Monthly Main Meeting Highlights
Welcome to our November Main Meeting, the last for 2014.
Tonight Alex opened the proceedings by outlining the talk he gave the ASCCA Annual Conference.
It was all about having fun with technology. In the forefront of which were two new smart watches, Samsung and an LG and some of the marvellous inventions that crowd funding is bringing to us.
Along with the Samsung and LG we had a look at the new Apple Watch (http://www.apple.com/watch/) which left the other two in the shade. See the Apple Watch video Alex showed.
You can see a PDF of Alex’s presentation on the ASCCA Web site.
Then our final guest for 2014 was Michael McKinnon from AVG Technologies with a presentation on crypto-lockers, shopping scams and some of the great AVG Technology offerings to combat them, a good number of which are free.
Crypto-lockers
or Ransom ware are big earners for the cybercriminal and as Michael pointed out they are easy to produce. Ransom ware doesn’t need administration rights or access to passwords extra, it relies on the fact that you have access to your files. All the ransom ware needs to do is simply deny you access to those files by placing a password or encryption lock on them.
They then generously give you 72 hours to pay up. The ransom demand, in this case, was around $300 US and the payment method of choice appears to be bitcoin.
So how do you get Ransom-ware? You open an infected attachment in an e-mail.
These criminals usually target companies but they don’t mind the odd personal user. Favourite methods include complaint letters, fines, bills, or offers of payment from government bodies. Another favourite con is to make the e-mail appear as an internal memo thus conning employees into opening the attachment from the “boss”.
Michael noted the preferred form was to make the attachment appear as a PDF or ZIP file. Everyone used to assume that PDFs could not contain executable files. In the example he showed the fake letter spoke about a customer complaint the details of which were contained in the attached pdf or Zip file. If you are on the ball you may notice that while the pdf extension is there they have added spaces so the ‘exe’ file extension is not so easy to see.
Replying to questions from the floor, Michael spoke about how it can be difficult to identify these attachments if, for example, Windows Explorer is not showing you the file extensions. In the end as Alex remarked. “You need an external backup not attached to your machine.”
Still using XP?
There were a few people and Michael’s main point was there is now no protection for any remaining vulnerabilities, or those found from now on. If your XP machine is not connected to the internet then the problems may be reduced slightly. The other major point is not just the operating system but all the add-ons such as Flash player, PDF readers, Java and your browsers.
AVG PrivacyFix
We then had a look at maintaining your privacy online with AVG PrivacyFix.
Michael asked, who of us was on Facebook, and how many of the audience had a Google or G-mail account or a business profile in Linkedin. He then went on to discuss how people can deal with their profiles on these social media’s. AVG has PrivacyFix allowing people to check all their privacy settings in one place.
This tool allows you to manage all your privacy settings on Facebook, Google, Twitter and Linkedin, in one place.
It installs in the browser, unless you use IE.
Or your browser is too old.
Once you are in, AVG PrivacyFix starts with a look at who is tracking you and gives you some options to deal with them.
Apparently I had 55 tracking cookies, I didn’t know any of them, “who is Acuity Ads”?
As you scroll down the site it tells you your worth in advertising revenue to each of the social media companies you have signed up for.
Google got nothing but I am worth $29.14 to Twitter.
Michael then spoke about the tracking tactics of Facebook.
You probably recognise the Facebook f widget
It allows you to “be-friend” or “like” a site on Facebook, but Michael pointed out that; if you are logged in to Facebook the widget allows Facebook to track your visits to any site that has installed this widget, so they know where to direct their advertising.
We then went on to have a look at using AVG PrivacyFix to keep track of cookies. As an example he used a newspaper site.
Once you have installed AVG PrivacyFix on your browser a little head appears on the address bar and if any cookies are present the colour changes from grey to green, yellow or red dependant on the threat level it finds on the site.
Right click and the dashboard appears to help you manage the cookies. As was pointed out from the floor, not all cookies are bad. If you use a shopping cart for example, it needs to use cookies to keep track of the goods in your cart.
What the programme does is to find the opt-out clauses which are usually hidden, and if you wish these will allow you to opt out of the tracking.
Detailed look at a Scam
Michael then had an in-depth look at a gift voucher scam. A $1000 grocery shopping voucher.
Looks like a simple quiz? But the buttons aren’t real! It’s just a graphic image so you could click anywhere on the image.
Wow, you have been selected! Which voucher do you want? By the way that’s not the correct logos. They have no affiliation with the big three super markets.
Enter your postcode to find your nearest shop! This of course allows the scammer’s to find out where you are.
Naturally they need your address to send you the prize.
As Michael filled in the form we suddenly find a new offer of a $4000 energy package and a request to help a charity.
Now we are getting to the real point of the scam, the survey, “Your Option counts” so they need to find out what you think about a few companies and charities.
This questionnaire is in fact a massive opt-in form.
“Would you like find out how you can support?”
Every time you say “Yes” you accept being contacted by that charity or company and the people running the “survey” get a payment for your details.
Now the prize.
It’s one prize of $1000, it is in cash not a voucher but it could be sent as a gift voucher. You go into a draw with all the other participants who stuck it out to the end, but if you change any of your details you have got to notify them or lose any prize you might win. Of course the real winner is the survey company who just got all that information free and was paid to “recruit you”.
Learning more about security.
AVG has an Academy on YouTube
with loads of video tutorials on all things involving Internet security.
Here is a link to Michael’s video on cookies,
AVG have both a free and paid security software with the paid version having a lot more features.
AVG has a great range of protection software available for PC, Mac and Android. Here are details on all the Products.
AVG have fully functional paid versions of anti-virus, Internet Security and Computer tune-up software. Their signature anti-virus still comes in a free version and their PrivacyFix is also free for PC, Mac or Android
See all the AVG products here.
The Raffle
AVG generously donated two downloadable copies of their Internet Security 2015 and three AVG USB Christmas Trees.
The two copies of AVG Internet Security 2015 went to Dennis and Steve while John, Michael and John took home the Christmas Trees.
Our door prize when to
Reg
Hope you all have a pleasant break and we will see you all on the 27th January 2015.
