TechByter Worldwide

Listen to the Podcast


12 May 2019 - Podcast #642 - (16:58)

It's Like NPR on the Web

If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.

PayPal

Subscribe

12 May 2019

How to Avoid Documents with Unpleasant Hidden Surprises

Opening email attachments from people you don't know is unwise, but research suggests that nearly half of the people who receive such attachments will open them. That is troubling.

 Click any of the small images for a full-size view. To dismiss the larger image, press ESC or tap outside the image.

TechByter ImageBecause many computer users are aware of dangers posed by executable files and zip files, cyber-criminals have moved on. Most attacks are now based on infected document files. Researchers at Barracuda Networks say that 48% of all malicious files detected in the last 12 months were some kind of document and more than 300,000 unique malicious documents were identified.

Here's a message I received this week. It claims to be a purchase order, but I don't manufacture anything. It's from somebody I don't know. The attached file is a PDF inside a zip archive. Anyone who's even half awake should recognize this for what it is, a scam.

Barracuda reports that document-based attacks are increasing at an alarming rate. In the first quarter, 59% of all malicious files were documents, compared to 41% in 2018.

Cyber-criminals use email to deliver documents that contain malware. Either the malicious code is hidden in the document or a script that's attached to the document downloads the malware to the computer.

TechByter ImageThe Barracuda Networks report shown an example email that includes a file named to make the recipient think that it's an invoice. The file has a "doc" extension that, so it looks legitimate and the message uses "Invoice for Services" as the subject. One potential giveaway might be that the recipient has never heard of the sender and isn't expecting an invoice for services. Still, a message such at this arriving at a corporate accounts payable department might be sufficiently convincing that the recipient would open it.

Systems that attempt to identify and quarantine such messages use multiple procedures according to software engineer Jonathan Tanner at Barracuda:

Malware is usually sent to lists of addresses that the crooks have obtained on the dark web. In the old days, crooks had to perform their own reconnaissance. Now they can just buy mailing lists that have been compiled for them.

Email is the most common delivery method for malware, but some is still delivered via malicious websites. Social engineering and email work well together so that the crook can convince the potential victim to open a Word, Excel, PowerPoint, Acrobat, or PDF file that has been weaponized. Archive files (7z and zip, among others) and PowerShell script files are also used. When the user opens the document, the malware is automatically installed or an obfuscated script is used to download and install it from a remote site.

"Sextortion" scams (more about that in Short Circuits) increasingly plant malware in addition to the attempted blackmail aspect of the message.

Short Circuits

Nice Guy Promises Not to Expose You, but Only if You Pay

A friend sent a note with a question about an email he had received. The message claimed that the sender had hacked my friend's computer, explained how he did it, and then went on to say that my friend would have to pay to avoid having his porn files exposed and embarrassing pictures captured by the computer's camera sent to everyone in his address book.

My friend doesn't visit porn sites and doesn't have any porn on his computer. My friend said that he assumed it was a scam, but the message contained details about how he got into the computer "and even gave a password that I have used in the past, but not for the site listed."

Although it is possible to plant malware that operates the camera and captures keystrokes on a computer, any decent anti-malware application would find it. This con game has been around for a while and can safely be ignored even though the scammer provided a password my friend had used. The password bit is newer, but data breaches have been common in the past few years and passwords from these attacks are available on the dark web. That’s doubtless where the password came from and is also why the password isn't current and wasn't associated with the site specified.

The scam works because a lot of people do view porn on-line. PornHub gets something like 75 million visitors every day, so there's a good chance that some of the people who receive the message have viewed porn on-line and then panic when they receive a message that seems to indicate that an intruder has been inside their computer. But a careful reading of the message will indicate that the scammer really doesn't know anything at all about the recipient.

There are many variants of the scam.

There are lots of people who would like to separate your money from you. Stay alert and don't become one of the victims.

Windows 10 Version 1903 is Coming Soon

About the time I think I've figured out Microsoft's numbering scheme they release version 1903 (March 2019) in May. Shouldn't it be version 1905?

The 1809 version (September 2018) was released and then pulled back, so Microsoft is being more careful with this semi-annual release and plans to start pushing it out in late May. The Windows Update function allows users to delay the update more easily than in the past, too.

There are some worthwhile features in 1903 and it's already been pushed out to computers in the Windows Insider Slow Ring. One of the most interesting is a "sandbox" function that allows users to install new applications in protected areas so that the new application can be more easily removed if it causes a problem. This is similar to installing in a virtual machine except that the new installation will be deleted when the computer is restarted. If the new application causes no problems, you can then install it normally.

Overall version 1903 doesn't have any blockbuster new features, but most of the new features will be welcome additions.

Scanning Documents Anywhere

A lot of people have decided that scanning documents and saving them on a computer beats saving stacks of paper. That's fine if you're in the office with a scanner most of the time, but you may have a scanner in your pocket.

What is a scanner, after all, but a camera that's designed to take a picture of a piece of paper. A smart phone camera can take a picture of a piece of paper, so all you need is a way to process the captured image so that it can be transferred to your computer.

Microsoft's Office Lens application does exactly that. I should point out here that this isn't exactly a new concept, but Office Lens makes the process quick and easy. The free application is available for both IOS and Android devices. Images you scan can be saved as a PDF document, added to One Note, uploaded to OneDrive, stored as a PowerPoint slide, saved as a Gallery image, or be processed by an optical character recognition application and saved as a Word document.

TechByter ImageWhen I said easy ... well, let's take a look. (1) I had a document from American Electric Power, so I put it on the desk and held the phone over it. Office Lens determined that it was a document. The other options are white-board, business card, and photo. The initial scan area was the entire page, but I moved the phone in a bit so that it would capture only the table.

(2) Even though I didn't hold the camera exactly square to the paper, the application did a good job of adjusting it.

(3) The next step is to specify how to save the image. I selected OneNote so that it would be transferred to my cloud-based OneNote account. From there it would be downloaded to OneNote on my office computer.

TechByter ImageThe next time you open OneNote, you'll find a new document in Quick Notes or in whichever location you've selected for new documents.

The ability to scan a receipt in a restaurant, a research document in a library, a white-board presentation at a conference, or any other document saves time and effort. Although Office Lens is intended to be used with Microsoft Office, much of its functionality still exists even if you don't use the connections to the Office suite.

Install Office Lens on an Android device by visiting the Play Store or on an IOS device by visiting the Apple Store.

Spare Parts

Adobe Boosts the On-Line Color App with New Features

Color is an essential part of design and Adobe's color management tools continue to evolve. Creative Cloud members can save and share color pallets, but the cloud-based application is accessible even by non-members.

TechByter ImageThe company refers to Adobe Color as a creative community where artists create and share color themes and inspiration. These themes can be used in Creative Cloud applications.

Since the beginning, users have been able to develop their own palettes by starting with a base color and choosing a palette type or by giving the application an image from which it can extract colors. Once created, the palette can be saved, shared, downloaded, or added to the user's Creative Cloud Library. Two new features were added this week.

TechByter ImageExplore is a new feature allows users to identify the kind of color they're seeking by scrolling through images that are integrated through Adobe Stock and Behance libraries. Adobe Sensei adds machine learning capabilities to recognize words such as "moody", "happy", "peaceful", or even "blog" and then suggest appropriate colors.

From there users can click through to Adobe Stock to license images or move to Behance and follow an artists, find out more about the artwork, or see the entire project.

New Pantone integration allows users to convert palettes into Pantone swatches and use them in Adobe applications. Pantone is a color matching service that provides precise methods for specifying colors.

TechByter ImageThe new Trends feature includes artwork galleries that focus on design areas such as graphic design, illustration, and fashion. The galleries give users a way to view projects that other designers are working on and to examine emerging trends.

You can see what's new by visiting the Adobe Color website.

Your Browser's Incognito Mode: Maybe Not so Incognito

Most modern browsers have an incognito mode, but they don't all use the same name. Although incognito mode provides some protections, it may not do everything you think it does.

Google Chrome calls it incognito; Firefox and Safari refer to it as private; Edge and Internet Explorer call it InPrivate. They all do about the same thing.: They delete cookies when you close the window and they keep the browsing history empty. They do not hide browser traffic from third parties like your ISP, the government, or your network admin and they do not protect the browser's traffic from hackers or other attacks and vulnerabilities.

These incognito modes have other shortcomings. If you log in to Facebook, Amazon, or any other service while in incognito mode, incognito mode will no longer offer any protections. And if you sign in to any of Google's apps using Chrome's incognito mode, Chrome will start saving cookies and recording history. This essentially eliminates incognito mode.

If you want really private browsing, you'll need to use the TOR browser (extremely slow), Vivaldi with some specialized security settings enabled, or Firefox with some special settings enabled. Or you can use a virtual private network (VPN). Most VPNs slow your internet connection a bit, but all of them are far faster than TOR. A VPN application replaces your IP address with the IP address of a remote VPN server and this makes it impossible to track you via IP address alone. It also encrypts the browser's traffic so that your ISP and other third parties can't see it. If security is important to you, now might be a good time to check into VPN applications.