A Warning About Browser Hijackers

This past week, I purchased software for my  laptop.  I elected to download the software instead of waiting for the program CD to be sent. But that wasn’t the problem. The problem was electing the option: Install Normal instead of Custom Install. Normally, you wouldn’t need to do a custom install. I never did and you, too, likely may not have customarily used Custom Install.

This is what happened and why I recommend you do Custom Install in the future.

My program installed nicely. WinZip Pro. It is a ‘reputable’ file compression program recommended by CNET. Should be fine, right? Well, the company decided to add some other things in the Normal Install.  I got a browser highjacker: My SearchDial Toolbar and start.mysearchdial.com.

“Hey! Where’s my homepage???”

I kept getting start.mysearchdial.com instead of the homepages I had set. I put start.mysearchdial.com into Google, and found out what it was and how to remove it. Thank you  blogger, Stelian Pilici for your June 1, 2013 blog post Remove Start.MySearchDial.com hijack (Removal Guide) on the blog Malware Tips Your Security Advisor. Mr. Pilici says:  “Start.MySearchDial.com is a browser hijacker, which is promoted via other downloads, and once installed it will add MySearchDial Toolbar, and change your browser homepage and search engine to Start.MySearchDial.com”

His instructions are straightforward and I quickly had it removed from both Internet Explorer and Chrome – it was attached into both browsers. The instructions are hyperlinked above for you.  Hopefully, companies like WinZip won’t continue this practice. And hopefully, CNET will post warnings about what is contained in the formerly innocuous, Normal Install. Do your friends, families, and colleagues a favor – pass the word.

 

Posted in Law Practice Management, Technology | Leave a comment

Rumpelstiltskin! What is the darn password again!

Believe it or not, the most common password is the word password. Before feeling smug about that unique password you created, think about how many sites where you have used it. Fess up; you are not alone. The aggravation of forgetting a password has led many people to use one password everywhere. The danger is that if a hacker comes upon your password and a list of your accounts, the hacker can try to enter these other accounts with the password already known. How could this happen? I will share my own experience about when my personal gmail account was hacked.

I must fess up: I used one password on all non-financial related sites. The Gmail Hacker got into my gmail account, looked around in my in box and pulled up my Facebook account email. How did I find out? The Gmail Hacker began getting emails sent to my gmail address. Discovering what had happened, I changed my gmail password to a unique strong password then tried to deal with Facebook. I contacted Facebook to report I had been hacked and wanted to insure that the Gmail Hacker would be shut down out of my Facebook account. I also changed my Facebook password to be another unique strong password. To my aggravation, I periodically get emails from Facebook addressed to the Gmail Hacker asking to return to Facebook. I delete these emails, uttering a curse upon Facebook for ignoring my report of being hacked by this person(s). My hacker did not go by the name Gmail Hacker but I do not want to add to his/her hacking ego by repeating it.

So lesson learned. Use a strong password, strong because it’s length and complexity render it difficult to breech. Many sites now have a password strength meter to check how strong this password choice is compared to safety guidelines. Current security standards show that a safe password should be a minimum 16 characters long made up of upper and lower case letters, numbers and symbols. Your safest course of action is to use a password generator otherwise human nature resorts to a pattern that a hacker could figure out. Randomness and unpredictability are qualities that will keep your password safe(r).

Jotting your list of passwords on a post it and and sticking it on your computer monitor is not a good practice at the office or even at home. There are a number of good password keeper programs or apps that are very helpful. Be sure to create a long, complex, random and unique password to access your password keeper. Google password keeper and you’ll see there are password keeper apps for iPhones, iPads, android devices, web-based, or downloadable to your laptop or desktop. Some you might want to check out include Password Keeper (www.password-keeper.net), KeePass Password Safe (www.keepass.info.com), RoboForm (www.roboform.com), LastPass (www.lastpass.com) and eWallet (www.illiumsoftware.com/eWallet/). Whichever password keeper you use, keep it safe with its own unique password.  Now get busy changing all those unsafe passwords!

Aside | Posted on by | Tagged , | Leave a comment

Where are your go to resources?

What is the best trust accounting software I should adopt for my firm?
When should I run a conflicts search?
How long I should keep closed client files – if my client has a copy already?
Where should I open my office to get more business?
Which networking events may be helpful to me as a new attorney?
Who can help me figure out what I need to do to open my own office?

These are all questions that get asked over and over by lawyers. The big question behind all of them is one: where are your go to resources? Today, I’d like to tell you about where you can find a variety of valuable of go to resources.

Ask a Practice Management Advisor
I work for the Oregon State Bar Professional Liability Fund as a practice management advisor. If you are an Oregon lawyer or member of an Oregon lawyer’s firm, then you know the PLF is the mandatory malpractice insurance carrier for the basic coverage required of Oregon lawyers in private practice. If you are not an Oregon attorney, you may have a practice management advisor associated with your state bar association. To see a list of practice management advisors in North American, see here ABA Law Practice Management Section Practice Management Advisors/State & Local Bar Outreach Committee. Call your practice management advisor! We are a resource to getting you the answers to your questions.

Practice Aids & Forms
What you may not realize is that the PLF has a huge variety of free practice aids and forms that can be downloaded from www.osbplf.org. See Loss Prevention on the menu and select the last item, practice aids and forms. Download all of them in Word or WordPerfect and you can customize them. You find a variety of checklists to help you to tackle various substantive practice areas – adoptions to workers’ compensation– plus topics that cut across all practice areas like conflicts of interest, calendaring and docketing, engagement, nonengagement, disengagement, file management, opening your law office, closing your law office, trust accounting, and technology. Lawyers are surprised by the number of practice aids and forms that are available.

Publications
You want to open your own law office? The PLF has free guides which you can download in PDF format from the PLF website, on the menu under Loss Prevention, select Books from the PLF: A Guide to Setting Up & Running Your Law Office, A Guide to Setting Up & Managing Your Lawyer Trust Account, Planning Ahead: A Guide to Protecting Your Clients’ Interests in the Event of Your Disability or Death, and Oregon Statutory Time Limitations Handbook.

Books from the OSB: BarBooks is a resource you simply must take advantage of because you are entitled to free access to excellent books specific to your desired practice area, such as the helpful five volume Advising Oregon Businesses. If you want to look at what publications the OSB offers, see the Legal Publications Catalog. Don’t overlook valuable publications that are associated with CLEs.

CLE Seminars
You want to learn about practicing in different areas?
CLEs from the PLF:You can find CLEs geared to avoiding malpractice traps in family law or how to set up a conflict system or handling your trust account or improving your understanding of financial considerations about managing your law office plus a great variety of other practice management at the PLF. See PLF website then on menu under Loss Prevention select CLE to review on-demand programs, access programs available on DVD of a CLE you might have missed and download the CLE’s handouts, or learn about an upcoming in-person CLE.

CLEs from the OSB:You can find CLEs specific to your desired practice area plus other CLEs – find out what CLEs are available in a variety of formats, QuickCalls, CLE On Demand learn about upcoming live seminars you can attend in person or by webinar by accessing the OSB CLE and Seminars catalog at OSBCLE.org.

CLEs from the Oregon Law Institute (OLI):You can find CLE offerings that fit your needs at OLI. Don’t overlook the OLI resources, whether in person seminars, webinars, MP3 courses, or review their product catalog.

American Bar Law Practice Management Section CLEs: The LPM Section offers CLEs produced by the American Law Institute (ALI). You do not have to be a member of the ABA LPM Section, though you may want to join. See information about the LPM CLEs here.

Posted in Billing, Business Planning, Client relations, eLawyering, Email, Ethics, Fraud & Embezzlement | 1 Comment