Thank you to the men and women who served to protect our freedom.
I’m not going to go into a long-winded definition of hacking. We all know what it is and have all experienced malware in some form or to some degree with our computing experiences.
Cutting to the chase then, below are eight clear signs that your system is compromised, followed by a free online tool that tells you immediately if your email has been compromised.
No. 1: Fake antivirus messages
Fake antivirus warning messages are among the surest signs that your system has been compromised. (By the time you see this warning, the damage has been done. Clicking No or Cancel will do nothing to stop the virus. The malicious software has already corrupted your PC – often through the Java Runtime Environment or an Adobe product,)
What to do: As soon as you notice the fake antivirus warning message, power down your computer. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed malware (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other malware remnants left behind.
No. 2: Unwanted browser toolbars
This is probably the second most common sign of system corruption: Your browser has multiple new toolbars.
What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages.
No. 3: Redirected Internet searches
No. 4: Frequent random popups
This popular sign that you’ve been hacked is also one of the more annoying ones. When you’re getting random browser pop-ups from websites that don’t normally generate them, your system has been compromised. Even legitimate websites, can bypass your browser’s anti-pop-up mechanisms.
What to do: Once again, typically, random pop-ups are generated by one of the three previous malicious mechanisms noted above. You’ll need to get rid of bogus toolbars and other programs if you even hope to get rid of the pop-ups.
No. 5: Your contacts receive fake emails from your email account
This is the one scenario where you might be OK. It’s fairly common for our email contacts to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.
These days it’s more common for malicious emails to be sent to some of your contacts, but not everyone in your email address book. If it’s just a few contacts and not everyone in your email list, then more than likely your computer hasn’t been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts’ email addresses. Although not always the case, the bogus emails they send to your contacts often don’t have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.
No. 6: Unexpected software installs
In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, “But we are a legitimate software company.” Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I’ll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can’t.
What to do: There are many free programs that show you all your installed programs and let you selectively disable them. One favorite is Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn’t legitimate. When in doubt, disable the unrecognized program, reboot the PC, and re-enable the program only if some needed functionality is no longer working.
No. 7: Your mouse moves between programs and makes correct selections
If your mouse pointer moves itself while making selections that work, you’ve definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved.
Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load.
What to do: If your computer “comes alive” one night, take a minute before turning it off to determine what the intruders are interested in. Don’t let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you’re going to need expert help.
Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you’ve been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you’ve lost any money, make sure to let the forensics team make a copy first. If you’ve suffered a loss, call law enforcement and file a case. You’ll need this information to best recover your real money losses, if any.
No. 8: Your antimalware software, Task Manager, or Registry Editor is disabled and can’t be restarted
This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn’t do it, you’re probably exploited — especially if you try to start Task Manager or Registry Editor and they won’t start, start and disappear, or start in a reduced state. This is very common for malware to do.
What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say “hard work” because usually it isn’t easy or quick.
HAS YOUR EMAIL BEEN HACKED?
A major concern we all have is whether our email accounts have been hacked/owned and that we might experience data leaks if that is the case. I use this one very reliable digital tool to test for any emails breaches:
(Most legit email testers or anti-hacking sites substitute the “O” in “owned” with a “p” to lessen the confusion between the letter and the numeral zero.)
General rule of thumb regarding online security: If it feels weird, it is.
BNI Operatives: Situationally aware.
As always, stay safe.
Summer vacation time is upon us and so therefore are home burglaries. And let’s face it – with a sluggish economy, disenfranchised law enforcement and the uptick in family travel and vacation during the summer months, one can reasonably presume that the number of home break-ins will increase dramatically during the next several months. From time to time in the upcoming weeks, we will post security tips that we hope will increase your personal security risks and management.
This week we will concentrate on the first usual point of entry – the family home door. Whether it is the front, side or basement door, burglars know how to get inside and to your property.
As if evilly purposed technology isn’t bad enough, the old-fashioned methods of breaking and entry are still widely used by burglars.
A phenomenon known as ‘lock bumping’ is on the rise. It’s a little-known technique that’s fast, simple, and very discreet. It draws far less attention than breaking in a window or tearing down a door. If your cylindrical door lock is one of the more popular brands or models on the market – and 90% of home door locks are cylinder-models and ACME types – you’re vulnerable to this particular type of illegal home entry. Lock-bumping requires a bump key.
What is a Bump Key?
A bump key is a key in which all the cuts are at the maximum depth (999). Bump keys can be cut for standard pin tumbler type locks as well as “dimple” locks. (From lockwiki: A dimple lock is a pin-tumbler-based lock design that uses flat side of the key blade as a bitting area. Cuts on the bitting area resemble dimples, hence the name. This contrasts traditional pin-tumblers that use the edge of the blade as the primary bitting area.)
How is lock bumped?
In our next mid-week Beacon Bulletin, we will bring you information and videos on how to bump lock-proof your home.Just remember that your personal safety and that of your family is paramount. Whatever knowledge in this area that we may impart, do not back up it with a plan to confront a burglar unless it is absolutely necessary. If a successful entry does occur, hopefully, no one will be home and material possessions are not worth a life.
BNI Operatives; Situationally aware.
Find out what the internet knows about you and your friends with this creepily accurate website, blared the headline from Business Insider’s column, The Daily Dot on April 15, 2015.
Well, a headline like than is going to arouse my interest. Reading through the article, I realized that this app – Crystal – actually focuses on evaluating the personality of business associates (co-workers and clients) and is driven through LinkedIn rather than a rate-your-pals type communication technology. It’s ultimate use is to write your business emails. Now I am definitely curious.
What if you could get a psychic reading about everyone you work with? It could tell you how to talk to them, words to avoid, how short or long your emails should be. What they are good at, and what they aren’t.
And what if they could see all of that information about you?
Crystal wants to change the frustrations and mysteries of work communications by giving you all the data you need to successfully correspond with friends and colleagues. In fact, your emails will be so good people will wonder if you can read their mind.
The software is like a psychic for online communication. It walks the line between innovative and super creepy, but it’s hard to deny it actually works.
Crystal gives you personality profiles on anyone you might be connected with online, including the best ways email them, how to approach conversations, and how you would work together in a professional setting. You can even get a Gmail extension to let Crystal analyze your emails and give you tips on what you’re doing wrong—it’s like spell check, but for the content of your email.
Now I’m hooked. I ran myself (results below).
While the traditional courses of human lie detection (facial micro-expression changes, fidgeting, profuse sweating, etc.) are still valid methods of determining your subject’s truthfulness – to the degree that one is trained in, and astute to, human reactions during prevarication – we can cut to the quick with these newer, tested and timely (upcoming 2016 election year, enough said) tips on real-time truth assessment and manipulation:
1. Response time. Truthful recollection of an event or fact presents differently in the brain than does a lie. Although several brain areas appear to play a role in deception, the most consistent scientific finding is that activity in the prefrontal cortex increases when people lie. The prefrontal cortex, situated just behind the forehead, is responsible for executive control (the ability to regulate thoughts or actions to achieve goals). Executive control includes cognitive processes such as planning, problem solving, and attention — all important components of deception — therefore it’s logical to conclude (and fMRI research supports) that the prefrontal cortex is active when we lie. Dishonesty requires the brain to work harder than honesty, and this effort is reflected by increased brain activity. Simply stated: lies take longer to form so your subject will take longer to answer your question.
Solution: A. Speed up your rate of questioning. B. Circle back to questions already asked with an intentional “mis” take on the response. (E.g., misstate the time, date, clothing worn, persons with the interviewee, etc.)
2. Eyes. We’ve all heard the old advice that claims that liars look about furtively. True for most but the really good ones stare at you for a longer-than-normal period of time. Not only is that an attempt to appear sincere, it is a challenge to force the interviewer to back down first.
Solution: Counter-intuitively, move your eyes about. Don’t get into a bug-eyed eye-rolling contest. Rather, as the subject answers, make eye contact and then look directly laterally to a spot above the person’s shoulder. (As if you are looking at something coming up behind them.) This maneuver instigates an innate response to perceived danger behind the subject and elicits a truer response as the lie is halted in its infancy as the responder involuntarily shifts away from the pre-frontal cortex to the amygdala, which is the fear center of the brain.
3. Body Movements, Linguistics: Liars tend to a) hide or clasp their hands in an attempt to literally “hold firm” to their lies and possibly to stop involuntary shaking of the hands, b) touch their faces or c) exaggerate a speech affect (accent, pronunciation, etc.) during the telling of a lie.
Solution: Subtly mimic the subject’s behavior. Unintentional (as it were) mirroring, generally applies to people who are getting along so well that they mimic each other’s body posture, hand gestures, speaking accents, among other actions.
(“Imitation is the best form of flattery.”)
Use this method to subconsciously disarm the subject. As the chameleon behavior signals trust and admiration, the subject opens up more and incorporates more of the truth (especially if it is shocking, horrible or ethically/morally repellent) in their responses. The body is actually autonomously making the interaction smoother to increase the level of likeability when in rapport.
Use these techniques for good and, in general, trust and hone your own instincts.
BNI Operatives: Situationally aware.
As always, stay safe.
Last month, cops in New York City started testing a system that alerts them almost instantly to the location of where a gun was fired to within an accuracy of 25 meters (82 feet). The ‘ShotSpotter’ technology utilizes strategically placed audio sensors that relay gunshot location information to nearby cops, enabling a rapid response. ShotSpotter is used in major cities including Washington, Boston, Oakland, San Francisco and Minneapolis, as well as smaller cities like East Chicago, Ind.
The system is also smart enough to predict where subsequent shots may take place, providing officers with additional caution and backup to a “shots fired” situation.
The system was activated in the Bronx on March 18, 2015 and Shotspotter picked up gunshots in just an hour of going live.
Brooklyn Shotspotter went live several days after the Bronx, with the remaining boroughs following later if the system proves effective.
The results thus far in these two NYC boroughs are disturbing; of the 55 gunshot incidents detected from March 16, 2015 – April 2, 2015, only 12 were called in to 911 – a poor 22% of the time someone called the emergency number to report the gunfire. Comments on the woeful reporting rate, from the NY Daily News:
Police Commissioner Bill Bratton said he knew from other cities that up to 80% of all gunplay never gets reported, but he thought New York City’s density would mean more people would report gunshots.
“I’ll be quite frank — I’m surprised that we’ve had so few calls to 911 for those shots that have been identified,” Bratton said.
Going forward, cops will make more arrests based on evidence gathered through the technology, he predicted. Police expect to expand ShotSpotter citywide after it analyzes the results of its $1.5 million pilot program.
What the Shotspotter technology does (according to the eponymously named company’s website):
ShotSpotter (SST) instantly notifies officers of gunshot crimes in progress with real-time data delivered to dispatch centers, patrol cars and even smart phones. This affordable, subscription-based service enhances officer safety and effectiveness through:
How the Shotspotter technology works:
Best explained: Unlike counter-sniper sensors which can only measure a limited range of sounds—the supersonic signature of a sniper’s round with a known ballistic coefficient—SST’s wide area protection system measures the full range of impulsive sounds (sounds which are explosive in nature) found in urban weaponry, from sub and supersonic impulses to explosions.
So basically, the SST technology – given that it is subsonic – can admittedly (by the company) pick up on anything – including conversations – that it is calibrated to monitor.
I was good with the range of Shotspotter functions until the last item. That of audio recording of the general public’s conversations. How long before “exceptions” allowing speech monitoring are employed in sensitive places like surrounding courthouse areas, prison courtyards, college campuses??, etc. The incident scenes themselves. The argument that could be made in favor of open-air audio recordings would probably be along the lines of expectation of privacy – that presumably, there is none in public areas.
The application of technology and relevant law will be interesting to follow in the coming years.
BNI Operatives: Situationally aware.
As always, stay safe.
(Afterthought: Why would PC Bratton refer to gun shots fired as “gunplay”???)
1. !Emergency! (Featured above.) Imagine yourself in a disaster situation – in a foreign country. You have no clue where the closest embassy is, or the 911 equivalent in Germany or Mexico or Japan. The !Emergency! app automatically detects the country you’re in and then directs you to the proper authorities. (Given that you are allowed to make that one call if you’ve been arrested in a foreign country.)
2. UbAlert: a global social network where users share reports – and graphic accounts – of natural disasters (tsunami) and those man-made (Kenya terrorist attack).
3. Re-Unite: the lost family finder from the U.S. National Library of Medicine, helps to update the NLM’s People Locator for natural disasters. Information about missing (and found) family members is posted immediately.
4. Official FEMA app: Can be used to set up a family meeting place and get the latest emergency updates.
5. Life360: Immediately locates a family member. (You can turn off the location feature at any time.)
In any emergency, I know it’s easy to stay calm but it really is important to do just that and trust that you are not alone and help is as close as a click away.
BNI Operatives: Situationally aware.
As always, be safe.
I take this opportunity to thank our readers and clients for their support and to wish all happiness, peace, prosperity and all of the joys of the holiday.
Throughout each year, there are wonderful days and challenging times. May your strong and heartfelt advocacy efforts be greatly rewarded.
Happy Easter, Happy Passover,
Lina M. Maini