Cyber security tips often scrape the surface of what it means to be a sitting duck online. However, for a Bridgewater, NJ business that uses technology, keeping up with the latest cyber security threats is something that you absolutely need to do, no matter what.

Remember that your cybersecurity absolutely needs to be your first priority, no matter what, because a security breach can impact your clients and your brand's reputation - which could harm you forever.

So what should you do? Start with these cyber security tips:

Understand Your Online Presence

You need to understand that if you are a business owner or even a person who does a lot on computers, you are going to be an attractive target for those who want to use the internet for nefarious purposes.

If you have any type of money, data (including usernames, passwords, emails or anything else), or just a place to work, you are going to be a target.

You cannot operate with the "it won't happen to me" mindset - it can, and it might.

Pay Attention To New Cyber Security Tips

There are new tools, patches, and options for cyber security coming out all the time, so it is important to keep your ear to the ground when it comes to them. Make sure you keep your applications updated and you talk to your employees, family, and friends about being safe when using your technology.

Think About What You Plug Into Your Computer

One thing many people don't do when they think about their cyber security is be careful about what you plug into your computer. This is one of the most important cyber security tips of all.

Never use a USB whose source you don’t know - or even if you do know them, you never know what can be spread from computer to computer! It can be infected with malware that can even resist formatting. Someone could infect your computer without even meaning to.

You Still Need Antivirus

One of the weirdest trends of the last few years is that people think that they don't need antivirus anymore, but that just isn't the case: Antivirus is still very necessary, so don’t skip it.

Even those people who follow cyber security tips to the letter might experience attacks, so you should put up the best defense.

Cyber Security Tip: Prioritize the Most Important Accounts

If you don't have time to focus on the security of all of your accounts, at least focus on the most important ones. Heimdal Security gives a great list of where to start:

• Email
• Online banking / Paypal
• Amazon / other ecommerce website you use
• Any account where you’ve put in your card details
• Any account that has sensitive info (social security number, address, phone no., etc.).

Use your best passwords for these websites and do not, under any circumstances, give them out.

Clean Out Apps You Don't Use

If you haven't used an app in the last six months, it is time to get rid of it. There isn't much else to say when it comes that - keeping around old applications, especially those that you don't update, will never help you to stay safe.

Stick To Your Own Devices

How badly do you really need to get on the internet? If you don't have your phone with you and want to do something, make sure that it is absolutely necessary before you do it. The more devices you enter your information on, the more chances you have to make a mistake.

Make Your Passwords Difficult

Gone are the days when you want to make your passwords something easy to guess like your pet's name followed by your birthday. If even that seems complicated to you, then you are putting yourself in serious cyber trouble.

One of the best (and easiest to follow) cyber security tips that you can follow is to just make your password difficult. What does a good password look like? Something like this: h295p!$%rvi***

It might seem complicated, but it will keep you safe. Even better, you can get a password manager to help you keep track of them.

Check For The S

If you are going to a website you've never been to before (or even one that you have been to), check to see if it starts with httpss. The added “s” is the key cyber security tip here. A website that starts with an "httpss" encrypts the data you put into the website as well as the data that you get from it, so no one can break into it or tamper with it.

If a website does not start with httpss, you can still use it, just do not give them confidential info (credit card details, social security number, address, etc.).

Disconnect When You Can

A short but sweet cyber security tip? Disconnect from the internet when you can - it will help to keep you safe at all times.

Be Smart About What You Post

Cyber security is about more than just keeping your information safe, if can keep you safe as well. Don't check into airports, hotels, or other places that will advertise the fact that you won't be at home. This just opens up the chance that someone will see it and know that your home is unoccupied.

You don't just have to be careful about posting those though, make sure you don't post vacation pictures until you are home, you don't leave reviews in real time, and try not to do "live" videos.

Our team takes pride in being the most experienced team of IT professionals in Montgomery and all of New Jersey. You can count on us to have solutions to problems that you may not have had luck with before. When it comes to data recovery in New Jersey, you simply cannot go to anyone better. We have technical support available to the public every day of the week: you’ll have the option to talk to an experienced technician if a problem arises.

Looking for the Best Computer Services in New Jersey? Call: (908) 332-5051

We use passwords for everything. Our online accounts, social networks, web app logins, computer logins, phones, cloud storage, banking, shopping and a whole lot more. When the loss of a password can mean losing data, money, personal details or worse, it makes sense to make that password a good one. As part of a data loss prevention effort, Dave’s Computers is has some top tips for generating secure passwords.

First, before we begin generating secure passwords, a note about using them. Never repeat a password for more than one login. It leaves two or more accounts wide open to attack should one be compromised. If you have trouble creating or remembering your passwords, use a password manager. They are free, easy to use and will even generate secure passwords for you.

Generating secure passwords

On its own, there is no such thing as a completely secure password. All we can do is make it as difficult as possible to break so nobody but the most determined hacker will bother trying to crack it.

Hackers tend to use two main attacks. First, dictionary attacks, which use a program with a dictionary loaded into it to try all combinations of words. Second, phishing or social engineering to try to trick you into giving up your password. Secure passwords can help with that first attack but not the second so never give out your password for any reason. Ever.

Here are those tips for secure passwords:

1. Always use a different password for every login.
2. Use a password manager if you can.
3. Use a mixture of lower case, upper case, special characters and numbers.
4. Use a passphrase instead of a single word. The first line of a book, a line from a song, album title or random phrase. Just make sure you can remember it!
5. Use random words from different languages. Try Latin, Aramaic, Hebrew and other historical languages to create a phrase.
6. Use a color and object with a number or special character. Purp1eistheM0nkey! for example.
7. Always use a minimum of 10 characters for any single password. More is better as long as you can remember them.
8. It’s okay to write longer passwords down as long as you don’t lose the paper.
9. Use a password reminder sheet if you don’t want to write the password in plain text.
10. Never, ever give out your password if someone asks. Nobody should ever need them unless you know or trust them.

Passwords have been around forever and show no signs of going anywhere soon. Generating and managing them is hard work in the volume that we tend to need to create them. However, there is no option but to keep them unique and make them hard to guess!

If you own an Asus PC and have been reading recent headlines, you may be a little worried. So what’s the story and do you really need to be concerned? Dave’s Computers investigates.

The story broke in March that potentially millions of Asus computers had been unwittingly infected with malware. The ShadowHammer malware was sneaked into the supply chain and onto the Asus update server. This means every Asus computer that contacted the server for updates could potentially have been infected.

The malware was live on the server between June and November 2018 and could have been downloaded thousands of times. Discovered by Kaspersky, as their software runs on many Asus computers, the company traced it back to the source and said it alone had dealt with over 57,000 infected machines.

What to do if you may have been infected

If you think you may be one of those users infected by ShadowHammer, you need to run your antivirus software and a separate malware scanner. You can also download Asus’ new Live Update software (version 3.6.8) which will tackle any malware installed on your computer.

While you may find it difficult to trust Asus Live Update, the company assures us that version of 3.6.8 is perfectly safe and can remove the malware from your computer. Asus has also beefed up the security on their servers and implemented as much security as possible to stop it happening again.

Keep on top of antivirus and malware

If a reminder was ever needed, this is the ideal lesson to remind all of us to keep on top of our computer security. It’s easy to get caught up in daily goings on and lose track of when we last performed a malware scan or antivirus check. The sophistication of this attack shows what lengths people will go to in order to attack our technology.

Always use an antivirus product on every device. Have it set to automatically scan if it has the option and to automatically update. Run a malware scanner after your antivirus. Malwarebytes or something similar is free and very simple to use. Get into the habit of using both of these regularly.

If you’re still concerned or wonder if you have gotten rid of ShadowHammer, bring your computer to Dave’s Computers in New Jersey. We can perform our own checks just to make sure.

Today’s post is another one prompted by a Dave’s Computer customer. This time it was a woman who had decided to leave corporate life behind and go freelance. She wanted to know what she needed to be able to work from home securely and how to back up her data so she didn’t lose client briefs. As this subject is also relevant to move people who use computers, I thought it would be a good subject for a blog post.

Remote working

Millions of people across the world seem to be leaving traditional employment behind in favor of working for yourself. I did it years ago when I first started Dave’s Computers in New Jersey and haven’t looked back since. You will work harder than ever before for a lot less money but nothing comes close to the satisfaction you get from doing it.

As our customer was performing clerical work, her needs were modest. All she needed was a good internet connection, reliable computer or laptop, a VPN, external drive and cloud storage. Most of us have these things already so it wasn’t much of an expense.

A reliable computer or laptop – If you don’t want to buy new hardware for work, you don’t have to. As long as you are using a relatively recent computer with either Windows 10 or Mac OS and keep it up to date, use antivirus, malware scanners and a software firewall, you’re fine.

You will need enough disk space for your work. I would suggest using a separate SSD purely for your work but you don’t have to. If you have a webcam and microphone, virtual meetings will be much easier too.

Decent internet – Remote workers depend much more on a reliable internet connection than home users. Even if you don’t work on the internet, you will need to be contactable and be able to receive and answer emails, messages and Skype calls quickly. It isn’t all about speed but also about reliability. Don’t settle for less than 99.9% uptime.

A VPN – A virtual private network, VPN, is essential. Not only for maintaining privacy when you’re researching online or shopping but also when transmitting customer data. When you run a business, you have to protect customer data at rest, stored on your disk and in motion, which means being sent and received over the internet. A VPN is a cheap and easy way to do that.

External hard drive – This is for backups. You may have gotten away with not losing data when you were a home user but now the stakes are much higher. Use an external hard drive and set your computer to back up to it regularly.

Cloud storage – A backup is only regarded as robust when it is stored in more than once place. Backing up to external storage is one place, another backup to the cloud is another. You can get free storage from most providers so make sure you use it.

It might seem a lot, but most of us have Google Drive, a computer and/or laptop, external storage and broadband. You should all use a VPN too, I have suggested it enough!

If you need help with any of this, come on down to Dave’s Computers in New Jersey. We would be happy to help!

Do you know how to use dating apps without giving too much away? Know how to put yourself out there while maintaining a semblance of privacy? Not many people do which is why I put this guide together. Dave’s Computers in New Jersey are fierce supporters of online privacy and firmly believe we should be able to go about our online business without being tracked, followed or worse.

Dating apps have changed the world as we know it. Every single person I know of uses, or has used a dating app. It’s now regarded as the default way to meet someone new. Love dating apps or loathe them, it is how relationships are begun now.

To use a dating app, you need to provide enough information about yourself to attract someone but not enough to expose your identity online. It’s a fine line to tread but I have some quick tips for maintaining that balance.

Separate your dating app and social media

Most dating apps encourage you to link it to Facebook, Twitter or whatever and some will take data from there and use it on the app. If the app has the option to keep your dating profile and social media separate, use it.

We all share too much on social media and it is the work of minutes to find your name, school, place of work, friends and even your address from social media. If you link a dating app profile to that, it could lead to all sorts of trouble. The same for images, a quick reverse image lookup on your dating profile image could turn up all sorts of things if you use it for Facebook too.

Use a burner phone

Having a dating app on your phone can be a license to track you. It can also expose your phone number or you may end up giving your number to someone who turns out not to be who you thought they were. If this is your main phone and you’re partway through a contract, you have work to do to change your number.

By using a burner, you provide the app no data to use. You can turn off GPS, location and any tracking feature within any social network and the number you give out to potential dates is sanitized. In other words, the number has no links to your real life.

Monitor location tracking

Most dating apps use location as a criteria for showing you potential dates. This is a very useful system but make sure the area it shows you as being in isn’t too small. If you’re in New Jersey like us, showing a square mile will include anything up to 150,000 different people. If you live in rural Iowa or somewhere, that mile could include six people.

Use a setting that doesn’t give too much away wherever possible.

Know that you don’t know who you’re talking to

We can be anyone we like online. You have probably come across those profiles already. Those who say they are in their thirties when they are coming up to retirement or those who say they play sports when they really mean they played sports while in college. While those untruths are mostly harmless, there are those out there who prey on people looking for love.

Always have in the back of your mind that the person you’re talking to could literally be anyone. Don’t give away too much too soon. Dating is supposed to be an evolutionary process that unfolds over time. Take that time and use it to gain trust before exposing your soul.

Dating apps are useful and can be a gateway to love. As long as you can manage your privacy and remain safe, dating apps could be a power for good.

Monday’s post about a huge trove of accounts for sale on the dark web should have prompted many of you into checking over your account security and changing any account where you use the username and password in more than one place. If you’re anything like me, you have many dozens of logins and cannot possibly remember the logins for all of them. That’s where a password manager comes in.

I am passionate about privacy and personal security and often advise clients here at Dave’s Computers in New Jersey how to secure their computers and accounts. One of the things I recommend is using a password manager.

What is a password manager?

A password manager is a third-party app or browser extension that helps manage the many website logins and accounts we have. They don’t just save these logins, they can help generate secure passwords and log you into these sites securely.

The upside of password managers

Password managers usually come as a browser plugin and will work inside your browser. Every time you have to log into a website, you can trigger the password manager to do it for you. If you join a new site, you can also ask the password manager to generate a secure password and automatically save it for you. This ensures you use a truly random, difficult password every single time.

Many password managers include a right click dialog. Right click to have it enter your login into a website. Right click to generate a secure password and right click to automatically fill in a web form. Considering that they are either free or cheap, they are a powerful tool to have around.

The downside of password managers

There are only two downsides of password managers that I can see. One is that some of them are limited in their free capacity and only come alive when you pay. You can work around this by shopping around and choosing a less limited one.

The second downside is that a password manager is a single point of failure. If you’re trusting all of your logins to an app, you have to trust that app to keep you safe. Again, this can be mitigated by choosing a password manager with a good reputation and that uses tough encryption to keep your data safe.

What password manager should you choose?

The short answer is the one that you like the look and feel of. The better, more actionable answer is one of these. Try, LastPass, Dashlane, KeePass Password Safe, Sticky Password or TrueKey. There are other options but once you begin to see what’s on offer you can build up a picture of what is available free and what you need to pay for.

Hint, you don’t need to pay for anything. I use LastPass and have done for many years. Some of the others mentioned are equally good so you will find something you like.

Hacking is nothing new and the prospect of losing your account details is something we should all prepare for. However, a huge haul of accounts have just been found for sale on the dark web, 620 million of them. Taken from a bunch of websites over the past year, the account details are enough to log into the site and change the personal details of the original owner. They can also be used for phishing, scamming and more.

Dave’s Computers isn’t into scaremongering or clickbait headlines but this haul of account details covers some very popular websites. That warrants a blog post warning all our customers that their details may be among them. The price for all 620 million accounts is $20,000 in bitcoin. Not a lot of money considering the potential value.

If you are a member of any of the following websites, you need to log into them right away and change your details. You may be too late but you should definitely try:

• Dubsmash (162 million accounts exposed)
• MyFitnessPal (151 million accounts exposed)
• MyHeritage (92 million accounts exposed)
• ShareThis (41 million accounts exposed)
• HauteLook (28 million accounts exposed)
• Animoto (25 million accounts exposed)
• EyeEm (22 million accounts exposed)
• 8fit (20 million accounts exposed)
• Whitepages (18 million accounts exposed)
• Fotolog (16 million accounts exposed)
• 500px (15 million accounts exposed)
• Armor Games (11 million accounts exposed)
• BookMate (8 million accounts exposed)
• CoffeeMeetsBagel (6 million accounts exposed)
• Artsy (1 million accounts exposed)
• DataCamp (700,000 accounts exposed)

As you can see, there are some very popular sites in that list, including fitness and dating. Both types of website will also likely contain a lot of personal data. If you want to know more about the hack, British site The Register has all the details.

If you use one of these websites, try to log in right away and change your password, initiate two-factor authentication if you can and monitor the account. Some of these hacks happened up to a year ago but the data is only recently on sale. You may still have time to get into your account and lock it down before someone else does.

Don’t panic if you’re one of those hacked

If your account has been hacked you can still claim it back. First, try to log in and change the password to a very strong one. Then utilize two-factor authentication wherever possible. Do the same for any other account you use the same login for and never, ever use the same username and password for multiple websites. This is why!

If you cannot get access to the account, contact the customer service desk of the site in question. Explain what happened and that you need your account reset. If any of the websites contain financial data such as credit card details, you need to alert the credit reference agencies and put a freeze on your account. This will prevent a hacker applying for credit in your name.

This all sounds serious but it doesn’t have to be. As long as you move quickly and lock down your account if you can and watch your finances, you should be okay.

You may have seen or heard about Cryptojacking over the past few months and it being identified as an emerging threat this year. What is Cryptojacking and should you be worried about it?

Here at Dave’s Computers in New Jersey, we like to keep up to date with threats like these. It helps us help you and allows us time to develop strategies for protecting against it and for recovering data afterwards should you lose it. That’s the case with Cryptojacking. It doesn’t delete data but it does take over your computer.

What is Cryptojacking?

Cryptojacking is the hijacking of a computer to mine cryptocurrency for criminals. Just like malware can turn your computer into a data miner, spam relay or other nefarious use, this malware makes your computer work for someone else’s gain.

Cryptocurrency is earned by allowing your computer to perform complex calculations to help currencies like Bitcoin maintain a ledger. In return for your help, you are rewarded with a portion of cryptocurrency. Performing these calculations is called mining and it takes many, many hours to earn even a single Bitcoin or other digital currency.

Enterprising criminals developed a way to sidestep all the effort. Instead of using their own computers and electricity, they designed malware that gets your computer to do it for them. This is cryptojacking. The malware includes everything required to mine cryptocurrency and sets your computer to work mining on behalf of the criminals.

How is cryptojacking malware delivered?

The most common cryptojacking malware is delivered via browser infection. This means it can infect Windows, Mac and in theory, Linux computers too. A website can be infected with this malware that will run when you have the window open. Some websites can have infected ads or code embedded to download the code to your computer too but these are less common.

Some popular, legit websites have been infected in the past including the LA Times website and the TV network Showtime. It isn’t just pirate websites or lower quality ones that are susceptible.

How can you tell if you have been cryptojacked?

There are some easy ways to identify if you have been subject to cryptojacking. Your processor runs constantly at high utilization, your computer fans run at full speed when they shouldn’t to keep the system cool, your computer does not seem as fast as usual or you see unusual browser activity or processor utilization with certain websites open.

Usually, if your computer seems to be working harder than it should be with no good reason, it is time to check it out. Open Task Manager or close your browser to see if things calm down. If they do, re-open your browser to see if it starts up again.

How to protect yourself from cryptojacking?

Use good internet hygiene and you should avoid the majority of cryptojacking attempts. That includes not going to the darker places on the internet, not clicking on random links on a page or through email and being aware of where you are and where you are going online.

Here are some practical things you can do to protect from cryptojacking:

1. If you’re following a link, hover over it first to see if it matches. If it doesn’t use a URL shortener like Bit.ly, be careful about following it.
2. Run a malware and antivirus scan regularly and perform periodic data backups to prevent data loss.
3. Run your browser in a sandbox if you can.
4. Use an ad blocker or use host file blocking.
5. Be aware of exactly what you are downloading if you download anything. Run an antivirus scan before opening anything you do download.

Cryptojacking is increasing and is set to become the biggest online threat in 2019. Use these common sense tips to prevent your own computer earning money from criminals. Be safe out there!

If you need help with IT security or anything to do with computers, visit Dave’s Computers in New Jersey. We are here to help!

Quora hack

Managing multiple passwords

What is port scanning?

Protecting against port scanning