Sextortion Scammers Using Email Address Spoofing to Fool Victims

written by Brett M. Christensen February 1, 2019

Fake blackmail sextortion scams are increasingly common. Typically, sextortion scammers send out thousands or even millions of identical emails claiming that they have captured video of the recipient visiting a porn site. The scammers threaten to send the compromising video to all of the recipient’s contacts if they do not receive a “keep quiet” payment via Bitcoin. But, the scammers have not created a compromising video. Nor have they hijacked the recipient’s contact list. The whole thing is a bluff. However, the scammers know that at least a few recipients will be panicked into sending the requested money. To increase their chances of success, the scammers use a variety of dirty tricks to convince potential victims that the claims in their fake blackmail messages are true.

Email Spoofing Trick
One such trick is to make it appear that the email was sent from your OWN account thereby supposedly proving that they have indeed compromised your device as claimed.

Here’s an example from a typical scam email:

Your account has been hacked by me in the summer of this year.I understand that it is hard to believe, but here is my evidence:
– I sent you this email from your account.
– Password from account [email address removed]: [password removed] (on moment of hack).

If you look at the sender address of the email, it will display YOUR email address. So, it may seem that the sender has indeed broken into your account to send the email. But the scammer has simply forged the header of the email so that your email address appears as the sender. This is a technique known as “spoofing’ and is not difficult to do. In other words, the email did not come from your account at all. It just looks that way because of the forged email headers.

Other Dirty Tricks
As I discuss in more detail in another report, the scammers often include user passwords in their scam emails as a way of making their false claim seem more plausible. And, in another variation, the scammers include the recipient’s phone number along with the password. The scammers are extracting passwords and phone numbers from old data breaches and automatically matching them to the corresponding email address. They can then distribute vast numbers of emails that are identical except for the password and phone number that matches each email.

Don’t Respond — Just Hit “Delete”
If you receive one of these scam emails, don’t be fooled. By including real passwords and real phone numbers, and making it appear that the recipient’s account sent the message, the scammers significantly increase the likelihood that their claims will be taken seriously. More people will fall for the ruse and send their money to the criminals. But, despite these clever tricks, the emails are still just empty bluffs. To reiterate, the sender has not hacked your computer and has not created a compromising video of you.

Don’t respond. Just hit the “delete” key.

Lloyds Bank fake email “FW: Incoming BACs Documents”

Just received the email below – proporting to be from Lloyds Bank – looks genuine enough but clearly it is just another phishing email looking to grab some details off you or drop some malware or Virus on your PC. If you receive this email – delete it. Do not click on the PDF link in the email

If you have already done so – contact me and I can clean your PC for you. If you don’t have a decent anti-virus – I can help you there too as I resell BitDefender GravityZone – one of the best on the market.

Ransomware: What Is It And How Can You Prevent It?

Bill Hess at PixelPrivacy wrote this great article and made me aware so I was able to share it with you. The original article is here check out Bills other articles – there is so really informative stuff there

Ransomware: What Is It And How Can You Prevent It?


Ransomware has been around for a while now and grows more prevalent with each passing year. Cases of ransomware were first seen in Russia in 2005.

2006 report from Trend Micro told of an early ransomware strain that affected Windows computers, which would search a hard drive for certain files, zipping them into a password-protected file, deleting the original files. Also created on the drive was a “ransom note” text file, telling how to make a payment to get the files restored.

In 2011, Trend Micro reported about an SMS ransomware strain that repeatedly displayed a ransomware page to users until they paid the ransom by dialing a premium SMS number.

By early 2012, ransomware began to spread outside of Russia, as the bad guys began to realize what a profitable business model it could be if performed properly. The rise of cryptocurrency in recent years has also contributed to the rise of ransomware, due to the ability to receive the demanded ransom via Bitcoin and other anonymous forms of payment.

Late 2013 saw the rise of “crypto-ransomware” that encrypted a user’s files, ensuring the need to pay a ransom even if the ransomware itself was removed from the computer. This type of ransomware demands a ransom be paid, upon which the user would receive a private key to decrypt their files.

Of course, payment of the ransom didn’t always result in the bad guys holding up their end of the deal. (Um, they’re “bad guys,” DUH!) However, most ransom payments have proven to result in the needed key to unlock files, as the scheme depends on victims believing that payment of the demanded sum will result in the freeing of their data.

In this article, we’ll take a look at how ransomware can hold your computing device and its files hostage, how you can prevent ransomware from attacking your computer, and what you can do if you find that your data is being held hostage.

What is Ransomware?

Ransomware is malicious software that encrypts or otherwise blocks access to the data stored on a user’s computer or mobile device. The victim is then told to pay a “ransom” to have the files unlocked so they can be accessed once again.

While some simple forms of ransomware can be easily decrypted by a knowledgeable user, more advanced methods of encryption make it nearly impossible to retrieve the encrypted files without the private key needed to perform the task.

Ransomware attacks are usually launched via a “trojan” application, which enters a system through a downloaded file or a security vulnerability in a network service.

While operating system and networking companies regularly release updates to fix security flaws used by such trojan apps, many users fail to install the updates, leaving their machines and networks open to attack.

Once downloaded to your computer, the program then runs, locking the system, encrypting data or, in some cases, even making threats that appear to come from a law enforcement agency. (One user turned himself in after a malware app threatened to call the authorities about child pornography on his hard drive. He actually had child porn on the drive.)

No matter the type of ransomware, the goal of the evil payload is almost always to extort a payment of some sort from the victim. The amount of money demanded from individuals can be a substantial amount, but not financially crippling for the individual.

Tom’s Guide notes amounts have been reported to be in the range of $300 to $700 for victims in the United States, although amounts can vary according to the victim’s location.

Protecting Your Computer From Ransomware

There are several ways to protect yourself from ransomware, and we’ll take a look at each one in this section.

We’ll look at how “smart computing,” keeping your computer and other connected devices updated, and running anti-virus and anti-malware apps can help you keep your system running clean and green, keeping your personal or business data from possibly being lost forever.

1 Practice Smart Computing

Always practice smart computing.

When I say that, I mean that you should always think twice about opening emails or email attachments from unknown parties. Never click a link found in an email, even if it appears to be from someone you know.

When browsing the web, use common sense and stay out of the darker corners of the web. (Like my doctor, Vinnie Boombotz says, “If you break your arm in three places, stay out of those places!”) Sure, the lure of free movies and music can be enticing, but think before you click.

Never install an application on your computer or mobile device unless you’re absolutely certain of the source of the app. If possible, restrict app downloads to those from known sources, such as the Windows Store, the Mac App Store, the iOS App Store and Google Play.

Mac and Windows owners may find this rule a bit tougher to follow, due to the plethora of app sources available on the web, but at the very least, be sure of the websites you’re downloading from.

Always make sure you show file extensions on your computer. This will help you identify the types of files you’re viewing. Be wary of clicking files you’re not sure of, especially if they show file extensions like “.app,” “.exe,” “.vbs” or “.scr.”

2 Keep Your Computer or Mobile Device Updated

One of the most important things you can do to protect your computer or mobile device from threats like ransomware is to keep it updated, regularly installing the latest updates. The best way to do so is to turn on automatic updates, so your device will keep itself updated and patched against the latest threats.

Luckily, Microsoft, Apple and Google usually react quickly when security flaws are exposed, often releasing a fix for the security holes within days. Android users can still be exposed, however, due to the various devices that run the mobile operating system, and the need for individual device makers to release updates for those many, many devices.

Windows 10

Windows 10 is easy to keep updated. Simply go to “Update & Security” in the “Settings” menu and make sure updates are set to install automatically. You can also manually install any available updates while you’re in this area.

Windows 10 Update Status


macOS is also easy to keep updated. On your Mac computer running macOS High Sierra or any recent version of the macOS operating system, do the following:

  1. Click the Apple icon you’ll find on the upper left-hand corner of your Mac’s Desktop.
  1. Click “System Preferences.”
  1. Click the “App Store” icon.
  1. On the App Store screen, make sure the “Automatically check for updates” and the “Install system data files and security updates” boxes are checked.
macOS App Store Updates

Your Mac will then notify you when an update is available. You can then load the Mac App Store app, click the “Update” tab and click the “Update” button for the macOS update. The app will download and install. Your Mac may reboot a few times during the installation, and it may take awhile.

You can also manually check for a macOS update by loading the Mac App Store app and clicking the “Update” tab, where your Mac will automatically check for any available updates.

macOS Updates


Before updating your Android device, make sure it is fully charged and connected to a charger. These updates can take a while, so power is important.

You’ll also want to be connected to the internet via a Wi-Fi connection. Otherwise, you’ll be eating up some of the data on your cellular plan, and a Wi-Fi connection is usually faster.

In addition, before updating your device, make sure you have a recent backup. (Backups are also handy to have if you need to restore your device in case of a ransomware attack. I’ll talk more about that in the next section.)

On your Android device, tap the “Settings” icon. In the Settings menu, look for and tap “About phone,” or the equivalent for your device and version of Android. (These can differ, as manufacturers are allowed to customize and modify the menus on the devices they sell.)

Android Settings

In the “About phone” menu, tap on the “Software Updates” or equivalent menu option.

Android Phone Status System Updates

You’ll see the Software Update screen, which will either tell you that your device is up to date, as seen here, or that there is an update available. If an update is available, tap the “Install Now” button to download and install the update.

Android Check for Update


When an iOS update is ready, your iPhone, iPad or iPod touch will notify you. When you see the prompt, simply tap the “Install Now” button in the notification.

You can also manually check for and install an update by plugging your device into its charger, making sure you’re connected to the internet via Wi-Fi and doing the following:

  1. Tap the “Settings” icon on your device’s Home screen to enter the Settings app.
  1. Tap “General” in the Settings menu.
iOS Settings General

3. Tap “Software Update” in the General menu.

iOS Settings Software Updates

4. Your device will check for an available Software Update.

iOS Software Update Checking for Update

5. If an update is available, tap “Download and Install.”

iOS Software Update Download and Install

6. Depending on how much free space you have remaining on your device, you may be asked if it’s okay to temporarily remove apps to make space for the update files. Tap “Continue.” iOS will reinstall any apps it removed once the update has been completed.

7. To update iOS now, tap the “Install” button. If asked, enter your passcode. The update will begin, your device will reboot and prompt you for your passcode once the update has finished.

3 ​Backup, Backup, Backup!

I can’t stress strongly enough the importance of backing up your computer or mobile device on a regular basis. Always, make use of a backup solution that will back up your data on a scheduled basis to an external drive.

Time Machine, which is built into macOS, is a great solution for Mac users, while Windows 10 users can take advantage of the built-in Backup and Restore app. Carbon Copy Cloner is a popular option for Mac users who want to make an image of their drive.

macOS Time Machine Back Up

Also, while a local backup is a great idea, a cloud backup is also an option you should strongly consider, which, in addition to offering a way to restore data in case of a ransomware infection, also provides a way to recover your data in case of a fire or other disaster that might destroy your local backup.

macOS Back Up

For mobile devices, users can make use of cloud backup services like iCloud for iOS, or Carbonite and Backblaze for both iOS and Android devices.

iOS iCloud Back Up

iOS users can also back their devices up to their Mac or Windows computer by connecting their device to their computer via a Lightning cable and using iTunes. Similar device-to-computer solutions are available for Android users.

​4 Use Antivirus and Anti-Malware Apps

Never, EVER connect to the internet on your computer or mobile device without running some type of antivirus and anti-malware software.

In this section, we’ll take a look at the options available to protect your Windows, Mac, iOS and Android devices from threats.

It should be noted upfront that while there are plenty of antivirus and malware scanning apps available for Windows, macOS and Android, there are much fewer available for the iOS platform.

This is due to how Apple keeps the iOS operating system locked down as a closed system, only allowing installation of apps via the Cupertino firm’s App Store. Many of the malware threats to the iOS platformhave been limited to “jailbroken” devices.

Windows Defender (Windows 10 Only)

When you install and run Windows 10 for the first time, Windows Defender is automatically enabled, offering you basic protection from online threats such as viruses and malware.

The app offers real-time protection against viruses, malware and other threats. It also offers the ability to scan your computer’s hard drive for threats.

Windows Defender Windows 10

Many users are pro-Defender since it’s included as a part of Windows, it automatically protects a new Windows installation and it’s relatively easy to use.

However, other users argue that Defender is not a viable way to protect a computer, as its features are limited compared to other antivirus packages, and it’s an attractive target for hackers due to its wide use (much like Windows itself became an attractive target due to its popularity.)

If you’re looking for simple, easy-to-use protection for your computer, Defender may prove to be enough for your needs. In April 2017, independent IT-security institute AV-Test found that Windows Defender caught 99.9% of “widespread and prevalent” malware, and 98.8% of zero-day attacks.

However, you should be advised that there are better options available. I’ll share some of my favorites below.

For more information, visit the Microsoft website.

BitDefender (Mac, Windows, iOS, Android)

BitDefender for Mac and Windows is a reliable security application, offering protection against malicious websites, a built-in password manager and even a secure browser for use when you want to protect online financial transactions and other security-sensitive online activities.

BitDefender (Mac, Windows, iOS, Android)

In addition to real-time virus and malware protection, as well as scanning capabilities, the app provides an anti-phishing module that will warn you when there are malicious links in your search results and even block access to dangerous websites.

Bitdefender on the iPhone and iPad offers only limited functionality, allowing you to check to see if any of your email accounts have been leaked, and an anti-theft module that allows you to locate, lock or wipe a lost or stolen device, which is already possible via iCloud.

In my humble opinion, the app isn’t worth the download, though you may feel differently.

Bitdefender for Android offers much more protection than the iOS app does. The app offers malware scanning, e-mail account security, the ability to lock your apps with a PIN, real-time protection for Chrome and default Android browsers, the ability to track, lock, and wipe your lost or stolen device, and more.

This version is a pay-for-play app, but it offers a 14-day free trial, so you can try it out without putting any money on the table.

For more information, visit the Bitdefender website.

Avast Antivirus (Windows, macOS, Android)

Avast Antivirus is free antivirus protection for Windows and macOS machines. The free version provides protection against viruses and malware using both real-time and hard drive scanning methods.

It scans your Wi-Fi network for security issues and intruders, and also stores your passwords for use on websites.

Avast Antivirus (Windows, macOS, Android)

Avast offers paid solutions as well, which adds features such as anti-phishing protection, spam email blocking, a firewall, webcam spying blocking, file shredding and more.

Avast Antivirus 2018 is available for Android devices. The ad-supported app (the ads can be removed with an in-app purchase) scans Android devices for malware and protects users from phishing attacks sent through email, phone calls, websites and SMS messages. The app also provides a PIN-protected photo vault, anti-theft features and more.

For more information, visit the Avast website.

Malwarebytes Anti-Malware (Windows, macOS, Android)

No matter which antivirus solution you select for your Windows, Mac or Android device, I strongly suggest you also install the Malwarebytes malware scanner.

Malwarebytes is designed for one thing, and one thing only: detecting malware that might be hiding on your device.

Malwarebytes Anti-Malware (Windows, macOS, Android)

The free version of Malwarebytes for Mac and Windows scans your computer’s hard drive for malware threats (and does it quite quickly). Most of the scans I perform on my Mac run for around 3 minutes or so.

If any malware is detected, the malware files are “quarantined” in a special directory created by Malwarebytes. Users can then view which files were quarantined and even delete the quarantined files with the click of a button.

Malwarebytes Anti-Malware (Windows, macOS, Android) Quarantine

The premium version also offers real-time protection against threats. If you’re budget-challenged, the free version will likely provide sufficient protection – just be sure to run the scan periodically.

A free trial period provides all of the premium features for 14 days.

Malwarebytes for Android checks for ransomware, malware and junk files, and also scans for malicious code. It scans for malicious links in emails, texts, websites, Facebook and WhatsApp. In addition, it detects apps that may be tracking your location, attempting to monitor your calls or charge you hidden fees.

The free version of this app does a great job of scanning your Android smartphone or tablet, and does it quickly, meaning you might be more apt to run the app for a scan from time to time.

For more information, visit the Malwarebytes website.

CRAP! I’ve Been Hit by Ransomware! Now What?

Your computer has been hit with ransomware, and now you’re faced with paying the ransom and hoping like hell that the bad guys will give you the key to unlock your precious data.

Don’t do that – only pay as a last resort. There is a good possibility you can recover your data without paying up.

1 Scareware (Windows and Mac)

Some ransomware is relatively easy to remove. “Scareware” browser screens that claim you have child porn on your hard drive and that your computer is locked are never true. (If you’re actually suspected of being in possession of child porn, the FBI will come knocking on your door, search warrant in hand, bright and early some morning. Just ask Jared from Subway.)

If you’re faced with this type of ransomware, you can usually shut it down by using force-quit on a Mac, or the Windows Task Manager on a Windows machine, to close the browser.

Then you’ll need to run an antivirus and/or malware detection application to remove the files causing the issue. That should clear this pesky critter from your machine.

2 ​Ransomware (Windows)

If your Windows machine is hit by real ransomware and you’re unable to access your data, or even unable to boot your computer to the Windows Desktop, try to do a System Restore to roll your system files to a point before they were infected.

Note: System Restore must have been enabled beforehand, but the good news is that Windows enables it by default, so unless you’ve changed the settings, you’re good to go.

To perform a System Restore in Windows 10, do the following:

  1. If your computer can boot to the Windows login screen, hold down your Shift key on your keyboard, click the power icon and select “Restart.”
  1. Your PC should then reboot to the recovery screen.
  1. Click “Troubleshoot.”
  1. Click “Advanced Options.”
  1. Click “System Restore.”
  1. Wait for the process to complete.

If you can’t access the recovery screens, you can use the USB stick or DVD you installed Windows from to boot the PC to access the recovery tools. You’ll need to click the “Repair Your Computer” option if you have to go this route.

If running System Restore doesn’t do the trick, try running a virus scanner from a bootable disc or USB stick. Bitdefender, Avast and many other antivirus software companies offer scanners that can be used in this manner.

I highly recommend creating a rescue disc or USB stick with apps that can help you in situations like this. Note to self: Write an article telling you how to create a rescue disc/stick.

This is the bad news part of this section: if you have no luck trying any of the above, you will likely need to perform a full restore from a backup or perform a clean reinstallation of Windows.

But, the good news is that you have a good backup of your hard drive, containing all your files, right? Right? Be sure to scan the backup for malware before restoring. No sense in starting this whole thing all over again. (If you need a refresher on backing up your computer, I suggest that back up a bit to the Backup section of this article. BEEP! BEEP! BEEP!)

If you get “lucky” enough to be infected by malware, and it didn’t appear to have encrypted your data, but it still looks like you’re missing some files, the malware may have just hidden them.

Try the following:

  1. Open a File Explorer window.
  1. Click the “View” tab in the top pane.
  1. Click the “Hidden items” checkbox to select it. (A check will appear, showing that it is enabled.)

If your lost data shows up after opting to show your hidden files, you’re golden. Just navigate to “C:\Users\”, open the folder for your username and right-click each hidden folder. Open “Properties” and uncheck the “Hidden” box. Your data should once again be accessible.

3 Ransomware (Mac)

The Mac has had relatively few malware attacks compared to the Windows platform. However, as the platform has become more popular in recent years, it has become more popular with hackers looking for a quick ransomware hit.

In February 2017, the Findzip ransomware was discovered. Only a relatively few Mac systems were hit by the ransomware.

The bad news was, even if you did pay the demanded ransom to the parties behind Findzip, they couldn’t give you the key to decrypting your data. Other than a rather involved method of recovery procedure, the only way to get your data back was to restore from a (hopefully) unaffected backup.

Your best bet for recovery from a ransomware attack on your Mac is to have a recent backup of your hard drive, which can be used to restore your files after the ransomware is cleaned, either using an antivirus and/or anti-malware app, or via a reinstallation of the macOS operating system.

What Have We Learned?

Ransomware can infect your computer, encrypt your files and prevent you from accessing your data, forcing you to either pay the price in hard currency or lose the time you’ll spend restoring your system to its former glory.

1 Practice Safe Computing

Always think twice before downloading files from questionable websites, opening attachments in emails or downloading that pirated movie, album or game. Only install apps from known-safe sources, such as the Windows Store or the Mac App Store.

2 Backup, Backup, Backup

Always have a recent hard drive backup handy, just in case you are hit by ransomware. In addition to a local backup on an external hard drive or USB stick, also back your files up to the cloud. Offsite backups like cloud backups offer another layer of protection.

3 Keep Your Computer or Mobile Device Updated

Always keep your devices’ operating systems updated. Either set your computer to automatically update or periodically check for updates.

Both Microsoft and Apple regularly provide updates for Windows 10 and macOS, respectively. Updates usually only take a few minutes and pay dividends by providing patches for recently discovered security holes used by ransomware developers.

4 Use Antivirus and Anti-Malware Apps

Install antivirus and anti-malware apps on your device. Also be sure to keep the app and its definitions updated to provide the latest in protection for your system.

5 Don’t Panic

If your computer or mobile device is hit with malware, don’t panic. Follow the steps I’ve laid out in the paragraphs above, and you’ll have a good chance of recovering your stricken data.

Now, go forth and sin no more! Or, at least use protection.


Mail Services Offered by PR PC Support

We are pleased to be able to offer Microsoft Hosted Exchange mailboxes and all versions of Office 365 at competitive rates. If you are thinking of moving your email to a more secure, robust and protected mail service , or even if you currently have a Hosted Exchange mailbox or Office 365 licence – speak to me and see if I can get you a better deal for existing users or a competitive quote for new users.

All our hosted Exchange mailboxes come with free email signature software with each mailbox.

We also offer a Secure email service which works with most common email platforms.

For more information please browse below


Hosted Exchange

Office 365

Secure Email Messaging

BitDefender – AntiVirus

Download Brochures

Office 365

Secure Email Messaging

Acronis Backup Cloud

BitDefender AntiVirus

Shame, confusion among office workers spur record numbers to give in to ransomware

Posted by :

By Filip Truta on Nov 03, 2017

Despite considerable efforts to educate employees on ransomware, many organizations still don’t know what to do if they fall victim to an attack. According to part 2 of Intermedia’s Data Vulnerability Report, a record number of employees and their employers are paying ransom.

Intermedia examined the security habits of more than 1,000 office workers and found that many employees draw a blank when they fall victim to ransomware. About a third admit they aren’t even familiar with ransomware.

“This lack of awareness, paired with massive global attacks such as WannaCry and Petya (and new strains popping up all the time like Bad Rabbit), is resulting in both employees and employers paying ransoms in record numbers,” according to the report.

Although 70% of office workers say their organization regularly communicates about cyber threats, employees aren’t always told what exactly to do if hackers seize their computer. Because of this, employees hit by ransomware sometimes take matters into their own hands, which can dramatically undermine their organizations’ security efforts.

In fact, the study shockingly reveals that employees shoulder the costs of ransomware payments more often than their employers – 59% paid the ransom personally, and 37% said their employers handled the payment.

In organizations where WannaCry was named as part of the cybersecurity training, as many as 69% of employees paid a ransom themselves. Intermedia suggests shame, as well as lack of knowledge, may drive employees to pay ransom themselves.

Other findings include:

  • Over 73% of Millennial workers affected by ransomware report paying a work-related ransom
  • 68% of impacted owners / executive management said they personally paid a work-related ransom
  • Small and medium-sized businesses are particularly vulnerable to ransomware attacks as they lack the resources, tools and/or training that larger organizations use to recognize, prevent and protect themselves
  • Ransom paid by office workers averages $1,400
  • Growth in ransomware attacks is directly linked to the increased willingness of victims to cough up ransom money

To mitigate the risk of falling victim to a ransomware attack, companies would be smart to employ a proven enterprise security solution trained in sniffing out not just ransomware, but any kind of malware.

Regular backups are also a good idea. In case of an attack, organizations can restore from backup with little or no harm to their operations and, ultimately, their bottom line.

With ransomware damage costs predicted to exceed $5 billion in 2017 (up from $325 million in 2015), and the General Data Protection Regulation just around the corner, doing nothing is no longer an option – neither for big corporations nor for small businesses.

Is Antivirus Necessary in the World of Mac?

credit :

The misconception that only Windows OS computers need antivirus protection is just that—a misconception.

The last decade has served up plenty of lessons around taking digital security too lightly. For years, threats targeting the Windows operating system have grabbed the headlines, leaving the impression that other operating systems are immune to commercial, opportunistic threats.

The modern Mac OS is based on a solid architecture, with built-in security features that do a pretty good job fending off malware. But the explosive growth of the web and our dependence on cloud services has changed the security landscape completely. Platform-focused threats are now complemented by web-borne attacks trying to gain control of your cloud services.

On the malware side, while it’s true that Windows computers are more susceptible to attacks due to their popularity, the increase in malware families specifically designed for Mac is higher in 2017 than in the previous five years combined. Security experts – and sometimes Apple – warn Mac users not to rely on the operating system for security alone, as prevention is always the wiser approach.

Cyber criminals are getting better at hiding malware from users and security agents. They’re not in it for the notoriety, like they used to be in the good old days. Now they are in it for the money. Hackers are no longer writing poor-quality malware, but instead designing hostile, complex, malicious software programs which takes advantage of users’ blind spots to sneak in, by either working around the operating system defenses, or by tricking the user into voluntarily installing them.

Some of the notorious threats that have taken Mac users by surprise are CoinThief, a Mac Trojan that goes for Bitcoin wallets after infiltrating computers, or the devastating Flashback Trojan that infected more than 600,000 devices worldwide. And new threats, such as ransomware, are being perfected as we speak, designed to extort money from victims all over the globe. In March 2016 Apple had to fight KeRanger, the first ransomware designed for Mac.

Before you hit the road, fasten your digital seatbelt

When talking about online security, one of the most important misconceptions is that anti-virus programs only protect against known viruses, and the number of such viruses is so small that you should hardly bother. In reality, an anti-malware solution designed for Macs cover all the attack avenues: They include anti-phishing, anti-adware, anti-spyware, anti-ransomware, and other layers of security to keep your Mac running only the software or apps that you have authorized.

Modern threats targeting Macs are silent: they can run in the background for years without showing any sign of trouble. Aggressive adware that stealthily profiles you and casually serves banners might not look like a big deal for the uninformed—but they leak out your private information, from browser habits to contacts or browsing history, without you even knowing. Other websites take advantage of your processing power and silently use it to mine digital currency at the expense of your computer’s performance and reliability. This, in turn, wears down your hardware and increases your electricity bill.

Are all security solutions made equal?

If you’re concerned about the security of your Mac device and want to get an anti-malware solution installed, make sure you don’t fall into a trap. Fake malware protection applications are out there for all platforms, from Android to Windows to Mac.

Choose a security solution that provides certified 100% detection, such as  the BitDefender GravityZone .

Speak to me about a quote for BitDefender GravityZone for all your Mac or Windows devices.

PR PC Support now authorised cloud based solutions reseller

PR PC Support are now an authorised reseller of a range of cloud based solutions to assist our clients to protect their data, computers and email.

In our arsenal of solutions are:

  • Office 365 – All versions of Microsoft’s popular cloud based office and email solution
  • Acronis Backup Cloud – Trusted solution from a world leader in Backup Solutions – Secure and reliable cloud backup tailored to meet your requirements
  • BitDefender Gravity Zone – Award winning Anti-Virus / Anti-Malware & Anti-Ransomware that consistently offers superior protection, performance, and usability –  proven in major independent tests
  • Hosted Exchange email – scalable hosted mail boxes complete with free email signatures with each mailbox
  • Email Security & Archiving for hosted Exchange and on premises Exchange Servers
  • Cirius Secure Email Messaging – send and receive secure email from within your email client

Please get in touch if you want to protect your data with our online backup tools, protect your computers with our online security tools or want to upgrade or migrate your email to one of our email services.

Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak

By Catalin Cimpanu at
June 27, 2017 05:46 PM 63

Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya/SortaPetya/Petna) ransomware from infecting computers.

The ransomware has been wreaking havoc across the globe today, locking hard drive MFT and MBR sections and preventing computers from booting. Unless victims opted to pay a ransom (which is now pointless and not recommended), there was no way to recover their systems.

In the first hours of the attack, researchers believed this new ransomware was a new version of an older threat called Petya, but they later discovered that this was a new strain altogether, which borrowed some code from Petya, hence the reason why they recently started it calling it NotPetya, Petna, or as we like to call it SortaPetya.

Researchers flocked to find killswitch mechanism

Because of the ransomware’s global outreach, many researchers flocked to analyze it, hoping to find a loophole in its encryption or a killswitch domain that would stop it from spreading, similar to WannaCry.

While analyzing the ransomware’s inner workings, Serper was the first to discover that NotPetya would search for a local file and would exit its encryption routine if that file already existed on disk.

The researcher’s initial findings have been later confirmed by other security researchers, such as PT Security, TrustedSec, and Emsisoft.

This means victims can create that file on their PCs, set it to read-only, and block the NotPetya ransomware from executing.

While this does prevent the ransomware from running, this method is more of a vaccination than a kill switch. This is because each computer user must independently create this file, compared to a “switch” that the ransomware developer could turn on to globally prevent all ransomware infections.

How to Enable the NotPetya/Petna/Petya Vaccine

To vaccinate your computer so that you are unable to get infected with the current strain of NotPetya/Petya/Petna (yeah, this naming is annoying), simply create a file called perfc in the C:\Windows folder and make it read only. For those who want a quick and easy way to perform this task, Lawrence Abrams has created a batch file that performs this step for you.

Please note that he batch file will also create two addition vaccination files called perfc.dat and perfc.dll. While my tests did not indicate that these additional files are needed, I added them for thoroughness based on the replies to this tweet.

This batch file can be found at: (PR PC Support takes no responsibility for use of this batch file – although it has been checked out )

For those who wish to vaccinate their computer manually, you can do so using the following steps. Please note that these steps are being created to make it as easy as possible for those with little computer experience. For those who have greater experience, you can do it in quite a few, and probably better, ways.

First, configure Windows to show file extensions. For those who do not know how to do this, you can use this guide. Just make sure the Folder Options setting for Hide extensions for known file types is unchecked like below.

Once you have enabled the viewing of extensions, which you should always have enabled, open up the C:\Windows folder. Once the folder is open, scroll down till you see the notepad.exe program.

Once you see the notepad.exe program, left-click on it once so it is highlighted. Then press the Ctrl+C ( Ctrl+C Button) to copy and then Ctrl+V ( Ctrl+V Button) to paste it. When you paste it, you will receive a prompt asking you to grant permission to copy the file.

Press the Continue button and the file will be created as notepad – Copy.exe. Left click on this file and press the F2 key on your keyboard and now erase the notepad – Copy.exe file name and type perfc as shown below.

Once the filename has been changed to perfc, press Enter on your keyboard. You will now receive a prompt asking if you are sure you wish to rename it.

Click on the Yes button. Windows will once again ask for permission to rename a file in that folder. Click on the Continue button.

Now that the perfc file has been created, we now need to make it read only. To do that, right-click on the file and select Properties as shown below.

The properties menu for this file will now open. At the bottom will be a checkbox labeled Read-only. Put a checkmark in it as shown in the image below.

Now click on the Apply button and then the OK button. The properties Window should now close. While in my tests, the C:\windows\perfc file is all I needed to vaccinate my computer, it has also been suggested that you create C:\Windows\perfc.dat and C:\Windows\perfc.dll to be thorough. You can redo these steps for those vaccination files as well.

Your computer should now be vaccinated against the NotPetya/SortaPetya/Petya Ransomware.

Phishing email that knows your address

Something you need to be aware of, posted on the BBC ( )


A new type of phishing email that includes the recipient’s home address has been received by thousands of people, the BBC has learned.
Members of the BBC Radio 4’s You and Yours team were among those who received the scam emails, claiming they owed hundreds of pounds to UK firms.
The firms involved have been inundated with phone calls from worried members of the public.
One security expert warned clicking on the link would install malware. You and Yours reporter Shari Vahl was one of the first on the team to receive an email. “The email has good spelling and grammar and my exact home address…when I say exact I mean, not the way my address is written by those autofill sections on web pages, but the way I write my address. “My tummy did a bit of a somersault when I read that, because I wondered who on earth I could owe £800 to and what was about to land on my doormat.” She quickly realised it was a scam and did not click on the link. “Then, a couple of minutes later, You and Yours producer Jon Douglas piped up as he’d received one and then another colleague said he’d received one too, but to his home email address,” she added.
The You and Yours team decided to contact the companies that were listed in the emails as being owed money.
A spokesman for British Millerain Co Ltd, a waxed cotton fabric manufacturer, told the programme that the firm “had more than 150 calls from people who don’t owe us money”.

And a spokeswoman for Manchester shelving firm Greenoaks said: “My colleague took a call from an elderly gentleman and he was very distressed because his wife had had one of these emails.”

Dr Steven Murdoch, principal research fellow at the department of computer science at University College London, told You and Yours: “Most likely it was a retailer or other internet site that had been hacked into and the database stolen, it then could have been sold or passed through several different people and then eventually it got to the person who sent out these emails.” He said that the email bore the hallmark of previous phishing attempts from gangs in Eastern Europe and Russia. He said that clicking on the link would install malware such as Cryptolocker, which is a form of ransomware that will encrypt files on Windows-based computers and then demand a fee to unlock them.
Anyone receiving such an email is advised to delete it and report it to the national fraud and cybercrime reporting centre Action Fraud.

Beware Crypto Ransomware

Last week one of our staff opened a zip attachment that squirmed it’s way through the mail filters. Boom – queue a host of fileservers with files infected by cryptoware – it encrypts your files and renames them to the extension .locky – you can pay to have them unlocked! Nice – luckily I found the offending machines, re-imaged them and deleted all files and restored from backup. Problem solved – well apart from blocking zip attachments (probably something I should have done ages ago!)

Here’s so more info, found on

We already know that ransomware has become a growing threat to users around the world. Last week, Mac users saw their first such attack on Apple’s operating system. By encrypting a user’s local files and holding them ransom for payment in the hundreds of dollars, the perpetrators have become increasingly sophisticated in their methods to extract money. The software is so difficult to deal with that the FBI advises people and businesses to just pay up to unlock their files.

Now, according to Trend Micro, the past 24 hours have seen a rash of new crypto-ransomware spreading through popular websites. The attack, dubbed Angler Exploit Kit, is taking advantage of vulnerabilities in Adobe Flash and Microsoft Silverlight, among others, to feed the malware through compromised ad networks.

Malwarebytes is reporting that the “malvertising” is hitting the BBC, MSN,, The New York Times, and many others in the form of clickable banners. The anti-malware company provided lots of detail around the exploit, reporting a number of suspicious domains through which the ads are apparently served. Google’s ad network carried trackmytraffic[.]biz, while the AOL, Rubicon and AppNexus ad networks carried talk915[.]pw as well. Other suspicious domains include brentsmedia[.]com, evangmedia[.]com and shangjiamedia[.]com.

According to a blog post by SpiderLabs at Trustwave, as reported by Ars Technica, the team inspected a JSON-based file and wrote the following:

If the code doesn’t find any of these programs, it continues with the flow and appends an iframe to the body of the html that leads to Angler EK [exploit kit] landing page. Upon successful exploitation, Angler infects the poor victim with both the Bedep trojan and the TeslaCrypt ransomware–double the trouble. Google’s ad network was compromised in this attack, according to MalwareBytes. Last year, Google reported to have made progress in filtering ad injectors and malicious sources across the ad networks it manages. However, it would appear that the ad network still has work to do.

Credit John Devon –