• Categories

  • Pages

  • Archives

Memorial Day 2015

memorial day

 

Thank you to the men and women who served to protect our freedom.

 

8 Sure Signs That Your Computer Has Been Hacked (Owned) & A Free Email Tester

hacked

I’m not going to go into a long-winded definition of hacking.  We all know what it is and have all experienced malware in some form or to some degree with our computing experiences.

Cutting to the chase then,  below are eight clear signs that your system is compromised, followed by a free online tool that tells you immediately if your email has been compromised.

No. 1: Fake antivirus messages

Fake antivirus warning messages are among the surest signs that your system has been compromised.  (By the time you see this warning, the damage has been done.  Clicking No or Cancel will do nothing to stop the virus.  The malicious software has already corrupted your PC – often through the Java Runtime Environment or an Adobe product,)

What to do: As soon as you notice the fake antivirus warning message, power down your computer. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed malware (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other malware remnants left behind.

No. 2: Unwanted browser toolbars

This is probably the second most common sign of system corruption: Your browser has multiple new toolbars.

What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages.

No. 3: Redirected Internet searches

You can often spot this type of malware by typing a few related, very common words (for example, “puppy” or “goldfish”) into Internet search engines and checking to see whether the same websites appear in the results — almost always with no actual relevance to your terms.
What to do: Follow the same instructions as above. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.

No. 4: Frequent random popups

This popular sign that you’ve been hacked is also one of the more annoying ones. When you’re getting random browser pop-ups from websites that don’t normally generate them, your system has been compromised.  Even legitimate websites, can bypass your browser’s anti-pop-up mechanisms.

What to do: Once again, typically, random pop-ups are generated by one of the three previous malicious mechanisms noted above. You’ll need to get rid of bogus toolbars and other programs if you even hope to get rid of the pop-ups.

No. 5: Your contacts receive fake emails from your email account

This is the one scenario where you might be OK. It’s fairly common for our email contacts to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

These days it’s more common for malicious emails to be sent to some of your contacts, but not everyone in your email address book. If it’s just a few contacts and not everyone in your email list, then more than likely your computer hasn’t been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts’ email addresses. Although not always the case, the bogus emails they send to your contacts often don’t have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.

What to do: If one or more contacts reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it’s nothing to worry about, but a check-up can’t hurt.

No. 6: Unexpected software installs

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked.

In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, “But we are a legitimate software company.” Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I’ll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can’t.

What to do: There are many free programs that show you all your installed programs and let you selectively disable them. One favorite is Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn’t legitimate. When in doubt, disable the unrecognized program, reboot the PC, and re-enable the program only if some needed functionality is no longer working.

No. 7: Your mouse moves between programs and makes correct selections

If your mouse pointer moves itself while making selections that work, you’ve definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved.

Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load.

What to do: If your computer “comes alive” one night, take a minute before turning it off to determine what the intruders are interested in. Don’t let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you’re going to need expert help.

Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you’ve been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you’ve lost any money, make sure to let the forensics team make a copy first. If you’ve suffered a loss, call law enforcement and file a case. You’ll need this information to best recover your real money losses, if any.

No. 8: Your antimalware software, Task Manager, or Registry Editor is disabled and can’t be restarted

This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn’t do it, you’re probably exploited — especially if you try to start Task Manager or Registry Editor and they won’t start, start and disappear, or start in a reduced state. This is very common for malware to do.

What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say “hard work” because usually it isn’t easy or quick.

HAS YOUR EMAIL BEEN HACKED?

A major concern we all have is whether our email accounts have been hacked/owned and that we might experience data leaks if that is the case.  I use this one very reliable digital tool to test for any emails breaches:

PWNEDLIST.COM

(Most legit email testers or anti-hacking sites substitute the “O” in “owned” with a “p” to lessen the confusion between the letter and the numeral zero.)

General rule of thumb regarding online security: If it feels weird, it is.

BNI Operatives: Situationally aware.

As always, stay safe.

Can A Burglar Access Your Home Via Key Entry? He Can in 90% of U.S. Homes.

lock-bumping

 

Summer vacation time is upon us and so therefore are home burglaries.    And let’s face it – with a sluggish economy, disenfranchised law enforcement and the uptick in family travel and vacation during the summer months, one can reasonably presume that the number of home break-ins will increase dramatically during the next several months. From time to time in the upcoming weeks, we will post security tips that we hope will increase your personal security risks and management.

This week we will concentrate on the first usual point of entry – the family home door.  Whether it is the front, side or basement door, burglars know how to get inside and to your property.

As if evilly purposed technology isn’t bad enough, the old-fashioned methods of breaking and entry are still widely used by burglars.

A phenomenon known as ‘lock bumping’ is on the rise. It’s a little-known technique that’s fast, simple, and very discreet.  It draws far less attention than breaking in a window or tearing down a door.  If your cylindrical door lock is one of the more popular brands or models on the market – and 90% of home door locks are cylinder-models and ACME types – you’re vulnerable to this particular type of illegal home entry. Lock-bumping requires a bump key.

What is a Bump Key?

A bump key is a key in which all the cuts are at the maximum depth (999). Bump keys can be cut for standard pin tumbler type locks as well as “dimple” locks.   (From lockwiki: A dimple lock is a pin-tumbler-based lock design that uses flat side of the key blade as a bitting area. Cuts on the bitting area resemble dimples, hence the name. This contrasts traditional pin-tumblers that use the edge of the blade as the primary bitting area.)

 

How is lock bumped?

Steps

  1. Bump a Lock Step 1.jpg
    A key type is determined that fits inside the target lock. In most cases, a particular model of lock will accept all keys from that model because only the teeth of the keys are different. In other words (and as mentioned above), once a burglar has an Acme-model bump key, it could open all other Acme-model locks.
  2. Bump a Lock Step 2.jpg
    Obtain a bump key. There are two ways to obtain a bump key: one way is buy the type of key for the model lock in question and ask the locksmith to lathe a “999” key, a kind of key where all the valleys are at the deepest possible setting.   OR
  3. Bump a Lock Step 3.jpg
    Cut one’s own bump key. With a copy of the key in question made, a burglar will then use a metal file to create his own bump key.  All of the valleys are filed down so that they are even with the lowest point in the teeth.
  1. Bump a Lock Step 4.jpg
    4
    Insert the key into the lock, then pull it out one “click,” so it is almost in all the way, but not quite. While pushing or pulling on the edge of the key in the desired turning direction, sharply strike the back end of the key with a solid object such as the back of a screwdriver. If done correctly, the key will turn in the direction it is being pushed or pulled in, and the door can then be unlocked. If not, simply repeat this step until it works or you decide to stop.
Of course, then there is this simple bump method:
A special “bump” key is inserted into the target lock and then struck with a tool made of rubber or plastic, such as this blue tool on the bottom of the image. The impact of the bump key on the tumblers inside the lock temporarily pushes them up, allowing the lock’s cylinder to turn. When done right — and it’s not hard to learn — this method can quickly and quietly open a lock.

In our next mid-week Beacon Bulletin, we will bring you information and videos on how to bump lock-proof your home.Just remember that your personal safety and that of your family is paramount.  Whatever knowledge in this area that we may impart, do not back up it with a plan to confront a burglar unless it is absolutely necessary. If a successful entry does occur, hopefully, no one will be home and material possessions are not worth a life.

BNI Operatives; Situationally aware.

 

As always, stay safe.

Happy Mother’s Day

HMD

New Business Personality Profiling APP. I Let Crystal Profile Me & My Clients.

drew dagostino

Find out what the internet knows about you and your friends with this creepily accurate website, blared the headline from Business Insider’s column, The Daily Dot on April 15, 2015.

Well, a headline like than is going to arouse my interest.  Reading through the article, I realized that this app – Crystal – actually focuses on evaluating the personality of business associates (co-workers and clients) and is driven through LinkedIn rather than a rate-your-pals type communication technology.  It’s ultimate use is to write your business emails. Now I am definitely curious.

What if you could get a psychic reading about everyone you work with? It could tell you how to talk to them, words to avoid, how short or long your emails should be. What they are good at, and what they aren’t. 

And what if they could see all of that information about you?

Crystal wants to change the frustrations and mysteries of work communications by giving you all the data you need to successfully correspond with friends and colleagues. In fact, your emails will be so good people will wonder if you can read their mind.

The software is like a psychic for online communication. It walks the line between innovative and super creepy, but it’s hard to deny it actually works.

Crystal gives you personality profiles on anyone you might be connected with online, including the best ways email them, how to approach conversations, and how you would work together in a professional setting. You can even get a Gmail extension to let Crystal analyze your emails and give you tips on what you’re doing wrong—it’s like spell check, but for the content of your email.

Now I’m hooked.  I ran myself (results below).

LieSpotting, Part II/II. Phraseology of a Lie.

swearing bible

Why did Bill Clinton say, “I did not have sex with that woman.” rather than “I didn’t have sex with that woman.”?  (See Number 3 below for the specific answer.)

Because lying is hard work.  It requires activating different areas of the brain not normally in play during truthful storytelling, controlling one’s physical responses that lying normally elicits and being particularly attentive to the questions being asked.  Fortunately, one of the most reliable methods of lie detection comes from the liar herself. Her words.  Unless you are dealing with an out-and-out clinically pathological liar (and even they will trip up from time to time), it’s fairly simple to hang a liar by her own verbal statements.

We work with various law enforcement agencies that ask us to analyze suspects’ verbal interviews, and over considerable time, have developed a checklist on LieSpotting – the art science of taking apart a lair’s verbal response through verbiage analysis.

Below are 10 common ways that liars use words to obscure the truth:

    1. Liars will repeat a question verbatim. Hey Mike, did you send the email to Karen? Did I send the email to Karen? If this is Mike’s response, you have your answer—he didn’t send it yet. Repeating a question in full is a common stalling tactic used by people looking for an extra moment to prepare their lie. In natural conversation, people will sometimes repeat part of a question, but restating the entire question is highly awkward and unnecessary—they clearly heard you the first time.
    2. Liars will take a guarded tone. If Mike had replied to the question by lowering his voice and asking,  What do you mean?, a lie may well be in the processing of formation. A suspicious or guarded approach isn’t generally called for with a basic question, and the guarded tone taken may indicate that he’s concealing something—usually the truthful answer to your question.
    3. Liars won’t use contractions in their denials.  Providing the classic example of what interrogators call “non-contracted denial” is Bill Clinton when he said “I did not have sexual relations with that woman.” The extra emphasis in the denial is unnecessary if someone is telling the truth. I didn’t have sex with her is how the honest person is likely to phrase his claim of innocence. Clinton said a lot more than he realized with his words.
    4. Liars tell stories in strict chronology. To keep their stories straight, liars tend to stick to exact chronological accounts when relating an event. They have enough to think about in creating the lie.  But this isn’t how we ordinarily talk when being truthful. When recounting stories, honest people will tell them they way they remember the events – in emotional order rather than strict chronological order. Often we’ll start off with the most impactful emotional moment, and move around in time order to add details that are not in the primary recall.
    5. Liars love euphemisms. It’s human nature not to implicate ourselves in wrongdoing. This holds especially true for liars, who will shy away from strict definitions of their actions, often opting for less harsh language, for example; instead of saying “I didn’t steal the purse” they may say “I didn’t take the purse.” If asked a direct question and your wording is modified/softened in the response, you are being lied to.
    6. Liars overemphasize their truthfulness.  There’s no need to add modifiers such as  “To tell you the truth…” “Honestly…” “I swear to you…” if you really are telling the truth.  When people bolster their response with these type phrases, there’s a strong chance that they are hiding something or not telling the full truth.  There’s no reason for the extraneous words.
    7. Liars avoid or confuse pronouns. We use a good amount of pronouns in normal conversation. They are a sign of comfortable speech, and they may disappear when one is lying. A liar may say “You don’t bill hours that you didn’t work” instead of making the clear first- person statement: “I don’t bill hours I didn’t work.”
    8. Liars use long introductions but skip over main events.  Deceptive individuals will add more detail – particularly around the prologue of a story – but glide over the main event when lying. This lopsided storytelling style is specific to those intent on deception.
    9. Liars give very specific denials. Liars tend to be very particular in what they say and don’t say. Truth-tellers have no problem issuing categorical denials—I never cheated anyone in my whole life—whereas the liar will choose his words ever so carefully – I never cheated on my husband  during the period of our marriage. (Well, there’s the period of dating, engagement and separation and previous relationships that is not covered by that denial.)
    10. Liars hedge their statements. We hear them in court testimony, political speeches and interviews all the time: qualifying statements that give the person on the hot seat an “out” if their lie is uncovered.  “As far as I know…” “If you really think about it…” “What I recall is…” Hedged statements should make the interviewer wonder when the other shoe will drop.

The best liespotting detector is, of course, yourself – the experienced interviewer.  Very few people – statistically insignificant – can lie perfectly; giving a recall of the events in emotional (v. chronological) order, interjecting themselves directly into the lie and remember the non-existent details over an extended period of time.  If they could, they’d be professional spies.   Trust your instincts and listen very carefully to what is being said.

BNI Operatives: Situationally aware.

As always, stay safe.

 

Drawing Out A Liar; Techniques in Spotting Lies and Eliciting True Responses

liar

While the traditional courses of human lie detection (facial micro-expression changes, fidgeting, profuse sweating, etc.) are still valid methods of determining your subject’s truthfulness – to the degree that one is trained in, and astute to, human reactions during prevarication –  we can cut to the quick with these newer, tested and timely (upcoming 2016 election year, enough said) tips on real-time truth assessment and manipulation:

1. Response time.   Truthful recollection of an event or fact presents differently in the brain than does a lie. Although several brain areas appear to play a role in deception, the most consistent scientific finding  is that activity in the prefrontal cortex increases when people lie. The prefrontal cortex, situated just behind the forehead, is responsible for executive control (the ability to regulate thoughts or actions to achieve goals). Executive control includes cognitive processes such as planning, problem solving, and attention — all important components of deception — therefore it’s logical to conclude (and fMRI research supports) that the prefrontal cortex is active when we lie. Dishonesty requires the brain to work harder than honesty, and this effort is reflected by increased brain activity.  Simply stated: lies take longer to form so your subject will take longer to answer your question.

Solution: A.  Speed up your rate of questioning.  B. Circle back to questions already asked with an intentional “mis” take on the response. (E.g., misstate the time, date, clothing worn, persons with the interviewee, etc.)

Brain Parts Diagram

2. Eyes.  We’ve all heard the old advice that claims that liars look about furtively.  True for most but the really good ones stare at you for a longer-than-normal period of time.  Not only is that an attempt to appear sincere, it is a challenge to force the interviewer to back down first.

Solution: Counter-intuitively, move your eyes about.  Don’t get into a bug-eyed eye-rolling contest. Rather, as the subject answers, make eye contact and then look directly laterally to a spot above the person’s shoulder. (As if you are looking at something coming up behind them.) This maneuver instigates an innate response to perceived danger behind the subject and elicits a truer response as the lie is halted in its infancy as the responder involuntarily shifts away from the pre-frontal cortex to the amygdala, which is the fear center of the brain.

3.  Body Movements, Linguistics:  Liars tend to a) hide or clasp their hands in an attempt to literally “hold firm” to their lies and possibly to stop involuntary shaking of the hands, b) touch their faces or c) exaggerate a speech affect (accent, pronunciation, etc.) during the telling of a lie.

Solution: Subtly mimic the subject’s behavior.  Unintentional (as it were)  mirroring, generally applies to people who are getting along so well that they mimic each other’s body posture, hand gestures, speaking accents, among other actions.

(“Imitation is the best form of flattery.”)

Use this method to subconsciously disarm the subject.  As the chameleon behavior signals trust and admiration, the subject opens up more and incorporates more of the truth (especially if it is shocking, horrible or ethically/morally repellent) in their responses. The body is actually autonomously making the interaction smoother to increase the level of likeability when in rapport.

Use these techniques for good and, in general, trust and hone your own instincts.

BNI Operatives: Situationally aware.

As always, stay safe.

New Audio Technology Registers Gunshots – And Conversations.

shotspotterLast month, cops in New York City started testing a system that alerts them almost instantly to the location of where a gun was fired to within an accuracy of 25 meters (82 feet).   The ‘ShotSpotter’ technology utilizes strategically placed audio sensors that relay gunshot location information to nearby cops, enabling a rapid response.  ShotSpotter is used in major cities including Washington, Boston, Oakland, San Francisco and Minneapolis, as well as smaller cities like East Chicago, Ind.

The system is also smart enough to predict where subsequent shots may take place, providing officers with additional caution and backup to a “shots fired” situation.

The system was activated in the Bronx on March 18, 2015 and Shotspotter picked up gunshots in just an hour of going live.

Brooklyn Shotspotter went live several days after the Bronx, with the remaining boroughs following later if  the system proves effective.

The results thus far in these two NYC boroughs are disturbing; of the 55 gunshot incidents detected from March 16, 2015 – April 2, 2015, only 12 were called in to 911 – a poor 22% of the time someone called the emergency number to report the gunfire. Comments on the woeful reporting rate,  from the NY Daily News:

Police Commissioner Bill Bratton said he knew from other cities that up to 80% of all gunplay never gets reported, but he thought New York City’s density would mean more people would report gunshots.

“I’ll be quite frank — I’m surprised that we’ve had so few calls to 911 for those shots that have been identified,” Bratton said.

Going forward, cops will make more arrests based on evidence gathered through the technology, he predicted. Police expect to expand ShotSpotter citywide after it analyzes the results of its $1.5 million pilot program.

 

What the Shotspotter technology does (according to the eponymously named company’s website):

ShotSpotter (SST) instantly notifies officers of gunshot crimes in progress with real-time data delivered to dispatch centers, patrol cars and even smart phones. This affordable, subscription-based service enhances officer safety and effectiveness through:

  • Real-time access to maps of shooting locations and gunshot audio,
  • Actionable intelligence detailing the number of shooters and the number of shots fired,
  • Pinpointing precise locations for first responders aiding victims, searching for evidence and interviewing witnesses.

How the Shotspotter technology works: 

Best explained: Unlike counter-sniper sensors which can only measure a limited range of sounds—the supersonic signature of a sniper’s round with a known ballistic coefficient—SST’s wide area protection system measures the full range of impulsive sounds (sounds which are explosive in nature) found in urban weaponry, from sub and supersonic impulses to explosions.

So basically, the SST technology – given that it is subsonic – can admittedly (by the company) pick up on anything – including conversations – that it is calibrated to monitor.

I was good with the range of Shotspotter functions until the last item.  That of audio recording of the general public’s conversations.  How long before “exceptions” allowing speech monitoring are employed in sensitive places like surrounding courthouse areas, prison courtyards, college campuses??, etc.  The incident scenes themselves.  The argument that could be made in favor of open-air audio recordings would probably be along the lines of expectation of privacy – that presumably, there is none in public areas.

The application of technology and relevant law will be interesting to follow in the coming years.

Pass notes.

BNI Operatives: Situationally aware.

As always, stay safe.

(Afterthought: Why would PC Bratton refer to gun shots fired as “gunplay”???)

Stuck In A Florida Hurricane or Mexican Jail? Five Essential Nationwide and Global Emergency Apps

Emergency app

GLOBAL APPS:

1.  !Emergency!  (Featured above.)  Imagine yourself in a disaster situation – in a foreign country. You have no clue where the closest embassy is, or the 911 equivalent in Germany or Mexico or Japan.   The !Emergency! app automatically detects the country you’re in and then directs you to the proper authorities. (Given that you are allowed to make that one call if you’ve been arrested in a foreign country.)

 

germany

2. UbAlert:  a global social network where users share reports – and graphic accounts – of natural disasters (tsunami) and those man-made (Kenya terrorist attack).

 

UNITED STATES:

3. Re-Unite: the lost family finder from the U.S. National Library of Medicine, helps to update the NLM’s People Locator for natural disasters. Information about missing (and found) family members is posted immediately.

4. Official FEMA app: Can be used to set up a family meeting place and get the latest emergency updates.

5. Life360: Immediately locates a family member. (You can turn off the location feature at any time.)

 

In any emergency, I know it’s easy to stay calm but it really is important to do just that and trust that you are not alone and help is as close as a click away.

BNI Operatives: Situationally aware.

As always, be safe.

Happy Easter and Happy Passover, 2015

happy holidays

 

I take this opportunity to thank our readers and clients for their support and to wish all happiness, peace, prosperity and all of the joys of the holiday.

Throughout each year, there are wonderful days and challenging times.  May your strong and heartfelt advocacy efforts be greatly rewarded.

Happy Easter, Happy Passover,

 

Lina M. Maini

Follow

Get every new post delivered to your Inbox.

Join 217 other followers