Give Us A Call

Use MFA to frustrate hackers

Multi-factor authentication (MFA) aka two factor authentication (2FA)

Did you know that over 99% of account hacks could have been prevented by using multi-factor authentication (MFA)? Using MFA makes it significantly harder for criminals to access your online accounts. It is a security measure that requires anyone logging into an account to navigate a two-step process to prove their identity. Unfortunately, many people are not familiar with MFA.

Here’s how it works. When you log into your account, the first step is entering your username or email address, along with your password or passphrase. With MFA activated, the second step is to provide an extra way of proving that you are you, like entering a PIN code or a code that has been texted or emailed to your mobile device or authenticator app. Since hackers almost never have access to your mobile device or authentication method, it can prevent them from gaining access to your account.

Many platforms, such as Meta Facebook, Google, Twitter, and LinkedIn offer MFA to help users protect access to their accounts. It prevents a cybercriminal from signing in to your account with just your password. It is a minor inconvenience when logging into your account, as it requires an extra step, but multi-factor authentication greatly increases the security of your account.

One word of advice. Pay attention to email or text messages asking if you are trying to sign into your account when you are not. Hackers like to target their victims and catch them off guard, often at night. If you receive a series of prompts on your phone asking if it was you signing into a device that is not recognized, and it was not you, do not click on “yes” to stop the prompts. Hackers are hoping to wear you down. Clicking “yes” might stop the prompts but it also gives the hackers the “keys to the kingdom” so to speak, allowing them to lock you out of your own account. You should also change your password for the account ASAP. Also, if you reused that password, make sure to change it for every other account that uses it (this is why every password should be unique).

Contact Esser Consulting, LLC for help with setting up and using multi-factor authentication.

Scammer has my password, now what?

Imagine receiving an email from your own email address, telling you that you have been hacked, and to prove it, the sender includes your password in the email? They also say that they have been watching you through your webcam, and tracking your online web-surfing. Having thoroughly scared you, the scammer then threatens to release evidence of you visiting adult websites unless you pay a ransom, usually in Bitcoin. This happened to a customer of mine recently.

Variations of this scam have been around for several years. Chances are that you were not hacked. Rather, your email address and password information are included in one or more of the thousands of data breaches that have occurred, and your information is being sold on the dark web.  Billions of accounts have been compromised in data breaches, so the odds are pretty good that your data is included. To make it more convincing, the scammer then spoofed your email address.

So, what should you do? First, do not pay or contact the scammer. Next, run several virus and malware scans on all of your devices to check for known viruses and malware. Then, and possibly most importantly, change all of your passwords so that you have unique passwords on all of your accounts. But how do you remember all of those different passwords? I recommend using a password manager program.

A password manager can help you create and store more complicated passwords. There are numerous password manager programs available. Most have you remember one password, then keep the others locked away in a password “vault”. Some keep the password “vault” file on your device locally, others are cloud based which allows them to be used on multiple devices. 

I also recommend that you visit have i been pwned to see if your email addresses have been involved in any breaches.  You can sign up to be notified of any future breaches involving your email address.

#BeCyberSmart   #CybersecurityAwarenessMonth  #PasswordManager  #UseUniquePasswords   #EmailScam   #haveibeenpwned

Email and Other Tech Support Scams

Beware of fake invoices and other tech support scams

Tech support scams have been growing in popularity over the past few months.  Beware of unsolicited phone calls, emails, or pop-up messages. Please note that major tech companies like Microsoft, Apple, Amazon, Google, etc… will not call you. These scams involve more than attempting to steal a couple hundred dollars from you.

Scammers attempt to catch their potential victims off guard. They will trick or “social engineer” them into allowing them to remotely access their computer, log into their bank account, fake that they “accidentally” gave their prey an over refund amount, and guilt them into buying gift cards and reading the numbers to them (or they’ll be fired). Some will encrypt or steal their victim’s files, passwords, etc…, or leave behind remote access trojans (rats). Others will add a Windows password and lock them out of their PCs, and if they are really mean, delete their files, emails, and contacts in their address book.

Is it a legitimate or fake email?

Most of these scams are coming via email. Many will look like a legitimate invoice, with the impersonated company’s actual logo and graphics. Companies commonly impersonated include Norton, McAfee, Adobe, PayPal and Best Buy’s Geek Squad. To spot a scam look for spelling and grammatical errors. Also look closely at the sender’s email address. Many are from a “gmail.com” account. Just because it says the product name, such as “Norton@LifeLockServices”, in the sender’s section of the email does not mean that it is coming from that company. It is a scam. If you think you have been wrongfully charged, contact your bank or credit card company directly, or sign into your account, but do not use the link that they provided.

Always use a credit card online

A simple reminder, if you make any payments online, always use a credit card. It has more recourse than a debit card, meaning the credit card company can refund your money and charge back the scammers. Too many charge backs and complaints will hopefully cause the credit companies to either cancel or raise the fees they charge the fraudsters, thereby reducing the scammer’s profits.

Do not click on attachments or links

Do not open any attachments or click on any links or pop-up messages as they may be malicious software (malware) such as a virus, or it is just more made-up data to support their bogus claims. Also, do not call the phone number. They will lie about who they are.  Finally, do not respond or click on the “Unsubscribe” link as that alerts the scammer that you viewed the email. It also could be malicious link.

I am a victim. What do I do?

If you are a victim of a tech support scam, contact Esser Consulting, LLC as soon as possible for remediation and recovery help and advice. Your computer might be infected. You might become a victim of identity theft. Review your online accounts and change your passwords, and contact your financial institutions.

Are you at risk of being hacked?

Today is #WorldPasswordDay. Do you use the same password over and over again? Hopefully not, but if you do, and a hacker gets access to one of the accounts they can get access to all of them. Hackers are buying compromised user data online on hacker websites, and either trying those login credentials at other sites, or they are attempting to blackmail users via a scam email. Therefore, it is strongly recommended that everyone use unique passwords on every website, but remembering all of those passwords is virtually impossible. A very good solution is to use a password manager program.

There are numerous password manager programs available. Most have you remember one password, then keep the others locked away in a password “vault”. Some keep the password “vault” file on your device locally, others are cloud based which allows them to be used on multiple devices. I looked for one that was easy to use, worked on multiple operating systems (Windows, Android, Apple iOS), had positive reviews, and had a good free version as well as a premium version. I have been using LastPass for a over a year now, and have installed it for many customers. I have received positive feedback from those who have been using it.

If you are interested in having me install and demo LastPass Password Manager program, please contact me at (920) 735-1806 to setup an appointment.

Are you protected against these cyber threats?

As the online landscape changes, and new cyber threats emerge, cyber security has to adjust and change. Using just the security software that comes pre-installed with your Windows computer is not enough. I have been looking for solutions to the following items that I have seen customers become victimized by in the past few years.

Patching outdated software

A key component of staying safe online is keeping your computer up-to-date. Hackers and virus writers love targeting outdated software. Outdated software often contains security vulnerabilities, bugs, and performance issues that are often resolved in the latest version. These are some of the reasons why it’s essential to keep the apps updated (or “patched”). Finding an easy way for my customers to update their outdated software, like Java and Adobe Flash which hackers were actively exploiting, lead me to become a contributor for Patch My PC.

Identity Theft

Reusing the same password on different sites was not an issue until hackers started selling compromised data which identity thieves have used to compromise other websites. It is now imperative to use different, unique passwords on every website that you visit. To help with this daunting task I can install and demo a password manager program which stores your passwords and other data in a “vault” and which you need to remember only one password to access the saved password info. It can also give you a “security score” which helps identify reused and weak passwords.

Tech Support Scams

Tech support scammers have victimized unsuspecting users through rogue ads and malicious websites. Installing an ad-blocker and an add-on that blocks malicious websites, clickbait links, unwanted cryptocurrency miners can help reduce the risk of a tech support scam or a browser hijacker taking over their computer.

Ransomware

Ransomware continues to be a major concern. Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment. Anti-ransomware software should be installed, as well as taking extra precautions and having offsite backups. I have partnered with Malwarebytes and Dr. Backup to provide my customers with affordable solutions to address these issues.

Please contact Esser Consulting, LLC at (920) 735-1806 for help with addressing these cyber threats.

What to do if your hard drive crashes

Your computer’s hard drive is a piece of equipment, and like any other piece of equipment (ie: your car’s water pump, your washer, dryer, or dishwasher) it will eventually break. It is not a matter of if your computer hard drive will crash, but when. I strongly recommend backing up your files on a regular basis, but what if you aren’t doing that, or if your backups for some reason fail?

Gillware brochure

Sometimes your files can be recovered by a local computer repair company like Esser Consulting, LLC.  But what happens if your hard drive is unresponsive, is making a clicking noise, or is damaged and files cannot be recovered locally? If your files are important enough, then it is time to contact a company that specializes in data recovery.

Esser Consulting, LLC is a Gillware Data Recovery Trusted Partner. If your hard drive crashes and you need your data files – pictures, Word documents, Excel Spreadsheets, e-mails, music files or other data – recovered, call Gillware at 877-624-7206 and use referral code  8247. You will receive free inbound shipping, free evaluation, and $25 off when you use this referral code.

I have been referring data recovery customers to Gillware for several years now, and they have been very successful recovering people’s data files. They also recover files from smart phones and tablets, DVRs, USB flash drives, camera SD and micro SD cards, as well as many other storage devices.

The Problem with Re-Using Passwords & a Solution – Password Manager Program

Facebook revealed last week that its platform mistakenly kept a copy of passwords for “hundreds of millions” users in plaintext. If you are one of the affected users, your Facebook and Instagram password was readable to some of the Facebook engineers who have internal access to the servers and the database. As of now, Facebook says that no one outside of their company had access to these passwords, and that there was no abuse internally by Facebook staff members.

This leads to another issue that people need to be aware of – the problem of reusing the same password on multiple sites. For example, is your Facebook password also your email password? If one of the sites is compromised, all of your sites are compromised. Hackers are buying compromised user data online on hacker websites, and either trying those login credentials at other sites, or they are attempting to blackmail users via a scam email. Therefore, it is strongly recommended that everyone use unique passwords on every website, but remembering all of those passwords is virtually impossible. A very good solution is to use a password manager program.

There are numerous password manager programs available. Most have you remember one password, then keep the others locked away in a password “vault”. Some keep the password “vault” file on your device locally, others are cloud based which allows them to be used on multiple devices. I looked for one that was easy to use, worked on multiple operating systems (Windows, Android, Apple iOS), had positive reviews, and had a good free version as well as a premium version. I have been using LastPass for a few weeks now, and have installed it for several people. I have received positive feedback from those who have been using it.

If you are interested in having me install and demo LastPass Password Manager program, please contact me at (920) 735-1806 to setup an appointment.

FBI recommends routers be power cycled to disrupt malware infection

The FBI recommends that small office and home office routers be power cycled – rebooted or unplugged for a few seconds, then plugged back in – to disrupt possible malware infection. The firmware (software that controls hardware) for these devices should also be updated to the latest version. Contact Esser Consulting LLC for help. More info: https://www.ic3.gov/media/2018/180525.asp

True Christmas story (from a few years ago)

The following is a true story from a few years ago.

A dad found a laptop on sale and bought it as a last minute Christmas present for his family. It was opened on Christmas day, and his son, little Johnny, immediately wanted to play with it. Unfortunately, within an hour or two of playing games on it, Johnny called to his parents and asked them to fix it. A ton of pop-ups and other items had gotten onto the computer. Even after restarting the computer, the pop-ups kept coming back.

I received a frantic phone call that night from their dad. He explained what had happened, and asked if I could fix it and “work my magic” on it. I did a factory reset, then added Computer Maintenance and Security items to it, including anti-virus and anti-malware programs, as well as ad blockers and updates to Microsoft and other programs. I also optimized the start menu so that it was running better than new. Upon returning the laptop to him, the father thanked me, and explained that they were planning on having me look at during the week after Christmas, but he never realized what could happen. Lesson learned. Be careful using a computer right out of the box. Make sure that you have it professionally setup.

Contact Esser Consulting, LLC, a better Business Bureau Accredited Business, at (920) 735-1806.

Online Security Tips for Shopping on Cyber Monday (or any other day)

Shopping online on Cyber Monday (or any other day)? Here Are Some Online Security Tips:

  • Use a credit card, not a debit card. Better recourse. Better protection vs. fraud.
  • Consider using a separate credit card, with a smaller credit limit, for shopping online.
  • Don’t use public Wi-Fi. Too easy for data to be stolen, or to connect to an unsecured or spoofed hotspots. Mobile users should use their data plans instead of public Wi-Fi.
  • Only shop on secure sites. Look for https (s=security) and padlock.
  • Be careful when clicking on links. Make sure you are on the correct website and that you spelled the website name correctly. Signs of some spoofed websites include bad spelling and poor grammar. It is very easy for hackers to spoof legitimate websites.
  • Make sure that your web browser, operating system and other software such as Adobe Flash Player are updated to the latest versions. Outdated software is more vulnerable to being compromised. Latest browser updates warn about insecure sites. For Windows computers I recommend using Patch My PC.
  • Use good passwords. Make sure they are different on each site. Longer passwords are more secure. Use capital and small letters, numbers and characters. Using unique passwords is especially important as hackers are testing passwords compromised on a breached account on other accounts.
  • Review your statements. Beware of small charges on your card. Hackers use them to “test” your account. Report any discrepancies to your card company.
  • Beware of pop-up and other digital ads that are not from the store’s official social media page. If you have to answer questions (survey scam) or share on Facebook for a deal that is too good to be true, it’s probably not legit.
  • If using a mobile device, only download and install apps from the O/S official store (Google Play, Apple iTunes, Microsoft App). Also, install a security app, and keep your apps and O/S up-to-date.

Call Today!

920-735-1806
Recent Posts
Use MFA to Protect Your Accounts

Use MFA to frustrate hackers

Using MFA makes it significantly harder for criminals to access your online accounts. It is a security measure that requires ...
Read More
Scammer has my password, now what?

Scammer has my password, now what?

Imagine receiving an email from your own email address, telling you that you have been hacked, and to prove it, ...
Read More
Esser Consulting, LLC celebrates 20th anniversary by paying back customers

Esser Consulting, LLC celebrates 20th anniversary by paying back customers

On September 11, 2022 Esser Consulting, LLC, a computer consulting company based in Appleton, WI, will be celebrating 20 years ...
Read More

Virus, Adware, Spyware, and other Malware (Malicious Software) Removal and Prevention.
Internet security & privacy including computer maintenance.
Want your computer to run better? Get it in shape - ESSERcise it
Is your computer possessed?
Get the demons out -
perform an ESSERcism!

Get in Touch

Esser Consulting, LLC
Curt Esser

2410 S. Kerry Lane
Appleton, WI 54915-1665

(920) 735-1806
cesser@esserconsulting.com

© 2023 Copyright Esser Consulting, LLC. | Privacy Policy | Terms of Site Use

Website developed by Packerland Websites