Tech Talk #40 – December 3, 2016
It’s that time of year again. The internet lets us shop in stores that can be anywhere in the world and the myriad delivery choices can bring our purchases right to our door. It’s convenient, and the transactions themselves are safe and secure. But there are a few things to watch out for while you’re shopping.
Criminals spread ransomware by adding an infected attachment to an email. This holiday shopping season, watch out for fake delivery or tracking emails that say they’re from FedEx, UPS, DHL, USPS, or one of the other delivery services. None of these people will send you an email with an attachment. If you do accidently open the email, within a few minutes, you’ll get a warning that now all your files are encrypted and telling you how much it will cost you to get them back.
The ransomware criminals are very good at tricking you into opening their fake files. Here are some things you can do protect yourself against ransomware, no matter what time of the year it is:
Back up your data
The single best thing you can is to back up your data. If you can restore your system to an earlier snapshot or clean up your machine and restore everything from a backup, you get to win. Use the built-in Windows Backup tool or Apple’s Time Machine to keep your computer backed up to an external drive that’s not connected to your computer except when you’re backing it up. Or, if you have a fast internet connection, use an online backup service like CrashPlan, Mozy, or Carbonite.
Show hidden file extensions
Ransomware frequently arrives in a file that looks like a PDF, but the full name looks like this “*.PDF.EXE.” The ransomware is counting on the Windows default of hiding known file extensions to slip past your watchful eye. If you enable the ability to see the full file extension, it can be easier to spot suspicious files. Here’s how:
- Open File Explorer and then click on any folder on your computer. At the top of the File Explorer window click View. In the File Explorer ribbon, just to the right of halfway across, put a check next to the File name extensions Then close File Explorer.
- Now, instead of seeing a file that looks like a PDF called INVOICE you’ll be able to see it’s called INVOICE.PDF.EXE and you’ll know that you definitely should not open it. Seeing the file extension makes it easier to tell the good guys from the bad guys.
Keep your computer secure
Using a basic anti-virus program like Avira and also an anti-malware program like MalwareBytes, and keeping them both updated will be enough protection for most people. But if you think you might be extra vulnerable to ransomware, either because you have no recent backups, have many irreplaceable photos and documents, or because you need to open attachments in emails, be very, very careful.
Paid versions of AVG and Avast claim to add some ransomware protection to their antivirus product, so that might be something for you.
Also, don’t forget to keep your computer updated. Do your Windows Updates as needed, and especially do your Adobe Reader and Java updates. Both of these programs are frequent attack vectors for malware and ransomware.
When you’re shopping at the same store or site multiple times, it’s convenient to check the Remember this payment method box, so you don’t have to enter your payment info every time. Don’t check that box. Identity thieves will wait until after the new year and then attack servers holding customer payment info. It’s better to take the time and enter the information each time, so your information won’t be on that targeted server.
The terrible thing about the Internet and Amazon is that they take the magic and happy chaos out of book shopping. The Internet might give you what you want, but it won’t give you what you need.
-Tom Hodgkinson Tom Hodgkinson is a British writer, and the editor of The Idler, which he established in 1993 with his friend Gavin Pretor-Pinney.
Do you have a computer or technology question? Greg Cunningham has been providing Tehachapi with on-site PC and network services since 2007. Email Greg at firstname.lastname@example.org.