NISM winners June 30: real adventures in internet security

Announcing this week’s winners of the Real Adventures in Internet Security Bundle Giveaway Event. One last big ‘THANK YOU’ to everyone who sent us an entry. With your stories, you have raised awareness of the importance of staying safe online and you’ve helped others stay safe and protect themselves.

sp_security-thanks-June-30-fb

All winners received super security bundles that include a VPN, anti-virus, online backup, anti-keylogger, parental control app, PC optimizer, encryption software and, of course, Sticky Password. Runner-up security bundles were sent to a bunch of folks, too!

Our top 5 takeaways of National Internet Safety Month 2015, or practical security principles you can use:

  • Get security tools that you are comfortable using and learn how to use them. We’ve prepared a nice cross-section of security software titles that you can get at great introductory discount. Only by using the tools and understanding what they do for you can you respond appropriately when you get that next popup notification. In the end, security software that you don’t use because you don’t like using it is not protecting you!

Make sure your software (operating system, programs and apps) is up-to-date with security and other updates. Virus and malware are especially good at exploiting known security holes. Vendors close the holes as soon as they can. Customers who don’t install updates quickly put themselves at risk.

Included in this section is our recommendation that you have someone or a vendor that you can trust to get answers when you don’t understand what is happening on your computer or device. That can be a family member or friend; or, you may need to contact a local computer shop to get professional help.

  • Be aware. Pay attention to hacks and breaches in the media so that you can react appropriately. Security isn’t just about having security software installed on your device, it’s about knowing what is happening and reacting appropriately – before it’s too late. This doesn’t mean that you need to become an expert on internet security! Just like you would in the physical world, paying attention to what’s going on around you is a critical way of staying safe.

Talk, talk, talk to your kids and family. Make sure that everyone in your ‘inner circle’ knows about breaches and hacks, what to watch out for, and how to behave online.

  • Take action, but don’t panic. When you suspect that something bad is happening, or has happened, then you need to take appropriate steps to find and stop the problem/attack. Depending on what’s happening, this could be doing an anti-malware scan on your device, or contacting your bank to cancel a credit card and getting a new one, or just reaching out to your trusted contact to ask “what does it mean when my PC does XYZ?”.

And, no, panic usually doesn’t help.

  • Have a backup plan. One of the realities of life is that bad things can happen to even to the nicest of people – like you and me – even those who consider themselves to be ‘under the radar’ of attackers. Make sure you have a plan for backing up your data. By having copies of your data (documents, pictures, videos, EVRYTHING) on multiple devices (computer, hard drive, online…) and in various locations (local, remote, online…), you won’t lose data if one of your devices is stolen or suffers an attack, and you’ll be in the best position to get ‘up and running’ again.
  • Exercise your option to walk away. If you keep yourself informed and notice that something isn’t right with the terms of a service or app that you are using or would like to use, then don’t use it. This includes social media services like Facebook and any others! Only by people discontinuing use of services that they feel aren’t sufficiently protecting their accounts, or are violating their privacy will vendors change their behavior. The rubber meets the road for vendors when customers walk away.

This final installment of winners is our EXTREME Edition: When breaches get out of hand! Brian was the victim of a scam, and Jeff suffered a major virus attack. Read on to find out how each stood up to the attack and applied our security principles.

Brian wrote to us about selling a notebook computer over Ebay. This happened ages ago in internet time (2004) and the checks and controls of online payments that we take for granted today weren’t implemented as broadly as they are today.

I decided to sell my laptop on E-Bay. I bundled it with some unused software I had picked up from Tech conferences and the laptop bag I bought with the HP. A few days after I posted it, a person in Tunisia offered to buy it and would pay for shipping. At first I was skeptical as I had heard horror stories about selling stuff overseas and even more [wary because] he did not want to use PayPal, but he offered to pay via certified check. So, I told him I had to wait for the check to clear before I would ship it. He agreed.

When I received the check, I deposited it and waited a few days until the money was cleared at the bank. I did this by checking my online account everyday until the money appeared. When the money ended up appearing at my bank after 4-5 days, I packaged the items up and shipped them to him. Literally the next day, the money was removed because the check was fraudulent. I contacted him about it and he sent another check; this time issued by a different party. At that point, I knew I was being scammed. I attempted to stop shipment but the USPS said they did not do that anymore. I tried calling customs and the Tunisia embassy but everything I attempted failed.

Brian did a very good job supervising the transaction, and using the mainstream services that were at his disposal at that time. All throughout, he was careful at each step. When he discovered that the promised payment was cancelled, he didn’t panic and he took action by contacting the postal service, the embassy, etc.

Jeff is a computer professional who runs some internet servers from his home. He noticed some issues with his systems and started to investigate.

I found that my servers had been compromised. I initially thought it was just a simple intrusion, probably by some teenager, and so I attempted to do a more thorough recording of traffic to determine where the attack was coming from (the attacker had cleared many of the system logs to hid their tracks) and continued to operate my systems for another week or so.

What I had not realized is that the attacker had not only compromised the 3 server systems, but had also entered my home LAN network. I began to see tell-tale signs of a virus infection on my computer which then mysteriously disappeared. I then spent a week intensely analyzing my system for viruses and malware but could find nothing. Even though check after check after check turned up nothing, there was something still off about the system. One antivirus utility I use in extreme cases would crash, which it never has done before. Other antivirus checks came up clean. There was no system slowdown, no pop-up ads, no website redirects, no evidence of any kind that there was anything wrong with my system. I finally gave up the search and decided to purchase a new hard drive to reinstall my system from scratch.
Installation of the operating from manufacturer recovery discs went flawlessly. Included with the installation were utilities from the computer manufacturer for system updates in addition to operating system updates. The software alerted me to updates for various drivers and then I noticed that the BIOS revision level was old. This struck me as odd since I am very good about keeping the BIOS firmware up to date. I verified on the manufacturer website that not only was this an older BIOS revision, it was older than when I acquired the system. It now had become clear that the hacker had not only compromised my servers, they compromised my internal network, placing malware on my systems and had altered the BIOS of those systems.
In my attempts to eradicate the BIOS virus from my system, the BIOS had become so corrupted, that the computer would no longer function.
As a precaution, I began resetting all of my passwords. Shortly after changing my PayPal password, I received a suspicious email from PayPal thanking me for contacting PayPal and to rate my service. I didn’t believe I should be getting a survey for simply logging into PayPal and changing my password. I phoned PayPal asking about this email. They asked me to forward it to them for analysis. I received a reply email shortly after stating that this was a phishing email. It became apparent that the hackers were trying the passwords, found I already changed them, and were trying to trick me into giving the new one to them.

In the end, Jeff lost various hardware to the BIOS virus, but he never panicked. At each step, he took appropriate action – updated software, contacted vendors, etc. (We have connected Jeff with the research lab of a major antivirus vendor who will now analyze his system to see what happened.)

While both Brian and Jeff suffered extreme attacks and lost money (Brian), and hardware and money (Jeff), their defensive responses to the respective attacks and use of the security principles were spot on and limited any losses that could have occurred. By following these 5 security principles, you give yourself the best chance to protect yourself from attack.

Check out the security stories of our previous security bundle winners:

https://www.stickypassword.com/blog/weekly-winners-june-26-real-adventures-in-internet-security/

https://www.stickypassword.com/blog/weekly-winners-june-19-real-adventures-in-internet-security/

https://www.stickypassword.com/blog/mystory-weekly-winners/

*All quotes and personal mentions made with the permission of each individual referenced herein.