Trails End Computer Club

Bulletin for the week of NOVEMBER 10, 2013

WEEKLY MEETINGS
EACH Wednesday

Program or Lesson 9:30 - 10:30 AM
One on One Help 10:30-?
In the Library


SPECIAL INTEREST GROUPS:

If you would like to meet in a small group to discuss special computer related subjects or form a Special Interest Group lets discuss it.

Our bulletin is also available on line by visiting tecc.apcug.org and clicking on bulletin.


Our weekly program or lesson is intended
to be of interest to all computer users.
Following the program an allotment of time will
be available for one on one help to those
who want a better understanding of the 
previous presentation. 

Upcoming Events

Wednesday November 13, 2013 Meeting
 9:15 AM Set up your computer
 9:30 AM Lesson
10:30 AM One on One help

Free Internet Faxing Services: No Fax Machine Required!

by Bob Rankin, Ask Bob Rankin

www.askbobrankin.com       Reprinted with permission     http://goo.gl/Jhh9XE

Dump your fax machine, the Internet has made this dinosaur obsolete. Think of the savings on toner, paper, and time when all you really need these days is a cell phone, PDA, or PC. I have a big list of sites for you that offer free Internet faxing services. Some of them are completely free, while others offer free or limited trials. Pick the online fax service that suits you best...

FaxZero lets you send free faxes from a simple web-based interface. Just enter the sender and recipient info, type in your message, and hit the "Send Free Fax Now" button. The rich-text editor lets you add basic formatting, highlighting and fonts to your text. You can also fax a file from your hard drive. Supported file formats include PDF, Microsoft Word (DOC, DOCX or RTF), Excel spreadsheet (XLS or XLSX), image files (PNG or JPG), TXT, HTML, and PowerPoint (PPT). You can attach multiple files, but the combined size of all attachments must be 20MB or less.

And yes, it's really free to send a fax to anywhere in the USA or Canada. You can send five free faxes per day, each with a maximum of three pages. No ads are inserted on your faxed pages, but the FaxZero logo will appear on the cover page of your outgoing fax. You can even use FaxZero to fax your U.S. congressperson or senator. I've written more about FaxZero in my Send a Free Fax article.

GotFreeFax is basically a clone of FaxZero, with some minor differences. You can send 2 free faxes daily to the USA or Canada, with a 3 page per fax maximum. No ads or branding appear on the cover page. GotFreeFax supports PDF, Microsoft Word, OpenDocument Text (.odt), and Rich Text (.rtf) file formats only. One unique feature is the ability to substitute tokens in the message, such as {RECEIVER_NAME}, {RECEIVER_COMPANY}, and {RECEIVER_FAX}.

PamFax is another free faxing service that offers 3 free outgoing pages (after signup) with no ads. You can also get a free fax number for inbound faxes. PamFax has an address book for convenience, integrates with Outlook, and works with popular cloud services such as DropBox, Google Drive, and SkyDrive.

PopFax is yet another free fax sending service. Like the others, you can input a brief text message, or upload a document from your hard drive. But I can't recommend PopFax for several reasons. In the Terms of Use on their website, it says that PopFax does not guarantee "the possible alteration of the data sent by the User nor the service availability." It also says they are not liable for damage "following to an alteration of the User data transfer." This could be badly translated legal mumbo-jumbo, but yikes! Also my Chrome browser crashed when trying to send a DOC file with PopFax. On another attempt, it said my fax number was "invalid." After sending a test fax to another number, it never arrived. Of course, your mileage may vary, but with so many other choices, I'd steer clear of PopFax.

Sign up with K7, a messaging system that will send free faxes and voicemail to your email address, with an option to view or listen to your messages via the web. You get a free fax/voicemail number which you can give to your family, friends, and business buds. Just sit back and wait for the faxes to start dropping into your inbox as email attachments. If a K7 number is inactive for 30 days (no incoming voice or fax messages), it will be terminated. K7 cannot be used to send outgoing faxes. My companion article Free Inbound Faxing goes into more detail about Faxaway, an almost-free service that forwards incoming faxes to your email.

eFax claims that they are the largest online network on the planet with over a million subscribers in 2,500 cities and 27 countries. Also known as Zipfax, you can send and receive faxes as email attachments. You simply use the recipient's fax number and eFax's address. The 30-day freebie allows you to send or receive up to 150 pages. If you don't cancel during the initial month, you will be charged $16.95 per month. See also Free Inbound Faxing for more details on eFax Limited Accounts, a free service that forwards incoming faxes to your email.

Nextiva Fax offers a 30-day free trial, including 500 free faxes. Send a fax by email, or send and receive faxes from Microsoft applications. Instead of hitting the print button, simply select "fax" right from Word, Excel, etc. Nextiva also lets you send and receive faxes from mobile devices. After the trial period, you'll be $8.95 per month, unless you cancel.

RingCentral is designed for small businesses, not only can you receive and send faxes via email, they can supply you with toll-free fax numbers, custom greetings, an auto-receptionist, voicemail, and multiple extensions. The company offers a 7-day free trial, during which you get 500 free fax pages. After the trial period, you'll be $7.99 per month, unless you cancel.

I couldn't find a smarphone app that sends free faxes. There's an app called scanR that's supposed to do that, but apparently it's defunct. CamScanner is a free app that turns your iPhone or Android smartphone into a scanner, fax machine and PDF creator. Take a picture of a document, receipt, business card, etc. CamScanner turns it into a searchable PDF that you can fax, print or upload to various cloud storage services. Faxing costs 99 cents per page.




Do Not Fall Prey to the Vicious CryptoLocker Extortion

by Ira Wilsker


WEBSITES:

http://www.dhs.gov/national-cyber-security-awareness-month

http://www.fbi.gov/news/news_blog/national-cyber-security-awareness-month-2013

https://en.wikipedia.org/wiki/Cryptolocker

http://blog.emsisoft.com/2013/09/10/cryptolocker-a-new-ransomware-variant/

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

http://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/

https://en.wikipedia.org/wiki/Key_size


GRAPHICS:

http://blog.emsisoft.com/wp-content/uploads/2013/09/crilock.png

http://blog.hotspotshield.com/wp-content/uploads/2013/07/who-is-spying-on-you.png


safe against malware October was the tenth anniversary of National Cyber Security Awareness Month (NCSAM). According to a statement on the FBI website, "(National Cyber Security Awareness Month) Established by presidential directive in 2004, the initiative—administered by the Department of Homeland Security—raises cyber security awareness across the nation by engaging and educating public and private sector partners through a variety of events and programs. The ultimate goal is to protect the country from cyber incidents and respond to them effectively if they do occur."

Around the country, at K-12 schools, colleges, universities, and private businesses, thousands of seminars and events took place during NCSAM in order to educate computer users at all levels on cyber security. I had the honor and privilege of presenting two citizen awareness sessions for the city of Port Arthur, Texas. I discussed several of the contemporary online threats and how users could effectively protect themselves from those threats. One of the warnings that I repeated several times was to never open email attachments, as they are a common vector used to bypass much of the security software that we (should) have installed on our computers.

Now that the National Cyber Security Awareness Month is behind us, we should not forget the lessons learned about clicking on email attachments. Unlike our new years' resolutions that many of us make, but quickly forget to implement, cyber security threats are continuing, and in many cases becoming more threatening. One recent example is a new version of an old Russian cybercriminal extortion scam; in the original versions, which took over countless millions of computers worldwide (and still showing up in large numbers), the purloined computer displayed a window after boot that had an official looking logo of the FBI or other law enforcement agency, along with an official looking criminal complaint that child pornography (or other illicit content) was found on the computer. Nothing else could be done on the computer, as it was effectively locked by the "FBI". The computer user was told that if they did not pay the fine, typically $200, within 24 or 48 hours, he would be subject to arrest, charged with a felony, and face 10 years in federal prison, plus a $10,000 fine. Detailed instructions were provided on where to purchase a specific prepaid debit card, and then entering the cards 16 digit number into the payment box on the warning screen. After payment was received, the 'FBI" would drop the charges and (hopefully) release control of the computer.

The especially nasty new type of ransom ware, also likely from Russia, goes a step further than the other recent ransom ware; the new version contains a version of a vicious piece of malware called "CryptoLocker". Some variants contain a version of the well-know Zeus trojan, which is used to install and run CryptoLocker. Typically spread via an email attachment, often apparently sent from a known acquaintance or company, the attachment appears to contain a ZIP file with a disguised file that looks like an innocent PDF file. I have personally received dozens of these emails, and I will admit that they do look like they are from a legitimate source, but I know not to open email attachments that have any vestige of being suspicious. Once opened, the attachment executes, installing itself in the Documents and Settings folder with a random file name, adding a startup command key to the registry which causes CryptoLocker to load when the computer is booted. CryptoLocker then goes through a series of servers, making it difficult to trace, eventually connecting to a command and control server. This remote server generates a very sophisticated 2048-bit RSA encryption key pair using the public key to encrypt Microsoft Office and Open Document files, as well as some common graphics file formats. CryptoLocker will not just encrypt the computer of the user unfortunate enough to open the email attachment, but can also encrypt those file types on any mapped network drive, including USB drives, network file shares, and even cloud storage folders that are made to appear as a drive letter (like "G:\" drive), which may effectively shut down a business, school, hospital, or government agency that uses mapped network drives; it only takes one infected computer to possibly compromise the targeted files on an entire network.


Payment Once the files are encrypted using the 2048-bit RSA public encryption key, a warning is displayed on the computer that critical data files have been encrypted, and that the ransom (extortion) payment must be made in a specified time, often 72 or 100 hours, or else private encryption key on the command and control server will be destroyed and "nobody and never [sic] will be able to restore files". The extortion demand is, " ... a payment of either 100 or 300 USD or Euro through an anonymous pre-paid cash voucher (i.e. MoneyPak or Ukash), or 2 Bitcoin in order to decrypt the files." Anecdotally, some published reports have claimed that some businesses have received cyber extortion demands of $10,000 or $20,000 dollars, or equivalent amounts in Euros or Bitcoins (private currency). In order to add a sense of urgency, a countdown timer is displayed indicating the deadline to pay the ransom, or the files will forever become unrecoverable (Image: http://blog.emsisoft.com/wp-content/uploads/2013/09/crilock.png). The 2048-bit encryption keys used by CryptoLocker are considered in the security industry as extremely secure and virtually unbreakable, and can be expected to meet security requirements until the year 2030 (source: en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths).

Almost all of the common security suites, including Kaspersky, Symantec, Sophos, Emsisoft, and others, can detect and remove the CryptoLocker malware and the Zeus trojan, but no one (yet) has been able to come up with a practical method to crack the encryption key and recover the encrypted files; effectively they are gone forever. Removing the infection is a moot point, as the encrypted files will remain unusable. While some experts claim that paying the extortion prior to the expiration, hoping that the cyber criminal will send the private key necessary to decrypt the files, many others, including most law enforcement agencies do not condone paying ransom under the theory that it will only encourage more criminal behavior. Cited by Wikipedia, "Symantec estimated that 3% of users infected by CryptoLocker chose to pay the ransom." Do some simple arithmetic; if a million computers are hijacked by these criminals, and only 3% pay a $200 ransom, the crook receives a cool $6 million in illicit proceeds. Since multiple millions of computers have been held for ransom by CryptoLocker, the proceeds to the criminal enterprise may be staggering.

As is typical, prevention is the best method from being taken over by CryptoLocker or any of the other cyber threats. Sophos, a well respected multinational security company headquartered in the UK has published "Five "top tips" for keeping safe against malware in general, and cyberblackmailers in particular" (nakedsecurity.sophos.com/2013/10/18/). The first of the five tips is common sense, and a task incumbent on all computer users, "Keep regular backups of your important files." After cleaning the CryptoLocker and any other malware that infected the computer, the encrypted files can be safely deleted and replaced by their backup copies. One strong warning about the backup copies and the devices that the backups are stored on; do not leave the backup devices, such as external hard drives, attached to the computer or the network, as they will likely have a drive letter that can be identified by CryptoLocker. If CryptoLocker can see it, it will also encrypt the files on those devices, making the backup copies as useless as the encrypted files on the primary hard drive. Good practice is to frequently rotate through multiple backup devices, creating redundant backup copies, and never allowing more than one device to be attached and running at any given time. The other backup devices should be stored securely, and only connected in rotation, never having more than one backup device connected at a time. While CryptoLocker may also encrypt the files on an attached backup device, it cannot attack any unattached devices.

The second tip from Sophos is the often stated, "Use an anti-virus, and keep it up to date." I would add to that rule that it should also be required to do frequent and periodic security scans for malware using alternate third-party security software such as Emsisoft, SuperAntiSpyware, and MalwareBytes. My rationale for this secondary scanning by alternative scanning utilities is that prior infections may have either slipped through the primary security software, or rendered itself immune to detection by it. There are documented cases of CryptoLocker being downloaded and installed by Zeus or other malware that was already present on an infected computer, without a user opening an email attachment.

"Keep your operating system and software up to date with patches" is Sophos' third tip. Software publishers often release patches and updates to close newly detected security vulnerabilities. According to Sophos, "This lessens the chance of malware sneaking onto your computer unnoticed through security holes."

Number four on the Sophos list of tips is, "Review the access control settings on any network shares you have, whether at home or at work. Don't grant yourself or anyone else write access to files that you only need to read. Don't grant yourself any access at all to files that you don't need to see - that stops malware seeing and stealing them, too."

Sophos concludes its list of five tips with, "Don't give administrative privileges to your user accounts. Privileged accounts can "reach out" much further and more destructively both on your own hard disk and across the network. Malware that runs as administrator can do much more damage, and be much harder to get rid of, than malware running as a regular user."

Using the lessons learned during National Cyber Security Awareness Month, such as "don't click on and open email attachments", being aware of the tremendous threat and damage that the rapidly spreading CryptoLocker Ransomware can wreak, and following the five safety tips recommended by Sophos, our computing safety and security may be much improved. Remember that in computers, as well as in other aspects of life, prevention is far better than the alternatives.


Submit Your article; deadline for next bulletin is Tuesday noon each week. Only what you write may be published. We cannot publish other peoples work without written permission. Simply click here EDITOR AT TECC and paste your write-up to submit it.
Share your computer experiences with other members. We need articles to publish in the TECC Bulletin each week.

UPDATE YOUR MEMBERSHIP INFORMATION Change your e-mail address, unsubscribe to this bulletin, etc.  Use link below.
UPDATE YOUR MEMBERSHIP