Category: Technical Issues

Paypal Security Warnings

The title of the email is “Important Update: Upgrade Your Browser”

The message starts with a warning in large letters.

Action required to continue accessing PayPal.co.uk.

This could easily be a scammer’s email trying to get you to click on a link supposedly to PayPal but in fact to a scammer’s page.

However, these warnings are real. The email is from PayPal and the links are to PayPal pages.

Why the warning?

There is a standard called “The Payment Card Industry Data Security Standard (PCI DSS)” and it is an information security standard for organizations that handle credit cards from the major card schemes.

They have upped their security requirements from 30th June 2018 and payment takers including PayPal want to meet that new standard.

The message from PayPal says upgrade your browser but you have to click to get more detailed information on what needs to be changed.

PayPal want to ensure everyone using PayPal in the UK uses TLS 1.1 or better still TLS 1.2 rather than the original TLS 1.0 in their browser. TLS is about how the data is encrypted.

How to Upgrade

This is different for each browser but for Chrome means going to Settings then System then Advanced then finding TLS on the list and ensuring only TLS 1.2 is enabled and TLS 1.0 is off.

The PayPal messages contain links for detailed information on each browser.

How to Check Your PayPal Email is Genuine

Scammers will notice these emails going out from PayPal and likely try to replicate them but with links to their own fake pages.

  1. Check the email is from PayPal.co.uk and not any other domain
  2. Check the links do go to PayPal pages (hover the cursor over the link to see where it will go)
  3. You don’t need to login to anything to make the changes as it’s just the browser settings you will change.
  4. Do I have to follow PayPal’s instructions? Only if you want to keep using PayPal payments.

Stay Safe

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Impact of Cyber Attacks on Business

The impact of cyber-attacks can be bruising for a business with both short and long term effects to consider.

A 2016 survey of 428 businesses that have suffered cyber-attacks in the previous months.

You can see from the statistics above for 2016, that the biggest impact reported by businesses that have suffered from cyber-attacks is the provision of new measures to prevent further attacks. This can be costly but is essential to protect against further attacks.

There are the short term issues:-

  • Bringing in expert technical staff to find out how the attack happened
  • Technical expertise needed to start to build defences against further such attacks
  • Extra staff to deal with recovery, communications with customers, legal ramifications etc.
  • Disruption to staff and service to customers

Then there are the long term effects:-

  • Reputation damage
  • Steps needed to restore reputation and customer confidence
  • Share price

It is better to build strong defences against cyber-attacks than simply trust to luck.

It is prudent to have plans in place for how to deal with such attacks as the FBI now say that it’s not a question of whether any organisation will be attacked, but simply when.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

SEO Backlinks and Expired Websites

SEO is Search Engine Optimisation which means how to make a website rank highly on search engines so more people can find it easily and hence go to that website.

There are many techniques used in SEO including use of keywords, headings, quality content, meta-data for pictures etc. and lots more.

One old fashioned approach to SEO was to get as many backlinks to your site from other sites as possible.

Google keep their exact algorithms for calculating ranking a secret but links to your website from other quality high ranked sites is going to help.

Recently emails have started to appear offering huge numbers of backlinks. One email offers to get up to 500,000 backlinks from their inventory of websites (many in your niche).

500,000 backlinks from poor sites is not a good idea.

You should always try to have quality content on your site to attract people and that includes only having backlinks from other quality sites.

Another variant on this is the idea of purchasing expired websites that still have an entry on Google. You buy the expired website and create links from there to your website.  There are businesses that specialise in finding and buying such expired websites then selling them on under the guise of SEO.

These are unpleasant practices. Do not be fooled into believing there is a magic answer to endless traffic.

To get visitors – create the best content you can, get links from sites that can appreciate your work, use social media, articles etc. There are lots of worthwhile methods available rather than attempting to cheat.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Virus Checker Website

The website VirusTotal at https://www.virustotal.com was created to help people identify computer viruses. It does this by analysing infected files or URLs supplied to it and it’s a free service.

VirusTotal inspects items by using 70+ antivirus scanners and URL/domain blacklisting services, plus a range of tools to extract signals from the studied content.

How to use the Website

You can select a file on your computer and upload it to VirusTotal in your browser.

There is also the option of desktop uploaders, browser extensions and a programmatic API if this is to become a regular practice.

As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API.

How Does the Virus Checker Work?

A submitted file or URL is scanned and the results shown on screen. The data and results are shared with VirusTotal partners who use the results to improve their own systems. As a result, by submitting files, URLs, domains, etc. to VirusTotal you are contributing to raise the global IT security level.

Scanning reports produced by VirusTotal are shared with the public VirusTotal community. Users can contribute comments and vote on whether particular content is harmful. In this way, users help to deepen the community’s collective understanding of potentially harmful content and identify false positives (i.e. harmless items detected as malicious by one or more scanners).

Commercial Service

The service provides qualified customers and anti-virus partners with tools to perform complex criteria-based searches to identify and access harmful files samples for further study. This helps organizations discover and analyse new threats and fashion new mitigations and defences.

VirusTotal not only tells you whether a given antivirus solution detected a submitted file as malicious, but also displays each engine’s detection label (e.g., I-Worm.Allaple.gen).

This is a valuable resource in the fight against computer viruses.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

ISO27001 Information Security

ISO 27001, also known as IEC 27001 is an information security standard and is published by the International Organization for Standardization  and the International Electrotechnical Commission.

Most organizations have some information security controls, but these may not be sufficiently comprehensive in their coverage. An information security management system (ISMS) can remedy this situation.

It specifies a management system and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit.

ISO 27001 requires that management:

  • Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities, and impacts
  • Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis

The ISO 27001 certification, like other ISO management system certifications, usually involves a three-stage external audit process.

Stage 1 is a preliminary, informal review of the ISMS, for example checking the existence and completeness of key documentation such as the organization’s information security policy, Statement of Applicability and Risk Treatment Plan. This stage serves to familiarize the auditors with the organization and vice versa.

Stage 2 is a more detailed and formal compliance audit, independently testing the ISMS against the requirements specified in ISO/ 27001. The auditors will seek evidence to confirm that the management system has been properly designed and implemented, and is in fact in operation (for example by confirming that a security committee or similar management body meets regularly to oversee the ISMS). Certification audits are usually conducted by ISO 27001 Lead Auditors. Passing this stage results in the ISMS being certified compliant with ISO/ 27001.

Stage 3 is Ongoing and involves follow-up reviews or audits to confirm that the organization remains in compliance with the standard. Certification maintenance requires periodic re-assessment audits to confirm that the ISMS continues to operate as specified and intended. These should happen at least annually but (by agreement with management) are often conducted more frequently, particularly while the ISMS is still maturing.

For detailed information on ISO 27001 refer to https://www.itgovernance.co.uk/iso27001

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Stop Remote Desktop Access

Remote desktop / remote control desktop / remote desktop protocol means to take control of one computer from another one.

This can be very useful if say you need to work at home but access some services from your workplace or files off your work computer etc.  It’s also used extensively by IT support staff.

Within a company network it can be safe but if you open your firewall to allow remote access through the firewall then this can be a problem.

Microsoft’s implementation of remote access has vulnerabilities that the hackers know about and they scan IP addresses looking for anyone that has left that door in their firewall available (typically RDP is on TCP port 3389).

Security experts believe that this vulnerability is extensively used by ransomware spreaders who can then bypass the password check and gain access to your systems.

If you use remote access through your firewall – make sure you’re safe or turn it off permanently.

Can There Be Safe Remote Access?

This depends on exactly what you want to achieve but the general advice from many security experts is to use a Virtual Private Network or just don’t allow remote access from outside of your firewall.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature