Recovery & Prevention of Malicious Online Scams & Deception

By David Christie

Hello folks and welcome to a long overdue update from your local Working Mouse! Our focus over the last few months has been countering and recovering from malicious malware and internet scams. Over the years scammers and malicious hackers have discovered its easier to get money by ransoming people directly rather then fill your computer with viruses and pop-ups, and here we will explain how they do it, and what to do in order to avoid such misfortune.

You’ve no doubt seen the new’s regarding poor network security in regards to Russia’s involvement in our political system, and the recent data breach at Equifax, exposing the private information of roughly half the countries populace. Unfortunately alongside these (and the many, many, other scams out there) we have another global spread ransomware attack taking root on the web.

The most recent bad bit of data trying to worm their way into our computer devices goes by the name Bad Rabbit. It’s known place of origin is through a false Adobe Flash Player update. The program is an executable, meaning typically you will be prompted if you wish to allow the computer to run the program before it actually does anything. Most PC’s and PC devices have a basic antivirus or default settings that require the computer to ask a user before allowing outside programs to run. So if your computer has a decent antivirus or if your running a Mac, you’ll only get this infection if you mistake the message prompt for a normal Flash update, or hurriedly click the prompt away in a rush to get back to work (or Netflix, Facebook, solitaire…we don’t judge)

The malicious software follows a popular troupe that’s been around since the internet was born. They mask the program under a popular name or company brand. All they have to do afterwards is wait until people run the program out of haste, ignorance, or simply because a lot of folks still have a computer running Windows XP/Vista and its security definitions are older then any of us reading this post.

Your woe’s, should you succumb to one of these encryption scams, will typically involve all of the data stored inside the computer being turned into coded gibberish. You will see a message on your desktop explaining that your data has basically been locked, with the only method of retrieving the key is to send a certain amount of untraceable virtual currency to a specified web account. This is most often the result of opening malicious emails and programs, usually under the guise of legitimacy. Like I mentioned before, they simply label the program/message to resemble large and popular companies so casual PC user’s will skip over the details and simply accept or open what is sent to them…kinda like the terms of service page for every product known to man.

Speaking of popular company brands, if you or someone you know claims to have been called or contacted by a Microsoft employee, plead with them to discontinue contact with them ASAP before any damage is done and either check their computer or have a professional look at it for remote access tools. Unless you have made efforts to contact Microsoft yourself prior, Microsoft will NEVER CALL YOU. We get at least one person a week in our town who calls us because they let a “Microsoft technician” inside their computer.

I want you to imagine letting a faceless entity, who you have no knowledge of other then what he/she CLAIMS to be over the phone into your computer. Your computer, that is full of private information, banking information, the usernames and passwords for all the sites you use, your email, as well what websites you typically visit. This includes others who either use the machine or who’s account you manage from the PC.

Now I want you to imagine your about to let a bear into your house. You want to let the bear into your house because, after scratching at your door for a time, it told you that if you didn’t hurry up and open the door, an elf in your closet would start eating all your hats. You love your hats with a passion and would hate to lose them. Your son also keeps his favorite coat in there. You mention this to the bear and he says the elf’s desire might not stop at hats and might lead him to consume EVERYTHING in the closet, but the bear claims he is very good at getting rid of elf’s….

If you think the bear scenario is more ridiculous, that’s because you’ve never let a stranger into your computer. This stranger after sometime of browsing and doing pointless tasks that he claims are fixing your computer, charges you 200-750$ (they will start high and lower it if you claim you can’t afford it) dollars. The ones who do pay the charge are then subject to the following:

A- You luck out and the scammers simply move on to their next “customer” and hope you don’t refute the charge before your bank or credit card company can deduct the charge. (usually you have a month)

B- As soon as you submit payment with a card, they will go on a mad spending spree, attempting to run your card to the limit before someone freezes the card. Luckily, many banks and credit companies (in my many experiences dealing with this) will contact you once they notice large or bulk purchases on you’re account. More likely so if they are online purchases or outside the country.

C-Purchases will be made in small, barely noticeable amounts to escape notice from both the bank and yourself. This is commonly done with gas purchases, or groceries in amounts under twenty dollars. Anyone who doesn’t check their balance daily might not notice an intrusion like this for YEAR’S, and lose a lot more as time goes on.

D-The scammer will orchestrate your computer to display fake virus and error messages, along with their “business” number. They will “fix” your computer as many times as they can before you become fed up with them or someone notices what they really are.

Should you refuse them (and you don’t unplug your router/modem in time) you can expect the following…

A-They move on to the next person, as they don’t see any worth investing their time and “resources” in holding your computer/information hostage.

B-They change your computers password, or add a SYSKEY (Windows). Locking you out of the computer. Usually they will demand money to reset it. You shouldn’t pay them as there is no guarantee they will give it to you. If your computer remains un-encrypted, your data can still be retrieved through the hardrive.

C-If given ample time they can encrypt your entire computer. This will leave you with access to your computer, but with your pictures, documents, everything essentially opening up as gibberish and code. There are only two ways to recover from this, other then paying a stranger across the world and hoping he doesn’t just cut off all contact. You have steady backups of your data to recover from, or recovering your files from the computers “Shadow Copy”. This is essentially a hidden copy of all the files on your computer. You should however, keep in mind these can be (and often are) overwritten along with everything else.

Regardless of the case, if someone gains remote access to your computer you need to make sure to remove the program they used to access your computer. Most RATS, or Remote Access Tool’s, have an option to enable access to remote clients without prior permission. Meaning if you leave the program alone, even if you remove all other changes made to the computer, they could potentially gain access to the computer again. You can remove RAT tools via the add or remove programs section of Windows 10. You can also access the uninstall programs options via the control panel with the categories option selected. If you aren’t sure where to go on a windows 10 system, simply click the search bar to the right of the start button at the bottom left hand of the screen, then type “remove”. The top option that appears on screen should read “add or remove programs” and clicking on this will take you to an entire list of all the programs installed on your computer.

The two most common remote access tools I run into are Citrix and Team-viewer. Both of which are not malicious programs in themselves, but are simply tools that can, unfortunately be used for the opposite purpose they are intended for. These are just two possibilities you can check for and remove. Also take note that sometimes the remote access tools will uninstall themselves after you have disconnected, with the scammers scurrying off into the darkness of the inter-web’s.

Now, the only true way to 100% guarantee your computer is free of all the problems that come as a result of outside intrusion, is to backup all your data, make sure you have the resources needed to reinstall critical software (Quicken, Microsoft office, etc) and do a complete wipe and reinstall of the computer. Along with this, you should change all your passwords for critical websites that involve any sort of online transactions. Many folk have their passwords for online sites saved inside their web browser of choice. Meaning if you go to your banks website to check your balance, or buy anything on amazon and the computer fill out your password sections automatically, that information can be viewed without much difficulty if the scammer is left alone with the computer for any decent amount of time.

We at the Working Mouse are dedicated to assisting in the recovery and prevention of malicious online scam’s and deception. Please keep in mind to never call or otherwise pay any mind to anyone who claims to be from Microsoft or Apple. Do not respond to phone numbers on internet pages that flash violently and say you have a virus, simply turn the computer off and it will go away 99% of the time. Unfortunately the elderly and retired are a frequent target of these scam’s. People who fall into this categorize you will likely receive many phone calls, with people aggressively pressing you to let them into your computer. Worse, if they were able to get any money out of you they WILL call again. Which can be incredibly disheartening when someone’s 90+ grandmother becomes a repeat victim to these kind of cyber attacks.

That’s all I have for this months update. Hopefully we will have more timely articles posted from now on, keeping you updated on the latest safety tips and general computer knowledge for the baffled, befuddled, and bewildered!

I hope that you found our article helpful, and thank you for keeping the Working Mouse working!

What to Check Before Upgrading to Windows 10

By David Christie

The new upgrade is almost here (or already depending on time of reading) and boy are we looking forward to what will likely be a big o’l list of things that will go horribly, horribly wrong. If you have a computer that is only 2-3 years old (not out of box, from manufacture date) you will likely have little to no issues as far as having the preferred hardware specs required for optimal performance. If you have upgraded your PC from an earlier operating system already, or have programs and software that you have been using for a length of over five years, you may want to keep reading and make sure you avoid any potential implications that may come with blindly upgrading your computer.

Below we will cover IF you should upgrade. Then if it looks like your PC fits the bill, what you need to DO prior to your upgrade.

Current Operating System (windows XP, Vista, 7, 8, 8.1) -to check your systems specs right click “computer” on the start menu and click properties.





Heavily recommend you do not. Unless your PC has been heavily, and regularly maintenance’d, and you are running with 8-16 GB of ram with a processor of at least 2.0 GHz. You COULD upgrade it, however this said computer will be pushing 5 to 8 years of use (2007 Vista first released). If this PC is a laptop, it will probably die by the time your done reading this article, and even if it was a nice custom desktop, much of the software/programs you’are using on it will likely not survive the conversion. Basically, the only people who will do this are PC tech’s who will do it for a laugh, or to test aged software on the newest operating systems.

Windows 7 (if you got your hands on a Windows 7 Starter edition, and you somehow get the Windows 10 update notice, don’t do it!)

This one’s gonna be the one you want to double check on. First of all, if you upgraded your computer to Windows 7 from Vista, then your computer is likely 5-8 years old. If that computer was one the 5 years variety, is a desktop, has been cleaned out by a technician, has had it’s hardware upgraded (RAM, CPU, power supply) to keep up with modern computer standards, AND you aren’t dependent on programs that are older then roughly 2010. THEN (and only then) you can go ahead and try it.

Basically Windows 7 owners have to check if they are using a older release of windows 7, or a version upgraded from Vista. If you bought your PC close to when Windows 7 was released, but you have a superior CPU and ram speed, you might be alright. Be cautious of older laptops. We don’t see many that last longer than 4 years. If you got a rickety laptop full of treasured memories or documents, and it’s making scratchy noises with the fan on max, back up that computer and put that stuff on a new computer instead.

Overall were looking for TWO things. That you’re confident your computer is in good working condition, and you aren’t using old, old programs that were designed for use on Vista (or even old windows 7 software). If you struggled to get something to work before, be ready for that struggle, or inevitable loss once you’ve upgraded. If you aren’t sure, just make a system image of your drive prior to the upgrade. It can be used to put everything back the way it was in case you do not like the upgrade.

Windows 8 & 8.1

You should be good, unless like in the paragraphs above, you upgraded from Vista, to 7, to 8, then finally to 8.1, and are currently wondering why there’s smoke coming out of the computer…If your computer is running real slow from previous upgrades, I wouldn’t recommend it. Though you CAN make a system image of your computer prior to upgrading. Then if the goblins inside the computer decide to take vengeance on you, you can simply put everything back the way it was and forget about all the bad things that happened.

OK! I think i’m OK to upgrade! what should I do beforehand? 

Backup your files!

If you don’t have a lot of pictures or video files on your computer, you might be able to get away with a 32/64 GB USB flash drive. These can be purchased for roughly $10-$20 dollars. (we bulk order them for 15$ per unit or find them when on sale.) If you have more than say, 120 GB’s of data, you can opt to just use multiple flash drives, or opt to get an external hard drive. These hold roughly 500 GB’s up to 2 terabytes (2000 GB’s) of data, of course they will cost a little more depending on the size you get.

Make a system Image File! 

If you load up the update and come back from work to an angry machine that’s hissing and cursing at you in dead languages, you can set your computer to EXACTLY how it was before you upgraded. IF you make the system image file BEFORE (<— cannot stress this enough) you proceed with the upgrade, you can make it as if you never did the update. think of it as a save file for a video game.

To do this you will need an external or internal hard drive that you are NOT using. Essentially what you’re doing is making an exact copy of what’s on the computer. So the more stuff you have on the computer, the more space you will need to make the file (Example- if you have 72 gigabytes of data on your hard drive, you will need something with at least 72 gigabytes of free storage)

Internet Explorer Will NOT BE THERE!

If you are among the many user’s (or are upgrading said users) who depend on “the blue e” to get you online to check your mail, Facebook, or this very article, you have been warned! Presumably there should be an option to transfer your bookmarks over to Microsoft’s new internet browser “Edge”. (they capitalized the blue e and set it on fire.) The old internet explorer browser will no longer be receiving updates.

Soon it be a security risk for people who choose not to upgrade and continue to use the browser. For those of you who are familiar with Chrome and Firefox apparently the setup is very similar to their browser settings. So if you need a bit of practice, or are trying to ease a user out of their comfort zone, try out out Chrome and Firefox. if you can use them, you can use Edge. and last but not least…

You should wait at least a week before you go through with it!

It’s a common trend for many to be cautious of brand new shiny technology. While the companies put their best efforts into ensuring that possible errors are taken care of before hand and kept to a minimum, things are gonna happen. The great thing about modern day technology though, almost all the problems that can happen to all the types of computers and the accessories associated with them, will be reported, reviewed, and posted online by many for all to see. There will be plenty of people eager to try out the new software to point out all the aspects of it, good and bad.

So if you wait a day or two. Then find out that everybody who downloaded the upgrade cannot use their mouse, open certain programs, download/upload speeds become unbearable, or the computers become sentient and demand you feed them the pet cat, go ahead and wait a bit. After the waters have been tested and a patch is released if needed, go ahead with the update. Most people have reserved their copy already, but just know that the update won’t go through until YOU confirm it and accept the EULA. On the release date the files should be automatically downloaded, then all you have to do is activate it at a time that works for you.

I hope you found the information helpful and that you resist the call of Mr hammer should you take every precaution, and the computer seems to be having issues, give us a call.  We can help you out.


Phone Water Damage Rice Trick!

Even the most un-tech savy person usually understands that you shouldn’t mix your electronics with good ‘ol H20. Water damage will usually end up killing your phone (or other hand held devices) for good. cracks can be fixed or even ignored, cases can be replaced, but submerged electronics will usually end up frying all the important bits inside the phone. You can’t fool the retailers either, there are indicators placed inside many electronics that will verify your phone was submerged in water, and you will likely end up paying for the damage.

Luckily there is couple of awesome tricks that, if acted upon fast enough, can completely mitigate the damage, or at the very least leave it in a operable state. Most have heard of the rice trick. Leaving your phone in a bag or container of rice will absorb leftover moisture from inside the phone, but you also want to make sure you do a few other steps first.

1. Dry of the outside first and turn off the phone.

Turn off the phone then, shake out excess water and completely wipe down the device with a towel or similar cloth to remove as much moisture as you can from the outside. Also if it is hooked up to a charger somehow remove that IMMEDIATELY.

2. Remove the battery, case, and SIM card

Most older phones can simply have the back removed by hand and then simply pluck out both the battery and sim card, but for newer models you may require some tools. My iphone 5 for example, has to have two very tiny screws removed, then pry the screen off. If you are unable to get to your phones battery via lack of tools or the fear of destroying your phone, just get the sim card out then go to the next step. Most modern phone have the SIM card locked into a slot on the side and can only be unlocked by pushing a tiny button, in a tiny hole, with a tiny (and easily lost) tool. If you don’t have the small tool to remove the sim card from its slot, a small tack or pin will work. simply push into the small hole with a bit of force and you should be able to remove it.

3. Vacuum the phone (do NOT blow dry!)

The second most popular step before dunking your phone in rice or silica packets is a vacuum cleaner. People have found success in sucking out the moisture using a household vacuum cleaner. This is definitely not recommended on computer devices like a desktop, printer, or laptop, as this can result in static electricity buildup/damage (unless you own the type specifically made for use on computers). On a small form factor like a cell phone though the risk seems to negligible, especially with the potential harm water can bring. What CAN cause static electricity buildup in a phone though is a blow dryer. Using a blow dryer can only help fry your phone. Even with out the heating element, you can end up forcing moisture INSIDE the circuitry. So vacuum good, blow dryer bad, then next…

4. Place you phone inside a container of rice/silica packets.

There is a growing amount of materials people have found that work better then the classic go to rice, but rice remains popular cause its the most common thing that’s likely within arms reach. If you have any silica packets from dried food storage or a medicine cabinet, throw those in as well. They’re a bit better at keeping things dry. After that all you can do is pray. You’l want to leave the phone alone for at least a day or two for maximum effect.

One scenarios we’ve personally experienced with water damage 

My dad owns an iphone 5s, and twice it has been knocked into our dogs water bowl by this little fuzzball, we call Smiley Kitty.

iphone rice trick, rice phone, dry out iPhone, water damage iphone, iphone rice trick, rice silica, cell phone rice trick, dropped phone in water, water damage cell phone, cell phone rice trick, cell phone water damage, iPhone dropped in water, rice iphone, silica iphone, rice cell phone, silica cell phone

I am Cat, Bane of small, paw-able items

Each time though it has come out unscathed. We did the basic steps and dunked in it rice, but we didn’t remove the battery simply cause we didn’t have a tiny screw driver laying around and wanted to get it in rice ASAP. From our experience we would recommend the iPhone 5s to anybody who was concerned with water damage being an issue in their daily lives. Also don’t leave your phone precariously next to the edge. For it is but a hockey puck, and the dog’s water bowl a goal net, in the eyes of furry house dwellers.

David Christie

Lenovo Superfish Spyware

After browsing through some computer articles online, we discovered an interesting bit about Lenovo computers sold last year.  Apparently an Adware program know as “Superfish” was knowingly planted into certain models of Lenovo computers sold in the year 2014. The program itself kept track of the users browsing history, Superfish would then insert adds onto the sites you visited most, as well as open the path for various other types of malware to infect the computer. It is has been noted that there is a potentially large security risk if you use your computer in a local wi-fi area while your computer is under the effects of this software.

However it seems there hasn’t been any major incidences to note. According what we’ve read on the matter.  The software is easy to spot and remove with windows add & remove programs feature.  If you’ve had your computer scanned for malware or virus removal by a technician or equally computer savvy individual, it is likely you no longer have it on your PC. If you would like to confirm whether or not you have an infection you can click on this link.

The website will begin its confirmation test as soon as it loads and takes about ten seconds. The site recommends you do the test with all your browsers installed on your computer. If any of them say you have Superfish on your computer you can easily remove it using the add & remove programs features located on the control panel. It is likely programs like Malwarebytes and HitmanPro will designate the program as hostile as well.

Again this program is likely only to be found on Lenovo model computers.  The company is facing a class action lawsuit due to the potential security breach Superfish brings to users. If you know someone with a Lenovo model computer that was recently purchased, have them check that site out and make sure they don’t still have this ad-ware floating around in their PC.

Thank you for Keeping “The Working Mouse” working!

%d bloggers like this: