Hackers have been stealing people's information, filing their returns, and getting the refund. Last year, the IRS noticed that the FAFSA online system could get enough personal information that it could be used by hackers. In October, the IRS sent a memo to the Department of Education saying that the system could be abused. But because up to 15 million people used the system out of convenience, they kept it online. In February, the IRS noticed a pattern of fraudulent activity, and shut it down last month.
There are a lot of ways that bad actors online can compromise your computer. As their techniques become more sophisticated, it becomes more difficult to know whether or not your system has been compromised. There are some signs to look for, however, to tell if your computer is affected by malware.
You can always scan your computer with antivirus software. Microsoft includes its own antivirus utility as part of Windows 8 and above. You can also use the Malicious Software Removal Tool by pressing the Windows Key + R, typing in "MRT," and pressing enter.
Ransomware has always been a terrible plague of the internet, where bad guys inject software into your computer through phishing emails. They usually trick you by saying it's from your bank, the IRS, or even your boss asking you to open something. When you do that, it's an application that runs and scrambles all of your data and asks you to give them money to get the data back.
A new article on Motherboard details how hackers used a spearfishing attack to get passwords and break into the email of members of the Democrat National Committee, namely John Podesta, and also Colin Powell. The attack came as a phoney message from Google that someone had their password and they should change the password immediately, along with a big "change password" button.
A Distributed Denial of Service Attack (DDOS) hit the internet yesterday, tossing several networks offline. Leo says this happens all the time as robot computers are drafted to clog networks with phoney requests. What's disturbing about this particular attack is that it's using not only computers, but it's taking advantage of smart devices used in the home (called the internet of things), like routers, DVRs, smart refrigerators, and even internet enabled home security systems.
Tyler does a lot of social media through YouTube and Twitch and he's been hit by a DDoS attack. Leo says that those attacks are easy and are usually done by a troll who has an axe to grind. But they can't go after Twitch, so he's attacking his personal IP address. Leo says to call the ISP and request a new address. Running through a VPN will prevent it since it's an encrypted tunnel and they can't see the IP.
Kevin's mom went to a website and got a virus alert. She then called the phone number on it and they had her install something, which gave them control over her computer. Leo says that's a common scam. They probably installed a virus and maybe even turned her computer into a bot. The worst part is that they took her money and now have her credit card number. She realized her error and called him, though, and Kevin has since changed her passwords. She has trouble remembering passwords. Leo says many do and they end up using the same password over and over.
A Hollywood hospital was hacked a few weeks ago and was essentially unable to operate. The hackers demanded 40 Bitcoins, which comes to about $17,000. This is considered "ransomware," where the hackers get you to run malicious software through a bogus updater like Flash that appears to be legitimate. This malicious software encrypts all data and threatens to delete everything unless you comply with the demands within a certain time frame.
T-Mobile user data was acquired by hackers this week when credit bureau Experian was compromised. Hackers got customer names, addresses, drivers licenses, social security numbers and more. According to T-Mobile CEO John Leger, 15 million people including new applicants requiring a credit check from September 1st, 2013 through September 16th, 2015 were affected. Customers will get two years of free credit monitoring and identity resolution services from Experian.
Last week, Chinese hackers targeted GreatFire.org in a DDoS attack, and now are attacking GitHub. DDoS stands for "Distributed Denial of Service," and this attack brings down a website by hitting it with lots of bogus requests from thousands or even tens of thousands of computers distributed all over the world. GreatFire.org was spending $30,000 a day in bandwidth trying to keep up with the excess traffic.
The way they are getting this to be a distributed attack is by commandeering users of Baidu, a popular search engine in China.