It has recently been discovered that there is a severe vulnerability in the way sensitive data is handled and transmitted on some web servers using an encryption method known as OpenSSL.
OpenSSL stands for Open-source Secure Sockets Layer, and is used to encrypt sensitive data going between a users computer and a web server/website. OpenSSL has a function built in to it that periodically checks that a users computer is still connected to the server and the connection is alive. This function is known as the heartbeat (just like checking a persons pulse to see if they are alive). It is by exploiting this heartbeat function that fraudsters and cyber criminals could emulate these heartbeat checks and spoof the server into sending back sensitive information kept in its temporary memory or RAM. Such information could include users passwords, name, address, email address, and credit/debit card numbers.
What can you do to protect yourself?
I have seen several newspaper articles and supposed advice columns suggesting that everyone should immediately change all their on-line passwords for all the websites they use. This could potentially be the worst thing you could possibly do!. If the server has not been patched with an updated “FixedSSL” version of OpenSSL then potentially you could be logging into websites that are still compromised, updating you passwords and effectively sending them to the cyber criminals.
If you are concerned about any of the websites that you use, under no circumstances try to log into them. The first thing to do is to use an online checker (details of some good checkers are at the end of this post) They will validate that a server has been updated to patch the heartbleed bug. Only if the checking service reports that the website has been updated with the FixedSSL patch and is safe should you attempt to log in. Once logged in you can then update or change you passwords and security information. Most commonly used website are taking steps or already have fix this bug.
The top websites that were once vulnerable but have subsequently been patched and reported to be safe to use again are:
5. Yahoo Mail
There are potentially 100’s of thousands of other websites that either once were vulnerable, or still are. Just because a website no shows as being safe, does not necessarily mean that it has always been safe so it would still be wise to exercise caution and keep a close eye on any social media accounts, bank accounts, web mail accounts and on-line retail accounts for any suspicious activity/purchases/messages.
Good online checkers include:
https://lastpass.com/heartbleed/ – This site will validate if a site is currently safe to use, for how long it has been safe to use, as well as advice if it was once vulnerable. It will the offer recommendations on how you should proceed.
https://filippo.io/Heartbleed/ – This website will check and report if a website should be safe to use. Not as informative as the first but still helpful.
Finally for Google Chrome browser users there is a plugin called Stopbleed which will inform you if a website you are visiting is vulnerable to the Heartbleed bug or not. Remember if a site reports it is vulnerable, it does not mean the site is not safe to visit, just not safe to enter an personal or sensitive information in to it.
Stopbleed can be downloaded and installed into Chrome from here: Download Stopbleed for Chrome.
As of today 8th April 2014 Microsoft have deemed Windows XP as end of life so will no longer be releasing updates to the program or supporting it. XP has been around since 2002 so has had a 12 year lifespan which is pretty good going in technology terms. Although being probably one of the best, most reliable operating systems we have seen, it is simply a little bit too long in the tooth and no longer capable of keeping up with the modern developments in both Hardware and Software.
What does XP going end of life mean in real terms? For the immediate future there is little to worry about. Providing you have a good security system on your XP system it should keep you protected from any major threats from viruses, hackers and malware. Further down the line anyone still using a XP based system will start to find other third party hardware/software that will work with windows XP will become more and more scarce. Updates for programs you have on your system will eventually stop being released and your XP system will simply not work with the latest technologies, conventions and standards for such things as web browsers to view the internet or security programs to keep you safe whilst online. Eventually you will need to either upgrade your system or replace it all together with a currently supported operating system such as Windows 7 or Windows 8/8.1.
If you require any further advice and need help on deciding what to do about your Windows XP system the please feel free to contact PC Care.
An old scam is currently doing the rounds again specifically targeting the Sheffield and Dronfield Postcodes.
The scam consists of someone calling you at home and stating that they are from Microsoft or an Authorised Representative of Microsoft. They continue by saying that they are aware that you have been experiencing problems with your computer and they want to help you fix them. They will then persuade you to go to your computer, log onto the Internet and allow them to remotely access your system. After showing you several screens listing numerous problems, faults, errors or bugs, (all of which are false/non existent on your computer) and having judged that they have won over your confidence, they will then continue with either a hard sell of support or repair services, or even worse, slip on a real virus/keylogger on your system to try and steal identity details, usernames/passwords, or bank/credit card details.
If you receive such a call, clearly state to the caller that you are aware that they are a scam and hang up. Hopefully indicating that you are aware of their scam will deter them from attempting to ring in the future.
If you believe you may have fallen victim to this particular scam, refrain from conducting any secure or financial transactions using your computer, such as online banking or shopping and call your bank/building society immediately and then give PC Care a call and let us check over your system to make sure it is safe to use online and that they have not been able slip on any unwanted malware. We can remove any malware/keyloggers that may be present and make sure your system is safe and secure, giving you back peace of mind. Even if you have a good Internet Security system, it may not pick up on the malware they have placed on your system as they have had direct access to your computer and could have disabled your security software or created an exception to prevent it seeing their bug as a threat.
Over the last few weeks PC Care has seen a sharp increase in the number of clients contacting us regarding infections on their computers. Most of these viruses appear to be fake security or system optimisation programs that are either trying to get the user to download infected programs/files or obtain money or credit/debit card information.
These attacks try to panic the user into believing there is a problem with their system by displaying pop up messages, changing their desktop wallpaper, blocking access to certain features or functions of their system or displaying some form of animation pretending to scan their system.
If you suspect one of these fake programs has got into your system do not click on any of its buttons or links, not even the close or red X at the top right of its window as this can trigger the downloading of further malicious code. If you have a reputable anti virus program try running a full computer scan to see if it will detect and remove the threat. If you are unsure about the security of your computer or how to scan for viruses then give PC Care a call and we will happily offer any advice we can and safely remove any malware from your PC.