Gmail includes a handy feature that helps protect sensitive information. Jack Wallen shows you how easy it is to use Confidential Mode. A few years back Google did add a nice feature to Gmail called Confidential Mode that helps protect sensitive information from authorized access. With Confidential Mode, you can set an expiration date and a password for messages and even revoke access any time you choose. And when a recipient receives a confidential message, they cannot forward, copy, print, or download the message. Requirements The only thing you'll need to use Confidential Mode is a Gmail account on either the web-based Gmail client or the mobile app (it works on Android and iOS). I'm going to demonstrate using the web-based client, which works on almost any web browser, but the email client works similarly. How to send an email in Confidential Mode 1. Open Gmail Open your web browser, head to Gmail, and log in. 2. Compose an email Click Compose to open the Gmail compose window. At the bottom of that window, click the padlock-and-clock icon 3. Configure the Confidential Mode settings In the resulting pop-up, click the Expiration drop-down and select one day, one week, one month, three months, or five years. If you want to add a passcode, click SMS passcode and click Save, which will return you to the Compose window. 4. Compose and send your email Compose the email as you would normally and then click Send. This will bring up another pop-up, where you'll be asked to type a phone number for the recipient. Click Send and your recipient will receive an email with a link to view its contents. When they click the link, a new web browser page will open where they'll need to click a link to be sent the passcode. Once they have the passcode, they enter it in the browser pop-up and click SUBMIT, and they can then view the message. No matter what type of email account you send the Confidential Mode message to, the recipient will have to open it in a web browser and the content is displayed in such a way that they cannot do anything with it other than read it. And that's all there is to using Gmail's Confidential Mode. Consider employing this feature for those missives that include sensitive information, so it doesn't wind up in the wrong hands.
0 Comments
In brief: Readers of this site will know that one of the golden rules in life is never to use an unsolicited USB stick that arrives in the mail, even when it's inside convincing Microsoft Office packaging and engraved with the Office logo. Criminals have been using the trick to scam unsuspecting victims in the UK who believed they were sent the expensive piece of software by mistake. The baiting attack is a more elaborate version of the traditional email phishing version in which millions of people receive messages with links to supposedly free software, often one of Microsoft's suite of programs, but they are actually downloading malware onto their device. While mailing an engraved USB stick inside fake Office Professional Plus packaging to random people might cost a lot more than email phishing, recipients are more likely to be fooled into thinking it's the real deal, convinced they were sent the $439 item by mistake. Sky News reports that the storage device does not contain Microsoft Office, of course. Victims who plug the drive into their machines are met with a warning informing them that their system is infected with a virus, and the only way of removing it is to call the included toll-free number. Martin Pitman, a cybersecurity consultant for Atheniem, explains that this is the point where the scam moves into more traditional territory. After making the call, the person on the other end of the line explains to the victim that they need to install a program to rid themselves of the virus. This is a type of remote access program (RAT) that grants the scammer complete control of the computer. "Here the hackers 'sorted' the problem and then passed the victim over to the Office 365 subscription team to help complete the action," Pitman explained. Microsoft confirmed it is aware of the scam taking place but insisted such instances are rare. The company said it makes every effort to remove any suspected unlicensed or counterfeit products from the market. Microsoft reaffirmed that it never sends out unsolicited packages, and it does not contact people out of the blue for no reason. Thanks Rob Thubron from Techspot
Did you find a random USB stick, perhaps at your school or in a parking lot? You may be tempted to plug it into your PC, but you could leave yourself open to attack or, worse still, permanently damage your machine. Here’s why. USB Sticks Can Spread Malware Probably the most common threat posed by a USB drive is malware. Infection via this method can be intentional and unintentional, depending on the malware in question. USB drives can also disseminate other security threats like remote access trojans (RATs), which give a potential attacker direct control of the target, keyloggers that monitor keystrokes to steal credentials, and ransomware that demands money in exchange for access to your operating system or data. Ransomware is an increasing problem, and USB-based attacks aren’t uncommon. In early 2022 the FBI released details about a group called FIN7 who were mailing USB drives to US companies. The group attempted to impersonate the US Department of Health and Human Services by including the USB devices with letters referencing COVID-19 guidelines and sent some infected drives out in Amazon-branded gift boxes with thank you notes and counterfeit gift cards. In this attack, the USB drives presented themselves to the target computer like keyboards, sending keystrokes that executed PowerShell commands. In addition to installing ransomware like BlackMatter and Ravil, the FBI reported that the group could obtain administrative access to target machines. In addition to USB drives being used to deliver a payload, dreams can just as quickly become infected by being placed into compromised computers. These newly infected USB devices are then used as vectors to infect more machines, like your own. This is how it’s possible to pick up malware from public machines, like those you might find in a public library. “USB Killers” Can Fry Your Computer While malicious software delivered by USB poses a real threat to your computer and data, there is a potentially even greater significant out there in the form of “USB killers” that can physically damage your computer. These devices created quite the splash in the mid-2010s, with the most famous being the USBKill which is (at the time of writing) on its fourth iteration. This device (and others like it) discharges power into whatever it is plugged into, causing permanent damage. Unlike a software attack, a “USB killer” is designed to damage the target device at a hardware level. Data recovery from drives may be possible, but components like the USB controller and motherboard will probably not survive the attack. USBKill claims that 95% of devices are vulnerable to such an attack. These devices don’t only affect your computer via USB drives. Still, they can also deliver a powerful shock to other ports, including smartphones that use proprietary ports (like Apple’s Lightning connector), smart TVs and monitors (even over DisplayPort), and network devices. While early versions of the USBKill “pentesting device” repurposed the power supplied by the target computer, newer versions contain internal batteries that can be used even against devices that aren’t powered on. The USBKill V4 is a branded security tool used by private companies, defense firms, and law enforcement worldwide. We found similar unbranded devices for less than $9 on AliExpress, which look like standard flash drives. These are the thumb drives you are far more likely to encounter in the wild, with no real tell-tale signs of the damage they can cause. How to Deal With Potentially Dangerous USB Devices The simplest way of keeping your devices safe from harm is to scrutinize every device you connect. If you don’t know where a drive came from, don’t touch it. Stick to brand-new drives that you own and purchased yourself, and keep them exclusive to devices that you trust. This means not using them with public computers that could be compromised While USB killers could cost you hundreds or thousands of dollars in hardware damage, you’re probably not likely to encounter one unless someone targets explicitly you. Malware can ruin your whole day or week, and some ransomware will take your money and then destroy your data and operating system anyway. Some malware is designed to encrypt your data to make it unrecoverable, and the best defense against any type of data loss is to always have a solid backup solution. Ideally, you should have at least one local and one remote backup. If sharing drives are unavoidable, make sure other parties are aware of the dangers and take steps to protect themselves (and you, by extension). Running anti-malware software is a good start, mainly if you’re using Windows. Take Care For most people, malware delivered by USB poses little threat because cloud storage has replaced physical devices. “USB killers” are scary-sounding devices, but you probably won’t encounter one. However, by taking simple precautions like not putting random USB drives into your computer, you can eliminate almost all risks. However, it would be naive to assume that attacks of this nature do occur. Sometimes they target individuals by name, delivered in the post. Other times they’re state-sanctioned cyberattacks that damage infrastructure on a massive scale. Stick to a few general security rules and be safe online and offline. On a personal note
"Your problem is our problem." don't be the weakest link; think before clicking, opening, inserting, and executing. Once you introduce any type of risk into a network, it will become a greater risk to us all. We all want our computers to last forever, but if yours seem to die before its time, your habits could be to blame. Here's some behavior that you should avoid. Nothing lasts forever—especially tech—but your computer can last you quite a few years if you treat it well. If your laptop tends to break down earlier than you feel it should, there's a chance you're helping it along to an early demise with some especially bad habits. Here are some of the worst things you can do to a PC without even realizing you're doing anything wrong. Disregarding Overheating Problems Heat is your computer's mortal enemy. If your computer gets too hot, the processor may slow down, throttling itself to keep temperatures reasonable, or even shutting down completely. Running at high temperatures for extended periods can also reduce the lifespan of your processor, fans, and battery—not to mention make your computer loud and sizzling to touch. For desktop computers, the solution is pretty simple: make sure your case has adequate airflow, with enough vents and fans to keep cool air moving through the components. Keep it out of tight cabinets and other spaces that trap heat. You probably want to clean out the dust once in a while with an electric duster (more on that below). Laptops, on the other hand, require a bit more care. Their portability leads to a lot of bad habits, like putting it on a blanket or other plush surface. This blocks airflow under the laptop, and potentially through the laptop (if the blanket covers the fan vents). When possible, use your laptop on a flat surface (where the rubber feet usually raise it up off a desk), or at least make sure your lap is free of blankets and other things that can block airflow. Lap desks are a good way to ensure things stay cool. Other than that, the same rules apply to laptops as desktops: Don't leave it in hot places (like a car on a sunny day) and blow out the dust once in a while. If you’re overclocking, take extra care to watch those voltages and temps. It's also always a good idea to monitor CPU temperature just in case. Letting Dirt, Dust, and Liquids Run Wild All computers accumulate some dust over time, heating up the components and making those fans work harder. While cleaning it regularly can help, you also want to prevent stuff from getting into your computer in the first place. For example, cigarette smoke and pet fur will exacerbate those problems, and putting your desktop PC on the floor will ensure more of that dust, hair, and debris will get sucked into the intake. And if you have carpet on your floor, you’re probably blocking the power supply’s intake fan. Keep your computer on a desk or other riser, if at all possible, and make sure there are filters on your intake fans. Secondly, don’t eat or drink near your PC, or at least take some care when you do. Getting crumbs in your keyboard is not only disgusting, but it can damage the switches or make certain keys harder to press. And I’m sure you’ve heard enough horror stories about people spilling coffee on their laptops, which can straight up destroy it. Even well-intentioned moves, like cleaning your screen with Windex, can introduce liquid where it shouldn’t be (also, Windex is too harsh for your monitor). Spray your gentle screen cleaner on a microfiber cloth, not on the screen, and don’t go crazy—a little goes a long way. Handling Your Laptop Carelessly While desktops have the luxury of sitting comfortably in your office, laptops are subject to all sorts of abuse. And the more you abuse it, the more likely you are to damage something. I've seen people pick up laptops by its display, open the hinge from one side with way too much force, and toss their PC onto the couch from the other side of the room. (Sure, a couch is rather soft, but one day, you're going to miss, and you'll be sorry.) I've even seen people use closed laptops as a coaster for their drink! This kind of treatment could leave you with a worn-out laptop hinge or a crack in the casing. But if your laptop has a traditional spinning hard drive instead of an SSD, tossing or shaking the computer—especially if the drive is active at the time—can cause its head to dislocate or touch the surface of the disk. It isn't common, but if that happens, you're going to have a bad day, especially if you haven't backed up your data. Your laptop is an expensive piece of property, so it's important that you treat it as such. Mismanaging Your Old Battery ust because your laptop's battery starts with "eight hours of battery life" doesn't mean it'll stay that way forever. Batteries degrade over time—you may get eight hours on a full charge when you first buy it, but after a few years, that may degrade to six or seven hours. There's no escaping this decline, but you may be degrading it faster than necessary if you always run your laptop down to 0%. Follow our tips for better battery management, and check out the battery health report in Windows to keep track of your battery's charge history. To prolong your battery's long-term health, it's best to perform shallow discharges, and recharge it frequently. Don't over-stress about this—if you're on a plane and need to work, an occasional discharge won't kill your battery—but over time, it's best to err on the side of charging regularly than running it down to empty. You should, however, stress out if your battery is swollen. If your battery is bulging so much that it’s pushing against the case of your laptop, creating a gap between the panels, you need to stop using your computer now and (safely) replace the battery, lest you encounter an explosive failure. (Here's more on that.) When you replace the battery, don’t buy a cheap knockoff from eBay; buy it from the manufacturer or a respected third-party store. Low-quality batteries will, at best, not hold a charge very well, and at worst, can be dangerous. The same goes for third-party chargers—just stick to the manufacturer’s official offering or, in the case of laptops that charge over USB-C, a certified USB-PD charger. Disregarding Electrical Safety Your PC draws a sizable amount of power, and it's susceptible to damage from power surges—small, temporary increases in voltage coming through the power line. These can happen after power outages, from turning on another high-power device in your home, or because of an unreliable power grid in your city. The power supply inside your PC includes some basic surge protection, but you'll get longer-lasting protection from a dedicated surge protector. Note that this is different from a power strip, which provides multiple outlets without the protection from surges. Be sure to replace it every three to five years, since that protection wears out over time—if yours is old, there's a good chance it's offering zero protection. Keep in mind that surge protectors won't protect against high-voltage spikes (like lightning), but it can protect you from smaller surges and extend the life of your PC. If you have a few more dollars to spend, you might even want to get an uninterruptible power supply (UPS). This device contains a battery backup that prevents your PC from losing data during a sudden power outage. Laptops require a bit more care due to their portability. While a desktop's power cable sits stationary for years at a time, your laptop cable goes with you everywhere, subject to kinking, hard yanks out of the wall, and other mishandling. This can not only make the cable unreliable, it can pose a fire hazard, so always pull the charger out of the wall from the plug, not the cable. Stressing the Cables and Ports While damaging a USB port or cable isn’t as dangerous as mishandling the power adapter, it can still cause avoidable damage to your computer. This may seem obvious, but don’t force cables into ports if they aren’t sliding in properly (I once knew someone who forced a USB cable into a FireWire port and broke both). Similarly, if you leave something plugged in, take care not to bend it. If you have a flash drive in your laptop’s USB port, using your laptop cross-legged may bend the flash drive, damaging either the drive, the port, or both. And with USB ports at such a premium on today’s laptops, you definitely don’t want to ruin one of them. The same goes for your cables. If you constantly make sharp bends back and forth, you’re more likely to break the connection inside, which can render the cable finicky or useless. Keep them away from hungry children and pets who might chew through the plastic, and when you coil them up, avoid wrapping them too tightly. Thankfully, a damaged cable is cheap to replace compared to your PC, but why waste money when you don’t have to? Wasting Time on Unnecessary Maintenance Back in the days of Windows XP, when hardware was limited and computers were slow, PC maintenance may have made a difference. But these days, deleting unused and temporary files is unlikely to give you a noticeable speed boost. Many "PC Cleaning" utilities are scams meant to scare you into buying their product—and the free, less scammy ones are still unnecessary most of the time. Furthermore, certain types of "maintenance" may actually be harmful. Registry cleaners provide almost no benefit, but if they delete a registry entry you need, they can actually cause problems. Similarly, these new "privacy" apps that claim to stop Windows 10 from "spying" on you can break certain features without you knowing why. The internet is full of people confused about why something stopped working, only to find that it's the fault of one of these tools. You're better off going to Windows 10's settings, learning what they do, and tweaking them yourself. If you want to clean up your hard drive, use Windows' built-in Disk Cleanup utility and delete any movies, music, and other files you aren't using. And if your computer is running unbearably slow, try removing startup programs or refreshing your PC—if that doesn't work, it's probably time to upgrade your hardware. Browsing the Web Unprotected Contrary to popular belief, "common sense," while very valuable, should not be your only malware protection. Even legitimate sites can become infected with malware, passing those problems on to you, so browsing carefully won't always save you. Instead, you need to use antivirus on your computer. Thankfully, Microsoft's built-in Windows Defender feature has gotten quite good, after a few years of sub-par ratings. Just leave it on and let it do its job. If you want extra protection, a managed Antivirus/Malware like Emsisoft, Bitdefender, and Webroot will do the work The free version is good if you just want to run an occasional scan, but the paid version includes always-running anti-exploit features that block potentially harmful sites before they make it to your screen. When used in conjunction with a traditional antivirus like Windows Defender, you'll be pretty well set on protection. On top of that, other basic security practices still apply: keep your software up to date (both Windows and the programs you use), use a good password manager (instead of using the same password on every site), and learn how to spot phishing scams. Don’t pirate software (which often contains malware) and keep your home Wi-Fi secure with a WPA2 password. It may seem trivial, but a bad piece of malware or ransomware can cause you a world of hurt. Thanks: Zoran Milic, PCMAG.
|
Archives
November 2023
|