Tech Friday with Dave Hatter - May 15th 2020 - SPONSORED BY INTRUST IT

  • Scammers Can Use Recent Transactions to Trick You:
    • "Spoofing, in general, is a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver. Spoofing is most prevalent in communication mechanisms that lack a high level of security." - Techopedia
    • The FCC wrote "Spoofing is when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Scammers often use neighbor spoofing so it appears that an incoming call is coming from a local number, or spoof a number from a company or a government agency that you may already know and trust. If you answer, they use scam scripts to try to steal your money or valuable personal information, which can be used in fraudulent activity."
    • It has recently been reported that scammers are using caller ID spoofing to impersonate their victims and socially engineer the victims’ bank to get information about recent transactions
    • With that information in hand, the scammer will use this information call the victim and impersonate their bank
    • The scammers will try to get transaction information from a bank or other site like Amazon that can be used to convince a victim that the scammer is a legitimate representative of an organization
    • In one case, Brian Krebs reported that Citibank’s automated phone system divulged transaction information based on a spoofed phone number
    • The scammer will call a victim and say they suspect fraud and use any transaction information they have to ask if those transactions are legitimate. This makes their call seem valid
    • If the victim continues and verifies the transactions are legitimate, they may be asked for their security information so a new card can be sent
    • The scammer may have a partner on another line with the bank impersonating the victim and using the information supplied by the victim to social engineer the bank to steal the victim's money
    • It has been reported that in some cases, the victim will suddenly receive many automated emails to help hide messages from the bank about transactions or account changes
    • Experts say these scams are fueled by the sale of credit card records stolen from hacked online merchants
    • This data, known as “CVVs” and is sold for about $15 to $20 per record. It may contain information including name, address, phone number, email and full credit or debit card number, expiration date, and card verification value (CVV)
    • Fraud prevention company Next Caller recently reported that they have seen "massive increases in call volumes and high-risk calls across Fortune 500 companies as a result of COVID-19."
    • The only concrete way to protect yourself from these scams is to avoid answering calls from unknown numbers and NEVER trust an unsolicited call
    • “Both this and last week’s story illustrate why the only sane response to a call purporting to be from your bank is to hang up, look up your bank’s customer service number from their Web site or from the back of your card, and call them back yourself” - Brian Krebs
    • General tips:
      • Don't answer calls from unknown numbers
      • If a caller claims to be from a company or a government agency, hang up, lookup a valid number and call them back to validate the authenticity of the requestI
      • If you answer a call from an unknown number, don't respond to any questions, particularly "Yes" or "No" questions
      • If a caller or a recording asks you to hit button to stop the calls hang up
      • Never give out personal information such as account numbers unless you made the call and have confirmed the validity to the request
      • The FCC has a good video about Caller ID spoofing here:https://www.youtube.com/watch?time_continue=5&v=PS3llQfRLD8&feature=emb_logo
  • PrintDemon, an ancient bug fixed is the in latest MS updates:
    • This month’s Patch Tuesday fixes 111 issues across a wide variety of products
    • 16 of these fixes are considered critical
    • An elevation of privilege vulnerability exists in the the Windows Print Spooler and that has created a buzz
    • Security researchers Alex Ionescu and Yarden Shafir from Winsider reported on the bug and named it "PrintDemon"
    • The issue is that the print spooler allows arbitrary writing to the file system, so an attacker could use this vulnerability to get elevated system privileges allowing them to install programs; modify data or create accounts with full user rights
    • The good news is that this vulnerability can't be exploited remotely, an attacker must log on to an unpatched system and run a special script
    • What the researchers discovered is that any user can run a script that will create a new printer device in certain circumstances
    • If print jobs are deferred, for example until after a reboot, they run with elevated privileges, giving an unprivileged the ability to do things they would not normally be able to do
    • This is corrected in the latest batch of updates
    • Backup and install them now
  • Make your home Wi-Fi network work better
    • With more people working and schooling from home, and an ever increasing number of connected devices, it more important than ever to outfit your home or business with a wireless router that can handle the increased demands
    • Like any system, your home network will only be as fast and secure as it's weakest link
    • A new router can bring speed and security improvements, especially if you have many family members in contention for bandwidth
    • Wi-Fi technology continues to advance as do the routers that make it possible
    • You should consider the size of your coverage area, the number of users, and the types of devices you need to connect.
    • First, it you're using a rented modem/router gateway from your ISP, you could lower your monthly bill and get better Wi-Fi speed with your own router
    • Most modern routers operate on at least two radio bands, a 2.4GHz band and a 5GHz band
    • The 2.4GHz band operates at a lower frequency and offers better range but is slower than 5GHz. The 2.4GHz band also competes with other devices on the same frequency. So you 5GHz where possible
    • A tri-band router has three radio, one 2.4GHz and two 5GHz radios for load balancing. You can divide devices across the radios for better performance
    • Look for a Wi-Fi 5 router at minimum a avoid 802.11n (Wi-Fi 4) or older routers
    • A Wi-Fi 6 router supports Multi-User Multiple Input, Multiple Output (MU-MIMO) transmissions which can hit maximum throughput of 9.6Gbps under ideal conditions.
    • Get a router with at least four Ethernet ports so you can plug in near-by devices to get the best performance and reduce the load on the wireless radio
    • Look for a device that allows you to create Virtual LAN (VLANs) to segment traffic
    • Use Quality of Service (QoS) features to prioritize traffic
    • For a large home, consider a Mesh router. Mesh Wi-Fi systems use a number of connected devices to blanket your home in one wireless network
    • For better security:
      • Change the default password
      • Whitelist devices and block all unknown devices
      • Disable SSID broadcasting
      • If you plan to allow visitors on your netork, setup a Guest network. If not, disable the guest network capability
      • Install patches regularly
    • Read reviews here:

Sponsored Content

Sponsored Content

55KRC · THE Talk Station in Cincinnati
Listen Now on iHeartRadio