Keep Alexa out of the Bedroom

By -- 2023-01-12 in Blog

Many of us have wound up with Amazon Echo devices in our homes over the last few years, and even more likely received them over the holiday season. While these devices (commonly referred to as Alexa) can go anywhere and offer some great functionality, you may wish to avoid keeping them in your bedroom.

Alexa is hands free – it listens to your requests and instantly plays the song you’re looking for, tells you the weather forecast, or rattles off your shopping list. However, because it needs to listen for these commands, it can also record your conversations without your consent. Due to this reason, you may have greater peace of mind keeping Alexa in a spot you’d feel comfortable having company in. Spaces you’d typically host guests such as the living room or kitchen are ideal.

Amazon has confirmed that their staff listens in to conversations recorded by Alexa in order to improve the device’s understanding of human speech. In fact, members of the staff listen to up to 1,000 audio clips per day. However, due to negative feedback, Amazon now allows user to turn off Alexa’s recording as desired. Here’s how:

  • Open the Alexa app on your phone
  • Access Settings
  • Select Privacy
  • Click Manage Your Alexa Data
  • Choose How Long To Save Recordings
  • Select Don’t Save Recordings, then select Confirm
  • Scroll to Help Improve Alexa
  • Go to Use of Voice Recordings and switch it off

You can also mute your Alexa Echo by toggling the mute button on your device. You can also fully unplug the device to ensure it isn’t listening to your conversations. If you have any questions or concerns about Amazon’s Echo devices, or any general IT inquiries, feel free to reach out to us at info@optfinity.com

One App Causes 50% of Mac Malware

By -- 2023-01-9 in Blog

While Macs have a good reputation against malware, they are still vulnerable. What may be relieving to hear, however, is that there is a way you can better protect your Mac. You can do this by removing the largest malware app of them all, MacKeeper

MacKeeper was originally designed to protect Macs from malware through cleaning, security, and performance tools. Ironically, 48% of Macs end up with malware infections though MacKeeper. The app is designed with good intentions but can be easily abused by hackers as a vehicle for malware. This is due to the app’s extensive permissions and access to various files and processes. It’s too risky to keep MacKeeper on your Mac and we strongly recommend removing it.

 

If you wish to remove MacKeeper, this is how:

  • Go to your Finder app
  • Click Applications
  • Search for MacKeeper
  • Select This Mac and click the plus sign
  • Choose Name to open the dropdown menu
  • Select Other
  • Scroll to System Files, click the checkbox
  • Click Name (again), select System Files
  • Switch ‘aren’t included’ to ‘are included’
  • Delete all files in folder (Right-click and select Move to Trash)
  • Empty your trash (Right-click the Trash icon in the bottom right screen corner, select Empty Trash)

 

The best way to prevent malware on your Mac is through good cyber security practices and protection. Look into installing top-rated security software if you haven’t already. For more information on how to protect your devices from malware or any general IT questions, feel free to reach out to us at info@optfinity.com.

Security Concerns with LastPass

By -- 2023-01-5 in Uncategorized

In general, it’s a good thing to be using a password manager to generate a strong, unique password and to keep track of all of your passwords. For many of OptfinITy’s clients, the password manager that has been used has been LastPass – something we ourselves have been using since 2013.

Over the past 6 months, however, there have been reports coming out about a security incident which occurred in August and then again in November at LastPass, about a potential hack. On December 22nd, LastPass clarified a previous security incident they had reported in November as being much more concerning, where the hacker’s data breach actually exposed encrypted password vaults—the crown jewels of any password manager—along with other potential user data.

The details, or more specifically, the lack of details that LastPass provided about the situation a week ago were worrying enough that security professionals quickly started calling for users to switch to other services. While some people have been making those suggestions, OptfinITy does not want to make a knee jerk reaction and is currently doing our own research into the situation.  This is what we know so far:

  • Sometime over the last 3-4 months, the encrypted vaults of all or some of the users were stolen.
  • These vaults which contain all of the usernames and passwords are encrypted with a master password which only the end user knows.
  • The encryption that is used is extremely difficult to hack without massive computer capabilities, something that very few people in the world have access to.
  • Although encryption is great for making it hard to decode what a password is, it does not stop hackers from using other tools to guess passwords on the vaults.  For example, if you utilize a password that is a common dictionary word followed by a number, those passwords will be easier to crack and the usernames and passwords will become available to the hackers.  For those with complex passwords (i.e.  C@nUGu3$$Th~sPw), your data will be much harder to access.

So what should you do?  

We are still investigating the issue and do not feel that it makes sense to switch to another provider today. The reason for this is that there is no 100% secure software or cloud-based solution and it is imperative that the solution you switch to is in fact a better option than the current one, or as the adage goes, the “devil you know is better than the devil you don’t”.

That being said, we are recommending that all LastPass users do the following immediately:

  • ALL LastPass users must change their MASTER password to login to LastPass and that the password should be complex in nature, containing a mixture of letters, numbers and symbols and without spelling a dictionary word.
  • All users should enable multi factor authentication on their vaults.
  • Whether you do use LastPass or not, we are recommending all users create an account on Have I been Pwned? (https://haveibeenpwned.com/) to ensure they learn of any breaches affecting them as soon as possible.
  • While the vaults were encrypted, the meta data about the users of the vaults was not.  As a result, hackers will have access to potential contact info, which means customers should be on extra alert for phishing emails and phone calls purportedly from LastPass or other services seeking sensitive data and other scams that exploit their compromised personal data.  Nobody will ever need your master password for any reason.
  • If you were an end-user who used a simple master password, it is our recommendation that you go through and change all of the passwords within your vault.

At this moment, OptfinITy is evaluating the situation while also testing out two potential replacement products for password management and will be in touch with our clients about their concerns and any potential changes.  Should you have any questions in the meantime, please don’t hesitate to reach out to us at info@optfinity.com.

One iPhone Setting Worth Changing

By -- 2022-12-30 in Blog

Thieves love to steal iPhones. They’re easy to target and sell for quick cash. However, changing one iPhone setting can stop thieves in their tracks. Smart thieves will look to instantly turn on airplane mode once they swipe a phone. They do this so the phone can’t be located from the Find My app. Fortunately, there’s an easy way to prevent them from doing this.

Disabling Control Center When iPhone is Locked

  • Go to your iPhone’s settings
  • Find Face ID & Passcode
  • Enter your passcode
  • Scroll to Allow Access When Locked
  • Turn off Control Center

Now, thieves won’t be able to access your iPhone’s control center from the home screen. This will allow you to still track your iPhone using the Find My app. This can scare thieves off, as they’ll be aware that they can be tracked. Thus, many will opt to ditch the phone somewhere, allowing you to safely retrieve it using the Find My app. This setting change will have minimal impact on your phone’s ease of use as well. This is because your phone will still unlock with Face ID, allowing you to access the Control Center as usual. For more information on phone security or any general IT inquiries, feel free to reach out to us at info@optfinity.com.

TikTok Making Algorithm More Transparent

By -- 2022-12-23 in Blog

TikTok, the latest social media titan, recently announced a new feature called “Why this video”. This feature is being rolled out in the “For You” section and will be accessible through a question mark icon. Users will be able to review why each video is selected for their feed. There will be several different listed reasons, such as previous interactions, accounts followed, user posted content, and regional content.

TikTok said in a press release that “Looking ahead, we’ll continue to expand this feature to bring more granularity and transparency to content recommendations.” TikTok has also made additional strides towards safety, such as customized content recommendations, parental controls, and improved content moderation systems.

However, there are still some major security concerns despite TikTok’s strides towards transparency. The video-based app has an algorithm that can be concerningly good, leading to questions about how much data is being accessed. Some states have banned the app from government devices and it is going through a national security review with the US Committee on Foreign Investment.

So, while TikTok can be a great source of entertainment, it’s wise to be cautious of it. Lots of data can be collected from the app, and it’s also important to make sure minors aren’t exposed to inappropriate content. For more information on best internet safety practices or any other general IT questions, feel free to reach out to us at info@optfinity.com.

Have You Cleared Your iPhone Cache Recently?

By -- 2022-12-6 in Blog

Just like every piece of technology, your iPhone needs routine maintenance. While physical maintenance such as screen cleaning is important, some of the processes should also happen digitally. One of the easiest pieces of upkeep is clearing your iPhone cache monthly.

What is my cache?

Your browser cache is like a digital closet. Over time, your iPhone stores website data in this digital closet so that it can easily retrieve the data when you visit each site. In the short run, this speeds up your browsing experience. However, your cache may begin to clutter with data you no longer need. Before long, your browser’s cache becomes outdated and slows down your phone. Clearing your cache gives your browser a fresh start, which can noticeably increase your browsing speed.

Clearing your cache

Safari:

  • Open your iPhone’s Settings app
  • Select Safari
  • Select Advanced and then Website Data
  • Select Remove All Website Data
  • Select Remove Now

Chrome:

  • Open the Chrome app
  • Select the three dots in the bottom right corner
  • Select Settings
  • Select Privacy and Security
  • Select Clear Browsing Data
  • Choose the intended time range
  • Ensure Cookies, Site Data is selected as well as Cached Images and Files
  • Lastly, tap Clear Browsing Data

If you use a different browser, a quick search should bring up the steps you need to follow.

In general, it’s a good idea to clear your cache once every month or two. This will ensure your browser isn’t getting bogged down by unnecessary stored data. If you have any questions about technology maintenance or general IT inquiries, feel free to reach out to us at info@optfinity.com.

Best Cybersecurity Practices for Remote Work

By -- 2022-11-28 in Blog

The holidays are right around the corner, which means many will be working remotely while traveling. Remote work already increases cybersecurity risks and traveling adds another dimension of threats. It’s important to keep your guard up and avoid taking security shortcuts while working remotely. According to venturebeat.com, here are a few cybersecurity practices you should consider implementing this holiday season:

  • Backup all your devices. If traveling, leave the backup in the cloud or at home.
  • Use a password protected, WPA-enabled Wi-Fi network
  • Create strong and different passwords for each account
  • Avoid storing passwords on your person or on your phone
  • Update all devices, applications, and browsers

If you’re leaving the home office to work, whether at your local café or in another country, here are further security measures you can take:

  • Leave unneeded devices at home
  • Bring a laptop lock and invest in a physical one-time password authenticator
  • Avoid taking devices that contain confidential company documents and information
  • Use an RFID blocker(basically a card sleeve) to protect payment cards, room keys, and passports
  • Use password-protected hotspot instead of hotel or public Wi-Fi
  • Turn off Wi-Fi, Bluetooth, and Near Field Communications (NFC) on your phone when in public areas such as airports or coffee shops
  • Use a VPN

There are many cybersecurity improvements to consider making, whether you have big traveling plans or just like to work from outside the office on occasion. For more information on how to protect personal and company data, or for any other IT needs or questions you may have, please feel free to reach out to us at info@optfinity.com.

Cyber Monday, Giving Tuesday, and the Ensuing Scams

By -- 2022-11-25 in Blog

Black Friday, Cyber Monday, and Giving Tuesday are three of the busiest days of the year for shopping and donating. These days create the perfect opportunity for hackers and scammers to take advantage of the unwary. Thankfully, according to NBC there are measures you can take to avoid false advertisements, untrustworthy sellers, phishing attempts and more.

Cyber Monday

If a company is selling the hottest item of the season at a price that seems too good to be true, it likely is. Check prices across a few retailers to ensure the best deal is also a realistic one. Be aware of fake email offers and web addresses. Scammers will often attempt to craft sites and messages that look just like your favorite retailers. If shopping from a business for the first time, make sure to look over their reviews before entering your credit card information.

Make sure your antivirus software is fully up to date. Updated antivirus should help block pop-ups and spam, as well as warn you of potential threats. Use your credit card as opposed to a debit card. If any unwarranted charges show up, you’ll be able to contest them through your credit card company. Debit cards unfortunately don’t offer the same protection. Lastly, be on the lookout for phishing tactics. Emails, calls, and texts mentioning incredible deals, free gifts, and delivery problems should all arouse suspicion.

Giving Tuesday

Responsible charities will list their mission, programs, goals, and achievements on their website. Their financial information should also be readily available. You can check if organizations are tax exempt using the IRS Tax Exempt Organization Search tool.

Additionally, be wary of on-the-spot donations and the use of emotional appeals. Do some research before making your donation decisions to ensure your selected charity operates ethically. Lastly, it never hurts to check with state charity officials if you haven’t heard of a charity before. Charities often are required to register with the office of the attorney general before soliciting.

 

This giving time of year is wonderful, and it’s great to give thoughtful gifts to loved ones and charities. However, it’s wise to be cautious and ensure your money and personal information are safe. If you have any questions about Cyber Monday, Giving Tuesday, or general internet safety practices, feel free to reach out to us at info@optfinity.com.

Is LinkedIn Secure?

By -- 2022-11-11 in Blog

LinkedIn has long had security issues such as fake and impersonated accounts, spam messaging, and phishing. However, according to an article on Tripware, LinkedIn is taking new measures to bolster their security and protect users from threats.

Some of these features include:

About This Profile
Every user will now have additional data points to assess how trustworthy a profile is. “About This Profile” will detail when each account was created, as well as if the account has a verified phone number or email address. This feature should be effective for identifying fake accounts and ensuring users are making safe connections. Initially only workers for select companies will be able to verify their email addresses, but LinkedIn will expand the feature over time.

Fake Account Detection
LinkedIn is also fighting against deepfake image generating technology. These artificially generated images are being utilized as profile photos to make fake accounts appear authentic. LinkedIn has implemented a deep-learning-based model to check uploaded profile photos to determine if they are artificially generated or not.

Suspicious Message Warnings
New warnings are being integrated into LinkedIn’s messaging system to help keep users safe. Warnings and safety tips will appear if users try to send links to external sites or apps. This will further protect users from threats such as phishing and viruses.

All these new measures will help to keep LinkedIn’s userbase safer. While improvements are being made, many threats still exist on LinkedIn and all other types of social media. To keep your personal information safe, it’s important to have up to date cybersecurity and follow best internet practices. For more information on how to how to identify digital threats and protect your data, please feel free to reach out to us at info@optfinity.com.

Does My Computer still need Antivirus Software?

By -- 2022-11-4 in Blog

More information is available online than ever before, and with this rise in information comes an increase in the number of hackers and scammers looking to obtain your personal data. Protecting your computer with antivirus software is not just needed, it is essential.

In addition to removing viruses, antivirus software will help keep your personal information safe through features such as secure web browsing, monitored downloads, and alerts when your data is at risk. A good antivirus software will run scans for malware and viruses, offering instant protection for your computer. Additionally, it can monitor unexpected behavior on your computer and identify new threats before they become an issue.

The better antivirus products will even help protect against phishing by warning you about suspicious sites and automatically blocking emails from malicious senders. However, you still need to be able to identify phishing tactics on your own, as antivirus programs won’t be able to identify every threat.

For more information regarding the protection of your online information whether antivirus software or security awareness training, please feel free to reach out to us at info@optfinity.com.