“APPLE users need to stop living in “fantasy land” and let go of the myth that its products are safe from malicious programs and viruses.”

Harsh words, but for some Apple users a wake up call is needed to show they are in danger. Computer researchers at the anti-virus company Kaspersky have released recommendations on how to keep your Apple computer safe.

Read the full set of recommendations

How to keep your Apple computer secure

1. Install an anti-virus application and keep it up to date. The NU community gets free anti-virus software
2. Use Keychain to store all your passwords. Password protect Keychain with a password that differs from any other of your accounts
3. Ensure security updates are legitimate. Only update software from the manufacturers’ website, not third party sites.
4. Lock your computer screen when you are not using it. Lock your computer to a solid object when you are in a public place.
5. Turn off automatically loging into your computer. The few moments it takes to type in your username and password is worth protecting your data.
6. Do not store important and sensitive information in the cloud. Breaches in cloud accounts have increased in recent years and your information may not be safe in third party hands.
7. Many more tips…

Heat is the silent killer of computers and electronics.

When the ambient temperature rises above 90F, the temperature inside a computer can reach well over 150F causing permanent system and hard drive failure.

Apartment Therapy offers 4 easy tips to keep your computer safe without much effort.

4 Tips to Keep Your Laptop Overheating During The Summer

Have you noticed that a 4G phone runs hotter than a 3G phone, or when you turn on your GPS the phone heats up? About.Com has some additional tips for laptop and smartphone users.

How to Keep Your Laptop or Smartphone Safe in Hot Weather

Here is our post from last year describing how to help keep your desktop from overheating.

Prevent Your Computer from Overheating

Finally and most importantly: BACK UP YOUR DATA. If and when your computer fails you will be comforted to know that your data is safe and secure.

Image Credit: michaeljzealot: Flickr

Are you planning a summer trip overseas for work or pleasure? Are you crossing the border to visit America’s neighbors? If so, you should read these helpful tips to help make your trip a success.

Don’t end up like these unsuspecting victims:

“My bag did not fit in the overhead compartment and I was forced to gate check it. When I retrieved my bag after the flight I noticed that both my iPad and medications were gone.”

“When I returned home my cell phone bill was full of international charges I did not make”

Learn about:

• US Border crossings
• Prevent unwanted cell phone charges
• Be wary of free Wi-Fi
• Protect your laptop from dangerous networks
• And more…

Read here: International Travel Safety and Security Tips

————-

Image Credit: Kristen Taylor/Flickr

Northeastern will NEVER ask you to validate your email account to increase your mailbox quota. Additionally, you can tell this email is a fake because the URL in the message points to a NON Northeastern website.

From: Helpdesk
Date: Mon, May 13, 2013 at 1:50 PM
Subject: helpdesk
To:

Your Mailbox Has Increase Your Quota.
Failure To Click This Link hxxp://northeasternuniversity.webs.com/ And
Validate Your Quota May Result to Loss Of Important Information In Your Mailbox/Or Cause Limited Access To It.

Thanks For Co-operating with Us.
Sign,
Stephen Director
Provost and Senior Vice President for Academic Affairs
360 Huntington Ave., Boston, Massachusetts © 2013 Northeastern University

Click here for copy of the email

This phishing example was sent to us in the form of a Amazon Kindle order confirmation email. This email has all the hallmarks of a phishing scam.

1.) The user did not order anything from Amazon
2.) The billing address does not belong to the user
3.) When your mouse hovers over the book title link the URL that is displayed goes to hxxp://homesport.co.nz/… Not Amazon

When you receive this type of email and are not sure if it is real, do the following:

1.) Do not click on any links in the email. Instead manually log into the website. In this case, the user would type in www.Amazon.com into their web browser and log directly into their account
2.) Hover over any links in the email to reveal the true URL of link. The link may say Amazon.com but the URL is for a phishing site.
3.) Delete the email and end the threat. Do not forward it along.

There is not much you can do to stop phishing emails. The best course of action is to identify them when they arrive and delete them from your inbox.

If you have any questions about identifying phishing emails you have received please contact the Service Desk at help @ neu.edu or 617-373-4357.

More examples of Phishing Emails

Download the Newsletter

It is a good time to brush up on password security. Creating strong passwords and securely using passwords is the first line of defense in protecting your online accounts. The newsletter this month explains how to create a good password and explains the reasoning behind the following password security tips:

• Be sure to use different passwords for different accounts
• Never share your password with anyone else, including co-workers.
• Do not use public computer, such as those at hotels or libraries, to log into a work or bank account
• Be careful of websites that require you to answer personal questions
• Use two-factor, or two-step verification to log into website when possible
• When creating a PIN for your mobile device, the longer the better
• Close or delete your account when no longer in use

Download the Newsletter

The blog TalkTechToMe by GFI lists the 41 Dumbest Security Decisions that an organization can make.

Here are some of the decisions to avoid:

• Deploy security through obscurity
• Use dictionary words for passwords
• Using the same password everywhere
• Not salting your hashes
• Thinking the number of boxes ticked is directly related to how secure you are

Read the rest and keep this list in mind to avoid some of the common pitfalls that could harm your organization and the people it serves.

Yesterday we reported scammers had registered over 125 domain names within hours of the Boston bombings. Today security researchers have reported that once again criminals are taking advantage of the public’s curiosity and generosity to spread malware and computer viruses.

TrendLabs reports that spam messages with subjects such as “2 Explosions at Boston Marathon” and “Aftermath to explosion at Boston Marathon” link to websites that use the Blackhole Exploit Kit to try and install malware.

SecureList reports that some of the emails link to websites with video of the explosions. In order to play the videos the user must install a “video player.” The player is really malware in disguise.

Sophos NakedSecurity reports that the malware installs connection software to allow the criminals to remotely control your computer.

To Stay Safe:

• Do not click on links or open attachments from unsolicited email.
• Do not install video or any other software from non mainstream websites
• Do not forward spam messages to prevent spreading the damage to others
• Make sure you have the latest anti-virus software installed and updated

In the hours following yesterday’s explosions over 125 domain names have been registered that could potentially be used to disseminate false information, solicit fake fundraisers, and fake requests for donations. These domains contain words related to the tragedy such as, “boston”,”marathon”, “bombings”, “charity”, “fund”, “lawsuit”, “massacre”, “attack”, “news”, “info”, “victims”, etc..

Examples include: “bostonmarathonrelief.com” and “bostonmarathonvictimfund.com”

Historically, following a disaster criminals set up fake domain names and websites to trick users into giving donations though the money will never reach the victims. Other websites may try to trick users into giving up their personal information that the scammer will use to steal the users identity.

In addition, scammers will target social media to spread false information and requests for money. Shortly after the explosions the Twitter account @_BostonMarathon tweeted that it would donate $1 dollar for every re-tweet. This account has been disabled by Twitter but many others have risen to take its place.

Tips to stay safe:

• Only give money to reputable organizations such as the American Red Cross.
• When searching for updated news stay away from rumor sites and stick to trusted news sources.
• Be wary when asked for personal information through unsolicited communication.

More Information:

http://blog.sfgate.com/techchron/2013/04/15/beware-of-scammers-with-tweets-links-to-boston-tragedy/

http://now.msn.com/boston-marathon-explosion-charity-scam-started-by-fake-twitter-accounts

http://www.thedomains.com/2013/04/15/update-now-over-0-domains-related-to-boston-explosion-including-relief-domains/

Related Information:

Spam Facebook Posts

Fake Websites

IT Security was mailed this phishing letter disguised as a free airline ticket giveaway.

Read up on this offline attempt to steal our personal information and protect yourself from free offer scams.

More Information: American Airways Free Ticket Scam