Document Based MalWare on the Rise

Document based Virus, MalWare and Trojan Threats increase

Document based Virus, MalWare and Trojan Threats are being detected in increasing numbers across email networks.   Although Document based Malware is not new, the alarming increase in these types of attacks is a major concern.   Due the new nature of these attacks, many leading Anti-Virus, Malware and Firewall systems are not detecting them as they come through.

[contentblock id=2 img=gcb.png] partners with several leading global cyber security organisations and anti-virus vendors.  Whenever we encounter suspicious emails not detected as threats, we submit them to our Partner anti-virus vendors for assessment.  As a result, if a new threat is detected, updates to their anti-virus definitions are released soon after.   We encourage other IT Support company’s like us, to do the same.  This would help anti-virus vendors better understand how these attacks function and develop anti-virus definitions to block these attacks quicker.

An email received with an infected attached file can look like it has come from a trusted source.

To give you some understanding, here are some examples of emails that have had infected documents attached.

How can you tell if an email is bogus?

• Most accounting systems email invoices and statements as Portable Document Format (PDF) attachments.  How many legitimate emails do you receive from companies that attach a Word document (.doc or .docx file)?
• Check if the senders name matches their email address
• Check the sending domain name.

How Viruses, MalWare and Trojans work in Word documents

To save time on tasks you do often in Word documents, you can bundle the steps into a macro to automate the tasks.  The macro programming language can also be used to write infectious code and viruses.  As a result, if macros are enabled, the malicious MalWare is run in the background when you open the document.  The macro is usually just the start of the attack, subsequent hostile or intrusive functions are performed, without asking you.  These could include viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.

What should your virus strategy include for Document based threats?

As new threats are not immediately detected by anti-virus software, please continue to exercise caution when opening email attachments.  You are the first line of defence against Virus, Torjan, MalWare and other Threats.

If you receive an email something along the lines of the above examples with a document file type attached: .doc .docx, do not open the document and delete the email.

If you do open a document that has been emailed to you and a message like “Do you want to enable the macros” appears, close it straight away and remove it from your system.

More information can be obtained from cyber security services like Sophos and Symantec .

Contact Us if you need any assistance with your anti-virus strategy or Network Security.

Windows 10 Edge Browser not compatible with AUSKey

AUSkey not compatible with the new Microsoft Edge Browser in Windows 10

One recommendation in our Blog Should I Upgrade to Windows 10?, is to confirm compatibility with your critical software.  A noteworthy example: Microsoft Edge browser released with Windows 10, is not compatible with Australian Government AUSkey.

This is especially relevant for Australian Accounting firms and Businesses who use AUSkey’s secure login to access participating Government websites.  Websites include Australian Taxation Office (ATO), Australian Securities & Investments Commission (ASIC) and Australian Business Register (ABR).

Compatible AUSkey browsers

Rather than use Edge, you can use either the latest version of Internet Explorer version 11 or Mozilla Firefox.

In addition to the above, Click here for a complete list of AUSKey compatible operating systems and browsers.

See this Microsoft Wiki article for a Review of Microsoft Edge Browser in Windows 10.

Please Contact Us if you need any help with your AusKey or setting up Internet Explorer or Mozilla Firefox in Windows 10.

What is a Bitcoin

You might or might not have heard of the latest trend in digital money Bitcoin, Bitcoin is a form of digital currency, created and held electronically. No one controls it.  A software developer called Satoshi Nakamoto proposed bitcoin, which was an electronic payment system based on mathematical proof. The idea was to produce a currency independent of any central authority, transferable electronically, more or less instantly, with very low transaction fees. Bitcoins are not physical and are digitally created by a community of people that anyone can join and they based on mathematics.

There is to much to explain about bitcoins in one blog! So below we have hunted out some good links that explain in much better detail.

Bitcoin explained

The maths behind it

Bitcoin project

Fake Windows 10 Update

Wondered about the free upgrade to Windows 10?

Microsoft started there official free upgrade roll out on July 28^th, 2015 to 190 countries. However it didn’t take long for cyber-crime individuals to start their own roll out of a fake Windows 10 upgrade. The ransomware is sent to the victim via email that claims to be a legitimate Microsoft Windows 10 free upgrade.  Disguised as an installer the ransomware is encrypting Australian users and business computers.

The email sent claims to be from Microsoft offering the free upgrade; the ransomware is attached in a zip file which contains a program labelled as the Windows 10 installer. If you run this program it will encrypt any important files, including Word documents and photos on your computer. Being a Microsoft  partner here at iT and Beyond, we have never received emails from Microsoft  with program attachments! We advise that if you receive an email offering a free upgrade to Windows 10, DO NOT OPEN IT or any attachments.

Windows users interested in upgrading their computer can register via Microsoft’s official website. Windows 10 updates will then be facilitated by a program on your computer, not via an email offer Businesses are advised to be vigilant in protecting their existing computer systems and in ensuring that their critical data is backed up in case an attack does occur. Encrypted data could then be recovered from backup copies.

Staying Safe

In order to protect yourself and your business from this attack a Disaster Recovery Plan, Online backups and Remote Data Storage Solution’s  are essential for your critical data to be secure and offsite away from sabotage.

Security researchers at Cisco have provided detailed technical information about the attack aswell as Stay Smart Online has provided alerts about a number of ransomware attacks in the past.

If your computer is compromised from this attack you can report the incident to the Australian Cybercrime Online Reporting Network (ACORN).

Should I upgrade to Windows 10?

Windows 10 free upgrade will start on 29 July, 2015.  No need to panic though, you have 12 months before this offer from Microsoft expires.  Anyone running a genuine copy of Windows 7 or Windows 8.1 is eligible for the free upgrade.

This Microsoft Free offer doesn’t extend to earlier versions of Microsoft Windows (Windows XP or Windows Vista).  Updating for you guys would require the purchase of a new Windows 10 license and could be problematic given the likely age of the hardware, as some components may not be compatible with Windows 10.

How will you know?

Your PC may be displaying a new icon in the system tray, prompting you to reserve your copy of Windows 10 or to Upgrade to Windows 10.   These icons was included via Microsoft Patch Updates.  Once the release date arrives your PC will tell you when it’s ready to download and install.

Will it be a seamless upgrade?

Yes and no! Windows 10 has been extensively tested, however there may still be some bugs that need to be ironed out.  This is normal in regards to new operating systems.  You can also down grade again if Windows 10 just isn’t working for you.   Microsoft has made it a relatively easy process to roll back from Windows 10 back to Windows 7 or 8.1.

Will my Software applications and hardware work?

Maybe?  If you are upgrading from Windows 7 or 8.1 most software and drivers are likely to work in Windows 10, however before jumping in, see Our Recommendations below.  It’s always a good idea to keep your software and hardware drivers up to date.   For any of our clients who we provide Proactive Managed IT Support Services to, our Weekly maintenance includes includes installation of patch updates for Microsoft Windows Operating Systems and Office software and Monthly maintenance includes installation of latest updates for your mission critical software applications.

Most software vendors have a Windows 10 Compatibility Knowledge Base article.  Examples include:

• Microsoft have started compiling Known issues with Microsoft Office and Windows 10
• For Accounting firms using MYOB software, refer to MYOB’s KnowledgeBase article Answer ID 37334 Windows 10 Compatibility Statement.

Should I Upgrade to Windows 10? – Our recommendations

Our recommendation is to exercise caution when upgrading to the first release of new software, including Windows 10, especially in a production environment.  You may benefit from being a little patient and waiting for a number of weeks or even months for a more updated version of Windows 10.  Microsoft regularly provides update patches which would include bug fixes and patches for hardware drivers etc.  When new Operating Systems are released, we install them in a Virtual environment so we can test and the learn the new system inside and out, before we deploy it into live production environments.

Before upgrading, you should be check and confirm all your mission critical software applications and hardware drivers are compatible with Windows 10.

For Windows XP and Vista users, given the likely age of your computer hardware, it would be prudent to consider upgrading your hardware.  We support many Small to Medium Size Business (SMEs) who have an IT Strategy to step up to a new operating systems when they refresh their PC hardware.

If you need any assistance with determining whether you should upgrade to Windows 10, our IT Assessment and Planning Services may be of interest.

Please Contact Us if you need any help with upgrading to Windows 10, including our Standard Operating Environment (SOE) settings for Windows 10 that make the transition for users easier.

Free Public WiFi Hotspots – Security concerns

Security Concerns using Free Public WiFi Hotspots

There is nothing like a Free Public WiFi Hotspot.   You can browse the internet, update your Apps, watch a bit of Youtube without having the worry of using data on your mobile account.  Each WiFi Hotspot will have it’s terms and conditions for use.  Some will have restrictions on what can be access in regards to data usage and how long you can stay on that network.  But did you know that a Free Public WiFi Hotspot is not necessarily secure from potential online threats?

Australians love their Public WiFi Hotspots— in the three months to 30 June 2015, almost 4.23 million Australians went online using a public WiFi hotspot.

Potential online threats using Free Public WiFi Hotspots include:

• Stolen identity
• Hackers accessing your private information
• Risks to your personal and physical safety
• Malware being downloaded to your device
• Your credit card, banking or log-in details being stolen

To help you be fully informed when using these convenient services, Stay Smart Online and the Australian Communications and Media Authority have released a short practical guide and infographic, with useful tips and general information about public WiFi hotspots in Australia.

For example, key tips to help protect you from online threats when using public WiFi hotspots include:

• Use password-protected hotspots
• Check the ‘terms of use’, particularly privacy and security clauses, before using a hotspot
• Only use secure connections
• Turn off file sharing and location services
• Consider using a Virtual Private Network
• Connect to the intended WiFi hotspot
• Turn on your firewall and virus scanner

Other useful topics covered in the guide are:

• What is a public WiFi hotspot
• What are the major types of public WiFi hotspots in Australia?
• What types of access are offered at public WiFi hotspots?
• What can I do at a public WiFi hotspot?
• How do I find a public WiFi hotspot?
• How do I connect to a public WiFi hotspot?
• How can I make a complaint about a public WiFi hotspot?

To connect to a WiFi hot spot make sure on your device under settings that your WiFi is switched on. Most devices will scan and pickup automatically  that there is an available WI-FI signal to make a possible connection.

To make a connection will depend on how the WiFi Hotspot is setup to be accessed. Some of the access offered at public WiFi Hotspot can be one of the following:

• Free and open (no charge to the user and no password is required).
• Free with conditions (no charge to the user but subject to certain terms of use).
• Free for customers (a purchase from the provider is required before access is allowed).
• Fee-for-service (user pays for access).

For more information about online threats, ways to protect yourself and other practical tips when using public WiFi hotspots, view 

‘Your guide to public Wi-Fi hotspots in Australia’

‘Stay Smart Online‘

iTandBeyond are an SSO Partner.