GeekSquad.com | About Us | Careers | News & Press | Contact Us | Find a Location

The Archives

Posts Tagged ‘malware’

HeartBleed: The latest threat to our security on the web

Thursday, April 10th, 2014
The web can be a dangerous place for computer users and sometimes the latest news can be scary — much as is the case with the recent news around the recently discovered “HeartBleed” security bug in OpenSSL, a common form of encryption on many websites today.



How do I know if I’m affected?

Unfortunately, as a user there is no way to really know for sure if you’re affected unless your favorite websites explicitly tell you they were affected. Here at Best Buy and Geek Squad, our web sites dealing with your personal data and accounts were not affected by HeartBleed, so your user accounts are safe. However, when it comes to security online, we always recommend being proactive and protecting yourself first and foremost, so here are a few action items that you should take today to protect your data.

Immediately change all your passwords

This is the first step no matter what the security risk. Anytime you feel your data has been compromised, your first step should always be to change all your passwords. This includes your emails, banking, social media — literately any website that has a password that you use frequently needs to be changed. Because the HeartBleed bug may have exposed your login credentials, we recommend immediately changing all of them to ensure no one else has access to any of your accounts. This article on mashable.com identifies some popular accounts and whether or not they were impacted. Choosing strong passwords and changing regularly is still the best practice and this should prompt you to be safe and change all of your passwords even if only as a precaution.

Monitor your identity and personal accounts closely

As with any potential theft of personal data, you should closely monitor all your accounts moving forward. Watch activity on your all your accounts from credit reports, bank and credit statements as well as any other personal accounts like emails for any suspicious activity. Since the HeartBleed bug may have allowed people to see the data you were submitting on secured forms, potentially, they could have gained enough information to steal your identity. Closely monitoring your accounts will help you take quick action in the event your personal details were compromised.

Be vigilant for phishing attempts

Phishing attempts have been a favorite of con artists for a while now and they are constantly looking for ways to make their attempt seem more legitimate. If they were able to use the HeartBleed bug to gain some personal information, like a bank account number or password, they may use it in an attempt to gain more information from you. Never respond to unsolicited emails asking for your personal information and always ensure you only update information on the legitimate websites. Banks and credit card companies will never ask for information via email, only on secured forms.

If you’d like more information on the “HeartBleed” or “HeartBeat” OpenSSL bug, you can read all about it at techcrunch.com.

You can find out more about OpenSSL and their see their April 7th “Security Advisory: Heartbeat overflow issue.” announcement at OpenSSL.org.

Agent Tanya B. has been a woman of technology since 2009. When she steps away from her role maintaining the Geeksquad.com website, Tanya is either at the gym, walking her dog or gaming with the other Agent B. Having moved to corporate from Florida last spring, she’s trying really hard to not complain about the cold too much.

Routers & Malware: No Longer Just Your Computer That's Vulnerable

Thursday, February 20th, 2014

Warning: it isn’t just your computer at risk from hackers. Some recently discovered issues with wireless routers from two different companies show that they too can be vulnerable to hacker exploits that can leave your data exposed to online evildoers. In one case, the affected routers allowed hackers to access data on the victim’s network, while in the other the router was used to distribute a self-replicating worm onto other users’ networks.

Users of Asus RT routers have reported that a router flaw allows hackers access to data on external USB hard drives attached to the router. Although some security experts believe that only users who have turned on the https service (part of the router’s AICloud feature) were affected, some users have reported their systems were compromised even though they never enabled that feature.

The best way to secure these potentially hackable routers is to update the router’s firmware, make sure all default passwords have been changed, and deactivate any remote access options. For more details on this, check out the excellent article about the situation on ARS Technica.

Dear Asus Router User: You’ve Been Pwned, Thanks to Easily Exploited Flaw (Ars Technica)

Security experts have also identified activity online indicating a persistent attack on networks using Linksys routers, particularly those of the Linksys E series. The attack involves the distribution of malware designed to seek out and hijack other networks connected to the Internet by vulnerable devices. Although experts have not been able to identify the purpose of the attack, it is consuming significant bandwidth in specific IP ranges. Some speculate the attackers may be testing their ability to assemble a botnet (a network of compromised computers) that could exploit the Linksys router vulnerability.

Observers say simply restarting the router appears to remove the malware. However, this does not prevent the router from being reinfected. It appears that routers using updated firmware do not become infected, so it is suspected that the vulnerablity must be part of earlier versions of the firmware. Users with Linksys routers in the E series should go to the Linksys website and look for the 2.1 version of the software.

For more on this router-based vulnerability, check out this detailed article on ARS Technica:

Bizarre Attack Infects Linksys Routers With Self-Replicating Malware (Ars Technica)

If you think your system may have been compromised, we offer a Virus and Spyware Removal Service online, on-site and at Precincts in Best Buy stores.

Agent Williams joined the ranks of Geek Squad in 2007, earning the badge number #13337 and the alias “Agent Leeet Sauce”. Now Agent Williams protects the internetz from the Geek Squad Magic Castle. When he’s not policing unruly technology (or eating cookies) he can be found making music, chasing down his badge (it’s been on a trip to the stratosphere) or riding his imaginary pet unicorn.

Phone Scams and Computer Repair: Know Your Facts to Protect Your Computer

Wednesday, July 24th, 2013

Imagine this – you are sitting at home minding your own business when you receive a phone call from an official sounding person telling you that your computer is seriously infected with viruses. They say they will help you out and eliminate the viruses if you will provide a credit card number.

An increasing number of computer users are receiving similar phone calls and some — afraid of potential data loss and device damage — are surrendering their bank account information in the hope this will protect their tech.

If you get such a call, we’re here to tell you — hang up. It’s a scam!

Geek Squad Agents are seeing a rise in phone scams targeting PC and Mac owners. Cybercriminals pretending to work for Microsoft, Geek Squad, or any other nationally-recognized tech company call their intended victims, claim they’ve scanned their computers remotely and found viruses on them. Relying on computer users’ fear of viruses, data loss and identity theft, they trick people into giving them actual access to the computer.

Once the scammer has access to the victim’s system, they will often show the user scary looking error messages on the machine, require immediate payment to cleanup the “dangerously infected” computer and install more “protection” software onto the system. Chances are they’ll take the opportunity to install other bits of malware to capture the victim’s online shopping or banking information.

 If your first instinct is not to trust cold calls about fixing your computer, you’re absolutely right. Scammers often use publicly available information (like your name and telephone number) to make initial contact, and can often make an educated guess about your PC’s operating system. They can sound very convincing (they are good at this), but don’t be taken in.

It’s important to understand that reputable tech companies (like Microsoft, Geek Squad and other tech leaders) will not scan computers remotely without permission from the owner. They will not call computer users unless they are already working with them on a support issue.

Should you receive one of these telephone calls, here are a few tips to help protect yourself:

  • When in doubt, hang up the phone and call the company back at their publicly listed telephone number. You can usually find contact information on their web site.
  • Never provide a credit card or banking account information to someone on a cold call — even if they claim to be from a computer support company.
  • Never give remote access to your computer to any technician unless they can confirm they are a legitimate member of a computer support company with which you have an existing support agreement.

 If you’ve been a victimized by a phone scammer:

  • Contact your credit card or bank and speak with the fraud prevention team to have the charges reversed and the account protected from future charges.
  • Change your computer password, along with the password of any online accounts that may have been provided to the cybercriminal.
  • Update your security software and run a full scan on your computer, or use one of our tools.  You may also want to contact one of our Geek Squad Online Support Agents to have the PC checked for malware.

Phone scams are successful because cybercriminals rely on computer users trusting an unknown person with access to their computers. Together, we can defeat these scams by simply hanging up when you receive an unrequested support call, regardless of who they say they are.

Agent Derek has been removing techno-stress from the lives of his Geek Squad clients since 2005. When not providing remote help as an Online Support Agent, he likes to take to the road on a vintage motorcycle for adventures through Ohio country highways.

SIM card phone hacking — How It May Affect You

Monday, July 22nd, 2013
The news media is currently abuzz over an announcement by Karsten Nohl of Security Research Labs, indicating that there’s a new phone hack affecting some SIM cards. What does this mean to you, and what do we know about this latest threat? 

 

 

Before we break out the tinfoil hats, let’s start with the basics.  A SIM (Subscriber Identification Module) is the small card slides into the back of many smartphones on the market.  It acts as on official identifier, telling your cell phone provider that your mobile phone belongs to you, and allows it to use your phone and data service.

According to the Security Research announcement, Nohl discovered a flaw in older versions of the DES encryption found on some SIM cards.  Nohl was able to send a fake text message pretending to be a mobile carrier with a fake encryption code.  In 75% of the tests, the phone correctly determined the message was not real and ignored it.  In the remaining 25% of the cases, the phone responded to the fake text message with its encrypted digital signature. — a signature that gives a hacker the ability to send malware to infect the phone, or perform other unwanted actions.

So, what does this mean to you, and your smartphone? Let’s take a look at it closer.

One important thing to understand is that the announcement does not include full details of the flaw, and that the research won’t become available until the BlackHat security conference on July 31st. Until then, there’s going to be a lot of wild speculation on the full impact. Another important thing to note is that the hack is designed to exploit older DES encryption schemes, versus the more modern (and secure) triple-DES protection available on more than half of currently available SIM cards.  And even amongst older DES encrypted SIMs, less than a quarter of them were vulnerable.

Nohl said he believes 750 million out of the billions of mobile phones used today may be vulnerable to this exploit.  The GSM Association has been given information around the flaw, which has been passed on to mobile carriers.  According to Nohl, it will take criminals at least six months to make use of the flaw, time that will be spent implementing fixes on the affected cards.

The important thing? Don’t panic. This will be addressed, and fixed. Check with your local service provider on whether this impacts you or not. As this story develops, we’ll keep you posted.

Agent Derek has been removing techno-stress from the lives of his Geek Squad clients since 2005. When not providing remote help as an Online Support Agent, he likes to take to the road on a vintage motorcycle for adventures through Ohio country highways.

Ransomware Now Targeting Mac Users

Tuesday, July 16th, 2013

Apple computer users have mostly flown under the “malware radar” for years. For a variety of reasons, the Mac operating system (OS) wasn’t targeted by hackers as much as Windows was, and Mac users were able to browse the Web largely unaffected by infections. But as Apple’s share of the computing market has grown, cyber-criminals have set their sights on the Mac OS.

The latest development is a variation on a “ransomware” program that has in the past only targeted Windows users. Ransomware – a version of malware that seemingly locks up a victim’s computer and demands a one-time payment to “unlock” the computer — usually masquerades as an official communication from the FBI. The highly visual warning usually accuses the user of downloading or illegally distributing “prohibited ” content, and requires the payment of a “fine” to unlock the machine. (Note to readers: the FBI doesn’t do this.) Agent Derek wrote a blog post about the Windows version of this security issue last year.

Hackers are now distributing a version of this malware online that targets Mac users. Fortunately, there is a fairly simple solution. To find out how to remove the malware or learn more about this, see this post in the Malware Bytes Unpacked blog.

For a longer discussion of ransomware on Mac OS computers, take a look at this thread in the Apple Support Communities.

If your computer has picked us a virus or is experiencing unexplained performance problems, we have Agents standing by ready to help online, instore and onsite.

Agent Ron G. has been battling the forces of unruly technology run amok since 2001, prior to Geek Squad’s acquisition of Best Buy. When not busy creating video & technical training content for Geek Squad Agents in the field, Agent Ron enjoys home brewing, international travel, sketch writing, and learning how to cook new cuisines.

10 Reasons Your Computer May Be Running Slowly

Friday, November 9th, 2012

Frustrated with your computer or cell phone? Embarrassed to ask your kids/grandkids for tech help? You’re not alone. According to AARP, 33 percent of Boomers report frustration with technology.  Here’s some tips to help you take control of your technology.

 

One of the most popular computer questions people have about their computer is “Why is it running slowly?” Through the years, we have narrowed down the list of possible reasons to ten:

1) Too many programs are running at the same time.
It is common for users to download utilities, applications, and other programs that run in the background. The more programs that are running – whether you see them or not – the less “attention span” your computer has to do other things you are asking it to do.

Avoid downloading web browser-helpers, more than one anti-malware program, or applications that claim to “speed up” your internet or your computer, as each one added will slow down your performance. (It’s also a good idea to uninstall programs that you do not use to increase your machine’s processing speed.)

2) There’s not enough free RAM.
Random-access memory (RAM) is what your computer uses for temporary working and thinking space. The more programs running at time, the more RAM is used. If your computer is running slowly, it could be because too many programs are running, and not enough RAM. To make your computer run faster, run fewer programs at a time or upgrade your RAM.

3) You have a virus/malware infection.
Internet slowdowns and slow computer operation can be a symptom of an infection. To find out if you have a malware problem, use an anti-virus and anti-spyware application to find it – like the free scanning tool we have available in the Self-Help area of our website.

4) You have low hard drive space.
Lack of hard drive space often affects older computers, or computers that do a lot of video editing or design work. Hard drives, which store all of your computer’s information, have a finite amount of space. Once they’re filled up, the computer no longer has the ability to manipulate files. The computer will slow down, eventually becoming unusable.

Generally, Windows will alert you to “low disk space” if this is the case. Moving some of your less-used files – such as pictures, music, and movies – to an external hard drive would free up some of your computer’s hard drive space and make it run faster. Deleting temporary files and performing a disk cleanup are also good ways to reclaim wasted space. Another solution? Install a bigger hard drive.

5) Restart your computer.
Every once in a while, it is a good idea to restart your computer. A computer cannot complete some of its updates until you restart. Restarting your computer can also free up memory resources tied up by buggy programs.

6) Sharing a wireless network.
If your internet is running slowly, but your computer is running quickly, you could have a lot of activity on your wireless network. Check to see if anyone else on your network is doing something that uses a lot of bandwidth (like streaming video or playing online games), as this can make your computer run slowly. You should also make sure your wireless network is secure so someone else isn’t using your Internet bandwidth. If your wireless network is not secure, Geek Squad recommends you create a password to secure your data and ensure strangers don’t join your network.

7)  Too many “bells and whistles.”
Animated pointers and hi-resolution images of your favorite vacation spot may look nice, but they can also slow your computer down. Since animations and images  load into memory every time you start your PC , there is less processing power available for more important tasks.

8) You have a scanning program running.
When a scanning program such as an anti-virus, anti-spyware, or automatic backup is running, your computer may respond slowly. We don’t recommend disabling these, as they are an important part of your computers safety. These programs should be run at least once a week, but don’t plan on using your machine while they are running.

9) Your computer barely meets your software’s minimum requirements.
Software usually has a list of requirements for things like processor speed, operating system, memory (RAM) and hard drive space. These specifications are the absolute minimum levels needed to make the software run. If your computer just meets the requirements, the software will run, but it might not run well. Try to meet or surpass the system “recommendations” of your software, rather than just meeting the bare “requirements.”

10) You have a fragmented hard drive.
It’s important to defragment your hard drive to help the computer organize itself better and make sure it runs smoothly. Think of your hard drive as someone who really likes to be organized but is always in a big hurry. Because you hard drive is low on time, it might save bits of a file here and pieces of it there, rather than all together. This works fine for a while, but eventually everything is scattered, and it takes your hard drive longer to find everything and get moving. Defragmenting is like a really big clean up. Your hard drive will put everything back in the right place and, as a result, will be able to move more quickly.

That’s it! If you’ve follow these ten steps, it should help you resolve a decent amount of your slow computer problems. There’s always more to learn, and lots to do in order to keep your computer running smoothly. Of course, there’s always help from Geek Squad, if you need it, but don’t be afraid to try some things on your own as well. We’ll always be available for you at www.geeksquad.com, at 1-800-GEEKSQUAD (1-800-433-5778), or at a Geek Squad precinct in a Best Buy store near you.

Agent Wiebusch carries badge number #3881, and has thwarted rogue technology issues since 2004, helping clients in store, in their home or business, and now online. When away from computers, he enjoys playing sports, playing videogames, and tinkering with motorcycles, classic cars, and anything else fast.

Fake “FBI” virus scam alert (Beware of Reveton)

Monday, September 10th, 2012
So you’re sitting there, innocently using your computer, when a window flashes on the screen, bearing the logo of the FBI. You’ve been locked out of your computer for breaking some not-too-specifically-identified copyright law. The solution on the screen? Pay a fine to the “FBI” to “unlock” your computer and use it again.

 

Think this is a new way for the FBI to deal with computer crime? Think again – you’ve just been a victim of a particularly nasty new virus – Reveton.

Ransomware — A Sneaky Form of Virus

Like a biological virus, computer viruses are constantly evolving to take advantage of unsuspecting hosts. In this case, you are dealing with a form of virus called “ransomware”, because it holds the victim’s computer hostage until a ransom is paid to a mysterious third party.

Reveton disables the computer and displays a bogus-but-somewhat-intimidating message on its screen claiming that the computer’s owner has violated federal law. The malware locks the system until the owner pays the “fine” using a specific pre-paid money card service. For added spookiness, some variants of this virus will use your  webcam to take a photo of you to include in its faked warning window. (Yikes!)

Most law enforcement agencies in the United States do not issue fines and disable computers without due process – meaning you have a legal means to defend yourself. Plus, we are pretty confident the FBI would never take payments from only one specific brand of money card (even if it is widely available at your local convenience store).

What to Do If Infected

Geek Squad has the following recommendations for anyone who believes they may have a computer infected with this Reveton virus:

  •  First: don’t panic. (Fear is the mind killer.)
  •  If asked to enter a form of payment, credit card, or personal information into any web window you did not specifically request, do not do so.
  •  If you have already paid (or somehow manage to bypass the lock), you’re not out the woods yet. There may still be malware running on your computer that can impact your privacy or security. Contact a Geek Squad Agent through our Online Support website, by phone at 1-800 GEEK SQUAD, or at a Geek Squad Precinct in a Best Buy store near you.

Preventative Measures

To help prevent your computer from becoming a victim of a virus infection like this, always remember to keep your antivirus protection current and up to date. Feel free to use our free virus and spyware scanning tools in the Self Help area of our website.

To help protect your important data (such as photos, documents, or music), create and follow a consistent backup plan, using an external hard drive or online backup service.  We have tips on backing up your data (link to http://www.geeksquad.com/do-it-yourself/tech-tip/tips-for-backing-up-your-data.aspx), creating good passwords (http://www.geeksquad.com/do-it-yourself/tech-tip/keys-to-a-secure-password.aspx) and protecting your computer against spyware (http://www.geeksquad.com/do-it-yourself/tech-tip/how-to-protect-against-spyware.aspx) in the Tech Tools area of our site.

As always, Geek Squad Agents are ready to help you with any questions you have about your technology. Visit our web site (www.geeksquad.com) or give us a call at 1-800-433-5778.

Agent Derek has been removing techno-stress from the lives of his Geek Squad clients since 2005.  When not providing remote help as an Online Support Agent, he likes to take to the road on a vintage motorcycle for adventures through Ohio country highways.

DNS-Changer malware could shut off your internet

Sunday, July 8th, 2012

On Monday, July 9th, thousands of internet users could find themselves without internet when the FBI finally shuts down the DNS-Changer malware.

For months, a group of cyber criminals have been infecting hundreds of thousands of computers with “DNS-Changer,” which redirects your internet traffic to “fake” versions of websites. Thankfully, this ring of criminals was taken down in an FBI sting operation called “Operation Ghost Click,” and since then, the FBI has been redirecting infected computers through special government servers to keep them online.

But on Monday, all that changes when the FBI pulls the plug. If you’re infected with DNS-Changer, you could lose your internet access. The good news is that the Geek Squad is here to help you out. To find out if your PC may have been infected by the DNS changer malware, try one of the following:

  • You can visit the FBI-approved website, “The DNS Changer Working Group,” or DCWG (http://dcwg.org). From there, they not only further explain the malware and how it affects PCs, but link to organizations across the globe that do online scans to check to see if your PC might have been affected.
  • You could also consult a Geek Squad Agent and have them look over your PC. This can be done online (via http://support.geeksquad.com), in any Best Buy store, or by scheduling an Agent to come to your home (by calling 1-800-GEEKSQUAD). If you are infected with the DNS changer malware, Agents have the tools and resources necessary to get your PC back in a normal working order.

Agent William G. has been an Agent with Geek Squad since 2004. If he’s not working on computers remotely, or contributing to the Geek Squad Intelligence Blog, he can be seen skateboarding the sidewalks in the city of Atlanta.

“Mac Defender” Doesn’t: Computer Users, Be On Guard

Tuesday, June 14th, 2011

So what happens when a non-Windows OS gains traction? Well, the inevitable happens – and people using such systems without malware protection face a nasty wake-up call (yes, even systems with fruit-based logos adorning the front). Today’s example? Mac Defender.

Mac Defender first appeared in May 2011 as a browser pop-up screen, stating that the computer is infected – and that Mac Defender can remove the infections. The truth? It’s actually a false antivirus application with a built-in malware payload. It demands payment to work, so once users enter their credit card number… BAM! (They’ve got you.)

Malware like this is nothing new. Malware is constantly evolving, as hackers find new ways to wreak havoc on your computer, or to obtain your confidential information. And once you’ve been infected, removal can be complicated – often requiring Geek Squad Agents (or other experts) to get it cleaned up.

To protect yourself from malware, all computer users should follow these tips to help them stay safe:

- Update your operating system often. People avoid updates because they seem like a hassle. System updates include fixes to vulnerabilities often exploited by malware. Updates are your first line of defense against infections.
- Don’t download suspicious-looking programs. If it looks suspicious, it probably is so avoid it! Only download programs and updates that you are familiar with, and then only from official (safe) resources.
- Email attachments and links: be cautious. Most people know better than to open attachments or links in email from unidentified sources. It’s common for many malware applications to harvest email address books on infected computers and send out copies of the infection on your behalf to your family and friends. Got an attachment from a friend or family member? Give them a call to verify whether they actually sent anything. When in doubt, toss it out – no matter how tempting it is to open.
- Beware of pop-ups. Like Mac Defender, these pop-ups may look like legitimate warning messages from your operating system. They try to trick you into purchasing, downloading or installing some sort of application that can infect your computer. Clicking on them often loads malware onto your computer, and can lead to all sorts of headaches. Get to know what to look for to close pop-ups (tiny “X” or red dot for closing the window in the upper corner), and NEVER click anywhere else within it.
- Avoid giving out personal or financial information. If you are prompted to provide credit card information and you are uncomfortable with where you are submitting it, walk away. (Only provide credit card information to authorized sources that you trust.)
- Install protection software. To reduce threats to your computer, purchase and install protection software. Anti-virus software is a good start, and there are programs with internet security available that can help prevent hackers from getting into your computer and stealing your personal information.
- Scan your computer for viruses or malware – especially if your computer is sluggish. Quite often, Internet slowdowns and general slow operation of the entire computer can be one of the symptoms of an infection. When in doubt, scan the computer for a malware infection to determine if this is the cause.

Malware – regardless of who’s behind it or what operating system it runs on – is a fact of life for computer users. Yesterday, it was only Windows-based PCs. Today, it’s fruit-labeled ones. Tomorrow? (Hey Linux, I’m looking at you.) By following these simple tips and making sure your operating system is up to date, you can avoid most of the headaches that come with a malware infection.

SECURITY ALERT: GPCode Ransomware Holds Computers Hostage

Tuesday, November 30th, 2010

Tell Me More: Ransomware is a type of malware that gives hackers access to your personal data. Once your computer is compromised, the hackers claim they will return your data once you send them money. Consumers unknowingly receive the virus from somewhere on the internet and it then encrypts your files and holds them hostage. With this particular form of ransomware, once the files are compromised consumers receive a ransom letter which appears on their desktop demanding $120 in order to receive their files back.

Should I Be Worried? We haven’t completed our investigation of this newest malware ransom issue; however, based on our initial research we have discovered the virus encrypts the computer’s original files, making any recovery efforts virtually impossible. Because of this, consumers should be extra careful about links they click on while surfing the internet.

What Do I Need to Do? Here’s what you should know about ransomware:

• If you have received the virus and the ransom note pops up on your desktop, consumers should immediately shutdown the computer. The malware is still infecting your computer and by shutting the system down, there is a chance you might be able to save some of the data that has not been corrupted yet.

• As a side note, please remember your data should always be backed up on a regular basis. If your files are saved, you can simply remove the virus from the compromised system and restore the data from your backup.

Geek Squad Final Word: As always, if you experience any undesired computer symptoms, seek help from a computer professional as soon as possible.

For more information, check out the Geek Squad home page at www.geeksquad.com or contact your nearest Geek Squad Agent. Whether it’s online, via 1-800-GEEKSQUAD, or in any Best Buy store, we’re here to help 24/7/365!

Note: Comments are moderated and will be handled as per our privacy policy. Please keep your comments on-topic and free of profanity. For more information, please view our Blogging Terms of Use.

Archives

Tag Cloud

Categories