False security alerts and 800 phone number scams active now

Recently I have seen two computers taken over by false security alerts and 800 phone number scams.  Fortunately these two incidents were not destructive but they did require removing the scam settings to resume normal Internet web browsing.   Unfortunately some victims are falling for the scam, believing that their computer is infected with a bad virus and calling the 800 number on the screen to purchase the fix.

Example of a scam from the Internet.

Example of a scam from the Internet.

How these scams work

Suddenly the victim sees a big bold message on the screen saying that your computer is infected with viruses and that you must call the 800 phone number to fix it.

The big bold message is persistent – you can’t close the window or the pop-ups.  Rebooting the computer does not get rid of the message.

It blocks your Internet web browsing.

It tries to be convincing by stating a lot of technical jargon and using famous company names.

This is called “scareware” because it tries to scare you into buying bogus support or software.  It is criminal extortion.

Technically these scams work by setting your web browser’s home page their screen of false security warnings then make it difficult to close the windows or navigate away.

These threats are not destructive but remember there are plenty of destructive threats out there such as cryptoware and identity theft.

Scareware

I have seen two versions of the scareware 800 phone number scam.  The first is a persistent web home page.  The second is a registry entry that will autorun to display a web page after installing Chromium.  Both are not viruses or destructive.  Both can be removed.

Scareware #1

Appearance:  A persistent web page saying that the computer is infected and to call the 800 phone number.  You can’t close the web page and restarting the browser returns the web page.  Rebooting does not help.

Screen:  Various threats, explanations, including “Root Trojan harddisk_hijack.exe”

What the scammers want you to do:  The 800 number routes to India where a “tech” will remote into your PC using logmein and convince the user that they have viruses in their PC and network.  They will offer to fix it for a 1 year subscription $199, or a lifetime subscription for $500, payable by credit card.

How it works:  The scam sets your browser home page to their scare web page or a local copy and makes navigating away difficult.

Repair:  What you need to do is reset your home page.  A little technical, here is the outline for Windows.  Start process manager <ctrl><shift><esc>, application tab, find your browser, End Task, restart browser, when it asks restore say no.  Done!

Scareware #2

Appearance:  Upon booting the computer a Chromium browser web page takes up the screen saying that the computer is infected and to call the 800 number.  You can’t close the web page and restarting the browser returns the web page.  Rebooting does not help.  The scare page may run popup windows that will not close.  Note that this is the Chromium browser not the Google Chrome web browser.  Malware bytes will find malware and remove it but the scam returns next boot.

Screen:  Various threats, explanations, including “Hyper-V”

The Hyper-V scam popup window.

The Hyper-V scam popup window.

How it works:  The scam has installed Chromium browser and added an autorun entry to the registry to autorun chromium with their web page (local file) as the home page.

Repair:  What you need to do is remove the registry autorun entry and delete the Chromium directory.  A little technical, here is the outline for Windows.  Run MalwareBytes and make note of the chromium autorun entry and directory.  Manually delete the chromium autorun entry (run regedit, back up your registry, find and delete the entry) and delete the directory that contains the bogus Chromium installation.

Nerds and Geeks can help

If you are not sure about the repair steps, consult with your local nerd or geek.

Notes

These steps will remove this fake scareware scam but there is always the threat that other malware may have been installed along with it or your computer has vulnerabilities.  Update all software.   Run anti-virus scans and software or reinstall Windows.

Your antivirus is a good first line of defense.

I recommend MalwareBytes as an on demand anti-malware scanner or as a realtime scanner with a subscription.

Time to re-educate yourself on safe Internet –

  • Email: Do not open attachments or click links in email that you are not certain are OK
  • Software: Do not accept software, downloads, or links that are offered
  • Be smart: Do not give out personal information
  • Backup: Make copies of your important data
  • No: If you are not sure, don’t do it

Cryptovirus

Cryptovirus, Encrypting virus.  This is an especially bad virus; it will encrypt your data and ask for money to unencrypt it.  This is extortion.  If you have backups you can recover.  If you don’t have backups and the bad guys wrote a good virus likely your only way to get the data back is to pay the ransom.  There are some loopholes – there may be file backups with shadow copies not deleted, possibly the crypto virus will have been cracked and keys available or you may have some backups in the cloud (Google Drive, Microsoft OneDrive, Dropbox) or on another device.

References

Today show host gets caught by the scam, Jeff Rossen explains:  http://www.today.com/video/how-to-avoid-the-computer-trap-even-todays-natalie-morales-fell-for-633336387645

YouTube video of Jason Smart removing this scam:  https://www.youtube.com/watch?v=tc2DFQdE1v8

YouTube video of Dylan interacting with the scammers:  https://www.youtube.com/watch?v=EoeCl8SKJdc

Posted in Uncategorized | Tagged , , , , | Leave a comment

Using Windows Part 1

Windows 7, 8 and 10 logos

Windows 7, 8 and 10 logos

There are a lot of user guides out there.  Here is one more.  This guide is based on my experience using Windows and teaching others to use Windows.  It  has information for both beginners and experienced users.

 

Part 1 covers the following skills

  • Mouse
  • Navigating Windows
  • Copy and paste

Mouse

The mouse cursor shows where the mouse location is on the screen.  The cursor will change depending on its location and function.  Some examples

  • Pointer
  • Insert text location
  • Click link
  • Resize window

4-windows-cursors-labeled

The mouse has a left button, right button and center scroll wheel.

The left button can be clicked, double clicked or clicked and held down.

One left click can be used to select an object or menu option or open a web page (follow a link).

A rapid double click on an icon will start the application.  If you are too slow with your double click or move the mouse during the double click you won’t get the expected result.

Holding the left mouse button down while moving the mouse is called dragging.   Dragging is useful for highlighting text, resizing windows and moving objects.  The drag operation  consists of first pointing to the object, pressing down and holding down the left mouse button, moving the mouse to the  end or destination then releasing the left mouse button.

Highlighting text and dragging are important useful skills and further discussed below.

The right mouse button is used to right click on an object to bring up a convenient menu of things that can be done to the object such as copy, delete or view the properties.

The center scroll wheel is convenient for scrolling up and down long web pages and documents.

Notes

Highlighting text is also called selecting text.  The highlighted text will be shown with a different background indicating that it is selected and looks like it was highlighted with a text highlighter pen.

Yes it can be confusing – click or double click.  Icons are little pictures that represent an application and are double clicked.  Links are text,  typically a different color and underlined, that are single clicked to take you to a web page or open an application.

Navigating Windows

The computer screen

The main features of the Windows computer screen are the desktop and a taskbar running across the bottom of the screen.   Clicking the Start Button will bring up the applications menu.

windows_desktop

The desktop is where windows will open when you run applications (programs) such as the calculator.   Each open window will have a corresponding button on the taskbar.

windows_desktop_applications

Using application windows on the desktop

Note that “Windows” capitalized refers to Microsoft Windows Operating System whereas “windows” is a viewing area on the computer display screen.

Windows is a multitasking operating system so open as many windows as you need.  You will learn to move between windows and resize them.

Only one window at a time will have focus.  Focus means where mouse clicks and commands will go.  The window with focus will be on top of all the windows, “in the foreground.”

Parts of a window

Each window has edges, corners and a title bar that runs across the top of the window.

Moving and resizing windows

To move the window, point to the title bar then left click down and hold the button down while moving the mouse to move the window.  This is dragging.

To resize the window, point to an edge or corner, the cursor will change to a double head arrow, then  left click down and hold the button down while moving the  mouse to resize the window.

The 3 buttons in the upper right of the window will minimize, maximize or close the window.  The minimized window will shrink to a button on the taskbar and the application will still be running.  The maximize button toggles the window between its current size and previous size.

window_labeled

Moving between windows

  • Click the corresponding button on the taskbar
  • Click on any portion of the window that is visible
  • Hold the Alt key down, press tab until you see the window that you want to have focus, release keys
  • Windows 10 – click the Task View icon on the taskbar (it looks like a box with ears)

Moving within the viewport

The viewing area of a window is called the viewport and shows the visible area of the web page or document that fits in the viewport.

viewport_scroll_bar

The scroll bars allow you to move up/down and left/right on a page when it does not all fit in the viewport.   Scroll bars have several ways to move the viewport  – click the arrows at the ends to move incrementally, click in a space on the scroll bar to move a page in that direction, left click and hold down the button on the scroll bar (called a “thumbtrack”) and drag to any location on the page.  The thumbtrack size indicates how big the page is and the current location on the page (ie a small thumbtrack towards the bottom indicates the page is lengthy and the current position is towards the end).

parts_of_a_scrollbar_from_microsoft

A mouse with a scroll wheel makes it easier to scroll up and down by rolling the wheel forward and backward.  Clicking the scroll wheel puts the mouse into an autoscroll mode, the speed and direction controlled by the position of the mouse.

Keyboard keys Page Up, Page Down will move the page up and down by one page respectively.  The Home key will take you to the top of the page, the End key will take you to the bottom of the page although some windows require Control-Home and Control-End.

Notes

The mouse pointer must be in the viewport for the scroll or page up/down functions to work.

The taskbar button icons for open windows can be configured to combine when taskbar is full, always combine or never combine according to user preference.

Laptop trackpads typically can be set up to scroll by finger movement on the right and bottom edges of the trackpad or by using 2 fingers to scroll up and down.

Close a window by pressing Alt-F4 (when it has focus).

Close a window by right clicking on its taskbar button and clicking Close window.

When the window title bar is not visible, move the window with the following keystroke sequence – Alt-Space bar, M, use arrow keys to move window.

Two features of the taskbar – on the left end is the start button to bring up the menus of applications installed on the computer and on the right end is the time.

Copy and paste

Copy and paste is a valuable technique for copying text from one place to another.  Why retype text when you can copy and paste it?  Here are some examples

  • Copy a web address and paste it into your web browser address bar
  • Copy information (like text) from one window to another
  • Copy a picture and paste it into a document

The copy and paste operation is 3 steps – highlighting, copy and paste.

Highlighting (selecting)

Before you can copy text, you must first highlight what you want to copy.

How to highlight what you want to copy with the mouse – point the mouse cursor where you want to start highlighting, hold down the left mouse button, move the mouse to where you want to end highlighting, release the left mouse button to complete the highlighting.  The highlighted text will be shown with a different background indicating that it is selected and looks like it was highlighted with a text highlighter pen.

selected_text

Copy and paste with the keyboard

After highlighting your selection, copy it by holding down the Control key and tapping the C key.  This keystroke procedure is abbreviated in documentation as Control-C or <Ctrl><C>.

To paste your selection, click the mouse cursor where you want the text to be pasted then hold down the Control key and tap the V key.  The text will paste there.  Control-V.

And that is the basic copy and paste operation.  Highlighting, Control-C and Control-V.  Practice in a test document.

zxcv-labels

Two additional useful operations are cut and paste, and undo

Just as you can copy and paste you can cut and paste.  Cut means the original text will be removed by the cut operation.  The keystrokes to cut are Control-X.

Undo is useful to restore the previous copy-paste or cut-paste operation back to the way the text was before the operation.

More ways to highlight (also known as select) text

  • Double clicking on a word will highlight the word.
  • Triple clicking on a sentence will select the sentence (or sometimes paragraph).
  • Control-A will select all.
  • Highlighting text with the keyboard -place the cursor where to start highlighting, hold Shift key down, use arrow keys to  highlight (select) text.

To remove highlighting simply click anywhere.

More ways to copy and paste

Windows gives us two more ways to access the copy, cut, paste and undo functions – via the Menu Bar and by right clicking the mouse on the selection to pop up a menu of options.

notepad_edit_menu

notepad_right-click_edit_menu

When the Menu Bar is enabled, the Edit drop-down menu lists the operations to click on and conveniently shows the keyboard shortcuts.

Newer versions of Microsoft Office and WordPad have a ribbon instead of a menu bar.

wordpad-selected_text

The right click menu available in word processing and browser fields will show the operations available.  The paste operation is not available where text cannot be pasted.

  • The Undo operation will also restore deleted text.

Notes

The  text that is cut or copied is stored in a memory location called the clipboard or edit buffer.

The clipboard holds one item.  The clipboard can be pasted from multiple times.  The next copy command replaces the old item with the new item in the clipboard.  When the computer is turned off, the clipboard is cleared.

The copy, cut, paste and undo operations work with pictures and files also.

The file manager (also called the computer folder) has a few more selection functions including click and drag to select a group of files, Control-click to select/unselect files, and select a range by clicking the first item of the range then Shift click the last item of the range.

A similar operation will move text – highlighting, click on the text, drag and drop.

These commands also work in Linux and Mac OS X.  For Mac OS X substitute the Command key (it looks like a freeway interchange) for the Control key.

Similar commands work in Android and Apple iOS.  Press and hold the text that you want to select, a menu will appear with options – SELECT ALL, CUT, COPY.  Tap an option.  Press and hold where  you’d like to paste to and a menu will appear with options – PASTE and tap that to paste there.

action keyboard menu bar right click
copy Control-C Edit, Copy Copy
paste Control-V Edit, Paste Paste
cut Control-X Edit, Cut Cut
undo Control-Z
Posted in Uncategorized | Tagged , , , , , | 1 Comment

Whole Disk Encryption (WDE) is good security for your data

disk_with_chainWhole Disk Encryption (WDE) is the technology to encrypt the entire drive of a computer to prevent unauthorized access to the data on the drive.

WDE is required for laptops used by many organizations such as government, health care, finance and business.

WDE is good for anyone who wishes to securely protect their data.

All Operating Systems and all drives can be encrypted with built in software or add on software.

This document is about encrypting the computer’s system drive so that a password is required to boot and access any data on the drive.  This document covers Windows (BitLocker and alternatives), Mac and Linux WDE.

Note that WDE adds an additional level of security by encrypting the entire system disk in addition to your computer’s logon account (username and password).  You will have 2 account passwords (also known as keys) to manage.  Depending on  how WDE is installed, you may or may not be prompted for the WDE key.

Windows

Microsoft calls their WDE solution BitLocker and it is available in some versions of Windows.  The Home versions do not have WDE available.  BitLocker and is available with the following versions  of Windows.

  • Windows Vista Ultimate and Enterprise (not Business)
  • Windows 7 Ultimate and Enterprise (not Professional)
  • Windows 8.1 Pro and Enterprise
  • Windows 10 Pro and Enterprise

If you have a Home version of Windows or a version not listed above you are out of luck with BitLocker unless you want to upgrade to an available version that does have BitLocker.   Windows 7 and 8.1 Anytime Upgrades apparently are no longer available from Microsoft.  Windows 10 Home to Pro is available for 99USD (Click Start > Settings > Update & security > Activation > Go to store to see options).  Windows Pro full version or OEM can be found for 199USD or less.  Don’t buy cheap licenses from questionable sources.

Fortunately there are some non-Microsoft WDE solutions available discussed later.

BitLocker is designed for business class and enterprise computers with a Trusted Platform Module (TPM) and loaded with a Pro or Enterprise version of Windows that contains BitLocker.  Business class computers are built more durable, have a TPM and are more expensive than home computers and laptops.

The TPM is a hardware module that performs cryptography functions and interacts with the computer hardware and software to strengthen encryption.

If you are encrypting your business laptop, let your IT department help you.

Bitlocker with a TPM  is straightforward to install and invisible to the user.

There are workarounds for Windows computers without a TPM.

For the home or small business user you can enable BitLocker with or without a TPM.  BitLocker without a TPM requires a USB drive with the key file stored on it or typing in the lengthy key when the PC boots.

Here are my experiences with Bitlocker without a TPM and with a USB

The PC must recognize the USB drive in BIOS during the boot to work with BitLocker.  A wonky USB drive (ie partition issues) can prevent BitLocker from installing or working.  After a successful encryption with BitLocker, the booting PC will present you with a black screen saying “Remove disks or other media.  Press any key to restart”  I found this message confusing.  Don’t remove your USB drive with the key file, just press Enter.

The USB drive can be removed after booting to free the USB port.  The USB drive with the key file must be plugged into a PC USB port, not a USB hub port.  There are reports that direct motherboard USB ports and not USB 3.0 ports are better so if you have issues, try a different USB port.

How to enable BitLocker with a USB drive

First you need to change two settings with the Local Group Policy Editor.  Click Start, type in gpedit.msc in the search box.  In the Local Group Policy Editor snap-in, navigate the tree Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives  then double click Require additional authentication at startup.  This will open a window, click Enabled, check the box Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive) then click Apply then OK and exit Group Policy Editor.

Local Group Policy Editor - BitLocker require additional authentication at startup  - screen

Local Group Policy Editor – BitLocker require additional authentication at startup – screen

Next we will use the Manage BitLocker utility to encrypt the drive.  Click Start, type in BitLocker and click on Manage BitLocker.  Here you’ll see your C: drive.  Click the link Turn on BitLocker.  Follow prompts.  See BitLocker resources below.

BitLocker Drive Encryption - manage Bitlocker

BitLocker Drive Encryption – manage Bitlocker

The Run BitLocker system check always puts me in a loop so I uncheck that box when I see it.

The Run BitLocker system check always puts me in a loop so I uncheck that box when I see it.

BitLocker Windows 7 Ultimate in the process of encrypting the system drive.

BitLocker Windows 7 Ultimate in the process of encrypting the system drive.

BitLocker resources

SecureDoc by winmagic.com is a WDE solution for all versions of Windows, does not require a TPM and is FIPS 140-2 certified. The standalone/unmanaged version is about 110USD.

There are free WDE solutions for Windows that do not require a TPM and are secure.

VeraCrypt is a fork of TrueCrypt.

TrueCrypt is still used even though support has been discontinued.  A recent independent audit of the code found it sound.

Mac

WDE is available on Mac computers with OS X Lion or later.  It is called FileVault.

https://support.apple.com/en-us/HT204837

Linux

WDE is available in modern Linux distributions and can be easily enabled during the installation of Linux on the computer.  It is called Linux Unified Key Setup (LUKS) and dm-crypt.

TrueCrypt is still used even though support has been discontinued.  A recent independent audit of the code found it sound.

DiskCryptor – full disk encryption only.  I have no experience with this product.

Don’t lose or forget your keys and passwords!

Forgetting or losing your passwords or keys can result in total loss of your data!  In an enterprise situation, your IT department can help recover passwords.  But in a standalone, unmanaged, you own your personal computer situation losing passwords can be a disaster.  Encrypted data cannot be recovered.  That is why it is encrypted.

Always backup your data before encrypting.

Always make copies of your WDE key.  The BitLocker key is a 48 character long number.  It is stored in a file on the USB drive for easy unlocking during booting.  If you don’t have the USB you can manually type in the key to unlock during booting.

Make copies of the USB drive with the key file, make copies of the file, print the file and/or store it at your Microsoft account, whatever works for you.

A BitLocker key file.

A BitLocker key file. The identification ID identifies the computer this recovery key is for (useful if you have multiple computers protected by BitLocker).

Safeguards for keys.

Windows

Microsoft Enterprise networks and commercial WDE software for Windows Enterprises can be configured to store WDE passwords so the data can be accessed if the user forgets the password.

See the information in the section above “Don’t lose or forget your keys and passwords!”

When you are logged on to a Windows PC with BitLocker enabled, the key information can be displayed by the command (run as administrator) “manage-bde –protectors c: -get”

bitlocker_cmd_reveal_password

Demonstrating the command to reveal the ID and Password for WDE. This will unlock WDE but you still need your computer account credentials to log on.

Mac

Mac FileVault can be recovered with a password or recovery key.  Recovery can be configured with an iCloud account to assist with disk unlocking. https://support.apple.com/en-us/HT204837

Linux

VeraCrypt and TrueCrypt both require that you burn a rescue disk CD during system drive WDE which will help recover damaged boot loaders but you still must know your account password.

How secure is WDE?

Windows BitLocker is closed source software so we don’t know exactly how it works and if it has a back door.  There is a driver available that allows Linux to read a BitLocker drive and that makes me wonder about the security of BitLocker – if these people could reverse engineer or figure out the API for BitLocker, what else is known?  http://www.hsc.fr/ressources/outils/dislocker/

SecureDoc is closed source.

TrueCrypt is open source and has passed audit. http://www.pcworld.com/article/2905995/truecrypt-audit-shows-no-sign-of-nsa-backdoors-just-some-minor-glitches.html

VeraCrypt is open source.

Who knows what the NSA can do.

Notes

WDE programs can also encrypt other drives and USB drives.

FIPS 140-2 is a Federal Information Processing Standard that is used to approve and certify cryptographic modules including WDE.  Organizations may require that hardware and software is FIPS 140-2 certified.

 

Posted in Uncategorized | Tagged , , , , , , | Leave a comment

USA Executive Branch responds to alleged Russian Hacking December 2016

President Obama

December 29, 2016 President Barack Obama responded to alleged Russian hacking with sanctions, expulsion of 35 suspected Russian intelligence operatives, an executive order and a 13 page document describing the Russian hacking.

The 13 page paper titled “GRIZZLY STEPPE – Russian Malicious Cyber Activity” gives us an overview of the hacking of USA “government organizations, think tanks, universities, and corporations around the world” by “Russian Military and Civilian Intelligence Services (RIS).”   The report includes an overview of the tactics used, 2 diagrams, a code fragment, and a list of reported RIS handles and file names.  Half of the paper is textbook copy and paste recommended mitigations.  The paper points out that “APT29 successfully compromised a U.S. political party.”  APT29 is a suspect RIS and the political party would be the Democratic National Committee although it is not specifically identified as such.

President-elect Trump

December 28, 2016 President-elect Donald Trump spoke in Florida about President Obama’s plan to take action against Russia for alleged hacking.

“I think we ought to get on with our lives,” he said. “I think that computers have complicated lives very greatly. The whole age of computer has made it where nobody knows exactly what is going on. We have speed, we have a lot of other things, but I’m not sure we have the kind, the security we need.”

Notes

I use the term alleged hacking because I have not seen and reviewed the facts about this reported hacking.

I do believe that all nations spy on other nations to the extent that they can.

References

http://www.nytimes.com/2016/12/29/us/politics/russia-election-hacking-sanctions.html

http://www.nytimes.com/2016/12/29/us/politics/donald-trump-russia-hack.html

http://nyti.ms/2iJ4ZTC

US CERT references

GRIZZLY STEPPE – Russian Malicious Cyber Activity – at US CERT – https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity

GRIZZLY STEPPE Indicators CSV – https://www.us-cert.gov/sites/default/files/publications/JAR-16-20296A.csv

Publication – https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf

Edit.  1/8/17 add US Cert references

Posted in Uncategorized | Tagged , , , , | Leave a comment

Email insecurity

email sign

Email was invented 50 years ago at a time when security and privacy were not major concerns.  Times have changed.  Now every government, business, hacker and vandal wants to mess with your email.  Now email has plenty of security and privacy issues.

Here are my quick suggestions for safer email and then some detailed explanations.

 

Quick suggestions for safer email

  • DO NOT open attachments or click on links in emails that are suspicious.  Be careful.
  • Use good passwords.
  • Use two email accounts – one for important stuff and a second for less important stuff.
  • Protect your important email account with 2 factor authentication.
  • Don’t put anything in an email that you wouldn’t want the world to know.
  • If you must send sensitive documents, encrypt them.
  • Don’t respond to spam or trolls.

 

Getting hacked by email

Email is the most common way to get hacked.

The results of a phishing email hack can be as ugly as identity theft, monetary loss, data loss and reputation damage.

The phishing email message may look legitimate but contains a malicious attachment or link.  This is how the bad guys grab control of your computer.  They send you an official looking email that scares or intrigues you.  The email has an attachment that you open and run.  This installs a virus.  Or the email has a link.  You click the link, open a website and a virus gets installed.  Or the link takes you to a real looking website that asks you for login credentials or personal information.

The virus can do bad things – silently monitor your keystrokes for passwords which it sends back to the hacker, encrypt your files and demand a ransom, make your computer a botnet member, change your DNS so that you browse to counterfeit websites, monitor your computer use and so forth.

Email errors and privacy

You may think that you are in control of your email, but there are plenty of ways to lose it.  Sending it to the wrong address, CC, BCC, reply all can send email off to unexpected recipients.  Realize that email can be forwarded with a click.  Walk away from your device and someone can use your account, even change the password.  Hackers.  Drunk email.

Best not to put anything you wouldn’t want the world to see in an email.

Email is forever

Nothing is forever but web mail services and business email are being backed up.  Web mail services may be backed up indefinitely.  Businesses have the right to delete after a legal retention time.  You may think that you deleted an email but it exists on a backup somewhere.   Oddly the US government considers email older than 6 months fair game to read without a warrant.  Hackers, employees, system administrators and subpoenas can get access to email.

Governments and businesses are collecting and archiving all the information that they can get their hands on including email.

What you write goes into your permanent file.

Plain text

When email is sent between systems it is usually in plain text.  This means that anyone along the way can a read, modify or make a copy of the email.  Some mail transfers are encrypted but don’t count on it.  Mail encryption software has been around a long time but never gained widespread acceptance due to its complicated nature.

When email is in plain text is gone.  Messages can be modified so authenticity is gone.  Realize that all mail messages are vacuumed up by government and business everywhere for analysis and storage and plain text is just all that easier to analyze for government and business reasons.

Other email annoyances

Spam.  Spam.  Spam.  Spam.

Scams.  Scams have been around since day one, now email is a new high tech way to commit fraud.  Examples are emails that try to trick you into thinking that you owe the IRS and need to make a payment immediately or be arrested.  Offers of romance and pharmaceuticals.  The Nigerian Prince needs your help transferring millions of dollars and will pay for your help.

Spoofed email.  Email From fields can be made to say anything and appear to be from someone important.  The email header can show the true source of an email.

Reply and Reply All gotchas.  Email clients default to Reply only to the sender.  If the message was sent to a group and people only Reply to the sender, the conversation gets fragmented real fast.

Email lacks cues for emotion so it is easy to write ambiguous email and misread the intention of email.  Is he angry?  Is she being funny?  For this reason be careful to write clearly and even add those dumb emoticons :) to clarify.  DON’T SHOUT UNLESS YOU MEAN IT!

Email overload can cause one to miss important messages.

You can do everything right but the email provider fails

An email provider can get hacked and your account can be stolen.  Yahoo! email is an example of a service that got hacked.  A flaw in an email system can expose you to exploits.

An email provider can go out of business and lock you out of your email or make mistakes and lose your email.

Customer service may be difficult or impossible for web based services.

Recovering forgotten passwords can be difficult.  Recovering passwords for the deceased can be difficult.

Business email

Every business uses email.  They want their system private and secure so that their business secrets, transactions and client information are safe.  Most businesses take their email seriously and take steps to protect and secure their systems.

One step a business will take is to require that employees read and sign an agreement called an Acceptable Use Policy (AUP) that spells out what email may be used for, limiting personal use, requirements for sending sensitive information, password requirements, antivirus requirements, cautions about phishing and attachments and more.  You may have seen warnings and policies displayed when logging on to a business system.  You may have seen those disclaimers at the bottom of business emails stating that business correspondence is confidential and if you received it by mistake you must delete it.

Business email is highly vulnerable to phishing and malicious attachments.  This is a good way for hackers to gain a foothold on one computer then penetrate the whole system.

Compromised email systems can be a big embarrassment when emails are released – think Wikileaks, the hacks of Sony and the DNC.

The company owns the computer system and everything on it including email so they have the right to monitor and read everyone’s email.  This can be done in an automated fashion, looking for keywords.  Realize that the company sees everything in email.

Use discretion with personal use of company email.  Employees can be disciplined or fired for email errors, misuse or use contrary to company HR policies.  If you aren’t getting promotions, maybe it is because you called the boss a clown in email.

At work, use your smartphone for personal email.  If you wish to use a web mail service at work at least check site’s certificate in your browser for evidence of a proxy.

 

Where is your email stored?  Two ways to email

There are two popular ways to send, receive and store email.  One way is using an email client on your computer and the other is using a web based email service.

An email client such as Outlook stores your email in a big file on your computer.  It will receive emails from a server (POP3) or synchronize emails with a server (IMAP and MAPI).  One advantage is that you have all your email on your computer and don’t need an Internet connection to access it, like on the road.  But there are many disadvantages to storing your email this way.  The worst is you can lose all your email if you move it from the server to your client (POP3 with delete) and then lose your client by having your computer stolen, lost or the hard drive fails.  People rarely backup to avoid this loss. Another disadvantage is that your email is only accessible on the one device.  Outlook is good in a business environment with exchange server and nerds to maintain it all but for the home and small business user I recommend a web based email service.

Web based email services include AOL Mail, Gmail, Outlook/Hotmail and Yahoo! Mail.  The advantages of web based mail is that you can access it from any Internet device via browser or app and the service backs up your email.  These services offer free accounts with plenty of storage and include other services like calendars and online office suites.  The disadvantage of web email services is that they use and sell your information to advertisers, business and anyone else.

There are other ways to use email.  One is to use a paid service that promises not to read or sell your email info.  Choose a service in a neutral country to avoid government interference.  You can use your own mail server.  You can encrypt everything.

Email at untrusted locations

Using email at untrusted locations such as public libraries or a friend’s computer carries the risk of keystroke loggers.

Using email with untrusted WiFi is best done with a VPN.

Look for the https:// in the address bar to know that you are using an encrypted connection to the website.

 

Posted in Uncategorized | Tagged , , , , , | Leave a comment