Your identity has quite a lot of value, especially in the wrong hands. Security firm ZoneAlarm put together some numbers in 2011 concerning identity fraud, and it even shocked us. Let's talk about a few of these statistics and what it means.
Your identity has quite a lot of value, especially in the wrong hands. Security firm ZoneAlarm put together some numbers in 2011 concerning identity fraud, and it even shocked us. Let's talk about a few of these statistics and what it means.
Email is (and has been) a prime method of communication for businesses of all sizes. With email comes a whole slew of issues that are essentially synonymous with the technology; spam, information overload, phishing, and information privacy. Even Texas small businesses that only do business locally are at risk of these issues. Personal email accounts are equally at risk. Employing proper precautions and practices whenever communicating via email is very important to prevent the risk of security compromises, monetary loss, and even legality issues.
Cybercriminals have been relentless throughout 2017. In the past couple of months, hackers discovered new malware strains and software vulnerabilities that have overwhelmed thousands of businesses worldwide. But despite these new attacks, hackers still have an old, yet effective trick up their sleeves: phishing scams. To this day, sending fraudulent emails to steal sensitive information or spread a virus is still being used by the most advanced hackers. Luckily Google rolled out some new security features for Gmail users.
Machine learningGoogle is approaching email security the same way they’ve been developing their products, with machine learning technology. Phishing scams usually follow a predictable pattern when you analyze them. Knowing this, Gmail experts developed an algorithm that analyzes phishing and spam patterns and updates Google’s security database in real time.
When the same phishing attempt is made, Gmail flags potentially dangerous messages and sends them through Google’s Safe Browsing feature, where message links and file attachments are tested for malicious activity. According to Google, around 50 to 70 percent of emails that get sent to Gmail accounts are spam and phishing emails, but with the new detection algorithm, Gmail can block 99.9% of them.
Click-time warningsGoogle has also added precautions for suspicious links. When you accidentally click on an unsolicited link in a message, Gmail will redirect you to a security page titled: “Warning -- phishing (web forgery) suspected.”
Although Google does not completely block access to the link (in case of false positives), it advises you to be extremely careful if you do decide to proceed.
External reply warningsAnother enhancement focuses on securing reply messages. The Gmail feature warns users when they are about to send a reply to an address that is not in their contact list or company domain. This small improvement is designed to prevent users from giving away sensitive information to third-parties.
Every Gmail user can take advantage of these new security controls today, but it’s important to keep in mind that these can’t replace security awareness. Even Google has mentioned that these features are complements to existing security systems and best practices. Being able to identify what is or isn’t a scam can go a long way in protecting your business.
Google is adding machine learning technology in almost all of their products. To find out where they’ll apply it to next, get in touch with our experts and stay tuned for more Google-related posts.
When your employees seek your IT security staff’s help to fix their personal computer (PC) problems, it’s often perceived as a productive use of everyone’s time. After all, employees must have working computers and IT professionals are expected to resolve any technology issues. What doesn’t get acknowledged, however, is that instead of troubleshooting technical problems, your technology support staff could be spending their time on more productive tasks.
The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.
Profitable projects could also be set aside because of employees’ PC issues. For SMBs with one or two IT staff, this is especially detrimental to productivity and growth. They can easily increase their IT budgets, but if employees’ negligible computer issues keep occurring and systems keep crashing, hiring extra IT personnel won’t do much good.
Even if your small business has the resources to hire extra staff, the general shortage of cyber security skills also poses a problem. Ultimately, the solution shouldn’t always have to be increasing manpower, but rather maximizing existing resources.
Having experts proactively maintain your IT eliminates the need to solve recurring small issues and lets your staff find a better use for technology resources. If you need non-disruptive technology, call us today for advice.
Both businesses and individuals across dozens of countries are scrambling to fix their computer systems after a ransomware, named WannaCry, caused major disruptions earlier this month. Like most ransomware, WannaCry encrypts files and demands a Bitcoin payment for their release. What’s worse, more WannaCry variants will likely be developed in the near future, according to security researchers. Fortunately, there are some common strategies you can use to mitigate the damage of the ransomware.
Update your softwareThe first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.
Also, don’t forget to download the latest security patches for your business applications and security software.
Run security programsMany antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.
Keep in mind that antivirus isn’t a foolproof security solution. Instead, run it alongside other security applications like intrusion prevention systems and firewalls.
Use data backup and recovery toolsIf WannaCry does infect your computers, only a solid data backup and recovery solution can save your business. Before ransomware strikes, periodically back up your files in both an external hard drive and a cloud-based backup service.
External hard drives will serve as your local backup solution for quick recovery times. However, we recommend keeping the external drive disconnected when it’s not being used and plugging it in only when you need to back up files at the end of the day. This is because when ransomware infects a computer, it will usually look to encrypt local backup drives as well.
Cloud-based backups, on the other hand, allow you to store files in remote data centers and access them from any internet-enabled device. When selecting a cloud services provider, make sure they provide the appropriate cloud protections to your files. For example, your backup vendor should provide reporting tools to keep track of any anomalies in your files. Document versioning features are also important. This allows you to recover older versions of a document in case the current version is encrypted.
After your local and cloud backups are set up, perform regular tests to ensure your disaster recovery plan works.
Stay informedFinally, it’s important to stay on guard at all times. WannaCry is just one of many ransomware strains affecting businesses today, and in order to stay safe you need to be constantly up to date on the latest cybersecurity- and business continuity-related news.
For more ransomware prevention tips and services, call us today. We’ll make sure hackers don’t hold your business hostage.
Microsoft has commercially released new products and upgrades that will secure company information. The threat intelligence and data governance features are designed for businesses that adhere to strict regulatory guidelines and need an extra layer of protection against cyberattacks. Here’s a detailed look at what these additions can do for your business.
Threat IntelligenceThreat Intelligence for Office 365 gathers data from Microsoft security databases, Office clients, email, and other recorded security incidents to detect various cyberattacks. This feature gives users in-depth knowledge about prevalent malware strains and real-time breach information to analyze the severity of certain attacks.
What’s more, Threat Intelligence comes with customizable threat alert notifications and easy-to-use remediation options for dealing with suspicious content.
Advanced Threat Protection (ATP) upgradesIn addition to Threat Intelligence, Office 365’s ATP service now has a revamped reporting dashboard that displays security insights across a company. This includes a security summary of what types of malware and spam were sent to your organization, and which ones were blocked. According to Microsoft, these reports will help you assess the effectiveness of your current security infrastructure.
ATP also has a new capability called “Safe Links” which defends against potentially malicious links in emails and embedded in Excel, Word, and PowerPoint files. If suspicious links are discovered, the user will be redirected to a warning page to avoid an infection.
Advanced Data GovernanceThe newly released Advanced Data Governance feature is also a much needed enhancement for highly-regulated companies. It classifies files based on user interaction, age, and type, and recommends general data retention and deletion policy recommendations. If, for example, your business has retained credit card data for longer than necessary, Advanced Data Governance will alert you of the possible data governance risks.
Data loss prevention enhancementsLast but not least, the Office 365 Security & Compliance Center is also receiving data loss prevention upgrades. With it, you can easily access and customize app permissions and control device and content security policies. So if someone in your company attempts to leak sensitive customer information, Office 365 will notify your administrators immediately.
Although all these features are available only for Office 365 Enterprise E5 subscribers, security- and compliance-conscious companies definitely need these upgrades. Get the right Office 365 subscription by contacting us today.
Software developers and hackers are in a constant game of cat and mouse. When cybercriminals find new security bugs to exploit, tech companies have to quickly release a solution that secures those vulnerabilities. Just this month, Microsoft released a patch to eliminate a Word exploit designed to steal user information. If you’re an avid Microsoft Word user, here’s what you need to know about the bug.
The attackOn April 10, cybersecurity firm Proofpoint discovered scammers running email campaigns to trick people into clicking malware-ridden Word attachments. The fraudulent emails, simply titled “Scan Data,” included attached documents that were named “Scan,” followed by randomized digits.
Although the emails seem harmless, clicking on the documents triggers a download for Dridex malware, a Trojan virus designed to give hackers direct access to your banking information. From there, they can simply log in to your online account and make unauthorized transactions under your name.
In 2015, the distribution of Dridex allowed cybercriminals to steal approximately $25 million from European accounts. And if your business fell victim to this malware, there’s a possibility your company might not be able to recover from the loss.
The solutionFortunately, two days after the discovery of the bug, Microsoft released a security update to disable the dangerous documents, urging users to install the patch as soon as possible. But even though Dridex was inoculated relatively quickly, employees continue to be the biggest problem.
Like most malware attacks, Dridex was distributed via phishing campaigns that preyed on a victim’s trust and curiosity. Hackers added barely any text to the email, yet people were still fooled into clicking on dangerous links.
To make sure Dridex never reaches your company, you must provide comprehensive security awareness training. In your sessions, encourage employees to practice safe computing habits, which include being cautious of online links, setting strong passwords, and avoiding downloads from untrusted and unknown sources.
Much like updating your software, keeping your staff’s security knowledge up to date on the latest threats is also imperative. Ultimately, your goal is to have employees with a security-focused mindset when browsing the web.
Of course, if security training and cybersecurity solutions are not your company’s specialties, you can always rely on a trusted managed services provider like us to protect your business. We can update and secure your systems regularly, and make sure your staff are actively doing their part to reduce security risks. Contact us today!
There have been some truly horrifying cyber-security headlines popping up over the last month. If you’ve been reading about “fileless” malware attacking banks and other big-name institutions around the world, we’re here to set the record straight: Your business isn’t in direct danger. But even if you’re not, staying abreast of all the details is still worthwhile.
RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.
If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.
The Autofill feature fills a void in the web browsing habits of many. It eliminates the need to enter all your details when logging on your social media accounts or when checking out your basket after e-shopping. On Chrome and Safari browsers, however, danger lurks when you rely too much on autofill. Without knowing it, you may be exposing personal information to hackers who have found a way to steal your credit card info and shop at your expense.
This sinister trick is nothing new, but since there hasn’t been any countermeasure since it was first discovered, the threat it poses is worth emphasizing. Finnish whitehat hacker Viljami Kuosmanen recently brought to light how users of Chrome and Safari are particularly vulnerable, and he even came up with a demonstration of how this phishing technique is perpetrated. The technique is so sneaky, it’s enough to make one give up online shopping forever.
Using plugins and programs such as password managers is also fraught with the security risk, as having access to such a utility empowers cyberthieves to do more than just obtain your credit card info; it opens them up to a great amount of personal details.
Using Mozilla Firefox is one of the easiest available solutions. As of today, Mozilla hasn’t devised a mechanism that affords its users the same convenience that Chrome and Safari users enjoy with autofill. When filling web forms on Firefox, users still have to manually pre-fill each data field due to a lack of a multi-box autofill functionality – a blessing in disguise, given the potential for victimization in autofill-enabled browsers.
Another quick fix is disabling the autofill feature on your Chrome, Safari and Opera (for Apple mobile devices) browsers. This would mean that when filling out web forms, you'd have to manually type responses for every field again, but at least you'd be more secure.
It’s not exactly the most sophisticated form of online data and identity theft, but complacency can result in being victimized by cyber swindlers. Take the first step in ensuring your systems’ safety by getting in touch with our security experts today.
As 2017 rolls in, the threat of more formidable cyber attacks looms large. Hackers and the cyber police will spend a lot of time outsmarting each other, while consumers of technology, individuals and businesses alike, anticipate the best security plan that can guarantee they sleep soundly at night. When it comes to defending against cyber-attacks, forewarned is forearmed. Here are some of the threats we predict in the coming year.
Ransomworms, which use advanced victimization techniques to mine further data within an already compromised network, are expected to put an even crueler spin to an already formidable malware. Doxing, on the other hand, affects avenues such as social media and any place where sensitive, easily identifiable information can be extracted to serve the ultimate purpose of extorting money. Yet another wicked ransomware to watch out for is Backup Deletion, which destroys the very mechanism that can otherwise help you recover from a compromised system or files: your backup data.
Hackers are one of the most cunning criminals to have ever existed. While the cyber-police and the defenses they put up are no slouches, threats to security systems can still make technology-dependent individuals and businesses quiver. Although damaged networks can be repaired, compromised privacy restored, and stolen data returned, the amount of damage that hackers can cause might be irreparable and/or result in a significant dent in your IT infrastructure and budget. The value of a network security system makes itself known when you least expect it, which is why security should be a top priority.
Are your systems protected from these predicted remarkable feats of hacking? Call us if you want to discuss security services that are best for you.
Office 365 has given business owners access to online organizational programs and collaboration tools for years. In an effort to become more user-friendly, Microsoft recently added new features to Office 365, including two security upgrades and the addition of productivity tracking. Keep reading to find out more about Office 365's new Azure Information Protection, Enterprise Mobile Device Management and Productive Insight features.
Azure Information ProtectionUsing Office 365 protection technology, also known as Azure RMS, this feature allows business leaders to mark sensitive documents and control who has access to information in various documents. The protection travels with the data, whether it is online or provided through another device. Business owners can mark a document as internal and keep it from being sent outside the company. Drop-down menus also allow users to apply trackable data protection in order to identify potential leaks and gain insight into how a business is structured.
Enterprise Mobility + Security SuiteRe-branded from the Enterprise Mobility Suite, this feature adds more security potential to sensitive data while allowing business owners to manage apps on any device from one location. Users have more control over identity-driven access and also encrypts data to allow secure collaboration among employees.
Productivity InsightThis feature, an addition to Delve Analytics, tracks an employee's time management at the office. MyAnalytics for Outlook allows business owners or managers to see who has read, replied, and forwarded their email while also providing them with information on the the email sender. The feature also acts as a storage receptacle for shared files and contact information so they can be accessed quickly.
As Office 365 expands its services to include security and productivity features, companies using cloud-based servers have an advantage over old-school computer users. Not only do they have access to the technology to keep their data safe and accessible to employees, but they also have the management software to see where their efforts are paying off by way of productivity programs. If you need to know more about the new features of Office 365, give our professionals a call. We can answer your questions and help you get the most out of the new Security and Productivity Insight additions.
Cyber security is becoming more and more important in an increasingly digital age. While many people and businesses know how important their online security is, they may not know what types of online security are best, nor the differences between the most commonly available options. There are two security authentication measures that are quite similar in name and that are often used. These are known as two-factor authentication and two-step authentication. Read on to get to know some of the key differences so you can be sure you understand your cyber security better.
If you are seeking out a way to improve your business's cyber security, both for your business itself as well as for your customers, you are likely looking at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cyber security. And in current cyber security, many businesses use the terms two-step and two-factor authentication interchangeably.
There are, however, subtle differences between the two. A two-step authentication process requires a single-factor login (such as a memorized password or biometric reading) as well as another of the same type of login that is essentially sent to the user. For example, you may have a memorized password for your first step and then receive a one-time-use code on your cell phone as the second step.
Two-step authentication does function to add an extra step in the authentication process, making it more secure than a single-step authentication (i.e. just the password). However, if a person or business is hacked, it will do only a little to stop hackers from getting a hold of whatever they are looking for.
On the other hand, there is two-factor authentication (sometimes referred to as multi-factor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.
In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, you can be certain that you are using the right type of authentication in your business to keep your business and customer information as secure as possible.
Your network needs the best security technology has to offer. What type of authentication that results in is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.
Social engineering is the ability to manipulate people into willfully giving up their confidential information. The data varies, but in terms of cyber security this usually means passwords and bank information. Criminals are using social engineering to gain access to your business and its network by exploiting employees who often don’t have a clue about what is happening. Avoiding it is a matter of training, and we’re here to educate you on the subject.
As more and more of our information moves into the digital realm, criminals are turning to social engineering to trick people into trusting them with their delicate information. People often trust others too easily and make themselves the targets of easy attacks from criminals. These attacks may come in the form of messages, baiting scenarios, fake company responses, and many others.
Most often, messages are sent to users in the form of an email that might contain a link or something to download. Although they may look legitimate, these emails often contain viruses; once the link is opened or you attempt to download it, a virus latches onto your computer, giving its creator free access to your email account and personal information.
Emails such as these can also come with a compelling story about needing help, winning the lottery, or even paying taxes to the government. Under the veil of legitimacy, criminals will ask you to trust them with your account details so they can either reward you or help you avoid fines and punishments. What you actually get is a bad case of identity theft.
In another scenario, criminals will bait their targets with “confidential information regarding their account.” This may come in the form of fake company messages that appear to be responses to your claims, which are followed up by a request for login details. While victims believe they are slamming the door on a crime by providing their information, they’ve actually provided their attackers with the keys.
There are several ways people can avoid becoming victims of social engineering. First, always ensure that you delete all spam from your email, and thoroughly research sources before responding to claims from a company -- even if it seems like the one you normally use.
The same applies for links. Confirm the destination of any link before clicking on it. Sites like bit.ly are often used to shorten long and cumbersome links, but because users have grown accusomted to them they are often used to hide malacious misdirections.
Never give out sensitive information that includes your password, bank information, social security, or any other private details. No respectable financial institution will request this type of information through email or a site other than their own. If you’re unsure, navigate away from the page you’ve been sent to and visit the page you believe to be making the request. If the address doesn’t have the letter ‘s’ after ‘http,’ it’s likely a scam.
Last but not least, check that all your devices are protected by the most recent antivirus software. While the strength of social engineering lies in the fact that it’s people-driven rather than technology-driven, antivirus software can help detect and prevent requests from known cybercriminals.
Cyber security is essential to the success of any modern business. Don’t let yourself become victim to criminals who have mastered the art of social engineering. While we’re proud of our extensive experience as technology professionals, we also have more than enough expertise to keep your business safe from those who are using people-based exploits. Get in touch with us today for all your security concerns.
As with all technology, trendy phrases come and go with the passing of every IT conference and newly released virus. And when dealing with cybersecurity, keeping up with them all can mean the survival -- or demise -- of a business. If you’re looking for a list of the industry’s most relevant terms, you’ve come to the right place.
We aren’t just creating a glossary of cyber security terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out for yourself.
Sometimes technology solutions seem safer merely because they’re not widespread enough to be a lucrative target. Although increasingly popular, virtualization’s resilient protection protocols and low adoption rates tend to offset the cost vs. benefit considerations of creating an exploit. Or at least, that was the case. Late last month VMware announced an update to patch a gap that allowed attackers to compromise virtualized cloud infrastructures. We’ve compiled everything you need to know to protect yourself here.
Since its first software release in 2001, VMware has remained the leading provider of virtualization platforms, with most sources estimating double-digit leads in market share over the nearest competitor. By creating virtual environments stored on a network server or in a cloud environment, the company has given their clients the ability to create workstations, software, and even networks that can be utilized remotely. Fast forward to today, and VMware is working overtime to maintain its reputation by preempting software security vulnerabilities.
Obviously, when delivering any kind of specialized privileges over a network, adequate protection is of the utmost concern. In this case, two services for managing mobile clouds (vIDM and vRealize) were found to be vulnerable to exploits wherein users with minimal rights could cheat their way into full administrative privileges.
The security team at VMware elaborated that when executed in just one of the two services, this flaw would not be considered critical. However, when combined, it could pose an imminent threat to the security of your cloud infrastructure. To amend this oversight, ask your managed services provider or IT staff to update vIDM and vRealize to their most recent versions (2.7 and 7.1, respectively) as soon as possible. If this can’t be achieved in a realistic time frame, blocking port 40002 would act as a temporary workaround.
Sufficient security requires by-the-minute responses to the latest breaches and exploits. By partnering with us, you’ll never need to worry about checking in regarding patches or breaches you read about in the news. Instead, you’ll be hearing about them from us when we come around to install the updates. Choose the safe option -- contact us today with any of your virtualization needs or questions.
Skype for Business (as hinted in the name), is the corporate-oriented version of Skype. Besides the snazzy title, Skype for Business possesses unique office applications that will benefit your company. Yet, many business owners pose the same question: how important is it to adopt Skype for Business? Here are three reasons that might help you embrace Skype for Business a tiny bit easier.
In order for a cloud PBX system to work, it requires an IP connection or Internet phone for the necessary Internet connection. From there, you can access it through a personalized account from any Internet-enabled device capable of running the Cloud PBX’s interface. Your cloud PBX service provider is in charge of storing and managing all the data, meaning that your calls are connected to their recipients via the Internet. Your service provides “redundancy,” which backs up all your data in the event they were to get lost or corrupted because your computer crashed.
Knowing which tools to utilize is vital to help you get the upper hand. By utilizing what’s best for you and your business, you won’t have to search for success; it’ll come looking for you instead. For any questions regarding Skype for Business and its functions, feel free to give us a call or send us a message. We’re more than happy to help you any way we can.
WordPress is one of the most popular and reliable content management systems on the market, and for this reason it is also one of the most frequently targeted platform for hackers. Websites that are running older versions of WordPress are often vulnerable to security breaches and data leaks. Seeking to correct a number of bugs, WordPress recently updated to version 4.5.3, a release that doesn’t provide much additional functionality but is highly recommended by the WordPress security team. Here’s what you need to know about their latest security update.
Before you perform the update, however, we highly advise you to make a backup of your website. This is so that you can quickly restore your site in the event that something goes wrong. Once you have your backup ready, you can go ahead and update your site with the push of a button. Alternatively you can download WordPress 4.5.3 here and install it via File Transfer Protocol (FTP).
It’s important to update to the newest versions of WordPress to ensure that you have access to all of its functionalities and to keep your data and website visitors safe from potential security threats. Google will also demote websites that are running old versions of WordPress in its search results pages - all the more reason why you should regularly check for WordPress updates. If you have any questions about WordPress security, feel free to get in touch with our experts today.
Many users feel safe behind their monitors and why shouldn’t they? With the myriad of IT security measures available out there, it's easy to make any device feel like Fort Knox. What many people underestimate though, is the tenacity and relentless determination which cyber criminals have when searching for the tiniest loophole they can find in our security protocols. The recent Cerber ransomware attack on Microsoft 365 users is the latest incident.
Steven Toole, a researcher for the cloud-security firm Avanan, detailed that his company experienced the first attack at 6:44 a.m. on June 22nd. Another interesting fact is that at least 57 percent of all Microsoft Office 365 customers on Avanan’s platform received at least one phishing attempt that contained the infected attachment. While Avanan did extrapolate the number of Office 365 users involved, the exact number has yet to be revealed.
This is particularly interesting since according to Microsoft’s first quarter reports in 2016, there are over 18.2 million Office 365 subscribers worldwide. On top of the global scale in which the attacks took place, it took Microsoft over 24 hours for the attack to be detected and for any attempts to block the attachment to be made.
Microsoft’s side of the story shares many similarities with slight differences on the detection and actions made about the ransomware attack. In an email to SCMagazine.com, the spokesperson wrote:
"Office 365 malware protection identified the attack and was updated to block it within hours of its origination on June 22. Our investigations have found that this attack is not specific to Office 365 and only a small percentage of Office 365 customers were targeted, all of which have been protected."
The point is Office 365 was compromised, regardless of how quickly it was detected - many people were asked for a ransom and were told that their files have already been encrypted. Still wanting to come across as polite, the ransom came with an audio recording that detailed what the attack was and what measures must be taken in order to regain access to the files. The unknown attacker asked for a ransom of 1.4 bitcoins or an equivalent of $500 in exchange for the decryption key.
Toole noted that “This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year," He also added that "As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.”
This proves that cyber criminals go to great lengths to not only use their tools but to improve on them and eliminate flaws. So no matter how many firewalls, passwords or fire-breathing dragons you have to guard your servers and networks, without the right network security measures in place, chances are they’ll manage to find a way to overcome the hurdles and wreak whatever havoc they can.
Network security isn’t something to be taken lightly, if you are unsure about how safe or how capable your systems are in fending off cyber threats - get in touch with us. Our experienced and friendly staff will help you with any ransomware or security-related issue you have.
The NBA Finals may now be over but for one team, the losses keep coming. Yahoo! Sports reported that the Milwaukee Bucks fell victim to a spoofed email scam last month. Names, addresses, Social Security numbers, compensation information and dates of birth of the players were unknowingly sent to a hacker and created a massive security issue for the team. And just because your employees don’t make millions of dollars doesn’t mean hackers won't target your company. Here are four ways to protect yourself from spoofed emails.
Education is keyThere are countless cliches out there promoting the importance of education, but when it comes to cyber security, you might as well embrace them all. In the case of spoofed emails, you need to make sure your employees know what these are and how they can harm your company. They can come in several forms and look to attack your organization in a number of different ways. A good defense starts with trained employees using best security practices when it comes to emails. Knowledge isn’t just the key to success, it’s the building block of a comprehensive email security plan.
Check the senderThe easiest way to determine a real email from a spoofed one is to view who is sending it. While your basic junk mail folder will screen the really lazy attempts at spoofing, you and your employees can’t rely on it to weed out everything. A lot of cybercriminals have gotten skilled at mimicking the look and feel of companies through professional looking graphics and signatures. For starters, you are going to want to ignore email display names as these can be deceptive. The domain name provides the best clues as to who the sender really is. For instance, if an email requesting your company’s financial documents claims to be from the IRS but the domain reads IRSgov.com, it’s a spoof email since that domain is not what the IRS uses. If you ever spot an email containing a domain you consider to be suspicious, delete it immediately. If it is from a legitimate sender, they will send you a follow up email in a couple of days.
Embrace DMARCDomain-based Message Authentication, Reporting and Conformance (DMARC) can help reduce the risk of spoofed emails being sent internally. For businesses that do not set this up, it is possible for someone to spoof an email account that looks like it is from your business or a current employee and send it from a different server. As we saw in the case with the Bucks, these can appear legitimate to employees who will then in turn do what is requested such as turn off security settings or handover sensitive data. With DMARC in place you can prevent spoofed emails from utilizing your domains by requiring any email sent by your domain to come from your server. This greatly reduces the risk of an internal spoofed email showing up in the inbox of your employees.
Utilize email protectionsA lot of companies believe they can get by with the simple protections that come standard with an email client. However, doing the bare minimum is rarely enough to stop spoofed emails, not to mention all of the other threats lurking in your inbox, and high-powered email and spam protection will give your organization the added layer of security it needs. Much like elite-level basketball players need the best coaching and equipment to succeed, the only way to truly reduce the risk of falling victim of a spoofed email is to educate your staff properly and then equip them with email filtering. This ensures they aren’t wasting their time constantly trying to identify legitimate emails from fake ones but are prepared when the situation presents itself.
When it comes to email security, working with us is a slam dunk. We may not have the skills of Steph Curry on the basketball court but when in the realm of IT, competitors say they want to be like us. Give us a call today to find out more.
Although some may have hoped that the threat of ransomware was on the decline, the reality is that it’s quite the opposite. Until now, attacks seemed to be targeted directly at its victims, but Microsoft warns that may no longer be true. With their discovery of self-propagating ransomware it’s vital to fully understand the possible risk of infection.
Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”
And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.
Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.
Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.
When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types -- inferring that creators of the malware were continuing to develop its source code.
It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection -- then it increases to five Bitcoins (2,700 USD).
Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.
Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock.
6310 Southwest Blvd
Suite 110
Fort Worth, Texas 76109
Fort Worth:
Phone: (817) 595-0111
Dallas:
Phone: (972) 528-0142
Hours:
8:00 a.m. - 5:00 p.m.
Monday - Friday