February 10, 2022–After being on the backburner for years, home computer virus threats are on the upswing again warns a Westchester community computer non-profit organization, which suggests protective measures. The Westchester PC Users Group (WPCUG) alerts that scammers, hackers and other bad actors increasingly employ fake emails, fake alerts that pop up when viewing legitimate websites, telephone scams and anti-virus marketers peppering cyberspace with hard-sell sales messages.

All these literally touch all the homes in the region—and particularly try to trick untrained senior citizens into downloading malicious software.

WPCUG president Pierre Darmon, who is a computer consultant based in White Plains NY and a former career IBMer, senses a false sense of security by home users who think that computer viruses are aimed only at big companies and big industry. Not so, says Darmon. For example, he says that home users on websites can encounter a takeover of their web browser software by scammers with large-size messages such as “your computer may be infected” and other chilling warnings.

“This is scary because it makes you think that you’ve lost control of your computer since it is a full-screen message,” says Darmon. “And there’s a worry that the scammers may have done some more serious damage in the background.”

In reality, the scammers have only put the user’s browser in full screen mode that makes it difficult to close the page. WPCUG advises that users can make a safe exit most of the time by pressing simultaneously on their keyboards the keys Alt-F4 (on Windows) and Cmd-Q (on macOS). That closes the browser altogether and lets users regain control of their computer; after such force-closing, the browser can then be reopened.

Browsers are software to surf the internet such as Google Chrome, Mozilla Firefox and Microsoft Edge for Windows, and Apple Safari for macOS. Malware (a contraction of the phrase “malicious software”) is software that is harmful. One type of malware is a virus, self-replicating software designed to spread from computer to computer. Viruses typically infect computers through “phishing” (think of “fishing”) whereby users accept a computer prompt ostensibly from reputable sources that really is from scammers; scammers seek unauthorized access to digital devices such as a home computer, often with the aim of hijacking online banking or credit information to make purchases.

“Once you let someone with bad intentions into your machine, it’s usually downhill from there,” says Jonathan Hauff, a computer consultant based in Larchmont NY who is a former WPCUG president and current WPCUG workshop moderator. Regarding telephone calls from scammers, “these are not nice people, though they try to sound nice on the phone. It’s a con game to them. They really are heartless criminals out to take advantage of people, especially older people” who are often too trusting.

Mainstream media confirms the growing threat including news stories about FBI tips on online scams, CBS News’ “60 Minutes Overtime” devoted a segment in June 2021 explaining how to avoid ransomware and a “Forbes” magazine article on cybersecurity. On Jan. 27, the Federal Trade Commission (FTC) issued an alert that scams involving online social media climbed a staggering 18-fold from 2017 to 2021.

Here are the growing malware issues impacting home computer and personal devices:

• When in doubt about a phone or computer message for a bank transaction or online purchase such as with Amazon, don’t use links or phone numbers provided. If from scammers, those connections are not legitimate. Instead, independently dial or connect to a bank/retailer website to check the real status of an account.
• Beware of popups messages when browsing websites urging software updates, which are sometimes legitimate but also can be phishing disguised to download malware.
• Some computer security firms say that they can remove ransomware, which may be true; but once a ransomware executes a computer takeover, just removing some of the core malware software may not unlock computers and data.
• Sometimes legitimate antivirus companies blast hard-sell messages online to push consumers into buying high-price protection. WPCUG recommends simple anti-virus software from reputable companies that typically is offered in a free version to home users or upgraded “premium” version at modest cost.
• In what is a rare scam from the most sophisticated hackers, computers infected by malware can be used as listening devices to literally picking up sounds keystrokes from other devices within audio range. These aim to capture passwords being typed and are referred to as an “air gap,” a reference to two computers that are not directly connected.
• It’s advised to check with professionals if encountering persistent malware on personal devices, because simply making malware disappear from screens doesn’t necessary mean it’s really gone.

The bad actors are active in several areas, says George Hauss, a Yonkers resident who teaches computer classes at Westchester Community College. They “are basically trying to get information from you such as banking and other financial passwords so they can transfer money out of your accounts.  Some are trying to get your personal information for marketing purposes and are more benign so you’ll just get more targeted emails, although those can drive you crazy. Others are hackers who are trying to get into your computer without your consent to extract information or install encryption programs to make the computer inaccessible, and then hold the access for ransom.”

A WPCUG member, Hauss is semi-retired product development chemist with a career in chemistry and computer programs.

Safety measures include:

• Stay up-to-date on software updates, which will include patches to block the latest viruses.
• Realize that ALL software on a home computer needs to be updated, not just the core Microsoft or Apple operating systems. For example, hackers are known to target browsers and their extensions, and specialized home management software (controlling household lights, door cameras, etc.) on smartphones.
• Make backups of personal data as insurance in the event of data loss; this creates a copy of data as of that moment.
• Full backups, when installing software and external hardware storage devices, can be complicated. But just duplicating personal data is a simple with online subscription backup services and free cloud storage offered by software companies. Having a duplicate of personal photos, Word files and an address book is a blessing in the event of a data loss.
• If one does get on a phone call or computer connection that raises suspicion, immediately terminate the phone call or the online connection, which means hanging up or shutting down the computer. If challenged by a victim becoming suspicious in a phone conversation, the scammer will simply accelerate installation of malware.
• It’s usually better not to respond to suspicious emails and calls (“This is Amazon notifying you that a $990 purchase billed to your account will be shipped momentarily…”) because doing so confirms to the scammer that contact information is valid. Simply disconnect. Contact Amazon to check without using links or phone numbers provided in the alarming messages.
• Don’t use short, easy-to-guess passwords for online accounts, and especially don’t employ identical passwords across multiple accounts, because these are easy to hack. Multi-word phrases that are easy-to-remember (peppered with a few obscure characters) are one way can help keep track of different passwords.
• Take the time to set up two-factor authentication (2FA)—security questions—on any account that offers, because that can defeat hackers.

Hauff, when speaking to consumer groups about tech, frequently asks the audience by show of hands to see who is doing full backups frequently and also who has ever suffered important data loss. He finds the same hands go up for both questions. “Unfortunately, few people do proper backups on a regular basis unless they have experienced a major data loss themselves,” Hauff observes.

ABOUT US: Westchester PC Users Group (www.wpcug.org) was established in 1981 as a non-profit that conducts workshops and serves as a sounding board for practical knowledge regarding computers, and mobile devices. The focus is on technology that increasingly surrounds us such as hardware and software from Android, Google, macOS, and Windows among others; PCs, Macs, tablets, mobile phones; smart home tech; internet security; photo editing; digital cameras; and equipment upgrade/repair. Members can get answers to basic questions from resident experts, attend drop-in workshops, and tap crowd wisdom to solve their tech problems. Its 150 members are adults from Westchester, the Bronx, Fairfield and Putnam counties.  WPCUG also does charity work rebuilding donated computers that are then presented to educational, veterans, and non-profit groups. (more)