NEPA Geeks Blog

Phishing Scheme Poses as Facebook Security to Steal Passwords


We are urging Facebook users to be on the lookout for a phishing scheme that is looking to steal your passwords. NakedSecurity recently published a blog post stating that scammers are now using Facebook apps to dupe unsuspecting users out of their Facebook password.

The scheme involves sending users an email purporting to be from Facebook’s security team, telling them that their accounts have been found in violation of Facebook’s terms of service and asking them to click on a link to log in and verify their account to avoid suspension. If you get this message in an email, don’t click the link and DON’T enter your username and password!

To keep yourself safe, don’t reply to messages from ?ac?bóok S?cur?y or click on links in emails that ask for your passwords. No one from Facebook will ever ask for your password, and users should be wary of anyone posing as such.

Looks can be deceiving

Part of the scheme being used by the bad guys is a Facebook app designed to look like a legitimate Facebook security page.

facebook ?ac?bóok S?cur?y phishing scheme scam password steal

Fake Facebook security page, via NakedSecurity.

This is a screenshot of the Facebook app users will see when they click on the URL in the email. Notice that the name ?ac?bóok S?cur?y is a made-up jumble of characters that were arranged to look like they spell out the words “Facebook Security.”

The app has nothing to do with Facebook and isn’t from Facebook’s security team. Pay special attention to the URL in the screen shot below:

facebook phishing scheme security stolen password ?ac?bóok S?cur?y

This screenshot, provided by NakedSecurity, shows what users will see if they click on the link in the email. Notice the incorrect spelling of the word “suport” in the “account_suport_help” part of the URL. This obvious, glaring flaw might be easy to spot by people accustomed to seeing these kinds of scams, but they can look pretty convincing to many who are less “tech savvy.” Also be aware that this kind of scheme is very easy to replicate and may use any combination of addresses and designs to fool users into willfully handing their passwords over to criminals.


“Secure Message” Scam Targets Victims in Email Malware Attack

Secure Message Scam Targets Victims in Email Malware Attack

We all hate getting spam — unwanted junk email — in our email inboxes, but in this case, it’s not just unsolicited ads clogging your inbox, it’s a vicious virus attack.

secure message scam email trojan virus zbot troj/zbot dpm

An example of the secure message scam email, care of NakedSecurity.

A new twist on an old scam has victims of a malicious software attack download a computer virus through an email attachment disguised as a secure message from banks and other firms. Be wary of emails with a subject line that says something similar to “You have received a secure message,” and then attempt to get you to download ZIP files (such as to read the message. A trojan virus, known as Troj/Zbot-DPM, could be inside and used to get control of your computer.

Computer security site NakedSecurity wrote a blog post giving detailed information on the malware spam attack.

What is a Trojan Virus?

Remember the tale of the Trojan War, where the Greeks build a large, wooden horse and hid soldiers inside? The people of Troy, thinking the horse was a gift, brought it through their impenetrable gates. Once inside, when the people of Troy least expected it, the Greek soldiers unleashed their attack and gained a swift victory. That’s essentially what’s happening when you download this “secure message” ZIP file — you’re allowing a virus to infect your computer and give control of it to some unknown computer criminals.

What to do if you receive this secure message scam

First of all, don’t click on the link inside or open any attachments that come with it. Simply delete the email and you should be ok. Even if the message looks clear or is from a source you trust, it could be a spoof set up by the scammers. Unless you fully trust the source and can identify the contents, you should be extremely wary.

If you’ve already clicked on the link, downloaded the file and suspect you may be infected, it’s not too late to correct the problem. Just give us a call at 570.474.5100, and we can set up an appointment to do a full virus removal on your computer.

Patch update eliminates Java exploit infecting computers with FBI virus

Oracle Patch Eliminates Java Exploit Being Used to Install FBI Virus

Good news! Oracle has released a patch to update Java. This update will fix the vulnerability that was being used to install the Reveton Ransomware (aka FBI Virus) on unsuspecting users’ computers.

Simply follow the instructions on the Java installer page to get the latest version of Java installed on your computer.

If you have been infected, give us a call at 570.474.5100 to set up an appointment or bring your computer to us to have the virus removed. Click here for directions to our office in Mountain Top, PA.

Java Exploit Eliminated, Virus Remains At Large

On Sunday night, Naked Security published a blog post alerting everyone that the patch was now available. Once installed, the latest version does eliminate the current Java exploit. However, the virus is still out there and can infect computers that are not running the latest version of Java. There also still exists other ways to be infected by the virus.

We therefore recommend leaving Java disabled unless there is a specific need for it. Other vulnerabilities may still exist, and there is always the threat of new Java exploits in the future. Unfortunately, there is no way to make the web 100% safe. If you do need to keep Java enabled, make sure you trust the applets that you need to run and be wary of sites that load malicious applets without your knowledge.

The FBI Virus, Explained

FBI malware locks your computer, demands ransom to unlock it.

FBI malware locks your computer, demands ransom to unlock it.

In case you missed it, on Friday we published a blog post about a recent Java exploit that was installing the so-called FBI Virus on users’ computers and how to disable Java to avoid infection.

The FBI Virus locks users’ computers and displays a bogus message purporting to be from the FBI, stating that the computer was being used for illegal activity (pirated software, illegally downloaded movies and music, child pornography and hacking, for example) and the owner would need to pay a fine to restore their computer. In actuality, the message had nothing to do with the FBI and was, instead, from computer criminals demanding a ransom.

As was often the case, this ransom was more expensive than what we would normally charge to remove a virus and carried no guarantee that the computer would ever be unlocked. As such, we still recommend customers and clients bring their computers to us if they suspect they have been infected rather than paying the amount being demanded by the message. Again, the message is NOT from the FBI and carries no legal weight.

We’ll have more information as the situation develops, but at present, this most recent threat seems to be eliminated.

New Java exploit infects computers with FBI Virus

Java Exploit Infects Computers with FBI Virus

According to a blog post on Malware Bytes’ website, there’s a new Java exploit that is being used to infect computers with the infamous FBI virus. The suggested solution is to disable Java. We have links to instructions on how to disable Java listed below.

[UPDATE – 1/13/2013 – The latest version of Java eliminates the exploit being used to infect computers. We still recommend disabling Java, however, be sure to install the latest version of Java — Version 7, update 11 just in case you absolutely need Java on your computer. And if you have been infected, give us a call at 570.474.5100 to set up an appointment or bring your computer to us to have the virus removed. Click here for directions to our office in Mountain Top, PA.]

What is the FBI Virus?

FBI virus reveton ransomware malware locks your computer pay fbi fine unlock computer

FBI malware locks your computer, demands ransom to unlock it.

The Reveton Ransonmware, or The FBI Virus as it is more well-known, locks your computer and displays a message that says the FBI is aware that your computer has been used for some “illegal activities.” The virus then demands that you pay an outrageous fine or risk further prosecution. In truth, the message isn’t from the FBI; it’s a scam by computer criminals looking to extort money from any user who falls for the scheme and pays up to have their computer restored.

The FBI Virus has been spreading for quite a while, popping up on various tech news sites and security blogs. We first alerted users about the FBI Virus on this blog back in November, warning victims to NOT pay the fine and, instead, bring their computer in to be professionally cleaned. If you have been infected, we still stand by that original recommendation. However, if you haven’t yet been infected, we’re now suggesting that you disable Java to prevent the virus from infecting your computers.

How to disable Java

Java is a computer language used to make applications that run in your web browser. It requires a plug-in be installed in your web browser to run these applications. Naked Security, a computer security blog maintained by, lists several ways on how to disable the Java plug-in, depending on your preferred web browser.

Listed below are direct links to the instructions for each browser:

Pay the bad guys, or pay us to clean your computer?

Choosing to simply pay the ransom to unlock your computer might seem like a cheaper, more convenient way to get rid of the problem. However, you have no guarantee that the computer will be unlocked. Furthermore, your computer will still be infected. That’s why we suggest you bring it in to us at NEPA Geeks. We’ll make sure the virus is gone and that your data is intact. We charge much less than the amount being demanded and have tools that can help prevent future infections. You get your computer restored to fully-functioning condition AND the bad guys don’t get any of your hard-earned money. Doesn’t that sound like the smarter alternative? It is.

Remember: if you’ve been infected, DO NOT pay the fine being demanded by the virus. It is definitely NOT from the FBI. Further, if you haven’t been infected, we suggest that you disable Java using one of the techniques listed above. Let’s stay safe!

A warm welcome to our latest web hosting clients Antipode

A warm welcome to our latest web hosting clients, Antipode!

We love sharing news about new clients who have decided to make NEPA Geeks their web-hosting home. For example, the latest clients to settle-in and set up shop with NEPA Geeks are Antipode — a troupe of geek belly dancers from State College, PA.

antipode geek belly dance chrono trigger

From their site: Antipode is a geek belly dancing troupe hailing from State College, PA. Fusing the theatrics of acting with a mix of cosplay, pop-culture, and off- beat humor Antipode brings the audience not just dance, but full geek entertainment.

I first saw Antipode dance at the 2012 NEPA BlogCon. The troupe’s dance theme that day was “Internet Memes,” incorporating their dance routines with costumes, music and other props to recreate popular internet sensations that people couldn’t stop talking about and sharing on Facebook, Twitter and Tumblr. The audience was very happy to see them dance as we all took a break from learning about blogging to eat some lunch, relax and network with other bloggers and future bloggers.

Would you like to know more about Antipode? For more information about the troupe — including pictures and information on how to book them for an event — just visit their website at, proudly hosted by NEPA Geeks. Not only will you learn more about them, you’ll also find the answer to a great question: Just what is an “antipode,” anyway?

While you’re at it, take a look at the hosting packages we offer. Our variety of packages will easily fit within your budget. We also offer content and SEO services, just in case you need some extra “oomph” or “pizzazz” to get traffic to your site. Give us a call, today! You’ll be in good company with other satisfied clients, like Antipode!

NEPA Geeks PC repair business mentioned in the local news

NEPA Geeks PC repair business mentioned in the local news

It’s always great to hear good feedback on our little PC repair business up here in Mountain Top, but this recent article in the January 2nd edition of The Mountain Top Eagle blew us away!

I took a picture of the print article (as seen below) but you can read the whole thing on this blog post by Stephanie Grubert from The Mountain Top Eagle.

mountain top eagle news clipping nepa geeks pc repair

We just wanted to take this moment to thank Stephanie for her kind words. It was a pleasure working with her and helping to get her computers and iPad back in working order. We never expected to open the paper and see something like this!

As always, we look forward to each and every opportunity to help people out, whether they need a virus removed, a custom computer built or an iPhone screen replaced. We promise not to let this recent publicity go to our heads, so if you need help, feel free to give us a call. Although, no autographs, please.

Watch out for DNS Services Invoice Scam

Watch out for DNS Services Invoice Scam

Have you recently received an invoice from a company called DNS Services charging you for “DNS backup services?” Be warned, it’s not an invoice, it’s a solicitation from DNS Services.

A client recently sent us a copy of an “invoice” he received from DNS Services —, a DNS backup provider. Take a look at the picture below to see the actual letter they received:

domain name services scam letter dns services invoice scam

(click the image to see full-size)

On the surface, it looks like a bill, complete with a mailer to send in with a payment of $65. However, if you look closely (the block of text below the total in the account summary details box), you’ll notice that it’s actually “a solicitation for the order of goods or services, or both, and not a bill, invoice, or statement of account due. You are under no obligation to make any payments on account of this offer unless you accept this offer.

In other words, it’s not a bill; you owe nothing. DNS Services simply wants to charge you so they can provide a service that you are not yet receiving. Think of this more like an advertisement — albeit, one so cleverly disguised to look like a bill that unsuspected customers might feel compelled to pay it, and that’s the problem. Unsuspecting customers have been sending DNS Services money for a service they didn’t want or need. What’s worse, we’ve read first-hand reports from other sites warning about DNS Services that a lot of these folks are having trouble getting their money back.

But what about a DNS backup service? Is this a service you actually want or need? Probably not, especially when you consider that NEPA Geeks already provide a backup domain-name server for web sites hosted with us. In general, 2 domain name servers are all you normally need. A DNS is, basically, an internet-connected computer that resolves a web address (the WWW.COM) to the computer where your website is hosted. It’s very rare that these servers go down. Therefore, a backup service isn’t really needed.

In short, if you receive an “invoice” from DNS Services, throw it away. You owe them nothing. And would you really want to do business with a company that conducts themselves in this way? Probably not.

How to fix iPhone’s “Do Not Disturb” not turning off

iPhone’s Do Not Disturb not turning off?

Not getting notifications on your iPhone, iPad or iPod Touch today? Wondering what the little moon icon on your status bar means? Read on.

If you noticed that iPhone’s Do Not Disturb won’t turn off after January 1st, 2013, you aren’t alone. This morning, I noticed that the crescent moon “do not disturb” icon on my iPhone was still being displayed in the status bar at the top of screen despite being scheduled to turn itself off after 7 a.m. I didn’t think much of it until I learned that this is a bug that is affecting a lot of iPhone users.

For some reason, if you set the feature to turn on December 31, 2012, it doesn’t automatically switch itself off after January 1, 2013. Note that the built-in alarm in iOS still functions (as mine did, this morning) but you’ll be missing notifications, including those from other alarm apps that you might be using. Fortunately, it’s very easy to fix.

To fix the Do Not Disturb not turning off bug, just turn it off. Seriously. The Do Not Disturb function will resume functioning as normal, turning back on and off at the scheduled times. Easy, right? Well, just in case, here’s how to fix the iPhone’s Do Not Disturb bug.

Step 1: Tap the “Settings” icon on your iPhone.

Step 2: If the Do Not Disturb switch is set to On (as seen in the picture below,) simply tap the switch to turn it off.

iphone do not disturb bug won't turn off how to turn off do not disturb

Notice that the scheduled “switch on” time returns as seen in the next picture.

iphone do not disturb bug won't turn off how to turn off do not disturb

And that’s it! We’re following along just to see if there are any other problems waiting to pop up since the date change, but this seems to be the one affecting most users.

[Update] It seems that, while this does turn off the Do Not Disturb feature, it doesn’t completely fix the problem. You can still turn the feature off and on at will, but the automatic scheduler doesn’t work. The Do Not Disturb feature can only be switched on and off manually at this time.

Apple is aware of the problem but has issued a statement that the bug will not be fixed until January 7. So, it turns out that the fix isn’t as simple as we were hoping, but at least it can be routed around until Apple gets around to correcting in come Monday.

NEPA Geeks now accepts payment via Square Wallet. What is Square Wallet?

Paying invoices just got easier with Square Wallet

NEPA Geeks is proud to announce that we are now capable of accepting payments with Square Wallet.

square wallet logo icon squareup nepa geeks now accepting square wallet payments what is square wallet how to use square wallet

Square Wallet payments now accepted at NEPA Geeks

What is Square Wallet?

Square Wallet is an application that runs on your smartphone. It stores all of your credit card information and allows you to make transactions right from your phone whenever you’re at a store that accepts Square Wallet payments. It works on iPhone and Android smartphones. (Check here for Android availability.)

How to use Square Wallet

Using Square Wallet is simple and quick. It’s just like using a credit card, but there’s no need to remove your wallet or swipe the card through a reader. In fact, with “hands-free” payments activated, you don’t even have to remove your phone! Just say your name at the Square Wallet-enabled register and the clerk will know it’s you when your picture pops up on the screen. You get all of these benefits, and it’s still just as safe as paying by card!

More Options, More Benefits

When you use Square Wallet, you’ll be able to see all of the other businesses in the area that also use Square Wallet. Many will even be offering deals, rewards and discounts just for using it. For example, we offer 10% off your first purchase when using Square Wallet at NEPA Geeks.

You can use Square Wallet to send and receive gift cards, unlock special rewards and much more. It works on both iPhone and Android, so if you haven’t already done so, sign up today! And be sure to use it when you stop in to get 10% off your first purchase at NEPA Geeks.