The trouble with email

What's a guy to do about his computer viruses and spamBarely into 2013 and already dealing with a larger than usual wave of viruses and spam concerns. The two seem to go hand in hand.  Seems each time a new wave of viruses and viral email botnets come out, then for days and even weeks after we are inundated with fresh floods of spam and viral emails. We are always striving to keep our anti-virus and anti-spam up to date but it is a never ending, ever evolving cat and mouse game.

What’s a person to do, especially when you are not sure what to do or do not understand computers and how they communicate over email and the internet?

  • Find someone techie who knows this stuff and pay them help every time there is a problem with your email and computer?
  • Pay more on a monthly recurring basis for a fully managed solution with support staff proactively taking care of all of this for you?
  • Ditch email and computers and return to verbal communication and smoke signals. Nobody can infect those right? 

Ok kidding aside. the best scenario is one that works within your budget is realistic for the size and type of business you operate.  You want to partner with vendors who know their stuff, not just slightly better than you, but fully and completely understand what is important and how to best manage and protect you and your computer data. You want Computer IT and software vendors to have your best interests in mind and treat you with respect. They should strive to educate you instead of telling you what to do and how much more money you need to spend. If you feel your current ‘experts’ cannot seem to solve issues without throwing more and more money at it then read this. The trouble with experts.

OK, back to the main point. It pays to know a bit about the inner workings of your email, even just enough to understand where Spam email comes from, and how to differentiate between all the terms like malware, viruses, Trojans, worms, bots, and spyware. If you have no idea then you may want to read this Cisco article.

Computer Viruses spread much like the living organism jumping from computer to computer by any means possible. Computer viruses generally behave in predictable patterns or behaviors which allow anti-virus programs to detect or prevent them from infecting your computer. New viruses emerge constantly so the protection against them needs to remain current to protect you.

Prevention is the best cure. Avoid hanging out where viruses like to live.  Even so we all can stumble into the wrong website on a search or mis-typed address. If so just close and get out quickly and remain alert to see if anything pops up or funny stuff starts happening. If you have a funny feeling that something untoward happened by visiting a site, say if your screen flickers or computer freezes for a few seconds or you cannot close a popup, you need to immediately stop what you are doing, close all your programs and do a  full scan of your computer to see if anything got in. Don’t restart the computer until after you scan it.

Beware the Root Kit Virus! If a virus already got in and the computer has been restarted there is the risk of a root kit virus installing itself.  As it implies, a root virus puts itself at the very root of your computer, loading itself when you turn on the power, before windows or any systems load up.  Logging into windows and trying to find and remove this virus is not possible because the virus is buried far deeper than your windows operating system. At this point your computer is hi-jacked until you get professional help to clean it.  In extreme cases the best course of action is to completely wipe the computer clean and re-install everything from scratch to truly remove all traces of the root virus.

Phishing and spam !!! The term Phishing is a common way that malware and viruses trick people into getting infected. The classic example is you are surfing the web when suddenly a popup says your computer is infected and you MUST click on the message to fix it now. You follow the steps to supposedly fix the concern only to find out the message you clicked on and followed ‘WAS’ the virus.

Email Phishing is especially prevalent. PayPal, online banking, Facebook, Linked In, Twitter, CBC or ABC, your Aunt Ruth’s secret recipe, whatever.  Whatever it may be that you are interested in, there is a phishing email circulating out there asking you to click a link to go check it out or open the attached file to verify your receipt or share some picture, whatever the malware of the week is. DON’T DO IT until you verify the email is legit. Phishing links take you to websites designed to install malware on your computer. Attached files contain malware or may install a Trojan or backdoor or password grabber or a root kit onto your computer.

Managing your email safely is also about behavior and how you do not get tricked into opening things with viruses and malware. Remember if it is too good to be true it is. If you were not expecting an email then you probably do not want it or need it. Most important. DO NOT BE IN A RUSH. When we are in a hurry we do not pay close attention and things happen without us realizing.

We live in a busy world trying to do more in less time but if we fail to temper how we work on our computers eventually we pay the price when things go wrong.

Viruses and email go hand in hand. When you get a virus more often than not the first thing it does is install an email gateway and starts to send masses of emails out to spread itself to new computers. Your computer is sick and sneezing its germ emails all over the internet. You will not see the emails popping up on your screen nor will they show in your outbox of your email program.  It all happens behind the scenes. It is usually only when your actual email stops working that you start to suspect you have a problem.  You may get bounce messages or alerts saying your email cannot be sent due to bad reputation, or worse, people you know contact you to say they are getting virus emails from you.  By this point the damage is done and it may take a few days after your computer is fixed before things get back to normal with your real email.

If your computer remains infected long enough then you can become blocked by the company that provides your internet or email, or you may be added to a blacklist which will alert people not to accept email from your location.  Even after you fix the virus and any blacklisting is removed you most often will see a large spike in spam and viral related emails being sent to you. Those are the result of the virus reaching out to other computers with your email or computer location in its radar.

If you get infected you better change your passwords to anything you use on that computer. A virus first focus after taking over a computer is infecting other computers and spreading itself but underneath that the virus has a deeper motive such as stealing passwords and login details which are collected and stored somewhere else for someone controlling the virus to later compile and use for fraudulent means.  Some viruses are able to directly locate and steal passwords from unpatched or unsecure programs and in other cases they in stall key loggers that capture everything you type in the hopes it will also trap any interesting login details as you use your computer.  Changing your passwords after a virus infection is safe practice that even if something got out, it will be useless if someone tries to use it against you in future.

Can a virus on my computer really take down my website?  Yes it can and by several means. One way is you get a virus that captures your login details to your website, either wordpress or Drupal or other login, or worse, the FTP login to load files direct to your website. In these cases the viral process can login and upload a copy of itself into your website pages thus potentially spreading itself out to your website visitors. Changing your website access and passwords is the only way to prevent this but if you do not eliminate the virus, it will continue to reset and recode itself into your website. The other more insidious way a virus can take down your website  is via a BotNet.

What is a BotNet and why should you care? Viruses often are linked to malicious BotNets. Bot as in robot which in this case is a compromised computer that is under the ‘remote’ control of a malicious program/Trojan, and Net as in network of computers linked together for a focused purpose or task. A BotNet usually targets a specific company or website or  email service either to hack in and gather confidential data, or merely flood those sites with so much activity that they fail to function, otherwise known as a directed denial of service (DDOS) attack.  When that happens people get an error message trying to view your website.

The sequence of events can be like below (Picture above and list below credit to Wikipedia http://en.wikipedia.org/wiki/Botnet)

  • A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a malicious application—the bot.
  • The bot on the infected PC logs into a particular server where the botnet operator connects.
  • A 3rd party (spammer or rogue organization or individual) purchases the services of the botnet from the operator.
  • The 3rd party provides the spam message, or the address of a server or website to attack, to the bot Operator who instructs the compromised machines via the control panel on the web server, causing them to follow his instructions. The emails will start to flow or website will fall under attack.

It is this controlled behavior where the actions can happen days or even weeks, months, anytime after a computer is infected. Some cleverly programmed Root kit Trojans can hide very deeply and  the computer will seem to operate normally and nothing will show or alert you as being amiss … BUT the BOT can be in hiding waiting to execute commands at some future date and time. It is this reason that sometimes viral activity shows up when you least expect it. How could my computer get a virus when I was on vacation and not using it for 2 weeks? Answer: It was infected before you went on vacation !!!

In conclusion:

  • Stay safe and alert
  • Change your passwords periodically
  • Always change passwords after a virus infection.
  • Viruses have many consequences and lasting effects
  • Viruses can impact your website
  • Viruses create Spam
  • Trojans can lay in hiding waiting for the right opportunity to do their damage.
  • Viruses cost business and our economy billions every year.
    (http://www.investopedia.com/financial-edge/0512/10-of-the-most-costly-computer-viruses-of-all-time.aspx)
  • Individual businesses often are faced with costs averaging several hundred dollars per infected computer to fix, not including the cost of lost productivity or negative PR if the virus breaches or permanently damages confidential data.

If you as a business owner become infected you will need to call an expert to ensure your data is safe and help you ride out the storm . That ride may take days but the storm will end soon if you put the effort in to remediate the problem quickly and completely. There is no half fixing a viral infection. It has to be 100%.

All the best – Brad

 

The Trouble with Experts – How do you know you are dealing with the right consultant

ExPeRt

Expert Consulting Services?

I watched an intriguing documentary the other night titled “The Trouble With Experts” that painted a rather contrary image of our society’s obsession with experts and the consulting industry. They examined the trend to make our business focus razor thin and go out and find experts, coaches, and niche specialists for the rest. We are trained, motivated, and advised to position ourselves as experts at what we do and to set ourselves apart from the pack by every means available to us.

The documentary went on to explain the growth of jargon and rhetoric as tools to influence and reinforce one’s expertise. They pointed out the explosive growth of coaching and business development courses teaching people how to talk-the-talk, walk-the-walk, how to dress for success, and how to communicate with influence to get what we want.  Nothing new, but certainly with Internet and modern media we have more opportunities to see and learn from others than any other time in the history of civilization.

So you are a business owner. You work hard, you have a valuable product or service, years of experience and training, and you really care about the work you do. You want to be competitive but the marketplace is constantly growing and changing. How do you keep up? There are many ‘coaching’ and ‘marketing’ systems out there to better run and grow your business. There are Human Resource kits and packages to help you hire and retain and manage your staff. There are endless computer programs to organize, file, account, and report on your every business move.  With every system, every package, or program, there are experts that are ready to save you time and effort by guiding you down the path to success.

Who do you choose if everyone is positioned as the ‘expert’ and all have claims of greatness and being better than the rest? You check websites and they all have glowing testimonials and systems and formulas to calculate their effectiveness far and above the next person. Their brochures are colorful and well designed and insightful.  Their sales reps are well versed and approachable and claim to know so much more than you do about the latest tools and technology and business strategies. They can’t all be right. Who do you trust? Who is the best fit for your business and for you?

Choosing the right business expert

Here are  a few observations to put this expert obsession in perspective.  I am merely observing and sharing my insights and experiences.

1. Real experts are not perfect. We are all human and to err is human.  If someone tells you they do not make mistakes or they offer 100% solutions with narrow perspective or one way point of view you are not working with the right person. Someone who is successful at learning from mistakes and turning failure into a win situation is better positioned to deal with the unexpected that comes up in the future. Someone who does not want to talk about exceptions or possibilities is closing the door on opportunities and leaving you vulnerable to the unexpected.

2. Real experts understand the need for flexibility. One size does NOT fit all and the application of a solution will vary from business to business. If the consultant only offers one way or the highway it may be best to show them the directions to that highway and right out the door.

3. Real Experts are genuine and forward thinking.  They start with the end in mind with a clear goal and a clear roadmap how you will get to that goal. They pull fom their years of experience in similar situations to offer you options. If they cannot clearly explain the plan or they have no plan then you have to question their ability to be of genuine help.

4. Real experts do not hide behind jargon and rhetoric. One expert tells you 2+4 =5 and the other says 2+4=7 so who do you believe? It makes little sense to review competing offers and select one if none of them make sense to you or none of them are valid for your business. If you do not understand or see the vision of what is being offered to you then you need to move on and continue the search.

5. A real expert can solve the problem faster and better than you or your staff trying to do it yourself. After all, that is why you called on them right? They are trained and experienced in that ‘stuff’ and know it off the back of their hand and do it in their sleep and without batting an eyelash.

6. A real expert understands the cost/benefit model and should have your best interests in mind. When the cost outweighs the benefit they should advise accordingly before proceeding. Why agree to pay someone $3000 to fix something that only costs you $250 a year to leave as is and has no other negative impact on your clients or your business.

Gather feedback before you offer advice

Listen, listen, listen

7. Real experts want to learn about you before they can offer solutions for you.

An expert who offers you a solution before understanding the problem is just in it for the money. If you have a consultant that only wants to talk about dollars and how much you have to spend today, or says the more you spend the more you will be successful, you should back away quickly. You need to establish a working trust relationship with someone before the financial gates open wide.

PS – Also just because someone you trust refers someone they trust to you and has high praises for them does not give you licence to throw caution to the wind. Always pursue due diligence in qualifying your ‘expert’ on your own terms.  While a qualified referral is far better than a cold referral …
remember trust is earned, not assumed.

 

Salut – Brad

Why can’t we have knowledge AND communication skills?

I continue to encounter situations where persons in a technical field, computer service, software development,  or website customer service, have demonstrated complete lack of communication skills, and even arrogant and rude behaviour.  Often the person is technically inclined and very knowledgeable on the topic at hand but things are lost in translation when they open their mouth.

My problem? I take it for granted that people who work in the IT and software industry also treat their job same as someone working front line in a customer service industry. We all need to communicate with people and provide quality customer service, especially in IT and software services. Is that unrealistic of me to believe? I’ll try not to date myself here but several decades ago programming and IT tech was the domain of the computer guru and the knowledge was exclusive and limited to the special few. There was an assumed truth that techie people were … well … difficult… and that is just the way it was. They simply knew it all and we knew nothing.

I recall the Friday before Easter long weekend in 1996 when a service technician blew up the server that was running my store POS system. A minute before the mishap I calmly asked the technician, who had the case open on the server and was about to poke in there with a long metal screwdriver … “Just a comment. Does that need to be unplugged from the wall before you do that?”  A simple and honest question that got the reply … “Look. You don’t worry about my job and continue doing what you are doing there OK?”   Not what I would have said and when I heard the pop and saw the flash that signalled the permanent death of my POS server he calmly said. “Well the mainboard is toast and I’ll have to order another one in which should be 2 weeks.” and he proceeded to pack up his stuff to leave. I argued that it was he who killed the mainboard and that server was needed to run my store over the busy long weekend and what was HE going to do about it?  He said to call his head office and they take care of the details and ran out. He assumed I was stupid but hey, he was getting paid $200/hr to do this so maybe I was the stupid one. At least I know when to admit I made a mistake and know how to listen to people and make a point of empathizing with and understand what people express to me. I know the customer is the one you serve.

Here we are today, decades after Windows and Apple were introduced,  and where DOS is a black screen that only techie people remember. We are well embedded and engrossed in the mobile marketplace and we are an active, social, linked in, tweeting, app hungry, facebooking, YouTube, touch media saavy, Googling bunch.  There is a little techie in all of us but that the old stereotype of a computer technician or programmer still persists in the industry.

I cannot complain as I get quite a bit of new business clients who previosly were at a loss trying to work with their previous IT technician or website or software consultant. On  the flip side it pisses me off because I am an IT technician and a programmer for almost 25 years and I am faced with dispelling the stereotype and confusion and mis-trust that still surrounds my industry. I meet many gifted IT techs and programmers, even offering to mentor and help some with their business and skills. It confounds me that some do not want to me mentored nor want to concede to the concept that someone else may have a different idea.  Probably the most frustrating thing is lack of self awareness and lack of acceptance of responsibility for their actions. They have knowledge but no communication or interpersonal skills.

There are excellent, knowledgeable technicians and programmers out there who also possess excellent interpersonal skills and are customer service focused but it seems they are still the exception than the rule. I am pleased to see organizations like ToastMasters and BNI and even the local colleges focusing on helping technical trades (everyone) to become better at listening and to communicate more effectively. The issue is not limited to technical trades and is not a generational thing.

Take note! If you want to do business with me please take the time to understand my needs and my business needs and I assure you I will do the same for you. If you want to work with me be up front and honest and clear. B.S. smells from a great distance and there is no such thing as a white lie or false truth. Be mentorable (that should be a real word) and open to ideas but at the same time have a strong opinion. I hate ‘yes’ people as much as people who refuse to try new things and learn from others.  

I am blessed to be working currently with a great team of staff at HOSS Solutions. Everyone works very hard for our customers and they believe in the importance in serving our clients first and learning from any misgivings. We are all here to help our clients succeed and grow because only when our clients succeed do we succeed.

Cheers  – Brad