Tuesday, May 16, 2017

Beware: the WannaCrypt / WannaCry Ransomware

What is WannaCrypt Ransomware? 
WannaCrypt Ransomware, also known by the names WannaCry, WanaCrypt0r or Wcrypt is a ransomware which targets Windows operating systems. Discovered on May 12, 2017, WannaCrypt was used in a large Cyber-attack and has since infected more than 230,000 Windows PCs in 190 countries.

How does WannaCrypt ransomware get into your computer?

As evident from its worldwide attacks, WannaCrypt first gains access to the computer system via an email attachment and thereafter can spread rapidly through your LAN network. The ransomware can encrypt your systems hard disk and attempts to exploit the SMB vulnerability to spread to random computers on the Internet via TCP port and between computers on the same network.

The best thing you can do it to avoid clicking on any attachments sent to you via email, even if they appear to be legitimate!


Although the first wave of this ransomware was stopped, we are already seeing new variations of it hitting computers around the world. Be sure your systems are consistently backing up. If you are unsure, contact your assigned IES agent.


Lastly, if you see the message below - or a similar one - it’s already too late for you. IMMEDIATELY SHUT DOWN YOUR COMPUTER and call IES at 781-816-9437.

 

Wednesday, April 5, 2017

IES is pleased to announce our new partnership with Heartland Payment Systems - the largest credit card processor in the United States.


Heartland Payment Systems is a Global Payments company. Global Payments Inc. (NYSE: GPN) is a leading worldwide provider of payment technology services that delivers innovative solutions driven by customer needs globally. Their technologies, partnerships and employee expertise enable them to provide a broad range of products and services that allow our customers to accept all payment types across a variety of distribution channels in many markets around the world.

Headquartered in Atlanta, Georgia with more than 8,500 employees worldwide, Global Payments is a member of the S&P 500 with merchants and partners in 29 countries throughout North America, Europe, the Asia-Pacific region and Brazil.

What Heartland Stands For
Founder of the Merchant Bill of Rights: Heartland created The Merchant Bill of Rights to promote fair credit, debit and prepaid card processing practices on behalf of owners of small- to mid-sized businesses. The aim was to create an industry standard, that calls for the clear and straightforward presentation of card processing costs. The purpose of The Merchant Bill of Rights is to enable business owners who don’t have the resources of large purchasing organizations to effectively manage their costs, determine which processor best meets their needs and realize significant savings.

Making Sure Your Money Stays in Your Hands: In 2011, legislation was passed that could mean significant savings for many businesses. The Durbin Amendment, part of the Dodd-Frank Wall Street Reform Act, placed a cap on interchange or transaction fees and was intended to provide merchants relief from card processing costs. Since the amendment was passed, Heartland has delivered every cent of savings to the rightful recipients - business owners.

“We will help businesses prosper by providing them with effective solutions in a fair, honest and transparent manner.”
– Bob Carr, Heartland’s Founder

Why IES Has Partnered With Heartland
From lodging to hospitality, restaurants, bars, clubs, convenience stores, and even the government & education sectors - Heartland processes credit cards for every industry. IES is thrilled to be able to partner with a company that holds itself to such high standards.

What This Means For IES Clients
If you are an IES client, we can help you save on your merchant processing fees. Not only do we pass along the savings to you, but if you run into trouble down the road, you know you can count on us to resolve any issues! With our partnership, we have a direct link to support personnel and a dedicated account representative to guide us through anything that is thrown our way.

The Ultimate Question
How are your credit card processing rates? Give IES a call at 781-816-9437 or email contactus@iesadvisors.com to see how we can save you on merchant fees!

Monday, March 20, 2017

Gigabit LTE has arrived - these are some crazy speeds!

Last week, at an event in New Orleans, Sprint, Qualcomm and Motorola jointly announced the introduction of Gigabit LTE in the U.S. The next frontier in cellular connectivity has been long in the making, but it’s finally here.

At a press event, Motorola used a yet-to-be-released phone that comes fully equipped with the antenna bands and specs to support Gigabit LTE to test out the new network. This was the first device in the U.S. to test out Gigabit LTE.

The mysterious device was reaching speeds between 400 and 600Mbps. This was made all the more impressive by the location. Not only was the announcement held right before an NBA game in an arena full of people, but Sprint had ten devices running HD videos on non-stop loop, two Google Daydream stations to test out VR and the three devices running Speedtest. The network didn’t miss a beat and the devices testing out the speeds were still clocking over 500Mbps.

Gigabit LTE combines three channel carrier aggregation and 60MHz of Sprint’s 2.5 GHz spectrum with High Performance User Equipment (HPEU) and 4×4 MIMO (Multitple Input Multiple Output). What does all that mean? HPEU enhances uplink coverage for a greater range and 4×4 MIMO is the use of a new four antenna system that intelligently shifts between bands.

Representatives from Sprint stated the goal is not to reach an impressive peak speed, but sustained speeds throughout the usage of a carrier’s network. Think of it this way: It’s cool to get 50Mbps down when using a phone in an empty parking lot, but try to use a phone in a crowded place—like an arena, for instance—good luck getting anything to load. The network becomes so congested that the phone’s data connection can becomes unusable. Now imagine getting 500Mpbs down in that empty parking and in the middle of a sporting event.

When will everyone get access to Gigabit LTE? Soon, but it’ll take time. It took a tremendous amount of work by Qualcomm, Sprint and Motorola to get devices ready to test out the network yesterday, but the roll out to the masses will be much slower. We’ll need to wait for new phones that support the tech to launch, and carriers need to roll out Gigabit LTE across the nation. Qualcomm’s Snapdragon 835 chip, which supports Gigabit LTE, is expected to power the Galaxy S8, which means that phone may be the first broadly available consumer device to support next-gen networks.

Friday, February 24, 2017

First there was 2G, then there was 3G, now we're on 4G. But coming soon: 5G!

Verizon announced Wednesday that it will begin testing its fifth-generation wireless service in 11 markets across the country, from rural areas to dense urban centers.

5G provides speeds up to 40 times faster than 4G, and it's expected to eventually impact connected everything from self-driving cars to robots.

The pilot will be available to customers in Ann Arbor, Michigan; Atlanta; Bernardsville, New Jersey; Brockton, Massachusetts; Dallas; Denver; Houston; Miami; Sacramento; Seattle; and Washington, D.C.

Verizon will begin tests during the first half of this year.

Verizon said it will select pilot customers based on their proximity to the new 5G towers and contact them about participating in the trial directly.

5G tests have been conducted for the past few years in labs and prototype environments. Now, Verizon is testing the tech that will eventually be rolled out when 5G is available everywhere, which isn't expected until 2020.

Faster broadband means you'll be able to download and consume more high-quality video. It most likely also means you'll pay more for data.

Tuesday, January 31, 2017

The “can you hear me?” phone scam is back. Here’s how to protect yourself.

Can you hear me? Don’t answer that.

The Better Business Bureau issued a press release yesterday warning the public of an an age-old scam making a comeback.

It’s been deemed the "Can You Hear Me?" scam.

In the past, this scam targeted businesses. The scammer would call - even pretend to adjust the phone or headset - and ask, "Can you hear me?"

The person on the other end would likely say, "Yes, yes, I can hear you."

With this grunt of approval, scammers could twist that around to, "Yes, the nice woman said she’d purchase this bulk of office supplies." Or, "Yes, he wants to buy an ad."

Now the phone scam is back, but it’s targeting individuals. In fact, BBB says more than half of the scams reported through its BBB Scam Tracker in the past few days have been about this one.

This is what happens: Someone calls you and you pick up. Consumers say the calls have been about anything from vacation packages to cruises to warranties.

Then the operator will ask if you can hear them, and you impulsively say "yes." But you haven’t just politely answered their questions. Rather, you’ve committed to something and didn’t even know it.

What to do if you get a "Can you hear me" call:
  • If someone you don't know asks "Can you hear me?" don’t say anything. Hang up.
  • Stay aware of any other questions to solicit a yes. These scammers are smart; they’ll know the public has caught on and will adjust accordingly.
  • Don’t answer a call from an unknown or unfamiliar number.
  • Check your bank and credit card accounts on a regular basis.
If you do get a call from someone you think is a scammer, report it to BBB Scam Tracker to help warn others of your experience.

*Source: BBB

Wednesday, January 25, 2017

Don't fall victim to the 'Free Wi-Fi' scam...Those wireless connections could be a trap.

The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware - you may end up being victimized by the latest hot-spot scam hitting airports across the country.

You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie. The attack could even leave your laptop open to hackers every time you turn it on, by allowing anyone to connect to it without your knowledge.

First, let's take a look at how the attack works. You go to an airport or other hot spot and fire up your PC, hoping to find a free hot spot. You see one that calls itself "Free Wi-Fi" or a similar name. You connect. That's it - you've been compromised!

The problem is that it's not really a hot spot. Instead, it's an ad hoc, peer-to-peer network, possibly set up as a trap by someone with a laptop nearby. You can use the Internet, because the attacker has set up his PC to let you browse the Internet via his connection. But because you're using his connection, all your traffic goes through his PC, so he can see everything you do online, including all the usernames and passwords you enter for financial and other Web sites.

In addition, because you've directly connected to the attack PC on a peer-to-peer basis, if you've set up your PC to allow file sharing, the attacker can have complete run of your PC, stealing files and data and planting malware on it.

You can't actually see any of this happening, so you'd be none the wiser. The hacker steals what he wants to or plants malware, then leaves, and you have no way of tracking him down.

All that is bad enough, but it might not be the end of the attack. Depending on how you've connected to that ad hoc network, the next time you turn on your PC, it may automatically broadcast the new "Free Wi-Fi" network ID to the world, and anyone nearby can connect to it in ad hoc peer-to-peer mode without your knowledge - and can do damage if you've allowed file sharing.

While some of these ad hoc networks advertising themselves as available for connection may be attributable to Windows behavior that the PC's user is unaware of, wireless ad hoc attacks may be more common that you think. Security company Authentium, Inc. has found dozens of ad hoc networks in Atlanta's airport, New York's LaGuardia, the West Palm Beach, FL, airport and Chicago's O'Hare. Internet users have reported finding them at LAX airport in Los Angeles.

Authentium did an in-depth survey of the ad hoc networks found at O'Hare, visiting on three different occasions. It found more than 20 ad hoc networks each time, with 80% of them advertising free Wi-Fi access. The company also found that many of the networks were displaying fake or misleading MAC addresses, a clear sign that they were bent on mischief.

"You connect to one of these networks at your own peril," says Corey O'Donnell, vice president of marketing at Authentium. "And you would have no way of tracking down how you were attacked, because you would have thought you were at an ordinary hot spot connection. Enterprises are also at risk, because if someone uses a corporate laptop to connect to one of these networks and gets infected, when he plugs back in to the enterprise network, the whole network is put at risk."

Tuesday, January 17, 2017

A warning to all the selfie queens out there: you can be hacked!

Next time someone poses for a selfie with their fingers held up in a peace sign, maybe tell them to leave it at a smile.

An ordinary photo of the universal sign of goodwill might be enough for a thief to copy a fingerprint, thanks to the high quality of digital photos these days. And since Touch ID and similar technologies turn fingerprints into keys that unlock our devices and the data we keep in them, that’s cause for concern.

Just by casually making a peace sign in front of a camera, fingerprints can become widely available.

A team at the NII’s Digital Content and Media Sciences Research Division, Japan was able to reconstruct fingerprints spotted in pictures taken from up to 3 meters away.

“Fingerprint data can be re-created if fingerprints are in focus with strong lighting in a picture.” - Isao Echizen, a professor at Japan’s National Institute of Informatics

The peace sign is a common expression in social media pictures, but this technique could conceivably be applied to other common gestures like waving or giving a thumbs up. Matched with a person’s face, that makes for a significant amount of biometric data that identity thieves could do real damage with.

How Thieves Could Get Fingerprints From Selfies

The technique described by Echizen uses no special software, but does require good lighting - so for the moment you can feel free to flash whatever signs you like when the light is low. As mobile cameras become more and more powerful, though, selfies will become a bigger security liability.

The better alternative might be to make sure you aren’t relying on fingerprint security measures whenever possible. Or just avoid selfies altogether.