leave a Comment

Best of the Upstate - Best Computer Services

Best of the Upstate – Best Computer Services from Grenville News

Back a couple years ago, we were nominated for, and won “Best of the Upstate” for Best Computer Services. This was almost unbelievable because we are a smaller company, in a sea of larger and more established business computer support providers.

Just goes to show, every vote does count!

Last year, 2016, we were nominated, again, no small feat, but again, up against some stiff competition, so unfortunately we didn’t make it.

Now, here we are in 2017 and you guys did it again this year, you got us the nomination!  Thank you for your love and support! We appreciate you!

Winning the Best of the Upstate will not be possible without every single vote we can get. You can vote only once this time, per valid email address. A huge improvement over the daily voting!

Here’s the link to us if you would be so kind as to cast a vote our way:

Best of the Upstate 2017 Voting – Services

We are listed under “Best Computer Services”.

While you are there, you could vote for a couple other things which are near and dear to us – our band, Hot As A Pepper and Pamela’s business, McAbee’s Custom Carpets!

Shops and Wares:
Best Carpet Store – McAbee’s Custom Carpet

Culture Arts and Entertainment:
Best Local Band – Hot As A Pepper
Best Male Vocalist – Chip McDonald – Hot As A Pepper

Services:
Best Computer Services – Homeland Secure IT, LLC
Best Musical Entertainment – Hot As A Pepper

We’re also supporting our clients and friends, so please, let us know who we can vote for!

Thank you so much from all of us at Homeland Secure IT, we appreciate you!