SMH Tech Blog

Category: Security

Kaspersky Internet Security 2018 Release Offer 50% off


Kaspersky Internet Security 2018

Well its that time of the year you have to check your calendar as the 2018 versions of many popular products hit the streets.  As a Kaspersky Affiliate I’m delighted to announce that you can get 50%, yes that’s 50% off Kaspersky Internet Security 2018.  Kaspersky software sits atop the PC Pro Magazine ‘A List’ for Internet security software and you can get this £34.99 product for JUST £17.49; Just click on that Box to the Top Right>>>

You can also get Kaspersky Total Security for the same 50% off, so only £19.99!!

This Award-winning security suite helps you safeguard your family and their privacy, money & precious memories. Whenever you’re online shopping, banking, surfing & socialising you need to make sure you’re safe from Internet attacks, infections & cybercrime.  It will also protect you from Ransomware like the recent WannaCry attack on the NHS and is available for PC, Mac, Android, iPhone & iPad

Kaspersky Small Office Security 40% Off

Small Business owners need not worry either as the highly flexible, multi seat ‘Small Office Security’ is also 40% off to protect you while you work

Kaspersky Small Office Security

Get Kaspersky Small Office Security 40% Off Now

Kaspersky Small Office Security is designed for businesses running 5-50 computers, some servers and mobile devices. It works out-of-the-box and is managed from one easy-to-use cloud-based console – no IT skills are needed to use this powerful security tool and monitor security from any connected device you choose.

It protect you from online attacks, ransomware and data loss so you can get on with business:  A 5 user 1 year license is ONLY £111 (RRP £185) and provides cover for:

  • 5 Desktops
  • 1 Fileserver
  • 5 Mobiles
  • 5 Password managers

Supported platforms:

  • Windows desktops and laptops
  • Mac desktops and laptops
  • Windows-based file servers
  • Android smartphones and tablets
Tagged with: , , , , ,

SMH Tech IS Secure!

When Secure is not Safe!

I received one of my regular ‘news’ emails today with a link to the Wordfence Blog; nothing unusual there! The title “‘Secure’ in Chrome Browser Does Not Mean ‘Safe’” caught my eye however, as although I don’t regularly use Chrome, according to GlobalStats over 50% of web users do. A quick click and read highlighted some worrying issue, in that some Certification Authorities have issued SSL certificates (Allowing use of the ‘secure’ HTTPS protocol) to known malicious websites! When the certificates are revoked, the websites are still being shown in the chrome URL Bar as ‘secure’.

Chrome 'secure' URL status

© 2017 Feedjit Inc

SSL Certificate relationships

© 2017 Feedjit Inc
Click to enlarge

More worryingly is a lot of these SSL certificates are interlinked to multiple domains!  The chart here shows known Phishing domains with the red links being those domains marked as malicious by Google.  Un-marked domains are in green. If you look closer you will see most of these domains are trying to ‘spoof’ either google.com or microsoft.com.

If you want to read the technical detail please visit the Wordfence Blog, and please also educate your friends and family to look closely at website URLs, and not blindly trust the little Green Padlock!

And yes, SMH Technology Solutions website is secure!

Browser URL bar with SECURE SSL status

Tagged with: , ,

Graphic of a 'Danger phishing scam' signRemember when phishing / spam mail consisted of ‘Nigerian’ princes wanting to give you money, or a lottery win you didn’t play in? I had a run on tax refunds even before I’d submitted my return! What happy times, the phishing spammers were playing on your wants, money mainly! Nowadays they are playing on your fears! Now its tax demands not refunds, notices of pending investigations and even speeding tickets! Of course the Phishers are still making the mistakes that make them easy to spot, as the two screen grabs below show:

Speeding, Moi……..Screenshot of received Phishing email

Well the obvious mistake here is it came by phishing email! Last time I, I mean a friend got a speeding ticket it came by post! With a photo, not a “We have photographic proof” statement. I of course was not in Stockport on the 9th, and I’d never think of doing 81 in a 25 zone, my car would be airborne on the speed humps! So not only a fail on the basics of making it seem like it could be me, but on the probability of doing 81mph at the start of rush hour!

Then there’s the techie bits, the URL from the ‘Examine’ link, the key bit the phishing is intended to make you click goes to <!!!ОШИБКА ШАБЛОНА: ШАБЛОН закрыт в ‘[%%’ и ‘%%]’ НЕ ПРАВИЛЬНО!!!http://vfw4914 .com/administrator/ backups/cvyi3q0x4ds7/qnlmj0w1.php%%]> (Just hover your mouse on a real phishing email to check link URLs). And whilst the grammar’s good, is not quite right!

Company Investigation Phishing email screenshotPhishing Exhibit B…..

Now this phishing email has slightly less going for it, whilst still playing on my fears and threatening they “can apply to the court to wind up the company and stop it trading.”  The basic problem is I’m not a registered company, but even if I was the same basic checks will show the phishing spammers for what they are.  The ‘Further Data’ link whilst not gibberish, does give a way the ‘malware payload’ location, wp-content/plugins/siteorigin-panels/settings/images/a3wxid/vkjya9i0.php>; The footer links are lifted from gov.uk, with them even managing to lift a link to the ‘Wales’ section of gov.uk!  The send email is <mail@localmail .com>, so if you watch your spam box you will also notice trends like this!

So phishing has passed through many changing trends and presently plays on your fears, in an effort to get those clicks that will come with malware attached, corporate targeted Phishing is still trying to get those precious login credentials, and whilst outside the corporate world it may be more subtle in its message, it can still be easily spotted!

Here are WHICH?’s 7 steps to spotting spam

How to spot a scam

  1. Contacted out of the blue?
  2. Is the deal too good to be true?
  3. Asked to share personal details?
  4. Pressurised to respond quickly?
  5. Are the contact details vague?
  6. Grammatical or spelling mistakes?
  7. Are you asked to keep it quiet?
Tagged with: , , ,

Icon for Security Services provided by SMH Technology Solutions

How many times you’ve been told; “Don’t leave the user name as the default“, or “change your password“? Well if you have not followed that sage advice prepare for a Hack Attack!

First up I got an email from my website security tool, part of which is below:

A user with IP address 116.8.123.160 has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 10. The last username they tried to sign in with was: ‘admin’
User IP: 116.8.123.160
User hostname: 116.8.123.160
User location: Nanning, China

I’ve only just started using this particular tool so it was good to see it working, the follow up had a bit more detail about the hack attempt, again an extract is below:

Blocked IP address report

So as you can see, someone has tried to login to my website with the username ‘admin’, and I guess a selection of passwords, or pa55w0rds, or PassWords (you get the idea I’m sure), until my system blocked them out. If I didn’t have this system they may have happily carried on until they cracked it, which as many hackers use user/password combinations available from leaks such as the Sony or Adobe hacks, then it’s another example of why you should not re-use passwords either!

Tagged with: ,

I occasionally use an online CRM service called Relenta, it’s good but perhaps too much for my present basic needs. However it was thanks to their Email newsletter I’m now aware Yahoo and AOL have effectively ended the practice of businesses using Yahoo or AOL accounts with things like eVites and 3rd party services such as Relenta!

These “Domain-based Message Authentication, Reporting & Conformance” (DMARC) changes and related Sender Policy Framework (SPF) checks could be preventing your important marketing and service emails from being delivered!

Of course I would never recommend using a free web mail service for business use when domain based email can be set up for relatively little cost (from SMH Tech anyway). So if you use Yahoo or AOL, or others such as Gmail, Hotmail/Outlook.com et al, I recommend you check your mail is getting through and if your provider is making changes to its DMARC or SPF systems!

Relenta’s Blog posts on the subject are linked here > DMARC and SPF information.
See also DMARC.org for more information

Relenta Logo

Tagged with: ,

Have you noticed more spam arriving lately? Not a day passes my ISP or installed Security Software tells me it’s blocked/deleted something! Well that’s just the tip of the iceberg if the linked Thawte Phishing Infographic is anything to go by, and whilst a lot of Phishing emails are easily spotted they are getting better so keep on your guard; the last and most valuable line of defence is the person working the computer!

Extract from Thawte Phishing Infographic

Tagged with: , ,

Tagged with:

Criminals can recover SMS's, passwords and history from second-hand phones | ITProPortal.com.

Tagged with: , , ,

Tagged with:
Top