Tag Archives: New Technology

Posted on Author Atlantic Computer Services Categories Blog

New Phishing Scams Using Twitter Account Emails

Hackers around the world are increasingly targeting verified Twitter accounts with emails designed to pilfer your Twitter login credentials.

Verified Twitter accounts differ from standard Twitter accounts in that they sport a large blue check mark next to the user’s name, which indicates that the person who owns the account is someone of considerable influence on the platform.

To be considered for verified status, you must formally apply for verification, which involves sending the company additional information including website references and pictures of your Photo ID.  There’s even an “essay portion” to the process that requires you to tell the company in your own words why your account deserves to be “notable.”

If that all sounds a little over the top to you, you’re not alone and it is one of the reasons why there are comparatively few verified accounts.

Even so, if you decide you just must have one, be aware that hackers are watching. They’ve been increasingly targeting anyone with the big blue check mark because those accounts can be resold for more money.  The accounts typically have lots of followers attached to them, which means that the hackers can potentially get their hooks into even more people.

The latest campaign looks something like this:

You’ll get an email stating that you’ve got a new notification from Twitter Verified, which sounds fairly official.

The email in question contains a button labeled “Check Notifications” but unfortunately, when you do that, you’ll be asked to enter your Twitter login credentials to verify that it’s really you.

Naturally, entering your credentials here has nothing to do with verifying your identity.  What you’re typing in is a simple capture box controlled by the hackers, allowing them to pilfer your login details and then abuse them.

Don’t fall for it.  Your best bet is to assume any email from a company is fraudulent. Instead of clicking on links, surf your way to the company’s website directly.  That’s still not a bullet proof solution, but it will reduce your risk to something pretty close to zero.

0
Posted on Author Atlantic Computer Services Categories Blog

Security Warnings Coming To Certain Google Apps To Help Users

Google has been making some fantastic changes to bolster user security in recent weeks. That includes changes to their Google Play Store that will require developers to disclose exactly what data they plan to track and collect when users install the apps they create.

In a related vein, the tech giant has also recently added some powerful new security features to Google Docs, Sheets, and Slides that now display warning banners any time users attempt to open a suspicious file on the web.

Too often, users will open a file without giving much thought to who put it before them or where it resides (whether a trusted network drive or somewhere on the cloud, for example).  Unfortunately, hackers are keenly aware of this and will often plant poisoned files that appear to be legitimate work files in places where users are likely to find them. Then, the hackers simply sit back and wait until they reel someone in.

These recent changes to Google Workspace apps are designed with one goal in mind. To help the people using those apps make better decisions bout whether to open a file, even if it looks completely legitimate.

This new warning feature builds on a system the company began implementing for Google Drive files back in January of this year (2022) and uses the same warning banners you’ll find there.  A bright yellow, hard to miss banner appearing at the top of the page after a user has clicked on a link, but before the file is downloaded.

These brightly colored banners display warning messages essentially asking the user if he or she is sure about downloading a file from an untrusted source that may contain malicious code.  Note that Enterprise users were a bit slower than everyone else to get the new functionality because of the way Google organized the rollout. By the time you read this, they should be visible for everyone.

0
Posted on Author Atlantic Computer Services Categories Blog

Three Big Companies Working On Passwordless Login Options

Ask just about any IT security professional and they will tell you that weak user passwords are one of the biggest problems and most persistent threats to corporate networks.

Despite years of training, re-training, and near-constant reminders to strengthen passwords, users keep making the same mistakes.

They’ll re-use the same password across multiple properties. They may use an incredibly weak and easy to guess password that makes it easy for hackers to break in using simple brute force attacks against their accounts.

If passwords were to simply go away and be replaced by something better, legions of IT security folks would breathe a tremendous sigh of relief.

If Apple, Google, and Microsoft have anything to say about the matter, that is soon to be a reality.  All three companies are hard at work on a variety of passwordless schemes. If their plans remain on track, we’ll get to see the fruits of their labor sometime next year.

The three companies are currently working to implement passwordless FIDO sign-in standards across Android, Chrome, iOS, macOS, Safari, Windows, and Edge.  Taken together, those systems and software packages account for some 90 percent of network traffic today. It won’t be long now before the devices users employ will store a FIDO credential, dubbed a passkey, which is used to unlock your device and access all of your online accounts.

The passkey scheme is substantially more secure than a simple password because it’s protected with powerful cryptography and only shown to your online account when you unlock your device.  Contrast that with passwords, which leave users vulnerable to all manner of phishing schemes and are subject to being weakened by bad habits developed by the users themselves.

All of that is good news but it should be noted that we haven’t seen it in action yet. Even after the Big Three finish their work, there’s still the considerable task of implementing the use of the new passkeys into websites and other applications. It will be a while yet, but the good news is change is coming.

0
Posted on Author Atlantic Computer Services Categories Blog

Google Assistant Tool Will Automate Password Changes

A handy new Google Assistant is coming soon to a device near you.  The new feature is designed to automate the frustrating and often time-consuming task of changing your passwords after a breach.

This information is according to a tweet from Max Weinbach and a separate report from a group called the Android Police.

Google has already implemented a powerful tool to detect when users are making use of passwords that have been compromised in a breach.  This new feature will build on that. Based on screenshots captured by Weinbach, you’ll soon see a new “Change Password Automatically” button when you investigate which of your passwords have been compromised.

The company announced the feature last year during Google I/O and it does have a few caveats. The biggest is that it only works on supported sites, but given that Google is behind it, it’s hard to imagine a scenario in which the majority of sites on the web didn’t flock to support the new feature.

When you use the new feature, the Assistant will automatically display the appropriate web page for changing one’s password on a supported site. Then Chrome’s built-in password manager will take over, automatically generating a new password, then storing the new login details without any input needed from the user.

This is fantastic news indeed. We love the fact that Google is working on this while simultaneously working with Apple and Microsoft to eventually get rid of passwords altogether. All this is in preference for a much more secure FIDO passkey.

That effort to get rid of passwords is still at least a year away. This one will be rolled out in just a few months.  As such, it will be a great intermediate step designed to keep users safer until a more robust and permanent solution can be rolled out.  Kudos to Google for their hard work on this front!

0
Posted on Author Atlantic Computer Services Categories Blog

 Amazon Kindle Will Soon Support ePub Standard Files

Do you own an Amazon Kindle?  If so, you’re probably already aware of one of the major frustrations with the product.  Kindles are amazing but they don’t support the epub file format. Of course, epub is  the format that just about everybody else on the planet other than Amazon sells e-books in.

The company has managed to avoid supporting the epub format for more than fifteen years.

If that has been a sticking point for you, there’s good news – sort of.  Kindle will soon be “supporting” the epub format!

We say sort of, and use “supporting” in quotes because although it would be easy for the company to simply enable their ubiquitous readers to support epub, that’s not actually what the company has planned.  Instead, Amazon will issue an update to Kindles that will allow them to convert epub files to a proprietary format that can be read by their readers.

Kindle users have gotten by for the past fifteen years by using a program called Calibre, which has a somewhat convoluted routine that converts epub files into the Kindle’s native file format.  The results were sometimes not great, but it got the job done.  Even so, it has proved to be intensely frustrating for Kindle users who have complained loudly to Amazon, but to no avail.

Now, finally, Amazon is listening – again, sort of.

Early user reactions to Amazon’s announcement have not been favorable, but the company continues to show absolutely zero interest in genuinely supporting the epub format.

In some respects, it’s easy to understand Amazon’s position. The truth is that at this point, they’re likely alienating enough people with their hardline position against the epub format that they’re not doing themselves any favors.

At any rate, if you own a Kindle you’ll soon be able to convert epub files to something called KF8 and view them on your device.  It’s not a great solution but it’s an improvement over what exists today.

0
1 2 3 4 5 6 26