Category Archives: Apple Security & Privacy

Those Annoying “Infected” Pop-Ups are Fake 100% of the Time

Say you’re casually surfing the web and suddenly there’s a pop-up window in the middle of your screen stating “Your computer is infected! Download this NOW! or call us NOW!”.  Even if you’re savvy enough to know it’s fake, you may still get an instant headache at the thought of detecting and removing this annoying message.  If it’s the first time this has happened or if you’ve been through a virus nightmare before, your reaction may be more dramatic.

Rest assured, those annoying pop-ups are fake – 100% of the time.

The pop-up is really there, but the service they are basically demanding you download and pay for is malicious and will not solve any problems.  In fact, in most cases, it will make the problem a million times worse.  Now, Macs are not immune to malware but the operating system is less vulnerable.  Sometimes, that makes Mac users more susceptible because they are not accustomed to seeing these fake warnings.  MOST malware (viruses, adware, spyware, ransomware, etc) targeted at Macs require you to take some action to allow it first.  Even if you don’t download it, or call, many times the pop-ups will continue and you will need to take some action to remove it from your system.

So where does this malware come from and how can you tell what it is?  Simply put, malware is any program whose purpose is to cause harm to your system.  There are subsets of malware, with varying degrees of harm.

  • A virus is a contagious code that infects other software and spreads itself through a system and to other computers.
  • Adware, while not malicious itself, can affect overall performance and be super annoying.  It’s basically uninvited commercials.
  • Spyware is malicious, in that it does what the name suggests: it spies on you.  It tracks activity and is usually difficult to detect, it also can cause unwanted pop-ups.
  • A worm is an attack that replicates itself and destroys user files and system files, disabling a computer or a network.
  • Trojans disguise themselves as harmless programs, but once opened unleash viruses and attack systems.
  • Ransomware is less common but has been in the news more lately, it gains access to a system and encrypts data files, demanding the user pay to have them decrypted.  This type is particularly dangerous and authorities should be notified immediately.
  • Scareware is that pop-up with an ominous warning. “Call now” or “Download Immediately”, IF you do call or download, there will always be future problems.

Most browsers (Safari, etc) and Mac OS will warn you if you’re opening a program from the internet (as opposed to the App Store).  If you visit sites where there is a lot of peer-to-peer networking or file sharing going on, you may consider an anti-malware that runs real time scans on your system.  If you don’t download from the internet, click unknown links in email and verify requests for personal information before giving it out, you may still want to install a “clean up” tool instead. You would run a program like this if you suspect malware.

Be sure you do your homework and read reviews from non-biased sources prior to paying for any anti-malware software.  For example, go to PC Magazine or MacWorld and then search from their site. Our techs install a free program called Malwarebytes when they clear malware from a computer to help you stay “clean” in the future.

If you have or suspect you have malware, TechRestore is here to help.  Our techs are pros at getting your computer in tip top shape, in case you’ve fallen into one of the traps listed above.

Setup Emergency Contact (ICE) on Your iPhone

Most people know about ICE (in case of emergency) contacts in their phone.  But what if your phone is locked?  While you may never need it, having your emergency contact information available for anyone to find could come in handy.  If you have a medical condition or severe allergies, it could save your life! In the latest Apple Watch OS, you can call emergency services and text your emergency contacts just by pressing and holding the side button .

Setting up Medical ID on your iOS device is simple.  You can add as much information as you like (just remember, it’ll be visible to anyone who knows how to access it without unlocking the screen).

First, open the “Health” app (it should be on your iPhone iOS 8 and newer and you can’t delete it).   If you can’t find the icon on screen, swipe down and search for it.

Now in the bottom right corner, select “Medical ID” and then “Create Medical ID”.  Be sure to allow “Show When Locked”.

              

Now you will have the option to add all sorts of useful information, which emergency personnel may need to know, especially blood type, allergies, existing conditions, etc.

 

                                     

Scroll down to “Emergency Conctacts” and choose “add emergency contact”.  You can add as many people as you like from your contacts here, and designate their relationship to you.

Now, when your phone is locked, press the home button, and instead of entering your passcode, choose “Emergency” and on the bottom left corner, you will see “Medical ID” in red. When you choose it, it will show all your emergency contacts and allow you to call by pressing their name.  If you use the SOS feature on Apple Watch, it will text them your location after you contact emergency personnel.

                    

Here is a helpful guide to setting up the SOS feature on your Watch.   How to set up SOS on Apple Watch

And, if you’re still not convinced, here’s a story of the Medical ID/SOS in action!  College student credits Apple Watch with saving his life.

We hope you never have to use it, but being informed can make a difference.  Be sure your loved ones have this useful feature enabled, too!

Be careful out there.  From your friends at TechRestore.

Be on Guard Against Mac Malware OSX/Dok

Macs are less vulnerable, by nature, to viruses and malware, but they are not impervious.  There is a real threat right now, that we feel compelled to share with you, so you can be on guard and spread the news to other Mac users.   It takes over the system, but it starts with a phishing email, hoping you will let it in.

Now, most of us know by now about phishing and how to check for fake emails.  Many companies have a dedicated link on their website to report suspicious emails, in fact.  Bad guys are bad, though, and they spend their time making it harder and harder to tell the true from the false (seriously, can we give them some better project to spend their time on?).

Please read and share this blog and the links below, which have some very helpful tips about how to educate yourself and hopefully avoid falling victim to these malicious attacks.

From the good folks at 9to5 Mac:

Nasty Mac malware bypasses Gatekeeper, undetectable by most antivirus apps

PSA: Now is a good time to educate your less-techy friends about ‘Apple’ phishing emails

A great article to not only remove, but to protect against in the first place, from MacWorld:

The best free methods for removing Mac malware, viruses and ransomware

And another, which goes into a bit more detail about this new threat, from Cult of Mac:

Gatekeeper won’t stop this ‘major scale’ Mac malware

And finally, a good overview of Mac general security tips from noodlemac:

My Favorite Mac Security Tips

Of course, if you don’t have time or don’t feel comfortable removing malicious programs yourself, we’re here to help!

PS – If you’ve been a subscriber for any length of time, you know we don’t usually post two blogs in one day.  We really feel like this is important and didn’t want to wait to pass it along.  Please share as you see fit and we’ll be back on our regular schedule next week!

To Cloud or Not to Cloud?

Do you use the cloud to backup your personal photos, documents, contacts, music and video? Is your data safe?  How does it work?  Is it worth it?

If you’ve ever lost a hard drive, or a phone you know – the pain is real.  Even worse, if you do have a physical backup you count on to restore your data, only to find out it’s been corrupted and you didn’t even know it.  Your precious data is gone and unless you have a small fortune to invest in getting it back, all you have are your memories.

So what is the cloud, exactly? Cloud storage refers to services that question-mark-cloudoperate large physical facilities full of servers.  The data you send to them is encrypted and only accessible by you (they cannot get it) using a password that you set.  You can sync automatically from nearly any electronic device (phone, desktop, etc). Most providers have multiple locations around the world and backup data in more than one physical place.  You can access your stored data from anywhere, by logging in to your cloud account.

You may feel like putting your data backup in someone else’s hands is just a way to have someone to blame if it gets lost.  That really couldn’t be further from the truth.  So what keeps some of us from getting on board with cloud storage?  With a cloud service, you can set up automatic backups of your data.  On your phone, you can even set it to back up every time you take a picture.  So what’s the hold up?

Here are a few common objections:

“I don’t have time.”  A lot of people feel this way.  The bad news is, if you have a TON of data, it will take a long time for that initial back up.  The good news, though, is that subsequent back ups will be very quick, mostly seamless.  You may also take into account how much time would be saved in the event of total data loss.

“I don’t know how to do it.”  Cloud computing has been around for a very long time now.  Before it became mainstream to offer it to the general public, large corporations and even governments were using cloud storage for their data (usually as a back up to a physical copy). Now that Amazon, Apple,Google, Dropbox, Box and many others are offering – even aggressively marketing – their storage services for free and for subscription, the interfaces are incredibly easy to use and setting up your backup schedule is easier than setting your DVR.

“It’s too expensive for the amount of space I need.”  Realistically, most of us need more than what the top companies are offering for free. Most services start off with 5GB for free and go up to 1TB, 2TB or even unlimited for a monthly or yearly subscription.  Depending on what you’re backing up (movies, for example, need a lot more space) you may be able to get by on 5GB.  Prices for subscription range from .99 per month (Apple for 50GB) up to $60 per year (Amazon unlimited).

“It’s not safe.”  Actually, it is safer than locally stored data.  The service where your data is stored cloud-storage-lockdoesn’t have access to your data, they only provide the space (be sure to read the privacy policy no matter what).  The real vulnerability to your data is the security you provide.  Use a rock solid password and change it regularly.  Use physical back up in addition to the cloud and use several cloud services (OneDrive for your documents, iCloud for contacts and photos, for example). The most valuable benefit is that your data is safe from malware and ransomware in the cloud. As the use of cloud storage rises in popularity, you can expect that optimization and security will also improve.

At the end of the day, each person has to decide how important their data is and what’s the best way to protect and preserve it.  The best advice you can take is your own!  Make a list of what’s important to you, what your concerns are and shop for a cloud service that fits the bill.

 

What You Need to Know About Virus Pop-ups

fake-virus-popupscam    /skam/

noun        1. a dishonest scheme; a fraud      synonyms: fraud, swindle, fraudulent scheme, racket, trick

verb: scam    1. swindle: “a guy that scams the elderly  of their savings”  synonyms: cheat, deceive, trick, dupe

OH NO! The dreaded “virus warning”!  

Holiday season is prime time for threatening adware like this to pop up on your otherwise normal laptop or desktop screen.  Here are our Top Tips, as well as a link to an excellent article on Apple’s website, to keep your computer feeling (and being) safe.

  1. A pop-up window with a phone number will always be a scam (they call it an ad, but let’s be real).   No legitimate source is going to ask you to call.  These scammers will first tell you about a dangerous threat to your passwords, banking and credit card information, social security number, etc., hoping that fear will motivate you to fork over your payment information and computer passwords.  If there is a URL at the top of the pop-up it will likely be for “virus-scanner.info” or something similar, even if it has official looking graphics (Bank, Apple, Microsoft, Homeland Security, etc). what is generic viagra called
  2. A phone call telling you your computer has been hacked or has a virus is always a scam.  Again, they will try to scare you by telling you that your computer is infected and your information is at risk.  Ask them how they got your phone number, or when you signed up for this service and expect a quick hang up or, worse, more threats.
  3. An agent who asks for your password or payment information is a scammer. A trusted source will NEVER ask you for your password (check the support section on their website and they’ll usually specifically mention that!).  Any support agent from a trusted source will not likely ask you for payment either.  If they do, ask for an email with more information before you pay. erfahrungen mit cialis 20mg
  4. A caller (or someone you called from a pop-up) or a chat window pop-up asks for access to your computer. Again, only a trusted source (and there are few, if any) will need legitimate access to your computer. Err on the side of caution.  If you feel uncomfortable, find a local repair source that can handle complex operations for you.

There are also settings available in the Privacy setting on a Mac that will prevent downloads from anywhere but the App Store or a trusted source (like Adobe, etc).  On a PC, you can enable Windows Defender (included in the Windows operating platform) and download Malwarebytes to help protect your system from real and fake viruses and adware (both programs are free).

Here is a great article from the forums on Apple’s website that has more detailed information about scams and some solutions specific to OS and iOS.

If you do or have been a victim of these types of fraud, don’t feel bad! You’re not alone and the people who are putting these out there can be very sophisticated.  We want to encourage you to be aware and diligent about protecting your computer.

At TechRestore, we do offer virus scans and cleanup for Mac’s and PC’s alike.  If you are in need of a service like this, please contact us.  We’re here to help!

 

Adware Removal

os x finder security logoIf you’ve used the internet long enough, chances are you’ve encountered ad-injection software or adware. Adware presents itself in many annoying forms such as pop-up windows, ads, changing your homepage, and extra banners or toolbars when using your browser.

Adware is usually picked up when installing third-party software, it is disguised or bundled with other software that you intend to install. If you think your Mac has been infected with adware then use these steps to rid yourself of this issue.

Check Safari settings and extensions

  1. Open Safari
  2. From the menu bar select Safari > Preferences
  3. Select the General icon and make sure that the Homepage field contains the website you want.
  4. Select the Search icon and make sure that the search engine setting shows your preferred search engine. Some versions of Safari have this setting in the General pane instead.
  5. Click the Extensions icon. If you don’t want an extension or don’t recognize it, select the extension from the list and click Uninstall.

 Removing Adware

Downlite, VSearch, Conduit, Trovi, MyBrand, and Search Protect are all common adware that are found on Macs. You can use this “Go to Folder” method to find and remove each item listed in the sections below, one item at a time:

  1. Drag to select an entire line in the lists below, starting with /System/Library/Frameworks/v.framework, for example.
  2. Choose Edit > Copy.
  3. Open a Finder window, then choose View > As Columns.
  4. Choose Go > Go to Folder.
  5. Choose Edit > Paste to paste the line you copied into the text field.
  6. Press Return.
  • If the item is on your Mac, a window opens with the item you searched for already selected. Drag only that item to the Trash. If you’re asked to enter a password, enter your administrator password.
  • If the item is not on your Mac, you’ll see a message that the folder can’t be found. Continue to the next item in the list.

Repeat the steps above using the files listed below:

/System/Library/Frameworks/v.framework
/System/Library/Frameworks/VSearch.framework
/Library/PrivilegedHelperTools/Jack
/Library/InputManagers/CTLoader/
/Library/Application Support/Conduit/
~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
~/Library/Internet Plug-Ins/TroviNPAPIPlugin.plugin
/Applications/SearchProtect.app

After you remove the items above, restart your Mac. Then choose Finder > Empty Trash to permanently remove them.

If you found the above steps to be difficult, then you should try this adware removal tool called AdwareMedic that will do the leg work for you. AdwareMedic was created by Thomas Reed, a computer enthusiast and Mac fanatic. Thomas has a blog, thesafemac.com, dedicated to  malware and adware prevention and removal. His website is a valuable resource and worth checking out, as well as his comprehensive adware removal guide.

 

Apple ID

heroAn Apple ID is your user name for everything you do with Apple: Shop the iTunes Store, enable iCloud on all your devices, buy from the Apple Online Store, make a reservation at an Apple Retail Store, access the Apple Support website, and more.

It’s important to set up an Apple ID if you want take full advantage of all your Apple devices useful features. Security features like Find My iPhone which allows you to track your stolen or lost device, and cool features like  Handoff which allows you to seamlessly  pick up where you left off from on one device to another aren’t accessible without an Apple ID.

Any questions you might have in regard to Apple ID such as how to create one, how to change your ID, or set up and ID on all your devices can be answered here by reading this FAQ.

Java- Beware of Adware

As Mac users, one of the benefits we enjoy is the ability to surf the web free from worrying about infection from malware or viruses. Many users don’t bother using antivirus software at all.

This doesn’t mean we shouldn’t be wary of adware (software that automatically displays or downloads advertising material) or bloatware ourselves when we install other programs. With their latest release of Java 8, Oracle has begun packaging an Ask.com toolbar into their installer for Mac.

Screenshot 2015-03-10 09.10.26When installing the latest update of Java, the option to install the Ask.com Toolbar is selected by default. It is deceptively easy for the casual user to click “next” and finish the installation without noticing the opt-out section of the installer. If the extra software is installed, it redirects your homepage to Ask.com and instals a search bar to your browser, which some may find intrusive.

Though annoying as it is, the software is pretty easy to remove. Safari users can simply navigate to their list of browser extensions (Safari -> Preferences -> Extensions) to remove it. While Chrome users can uninstall the software directly from the Ask Toolbar’s Help menu.

While it is rather annoying to see Oracle adopt the practice of including adware with its products, it is not at all uncommon among many developers. As a rule of thumb, users should always keep an eye out for opt-out check boxes when installing third party software.

 

Apple Campus 2 Aerial Video

Expected to finish construction in 2016, the new Apple campus seems to finally be taking shape. You can see the main “spaceship” building coming together in this awesome aerial video.

As a reminder to our customers, we here at TechRestore will be closing shop at noon on December 31 for New Years and will resume normal business hours Friday, January 2.

Happy holidays!

Critical Security Update Fixes Vulnerability In OS X

On Monday, December 22, Apple released a critical security update designed to a address a vulnerability in the  Network Time Protocol daemon (ntpd) of OS X. All Yosemite, Mavericks, and Mountain Lion users are urgedsecurity and privacy settings apple by Apple to install the update as soon as possible.

The update fixes an issue that was addressed by the US Government Friday and originally discovered by the Google Research Team. From a Department of Homeland Security website:

Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple vulnerabilities with CERT/CC concerning the Network Time Protocol (NTP). As NTP is widely used within operational Industrial Control Systems deployments, NCCIC/ICS-CERT is providing this information for US Critical Infrastructure asset owners and operators for awareness and to identify mitigations for affected devices. ICS-CERT may release updates as additional information becomes available.
These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available.
Products using NTP service prior to NTP-4.2.8 are affected. No specific vendor is specified because this is an open source protocol.

This vulnerability could allow an attacker to execute arbitrary code with the privileges of the ntpd process. This vulnerability is not exclusive to OS X machines. The Network Time Protocol  is one of the oldest internet protocols and is widely used by networked devices around the world today. You can download this update from the App Store from your Mac.

The Other Side

In a digital world where we are bombarded with information and advertisements at every turn, it’s not often that an ad genuinely grabs your attention. That’s why Honda’s new ad, entitled “The Other Side”, for their Civic Type R concept is interesting.

honda type r the other side

The ad shows a  family man in his Civic, chauffeuring his kids around by day but becoming a getaway driver by night, speeding away from the police in his Type R. The video is shot in two parts that play out simultaneously, depicting the alternating lifestyles of the man in his Civic. As the viewer, you can hold the R Key to switch back and forth between the videos. This trick makes for a really cool effect. Take a ride for yourself and watch it here.

How Apple Pay really works

Great article from Kirk Lennon on how Apple Pay works.

applepay

Here’s the best part:

One of the objections I’ve seen to Apple Pay is “How is it faster/easier than just sliding my card?” The truth is, it isn’t always. It’s rarely going to take longer than sliding a card, but it’s not always going to radically faster either. However, it is much, much more secure. Merchants simply can’t be trusted with your card number, and the only real solution is to never give it to them. [emphasis added] Apple Pay solves that, and it does so in a way that embraces industry standards and is easy and maybe even a little bit fun.

Boom! Well said.