Computers

The Tech Corner is a technology news and advice column presented each week courtesy of Melvin McCrary at Georgia Computer Depot in Cedartown.

Telemarkers flooding your cell? Here’s how to stop robocalls

In a Robocall Strike Force Report in October, the Federal Communications Commission said telemarketing calls were the No. 1 consumer complaint.

Citing statistics from YouMail, a developer of robocall-blocking software, the commission said consumers received an estimated 2.4 billion robocalls per month last year. Alex Quilici, chief executive of YouMail, said his company estimated that 2.3 billion calls were made in December 2016, up from 1.5 billion in December 2015. More than annoying, the calls can cross over into the outright fraudulent. In one scheme, callers pretending to represent the Internal Revenue Service claim the person answering the phone owes back taxes and threatens them with legal action. The scheme has reaped more than $54 million, the FCC said.

Here’s how you can fight them:

The most simple and effective remedy is to not answer numbers you don’t know, Quilici said. “Just interacting with these calls is just generally a mistake,” he said.

If you do answer, don’t respond to the invitation to press a number to opt out. That will merely verify that yours is a working number and make you a target for more calls, experts said. List your phones on the National Do Not Call Registry. If your number is on the registry and you do get unwanted calls, report them.

Download apps such as Truecaller, RoboKiller, Mr. Number, Nomorobo and Hiya, which will block the calls. YouMail will stop your phone from ringing with calls from suspected robocallers and deliver a message that your number is out of service.

Quilici said phone companies, such as T-Mobile, Verizon and AT&T, also have tools to combat robocalls. They work by blocking calls from numbers known to be problematic. And then there is the Jolly Roger Telephone Co., which turns the tables on telemarketers. This program allows a customer to put the phone on mute and patch telemarketing calls to a robot, which understands speech patterns and inflections and works to keep the caller engaged.

Subscribers can choose robot personalities, such as Whiskey Jack, who is frequently distracted by a game he is watching on television, or Salty Sally, a frazzled mother. The robots string the callers along with vocal fillers like “Uh-huh” and “OK, OK.”

Ransomware Targets J. Sterling Morton High School Students

An in-development ransomware named J. Sterling Ransomware has been discovered that targets the high school students of the J. Sterling Morton school district in Cicero, Illinois by pretending to be a student survey. While this ransomware currently does not encrypt files, it shows how a developer can make an effective & targeted ransomware attack.

When it runs, this ransomware will display a screen called the “J. Sterling Student Survey”, which prompts the student to login into the survey and select their school grade. In order to make the survey look legitimate, the developer included the school’s logos and slogans. Though the user interface is designed poorly, it could easily trick someone to interact with it.

Once the student enters any email or password and selects their grade, the screen will change to a ransomware message. This message states that the files on the computer have been encrypted and that the student must pay $10 USD in bitcoins to get their files back.

As this ransomware is currently in-development, the files are not being encrypted.

This could easily change, though, once the developer adds the required computer code, which can easily be found online.

In the past attackers distributed ransomware using exploit kit attacks or malspam campaigns in order to throw out as wide a net as possible to capture as many victims as they could.

Due to increased protection for ransomware from security vendors and a stronger approach to email security from the larger email providers, this technique is not as effective as it used to be.

Due to this we have seen ransomware switching to using direct attacks.

How to protect from ransomware

In order to protect yourself from ransomware, first and foremost, you should always have a reliable and tested backup of your data that can be restored in the case of an emergency, such as a ransomware attack.

Last, but not least, make sure you practice the following security habits, which in many cases are the most important steps of all:

  • Backup, Backup, Backup!
  • Do not open attachments if you do not know who sent them.
  • Do not open attachments until you confirm that the person actually sent you them,
  • Scan attachments with tools like VirusTotal.
  • Make sure all Windows and all other program updates are installed as soon as they come out! Use hard passwords and never reuse the same password at multiple sites.

BlueBorne vulnerability affects 20 Million Amazon Echo and Google Home devices

Over 20 million Amazon Echo and Google Home devices running on Android and Linux are vulnerable to attacks via the BlueBorne vulnerability, IoT cyber-security firm Armis announced today.

BlueBorne is a set of eight vulnerabilities in the Bluetooth implementations deployed on Android, iOS, Microsoft, and Linux. Affected OS makers and several IoT device makers issued updates in mid-September to address the flaws.

BlueBorne allows attackers to take over devices that have Bluetooth enabled and run malicious code on the underlying OS or firmware.

Amazon Echo: I have been hacked! Take me to your leader!

The initial BlueBorne announcement did not mention anything about personal home assistants as being vulnerable, albeit if an attacker put some of the clues together he could have deduced that BlueBorne could be used to attack a wide range of devices that rely on Bluetooth communications, and which have not been mentioned in the Armis initial disclosure.

Armis researchers pointed out that 82 percent of companies that use its IoT cyber-security protection platform also have an Amazon Echo on their network. Experts are now warning companies to patch Amazon Echo and Google Home devices.