Last night was a pretty significant night for Visionary Computer. While lots more details will follow in the months to come, we had our big hearing with the Town of Salisbury Planning and Zoning Commission to get approval for an upcoming critical project. I’m very happy to report, our proposal passed unanimously. I’d like to take a moment to personally thank George Johannesen of Allied Engineering Associates in Canaan (https://goo.gl/maps/HaRVrQgEV632) Simply put, George was a rock star at the hearing. He was professional, eloquent, confident, and thorough. I could not have asked for a better advocate and partner in this project. If you ever need a Civil Engineer trust me when I say there is no one else other than George and his company. I’d also like to thank our bounding neighbors, The Lakeville Journal, The Salisbury Bank & Trust Company, and the Goodall family - all of which either sent letters of support or attended the meeting in support of our project. Believe it or not, we have been working toward this for over a year now and we are very excited for what’s to come. Stay tuned for more details.

Some years ago there was a great TV commercial where a woman believes she is going on a date with a “French model.” When the guy showed up, it was clear he wasn’t a model and didn’t even speak French. The woman erroneously thought that just because something was on the Internet that it had to be true. That’s exactly why Scareware is spreading like wildfire - people believe that because it says so on their screen, it must be true. 

Scareware is a usually fake pop-up that scares you into calling a phone number for support. A rep then tells you that you have a virus or other problem which he or she can solve, they remote into your computer to allegedly fix the problem. There is of course a fee for that service, usually around $400. Often the fee is quoted as a low monthly but paid all at once for a discount. Whatever it is, it’s always fake. The irony of Scareware is that all you need to do to protect yourself is never to believe what you see on the screen. I’ve seen dozens of these popups and they all look awful. Some claim to be Microsoft, some say they are the FBI, a few even claim to be Apple. Regardless, never trust it - do not call the number listed on the screen. And whatever you do, never give someone that you don’t know the ability to control of your computer remotely. 

Many of the Scareware prompts are what we call persistent pop-ups, that is, they keep coming back or can’t be closed. In those cases the fix is actually quite simple. Force Quit Safari (by pressing Command + Option + ESC, the “Force Quit Applications” dialog box will appear, select Safari and then click on the “Force Quit” button. Now, press and hold the shift key on the keyboard and re-launch Safari (while keeping the shift key held down), Safari will open without the persistent pop-up. Happy early birthday, I’ve just saved you $400.

One common technique used by these bad folks is that they prey on people actively looking for help. For example, lets say your Epson printer isn’t working. It’s very common for customers to try and “Google” a fix or find a companies support phone number via Google or other search engine. Avoid doing that. If you want to know the phone for Epson support, either check your product manual or visit the company’s official web site and then look for a “Contact Us” or similar link. Of the dozens of local customers who have fallen for Scareware, about 1/3 of them were actively trying to find a phone number and thought they were speaking with the real company. Search smart, we love Google but you have to learn to look at the URL and make sure you are at the real corporate site and not just some support company trying to look official. 

Here are some examples of fake Scareware pop-ups:

Not to scare you too much here but Malware on the Mac has reached epidemic levels. I’d say that approximately 25% of the Macs we see in the shop have some form of Malware on them and it’s cause for concern.We wrote about it years ago so rather than rehash that article (which you should read if you didn’t…) I’d just like to update the links. Thomas Reed’s excellent AdwareMedic software has been acquired by a company called Malwarebytes. Thankfully, the software has been updated and it remains free. You can download it here, be aware that it requires Mac OS 10.8 Mountain Lion or later. This software tool remains amazingly good and it’s definitely mature enough to be fee-based commercial software yet for whatever reason, it remains free. I suspect it won’t stay free for much longer so please, download it now, install it, and run it once every few weeks. It will find and remove all the common forms of Mac Malware. 

Here are some screen shots of Malwarebytes in use:

You know how they say to save the best for last, well we have saved the worst for last…far worst. Up until a few weeks ago, Ransomware on the Mac didn’t really exist. It was like Bigfoot, you heard stories, but there was no hard evidence. There were rumors of some people in computer labs developing Mac Ransomware but it had never been spotted in the wild. Well, on March 4th 2016, that all changed when a compromised version of the BitTorrent client “Transmission” had a new nasty in there called KeRanger. All of a sudden, the Mac was now vulnerable to the worst kind of computer cancer out there, Ransomware.

Basically (and I’m oversimplifying) Ransomware encrypts files on your computer and it holds them hostage unless you pay the ransom. A dialog usually has a count-down clock and if you don’t pay by the time the clock runs out either your files are erased or the ransom will go up. Typically you have to make payment via bitcoin over the untraceable Tor network. If you don’t pay you will lose access to the encrypted files and no one can decrypt them without the key. If you do pay the ransom, you have to hope the horrible people will actually honor their part of the bargain and give you the decryption key but your chances are usually less than 50% that they will. Real Ransomware is super nasty and, as crazy as it sounds, there were reports that the actual FBI was advising that people just pay the ransom to get their files back. While some computer security professionals have said that paying the ransom was the least painful way to get your files back, the FBI’s actual advice is to visit the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (CERT) CryptoLocker webpage for remediation information. I went there, sadly there isn’t too much there of help. 

So what can you really do to protect your files? Well, the usual stuff comes to mind, just like with the other forms of Nastyware, be careful about what you do online and especially what you install. Don’t just blindly accept updates, make sure they are real and that you requested them. Don’t download any old software from just anywhere, know where your software is coming from and be sure it’s something you actually want. Be sure you stay current on your Mac Operating System, Apple has the latest and greatest protection built right into the OS. When KeRanger hit, Apple acted immediately and mostly-blocked it via Gatekeeper. Gatekeeper has been built into the Mac Operating System since Mac OS 10.7.5 Lion. 

However my best advice is to keep a second Backup. That’s right, a second backup. Just one is not enough anymore (and if you don’t have a first backup you are really asking for trouble…) If Ransomware hits, it can encrypt data not just on your Mac’s primary drive but on any drive connected to your Mac. That means it could compromise your Time Machine backup drive just as easily as it did the primary drive. For the last few years, we have been urging customers to add an off-site backup like Backblaze to their mix. Backblaze has confirmed that their service would be a good form of protection in cases of Ransomware. Another alternative if you don’t want to use an off-site backup is to simply add a second Time Machine backup drive to your backup mix. Time Machine has had support for multiple drives since Mac OS 10.8 Mountain Lion. We would recommend buying a small, portable drive and hooking it up at some regular interval (every other week perhaps) and then keeping the drive disconnected from your Mac and in a safe location. This way, if your Mac ever were infected, your maximum loss is the time between the attack and the last not attached backup. 

Thankfully, Ransomware on the Mac is incredibly rare so the likelihood of your Mac being infected is ultra-low. The flip side however is that it’s so horrible that protecting yourself is really important and smart. Having multiple copies of data and keeping that data off-site or in a safe place can help with other forms of damage too like catastrophic damage (fire, flood, theft, etc.) Lets all practice safe computing, surf smart, keep good backups and only get computer help from reputable sources. 

Here are some terrifying screen shots of Possible Ransomware, you do not want to ever see this on your computer: