If you still insist on using your Windows 7 computer and are scared of using it thanks to Microsoft's lack of continued support, it is still okay to use it offline. If you don't take it on the internet, you significantly lower your risks to catch anything harmful for the PC. Plus, most of your permanent applications will still work as long as there is electricity to power the computer! However, you should still be sure to back up important files onto an external hard drive, as staying offline means no access to cloud backup services.
Caller allowed a third party that handles support for her company, to install ConnectWise on her private computer. Is that safe? Leo says that if your company has farmed out IT support to a third-party, it's unlikely that third-party is going to lose that business by compromising your personal data. But her devices are all connected. Can she revoke it? Leo says that you can uninstall ConnectWise and remove that access.
After getting a phishing scam email, Karen ran a malware scan with Windows Defender and it found a "severe threat" called a Trojan-Downloader. Windows Defender blocked it, but is she still compromised? Leo says that everyone gets those, and it's not a side effect of a virus on your system. So if Defender found one and blocked it, you're safe from it.
John is worried that his identity will be stolen, along with his money, if he does online banking through his browser. Leo says that browsers are equally secure, as long as they keep getting patched on a regular basis. The issue isn't the browser, it's the system itself. The weak link in the chain is you. If you get an email that seems to be from your bank and you click on the links inside, it's likely a fake and your login has been stolen due to a phishing attack. That's the kind of thing that can happen. Banks will never email you. Keep that in mind.
Sundeep wants to know if GoToMyPC is better than Microsoft's own native remote desktop. Leo says that if you have Windows Pro, remote desktop is free. But Windows remote desktop has a number of significant flaws that represent a serious security issue for users. One magazine even said that "it's time to disconnect Remote Desktop from the internet. You also don't want to use it "bare" on the internet. You need to use a VPN or proxy server. So Leo advises not using Remote Desktop. Use a third-party service like GoToMyPC.
Much like phishing and spear-phishing, VISHING is the latest online scam designed to steal your logins. Only VISHING uses voicemail to do it, according to the FBI and the Cyber Security Agency (CISA). They are targeted attacks on employees of corporations using voicemail to get users working at home to call back and then use social engineering to steal VPN credentials. Check out Brian Krebs' article here.
Charles has a pair of Synology NAS storage devices and one was hit by ransomware. Leo suggests completely format it and rebuild and reinstall everything from the other backup. But Charles wants to know how it happened. Leo says that once he logs into the NAS, it's on the network, and can be bitten. Leo says that if his Synology is visible to the public internet, then he'll need to really limit it to things he really needs. The more services he turns on, the more exposed he is. Leo turns on SSH to keep it protected. Also, turn on IP blocking after a certain number of login attempts.
Randy's credit cards and bank cards have been hacked and stolen. He uses different companies. Did they steal his card numbers because of shopping online? Leo says to look at the common thread. Leo says to look at the common thread. Someone clearly got to where Randy keeps all those numbers stored. So they may have hacked into his Amazon account or his Google account. Make sure those numbers are blocked. The good news is, that his credit card companies will be monitoring it and will warn him. They will then lock the card and reissue them.
Jim has a solution for remembering passwords. He uses a date mixed with his name and an @ symbol. Leo says that's easy enough for a hacker to remember, and anything that makes a password not random makes it easier to break. And hackers are very adept at breaking personal generated passwords. That's why Leo uses a randomly generated and long password using his password manager. But even your OS will do it. It's much better to let the computer do it, and remember it. If you can remember it, it's easy to break.
Georgia wants to know how safe online banking is. Leo says it's very safe now, and you don't need to worry about having your bank account compromised. Nor do you have to have a separate computer dedicated to banking. All websites now are encrypted by design. Google began requiring that last year. Just be safe with your online behavior. Don't click on links, open attachments, or reply to emails from a bank. They will never contact you.