Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences. The specific end of support day for Windows 7 will be January 14, 2020. After that, technical assistance and software updates from Windows Update that help protect your PC will no longer be available for the product. Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.
What does end of support mean for me?
After January 14, 2020, if your PC is running Windows 7, it will no longer receive security updates. Therefore, it's important that you upgrade to a modern operating system such as Windows 10, which can provide the latest security updates to help keep you and your data safer. In addition, Microsoft customer service will no longer be available to provide Windows 7 technical support.
Can I upgrade my existing PC to Windows 10?
Yes in most cases, your Windows 7 license key can be compatible with Windows 10
How can I upgrade to Windows 10 for free?
The Windows 10 free upgrade offer ended on July 29, 2016. To get Windows 10 you will need to either purchase a new device or, if you have a compatible PC, purchase a full version of the software to upgrade your existing device.
What happens if I continue to use Windows 7?
If you continue to use Windows 7 after support has ended, your PC will still work, but it will become more vulnerable to security risks and viruses. Your PC will continue to start and run, but you will no longer receive software updates, including security updates, from Microsoft.
Can Windows 7 still be activated after January 14, 2020?
Windows 7 can still be installed and activated after end of support; however, it will be more vulnerable to security risks and viruses due to the lack of security updates. After January 14, 2020, Microsoft strongly recommends that you use Windows 10 instead of Windows 7.
Will Internet Explorer still be supported on Windows 7?
Support for Internet Explorer on a Windows 7 device will also be discontinued on January 14, 2020. As a component of Windows, Internet Explorer follows the support lifecycle of the Windows operating system it’s installed on.
What if I'm running Windows 7 Enterprise?
If you are using Windows as part of a work environment, we recommend you check first with your IT department or see Windows 10 deployment support to learn more.
What about Windows 7 Embedded?
Windows for embedded devices such as ATMs or gas pumps have lifecycle dates that sometimes differ from versions of Windows that are used on PC devices.
Can I move my existing programs to a new Windows 10 PC?
For the best possible experience, we recommend doing a fresh installation of your programs and apps on your new Windows 10 PC. Microsoft Store has a variety of third-party apps that can be easily downloaded and installed.
But an upgrade of your existing Windows 7 is possible but some programs will need to be removed if not compatible.
How will Windows 7 end of support affect my Microsoft Office apps?
Your experience may be different depending on the Office version you're running. To learn more, see Windows 7 end of support and Office. It's important to note that Windows 7 itself will no longer receive security updates, leaving your device vulnerable to security threats. As such, if you're running Microsoft Office on a Windows 7 PC, we recommend you move to a new Windows 10 PC.
What should I do?
You can come over for a free consultation and estimate, please make an appointment:
Click here to schedule an appointment
CompuBC Information Technology Services Ltd
1 - Stop Screwing Up Your Computer!
I'm not here to judge. Really, I'm not. I have, however, been fixing computers, in one capacity or another, for well over two decades, and I see the same thing over and over....
People are constantly screwing up their own computers!
Some computer problems are due to hardware failures or lemons, exactly how your microwave or dishwasher might fail due to age, wear, or maybe a factory defect. While there are things you can do to identify and even help prevent these sorts of problems, I would never say you've screwed something up just because you have some bad luck.
Beyond that, though, is almost every other problem: the ones we cause ourselves, mostly by ignorance, which hopefully I can solve for you here.
Sometimes, however, procrastination is the enemy. We put off a computer maintenance task because we don't have time, or tell ourselves that we'll back up our stuff next week instead.
Regardless of where you sit on the ignorant-to-procrastinating scale, let the following 13 slides remind you of some of the most important things you can do to stop screwing up your computer!
I even rate your screw up from 1 to 10. You're welcome!
2- You're Not Backing Up Continuously
One big way to screw up your computer, and by extension yourself, is to back up in some way that's not continuous.
This is a LEVEL 10 SCREW UP!
Yes, you should be backing up your data continuously, as in virtually nonstop... all the time... at least once per minute. It sounds excessive, but it's true.
This is one of the biggest way you're screwing up your computer (and your smartphone, and your iPad, etc.).
Your data is the most important stuff you own. They're your irreplaceable photos and videos, your expensive music, your school paper you've invested hours and hours in, etc., etc., etc.
While it's possible to use traditional backup software to back up continuously to an external hard drive or a network drive, it's easier to get started with, and safer on several levels, to back up continuously with an online backup service.
CompuBC On-line Backup is a perfect online backup solution that automates data backup to secure cloud storage.
The application combines easy to use interface with a powerful functionality making a disaster recovery plan simple, reliable and affordable.
• Keep backups in remote location
• Restore backups anytime from any place where you have internet connection
• Setup suitable schedule for backups or backup every changed or new file immediately with Continuous Data Protection
• Protect backups by encrypting your data
• Compress backups to reduce the size of required cloud storage.
Backup Schedule - Automate backups by setting up suitable time and frequency.
Real-Time Backup - Backup everything automatically. CompuBC On-line Backup runs as Windows Service and tracks folders for new or changed files to backup them immediately.
Encryption - Protect your data from unauthorized access by choosing an encryption algorithm and setting a unique encryption key. CompuBC On-line Backup encrypts all your data before uploads it to a storage.
Compression - Reduces the size of your backups to save time and money spent on data recovery plan. CompuBC On-line Backup compresses data prior to transfer.
Intelligent Bandwidth Scheduler - Control the bandwidth throttling in real-time to set, for instance, the backup to consume all available bandwidth during the off hours and on the weekends while consume only 10% of bandwidth during the working hours.
Virtual Disk - Expose cloud storage as a local disk on your computer and access your data.
Local Backup - Set up local backup if you want to send only subset of your data to the cloud and keep the rest on your local backup storage.
Block Level Backup - Backup only changed parts of the file. CompuBC On-line Backup detects these parts and automatically uploads it to the remote storage.
So stop screwing up your computer and start continuously backing up to the cloud! Most smartphones have built-in auto-backup capabilities, so be sure to turn those on too!
(Wait, you're not backing up at all? Here's your chance to get started, and do so the right way from the get-go.) https://www.compubc.com/online-backup.html
3 - You're Not Updating Your Antivirus Software
Another "good" way to screw up your computer is to not keep updated that antivirus program you took the time to install.
This is a LEVEL 10 SCREW UP!
Those nefarious malware authors out there make new viruses every day, change how they work, and find new ways of avoiding antivirus software. In response, antivirus software has to respond just as quickly.
In other words, your antivirus software only worked 100% the day you installed it. Kind of depressing, isn't it?
Most antivirus software, even free antivirus programs (of which there are plenty), automatically update their definitions, the term used to describe the set of instructions the programs use to identify and remove viruses and other malware.
But most free antivirus program will not give you the full protection you need.
CompuBC use Award winning antivirus platforms and we will know if you got infected, alert you & help with the removal
Managed Antivirus can help your system proactively stay ahead of all malware threats, both known and emerging.
Managed Antivirus not only keeps your network’s security up-to-date with protection against the latest known threats by using traditional signature-based protection, but it also protects against new viruses by using sophisticated exploratory checks and behavioral scans of your system.
Our Award winning antivirus platform applies the following real-time protection layers:
That said, there are sometimes pop-up messages that ask you to do this manually or notices that appear on screen about needing to update the core program before definition updating can continue.
Unfortunately, I see people screw up all the time by closing these... without reading them at all! A message that shows up over and over is usually a good indication that's it's important.
So stop screwing up your computer's ability to fight the bad guys and make sure that you have a good antivirus program and it is updated!
(You don't even have an antivirus program installed? CALL US RIGHT NOW!) https://www.compubc.com/managed-it-services.html
4 - You're Not Patching Software Right Away
Similar to the not-updating-your-antivirus mistake from the last slide, putting off those software updates, especially the operating system ones, is a great way to screw up your computer.
This is a LEVEL 10 SCREW UP!
(I know, three Level 10 screw ups in a row! I'm getting most of the really important stuff out of the way first.)
The majority of software patches these days, especially the ones Microsoft pushes for Windows on Patch Tuesday, correct "security" issues, meaning issues that have been discovered that could allow someone to remotely access your computer!
Once these vulnerabilities in Windows have been discovered, a patch has to be created by the developer (Microsoft) and then installed (by you) on your computer, all before the bad guys figure out how to exploit said vulnerability and start doing damage.
Microsoft's part of this process takes long enough so the worst thing you can do is extend that window of opportunity any longer by procrastinating on installing these fixes once provided.
Windows Update is probably installing these updates for you automatically but you can check for this, and change the behavior, any time you want.
It's the exact same situation with your Mac or Linux computer, your tablet, and your smartphone... just different details. However you're notified that an update is available to iOS, your smartphone software, or your Linux kernel: promptly apply the update!
Other software and app updates are important too and for similar reasons. If your Microsoft Office software, iPad apps, Adobe programs, (etc., etc., etc.) ever ask you to update, just do it.
(You've never installed updates to Windows? Like I said above, they may be installing without your knowledge, but you should check to be sure. See our managed services that will force windows updates.) https://www.compubc.com/managed-it-services.html
5 - You're Not Using Strong Passwords
We all use passwords. Most of the devices and services we use require that we do.
What they don't (usually) require is that the passwords not suck. A "strong" password, in case you didn't know, is a password that doesn't suck... in some specific ways.
Hopefully you know that passwords that include your name, simple words, 1234, etc., are all "bad" passwords. Information security experts call these types of passwords weak passwords.
Weak passwords are easy to "crack" with special software. Very weak passwords are even easy enough to guess. Yikes.
This is a LEVEL 9 SCREW UP!
I've written about guessing your own simple passwords and even hacking in to your own computer, both things you may be happy to have the ability to do when needed but that every other expert computer user can also do.
search "What Makes a Password Weak or Strong" if you're not quite sure how great, or not-so-great, your passwords are. If they don't meet that "strong" criteria, here's How to Make a Strong Password:
Do yourself one better and use a password manager to store your hard-to-remember passwords, leaving you with just a single, strong password to memorize. There are plenty of free password manager apps, programs, and web services out there like LastPass.
(Logging in to Windows or some other service without a password at all? Set one. Please!)
6 - You're Still Running Windows XP
Windows XP was probably Microsoft's most successful product of all time, certainly its most successful and popular operating system.
Unfortunately, in April of 2014, Microsoft ended pretty much all support for it, meaning that those important security holes that are patched every month on Patch Tuesday are not being created for Windows XP! and will end Windows 7 support soon!
This is a LEVEL 8 SCREW UP!
If you're still using Windows XP then your computer is still vulnerable to all of the security issues that have been found, and corrected in later versions of Windows, since May of 2014!
This is a Level 8 screw up and not a Level 10 because there are a few ways you can keep yourself relatively safe and still use Windows XP.
7 - You Still Haven't Updated Windows XP, 7, 8 to 10
One easy to way to screw up your Windows computer, especially if you did update Windows XP, 7, 8 to Windows 10.
"Hu?" It's confusing, I know... I'll explain below.
This is a LEVEL 8 SCREW UP!
8 - You're Downloading the Wrong Stuff
Another very common way to screw up your computer is to download the wrong types of software, filling your computer up with stuff you never wanted, including malware and adware.
This is a LEVEL 7 SCREW UP!
As you probably know, there are tens of thousands, maybe more, completely free software programs and apps out there.
What you may not know is that there are different levels of free software. Some are completely free, often called freeware, while others are only "sort of" free, like trialware programs and shareware programs.
Some sites trick users by advertising that the download is free when in reality the only thing they're saying is that the actual download process is free. (Well duh!)
What all of this confusion does is help you end up with something other than what you thought you were getting. It's frustrating, I know.
9 - You've Left Junk Installed... and Probably Running!
A pretty easy way to screw up your computer is by installing, or leaving already-installed, junk software on your computer, the worst of which is the kind that runs in the background all the time.
This is a LEVEL 7 SCREW UP!
The bulk of the blame for this one is with your computer maker. Seriously.
Part of the reason some companies can sell their computers at such a low cost is by taking money from software makers to include trial versions of their programs on your brand new computer.
Unfortunately, most people have little to no use for these programs. What the majority of new computer users will do, at most, is just delete the shortcuts to these programs. Out of sight, out of mind.
What some people don't realize is that these programs are still installed and wasting space, just hidden from your daily view. Worse yet, some of these programs start up in the background when your computer starts, wasting your system resources and slowing down your computer.
In fact, preinstalled, always-on software is one of the biggest reasons for a sluggish overall computer experience.
Fortunately this problem is easy to fix, at least in Windows. Head to Control Panel, then to the Programs & Features applet, and promptly uninstall anything you know you don't use. Search online for more information about any programs you're not sure about.
10 - You're Letting Needless Files Fill Up the Hard Drive
No, it's certainly not the most important thing you can screw up, but letting needless stuff fill up your hard drive, especially with today's smaller solid state drives, can impact how quickly some parts of your computer work.
This is a LEVEL 5 SCREW UP!
In general, having "stuff" on your computer that doesn't do anything but take up space is not anything to worry about it. When it can be an issue is when the free space on the drive gets too low.
The operating system, Windows for example, needs a certain amount of "working" room so it can temporarily grow if need be. System Restore comes to mind as a feature that you'll be happy to have in an emergency but that won't work if there's not enough free space.
To avoid problems, I recommend keeping 15% of your main drive's total capacity free.
Having hundreds or thousands of extra files also makes it harder for your antivirus program to scan your computer and makes defragmenting of old mechanical hard drives more difficult.
In Windows, a really handy included tool called Disk Cleanup will take care of most of this for you. Just search for that in Windows or execute cleanmgr from Run or Command Prompt.
If you want something that does even more of a detailed job, CCleaner is excellent. It's also completely free.
Oh, and don't worry, it's usually by no fault of your own that these files accumulate over time. It's just part of how Windows, and other software, works.
11 - You're Not Defragging On a Regular Basis
To defragment or not to defragment... not usually a question. While it's true that you don't need to defrag if you have an solid state hard drive, defragging a traditional hard drive is a must.
This is a LEVEL 4 SCREW UP!
Fragmentation happens naturally as your computer's hard drive writes data all over the place. Having a bit here, and a bit there, makes it harder to read that data later, slowing down how quickly your computer can do a lot of things.
No, your computer isn't going to crash or explode if you never defrag but doing it on a regular basis can most certainly speed up pretty much every aspect of your computer use, especially non-Internet related tasks.
Windows has a built-in defragmentation tool but this is one area where other developers have gone the extra mile, making easier-to-use and more effective tools.
My recommendation is to move to an SSD technology and clone your drive to a new SSD drive where NO defragging is needed.
12 - You're Not [Physically] Cleaning Your Computer
First of all, don't dunk any part of your computer in a sink full of soapy water! That image is for illustration purposes only!
Not properly cleaning your computer, however, especially a desktop computer, is an often overlooked maintenance task that could eventually screw up your computer something severe.
This is a LEVEL 4 SCREW UP!
Here's what happens:
In other words, a dirty computer is a hot computer and hot computers fail.
If you're lucky, your operating system will warn you that certain pieces of hardware are overheating or you'll hear a beeping sound. Most of the time you won't be lucky and instead your computer will start to power off by itself and eventually never come on again.
It's easy to clean a computer fan. Just go buy a can of compressed air and use it to clean the dust from any fan in your computer. Amazon has tons of compressed air choices, some as cheap as a few dollars a can.
In desktops, be sure not to miss the ones in the power supply and in the case. Increasingly and video cards.
Tablets and laptops usually have fans too so be sure to give them a few puffs of canned air to keep them running smooth.
Yes, keyboards and mice need cleaning too, but dirty versions of those devices usually don't cause serious problems, unless bacteria is your enemy, then read this post.
Do be careful cleaning that flat screen monitor, though, as there are household cleaning chemicals that can permanently damage it.
13 - You're Not Asking for Help When You Need It
Last, but certainly not least, and very much related to the last big screw up you just read about, is not asking for help when you need it.
This is probably THE BIGGEST SCREW UP EVER!
Don't feel bad! This is something just about everyone screws up on.
If you think you might be able to fix a problem that pops up yourself, you run to your favorite search engine for help.
Maybe you ask a friend on Facebook. Or Twitter. Maybe your 12 year old is a wiz and fixes everything for you.
All of those things are great. Consider yourself lucky that they worked out, ask the professionals.
Avoid trying to open your case and "fix" your hardware or tempering with your operating system.
Just pickup the phone and call your computer tech support go-to guy. Well...that's us.
Like its predecessor, the T1, the T2 is designed to shift responsibility for security-critical aspects of Mac hardware out of the hands of the Mac CPU and traditional computing components—where they can be subject to hacks and malfeasance—into a “secure enclave,” a separate environment inaccessible to hacks, malware, and even hardware-based security risks. Even if macOS were somehow completely “pwned” by a security flaw or attacker, the critical functions and data handled by the T2 would be completely unaffected.
These days, it’s safe to say most technology users are interested in more security, rather than less, so the benefits of the T2 seem clear, if decidedly nerdy. But that doesn’t mean a T2-equipped Mac is the right choice for every Mac user right now—even those who want to be as secure as possible.
Why Does Apple Need Security Chips?
It’s no secret Apple’s hardware group has been on a roll for the last several years: it currently makes five processor lines (the A, H, S, T and W chips) that power everything from iPhones and iPads to the Apple Watch and AirPods. So it’s not surprising Apple would bring its own silicon to the Mac to enable Apple-exclusive features.
The company introduced the T1 in late 2016 to handle the fingerprint processing for Touch ID sensors in the first Touch Bar-equipped MacBook Pros, and it also helped lock down sensitive components like the built-in microphones and cameras. Further, the T1 took over the System Management Controller (SMC), which is responsible for heat and power management, battery charging, and sleeping and waking the Mac. Finally, the T1 determines if macOS is running on actual Apple hardware.
The T2 picks up from there, with four major capabilities:
What Does The T2 Do For You?
Apple has published an overview of the T2 chip spelling out some of its technical details, but here are the main points:
Downsides of the T2
For most Mac users, the benefits of the T2 are clear, particularly for notebook users who take their Macs with them wherever they go. If your new MacBook Air is stolen, the T2 offers decent assurance that sensitive data—like email, passwords, credit card numbers, social media accounts, super-secret projects, or those pictures—won’t fall into the wrong hands.
The T2 isn’t without trade-offs, however:
So What’s With These Audio Problems?
Since the introduction of the iMac Pro—and continuing with newer T2-equipped Macs—users have reported occasional audio glitches: little clicks, pops, or bursts of noise that seem to happen at irregular intervals. They occur with both audio playback and audio recording, and can happen using any app, whether listening to Apple Music, watching a video on YouTube, playing a game, or—uh oh!—playing a hot DJ set at a party or recording a live symphony orchestra.
The problem seems most common with USB-connected audio devices—whether consumer-grade headsets, podcaster-level microphones, or professional audio gear—but the glitches also happen with built-in speakers and microphones as well as audio devices connected via Thunderbolt. How often do they happen? Hard to say. Some users see a few every hour, others maybe only one per day.
Many Mac users won’t care. If there’s a little pop while streaming “Baby Shark” for the thirty-first time, it’s not the end of the world, am I right? OK, maybe I’m right?
However, for others, these glitches are literally showstoppers. If you’re using your Mac to process live audio—maybe you’re a DJ, or a musician using your Mac to run software instruments with programs like Ableton Live or Apple’s MainStage—blasting your audience with random pops, clicks, and bursts of sound is a Very Bad Thing. If you are recording music—whether in your bedroom using GarageBand or burning through hundreds of dollars per hour in a professional studio—those glitches will inevitably happen during critical moments, often destroying your recording. Imagine telling a legendary performer: “Hey, that was great, but the Mac glitched. Let’s go again, maybe it’ll record OK this time!” It’s a quick way to end a career. For musicians and audio professionals, this problem makes T2 Macs unreliable and untrustworthy—an irony, since many of these people use Macs to avoid the famous undependability of audio setups under Windows.
For professional recording studios, the T2 chip isn’t yet much of a problem. (No joke: plenty of Mac-based recording studios are still using decade-old Mac Pro towers.) But a tremendous amount of amateur, enthusiast, and professional audio work—whether music, podcasts, mixing, or DJing—doesn’t happen in professional studios: it happens on notebooks and in small Mac-based project studios. Plenty of musicians take their Macs on stage with them to perform in real time. The T2 is spreading across ever-greater swaths of Apple’s Mac lineup, which makes choosing a new Mac difficult.
What to do? The T2 audio problems have been known for well over a year, and Apple has been utterly silent about them save for a vague claim that macOS Mojave 10.14.4 “improves the reliability” of USB audio devices used with T2-equipped Macs. Some audio developers (like Germany’s RME) have reported improvements with USB audio, but my limited testing with a T2-equipped MacBook Pro found no discernible improvement using 10.14.4 with USB or Thunderbolt audio devices.
Some T2 users have been able to reduce the frequency of glitches by killing the built-in timed process (which synchronizes the Mac clock with a time server) and/or locationd (which tries to determine a Mac’s location for Location Services). Some folks have had good luck with these workarounds; others still experience problems. Unfortunately, stopping these background processes is non-trivial and requires disabling macOS’s System Integrity Protection. In other words, not recommended.
Is A T2 Mac Right For You?
For most Mac users, the T2 chip offers clear benefits: not only does it power spiffy fingerprint detection on the MacBook Pro and MacBook Air, but it also provides fully encrypted storage and hardens the Mac against a range of sophisticated attacks—including the sorts of things that a government might carry out if one were to seize a computer.
But the T2 also highlights how fragile the Mac world can be. Users who don’t have easy access to an Apple Store or authorized repair shop may encounter real problems getting a T2 Mac fixed. Users who don’t have a good backup strategy probably won’t be able to recover any data at all if the T2 chip fails—even if they turn to data recovery experts. And developers who want to run anything but macOS or Windows 10 natively are basically out of luck. So if your Mac has a T2 chip, figure out in advance where you’ll get it repaired if necessary, make sure you’re backing up regularly to multiple locations, and stick with virtualization for guest operating systems.
All that said, if you rely on your Mac for audio—whether recording podcasts, DJing parties, or as a professional engineer or musician—I recommend avoiding T2-equipped Macs until audio issues have been verifiably resolved for quite some time. If you need a new Mac before that happens, consider one of the few remaining models without a T2 chip, or perhaps an older pre-T2 Mac—sometimes Apple offers a good deal on refurbished and clearance models.
Remember how zippy your Mac was when you first got it? How it booted up in a snap, and switched fast between apps? At iFixit, we live for breathing new life into broken devices—but what if your Mac is just wheezing and slow? After all you’ve been through together, you don’t want to just throw it away. Should you sell it? Leave it unplugged in a drawer for a few more years (until you feel less guilty about throwing it away)?
Answer: none of the above. Upgrading your Mac is an amazingly effective option, and it’s cheaper than you might expect. With a brand-new SSD and high-capacity RAM, your aging Mac will be running good as new—no, make that better than new.
First things first: an SSD upgrade is, hands down, the best way to speed up your computer.
There’s lots of information on the benefits of SSDs versus HDDs, but here’s the short version:
Unlike an old-fashioned hard disk drive (HDD), which stores the computer’s info on a spinning metal platter, a solid-state drive (SSD) stores the information in silicon chips.
Because there are no moving parts in an SSD, they can read and write information up to 10 times faster than a traditional HDD.
This means that boot times, application launch times, and data retrieval get much, much faster when you use an SSD as the primary storage for your computer.
Moreover, SSDs are more resistant to shock, vibration, and movement—making them particularly suited to laptops and other devices that are subject to sudden knocks and bumps.
So if you’ve got a need for speed—or if you’re just trying to add more storage to your device—open up Activity Monitor and click the Disk Usage Table to see what size SSD you need.
Look at how much space you are using on your current hard drive and round it up to the nearest SSD size (or go higher if you want to future-proof your machine).
SSD come in 240/250 GB, 480/500 GB, and 960/1 TB drive sizes for every Intel-powered Mac that can accommodate a SATA Drive. And they work in both 2.5″ formats (for laptops, Mac Minis, and some iMacs), as well as in 3.5″ drive bays (like those found in larger and older iMacs) through the use of an included adapter.
Max out your memory
If you find yourself staring at OS X’s spinning beach ball more often than you’d like, then RAM is the answer.
RAM is your Mac’s short-term memory—meaning every time the system opens a program or process, it loads it into RAM.
If the system needs to juggle more applications than the RAM can hold, it has to offload some of them to a temporary storage area on the hard drive (called the swap file), This eats resources, slowing everything down to a crawl.
Not too long ago, many Macs shipped with 2 (or fewer) GB of RAM—an amount that would quickly fill up with today’s resource-hungry software.
But as the software companies continue to add new features and make the digital lives cooler and fancier, the old RAM-limited hardware increasingly struggles to keep up.
Fortunately, in most cases, this is an easy fix.
One important caveat about RAM upgrades is that the amount of RAM your Mac can utilize is limited by the rest of the hardware in the computer.
Not all computers can handle 16 GB of RAM, and figuring out which computers can handle which RAM configuration can be tricky sometimes. If you’d rather not, simply call us for assistance. You can rest easy knowing that you’re getting the ultimate RAM experience for your machine.
To know if a RAM upgrade is right for you, open OS X’s Activity Monitor and click on the System Memory. If the chart indicates that most of your RAM is “Active” or “Wired,” you’re likely going to experience system slowdowns. While you’re there, check out how much RAM you have installed.
Fed up with IT issues? Here are the top signs you need a MSP (Managed Services Provider) to get your business back in shape!
IT management is the base of all business operations. No matter what time of the year it is, or season, your IT systems need to give you the best performance 24/7. However, management of IT systems can be difficult and expensive. It can also get you to lose focus from core business activities, if something in your IT systems goes terribly wrong, for example a server downtime.
It’s one of those processes that require consistent planning, research, and analytics to keep your online business healthy, avoid problems while also optimizing your business performance. Due to the depth of it, business owners often state IT management to be the sole cause of their delays and distraction in key business operations. So, what are the signs that you may be ready to outsource your IT management and need a managed services provider?
Sign 1: IT Problems Just Keep on Coming – Advancements in IT industry are bringing in changing technologies and new methods to master, but you are struggling to keep up with the daily workload and sorting out issues one after the other.
Effect: By hiring a Managed Service Provider you will relieve the burden on your IT staff and achieve more efficient operations.
Sign 2: Your IT Team Can’t Meet the Service Demands – Your IT staff with generalized technology is having a hard time coping with service demands that require specialized IT skills.
Effect: When the need of support solutions goes beyond the skill sets of your staff, managed services from CompuBC are necessary to keep your systems at top functionality under added demand.
Sign 3: You Deal with Critical & Sensitive Information – Your business stores, accesses, or transmits critical data and you are unsure whether you will be able prevent sensitive data leaks, hacks, fraudulent attempts.
Effect: Managed services from CompuBC ensure that critical data such as personal and financial information, and medical records are protected all the times while also employing strategic protocols to deal with theft and intrusion attempts.
Sign 4: You Are Unable to Predict Your IT Budget – You find your IT costs vary widely each month preventing you from making a proper budget plan. Whenever something goes wrong you must pay high troubleshooting charges.
Effect: You hire a managed service provider for a fixed fee, even when you need emergency support you won’t have to pay sky high charges. This allows you to create and stick to a predictable budget.
Sign 5: You Don't Have an IT Support on Your Payroll – You can't afford to have a full-time IT support in your business and you don't have the budget for an IT service contract.
Effect: With a Managed Service Plan from CompuBC, you don't need to break the bank, CompuBC can provide a cost-effective monitoring solutions & a break/fix service as needed.
If your business is experiencing any or all of these signs, it is time to call the IT professionals at CompuBC to become your technology partner.
As Internet lines become faster and servers more affordable, online data backup is not a sweet concept any more but a modern service you can really count on when backing up your files.
There are many advantages of online data backup over making copies on CDs, external hard drives or USB flash sticks. Some of these advantages are quite obvious, others might not have crossed your mind.
Making copies to a USB thumb drive has little value, if it is damaged or lost, as is your computer. There are so many risks, like fire, computer viruses, theft, flooding and hardware failure when you are storing backup copy in a remote place, away from your computer. When your main drive burns in fire or is stolen, you may still recover all your data from online backup copy and you will not loose any valuable files.
Backup Solution Is Fully Automated
It is advisable to create your own procedures, like making weekly backup to an external hard drive or DVDs; however, it takes some effort every time you need to copy some files.
There is always a danger of forgetting a file or two or just becoming careless and skipping making backups on some week. Luckily, CompuBC online data backup software offer fully automated solutions, which are scheduled to make backups regularly.
Recovery from Online Backup Is Easier
When a crisis hits, the value of a decent backup strategy becomes apparent. Best data backup solutions enable to recover lost data fast, without disturbing your workflow.
CompuBC online data backup software offers fast and easy way to recover all files you need in a very short time and from any ware and to any computer.
Keeping Earlier Copies, Data Versioning
There are things you really can't do with manual data backup solutions by yourself. Versioning is one of them. CompuBC online data backup solutions preserve sequential copies of your data, and you can search and recover your data from earlier copies as well. It offers true value, if you are working with data files which are regularly updated and you need to recover some data that was accidentally overwritten or deleted.
Sync Your Data on Different Devices
Obviously, synchronization is another handy feature you can not do with old backup systems. Luckily, you can sync your data with our online data backup software easily.
Imagine how much easier it makes your work, if you can start with file on your desktop, then work with it on laptop and then present results in your tablet. You may be amazed, how much more you can achieve with decent productivity tools.
Saving Costs and Time
Buying all the drives and backup media by yourself may prove quite expensive, because they also need upgrading, maintenance and your time to operate. Many our clients admitted that saving time with online data backup solution was the biggest argument for them. For small and medium sized companies, outsourcing data backup solutions from online backup providers may save big bucks.
Online Data Backup Gives Peace of Mind
It is hard to measure the value of peace of mind. One thing is sure – by using our online data backup solutions you will worry less about losing your data. Let us do the hard work and you will save a lot of your time and mind, you will feel that your life quality is better, and you will enjoy many things more if you have less things to worry about.
You seem to be interested in this service? Do you think your friends would like to have their data kept safe, too? Please take a second and share!
Facebook was hacked, and now everyone is scrambling to understand why it happened, who was responsible, and most importantly, what it means for the potentially 90 million affected users. What’s become clear is that Facebook’s unprecedented access to user data across at least 8 million websites—via the ever-present Login With Facebook option—puts each of Facebook’s 2 billion-plus users at risk.
To understand why the Login With Facebook option is a bad idea, we’re sharing three facts you might not know about the problems associated with using a centralized service connected to your social profile as a way to manage logins for many accounts.
Fact #1: Facebook collects a surprisingly large amount of data on people to power its advertising engine.
Facebook is often referred to as a social media company or a social media app. But that’s not a business model. It would be far more accurate to think of Facebook as the second largest data-collection and advertising agency in the history of mankind, behind Google—we’ll get to them soon. In 2017, 98% of Facebook’s global revenue was generated through its advertising business. It’s no wonder Facebook does everything in its power to collect every ounce of data about everyone they can, whether they have a Facebook account or not. That phone number you gave Facebook to help secure your account? The company used it to serve you and your friends ads. The list of data points they collect is practically endless.
Armed with this data, you could say that Facebook knows more about you than even you know about you. And one of the primary ways Facebook collects this data was just revealed to be vulnerable.
Fact #2: The Facebook hack exposed Login With Facebook, which connects users with third-party services like Airbnb, Spotify, and Uber.
It’s hard to find a service nowadays that isn’t connected to Facebook in some way. For many of those services, users don’t even need to create an account—they simply use Login With Facebook to gain access. In theory, using Facebook as a way to manage logins for third-party accounts is beneficial to all parties: Users get an easy, one-click login, services get new, verified users without the responsibility of securing login data, and Facebook gets access to the user data associated with those services.
However, the recent Facebook hack exposed the dangers of using Facebook as a way to manage your logins for many accounts.
It’s unclear what data, if any, was stolen in the hack. However, a paper published by computer scientist Jason Polakis in August 2018 analyzed the different ways hackers could exploit Login With Facbeook, as well as other types of social logins (e.g. signing in with Google) to infiltrate third-party accounts.
In controlled experiments, authors of the paper were able to:
You can see which third-party apps are connected to your Facebook profile here.
Fact #3: You can start to take back control of your private data by using a password manager instead of Facebook to log in.
Password managers remember all your different passwords, personal details, and payment info and intelligently fill in that information on your desktop, laptop, tablet, or mobile device. They have all the convenience of using Login With Facebook, but they’re more secure. And while they don’t protect you from 100% of the risks associated with using Facebook, they are the best alternative to allowing Facebook to manage access to all your accounts.
You’re probably wondering, How’s a password manager more secure than using Login With Facebook? It sounds like I’m still putting all my eggs in one basket.
There is one crucial difference: Facebook was and remains a single point of failure for all 2 billion-plus users—a Facebook vulnerability could mean access to millions of users and their associated third-party accounts. In contrast, a password manager prevents this same “one-to-many” hack, because it requires a unique key—your master password, which is never stored online and is known only by you—to unlock your personal data. A password manager is designed to keep each of your accounts separate, so if one account becomes compromised, your other accounts remain secure.
So, while you’re keeping all your eggs in one basket, imagine that basket is locked inside a safe which is locked inside a larger vault. Even if someone manages to open the vault, your safe is protected by your unique master password.
All the problems associated with using a centralized service like Facebook exist with any type of social login, including Google, LinkedIn, Twitter, or Yahoo. In fact, LinkedIn, Twitter, and Yahoohave already been hacked, and Google recently revealed a breach for hundreds of thousands of users. The common thread? Each of these businesses generates revenue primarily through ad sales.
And the truth is, these data privacy issues shouldn’t have to be solved by users. Legislation around data privacy is underway in the U.S., and will continue to evolve to protect citizens. Facebook could take a big step in the right direction by allowing users to opt-in or out of allowing Facebook to connect their accounts with third-party services. That way, users are in control of where and how their data is shared, not Facebook.
But until that becomes a reality, stop entrusting your data to companies whose primary goal is to sell you ads. A security-focused password manager, like Dashlane, puts you in control of your private data and provides the same convenience of instant logins across all your accounts.
Thank to Eitan Katz from Dashlane
The internet is the most widely used communication network ever constructed. It’s used by millions of humans and machines every second of every day. There are good and bad things happening on the internet, and among the bad things are ongoing attempts to scam innocent people out of their money or identities.
Indeed, wherever there’s a slight opportunity of making some easy money, you can be sure that criminals lay ready to pounce. The internet brings with it many such opportunities, and fraudsters appear to be waiting around every virtual corner with the latest in online scams.
While some scams have gotten very sophisticated, even some of the older, less advanced plays still actually work. If people know more about the types of scams taking place and what to look out for, we can hopefully save at least some people from getting swindled out their hard-earned cash.
We’ve covered some specific types of scams in various dedicated posts, but here we’ll offer a roundup of many of the scams currently in operation.
Here’s our list of over 70 common online scams to be aware of:
Email scams are a type of fraud. While it’s true that a fraudulent offer can be contrived with almost any story, there are a few “tried and true” cons that seem to crop up repeatedly over time, such as advanced fee fraud, over payment fraud, and work from home scams, among others.
The broad strokes tend to remain the same, but the details of these types of fraud change over time. There are resources to keep on top of the ever changing scams, and steps to take to defend against them.
Email is an extremely common format for many scams for the simple fact that it’s so cheap and easy to execute. You would think that scammers would have refined their approach by now, but many scam emails are poorly written and fairly easy to spot. Nonetheless, some are more sophisticated and people still lose a lot of money to email scams every year.
This scam has many variations, and may claim that you are a beneficiary of some estate money, have won the lottery, or have an old bank account you’ve forgotten about.
A scam requesting a nominal fee of $82 in return for a supposed sum of $7.5 million.
Whatever the subject, the email is requesting that you send a fee in advance before you can receive whatever is promised.
This is a variation of the advanced fee scam but deserves its own spot since it has been so prevalent. Emails typically promise large rewards for helping “government officials” move money to US banks, with upfront fees required. The scam started in Nigeria and violates penal code 419 in the country.
Charity scams simply play on the emotions of victims to persuade them to hand over donations to fake charities and organizations. Subjects might include puppies in danger or disaster relief efforts. The emails typically include some excuse as to why the matter is urgent and may include links to legitimate-looking websites. Aside from sending money, victims may be handing over their credit card details to thieves.
Work from home:
Working from home has so many draws and is a major lifestyle goal for many people. Scammers capitalize on the dreams of these would-be remote workers by luring them with fantastic yet realistic-sounding work-from-home opportunities. The catch? They just need to pay upfront for some equipment or educational materials before they can get started, but these never arrive, and there is no actual job.
Some scammers spend a fair amount of time creating official-looking emails from reputable service providers. They tell the target that the account is about to be suspended and that they need to provide information to keep it open. The email might include a link to a phishing site requesting login credentials and billing details to secure the “continuation of service.”
Netflix customers were recently hit by such a scam.
This one is more targeted toward businesses. The scammer identifies the person within a company that has control over funds. They then pose as someone with authority such as the CEO, and request money be transferred to a specified account. With all of the information available on LinkedIn these days, it’s fairly easy for fraudsters to identify who to target and to come up with convincing stories (see also: whaling).
This type of phishing requires some preparation because the scammer needs to act convincingly like the executive he or she is purporting to be. The fraudster will then contact someone in the company who has the authority to move money and direct that person to transfer funds to the scammer.
As with most phishing scams, CEO phishing is most effective when there’s a sense of urgency or emotionalism applied to the request. Therefore, many CEO phishers will zero in on new members of the finance department in the hopes that person does not yet know all the safeguards that may be in place to prevent the scam from working.
Read more on CEO fraud here.
The very simplistic greeting card scam can be used to infect your computer with malware. The email poses as a greeting card (e-card) from a friend or family member and encourages you to click a link. Once you do, the malware is automatically downloaded and installed on your system.
Affinity fraud refers to when someone uses a common interest or belief such as religion to lure you in. It often happens in person, especially within religious communities, but can be conducted via email too.
The above email uses faith to try to hook the reader and persuade them that it’s legitimate.
Guaranteed bank loan or credit card:
In this take on the advanced fee scam, you are told that you are preapproved for a loan or credit card but that you just need to pay some processing fees. It could be a small amount but fraudsters might be looking for banking info more so than the money itself.
This one often targets businesses and involves an email containing an invoice for legitimate-sounding services. A sense of urgency is used to convince the receiver that they need to pay immediately or risk having the case transferred to a collections agency.
Scam compensation scam:
Yes, believe it or not, this one pops up regularly in spam folders. The email explains that its sender is coordinating some compensation for scam victims, and the receivers’ name is on a list of victims.
You just need to send over some personal details before you can start collecting your compensation.
While most online scams can be targeted toward virtually anyone with access to a computer, many are crafted specifically with the elderly in mind. Seniors are often targeted for identity theft since they are perceived as being more susceptible to certain scams. Here are some of the most common forms of elder fraud but you can find more about detecting and reporting these scam in our elder fraud article.
Elderly people seeking to invest are often looking for short-term lucrative projects to supplement their retirement income. Some scams simply promise fantastic returns in order to get seniors to hand over their money.
The insurance scam plays on the assumption that seniors might be less focused on what they have now and more so on what they will leave behind for loved ones. This type of scheme might involve a phone call or email persuading the senior that they need an annuity or life insurance policy. Often the insurance firm is completely made up, but insurance scams are actually sometimes carried out by legitimate agents, including one who has been caught multiple times.
As people age, health tends to be more likely to deteriorate and the need for prescription medication can become expensive. Many online pharmacies have stepped in to offer drugs and other healthcare at lower than average prices. The problem is, most of these sites do not operate within the law or follow standard practices. For example, the founder of Canada Drugs is wanted in the US for selling counterfeit medicines, but the website is still very much up and running.
Without proper regulation, consumers really have no way of knowing what they are getting or if they will receive anything at all.
This one is technically a form of vishing and involves someone calling a grandparent and posing as their grandchild who needs money urgently. They might say they’re in jail or in need of medical help abroad, but that it’s imperative they get the money immediately. Of course, the desperation tugs on the heartstrings of their “relatives” and one convicted scammer said that about one in 50 people fell for his scam.
Extortion scams follow the basic premise that you need to hand over money urgently or face a predefined consequence, whether it be real or fabricated. Extortion schemes can be simple or extraordinarily complex, depending on the imagination of the perpetrator involved. Here are some of the online extortion scams to look out for.
Ransomware is a type of malware that involves an attacker encrypting your files with the promise of decrypting them only in return for a fee. One of the most notorious cases of ransomware was the 2017 WannaCry attack in which more than 400,000 machines were infected. Ultimately, criminals took an estimated $140,000 worth of bitcoin in exchange for decrypting users’ hijacked files. Backing up files regularly can help protect you against the threat of ransomware.
In this form of extortion, victims are typically lured into sharing intimate photos or videos, often through dating sites or social media. They may even be prompted to perform explicit acts while being secretly filmed. They are then asked to pay a fee to prevent the photos or videos from being released.
This terrifying scam involves threats of physical violence and even death, usually sent via email. The claim is often that the person sending the email has been hired to kill you and will relinquish their role in exchange for a fee. Emails might include personal details garnered from social media or other sources to make them seem even more threatening. Aside from going after your money, some scammers also try to obtain your personal information for use in identity theft.
This is a variation of the hitman scam that plays on today’s societal fear of terrorist acts. Again, the basic premise is that your life will be spared only if you pay up.
Another one playing on the fear of recent world events is the bomb threat scam. This is an email telling people that there is a bomb planted in their building and it can disconnected only if a certain fee is paid.
Distributed Denial of Service (DDoS) attacks are similar to ransomware attacks, except that instead of file encryption you often have whole websites or internet services taken down. Web servers hosting these sites and services are flooded with dummy traffic that overwhelms them, slowing the site down to a crawl or even shutting it down altogether. Victims are instructed to pay a fee to gain back control over the service. Businesses are often prime targets for this type of attack.
We’ve touched on phishing in some of the other sections, but with this field comprising such a large portion of online scams, it’s good to know about the different types to look out for. In fact, the common element in almost all types of internet scams is the initial “phish.” This is the act of tricking you into providing some kind of information that is later used to scam you.
The odds of pulling off a successful scam are low, so the pool of potential victims has to be very large. The easiest way to contact a large number of people with almost no effort is through email. In some cases, phishing emails attempt to direct you to a clone of a trusted website where you’re likely to enter login credentials, or try to make you download malware.
In a dedicated phishing post, we look at the how to avoid or repair the damage done by common phishing scams, some of which are explained below.
Spear phishing is very targeted and the perpetrator typically knows some of your details before they strike. This could be information gleaned from social media, such as recent purchases and personal info, including where you live. A phishing email or message might be crafted based on those details, asking for more information including payment details or passwords.
WhalingThis is geared toward businesses and targets high-level executives within corporations who have access to the email accounts of someone in authority. Once they have access to that email account, they can use it for other means such as accessing employee information or ordering fraudulent wire transfers (see also: CEO fraud).
This is an even more targeted version of whaling where the main goal is to obtain employees’ W-2s or contractors’ W-9s. Recents cases have involved schools, hospitals, and tribal groups, as well as businesses. The email might be from an actual or spoofed executive account or might appear to be from the IRS or an accounting firm. Once provided, the documents give criminals everything they need for identity theft.
Phishing to deliver ransomware:
As if the phishing itself isn’t bad enough, many emails come bundled with ransomware. This way criminals can get an increased payload for their efforts.
Voice phishing (vishing) scams are not really online scams, but they are often linked and are becoming more sophisticated so are worth mentioning here. They use voice solicitation to get information or money from consumers or businesses. The scammer calls the victim and attempts to use social engineering techniques to trick the victim into doing something, often to give credit card details or send money.
Sending email spam and SMS spam is very easy and costs almost nothing. Calling an intended victim personally, on the other hand, takes more time and effort. For that reason, we are less accustomed to vishing and the stakes are often much higher in order to justify the scammer’s time.
One of the major benefits of vishing versus phishing via email is that criminals don’t have to worry about spam filters. Calls in general are far less abundant than email, so there is a higher chance of getting someone’s attention. While phone calls are more expensive than email, VoIP has made mass calling far more accessible to criminals.
To make matters worse, it is almost trivial to spoof a caller ID number these days. If a scammer wishes to present themselves as an official with your country’s tax bureau, it would be easy for them to show you a legitimate tax bureau number on your caller ID.
Bank fraud vishing scams are some of the most common you’ll come across. Scammers will typically pose as a bank representative and tell you there has been suspected fraud or suspicious activity on your account. While some will then try to extract personal or banking information, other scammers have different tactics. One in particular involves persuading targets to install “protective software” on their computer to block any more fraudulent transactions. What the software actually does is allow remote access to the victim’s computer.
We’ll cover tax scams in a bit more detail later, but these are often carried out over the phone or through a combination of phone calls and emails. The first contact via phone may be automated meaning scammers can reach a huge number of targets very easily. It also means they only have to actually speak with anyone who calls back. These callers would be considered “qualified leads” and easy targets at that point since they’ve already fallen for the first stage of the scam. See more tax scams.
Fake prize or contest winnings are often communicated via a phone call or automated voice message. Promised prizes could be in the form of cash, a car, or an all-expenses-paid vacation. In reality, fraudsters are looking to find out personal details for use in credit card fraud or identity theft.
The tech support scam often starts as a phone call and ultimately ends up online, similar to the bank scam mentioned above. This time, a “technician,” claiming to represent a large firm like Microsoft, will tell you your computer is infected and you need to hand over remote support.
Once you do, the fake tech can do whatever they want with your system, including installing malware or ransomware. Typically, once they are finished “fixing the issue,” you’ll be asked to pay for the service. They then have all of your payment info and in some cases can continue to access your computer through the remote access software whenever they want.
This scam isn’t always initiated over the phone and might start via a web page popup that tells you your computer is infected and to call a support number. The popup is usually difficult to get rid of which serves as motivation to call the number provided.
If you get an official-sounding call from a law enforcement or government agency, you’d be forgiven for being scared into handing over details. Criminals prey on this fear and often pose as police or government officers to phish for personal information. Bear in mind, any such legitimate contact would be dealt with in person or at the very least by mail.
Social media scams:
With the popularity of social media continuing to boom, it’s no surprise that it’s considered a ripe environment for scammers. While many of the other scams on this list could potentially be carried out through social media, a few very specific ones have popped up on social platforms.
“See who’s viewed your profile”:
This scam takes advantage of the curiosity of Facebook users and might pop up as an ad while you’re browsing the site. You’ll be prompted to download an app with the promise of being able to see who has viewed your profile. The thing is, Facebook doesn’t actually give this information out, even to third-party applications. All you’re actually doing is handing over access to your Facebook account, including your personal details and possibly banking information.
Facebook “dislike” button:
During the last few years, the Facebook world is often abuzz with the prospect of a “dislike” button becomingavailable. Scammers capitalize by posting ads for such a feature. These lead to pages which look like they’re run by Facebook but that actually include links to phishing sites asking for personal information.
Fake celebrity news:
This scam involves a clickbait-style headline on Facebook relaying some fake celebrity news, such as the death of a well-known star or a new relationship in Hollywood.
Once you click, you’re prompted to enter your Facebook credentials to view the article, thus giving criminals full access to your account.
When you think about how easy it is to create a social media account, you realize there’s nothing stopping someone from creating an exact replica of your public profile. They can then reach out to your friends and family with friend or follow requests and once connected, pose as you. These trusted connections can then be used for a whole host of purposes such as spreading malware or requesting money for made-up scenarios.
Instagram Likes scam:
With many users across social platforms desperate for ‘likes’ and ‘follows,’ scammers have capitalized by offering just that. One app released in 2013 called InstLike asked for usernames and passwords in return for follow and likes.
n fact, they simply collected the credentials of 100,000 users and turned them into participants in a large social botnet. Basically, the app did deliver on its promise but used the accounts of those who signed up to do so. What’s more, within the app, people were encouraged to pay fees for additional follows and likes.
Job offer scam:
A job offer scam might be run through email, but is commonly conducted through professional networking site LinkedIn. Basically, you’re offered a job from a seemingly reputable company via direct message. In some cases, these can lead to scams whereby you become the middleman for transferring funds. You deposit cheques, then wire some of the money, keeping the remainder as your fee. Unfortunately, the initial cheque bounces and you are down the amount you sent in the wire transfer.
Many people purchase airline tickets, hotel rooms, and even entire vacation packages online these days. Scammers know this and there has been a rise in fraudulent travel sites selling fake tickets and non-existent vacations. Travel is usually a big-ticket item, which spells big bucks for criminals. Additionally, travel is a tricky purchase because you typically pay large amounts of money up front for something that you won’t see until the date of travel.
This type of scam can be particularly problematic because you may not find out you’ve been scammed until you arrive at your destination or the airport. There may be no record of you having a booking at all. Now you’re out the original money and also might have to come up with more to continue on your vacation, or simply pack up and go home.
Free or discounted vacation:
These scams may be initiated via phone or email, but typically the target is told that they have won a vacation. In order to claim, they either have to pay a small fee (advanced fee scam) or provide credit card details for a deposit. In the former case, the thief takes off with the money. In the latter, the credit card details can be used in credit card fraud.
Vacation ticket re-sell scam:
In this case, someone posts an ad claiming that they have purchased a ticket for a trip they can no longer go on. They then sell the (fake) tickets for a much lower price than their face value. Some victims don’t realize the scam until they show up at the airport ready for the trip. With insurance company agencies making it so difficult to get refunds on tickets, the fact that someone might be selling tickets online is made more believable, fuelling the success of the scam.
In a points scam, the target is called or emailed and informed that they have won a huge number of points, through a travel points card program or a travel credit card points scheme. All they have to do is provide some details to confirm the transaction. This may include account information, credit card details, or other personal information.
The vacation rental scam involves fraudsters posting ads for property in desirable locations for bargain prices. The victim is required to send a deposit or the full amount up front.
Once they arrive at their destination, they may realize the property doesn’t exist, it has been misrepresented, or it isn’t actually available for rent.
As if tax season isn’t already dreaded enough without scammers making life more difficult! Criminals look to exploit both taxpayers and the government using a range of tax-related scams.
In a fake audit scam, targets are contacted by someone claiming to be from the IRS or similar tax agency and told that an audit has identified a discrepancy. Immediate payment is demanded with the threat of additional costs, imprisonment, or even deportation if victims don’t comply. Whether it’s through an email or recorded voicemail, this scam is easy to execute so probably won’t go away any time soon. Oddly, in Canada, it is reported that many of these particular scams involve payment requests via iTunes gift cards. You’d think this would be a bit of a giveaway, but it’s happening.
This one targets people who are expecting a tax refund. Again, criminals pose as the IRS or similar agency and prompt targets to click a link through which they can claim their refund. However, the link leads to a phishing site where the victim is asked to provide personal information such as their social security number and banking details, which can be used in identity theft.
This scam is a bit more sophisticated as it actually uses real client details stolen from accounting firms via hacking or phishing. The information is used to file a fake tax refund request which is processed by the IRS, and the client receives the refund amount. The scammer then poses as the IRS or a collection agency, tells the client the refund was issued in error, and demands the money be returned. Of course, the payment is directed toward the fraudster, not the IRS. This case spells double trouble for the client. Not only are they short their refund, they could also be in hot water with the IRS for supposedly filing a false claim.
Tax protester scheme:
A tax protester scheme involves criminals calling or emailing consumers to tell them they don’t need to pay taxes. This is really more of a troll than an actual scam, because the person running it doesn’t benefit financially. However, the victim can be negatively impacted as failing to pay taxes can result in a conviction, including fines and imprisonment.
Bitcoin and Cryptocurrency scams:
With bitcoin and other cryptocurrencies exploding in terms of popularity and market cap over the past few years, it’s no surprise that criminals want to get in on the action. Indeed, there are so many methods for scammers to choose from, and scams and hacks involving bitcoin and altcoins seem to be constantly in the news.
Fake coin exchanges:
Since so many cryptocurrency-related businesses are relatively new, it’s difficult to know which ones are legit. Criminals have capitalized on this and simply take people’s money through fake or questionable exchanges. One example of a blatantly fake coin exchange is Internet Coin Exchange which simply lists cryptocurrency price details alongside Buy buttons.
This one still appears to be very much up and running so we won’t be posting the link here.
Other questionable operations include Igot, which later became Bitlio. This exchange appeared to be operated inefficiently as there have been times when it simply can’t pay customers. Again, it’s still in business.
Hacked coin exchanges:
Unfortunately, when exchanges are hacked by cybercriminals, both the exchange and its customers tend to lose out. Mt Gox is probably the most famous case in which people are still waiting to find out if they’ll see their money four years on. But there have been other, more recent, high-profile hacks, including that of Coincheck to the tune of $500 million.
Pump and dump scheme:
‘Pump and dump’ is a familiar term in the stock market, but it’s hitting cryptocurrencies too. This involves the organized promotion of a particular cryptocurrency, usually a relatively unknown coin. The mass investment causes the value to spike, encouraging other investors to get in on the action. The value of the coin increases even further and when the time’s right, the first round of investors cash out, leaving the second wave with a worthless coin.
Fraudulent cloud mining companies:
Mining of bitcoin and other cryptocurrencies typically involves using computational power to support the network in return for a reward. However, mining isn’t the easiest thing to get started with. Enter cloud mining companies, which enable you to invest in mining without having to actually deal with the setup yourself.
When you invest in cloud mining, you’re putting a whole lot of trust in the mining company. Of course, where there are investors, there are scammers ready and waiting. For example, Mining Max raised $250 million for its operation, all but $70 million of which was reportedly pocketed.
In another case, the CEO of GAW Miners pleaded guilty to $9 million in fraud as an outcome of some very dodgy dealings, including selling more hashing power than was available.
Mining requires a huge amount of computational power, and that doesn’t come cheap. As such, criminals have developed mining malware that can enable them to exploit users’ computational power. Known as malicious cryptomining or cryptojacking, the malware is usually spread by a trojan virus. Infected computers then form a larger botnet that mines cryptocurrencies. Examples of mining malware include “Digmine,” spread via FacebookMessenger, and WannaMine, which uses EternalBlue, the leaked NSA exploit.
ICO exit scam:
An Initial Coin Offering (ICO) is a little like an Initial Public Offering (IPO) for a company, the major difference being the coin is really worthless until investors perceive value. ICO exit scams are similar to the pump and dump scams we talked about earlier except it’s usually the coin creators doing the heavy promotion followed by a quick sell-off.
Investors are wooed with whitepapers and promises of superior security and broad application potential. They buy coins in exchange for fiat currency, hoping to get a return on their investment. Some of the biggest exit scams we’ve seen so far are Plexcoin, which gathered $15 million in investments before it was suspended, and Benebit, the team behind which ran off with between $2.7 million and $4 million early in 2018.
ICOs in general are viewed as such a problem that China has banned them and other countries are imposing heavy regulation.
Another issue among ICOs is not with the ICOs themselves, but with scammers impersonating them. For example, the legitimate Seele ICO had their Telegram channel hijacked by people posing as admins. Investors were persuaded to pay for tokens before the sale had actually started and the funds were pocketed by the criminals. Other fraudsters used a phishing scam centered around the Bee Token ICO as a means to dupe investors out of $1 million worth of ether.
Cryptocurrency investment schemes:
With the cryptocurrency market being so volatile, it’s not uncommon to hear about massive gains over a short period of time. This makes classic pyramid or Ponzi schemes an easier sell to investors as people are less likely to view them as “too good to be true.” Austrian investment scheme Optioment promised a whopping 4% weekly return to some investors and ended up reportedly stealing more than 12,000 bitcoins.
The Optioment website. (Source: Wayback Machine)
Other suspicious schemes include BitConnect, which shut down after receiving multiple cease and desist letters, and OneCoin, a reported global Ponzi scheme that is still going strong.
Wallet fork scams:
Coin wallets are used as “safe” places for people to secure their cryptocurrency, basically somewhere to safeguard the private keys that can enable access to coins. When a cryptocurrency forks and a new coin is created, it can be difficult to find a wallet that can accommodate the new coin. Enter scammers. When Bitcoin Gold was first released, the mybtgwallet.com website popped up, promoting users to hand over their private keys and subsequently lose their coins.
This one wallet scam reportedly resulted in total losses worth over $3 million.
More impersonators are taking advantage of the cryptocurrency market, this time in the form of wallet clones. Criminals make people believe they are depositing their coins into a legitimate wallet but are actually keeping them for themselves. Hacker group, Coinhoarder, used such a scheme to steal more than $50 million worth of bitcoin and other cryptocurrencies. It used domains impersonating the reputable Blockchain.info and even used paid Google ads to attract more victims.
Coin mixing service phishing scam:
Coin mixing services are used to mix coins in order to break the connection between the sender and receiver, making transactions more anonymous. While coin mixing services can aid illegal activity, they can have legitimate use cases, too. Popular sites include Bit Blender and the now-defunct Helix by Grams.
These two were involved in a phishing scam on the dark web where a coin mixing tutorial used links to fake websites for both of the services. Users following the steps and visiting the links simply handed over their coin to the thieves.
Coin mixing service Ponzi schemes:
It’s not just phishing schemes that affect users of coin mixing services. Bitpetite ran a mixing operation but also asked for investors to hand over money with the promise of 4% daily returns! This was clearly unattainable and the site disappeared in November 2017 after stealing an unknown amount from investors.
Other online scams:
Aside from all of the above, there are many more online scams to look out for. Here are some of the most popular plays making the rounds right now.
Fake antivirus software popup:
We mentioned popups in the tech support scam earlier. A common one you might have already seen is a popup prompting you to download antivirus software. However, when you follow the prompt, you could end up with malware instead.
Fake websites are usually used in phishing scams. Typically, a replica of a legitimate website is used to encourage targets to enter details such as credentials, banking information, and personal details.
For example, the above image from the Expr3ss blog shows a very convincing fake Facebook login page.
Counterfeit goods sitesThis is a more specific example of a fake website and is a big problem. Replicas of reputable websites may be used to make counterfeit goods seem legitimate. For example, brands like Ugg, Coach, and Michael Kors have had their websites copied almost exactly to make consumers believe they are purchasing genuine goods from the real brand.
Dating and romance scams:
Dating and romance scams are some of the oldest in the book, but as long as people are looking for love, they won’t be going away. In fact, in the US, romance scams account for the largest financial losses of all internet crimes. Fraudsters may contact targets through phone, email, text, social media, or dating sites.
They typically pose as a different person, including creating completely fake profiles (this is called catfishing), and often work in groups. The ultimate goal might be to get victims to pay money, hand over personal information, or even aid in illegal activities.
We mentioned travel ticket scams earlier, but would-be concert goers and sporting event attendees are also common targets of ticket scams. They purchase tickets online and show up to the event to find out they’re holding fakes.
The rental scam preys on those desperately searching for a place to call home. Rental ads are posted with below-average prices, attracting plenty of buyers. Would-be landlords explain that viewings are not available since they are overseas but they will happily issue a refund if you’re not satisfied. First and last month’s rent are typically required to secure the rental property. The fake landlord may also have renters fill out a form which includes banking information along with other personal details.
SMS (Cellphone text) scams:
SMS scams (smishing scams) are variations on phishing and vishing scams and involve the use of text messages. SMS, or text messaging, is built into just about every phone on the planet. As phones become more internet connected, many of us have transitioned to instant messaging apps like WhatsApp and Facebook Messenger. But good old SMS messaging is almost always available. Scammers know that and can use it to target you.
Smishing texts usually have much the same aims as any other kind of fraud. Scammers may want you to click a link to download malware or adware, or bring you to a convincing looking phishing page in order to trick you into providing your login credentials for a website. Others might provide a number to call as a transition to a vishing scamming method.
While these often follow similar plays to email and voice scams, there are some more specific cases, such as trying to get you to activate a new credit card or telling you an account is expiring.
Amazon phishing scam:
In this rather complex scheme, targets order products on Amazon from third-party sellers. They don’t receive the item so call the seller to inquire. The seller prompts the buyer to complete the transaction outside of Amazon, so gets paid and has access to payment information.
Amazon delivery scamThis is a slightly different angle to the one above, but is also orchestrated by third-party sellers. In this case they ship empty packages to wrong addresses where they are signed for by someone who is in on the scam. Since the package is signed for, the victim often has problems when trying to make a claim with Amazon.
Astroturfing (advertising scam):
Astroturfing has been around for a long time and its definition can be loosely defined as a company creating fake support around its product in order to attract customers. One famous example was McDonalds paying employeesto stand in line to create buzz around the release of the Quarter Pounder in Japan. With the persuasive power of online reviews, these have become a means for digital astroturfing.
Companies simply pay people to write fake glowing reviews on supposedly unbiased review sites. There are even Facebook groups dedicated to swapping online reviews for specific sites like Amazon or specific product types, for example, books.
Consumers rely heavily on these reviews when making purchases and ultimately end up with a subpar product or service or nothing at all.
There are a broad range of continuity scams out there but they typically follow similar patterns. Popups for surveys offering free gifts or amazing deals lead victims to enter credit card details to pay for minimal fees or shipping. Often hidden in the small print are exorbitant ongoing monthly fees that can be near impossible to cancel. In this case, you’ll likely have to contact your card issuer to stop future fees, but it’s unlikely you get reimbursed for those already paid. This is another reason to always check your statements as these could easily go unnoticed.
Stock market scam:
This scam is along the same lines as astroturfing and is conducted very much out in the open. It involves articles or other methods and materials which persuade potential investors to contribute funds based on exaggerated predictions. In April 2017, the SEC enforced actions against 27 individuals and entities for such fraudulent promotions of stocks.
Most of us have sold something online at some point, but it’s seller beware. Some scammers are using a tactic whereby they fake a pending payment to encourage the release of goods. This might be a bogus PayPal or email transfer message to say that payment will be released once tracking information is received. Once you do actually send the goods, no payment is ever received.
The overpayment is another one for sellers to watch out for. It usually relates to the sale of items or services, often through classified ads. The scammer sends you payment for whatever you are selling but sends too much. They ask you to refund the difference. In the meantime (hopefully for them, it’s after you send the money) their payment is canceled or retracted. So you’ve received no payment at all but have issued them a partial refund.
How to recognize scams
Since online scams are popping up so frequently, with many probably yet to be uncovered, it’s impossible to list them all here. This just makes it even more important that you watch out for tell-tale signs.
Recognizing secure sites:
Many scams require a legitimate looking website for victims to interact with and provide the information the scammer is looking for. Since virtually anyone can purchase almost any domain name and then visually re-create any site on the planet, how can anyone be sure they’re using a safe site? This is a good question which we cover in detail in a post about recognizing scam or fake websites.
Some techniques are technical, such as checking that the domain name shown in your browser’s address bar matches the site you think you’re visiting. Others are more holistic such as verifying the site has legitimate contact information on it and isn’t riddled with spelling errors.
There is no single silver bullet that can indicate the trustworthiness of a site, but there are a number of things you can check that will help you make a judgement call.
Spotting a fake or spoof phishing email:
As Mr. Miyagi said in the movie Karate Kid, “best block, no be there.” In internet scams, the best defense is to simply not get tricked in the first place. Scammers can be clever, though, and it can be hard to spot the fake phishing emails sometimes.
In a dedicated post, we cover tips to help you spot a fake, spoof, or phishing email. For example, it’s not enough to see that the email appears to come from someone you know. You’ll need to actually see the Fraud Key by Jak Rustenhovene under CC BY 2.0
Imagine the scenario: You bought Microsoft Office from a website that looked good. After all, it was plastered with trust seals. You paid with PayPal. You download and installed the software without a problem. The product key they emailed to you worked like a charm.
Eight months later the product key stops working. Not to worry. The site had a one-year warranty on product keys. You contact them and they email you another. That too works. For six months. You go back to the website. But the site no longer exists. You phone PayPal. They can't do anything to help you get your money back. So you phone Microsoft. They confirm what you suspected. The product key is illegal. You have been scammed.
With so many sites now selling fake Microsoft Office what does one do?
Well, here are 7 tips for telling the genuine from the fake, the legal from the illegal, the authentic from the counterfeit. So you don't get ripped off buying illegal Microsoft software, such as Microsoft Office or Microsoft Outlook or Microsoft Access or Microsoft Windows or... Well, you get the picture.
When you buy Microsoft software online that is delivered to you by download, you are in fact getting a package. This package should include the following:
1. A Microsoft online account.
2. A Microsoft license.
3. A product key.
4. The software.
If you don't get all four, the likelihood is that what you have bought is not a genuine Microsoft product.
1. A Microsoft online account. Your Microsoft account is the combination of an email address and password that you use to sign in to services like Hotmail, OneDrive, Windows Phone, Xbox LIVE, and Outlook.com.
When you buy genuine Microsoft software online, Microsoft will update your Microsoft online account with that software. For example, if you bought 2 copies of Microsoft Office Home and Student 2016 online, your Microsoft online account will then list 2 x Microsoft Office Home and Student 2016.
There are two points to take away from this:
(i) If it is legal Microsoft software, you will get a Microsoft online account.
(ii) If it is legal Microsoft software, you will find that your Microsoft online account has been updated with details of the software you have bought.
How you can use this
So if you don't get a Microsoft online account, or if your Microsoft online account does not include any information about the software you have purchased online, then the likelihood is that it is illegal.
What we offer
We provide you with a Microsoft online account when you buy Microsoft software from us. Microsoft will update it for you with software download links, license information, and (if they are needed for product activation) product keys.
2. License information about the software you have bought. The license is the most important part of the software package as it grants you the right to use the software. Without a Microsoft license you cannot legally use the software.
Product keys or, as they are sometimes called, license keys, do not allow you to legally use the software. Only the license has that power. By the way, calling them license keys is a ruse to make you believe that the software you are buying is legitimate and hide the fact that you are not getting a license.
How you can use this
If you don't get a license when you buy Microsoft software online, then you cannot legally use the software. This means you can tell that the software is legal or not.
What we offer
Not only do we provide you with a Microsoft license, the license we provide is created especially for you. The license will tell you:
(i) That we are the company that sold you the software;
(ii) Your name and address so there is no doubt that the license is for you;
(iii) The name of the Microsoft software that the license grants you the right to use;
(iv) The license number.
This means that license we provide you with is very useful for software audits. And as Microsoft will update your Microsoft online account with the license information, it can never get lost.
Even better, the license you get when you buy software from us is what Microsoft calls a perpetual license. This means that it does not end. Ever. In other words, it is not a subscription license. You only pay once for the license.
3. A product key. To activate a Microsoft program you have to enter a product key. A product key is an anti-piracy device.
The technology of Microsoft Product Activation has been criticised by some experts because it is not good enough to stop piracy. There are many illegal product keys out there.
How you can use this
Some product keys only work for a few months before Microsoft voids them. Those selling illegal product keys are therefore:
(i) Likely to operate as a new company, no more than 2 years old. After a year or two they will probably disappear and start a new company.
(ii) Likely to give you a year's warranty or some such warranty on the product key. For example, they will say they will replace the product key if it fails within the year. That is said to give you confidence. But only illegal product keys are likely to fail.
By the way, you won't find legitimate companies offering such warranties because legal product keys fail very, very rarely and so there is no need for it. In the many, many years that we have sold Microsoft software, we have never ever had a product key fail.
What we offer
We provide you with a product key. And you will know that it is a genuine product key. How? Because you don't get the product key from us. You get the product key from Microsoft. Microsoft will email you about the product key. It will be held for you in your Microsoft online account so that you can never lose it. Plus you can access it whenever you want.
Even better, the product key you get when you buy software from us is a special type of product key, called a Multiple Activation product key. Why is it special? Well, if your computer dies or you replace it, you can install your software on a new one and activate it again using this Multiple Activation product key
4. The software. Buying software online that you are expected to download can be risky. To quote Microsoft:
"Buying illegal software, as well as being a waste of your money, can turn out to be a nightmare:
"You could end up being watched.
"Your data could be deleted.
"Your money could be stolen.
"Your PC could be vulnerable.
"Your warranty could be voided.
"You could be spreading viruses."
How you can use this
Be careful. Make sure you get all 4 parts of the software package when you buy Microsoft software online, as covered above.
What we offer
With most Microsoft Office software you can only install the software on only one computer. No more than one. Just the one. This is also true with most Microsoft Access, Microsoft Outlook, and Microsoft Publisher software.
With the Microsoft Office software we sell, you can install the software on two computers so long as you are the main user of both computers and as long as at least one of the computers is a laptop. This also applies to the Microsoft Access, Microsoft Outlook, and Microsoft Publisher software that we sell.
Other things you should be aware of
5. OEM software
OEM stands for original equipment manufacturer. OEM software is meant for computer builders. They install OEM software on computers they build.
A Microsoft OEM license is the most restrictive type of license. For example, OEM software cannot be sold without the hardware (the computer). When the hardware dies, the OEM software dies with it. In other words, OEM software cannot legally be transferred to another computer.
How you can use this
If you are not a computer builder and someone sells you Microsoft OEM software without the hardware, you will be using the software illegally.
What we offer
As a rule, we don't sell OEM software. You won't find it on our website. We have to verify you as a computer builder before we will sell it to you
6. Trust seals
Trust seals are images on a website that are designed to build trust in the customer so that the customer is more likely to buy. For example: "100% Warranty", "Lowest Price Guarantee", "Shop with Confidence". They sometimes use brand names such as Norton and Microsoft.
How you can use this
There is no relationship between the trust seals on a website and the Microsoft software it happens to be selling. No relationship whatsoever.
So don't think that because a site has some trust seals on it that any Microsoft software it happens to be selling must be legitimate. Because that would be an incorrect assumption. The software may be legal. It may be illegal. Either way, the trust seals won't tell you.
So, as far as the legitimacy of the software goes, ignore trust seals.
7. The line "We are cheap because we sell large volumes"
This is untrue. As a general rule Microsoft only offers very small discounts. For example, if you buy in volume, you are looking at a discount of a pound on a product like Microsoft Outlook, a couple of pounds on something like Microsoft Office.
You see, Microsoft has no need to offer large discounts. Besides, Microsoft did not become the rich company it is today by offering large discounts.
There may be some exceptions to this rule. Companies like Dell and HP may get better discounts than everybody else. But they are in a different league. Dell's turnover in 2016, for example, was $54 billion. But for the smaller fish, no chance.
How you can use this
Compare the price you are being offered with what PC World is offering. If it is a lot cheaper, it is likely to be illegal.
What we offer
On some software we are permitted by Microsoft to offer an academic rate to schools, charities and churches which is attractively priced.
This means we can offer attractive prices on software like Microsoft Publisher, Microsoft Outlook, Microsoft Access, Microsoft Office as well as more esoteric software like Microsoft Exchange, Microsoft SQL Server and Microsoft Windows.
However, you have to meet the Microsoft criteria on academic rate to get these attractive prices. If you are interested, you can either search our website for the software you want or contact us about it.
8. One other point. Be careful when buying Microsoft Office Home and Student. Not because it may be illegal. But because it has a very restrictive license that makes Office Home and Student unsuitable for any work activities.
If you read the license that comes with Office Home and Student, it says that it cannot be used for commercial, non-profit, or revenue-generating activities.
How you can use this
If you need to use Microsoft Office for charity work, church work (or similar non-profit activities), or you need to use Microsoft Office for commercial work, avoid buying Microsoft Office Home and Student.
What we offer
Because Microsoft Office Home and Student is limited to home and student activities, we don't offer Microsoft Office Home and Student. You won't find it on our website. Instead we offer, and recommend, Microsoft Office Standard and Microsoft Office Professional Plus.
By the way, the last one, Office Professional Plus, is the most powerful suite in Microsoft's Office range and is the most popular version of Office we sell. It is rich in programs, including Microsoft Outlook, Microsoft Publisher and Microsoft Access.
Credit and rights: Tekgia
Most people don’t replace their routers that often, and there are so many important settings, it’s easy to overlook a few and forget how your old one was set up. Here are the first five things you need to do right after powering up your new router.
A few minutes of tweaking and configuration right after unboxing your new router can save you headaches down the road. A Wi-Fi router, left improperly configured and with poor security, can leave your network unstable and vulnerable to malicious users. This guide should help you establish a solid baseline level of security.
Update the Firmware
Your router’s firmware is a set of operating instructions and tools stored on its memory chip that controls everything from the Wi-Fi radios to the firewall.
Although firmware updates are generally infrequent, and router firmware is designed to be stable, there are two reasons to check for updates immediately after getting a new router. First, you don’t know how long your router was sitting on the shelf, and a new update may have been (and most likely was) released.
Second, although not as common as problems on consumer operating systems like Windows, there are exploits and vulnerabilities that crop up in router firmware, so it’s always good to have the latest (and most secure) firmware available. It also means you have access to the most up-to-date features of the router.
Change the Default Login Password
Just about every router ships with a default username and password you use to manage the router. These defaults aren’t even well kept secrets—a simple Google search will tell you the username and password for just about any router out there. You can download entire lists of known pairs, and there’s even the appropriately named web site RouterPasswords where you can look up just about any make, model, and default login. Usually they’re something ridiculously simple, like “admin/admin”.
Change the Wi-Fi Network Name (SSID)
Your Wi-Fi’s network name, or SSID, can reveal a lot about the router. For example, it might be called “Linksys”, which lets outsiders know the manufacturer of your router—making it easier for them to fetch the default login, or check for vulnerabilities on that model.
Change the SSID to something different from the default, but without any identifying information in it. This means no SSIDs like “Apartment5a” or “321LincolnSt”. Something easy to remember but unspecific to you is ideal—like “Cookie Monster” or “Spaceman”. Any combination of words will do,. really.
Set a Secure Wi-Fi Password with Quality Encryption
For years, router manufacturers shipped routers with poorly configured Wi-Fi and/or default passwords enabled. Now, they’re finally starting to ship routers with the highest level of Wi-Fi encryption enabled and a randomized password set (so even if new users don’t know what they’re doing or fail to look up a list like this one, they’re still protected).
When you go to change your Wi-Fi network’s password, you’ll typically have options available like WEP, WPA, and WPA2. Select WPA2 (or, to future proof this advice, whatever better encryption comes along). We recommend using WPA2, but the short of it is that anything below WPA2 is easier to crack. WEP is so trivial to crack a child with the right (and widely available) tool could do it.
As far as passwords are concerned, when you’re using strong encryption like WPA2 that supports up to 63 characters, it’s far better to use a passphrase than a password. Forget simple passwords like thedog20, blackcat, or any of the trivial passwords that Wi-Fi standards used to restrict us to. Passphrases are easier to remember and are harder to crack. Instead of “thedog20”, use “My Dog Is Twenty Years Old”.
While we’re on the topic of securing your Wi-Fi: if you have a newer router, chances are you have a guest network. If you choose to enable it, the same rules apply for selecting good encryption and a strong password.
Disable Remote Access
If you need remote access for some reason, it’s a pretty handy feature. For 99.9% of home users, however, there’s very little reason they would need to remotely administer their router from afar, and leaving remote access on simply opens up a point of vulnerability that hackers can take advantage of. Since the router not only functions as the network management brain of your home network but also the firewall, once a malicious user has gained remote control, they can open the firewall and gain complete access to your home network.
Again, like better Wi-Fi security, manufacturers are finally taking default security seriously, so you might be pleasantly surprised to find that the remote access/management features are disabled. Still, trust but verify. Look in the advanced settings of your router and confirm that any remote access tools are turned off.
Disable WPS and UPnP
Finally—compared to the previous examples of security measures you should take—we have a more arcane one: disabling Wi-Fi Protected Setup (WPS) and (Universal Plug and Play) UPnP. While both services are intended to make our lives easier, they both have various security flaws and exploits. WPS allows you to press a button on your router or use a PIN to pair your new devices to your router (instead of manually searching for the Wi-Fi network name and entering the password) but there are flaws in WPS that aren’t worth the convenience. If your router supports disabling WPS, it should be easily found in your router’s menus.
In addition to disabling WPS, you should also disable UPnP. The UPnP system is, in fairness, way more useful than the WPS system—it automates the process of opening ports in your firewall for applications like Skype and Plex media server—but like WPS it has security flaws that can allow malicious parties access to your router. You should check through settings on your router to disable it and then brush up on how to manually forward ports on your router so, should you run into any issues like your Plex server’s remote access isn’t working right with UPnP turned off, you can fix it right away.
By simply updating your firmware, changing default logins for the router and Wi-Fi access, and locking down remote access, your 10 minutes of effort ensure that your router is now radically more secure than when it came out of the box.