Don’t be a Victim of These Common Phishing Attacks


McAfee, J. (2016). An email hack can destroy our digital world and we won’t see it coming.

Computer Associates (2005). Types of Phishing Attacks.

Levine, K. (2015). How to Identify 5 Common Phishing Attacks.

Norton (2016). Spear Phishing: Scam, Not Sport.

Krebs, B. (2015). Tech Firm Ubiquiti Suffers $46M Cyberheist.

Norton (2016). How to Protect Against Pharming.

Sullivan, D. (2015). Two Dropbox Phishing Scams Cause Consumer Problems.

Johnston, N. (2014). Sophisticated Google Drive Phishing Scam Returns.


Posted in Education, Privacy, Security | Tagged , , , , | Leave a comment

How to Use “New Tab” in Chrome as a Note Taker

How to Use “New Tab” in Chrome as a Note Taker


There are plenty of uses for Google Chrome’s new tab, and with the extensionNew Tab Draft, you can turn it into a note taker.

The extension has absolutely no bells and whistles. When you launch a new tab, you’ll be presented to a distraction free blank page to write on. If you close the tab and re-open it, you’ll find the same text that you had typed there before.

According to the New Tab Draft developer, the content is saved on your browser, and not on a server.

Different Uses for New Tab Draft

New Tab Draft is extremely simple. There’s no way to save more than one note at a time, and you’ll find no text formatting options. So why use New Tab Draft?

The first reason is its simplicity. If you’re just looking for an easy place to take notes during a meeting, to start writing a blog post or story, or just want to jot down an idea before you forget — it’s right there at your fingertips as you browse online.

The blank white page makes sure you focus on one thing and one thing alone — what you want to write. Another great use for New Tab Draft is to save text that you find that you use a lot.

Another great use for New Tab Draft is to save text that you find that you use a lot. If you send out a lot of repetitive emails, or tend to have to type the same thing over and over again in your browser, why not use New Tab Draft as a repository for all those phrases for easy access?

A third way you can use the extension is as a daily to-do list. You can create a list of your tasks for the day, and delete them as they are completed. It’s a great way to keep everything you need to stay on top of just one tab away.

In addition to using it as a note taker, New Tab Draft allows you to perform simple math calculations.

Posted in Blogs, Google | Tagged , , | Leave a comment

Open365: open source Office 365 alternative

Open365: open source Office 365 alternative

Open365 is an open source Office 365 alternative that allows you to edit or create documents online, and to sync files with the cloud.

The service is in beta currently but you can sign up for it already on the official website. You may use it using a web browser, download clients for Windows, Mac or Linux desktop machines, or for Android. An iOS client is in the making currently and will be made available as well soon.

Open 365 offers two main features that you can make use of. First, it enables you to synchronize files between devices you use and the cloud.

Second, it allows you to view, edit and create documents in the cloud using the technology provided by the Open Source Office suite LibreOffice Online for that.



You can sign up for the service on the official website currently but the makers plan to release repositories that you can install on servers you have control over to create a self-hosted version of Open365 that you have more control over.

When you sign up for the service you get an email address automatically assigned to you that you use to sign in to the web service and the sync clients, and for mail.

You do get 20 Gigabyte of storage as well right now which is more than what many other file synchronization services offer at the time of writing.

It is unclear however if the 20 Gigabyte are only available during the beta period.

The web service loads the “Hub” view on start automatically. It lists all libraries that you own and that are shared with you by default.

A click on a folder opens the contents directly on the web, a click on files either in one of the editors if the file format is supported, or offered for download if it is not.

The focus is on documents but support goes beyond typical document formats such as docx, xls or pptx. Open365 supports an image viewer that supports all common image formats, and a media player to play audio and video content.

Libraries or individual files can be shared or deleted online, and you may upload new files directly to the web interface using your web browser of choice.

One interesting feature is the ability to create new libraries on the Web, and here specifically the option to encrypt content so that it can only be accessed if the right password is supplied. The password is not linked to the account password.

As far as sharing is concerned, you can share files or libraries with individual users or user groups, and get full control over shared links and permissions online as well.

Document editing and creation

open365 documents

This works for the most part as you would expect it to work. You can load any Office document with a double-click on the web interface, and Open365 will load it in the associated editor.

You can read the document right away there, print it, or start to edit it. If you have used LibreOffice Online or offline before, you will feel right at home, but even if you have not, you will have little issues using Open365 to edit documents.

Open365 saves edits automatically in intervals, but you may use save options to to do manually at any time. Edited documents may be saved online or to the local device instead, and you may export them to the same document format or a different compatible format.

The loading time of documents is a bit slow online right now which means that you will have to wait a couple of seconds before it is displayed in the editor.

Open365 Sync Client

open365 sync

The sync client works for the most part as you would expect it to work. You can use drag and drop to add folders that you want to sync with the cloud, or use the built-in folder browser instead for that.

Folders are turned into libraries automatically when you add them to the sync client. You may change the name of the library and enable encryption before you hit the ok button to start the synchronization.

open365 create

Options are provided to configure the sync process and other features of the desktop client. You open the options with a right-click on the icon in the system tray.

The settings allow you to set download and upload speed limits, disable http syncing, or configure what the service should do when you remove a library from a local directory or when a library is not found on the server.

Open365 Promo Video

Closing Words

Open365 is an alternative to Office 365 and Google Docs. It is free and open source, and ships both with file sync and document viewing, editing and creation options on the Internet.

The option to install Open365 on your own server may make it interesting to users who want or need to keep full control of documents, and cannot or don’t want to use Office 365 or Google Docs because of this.

Landing Page

Posted in Blogs, OpenSource | Tagged , , | Leave a comment

How to use WhatsApp to send encrypted messages

How to use WhatsApp to send encrypted messages

If you have not tried WhatsApp Messenger, you’re missing out on encrypted, unlimited messages with images, video, and audio. Get up to speed on installing and using the app.

Image: Jack Wallen

WhatsApp Messenger is an incredibly easy to use and popular mobile messaging system that is encrypted end-to-end for all users. One reason it’s popular is that the app allows users to exchange texts and media messages through their internet provider data plan or using Wi-Fi without having to pay for SMS.

The only caveat to using WhatsApp is that you can only message people who use WhatsApp. For instance, if your contacts are using Google Hangouts or their default messaging app, they won’t be able to communicate with you unless they install WhatsApp.

Here’s how to install and use WhatsApp Messenger on a Verizon-branded Nexus 6.

SEE: Tech Pro Research’s Mobile Device Policy

Installing WhatsApp Messenger

  1. Open the Google Play Store on your Android device.
  2. Search for whatsapp.
  3. Locate and tap the entry by WhatsApp Inc.
  4. Tap Install.
  5. Read the permissions listing.
  6. If the permissions listing is acceptable, tap Accept.

After the installation completes, you should see a launcher for WhatsApp Messenger in your App Drawer or on your home screen. Tap the launcher to fire up the application. The first time you use it, follow these steps.

  1. Agree to the EULA.
  2. Grant WhatsApp permission to access your contacts.
  3. Grant WhatsApp permission to access your photos, media, and files.
  4. Verify your phone number.
  5. Enter your device phone number and then tap the Send button. WhatsApp Messenger can automatically detect the verification code, so you don’t have to open your current messaging app to retrieve the digits.
  6. Grant WhatsApp permission to send and view SMS messages by tapping ALLOW when prompted. WhatsApp will finally detect the incoming verification code.
  7. Enter a name for your profile and tap NEXT.

Now you’re ready to begin using WhatsApp.

Using WhatsApp Messenger

From the main window (Figure A), tap the message icon, and all of your contacts who use WhatsApp Messenger will appear.

Figure A

Figure A
Image: Jack Wallen
The WhatsApp Messenger main window.

If you have contacts that are not using WhatsApp Messenger, tap the Contacts tab, scroll through to find the contact, and tap the INVITE button (Figure B).

Figure B

Figure B
Image: Jack Wallen
Inviting contacts to use WhatsApp Messenger.

Beyond that, using WhatsApp is as simple as using any other messaging app. You might want to check the ability to configure the media auto-download. With this feature (Menu | Settings | Data Usage), you can define what is automatically downloaded when using mobile data and when connected to Wi-Fi (Figure C).

Figure C

Figure C
Image: Jack Wallen
Defining what is downloaded by connection type.

To prevent anything from auto-downloading while using your data plan, uncheck Images for mobile data and check everything for Wi-Fi (Figure D).

Figure D

Figure D
Image: Jack Wallen
Enabling everything to auto-download when connected to Wi-Fi.

One of the best messaging apps

Give WhatsApp a try, and see if it doesn’t quickly wind up becoming your default messaging app — at least for contacts already using or willing to use it.

Posted in Cryptography, Privacy, Security | Tagged , , | Leave a comment

Petya ransomware decryption tool sets your files free

Petya ransomware decryption tool sets your files free


Successful ransomware families including CryptoWall, TeslaCrypt and Locky encrypt the data files on your hard drive and require you to pay a ransom to get the key to decrypt them.

But the Petya ransomware, which we wrote about recently, is somewhat different.

Petya leaves your files alone, but scrambles the Master File Table (MFT) of your C: drive so your computer can’t boot up Windows at all.

The bad news is, normally, the ransomware crooks do a good enough job with the cryptographic parts of the malware to make it all but impossible to break the encryption – and unless you have backups, you have little choice but to pay the ransom if you want your files back.

The good news is that you probably won’t get hit by Petya – this ransomware is pretty rare, according to SophosLabs statistics – but if you are one of the unlucky Petya victims, there’s good news for you, too.

You may not need to pay the ransom at all, because this time, the malware authors weren’t very careful and it’s possible to crack the encryption.

A researcher by the name of “Leo Stone” has figured out how to crack Petya’s encryption, and created a free online “Petya pay no ransom” tool you can use to generate the encryption key without paying.

Petya victims just need to enter some data strings from the affected disk into the online tool, and it uses an algorithm to generate the key, a process described in a GitHub post by leo-stone.


You’ll need to attach your infected hard drive to another working computer to extract the necessary data (BleepingComputer has a step-by-step guide for the whole process).

After you enter the data in the tool, it spits out your key, which you next need to enter into the Petya ransom page on your infected computer.

How to prevent ransomware

It’s good news that Petya was relatively easy to crack, but the truth is, today’s ransomware mostly avoids this kind of mistake.

Prevention is far better than a cure, so here are some tips you can use to protect yourself against ransomware.

1. Back up your files regularly and keep a recent backup off-site.

Backups can protect your data against more than just ransomware: theft, fire, flood or accidental deletion all have the same effect. Make sure you encrypt the backed up data so only you can restore it.

2. Don’t enable macros.

A lot of ransomware is distributed in Office documents that trick you into enabling macros. Microsoft has just released a new tool in Office 2016 that can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet.

3. Consider using Microsoft Office viewers.

They allow you to see what a Word or Excel document looks like without macros. The viewers don’t support macros so you can’t enable them by mistake, either.

4. Be very careful about opening unsolicited attachments.

Most Windows ransomware in recent months has been embedded in documents distributed as email attachments.

5. Don’t give yourself more login power than necessary.

Don’t stay logged in as an administrator any longer than necessary. Avoid browsing, opening documents or other regular work activities while logged in as administrator.

6. Patch, patch, patch.

Malware often relies on bugs in software and applications. When you apply security patches, you give the cybercriminals fewer options for infecting you with ransomware.

7. Train and retrain employees in your business.

Your users can be your weakest link if you don’t teach them how to avoid booby-trapped documents and malicious emails.

8. Segment the company network.

Separate functional areas with a firewall, e.g., the client and server networks, so systems and services can only be accessed if really necessary.

Learn more about how to prevent ransomware

Sophos experts have created a free guide explaining How to stay protected against ransomware.

Image of broken chain courtesy of

Posted in Cryptography, Education, Security | Tagged | Leave a comment

The Accessories Folder in Windows 10 Is a Useful Hidden Gem

The Accessories Folder in Windows 10 Is a Useful Hidden Gem

In Windows 10, the beloved Accessories folder is a little harder to find than it was in the old days. It used to be front and center in the Start menu, always ready to provide you with access to the default Windows tools like Paint, Notepad, Run, and so on.

It’s easy to get confused and think the folder has disappeared along with some other features of older versions of Windows, but it’s still very much alive and kicking, you just need to know where to find it!

First, click the Start menu. Next, click the All Apps button the very bottom. From here, you’ll probably notice the things listed under A, and you’ll see that Accessories isn’t there. That’s because the folder is now called Windows Accessories!


Scroll down to W (or click the 0-9 on the top off the screen, then select W), and you’ll see Windows Accessories listed right there. Click it, and all the tools you know and love will be there.

What are the tools in the Windows 10 Accessories folder, you ask? You’ll still find Paint, Notepad, Windows Journal, Step Counter, Wordpad, Clipping Tool, and all kinds of tools.

If getting to the Accessories folder for a tool you use frequently, don’t forget that you can pin the ones you use the most to the Start Menu (here’s how).

Posted in Microsoft, Windows 10 | Tagged , | Leave a comment

Windows 10 Tip: Remove the Built-in Apps |

Posted on February 10, 2016 by Paul Thurrott


Windows 10 Tip: Remove the Built-in Apps

Windows 10 prevents you from easily uninstalling some of its core built-in apps. But you don’t have to be a rocket scientist to get them off your PC. Here’s the easiest way to do so.

As you may know, you can easily uninstall some of the apps that come with Windows 10 (or, worse, bundled with your PC from the hardware maker). Just right-click them in the Start menu and choose Uninstall from the pop-up menu that appears. Seriously, who on earth needs or wants 3D Builder?


The problem, of course, is that many built-in Windows 10 apps cannot be uninstall this way. If you right-click Mail, Photos, Groove, and many other built-in apps, the Uninstall option does not appear.


Fortunately, you can in fact remove any of the built-in Windows 10 apps. You just need to know the trick.

And no, it’s not by using PowerShell. I’ve seen plenty of tips out there for removing the built-in Windows 10 apps with this power-user/developer feature, but come on. That’s like using a sledgehammer to kill a fly. Instead, you can remove these apps much more easily: By using the free CCleaner utility.

To do so, just navigate to Tools, Uninstall in CCleaner and choose the app(s) you wish to uninstall.


The nice thing about this process is that (with the one exception noted below), you can always reinstall any uninstalled app from the Windows Store. So this tip is useful for those who are experiencing an app issue and simply want to reinstall the app as well.

Just one word of warning: Do NOT uninstall the Store app. If you do, the only easy way to get it back is to reinstall Windows 10 over itself. Or, yes, you could use … sigh … PowerShell. :


Posted in Microsoft, Windows 10 | Tagged , | Leave a comment