Tech Solutions NC

Your one stop for home and small business computer and network support

Advanced Encryption Standard

Why having a home firewall isn’t enough security

by Leave a Comment

home firewall

Why having a home firewall isn’t enough security.

By Mike Ellis.

Having a firewall for your computer, as discussed in my post on the security settings you need enabled on your computer, is a must for any computer system. However, while having a home firewall is good, it’s not enough security. Today, I’m going to explain in greater detail why this is the case.

In normal firewall operations, if someone outside of your network attempts to make a connection to you, that traffic is blocked by the firewall.  That is one of the main purposes of the firewall, to prevent unauthorized access to your computers. I can go into great detail other aspects of the firewall, and talk about the DMZ and what that means, but in this case, I’m going to just leave it at this. So, unauthorized user outside of our network attempts to connect to your computer, and the firewall blocks it.  So far, so good.

However, what happens when you want to make a connection to something outside of your network? What, you say, you don’t make connections to other computers? Well, here are some that you may make many times a day without even thinking about it:

The key to this list is that each of those services that you and your computer makes each day is to a server, or, in all actuality, a series of servers, all located all over the web. So yes, you make connections to other computers all day long, perhaps without even realizing it.

There is actually nothing wrong with that at all, the point is to gather data, whether it be in the form of that email you are waiting on, or to see what status update your significant other left, or to see what the price is for that new game is.  The difficulty, though, lies in this one little fact:

When you connect to a website, you actually download content from the website into your computer.

I hope I’m not making you feel foolish for writing it this way.  If I am, please accept my apologies, for that is not my intention. In my experience, though, there are a lot of people who just don’t realize what actually happens when they go to a website. So, when you do access a website, your firewall isn’t going to stop you because it’s default behavior is to allow that traffic, so when you connect, you download content into your computer for viewing.  If that content, i.e., that website, is compromised, then you could be bringing into your computer a virus, spyware, trojan horse, keystroke logger, etc., without you even realizing it. Just like that, your computer, your network, even, is compromised — unless you have good, reliable anti-virus software that can detect the malware.

So, if that’s the case, how do I prevent my computer from being compromised? Well, first of all, you need to have a defense-in-depth strategy in place concerning your computer.  You need to have your firewall, you need to have current and reliable anti-virus software, you need to keep your computer updated, and you need to keep your User Account Control settings enabled. The key here is that one of these things may not stop the compromise, but combined together, they might just do the trick.

Another thing you need to have is someone who’s got your back, someone who will take time to explain what is happening, why it is happening, how they are going to clean it up, and how they are going to prevent it from happening in the future.  My company, Tech Solutions NC, is able to be that resource. Do you need support? Reach out to me by phone at 919-606-6725, email at mike@techsolutionsnc.com, or by leaving a comment on this post.

The internet is a useful tool, and there are a lot of good things about the internet. The key to using it, though, is to safeguard your computer and yourself from the things that lurk in the shadows.  That’s my goal — to help you safely navigate the waters of the internet without harm.

Phishing Attacks — how do I detect them?

by 1 Comment

Phishing Attacks - how do you detect them

{Editor’s Note: We continue our look at Phishing Attacks.  Yesterday, we talked about what a phishing attack is. Click here to read part one.}

Phishing Attacks — how do I detect them?

While phishing attacks are extremely common in today’s internet environment, the fortunate reality is that the vast majority of phishing attack emails that are received are very poorly written and have little chance at success.  When you receive an email from an unknown person, there are several things you should look at in consideration of whether or not the email is a legitimate one:

  • How is the grammar? Does it read like an email should? Or are there obvious grammar and spelling issues that indicate it may be bogus?
  • Are there any links in the email, and do those links give any clues about the legitimacy of the website?
  • Does the email seem just to good to be true? Are you getting something for nothing? Chances are that if it seems like that, then the email isn’t legitimate.
  • Look at the sender — does the name that it is coming from and the email address that is used match, seem legitimate? Or, as in the case of an email I received today, are they so different that it is obvious?
  • Lastly, is the email from a company that you deal with on a regular basis, or is it from someone that you never use?

In the image below, I’ve taken an email I received and marked it up with some details that you should look for in emails you receive.  As you can see from the image, it was flagged as SPAM, so they obviously think that it isn’t legitimate.

Phishing Attempt email2

From the top, these are the things that stand out to me:

  1. Notice the grammar.  The subject at the top just doesn’t read cleanly.  No comma is needed, and no hyphens are needed in the “for-your-order” section.  Also, I didn’t place an order.
  2. Look at who the email is from.  The “name” is Walmart-Reward Points, but the email address is listed as Dolores@wmoneyj.racing.  Definitely not an email from a Walmart email account.
  3. I don’t shop at Walmart very often, so I wouldn’t expect an email from them.
  4. In the link, you need to be careful because it is a shortened link.  In this case the link references a “t<dot>co” link, which is a shortened Twitter link.  The reason you need to be careful, though, is that it isn’t obvious what the shortened link will translate into.  Fortunately, others have worked on translation websites that will help you out.  In the example above, the link in that email translates to Retail Promo USA.

In our example above, the real question is whether this is a phishing attempt or not.  The short answer is maybe it is, maybe it isn’t.  It could be that the website the link redirects to will prompt us for some PII (Personally Identifiable Information) that could be used to steal our identity.  Or, it could be that the link will attempt to install some malware of some sort — perhaps spyware or adware that will turn our system into a pop-up nightmare.  In any event, in my eyes, it isn’t legitimate.

In conclusion, the biggest factor in determining the legitimacy of an email is to rely on good old common sense.  Remember the adage, people — it it sounds too good to be true, it probably is.  Remember, phishing attacks are a common way that someone attempts to steal your identity.  Be smart, don’t fall prey to a phishing attack.

Do you have any questions? Please feel free to leave them in the comments, or reach out to me.  My phone number is 919-606-6725, my email is mike@techsolutionsnc.com, and you know the website already.  Thanks, and have a great day!