Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Chris bought a new HP Envy laptop a few months ago and he's not all that impressed with it. It's nice, but he is having issues with a wandering cursor that opens things up and moving around. It looks like someone has connected to it and done something. But when he steps in front of it, it stops. Leo says that it's likely the computer has a remote access trojan on it and someone is hunting around. When he steps in front of the webcam, it stops. So that tells Leo someone is playing around.
One can also "roll their own" VPN through a router, but that doesn't give the benefit of being geographically anonymous.
Lori googled how to remove remote access apps on her Mac, and she was able to remove them after Apple walked her through it. But she's worried that she didn't get it all. Leo says that if Apple took them off, it's a good chance Lori is fine. It's easy to get paranoid about a computer because it does a lot of things we don't understand. The only concern is that when Lori gave the original technician remote access, that he could've installed something else she doesn't know about. If she's really worried, she can always back up her data, format her hard drive, and then reinstall macOS.
Caller allowed a third party that handles support for her company, to install ConnectWise on her private computer. Is that safe? Leo says that if your company has farmed out IT support to a third-party, it's unlikely that third-party is going to lose that business by compromising your personal data. But her devices are all connected. Can she revoke it? Leo says that you can uninstall ConnectWise and remove that access.
After getting a phishing scam email, Karen ran a malware scan with Windows Defender and it found a "severe threat" called a Trojan-Downloader. Windows Defender blocked it, but is she still compromised? Leo says that everyone gets those, and it's not a side effect of a virus on your system. So if Defender found one and blocked it, you're safe from it.
John is worried that his identity will be stolen, along with his money, if he does online banking through his browser. Leo says that browsers are equally secure, as long as they keep getting patched on a regular basis. The issue isn't the browser, it's the system itself. The weak link in the chain is you. If you get an email that seems to be from your bank and you click on the links inside, it's likely a fake and your login has been stolen due to a phishing attack. That's the kind of thing that can happen. Banks will never email you. Keep that in mind.
Glen wants to know if ransomware can happen if you unplug your backup from the network. Leo says not until he plugs it back in. But it's less likely with a home-based system than say, a commercial network. So clean up the infected computer before reconnecting the backup, otherwise, it could infect it. A lot of ransomware also has time-released capability. It may not infect right away. So if Glen has backup unplugged from the network, he should keep it that way until he's wiped the hard drive and removed the ransomware.
Jim is getting a ton of emails, that his accounts are being reset. He's worried. Leo says that if your password has been changed, that could be a bad sign you've been hacked. So go into all your accounts and change the passwords again. Set up 2 Factor Authentication for your phone. This will prevent someone else from doing that. Stop using related passwords. Use passwords that are random and distinct for every site. The only way to handle that is with a password manager like Last Pass. You can also set up an authenticator, like Google Authenticator or Authy.
Dwayne wants to know more about virtual private networks. Leo says that VPNs essentially burrow an encrypted tunnel through the internet so that nobody can see what you're doing online. It's ideal when you're at a coffee shop and want to stay secure and private. People can see you're online, but not what you're doing.
Rio James recently got an email thanking him for payment and comes with a statement attached. But he never made such a payment. He knew right away that it was a phishing scam. Leo agrees, saying that the idea is to get him to open an attached PDF File that has been corrupted with a worm or virus. In many cases, it's harmless if the software and Windows are updated. If not, then it can take over a machine. The whole idea is to play on fear and greed, even curiosity, and get him to click on the link without thinking. So RJ was wise not to open it.