Did you catch our latest K-12 Newsletter?
Our techs have seen a few machines (Mac laptops specifically) come through recently that have fallen victim to the same fake Adobe Flash update prompt.
These users were all performing seemingly normal tasks on Chrome, clicked on a link to go to a specific site, and the link popped up a series of Adobe Flash update prompts. While the users had intended to go to a specific site to gather information for a lesson or check sources for student projects, the resources they were seeking had been hijacked and now housed a nefarious hacking tool.
Thinking they did indeed need an Adobe Flash update, they clicked.
Some or all of the following symptoms then occurred:
- Pop-ups everywhere, for all sorts of products and virus warnings
- Offers to clean their infected machine.
- Default search engine changed.
- Home page and new tab page changed
- Web browser beeping and talking to them, warning them that their computer was infected
- Attempts to open new tabs blocked by their firewall, as those pages were leading to other infected and/or inappropriate content.
- Other browsers also infected
ITS was contacted and began clean-up on the machines. Normally, with a Mac laptop, we can run a couple clean-up tools remotely to reset the browsers and get the user back to their normal browser experience within an hour. These machines were infected to a point that we had to physically reload the machines and reset their user profile; our standard cleanup tools and procedures were ineffective.
During an evening Pinterest browsing session for some Halloween costume components last night, I experienced the same fake Adobe Flash update. I took a screenshot, then closed the problematic active tab. (I also reported the bad link on Pinterest) The link I clicked was supposed to take me to an easy-to-sew bow tie pattern, but alas, the craft blog site was either hacked and redirected, or allowed to expire and claimed by someone spammy.
Look at the features in the screenshot that set off warning bells for me:
- The address in the address bar is not the address I was seeking, and also not an Adobe address
- The pop-ups appear multiple times, and appeared again when I attempted to interact with the browser
- Most software/plug-in updates will be served by your system and not by the browser – these definitely came from my browser
- When I hovered over the buttons on the pop-ups, I could see the intended address at the bottom of my browser – again, not an Adobe site or my intended craft-blog site.
While I had been hoping to see and capture the fake Adobe Flash update in the wild, it still surprised me! My first reaction was to reach for the download button. I gathered my wits in time, though, and looked at the address bar, the multiple pop-ups and hovered over the buttons.
Adobe Flash is being phased out, due to security issues. Most websites that previously relied on Adobe Flash content are now using HTML 5 coding to provide a safer experience, and use an embedded plugin for their Flash content. If you receive an Adobe Flash update window, and think you may actually be due for an update, you can always visit the site directly to check: https://helpx.adobe.com/flash-player.html
Leslie is the Marketing Manager at ITS, and provides timely technology tips for our end-users. She is sending The White Rabbit (Alice In Wonderland), Ichabod Crane and a Deer Hunter trick-or-treating this year.
Should my employees have access to social media at work?
There are two facets to consider in this answer: network security and employee productivity.
If employees are using corporate devices to access their social media sites and perform light web browsing, then your network security is definitely impacted. If employees are using their personal devices for social media and web browsing, then your network security may not be at risk, but your bandwidth (amount of internet available) may be impacted.
Even a simple scroll through the local news can lead employees to click on an errant link – something they think may be a link to a local event or another news story, but is instead a link to a browser hijack or drive-by-download of a virus or malware.
Best practice would be to train employees to not use corporate devices or the corporate network for web browsing. Many of our SMB clients have employees that access corporate data and applications through a remote desktop or cloud server; we also recommend that web browsing and social media never occur on that server connection.
If you have enterprise network gear, setup a guest wireless connection for personal devices. This will also allow you to throttle bandwidth to specific sites, so all of your bandwidth isn’t supporting one employee’s latest Netflix binge.
If you don’t have a company policy to outline employee expectations regarding the use of social media on breaks or at their discretion during work hours, take the time to develop one.
Looking for more resources on social media in the workplace? Try these:
Innocent internet scrolling has been the antecedent for many frantic phone calls to our office:
I was just scrolling through facebook and clicked on something interesting; now my computer is beeping at me and telling me I have to call this 1-800 number to get rid of a virus!
This issue is generally what we call a Browser Hijack, and is easy to fix by ending the tasks of your open browsers using Task Manager.
On a Windows machine, launch Task Manager by clicking ctrl + alt + delete or right-clicking on your taskbar/bottom menu bar. Then, look at the apps running in “Processes” – ending the process for the affected browser. If you aren’t sure which browser is problematic, it is okay to end the process for any that are open.
On a Mac, try “Force Quit” from the Apple menu to quit your browsers.
You will want to check your “new tab” page, your default search engine, installed extensions/plugins and your homepage to make sure that the browser hijack did not also change some of your browser settings.
The majority of browser hijacks that we see on work computers are innocent in nature, but really do stem from behaviors that should cause concern on a corporate network. Is scrolling through the internet done on a computer that also connects to your server or shared data? Next time the call to our office may not be for a simple browser hijack, but may be ransomware or a debilitating virus. Consider limiting the amount of non-work related web surfing performed on corporate devices and the corporate network.
October is Cyber Security Month; this first week focuses on staying safe at home and on home devices. When we prepare networks and firewall settings for our K-12 clients, we are often asked to block access to social media and blogging sites. Our settings can restrict students from accessing these on the school internet connection, but we cannot restrict students from accessing the same sites/services from their data plan on their cellular device.
While we do believe that schools play a positive and important role in shaping student interactions online and teaching about online safety, we also believe that this oversight and monitoring of a personal device falls to the family. We have collected safety and setup guides to some of the top social media apps and services and shared them below. It is important to remember that most of our productivity apps also now have chat and communication components included: these collaboration components are critical for our current education and business climate. However, even apps designed for productivity can be utilized in other ways. It is also important to note that there are hundreds and perhaps thousands of anonymous chat/messaging apps available in the iOS and Google Play stores; your child and their peers may prefer to use an app that is not included on this list, but may have similar features and safety concerns.
It is hard to raise children in this era without allowing access to technology: we have 1:1 technology initiatives in our schools, we have smart devices in our homes, and we know that our future economy and career choices are tightly linked to technology. Take some time to talk to your children, visit sites and apps with them, and develop an open line of communication to solve problems together should they arise. We know from experience that dealing with tech problems is always easiest when we are proactive: when we take the time to setup the device and apps appropriately for the age of the child, we run into less issues further down the road.
Learn more about safeguarding privacy for children and teen online from The National Cyber Security Alliance.
Parent’s Guides to Social Media Apps and Services:
(also similar: Mixer, XBox Live)