SMH Tech Blog

Category: Phishing

Kaspersky Internet Security 2018 Release Offer 50% off


Kaspersky Internet Security 2018

Well its that time of the year you have to check your calendar as the 2018 versions of many popular products hit the streets.  As a Kaspersky Affiliate I’m delighted to announce that you can get 50%, yes that’s 50% off Kaspersky Internet Security 2018.  Kaspersky software sits atop the PC Pro Magazine ‘A List’ for Internet security software and you can get this £34.99 product for JUST £17.49; Just click on that Box to the Top Right>>>

You can also get Kaspersky Total Security for the same 50% off, so only £19.99!!

This Award-winning security suite helps you safeguard your family and their privacy, money & precious memories. Whenever you’re online shopping, banking, surfing & socialising you need to make sure you’re safe from Internet attacks, infections & cybercrime.  It will also protect you from Ransomware like the recent WannaCry attack on the NHS and is available for PC, Mac, Android, iPhone & iPad

Kaspersky Small Office Security 40% Off

Small Business owners need not worry either as the highly flexible, multi seat ‘Small Office Security’ is also 40% off to protect you while you work

Kaspersky Small Office Security

Get Kaspersky Small Office Security 40% Off Now

Kaspersky Small Office Security is designed for businesses running 5-50 computers, some servers and mobile devices. It works out-of-the-box and is managed from one easy-to-use cloud-based console – no IT skills are needed to use this powerful security tool and monitor security from any connected device you choose.

It protect you from online attacks, ransomware and data loss so you can get on with business:  A 5 user 1 year license is ONLY £111 (RRP £185) and provides cover for:

  • 5 Desktops
  • 1 Fileserver
  • 5 Mobiles
  • 5 Password managers

Supported platforms:

  • Windows desktops and laptops
  • Mac desktops and laptops
  • Windows-based file servers
  • Android smartphones and tablets
Tagged with: , , , , ,

SMH Tech IS Secure!

When Secure is not Safe!

I received one of my regular ‘news’ emails today with a link to the Wordfence Blog; nothing unusual there! The title “‘Secure’ in Chrome Browser Does Not Mean ‘Safe’” caught my eye however, as although I don’t regularly use Chrome, according to GlobalStats over 50% of web users do. A quick click and read highlighted some worrying issue, in that some Certification Authorities have issued SSL certificates (Allowing use of the ‘secure’ HTTPS protocol) to known malicious websites! When the certificates are revoked, the websites are still being shown in the chrome URL Bar as ‘secure’.

Chrome 'secure' URL status

© 2017 Feedjit Inc

SSL Certificate relationships

© 2017 Feedjit Inc
Click to enlarge

More worryingly is a lot of these SSL certificates are interlinked to multiple domains!  The chart here shows known Phishing domains with the red links being those domains marked as malicious by Google.  Un-marked domains are in green. If you look closer you will see most of these domains are trying to ‘spoof’ either google.com or microsoft.com.

If you want to read the technical detail please visit the Wordfence Blog, and please also educate your friends and family to look closely at website URLs, and not blindly trust the little Green Padlock!

And yes, SMH Technology Solutions website is secure!

Browser URL bar with SECURE SSL status

Tagged with: , ,

Graphic of a 'Danger phishing scam' signRemember when phishing / spam mail consisted of ‘Nigerian’ princes wanting to give you money, or a lottery win you didn’t play in? I had a run on tax refunds even before I’d submitted my return! What happy times, the phishing spammers were playing on your wants, money mainly! Nowadays they are playing on your fears! Now its tax demands not refunds, notices of pending investigations and even speeding tickets! Of course the Phishers are still making the mistakes that make them easy to spot, as the two screen grabs below show:

 

Speeding, Moi……..Screenshot of received Phishing email

Well the obvious mistake here is it came by phishing email! Last time I, I mean a friend got a speeding ticket it came by post! With a photo, not a “We have photographic proof” statement. I of course was not in Stockport on the 9th, and I’d never think of doing 81 in a 25 zone, my car would be airborne on the speed humps! So not only a fail on the basics of making it seem like it could be me, but on the probability of doing 81mph at the start of rush hour!

Then there’s the techie bits, the URL from the ‘Examine’ link, the key bit the phishing is intended to make you click goes to <!!!ОШИБКА ШАБЛОНА: ШАБЛОН закрыт в ‘[%%’ и ‘%%]’ НЕ ПРАВИЛЬНО!!!http://vfw4914 .com/administrator/ backups/cvyi3q0x4ds7/qnlmj0w1.php%%]> (Just hover your mouse on a real phishing email to check link URLs). The ‘send’ email was >. Now I’m sure GMP may have their own domain? And whilst the grammar’s good, is not quite right!

Company Investigation Phishing email screenshotPhishing Exhibit B…..

Now this phishing email has slightly less going for it, whilst still playing on my fears and threatening they “can apply to the court to wind up the company and stop it trading.”  The basic problem is I’m not a registered company, but even if I was the same basic checks will show the phishing spammers for what they are.  The ‘Further Data’ link whilst not gibberish, does give a way the ‘malware payload’ location, wp-content/plugins/siteorigin-panels/settings/images/a3wxid/vkjya9i0.php>; The footer links are lifted from gov.uk, with them even managing to lift a link to the ‘Wales’ section of gov.uk!  The send email is again <mail@localmail .com>, so if you watch your spam box you will also notice trends like this!

So phishing has passed through many changing trends and presently plays on your fears, in an effort to get those clicks that will come with malware attached, corporate targeted Phishing is still trying to get those precious login credentials, and whilst outside the corporate world it may be more subtle in its message, it can still be easily spotted!

Here are WHICH?’s 7 steps to spotting spam

How to spot a scam

  1. Contacted out of the blue?
  2. Is the deal too good to be true?
  3. Asked to share personal details?
  4. Pressurised to respond quickly?
  5. Are the contact details vague?
  6. Grammatical or spelling mistakes?
  7. Are you asked to keep it quiet?
Tagged with: , , ,
Top