Monday, May 15, 2017

The News, Selling Fear and Withholding Information

Should you be afraid of computer viruses?  Not really.

The news media loves fear - it sells eyeballs.   And today, the fear-of-the-week story is about a "virus" that will encrypt your hard drive and force you to pay ransom to "hackers" to unlock it.   Of course, if you are like me and have all your important files backed up on a removable hard drive, well, you can simply reformat the hard drive, re-install windows and re-load your programs.

But that doesn't sell eyeballs.

The problem with these articles is that they go on for paragraphs but provide no useful information to the reader.   How is this virus spread?   They imply that it somehow just jumps into your computer without any intervention on your part.   But this is not the case.

Only one out of dozens of stories I have read so far mention that this virus installs as a result of a phishing e-mail that contains a link or an attachment.   And even this story didn't mention what kind of phishing e-mail was used.  Was it the old FedEx "you have a package" gambit?  Or the Google "your e-mail was returned as SPAM, click here!"   Or was it any one of a number of "your account will be locked unless you provide us with your username and password!" kind of deals.

That sort of information would actually be helpful.    So here, let me be helpful here.

1.  Never click on a link in an e-mail if you can help it.   If your bank asks you to log in from a link in an e-mail (and sadly, many Banks do this, including Bank of America) just go to the bookmarked link you normally use instead.   If you don't know how to bookmark a link, shame on you and get off the Internet - you're clogging the information superhighway.

2.  Never click on an attachment even if it appears to be from someone you know.   If in doubt, e-mail that person and ask them if they sent the attachment.  And don't use "reply" either, but send a fresh e-mail.  Or even CALL THEM if necessary.  It isn't hard for someone to hack your friend's account and then send out hacking e-mails to everyone on their contact list.   I never open attachments except from people I do business with, and even then, these are usually WORD documents.

3.  Never give out your username and password to anyone, via an e-mail, phone call, or whatever.   No company that is legit will ask for this information, period.

4.  If someone calls you claiming to be from "Microsoft" and asking you to download a program to "fix" your computer, hang up.   It is a scam, usually a ransomware scam, too.   Microsoft does not and cannot "monitor your computer" online and doesn't call people and ask them to download "fixes".

5.  Stay off those Russian Porn sites.   And watch your URLs.  If you log onto "" instead of "" you will get hammered by pop-ups offering Russian Porn, gambling sites, and your speakers will proclaim (at full volume) that you've won a contest.
This is pretty basic stuff, really, although anyone can get nabbed once in a while.  Our IT "professional" at one firm once answered such an e-mail and downloaded a virus onto the server that crashed the entire network.  It took us days to recover our work.  Fortunately, I backed mine up on a local drive.

Now, I know what  you're saying - you never do any of these stupid things, and neither do I.  So what is the real risk of you getting this ransomware virus?   About zero.

But that wouldn't get you to watch a fear-based piece on the teevee or click on a fear-based article in the news.

So you see how the news works, right?