MacBook Pro 15 inch Recall

Apple has issued a voluntary recall for certain 15-inch MacBook Pro units sold primarily between September 2015 and February 2017. These are older-model MacBook Pros that predate the Thunderbolt 3 models that Apple now ships.

Apple said that it “has determined that, in a limited number of older generation 15-inch MacBook Pro units, the battery may overheat and pose a fire safety risk.”

For this reason, Apple says that if you have an affected MacBook Pro, you should stop using it immediately and turn it over to Apple or an Apple Authorized Service Provider (that’s us) for a free battery replacement. To see if your 15-inch MacBook Pro is included in the recall, enter your MacBook Pro’s serial number on Apple’s recall page.

Update Google Chrome NOW

Google Chrome users are advised to use the browser's built-in update tool to trigger an update to 72.0.3626.121 version. Users should do this right now.

Google revealed March 5 that a patch for Chrome last week was actually a fix for a zero-day that was under active attacks.

Google described the security flaw as a memory management error in Google Chrome's FileReader --a web API included in all major browsers that lets web apps read the contents of files stored on the user's computer.

More specifically, the bug is a use-after-free vulnerability, a type of memory error that happens when an app tries to access memory after it has been freed/deleted from Chrome's allocated memory. An incorrect handling of this type of memory access operation can lead to the execution of malicious code.

So do the update!

If your 2018 MacBook fails, it may be nearly impossible to recover data: Here's why

With the new T2 chip, there is no data access recovery port on the new MacBook Pros. While Apple may have another backup plan for data recovery, it has not yet shared it with users (or us).

Since users frequently save important data on their devices, this omission should encourage them to more heavily invest in a cloud backup solution and/or external hard drive

According to Apple's internal 2018 MacBook Pro Service Readiness Guide, technicians are advised to encourage you to backup to Time Machine frequently. Currently this is the only way to preserve your data if your laptop fails.


Hot Corners for Fast Access

Your Desktop can be a busy places, with a bunch of open windows cluttering the screen. If you want to look at the Desktop or see another window, you may find yourself clicking around or using keyboard shortcuts to switch views. Did you know that you can access many of the Mac’s special views with a simple  movement?

A little-known feature in macOS called Hot Corners makes this possible. The key to unlocking Hot Corners is in System Preferences (click the   top left corner ) in either the Desktop & Screen Saver pane or the Mission Control pane. In either one, click the Hot Corners button (bottom left or right) to set up your hot corners.   

Hot Corners can be quite useful, and how you choose to take advantage of them is completely up to you. We do recommend trying them out, you can always turn them back off if you find yourself disliking the behavior.

Apple Users Be Aware of This Phishing Campaign

You receive a call or voicemail claiming to be from Apple support notifying you of suspicious activity with your Apple iCloud ID. The computer-generated recording’s goal is to snare you into giving up your iCloud ID and password as part of a new phishing campaign.

The call comes from a random or unknown number and if you don't pick up you’ll get a voicemail phishing for your iCloud ID and password:

“Hi, I am Jennifer, and I am calling you from online support Apple. This is to inform you that we have noticed some suspicious activity with your iCloud ID. We have been getting the notification on our main server the past few days. We seriously recommend you call (phone number given). I repeat (phone number). We request you not to use your computer or other Mac devices before speaking to our certified technicians. For help and support please call us.”

This is a clear attempt to scare you into calling the number back and giving up your Apple iCloud credentials.

There's no way Apple support will ever contact a customer using a computer-generated voice nor will they ever ask for your iCloud credentials.

Beware “iCloud Breach” Phone Scam

There's  a new phone scam targeted at Apple users. The automated message claims to be from “Apple Support Care” and warns that your iCloud account has been breached and that you should stop going online.  It then tells you to press 1 to be connected to Apple Support.

This is just another form of the classic tech support scam, and if you get such a call, hang up immediately.

The best defense against this sort of intrusion is carrier-level call blocking, since then the spam calls never even make it to your iPhone.  AT&T offers the AT&T Call Protect app and service, and T-Mobile offers Scam Block.  Both are reportedly quite good but you must sign up for them manually.

For those on other cellular networks, there are a variety of call-blocking apps that integrate with the call-blocking capabilities of iOS 10 and up. These can identify calls as coming from spammers or even block them right off, based on information from crowd-sourced databases. This approach works better than blocking the numbers manually yourself, since spammers are unlikely to use the same number twice when calling you, but they do reuse numbers across multiple people. So if five or ten people report a particular number as bad and then it’s used to call you, these apps can know to identify or block the call.


Find What Data Apple Has On You

A complete tally of info Apple has collected about you is a simple web form away.

If you'd like to get a copy of your own data record from Apple, here's how to get the ball rolling:

    •    Start by going to Apple's Privacy Questions page, here:
    •    From the single pulldown menu on this page: "I have a question about," select "Privacy Issues."
    •    Fill out the resulting form, including your name, email and location.
    •    Add a sentence or two requesting all your data, for example: "I'd like a copy of all the data Apple has on me."
The data delivered includes all App Store and iTunes purchases connected to your Apple ID, serial numbers of all your Apple devices, and even a list of songs you've used with iTunes Match.


High Sierra Security Update

Apple has released Security Update 2017-001 to fix a serious vulnerability that enables access to the root superuser account with a blank password on any Mac running macOS High Sierra version 10.13.1.
The critical bug lets anyone gain administrator privileges by simply entering the username "root" and a blank password in System Preferences > Users & Groups.

The security update is on the Mac App Store now, and it should be installed by all users running macOS High Sierra as soon as possible. Regardless Apple said the security update will be automatically installed on all Macs running macOS High Sierra 10.13.1.

Apple has since apologized for the vulnerability:
“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue we immediately began working on an update that closes the security hole. The update is available for download, and starting November 30,  automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
The vulnerability does not affect macOS Sierra or any other previous version of the operating system.”

To ensure you have updated your Mac, go to the App store, click on the “Updates” icon and verify you have installed this update.

Apple Phishing ....

This email has recently been circulating around:

There are a number of tipoff’s that it’s not legit:  poor grammar, misspelling, a request for your credentials …. NEVER click on or open this type of request.

If in you’re in doubt give us a call or type in the login address of the site in question, i.e.: and check into the alleged problem

This type of scam is not limited to Apple; you’ll see similar “requests” from purported PayPal and other sites.

7 tips to stay cyber safe this summer

Posted: July 21, 2017 by Wendy Zamora

You’ve probably already seen the back-to-school ads on TV and rolled your eyes a little bit. We’re with you: There’s still plenty of summer left. That’s why we want to remind you about some of the cybersecurity pitfalls you might encounter during the remainder of the summer season.

Whether you’re home with the kids or heading out on vacation, here are some ways you can tighten up your security profile and avoid spending the rest of the summer reclaiming your identity or filing credit card insurance claims.

1. Monitor your children’s Internet habits during summer break.

Without homework and extracurricular activities for young students, summer days and nights are often spent lounging around on a tablet, cell phone, or laptop, browsing the Internet for funny cat videos or swapping faces on social media platforms. Parents may already enforce safe surfing habits during the school year, but with a more lax schedule may come a more lax attitude.

Be sure to set limits for Internet usage, whether that’s hours spent, sites visited, or apps and video games allowed. It’s also important to discuss online predatory behaviors, from cyberbullying to sexual exploitation (with an age-appropriate audience). Don’t just send your kids off to a room to Internet with abandon. Give them the skills (or possibly the parental controls) to navigate the online world safely.

2. Beware of fraudulent hotel booking sites.

Planning a trip to cap off an incredible summer? Make sure you’re using reputable booking sites for travel. A 2015 study by the American Hotel & Lodging Association found that about 15 million hotel bookings are impacted by rogue travel scams each year. Fraudulent websites or call centers often pretend to have an affiliation with certain hotels, when in fact they have none. This can result in being charged for hidden fees, losing rewards points, incorrect accommodations, fake reservations, and more.

The safest way to avoid being scammed is to book directly through a hotel’s website. Use third-party sites as resources to see available options. If you do want to consider a third-party site, call up the hotel directly to inquire if they are, in fact, affiliated. In addition, be wary of sites that urge you to book one of the last remaining rooms or don’t allow you to see a breakdown of fees.

3. Research hotels’ security policies before you book.

According to cybersecurity expert Matt Suiche, hotels are being targeted more frequently by criminals. Guest credit cards are kept on file for room charges and opportunities for additional spending at spas, restaurants, bars, and shops on premise make these properties attractive targets. In April 2017, InterContinental said that 1,200 of its franchise hotels in the United States, including the Holiday Inn and Crowne Plaza, were victims of a three-month cyberattack aimed at stealing customer payment card data. Also this year, 14 Trump hotels were targeted by hackers raiding personal data such as credit card numbers, expiration dates, and security codes, as well as some phone numbers and addresses of hotel customers.

When booking your hotel, you can ask about privacy and security policies in place for protecting customer data. Does the hotel have cybersecurity software? Is data stored in a secure computer/network? Who has access to it? Their policy should cover this information and more.

4. Watch out for public wifi in airports and hotels.

Yes, free wifi is a wonderful thing. How else would you stream Netflix in your hotel room instead of watching the room service menu options on your TV? However, free wifi is also public, which means that any person in the hotel or airport can access that account with (or without) a simple password. Wifi that isn’t password-protected is especially vulnerable. Add thousands of people accessing it daily and you’ve got a recipe for data breach.

So what to do? Use up your mobile data? That’s one (expensive) way to deal with it. What we recommend, for the layperson, is to avoid sites where you need to login, sites with sensitive info (banking, healthcare, etc.), and especially stay away from making purchases over an unsecured connection. If you absolutely need to access sensitive info on this summer trip—perhaps it’s for business rather than pleasure—you’ll want to look into using a virtual private network, or VPN. In fact, if you are traveling for business and staying at a luxury hotel, you might be vulnerable to a spear-phishing campaign called DarkHotel if you use the in-house wifi network. Better get that VPN cracking.

5. Don’t announce to the world that you’ll be away from your house on vacation.

The lead-up to the vacation is almost as good as the vacation itself, no? It’s hard not to get swept up in the excitement and jump on Facebook to tell all your friends about your upcoming trip. Problem is, unless you are ruthlessly private about what you share (and social media platforms are constantly updating their policies, making it easier for people to find your information that you didn’t intend to), people who aren’t your friends will see that announcement, too. And really, how well do you know that girl you passed in the hallway in high school 30 years ago?

Discussing your travel plans (specifically the dates you’ll be gone) opens you up to a physical security issue. Criminals are known to watch social media in order to target homes they know will be vacant for robbery. So best to wait until you get back until you start posting those trip photos.

6. Look closely at ATM scanners and gas pumps.

Heading to a concert and need to gas up? Hitting up an ice cream truck at the beach and forgot your cash? Be extra careful when stopping at gas pumps or ATMs, especially those unaffiliated with a bank. ATMs and gas pumps are targets for cybercriminals, who might attach skimmers in order to pilfer bank account or credit card data (and eventually drain those accounts).

Before you swipe your card, give the card reader a good tug. If there’s a skimmer attached, it’ll likely pop right off the top. In addition, take a look around the ATM or gas pump for small cameras (smaller than your typical surveillance camera). They’d be pointing down at the keypad in order to capture your zip code or pin number.

7. Avoid credit card fraud.

Easier said than done, we know. This one is extra tricky when traveling abroad. Pick-pocketers steal wallets or credit cards might be accidentally left behind and lo and behold: someone’s charging $2,537.45 worth of train tickets. While many card companies can track fraud and refund you the charges, the hassle of reporting and waiting, especially when overseas, is probably the last thing you want to deal with while sunning yourself in Phuket.

A few ground rules for traveling with credit cards: don’t take them all. Select one or two with high credit limits and low foreign transaction fees. Make copies of the credit cards you’re bringing with you so you can see the numbers and customer service phone number. Leave one copy with a friend and bring another with you. (Just don’t store it in the same place as your credit cards.) And finally, make sure you alert your credit card company of your travel plans so they don’t freeze your account.

Summer is a time to kick back and enjoy. So don’t spend it on the phone with your bank and the IRS. Take these precautions and you can be sure to end this easy-breezy season on a light and carefree note.

Sign PDFs right in Mail

 If you are emailed a PDF to sign, you don't have toprint it, sign it, then scan it back in:  you can actually sign it right in Mail.
Drag the PDF into the email you're sending, hover over it then at the top right you'll see a little button appear; click it, and you get a range of Markup options, including one for signing documents. Best of all, you can either add your signature by holding a signed piece of paper up to the webcam on your Mac – and it does a great job of cutting it out of the background – or by drawing on your trackpad.
Got an iPad stylus? Try using that instead of your finger!

8 Things to Teach Your Kids Never to Give Out Online

Thanks to Kirk McElhearn for this article

June is National Internet Safety Month. Dedicated to raising awareness for better online safety practices, June offers a unique opportunity for parents and kids to become more cyber aware, and to become better educated about potentially harmful online content and activities.
Children sometimes say the darnedest things. And that's fine, if they're at home, at school, or hanging out with friends. But if they're online—on social media, in chat rooms, in online multiplayer apps—then the things they say can have consequences.
When kids are chatting with others on the Internet, they may mention personal information that shouldn't be shared. They may talk about where they are, or where they're planning to be. They may mention that their parents aren't home, or that they're working late. And they may give out their address, phone number, or more. All of these things can be very dangerous.
Parents need to explain to children what things they should never give out online, and kids need to understand why. In this article, here are 8 things that kids should never mention online. If you're a parent, take some time to talk to your children and explain why these bits of seemingly innocuous information can lead to danger.
    1    Passwords: The most obvious thing that kids should never mention online - or even share with their friends - is their passwords. Leaking a password can allow strangers to access their accounts, such as Facebook, their gaming account, or even their email. This, in turn, can lead to people attempting to scam children, or even scam others, sending email or messages from these kids' accounts. Passwords are like keys to a house, and children need to learn how valuable they are.
    2    Address: Children should never post their address online, anywhere. Sharing their address can be dangerous, as people who prey on children might use an address like that to lurk around someone's house. They should also not mention the name of their school, church, or other location where they participate in activities.
    3    Phone number: Like an address, a phone number is something to not share. Not only can it lead to nuisance calls, but there are ways of finding an address when you have a phone number. Kids can give their phone number to their friends, but should never post it publicly.
    4    Personal information: There is some personal information that shouldn't ever be given out, as it can be used as an identifier on some forms, or for security to verify someone's identity. A Social Security number, if a child has one; their middle names; their mothers' maiden names; etc. Also, some web services have security questions that they use to provide access if someone is locked out of their account, asking, for example, the name of the user's first pet, the first concert they attended, the street they grew up on, the first beach they went to, etc. It's hard to know what to worry about, but all this personal information may end up being used against a child or their account at some point.
    5    Location: While this isn't as sensitive as giving out an address, it can actually be more dangerous. Sharing a location - whether intentionally, or by using an app that collects locations and tags posts or photos with them - lets people know that a child is not home. And if people do know where that child lives, it could be an invitation to a burglary. Naturally, it's impossible to not share a location from time to time: a kid may share a photo from a concert, or from a theme park, while they're in attendance, but it's best to tell your children not to do so in real time, but to wait until they get home. Kids should also never mention their vacation plans, because potential burglars could use this to try to find out where the kids live, knowing that the house might be empty.
    6    Home alone: A child should never tell anyone - other than their best friends - that they're home alone. This could lead predators to attempt to convince the child to let them come over to their house, or even go out and meet them. These predators could pretend to be a friend they haven't seen in a while, such as from a previous school, in order to lure children to dangerous situations.
    7    Email address: Just as posting an address is dangerous, so is posting an email address. Children are much more likely to be deceived by fake emails, perhaps from people saying they are a friend the child met at camp, or at a friend's party, which may in reality be predators trying to set up a meet with the child.
    8    Any information about their parents: Kids like to brag about things their parents do. Some may want to tell others about the great job their mother has; or the fancy camera their father just bought; or even their parents' income level. They should never do this, since this information may be correlated with other information about the child to lead predators or criminals to target their households. Also, it's possible that a school may ask an adult coming to pick up a child for some information about the family, to make sure this person is legitimate, and any such tidbits can help a predator sound convincing.
It's not easy to get kids to learn about all this information that they should keep to themselves. It's important to discuss this with your children, so they understand the potential gravity of sharing what may seem like banal bits of information to them and their families.

What I Learned Playing Prey to Windows (Mac) Scammers

This article is a little long but it is quite informative and entertaining. It's written for Windows but the information is relevant for Mac users. At Capitol Macintosh our customers are reporting/seeing these exact problems.

The following is an article By Fahmida Y. Rashid of INFOWORLD

Three months of phone calls prove Windows/Mac scammers are more skilled at social engineering than you think:

“I am calling you from Windows.”

So goes the opening line of the well-known phone scam, where a person calls purporting to be a help desk technician reaching out to resolve your computer problems. These Windows scammers feed off people’s concerns about data breaches and identity theft to trick them into installing malware onto their machines. The scam has been netting victims for years, despite the fact that none of what the callers say makes sense.

I recently received such a call and decided to play along, to see how the scam evolves and who the players might be. Over a period of three months, I received calls on average of four times a week, from various people, all intent on proving that my computer had been hacked and that they were calling to save the day. I had multiple opportunities to try a variety of conversational gambits and to ask questions of my own. Here is what I found out about the Windows scammer underworld via conversations with “Jake,” “Mary,” “Nancy,” “Greg,” “William,” and others.

The scam’s success hinges on being helpful

The callers are polite, and they sound very earnest, explaining in great detail how hackers can loot your bank accounts, steal your identity, and compromise passwords. They are intent on convincing you the threat is not only real but hackers are already in your system performing all manner of nefarious activities. Your computer has been slow, they say. Or they explain that they have detected suspicious activity emanating from your PC.
“Whenever there is any negative activity going on with your computer, right? We get notified from the license ID of your computer,” said “Nancy.”

The scammers don’t expect you to take it at their word; they are willing to show proof that your computer has been hacked. They instruct you to press the Windows key and R to bring up the Run box on your system, and to enter commands to open Windows Event Viewer. The caller notes how many errors are listed (most of which are harmless) and uses the list as proof the computer is compromised. "Jake" walked me through finding my unique computer ID using the command line.

“Rachel” sounded genuinely horrified when I told her how many errors were in Windows Event Viewer: “This is the worst I’ve ever seen!” I burst out laughing. Needless to say, she hung up immediately.

Once the victim has been convinced there is a problem, the hard part is done. Depending on the scam, the caller tries to talk you into installing remote software, such as TeamViewer or AMMYY, onto your computer, or they direct you to a website to download software that would supposedly fix the problems. The remote control software can be used by the attacker to steal data, download malware, and further compromise the system. To avail myself of their help, I would have to hand over my credit card number and pay anywhere from $49 to $500. I never got past this step, though.

It doesn’t matter who the victim is

Scammers get phone numbers from myriad places: marketing lists sold between telemarketers, the phone book, personal records of criminal forums from data breaches. Some scammers used my married name, which isn’t listed anywhere. Because our phone is listed in my husband’s name, scammers working off public phone records probably switched to Mrs. when I answered the phone instead.

Most of the time, scammers don’t bother with names. They start off with a polite, “Good afternoon, ma’am.” I infuriated “Greg” by claiming he must be talking about someone else’s computer as it couldn’t be my computer that was infected. When “Greg” retorted that he knew everything about me and rattled off my name and the city I lived in, it made me think he was working off a list obtained from a data breach dump. That scared me a bit, knowing that these callers could possibly know where I lived, so I ended that call in a hurry.

It doesn’t matter in the end because the scammers will talk to anyone. My child answered the phone once, and instead of asking to speak with an adult in the house like any proper (and scrupulous) telemarketer would, the caller went through the explanation of how the computer was infected and needed to be dealt with immediately. My child, wanting to be helpful, scrambled to follow the instructions. Luckily, my child stopped to ask me which computer to turn on, at which point I took away the phone.

Considering kids don’t often have a credit card for the final payoff, it’s perplexing what scammers hope to gain by proceeding with calls involving minors. When asked, “Jake” huffed a bit, then ignored the question.
That was an eye-opening moment, and we immediately had a family meeting to explain these calls and emphasizing that no one should be calling and asking us to do anything on the computer. We had the same conversation with the grandparents.

On another call, I tried convincing “William” that I didn’t have a credit card, at which point he suggested I borrow a card from someone else. The implication was that if I really wanted to stop the hackers, borrowing a card wasn’t a big deal.

They will stick to the script, no matter what

Callers stick to a script, rarely veering off what they are supposed to say, even to the point of repeating the same keywords over and over. Take the exchange I had with “Nancy.”

“What I am trying to say is when you bought your computer, a technician installed the operating system, you know that? The Windows operating system,” said “Nancy.” I noted there was no such thing as the Windows company because it was an operating system. “That’s what I am saying. I am calling from the Windows Service Center. Windows is the operating system you are using, right? And this is a service center for Windows. There are 700 service centers for Windows, you know that?”

"Nancy" claimed later in the call that my Windows license would be canceled if I didn’t fix the issues on my computer. “You have been provided with the license for the operating system of your computer. Right? If we find that someone is misusing the computer for any reason or there is something going wrong, what we do first is that we cancel the license of the computer, which means that you won’t be able to use this computer, all right?”

I argued back, “Why not?”

“You are using the Windows operating system,” she repeated patiently. I hoped I was annoying her at this point. “If we cancel the license of the Windows operating system from our end, then your operating system gets locked.”
Way to spook victims with the idea of ransomware, “Nancy.”

“Being a Windows user, I believe you know that all Windows computers are connected to the same Windows Global Router in Virginia,” “Nancy” said.

Even conspiracy theorists can’t make up this stuff. All Windows users connecting to a massive network that monitors all their activity? The sad thing is I can see how people wouldn’t know how preposterous the idea sounds.

When “Rachel” told me she was calling because the technician had detected malicious activity from hackers on my computer at 5 a.m., I told her she was mistaken as my computer was always off at night. She ignored me and proceeded to the next part of her spiel where she asked me to open up Windows Event Viewer.

After a while, even the most curious recipient will give up asking questions, since the answers don’t make sense. I told “Nancy” so. “At this point you are saying a lot of things that make no sense, because they are not logical, but OK, go on.”
I was startled that she continued regardless. “If you do not remove the hacking file from this computer, then unfortunately, we will have to cancel the license of your computer so that there is no misuse of your personal information.”
“Nancy” really wanted that payout. Why not? I was making her work for it.

Each team operates differently

The Windows scam doesn’t appear to be the work of a single group. Toward the end of the observation period, callers were exclusively women, some with strong Eastern European accents and others with strong Indian accents. Earlier calls, in contrast, had been exclusively from males with Indian accents, except for “Steve,” who sounded American. Possibly Pennsylvania or Maryland. Not the Northeast, the South, or the Midwest. Definitely not Texas.

I am almost certain that I spoke with “Jake” at least seven times, but he was “Mike” and “William” at least once during those calls. It would have been smart for “Jake” and his team to take notes when victims didn’t pay, so they could spare themselves the effort of repeatedly calling to try to hook me. It’s pretty clear these folks aren’t using CRM software to track interactions with their “customers.” This wasn’t a highly professional criminal organization.

Despite these hints of amateurism, they were still getting the handful of victims necessary each day to make the operation worthwhile.

A few times throughout my experience with my various Windows scammers the thought crossed my mind that the callers themselves may be unwitting dupes for the actual criminals. Perhaps, like call center workers in the movie "Outsourced," these folks know nothing about the “company” they work for and are simply doing their jobs following the script. Perhaps they themselves are convinced they are actually being helpful.

I told “Frank” I had a really poor connection and I kept hanging up the phone. But he called back each time and remained very polite and eager to help. The dropped calls had to be tremendously annoying for him, but he never broke character. Maybe it wasn’t an act for him, and he genuinely believed in his purpose, unaware that the script was a scam. I finally disconnected the phone for the day to get him to go away.

When I asked “Jake” why he scammed people, he got angry and denied it, but “Mary” tried to convince me I was mistaken. She didn’t break character and assured me she’d helped many people in the time she’d been working there. She made me hesitate, and I am still not sure if she was simply skillful, or if she was the victim in this situation, manipulated by a criminal syndicate.

“Mary” was also the only one who remained polite when I accused her of taking part in the scam. All the others issued threats before hanging up, although “Nancy” did say, “Thank you,” before disconnecting.

Ask a lot of questions

The devil is in the details, and the more you ask questions instead of swallowing whatever the callers say, the more likely you will uncover inconsistencies or problems. The moment you suspect a scam, hang up.

Many of the callers don't take into consideration that you may have multiple computers. When I asked “Mike” which computer he wanted me to turn on, at first he didn’t understand what I was asking. “I am talking about your Windows computer,” he said.

I explained I didn’t know which of my seven computers had problems. I half-expected him to tell me any would do, but he went through the pretense of looking at his logs and telling me to turn on the one that had been on at noon the day before. I wonder if he would have tried again later with my other computers, but I didn't let him stick around long enough to find out.

My questions must have rattled “Nancy” from “Windows Technical Services,” a bit, since she switched the company name a few times during the course of the call. From “Windows Technical Services,” she switched to “Windows Security Services,” “the Windows Company,” and “Windows Service Center.”

Later on in that call, “Nancy” made another goof. “All I am trying to say, to do, is to explain that your computer is getting hacked by foreign IP addresses, from Texas and from California.”

Yes, Texas was once an independent republic, but come on, “Nancy.” You can do better.

Do not engage the scammer

Never, ever share any personal information. Don’t provide your name. Don’t talk about anything specific to you -- the caller wants to gain your trust and will engage in small talk while waiting for the computer to execute the commands you typed. Don’t go to any website the scammer tells you to visit, don’t accept emails, and most of all, don’t download any software during the call.

A recent variation of the scam depends on victims making the initial phone call. While browsing online, the victim comes across a browser pop-up stating the computer is infected and to call technical support at the listed number for instructions on how to fix it. The message is frequently served up via a malicious advertisement. Don’t call the number. Instead, close the browser and move on. It’s easier to never, ever engage the scammer.

If there really is a problem, you won’t find out over the phone. Microsoft doesn’t have the phone numbers of every user who owns a Windows computer, and the company definitely doesn’t call individuals if something goes wrong. If a problem exists -- say, the ISP thinks your computer is infected and spreading malware to other computers -- the notification will not come via a phone call. More important, there is no such thing as a Windows Global Router monitoring your computer activity.

If you suspect a problem with your computer, go to Best Buy (for Windows) and Capitol Macintosh (for MacOS).

Once you realize it’s a scam, hang up. There is no benefit in stringing them along, and these callers can get very angry. I usually was shaking after each of these encounters and frequently had to go outside for a walk to calm down.

One of the many calls from “Jake” ended with him screaming, “You think this is a scam? I will show you! I will show you hackers have control, because I am going to be the one taking over in 48 hours. Watch out!” I was rattled enough to keep all computers (even the Linux and Mac systems) in the house off for three days after, just in case.

“Nancy” threatened legal action. “Listen, I am telling you one last time, whatever information you have in your computer save it, because in the next 24 hours, we are going to cancel the license of your computer. And we will send you a legalized document, all right? At your doorstep. At that time, you can have a talk with the lawyers.”
It’s been a few weeks. No lawyers yet, whew.

What if you fell for the scam?

If you installed software, uninstall the software and run a security scan to remove it. If you gave remote access, reboot the computer to force-end the session. Uninstall the software. If the scammer got a chance to look through your files, as part of the remote access session or through the downloaded software, then assume they have copied your files and may have access to your passwords. Change your passwords after running the security scan and verifying no keylogger was left behind.

At this point, it may be better to disconnect your computer from the Internet, back up the specific files you need (if they already weren’t backed up over fears of ransomware), and wipe the machine to start over. There is no point in risking that the malware has enough hooks into the system that the security software is unable to eradicate it completely.

If you paid the scammer, call the credit card company right away to report the incident and cancel the transaction. Cancel the card, too. If the attacker has the information, they can use it again later or sell the number to someone else.

U.S. victims should report the scam to the Federal Trade Commission and provide the name of the scammer, as well as the originating phone number of the call. I don’t have Caller ID, so I couldn’t track the number, and in several cases, when I tried to dial back to track the last incoming call, I got the message that the number was blocked. The sheer number of calls I fielded made me question the wisdom of maintaining a landline -- at least if the calls had been going to my cellphone, I could potentially block calls. Alternately, I couuld whitelist calls I recognized and ignore the rest.

They know which buttons to push

In the past, I’d dismissed these scammers as bumbling criminals preying on clueless and naive computer users, but after 60 or so conversations, I’ve revised my assessment: They're skillful social engineers. At one point, when I’d managed to irritate “Nancy” enough, she asked, “Do you know who you are talking to? Do you know I have the authorization to cancel the license key for your computer?”

I stopped for a half-second to remind myself that she couldn’t do that. It helped that at the time of the call I was working on a Mac, but I sympathize with the victims who don’t want to take the risk. These scams are effective because they’re utterly convincing to nontechnical users. Even someone who has been reading about the latest news and staying well-informed can be tricked because the callers are good at hinting at all the things that can happen. The people making these calls are polite and charming -- unless, like me, you’ve been annoying them for 15 minutes with questions. They are confident and sound like they know what they are doing, which is why they are successful.

“We are calling you to find out why your computer is downloading all this hacking software and who are the persons who are trying to get into your computer to steal your personal information. That is illegal. That is against [sic] cybercrime.”
That’s the only point I agreed with from those calls. What they are doing is illegal. If you get the call, hang up. Don’t engage, and we will eventually starve the scamming beast into ceasing operations.

Do You Have Malware?

The Malware/Adware “Manual”

If you have any of the following “programs” on your Mac then you have Malware and we have the solution:

Spigot is an adware company responsible for a number of different adware programs.

Crossrideris a very suspicious search engine, which has been accused for continuous redirects to unknown websites, altered search results, tracking of people's search sessions and similar problems that can't be ignored.

Genieo is still pulling many ofthe same tricks – changing the search engine to Bing, and installing all kinds of junk that runs in the background and modifies browser behavior.

iLivid takes over websites and automatically downloads unless you kill the browser window. It seems to like sites where you're expecting a download and exploits your expectation that you're getting the download you want.

This adware will redirect you to different pages and inject content, such as an odd set of navigation controls floating over the page, into pages in your web browser.

WalletBee is promoted as a useful tool that’s supposed to help people save time and money. However, security experts have already attributed it to an adware or potentially unwanted program, which may initiate various undesirable operations, such as redirects, ads, and other things. In addition, it may also record your browsing activities and collect various information.

Onesearch is a program that’s bundled with other free software downloaded off of the Internet. Once installed it will set the homepage and search engine for any installed browsers to without your permission.

JDI Backup
just read this:

Mac Keeper
MacKeeper provides questionable value to most users, can destabilize an otherwise stable Mac, and embeds itself so thoroughly into the operating system that removing it is an uncomfortable and weird process.

MegaBackup exemplifies misleading software that attempts to convince Mac users to purchase the license under false pretenses.

Advanced Mac Cleaner
Advanced Mac Cleaner floods the victim’s experience with annoying warning messages. It dupes the user into thinking that their machine has got numerous problems hindering normal performance.

Shoppy is an adware program, that displays pop-up ads and advertisements on web pages that you visit. These advertisements will be shown as boxes containing various coupons that are available, as underlined keywords, pop-up ads or advertising banners.

is some sort of cloud-storage service with a doubtful reputation. The OS X client is sometimes distributed along with the "SearchProtect" malware. Although ZipCloud may not be malicious itself, it should be deemed suspect by virtue of the company it keeps.

Please note the above is NOT a complete list - just a few of the bad guys we’ve come across. The list does continue to grow though and we will stay on top of it. How can you tell if you have any of these? Use Spotlight - that's the "magnifying glass" top right hand corner of your Mac - click on it and type in any of these bad guys name. If you get a hit on your computer than you have it.

Adware was unheard of on the Mac just a couple years ago. It’s now so prevalent that we install our CapMac Health Check, which detects Mal/Adware, on almost every computer that comes in for service.

Adware comes from bad download sites, however, the vast majority of adware seems to come from torrents, sites offering “free” video streaming, or pop ups (Flash Player). Why is the problem getting worse?

Obviously, the people behind all this are having success making money from it. Advertisers are spending lots of money to put ads on your computer screen, and often they don’t understand exactly who they’re doing business with or how their online advertising is going to work. Unethical hackers also frequently take advantage of advertising networks, using tricks to put ads in front of users’ eyes in such a way that they get paid for it. Worst of all are the advertisers who don’t care how they advertise, like the makers of certain junk Mac utility apps which are often promoted through adware.

What should I do in the meantime?

Avoiding adware is quite easy, if you’re careful about what you download.

  • Have us install our HealthCheck program
  • Never download anything from any third-party download site, because there may be an adware payload.
  • Avoid “impulse downloads” - don’t download some cool-sounding app without doing a little research first.
  • Only download apps directly from the developer’s site - do not click on the "Install Flash" pop-up!
  • Neverengage in software or media piracy.
  • Some torrents may be used for legitimate purposes, but I recommend avoiding torrents in general, since their primary use these days is piracy.
  • Don’t go to questionable video streaming sites – get your video fix only from legit sources, such as iTunes, Amazon, Netflix, Hulu or the websites of the various TV networks and movie studios.
  • Read the license agreement in any installer you run, and pay close attention to any mention of special offers. Even if there’s a check box to allow you to opt out of a special offer, quit the installer immediately and throw it away such check boxes are not always respected, and you may get the adware or other junk software installed regardless of what the check box says.

Installing anti-virus software won’t help as it doesn’t detect most adware, and if it does, it won’t be able to properly remove it. I’ve seen plenty of people who have gotten adware despite having anti-virus software installed, and I’ve also seen plenty of people whose anti-virus software completely failed to remove the adware. In fact, in at least one recent case, the anti-virus software screwed up the removal so badly that the Mac wasn’t able to start up any longer.


Say Goodbye to Malware!

Malware, malware, malware with every link you click the potential for trouble exists: Mackeeper, Shoopy, Advanced Mac cleaner, Megabackup, Zip Cloud …

None of these programs do you any good and in most cases get in the way of your Macs performance. How do they get on your computer? We don’t know the definitive answer - you may have asked to have Mackeeper installed under the impression that it does help. In most instances though they enter your world via some pop up from the Internet such as “Your Flash Player is out of date - click here to update now”. It looks real but you’ve no way to tell - so DON’T click on it.

Though these pests are good for our business they’re bad for you. To help combat this irritant we’ve rolled out CapMac Health Care. This is a piece of software we install on your computer that will alert us if you have Malware. At the same time we’ll install a program, Malwarebytes, that will clean up any nefarious programs that might have been installed. Cost to do this? The install is free, and only $5/month to have us alert you if there's an issue found. For business customers there’s a $20 monthly minimum for up to 4 computers and $5.00/month for each additional computer.

Our Health Care program also checks the following:

• Hard Drive Space
• Hard Drive Errors
• RAM issues
• Time Machine failures
• Missing Hardware
• Failing Batteries
• RAID issues
• and a whole lot more

To date, the software runs more than 75 checks on your Mac. Find out before it’s too late that your hard drive is failing, you need more RAM or you haven’t backed up to Time Machine in awhile.

I WANT IT! How do I get it? For individuals bring your computer in and we’ll install CapMac Health Care and Malwarebytes, it's a same day installation. For the business customer, give us a call or drop Dave an email, and we’ll schedule a time to install CapMac Health Care - your first 30 days are free, if you stay with the program we’ll bill you, at an annual rate after the free trial period.

Privacy & other fine print
• CapMac Health Care does NOT have access to personal information such as files stored on your computer’s hard drive(s).
• CapMac Health Careoperates 24/7/365 – alerts will be sent to Capitol Macintosh 24/7/365 but will only be acted upon during normal business hours.
• CapMac Health Careoffers no guarantees as to anticipation of or limiting liability of computer downtime. CapMac Health Care should be considered an extra tool in the IT toolbox to assist the client and Capitol Macintosh at providing improved, proactive service and response.

Another "not Apple" Scam

Watch out for the latest “not Apple” scam: “Your Apple ID was used to sign in to iCloud via a web browser”. Of course a link is provided to enter your Apple ID and password. I see “not Apple” scams several times every day as they try to phish access to my personal Apple account and our Apple business accounts. What clued me in on this one was that I hadn’t logged in to iCloud that day. Of course if I’d of read the body of the essage I would have noticed the “Windows” operating system. Further examination showed the message coming from “” The real address is "". Here's what it looked like:

Without much examination it looks to be legitimate. When clicking on the provided link you're taken to this site:

Again it looks good, but this is not an Apple site. As always be very circumspect on any link you click that are sent via email or that pop up in web browsers. If you do want what’s being purveyed, open your web browser and type the address you want to go to.

MacKeeper customers can file claims for refund

MacKeeper customers can file claims for refund from class action suit

Purchasers of MacKeeper are now able to file a claim to be reimbursed for the software, it has been revealed. Lawyers representing parties in a class action lawsuit against ZeoBit over the software have launched a site allowing customers to claim their share of a proposed $2 million settlement, with respondents potentially receiving the entire $40 cost in full, depending on how many of the 513,000 eligible customers successfully apply.

The proposed settlement involves ZeoBit, the original developer of the questionable toolkit, paying $2 million into a fund, but with the company not admitting fault. Out of that $2 million, Macworld reports one third will be going towards attorney fees, with the rest going towards the refunds and administration costs. As well as sending emails out to affected customers, settlement administrators Rust Consulting apparently plans to buy millions of ad impressions on Facebook and other platforms to try and get the word of the refund out to as many people as possible.

The suit itself was originally filed in May 2014, with ZeoBit accused of a "common deceptive scheme to trick consumers into purchasing and continuing to use its MacKeeper software, which ultimately fails to deliver the utility that ZeoBit promises." It was also alleged MacKeeper was "intentionally designed" to "ominously report that a user's Mac needs repair, and is at-risk due to harmful (but fabricated) errors." Current software owner Kromtech Alliance was not included in the suit, but it is possible it could be sued at a later date.

Customers who acquired the software before July 8 are eligible for the refund under the proposed settlement, and have until November 30 to apply. Interested parties can also file an objection to the settlement with the court by September 21, ahead of a final approval hearing on October 16.