Google Docs or Microsoft Word?

Which one should I choose?

For those of us who are Directors of Alphabet Design and Structure, what app should we be using to craft our words and paragraphs?

There are literally hundreds of apps and programs designed to do that for us, but when it comes down to the wire the race really is only between two. Microsoft Word and Google Docs. So, which one is better? Are either any better than each other? Should you care? These and many other questions I will attempt to answer in the following paragraphs.

Google Docs Vs Word

Ok, I will start with the new kid in town. Google officially released what is now known as Docs along with Sheets and Slides in October 2006 as Documents an online free alternative to the above-mentioned Word. It was pretty good when it came out. You could achieve all the usual tricks that any decent word processor could deliver. Now I know that some of you will say it lacked quite a lot of features that Word users may have come to know and love, but I am just comparing these word processors for everyday general use, not power users.

Word has been around so long now that people just accept that if you need to type a string of words together then you go looking on the computer for that blue icon with the W in it.

Figure 1- Google Docs is spartan compared to Word, see Figure 2. But it has everything you need for basic wordsmithing.

Figure 2- Latest version of Word with all its bells and whistles.

Let’s focus on the here and now, what are Docs and Word like now?

Docs is a robust online word processor, https://docs.google.com,  with accompanying apps for mobile devices, just like Word. Word has one difference here though, it is available as an installable app on desktop computers whereas Docs is not, you must run it in your browser. That’s ok I hear some of you say, but what about if you have no internet access sometimes? No problem, you did check the box in your Google Drive settings that allow offline editing and install Google Backup & Sync, didn’t you? No. Well go and do it then. Drive will install a plugin into Chrome that will allow you to edit offline. Great. Why do we need to pay for Word again?

Now that is Google’s strong point, the internet, the artificial intelligence that Google has included in everything that it does come out strong in Docs. This is helping you even more by helping you write better. My favourite button in Docs is the Explore button. With one click you have the research power of Google right there in the document window where you need it. See Figure 3.

Figure – 3. One difference I did notice just then that I was unaware of, is that when I inserted the above image that is a gif file and should be animated. In Word, it is not animating. But in Docs it does animate.

Word has been around long enough that they have completely sorted out all the paper size issues of the past, there is virtually no size you cannot use. Word has a larger array of templates available, although Docs is slowly catching up on this front. Word, as mentioned earlier, gives you the ability to work in a separate application rather than inside a web browser.

I must admit that the Android and iOS apps for Word far exceed the Docs apps, they are just beautiful, both to look at and use. On a Microsoft Surface, there is the option of using the pen. This is extremely useful for marking up documents or just scribbling all over the screen.

Bottom Line

Ok, here is what I do most of the time. I use both.

When I am starting a document I use Docs and use the great research tools such as Explore. Then I finish up the article in Word and do the formatting, headings, add screenshots (captioning an image is much sleeker in Word), etc.

The great thing about Docs is that I can save a Doc as a .docx and then open it in Word. Now one thing to note is that saving Docs in native Docs format costs you nothing in space on your Google Drive allocation, that’s very nice of Google. If you save as any other type of file such as .docx then that space is deducted off your user free space. Microsoft is not as generous with its space on Onedrive, if you use the space, (you get 5gB free) then it is counted regardless of whether it is a native Microsoft format file or not.

I suggest giving both a shot, if you do not own a copy of Word there is an online version that you can use for free at https://office.live.com/start/Word.aspx just sign in or sign up with a Microsoft account. Almost all the features of the stand-alone Word are available online and it looks just like the app. I guess it will come down to which camp you are more invested in, Google or Microsoft. I use both heavily and pay for extra storage on both platforms so I don’t need to think about filling my 5Gb free storage space on either platform. This said 5Gbs are usually sufficient for most users. I purchased an annual Office 365 Home subscription and this gives me a massive 1Tb of storage for all my files, and I am grandfathered in for 40Gb from years ago when Google was practically giving away space for next to nothing per year. I utilize these spaces as two of many forms of backup, but that’s another story.

Advertisements
Posted in docs, software, word | Tagged , , , | Leave a comment

Why Don’t Anti-Malware Tools Work Better?

It is possible to get malware, even with anti-malware tools installed. How can that be?

I have been an independent computer repair technician for over 26 years now. The question I get the most (and have the hardest time answering) is this: how come my antivirus program did not stop me from getting this virus? When you are installing AVG, the program says that only 3% of today’s security problems are caused by traditional viruses. Is this true? Is it true for the other antivirus programs as well?

In other words, why don’t anti-malware tools work better than we want or even expect them to?

I must fault AVG for the phrase “traditional viruses”. I think that puts an unrealistic spin on your expectations. Malware is malware, and that includes viruses, spyware, ransomware, rootkits, zombies, and who knows what else.

What do they mean by “traditional”? I have no idea. I also have no idea where that 3% figure comes from.

But there is a grain of truth in AVG’s statement. No matter what program you run, there is still a chance your computer will get infected.

A common goal

In the past, we categorised security software by the type of malware being targeted.

Anti-virus programs examined files for data patterns matching those of known viruses. Anti-spyware tools watched your machine for known spyware behaviour. Anti-rootkit programs specifically countered advanced techniques used by rootkits to hide files.

Every “anti-whatever” program sliced the malware universe in a unique way, using specific techniques to look for or protect against specific types of threats.

In recent years, the lines between distinct types of malware has become significantly blurred. Spyware might include malware-like behaviours, viruses might employ some of the techniques of a rootkit, and so on.

Security software vendors adjusted their approach too. Most packages are just that — security packages — ideally addressing all aspects of malware detection, prevention, and recovery, regardless of the style of attack.

These varying classes of malware still need different techniques for detection and prevention, and each anti-malware tool is likely to be stronger in some areas and weaker in others.

Different programs, different techniques

Even within the same category, anti-malware tools from competing vendors often use different techniques to detect malware. This is one of the biggest reasons one tool will not detect the same malware as another.

Malware is crafty. It uses a variety of techniques to avoid detection and get into your system. From making sure that no two copies of itself look alike, to encrypting key parts of its inner workings, the ways malware can hide is only limited by the malware author’s skill.

That’s why anti-malware tools constantly play a game of catch-up. Every time new malware is found, the tools must be updated. Most often, it is a simple matter of updating the database of known malware with latest information.

But this can be more involved than you think. Malware can be so good at hiding itself that a simple database update is not enough; the fundamental technique used simply cannot detect the new malware. In such a case, the tool itself needs to be updated

Different companies, different responses

New malware of all forms is discovered daily. This means anti-malware companies need the resources and dedication to continually update their database and tools. They also need the infrastructure, maturity, and means to rapidly implement, test, and deploy changes to those tools.

That is another source of disparity among security software vendors: some are better at effective, rapid deployment than others.

It may not even be a matter of competence, but prioritization. Specific malware might be considered high priority by one company, needing an immediate update, while another company might see it as less important and thus take longer to respond.

I do not mean to imply that any of this is easy. We have seen major security vendors push out updates that have failed, or even crashed some customer’s machines. It should never happen, but in the rush to get updates tested and out quickly… well, I am surprised these problems do not happen more often. It is exceptionally difficult to get it right 100% of the time, especially when we expect anti-malware tools to not affect the performance or functionality of our machines while they do their important work.

Dancing bunnies?

What is “The Dancing Bunnies Problem”. It is simply this: people explicitly ignore, disable, and bypass all security measures to access something they have been led to believe is desirable. If an email you get says “download the attachment to see dancing bunnies”, some percentage of users will do exactly that and more, if necessary, because they have been promised dancing bunnies, dammit.

Put in more relevant terms, you can have the best anti-malware and security software that could exist, and it will do you absolutely no good if you ignore its warnings or bypass its restrictions.

Your security software “allowed” you to get malware because you told it to, explicitly, against its warnings and advice.

It did not matter what security software you were running, or how good it might be.

What is it all mean?

There is no single best anti-malware tool.

Security tool “A” may catch this newly-released virus today, but tomorrow’s new virus might be caught more effectively by program “B”. Most vendors know this, so they are continually working to improve the coverage of their products.

The techniques used by program “C” may work with little to no impact on my system, yet be a major resource hog on yours. The best vendors test across a wide variety of systems and configurations, but by definition, doing so is in direct conflict with getting important updates out as quickly as possible.

And of course, there is still a race between malware authors releasing new versions, and anti-malware vendors struggling to make sure each new issue gets caught quickly and safely. There is always a hole in the coverage and something will slip through.

The best anti-malware tool

You are the most important anti-malware tool your computer has.

Your ability to recognize and skip malware is far superior to that of most anti-malware tools. You can recognize spam and bogus attachments. You know you should not have visited that website. You know that too-good-to-be-true offer was, indeed, too good to be true. You know that the dancing bunnies were never real.

That knowledge, and what you do with it, is what keeps your machine safest.

Posted in online, ransomware, security, windows | Tagged , , , | Leave a comment

Computing in public, awareness is the key.

It’s a plain and simple fact, working on the go can involve a lot of technology. Every application (or “app”) these days seems to have migrated to a mobile version of the software that used to be confined to the desktop PC arena as recently as five years ago.

Today we are never much more than a short skip away from a keyboard or touchscreen of one form or another, so the question of how we stay secure while working on the move has become a popular talking point.

Staying secure – and of course I mean keeping your ‘data’ secure – is not just about protecting your files and folders from malicious hackers; staying secure is also about securing your computer, tablet and smartphone’s defences against identity theft, phishing scams and the many methods that purveyors of malware will typically use to take up residency on an unsuspecting user’s computer.

Anti-virus and anti-malware protection should be a prerequisite for every user, whether they predominantly use their machine for business or personal use. But technology without common sense is like a car without petrol — and there is plenty you can do to protect yourself just by being aware of the risks of “computing in public” so to speak.

So many people cause themselves unnecessary amounts of stress while working on the go, but there are simple ways to make your life easier and safer. This list of top tips for effective mobile working should be learned by heart! 

  1. Count the items you take out of your bag out and count them back in if you are working while on public transport — don’t forget your power cable or any other important items!
  2. Think about where you are sitting and whether anyone can look over at your screen — this might sound like an obvious thing to point out, but thieves steal credit card PIN numbers by looking over peoples’ shoulders all the time, so what details do you have on your screen?
  3. As the use of personal mobile Wi-Fi hotspots grows, users should not be tempted to connect with an apparently free wireless connection in a public place unless it is advertised by the web café owner etc. If you don’t know where your connection comes from, then you don’t know what you are connecting to.
  4. Shut down your Bluetooth connection (unless you need it) when working in a public place. So-called ‘Bluejacking’ and ‘Bluesnarfing’ attacks are not the biggest information security risk around, but they are a consideration to be aware of.
  5. If you have to use a “public” (or kiosk) computer then make sure that you never access your online banking details, make electronic purchases or enter ANY personally identifiable information (including your address) on the machine. Be equally careful on your own laptop if using public Wi-Fi.
  6. If your smartphone has Internet access, have you enabled filters and other on board protection barriers? Similarly, turning off GPS capabilities can also limit location-trackers attempting to connect with your phone.
  7. Don’t ask a stranger to “look after” your laptop while you use the restroom or go to the bar in a web café. Similarly, keep your laptop bag close to you throughout an evening event if you have to keep all your equipment with you.
  8. Password protection should be enabled on your laptop and smartphone — and 12345678 or password or admin are not sensible passwords.
  9. Make a note of your smartphone provider’s emergency phone number so you can call them to have your phone immobilised in the event of a loss.
  10. Most important of all, make sure that you have a fully updated anti-virus suite installed and fully operational on your PC at all times. Protection should cover not only Internet security for web browsing, but also firewall technology, email defences, and shields to guard against threats carried via Instant Messenger services.
 All of the above advice should take you no more than a few minutes to think about and no more than a couple of clicks to bring into action. I’ve called it my common sense guide because these actions should become as natural as closing the lid on your laptop once you have finished working. Why not share them with a colleague and keep a friend safe too?
Posted in online, openwifi, security | Tagged , , , | Leave a comment

My machine is slow and full of malware; should I get a new computer?

For some reason, many people’s gut reaction to a malware infestation is to consider getting a new computer.

That’s just … wrong.

You should never have to buy a new computer because of malware.

I hear from people all the time who have machines infected with varying degrees of malware. Their goal is simple: their computer is crippled with malware and they just want it to work so that they can get on with their lives.

If that’s you, and you’re at the point where you’re considering getting a new computer because of it, wait.

Before you get out your credit card and lay out money on a new computer, allow me to clear up some common confusion and possibly save you some cash.

Hardware versus software

The fundamental concept that seems to get lost is the difference between computer hardware and software.

Your computer: the box, the power supply, the hard disks, the monitor, the CD-ROM drive … these are all hardware. They’re physical things that you can see, touch and feel.

Windows, your applications, your data, your pictures and anything else stored on your computer are software. They’re simply data – nothing more than a large collection of ones and zeros – stored on magnetic, electronic or optical media.

Malware is software. It’s nothing more than data. Data that’s crafted to cause your computer to misbehave, but data nonetheless. And data can be erased.

How a new computer solves malware infections

When you get a new computer, besides all that brand spanking new hardware, you’re also getting completely new software. That new computer comes with a new install of the operating system. New installations of the applications you use will either be pre-installed on the machine, or you’ll end up re-installing the applications you’ve downloaded or purchased yourself.

The bottom line is that when you get a new computer, you’re also getting completely new/refreshed software.

Unless you reinstall the malware, the malware is gone because you’ve started over from scratch.

The thing is, you don’t need a new machine to do that.

Getting rid of malware without resorting to a new machine.

I’ll put it this way: replacing your computer because of malware is like getting a new toaster because the bread was moldy. Yes, you’ll probably get fresh bread at the same time and all will be well. But you could have just cleaned your toaster.

You can clean your existing computer.

“But that’s what I’ve been doing!” I can hear you saying.

Yes and no.

There are several approaches to malware removal. One approach is to try to run anti-malware tools and follow instructions to remove the malware while leaving your system otherwise (and hopefully) unaffected. That’s a common first step; and second, and third and fourth step until your patience wears out. And it’s probably what you’ve been doing.

The next step is more drastic.

The nuclear option

Here’s the 100%-guaranteed five-step approach to removing all malware from your machine – without buying a new computer.

  1. Backup your existing machine with a complete system image. Yes, you’ll be backing up the malware, but you’ll also be backing up everything else, including not only everything you care about but also everything you didn’t know you wanted or needed.
  2. Reformat the computer. This will erase everything from it, including the malware. It’s gone. This is often part of the next step, but I want to call it out because of what it does.
  3. Reinstall Windows from scratch from the original installation media.1 You can use the same version or any version that your hardware supports. Heck, you can use any operating system you might care to switch to for that matter – again, as long as it’s supported by your hardware.
  4. Reinstall your applications from scratch. These are the programs that you use that don’t come preinstalled with Windows. Examples might be office suites, different browser or email programs, image management tools and more. This is all up to you and how you use your computer.
  5. Restore your data from the backup or wherever else you happened to keep it.

The malware is gone. You have all new software on your computer. It just works.

Prevention is best

Naturally, prevention is the best approach to malware: don’t get it in the first place.

But stuff happens, even to the best of us. That’s another reason that I’m such a strong proponent of regular system image backups. If your machine becomes infected with malware, there are two scenarios where a backup can completely save the day:

Simply restore your machine to an image taken prior to the infestation having happened.

Restore your machine to an image you took on the day that machine arrived. That’s like starting over from scratch without needing to reinstall everything that was on the machine that day.

In either case, the malware is gone.

And you didn’t have to buy a new computer.

OK, maybe you needed an excuse?

There are many reasons to get a new machine. Recovering from a malware infection is not one of them.

If you just want a new machine, and it’s in your budget, then get a new machine. Don’t wait for a disaster to happen to give you some kind of excuse. Switching to a new computer is a much more pleasant experience if you’re not simultaneously trying to avoid transferring over the malware that got you into some bad situation.

You’re also much more likely to make a reasoned choice if you’re not under the gun to get a new machine.

So, sure, get a new machine. Just don’t kid yourself into thinking that you have to do it because of malware.

You don’t.

Posted in malware, sales, speed, windows | Tagged , , , | Leave a comment

Speed up your Windows 10 PC for free

Your computer is slow. Annoyingly slow. You can add RAM, or buy a fast SSD drive, but that costs money. So, the first thing you should do is to try to make Windows itself faster. Thus, I present nine ways to speed up your Windows 10 PC without spending a cent.

Be warned: There is always a trade-off. More speed may mean less battery life, or even giving up a beloved program. You will have to decide what sacrifices you are willing to make to increase Windows’ speed.

1. Give it the reboot

If your PC is behaving horribly slow, try rebooting. Yes, it is an obvious solution, but people tend to forget the obvious.

The sleep or hibernate setting will save power, but only a full reboot clears out the cobwebs in Windows’ brain and gives it a fresh start. Do it every day if the PC is slow.

2. Turn on High Performance

Windows assumes that you want an energy-efficient computer. But you can trade electricity for speed. Use this tip only if you are willing to increase your power bill and decrease your battery performance.

Right-click the Start button and in the resulting menu, select Power Options.

In the resulting Control Panel window, pull down the Show additional plans choice. Select High performance.

3. Undo some appearance options

You can speed up Windows by turning off some of its special effects

Windows works hard to make the screen easy on the eyes.  If your PC is underpowered, you may want to sacrifice aesthetics and gain some speed.

Right-click Start, and select System. In the resulting Control Panel window’s left pane, select Advanced system settings.

This brings up the System Properties dialog box, already on the Advanced Tab. Click the Settings button in the Performance box (the first of three “Settings” buttons on this tab).

This brings up another dialog box. You can uncheck some of the options, or simply select Adjust for best performance.

4. Remove unneeded autoloaders

A whole lot of programs want to load automatically every time you boot. Each one slows down the boot process, and some continue to slow down Windows afterward.

These are not all bad. Your antivirus program should load when you boot and keep running as long as your PC is on. Other programs that need to run in the background to work, such as OneDrive, should also autoload.

But some programs—even good ones that you use often—do not really need to run all the time. You do not want to uninstall those, but you may want to stop them from autoloading.

To see how bad the situation is, right-click the taskbar and select Task Manager. Click the Startup tab. (If you do not see any tabs at the top of the window, click More details in the lower-left corner.)

The Startup tab will show you all the autoloading programs. As you examine the list, think about what programs do not really need to keep running always. To stop one from loading automatically, right-click its entry on the Startup tab and select Disable.

If you do not recognize the name of an autoloader, right-click it and select Search online to help you find more information.

5. Stop hog processes

Your computer may be running a poorly written process that is hogging a lot of resources. To find out, right-click the taskbar and select Task Manager. (Once again, if you do not see any tabs at the top of the window, click More Details.)

On the Processes tab, click the CPU column header to sort by processor usage. The top items will be the ones hogging the CPU. (If the top processes are all using 0%, the processes are sorted in the wrong direction. Click the column header again.)

Do not assume that the top process is necessarily a hog. Some big applications are worth the CPU cycles. One way to manage these programs is to close them when you have finished with them. Another is to switch to a smaller program.

You can close a process from inside Task Manager. Select the process and click the End task button and confirm your decision. But this should be avoided.

When you have finished, click the Memory column header and repeat.

6. Turn off search indexing

When you search for a word across all the files in your Documents library, the results come up at once. That is wonderful, but it comes at a price. When you are not searching, the indexing needed to create those fast searches slows you down.

To turn off all indexing:

1.   Open Windows Explorer, right-click your C: drive, and select Properties.

2.   On the General tab, uncheck Allow files on this drive to have contents indexed in addition to file properties.

3.   In the resulting warning box, select Apply changes to drive C:\, subfolders and files.

There is another choice that will let you turn off some indexing but not all of it:

Type indexing in the Cortana field. Select Indexing Options. Click the Modify button near the lower-left side of the resulting dialog box.

This brings up another dialog box, with two sections. And yes, it is confusing. Start in the bottom section of the dialog box, Summary of selected locations. Click any of these options, and it changes the contents of the top section, Change selected locations.


7. Turn off Windows tips

Windows 10 occasionally gives you tips about how you can better use the operating system. The problem is that to see what tips you need, it keeps an eye on how you are using your PC.

Yes, that sounds worrying from a privacy issue, but it also slows down your PC.

To turn it off, click Start > Settings. Select System, then select Notifications & actions in the left pane.

At the bottom of the Notifications section, turn off Get tips, tricks, and suggestions as you use Windows.

You might also want to explore the other notification options, and turn some of them off, as well. I do not think any of the others slow down the PC, but they can get annoying.

8. Clean your internal drive

If your internal storage is almost full—whether it is a hard drive or an SSD—that could be slowing you down. But if your drive has plenty of free room, skip this section.

Start with Windows’ own Disk Cleanup tool. In the Cortana field, type disk and select Disk Cleanup.

Wait while Disk Cleanup examines your drive. Click the Cleanup system files button (this time you will need an administrator password). Then wait again for another examination.

Examine the options. If you find one called Previous Windows installation(s), you are in luck. By checking it and clicking OK, you will free up a lot of space. You can check other items to get rid of them, as well.

Something else you might want to consider: Uninstall programs you no longer use.

9. Check for Malware

I doubt an infection is intentionally slowing down your PC. There are no illegal profits from that. Plus, it is a sure-fire way to trigger a victim’s suspicions.

But some malicious code could be slowing down your PC, even if that was not the criminal’s intention.

If after performing these tips, your PC still feels sluggish, it might be time to upgrade your hardware.

Posted in speed, windows | Tagged , , | Leave a comment

New guidelines for creating strong passwords.

The US National Institute of Standards and Technology (NIST) has issued new guidelines for password security that turn accepted wisdom about creating long strings of letters, numbers, and symbols on its head.

NIST, a non-regulatory federal agency within the US Department of Commerce, issued the original advice in 2003 that became the global standard for password security. But it now says the advice led people to create predictably ‘complex’ passwords in a bid to remember them, which made them more vulnerable to hackers.

Instead, now the NIST recommends:

  • Don’t arbitrarily mix letters, numbers, and symbols to make a password. Instead, create passwords that are more memorable.
  • Single dictionary words, the user’s street address or numeric sequences such as 1234567 should not be used.
  • Organisations should screen the strength of their passwords against those used in cyber criminal dictionary attacks; a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password.
  • Stop frequently changing passwords, for example, each month, as it leads to poor passwords being created.

If your password or PIN is captured, guessed or stolen, an attacker can potentially:

  • send emails from your accounts
  • withdraw money from your bank accounts
  • change files on your computer,
  • pretend to be you.

Passwords and PINs should be a secret known only to you. Strong passwords are difficult to guess and should be at least 16 characters long.

Make passwords easy to remember

  • Think of a pass-phrase that is made up of a string of words, for example, ‘horsestapleshop’.
  • Using strong passwords lowers overall risk of a security breach, but strong passwords do not replace the need for other effective security controls.
  • Weak passwords are easy for a criminal to guess as they use automated software that can guess thousands of passwords per minute.
  • It is always better to create and use a strong password, write it down and keep it safe than to use a weak password.

Practice password or PIN hygiene to keep them safe.

  • Don’t use the same password for multiple services or websites.
  • Don’t share your passwords with anyone.
  • Don’t provide your password in response to a phone call or email, regardless of how legitimate it might seem.
  • Don’t provide your password to a website you have accessed by following a link in an email – it may be a phishing trap.
  • Be cautious about using password-protected services on a public computer, or over a public wi-fi hotspot.
  • If you think your password may have been compromised, change it immediately and check for any unauthorised activity. If the same compromised password has been used on another site, create a new password there as well.

Treat PINs in the same way you would a password

  • Don’t use obvious patterns like 1234, 4321 or 7777.
  • Don’t use postcodes, birthdays or other significant dates and numbers.
  • PINs should be a random mix of numbers, characters, and letters where possible.

Use a password manager

You can install a password manager on your computer, smartphone or tablet. It will generate and remember secure passwords for you and some password managers will sync between your devices. The downside is that if the password manager is breached, all your information is accessible. So create one memorable password using these guidelines for your password manager.

Posted in passwords, security | Tagged , , | Leave a comment

It pays to be sceptical.

If we could all be just a little more sceptical, we’d be safer, and the internet could be a more trustworthy place.

A message pops up on your computer, warning you that malware has been detected.
What do you do?
The answer is not as clear as you might think.
In fact, no matter what you choose to do, it could be the wrong thing, depending on the circumstances.

Your trust is a commodity

It is no secret that scammers actively prey on the trusting.
But it’s not just scamming artists who abuse our good nature and desire to trust. People prefer to trust the people they meet every day.
Hackers, malware authors, over-aggressive salespeople – anyone who wants something – know that. They are often skilled at using your trust against your best interests.
Consider that warning message that popped up… Warning: malware detected, click to remove…

Malware Detected

A pop-up message telling you there is malware on your machine is no big surprise to most people. With the constant barrage of news reports about hacks and malware and the ongoing emphasis on anti-malware tools, it is no surprise that belief might be your first response when such a message appears.
“Malware? Well, it happens to so many people, it’s no surprise that it happened to me!”
Except … it might not have.
Not yet, anyway.
That message might be completely fake. It could be counting on you to trust that it is legitimate, and then click on it to take further action. And that “further action” could install malware, or worse.
Or, it could be legitimate.
What do you do?

Unable to deliver package, details attached…

You have probably received email – important-looking email – that indicates there’s a package on its way to you, and the details are in an attached file.
Your online email provider has detected a problem with your account, and you need to check something by clicking on the conveniently offered link.
I have even received an email from PayPal saying that access to my account had been “limited” because of suspicious activity. I needed to log in to provide more information – once again, using the provided link.
In each case, the sender wants you to trust them and take whatever action they have recommended in their message, be it examining the contents of an attached file, clicking a provided link to their web site, redeeming a contest prize, or even replying to the email with sensitive information.
Abusing your trust in this manner is now one of the most effective ways to distribute malware.
And yet, each one of those scenarios could, in some cases, also be legitimate.
What do you do?

I am from Microsoft, and we have detected….

You are working on your computer one afternoon and you get a phone call from someone who says they work for Microsoft, and they have detected that your computer is causing many errors on the internet. They offer to walk you through some steps to show this to you, and indeed, there do seem to be lots of unexplained errors right there on your computer.
Then they offer to fix it for you if you will just go to a site and type in a few numbers that they recite to you.
Those errors are scary looking, and you certainly don’t understand them.
What do you do?

A new variation to the scam caller that is being used is a pop-up that fills your entire screen, usually a red background because red means danger and they want you to feel intimidated, with a message stating that malware has been detected on your computer and that you should call Microsoft or Windows immediately on the offered 1800 number.

What you do: get sceptical

Sceptic: a person who has or shows doubt about something – Merriam Webster

If there were one skill I could magically impress upon all my friends and clients… hell, on the entire technology-using, internet-loving universe – it would be the skill of healthy scepticism.
I do not mean that you believe nothing and trust no one. I simply mean that you question before you believe, and ask yourself questions before you trust what is being offered/said to you.
Truly, being sceptical is really the only solution to the scenarios I have outlined above.

  • In each case, it is critical that you not blindly trust the information presented to you.
  • In each case, you must question whether the person or company at the other end of the message actually has your best interests in mind.
  • Is the story they are telling accurate? Verifiably correct? Do you know – beyond a doubt – that they are who they say they are?

If the answer to any of those questions is “no,” or even “I’m not sure”, then stop. Stop and take whatever added steps make sense to confirm that what you’re being told is legitimate. It might mean some internet research, calling them back, or asking a trusted friend or resource for their opinion.
But if you are not sure, question everything.
Be more sceptical: it’s one skill that can help prevent disasters before they happen, and keep you and your technology safe.

Nullius in Verba – “Take nobody’s word for it.”

It is more than just technology

Naturally, my plea for being sceptical and that you “question everything” is about far more than just the technology you have sitting in front of you.
As I have written about before, an amazing amount of information we are shown each day is completely bogus – or at least nuanced and presented in such a way as to cause you to believe that things are other than what they truly are.
Add to that our natural tendency to believe that which supports what we already believe (known as the “echo chamber “), and it’s exceptionally easy to be misled and misinformed.
The solution stays the same:

Be sceptical.
Question everything…
…even things you already believe are true.

Posted in email, malware, security, Uncategorized | Tagged , , , | Leave a comment