HTML files remain one of the most popular attachments used in phishing attacks for the first four months of 2022, showing that the technique remains effective against antispam engines and works well on the victims themselves.

HTML (HyperText Markup Language) is a language that defines the meaning and structure of web content. HTML files are interactive content documents designed specifically for digital viewing within web browsers.

In phishing emails, HTML files are commonly used to redirect users to malicious sites, download files, or to even display phishing forms locally within the browser.

As HTML is not malicious, attachments tend not to be detected by email security products, thus doing a good landing in recipients’ inboxes.

Statistical data from Kaspersky indicates that the trend of using HTML attachments in malicious emails is still going strong, as the security company detected 2 million emails of this kind targeting its customers in the first four months of the year.

The numbers culminated in March 2022, when Kaspersky’s telemetry data counted 851,000 detections, while a drop to 387,000 in April could be just a momentary shift.

How HTML evades detection

The phishing forms, redirection mechanisms, and data-stealing elements in HTML attachments are typically implemented using various methods, ranging from simple redirects to obfuscating JavaScript to hide phishing forms.

Attachments are base64 encoded when present in email messages, allowing secure email gateways and antivirus software to easily scan attachments for malicious URLs, scripts, or other behavior.

To evade detection, threat actors commonly use JavaScript in the HTML attachments that will be used to generate the malicious phishing form or redirect.

The use of JavaScript in HTML attachments to hide malicious URLs and behavior is called HTML smuggling and has become a very popular technique over the past few years.

To make it even harder to detect malicious scripts, threat actors obfuscate them using freely-available tools that can accept custom configuration for a unique, and thus less likely to be detected, result and thus evade detection.

For example, in November, we reported that threat actors used morse code in their HTML attachment to obfuscate a phishing form that the HTML attachment would display when opened.

Kaspersky notes that in some cases, the threat actors use encoding methods involving deprecated functions like the “unescape()”, which substitutes “%xx” character sequences in the string with their ASCII equivalents.

While this function has been replaced by decodeURI() and decodeURIComponent() today, most modern browsers still support it. Still, it might be ignored by security tools and antispam engines that focus more on current methods.

Conclusion

HTML attachment distribution was first seen spiking in 2019, but they remain a common technique in 2022 phishing campaigns, so they should be seen as red flags.

Remember, merely opening these files is often enough to have JavaScript run on your system, which may lead to automatic malware assembly on the disk and the bypassing of security software.

As the security software doesn’t detect an attachment as malicious, recipients may be more likely to open them and become infected.

Even if your email security solution doesn’t generate any warnings, you should always treat HTML attachments as highly suspicious.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from bleepingcomputer.com SOURCE

Small businesses aren’t exempt from Russian cyberthreats, according to US officials. Here’s what to know.

In the wake of Russia’s invasion of Ukraine, cybersecurity concerns in the US are mounting for small businesses, home offices and larger enterprises, according to national security alerts issued by the FBI, DHS and CISA.

Even though government-sponsored attacks are gaining public attention, cyberattacks from independent actors or groups are always a concern for small to midsize businesses. Factors like budget and IT staff limitations can leave small businesses more vulnerable to cyberattacks. The Small Business Administration reported there were 32.5 million small businesses in the US as of 2021.

There’s no foolproof way to completely protect yourself from online attacks, but the first step is to understand what the threat is, where your business may be at risk and which proactive steps you can take. To that end, we’ve compiled a list of cybersecurity tips for small business owners.

Know the most common cyberattacks

Cyberattacks can take many forms and are constantly evolving, according to the US Small Business Administration, but the best defense is knowing the most common cyberattack forms like malware, viruses, ransomware and phishing.

Malware is an umbrella term for malicious software that aims to damage your computer, server, network or client.

Viruses and ransomware are also considered as types of malware. Viruses mean to infect your computer as well as other devices, leaving your system vulnerable. Ransomware, which has been on the rise in the US, works like a virus, but is usually delivered through a phishing email and essentially holds your system hostage until a sum is paid.

Phishing is a type of scam that tricks people into clicking links that appear legitimate, but are actually malicious. Clicking the link infects your device with malware. Once your system is infected, cybercriminals can attempt to steal sensitive information. Phishing falls in a wider category of social engineering, a tactic meant to deceive individuals into disclosing sensitive information or clicking a malicious link.

Train employees to be security-conscious

Cybersecurity is a team effort. Make sure your employees create strong passwords and reset them on a regular schedule. Employees should be aware of red flags that indicate phishing emails and malicious files, as well as have an action plan in the event that an attack happens. It’s also important to keep devices, software and browsers up to date. The FCC suggests establishing clear guidelines for internet use, how to best handle customer data, as well as penalties for violating those policies.

Secure your Wi-Fi networks

Your business’ Wi-Fi should be secure, encrypted and hidden, according to the FCC. Your business’ router needs to be password protected, and it shouldn’t broadcast the network name.

If your small business is operated out of your home, consider whether it’s time to upgrade your router to handle modern security threats. If you’re new to Wi-Fi networking, CNET has a handy FAQ that covers the basics.

Back up your files

Cyberattacks often mean to compromise, delete or steal your data. Backup programs can help mitigate this risk. It’s even better if the backup software you’re using lets you set up a schedule or automate backups, according to cybersecurity firm Kaspersky. Keep a copy of your backups offline in case of a cyberattack.

Use antivirus software

Finding the right antivirus software is an important weapon in your small business’ arsenal against cybercrime. Antivirus software doesn’t have to break your bank either — Microsoft Defender is free for Windows, for example. Check out CNET’s guide for the best antivirus software for more information.

For more information, check out big tech’s efforts to support Ukraine shift the industry’s role and how you can help Ukraine refugees and those affected by Russia’s invasion.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from cnet.com SOURCE

Windows 10 backup

Business owners are becoming more aware of the damaging effects of data loss. Companies now realize that without safe and reliable data backup, important business information can fall into the wrong hands or be lost forever. Fortunately, Windows 10 offers easy-to-use tools like File History and OneDrive.

File History in Windows 10

Serving as the main backup utility, File History enables users to regularly schedule backing up of files on their PC and store them on an external drive. That means you can connect your PC to a network or USB drive and make backups as needed.

However, be sure to regularly connect the external drive if you intend to use File History for backups. Otherwise, Windows will prompt you that your files have not been backed up every day. You can ignore this warning at your own risk. If you back up to a mapped network that is unavailable, File History will commence backup in the local disk until the network drive becomes available.

Setting up File History

Anyone can set up File History. After all, it was designed to make data backup and recovery easy for users. By default, File History backs up the main file folders, but you may also pick which folders you want to back up and bring in folders from other parts of the PC to do this.

From the Start menu, click on Settings > Update & Security > Backup.

Once in Backup, you can connect to an external drive. Click on Add a drive to see a list of external hard drives hooked up to your PC and choose one.

When you return to the Backup section, you will see that the Add a drive option has changed to Automatically back up my files (by default). This allows backups to be created at periodic intervals, which you can set to anywhere from every 10 minutes to once a day (the default option is once every hour). You may also set how long to keep the backups.

Restoring files that have already been backed up is just as easy as setting up backups. Simply type “File History” in the search bar. Then, you will see the “Restore your files with File History” folder. Selecting this opens a new window showing the folders backed up onto your external drives.

Setting up OneDrive backup option

If you have access to a network drive or the cloud, back up to it instead of locally. One such cloud option is OneDrive. You can prompt OneDrive to automatically back up your files. Just click on the cloud icon in the Windows notification area, then select More > Settings > Backup > Manage backup.

Not only will selected folders sync in OneDrive, but new and existing files will also be backed up to OneDrive, so they can be accessed using other devices in case something happens to your PC.

Making system image backups

A system image is an exact replica of your entire operating system, along with all the programs, settings, and files. If you created a system image backup using the Windows 7 Backup and Restore tool in Windows 7, it will still work in Windows 10.

To use this feature, access the Backup and Restore (Windows 7) option from the Control Panel. Click on Create a system image, choose where to store the backup (i.e., an external hard drive, network drive, or DVD), and which drives or files to back up. You will then be asked to make a system repair disc, which you can use to start a PC and restore the image backup.

Never worry about losing files in Windows 10. For more tips on how to successfully back up and restore data, contact us today.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

How Cloud Backup Helps Your Business

New threats to businesses’ precious employee and customer data emerge every day, so the only surefire way to protect your files from viruses, theft, and other unforeseeable disasters is to partner with a leading cloud backup provider. With a basic understanding of how cloud backups work, you can set up a plan that is economical and customized to the needs of your business.

How should you go about choosing a cloud backup provider? Let’s take a look:

Learn more about their storage capacity

Before partnering with a cloud backup provider, ask them where they store their data. Many providers use cloud servers over which they have little control, which could be hazardous as it makes it harder to monitor activity and respond to anomalies. To avoid this fate, choose a backup service that operates their own cloud-based servers.

Next, you will have to determine whether your business assets can be backed up, since some cloud storage providers do not have the capacity to save bigger files like videos or other multimedia files. By asking these questions, you can find a cloud backup service that fits your business needs, and more importantly, can take care of all your files.

Get details on their security

It will be important for the cloud backup provider to explain in no uncertain terms how they will store your files. They should be encrypted and stored on multiple servers because redundant storage ensures your data has multiple copies saved online and can be retrieved at will. Even if an uncontrollable disaster befalls your company or the backup provider’s system, you’ll still be safe.

Compare your budget and backup costs

Before considering any cloud backup provider, you need to know how much the service is worth to you. How much money would you lose if your server crashed and all the data it stored was irretrievable? Compare that amount with the cost of a provider’s service, which could be charged by storage tiers, per gigabyte, or on a flat-fee unlimited plan.

When asking about the price of cloud backups, make sure to clarify any service limitations or restrictions. For example, how quickly can your storage capacity be upgraded? Is it possible to run out of storage? These are not things you want to discover in the middle of hurricane season.

Clarify data recovery timelines

Although storage availability is important, how quickly backups can be created and restored is also an essential factor. Ask providers how often backups will be created (e.g., hourly, daily, weekly), and how long it will take to restore them (e.g., hours, days, etc.). If those timelines are too long, it may be time to look for a better provider.

The most important thing is to know your needs before meeting with a potential provider. Let them know your business needs, budget, and recovery timelines. Our solutions and pricing are flexible and customized to your needs so you’re not stuck in a cookie-cutter plan.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

One of the most well-known benefits of the cloud is it boosts cost efficiency. By moving to the cloud, small- and medium-sized businesses no longer have to worry about purchasing high-end equipment or maintaining full-scale data centers. However, there are quite a few costs associated with the cloud, so it’s important you know how to keep them under control.

Don’t go for standalone services
Standalone services are the biggest price trap in the cloud. Spending on a standalone cloud software may seem harmless now, but if you decide to purchase similar services, the costs can quickly pile up. Then, there’s the issue of integrating these systems together, which costs even more time and money.

The best way around this is to find a service provider that offers a suite of products that work seamlessly together. Platforms like Office 365 or G Suite are great examples and offer you differently priced packages based on the size and requirements of your business.

Team up with integration experts
If you do need to subscribe to a standalone service, you’ll want to integrate it with the rest of your cloud platform. But if you have limited experience with integrations, mistakes are likely to happen and cause downtime, which will inevitably cost you time and money.

The more economical option is to partner with a cloud integration expert, as they can quickly configure and deploy your systems with zero mistakes.

Understand cloud backup costs
While cloud backups are great for keeping your data secure, you must know how much you’re paying for them. If you plan on storing your data for a long time, you may be charged more. At the same time, if you store more versions of your data, it will cost you more.

One way you can keep costs down is to ask yourself whether certain files even need to be stored in the cloud. Mission-critical files like customer information, legal document, and business plans should be stored in the cloud so you can retrieve them right away after a disaster, but routine documents like timesheets can probably be stored in less expensive data centers.

Remove unnecessary accounts
Most cloud service providers charge you based on the number of users per month, so if you’re not diligent about removing accounts when employees have left your company, you could be throwing your money down the drain.

To avoid this, you need to have deprovisioning procedures in place for when an employee’s contract is terminated. Create a spreadsheet of each employee in your payroll and note down their cloud subscriptions. When an employee leaves your company, you must delete all their business accounts and give the relevant manager access to all their documents.
It’s also a good idea to schedule regular audits to make sure you’re not paying for people who’ve already left your company.

Work with a trustworthy provider
Last but not least, you’ll want to partner with a cloud services provider that not only gives you the best deals on cloud solutions, but also proactively monitors your account and warns you about any issues regarding the computing resources and storage space you’re using.

If you’re looking to keep cloud costs under control, talk to us today. We’re certified and experienced with all aspects of cloud technology, and we can show you how you can truly benefit from it. To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment
Published with consideration from TechAdvisory.org SOURCE

Today’s businesses are so reliant on data that most of them will cease to function without a steady flow of it. The case is especially true for small to medium enterprises, where most of the decision making is left to one or two individuals. Just like retail users, small business owners fail to realize the importance of a solid data backup & recovery system. The truth is that they’re playing a very dangerous game by thinking that new technologies will continue to make their lives more efficient, all on their own. It’s important to remember that in today’s world of data-dependency, a bad backup plan, or complete lack of, can mean the end of a business if that data is lost or stolen.
The real problem is that most small businesses either can’t afford to invest in a good backup strategy or are simply ignorant of the fact that it could happen to them and end their livelihood. Not to say that small business owners aren’t tech savvy, but the concept of backup and storage strategy has recently caught up with their otherwise modern work ethics. Another problem is that most businesses run by millennials prefer to stick to the early 2000s concept of batch backups, failing to realize the need to have a constantly updated repository of their sensitive business data.

Do Small Businesses Really Need Backups?
The need to have securely backup data has never been more critical to businesses, especially for smaller more vulnerable businesses. While users can always store data for free on a cloud, some argue that you’re better off manually backup your data in an external hard drive. But backup isn’t just hardware, and a business’s backup strategy will depend on the organization’s unique storage needs.
A disaster recovery plan can act as a guiding light in times of IT disasters, and should be your first priority. Here are few of the weaknesses one would find when thinking about what can go wrong:
Locally hosted data might be secure, but if the building burns to the ground?
Backup tapes are permanently on-site.
Computer access in smaller organizations isn’t usually regulated by an administrator, enabling employees to misuse or siphon data.

Backup 101
For business data, always ensure to:
-Make two full copies of the data, maintained on separate physical devices, whether it’s on a hard drive, USB stick, Blu-ray, or even a good old fashioned rewritable disk.
-Keep a third optional virtual copy, stored in a cloud or on a server, preferably in a different location as your office servers.
Having multiple copies of your data can greatly reduce the chances of total data loss, as well as offer a degree of business continuity. Optionally, you can keep this data updated by synchronizing all the devices that the data is stored on.

Best Data Storage Solutions
Rather than create a detailed backup & recovery strategy that would require you to invest in paid data services, a good choice would be to use convenient storage options that are practically suitable for small businesses. Here’s a look at some of the best backup storage options.

1. Direct Attached Storage (DAS)
Direct Attached Storage devices are those that are physically connected to a computer or server, typically via USB 2.0 and above, ports. This ensures that the data is nearby and within reach, with the occasional issue of having to perform batch backups. This won’t be a major issue if your data doesn’t have to be real-time, and if you have the time and patience to perform manual backups.

2. Network Attached Storage (NAS)
Network Attached Storage devices are those that are directly connected to a network. A NAS system will offer support functions that one would expect from a file server, with the added feature of accepting multiple storage drives. NAS devices usually come equipped with redundancies, like RAID capabilities; because NAS supports a range of protocols to allow users to directly access a PC. Some NAS models offer the capability to synchronize specific data with a suitable remote NAS system.

3. Disaster Protected Storage (DAS)
Disaster Protected Storage systems are specialized storage devices that can withstand disasters that typically erase or corrupt unprotected data. DAS systems can exist as DAS or NAS. Most of these devices are made out of durable military grade materials, and offer a range of protection features such as water-proofing, fire-proofing, etc.

4. Online Storage
The internet is a great place, even more so now that we can store data online. And while most people only think of the cloud when it comes to online storage, there are two distinct form of online storage; paid services like Amazon’s Simple Storage Service (S3), and online storage systems, like the cloud. There are a number of such services that have been created specifically for small businesses, like IBackup. The only downside of online storage is that online data recovery can take a long time, especially in a case of full-recovery, since the data is being recovered from a remote location.
If you prefer not to leave you sensitive data under the protection of 3rd party cloud vendors, you could even opt to build your own private cloud service. And although it might not have been practical for small businesses to invest in their own cloud, new innovations now allow them to get private cloud storage on a budget.
Published with consideration from DailyBlogTips. SOURCE

Cybersecurity systems are getting better at identifying and preventing attacks coming from all directions. At the same time, hackers are coming up with new ways to bypass these systems. While online scams are the most common ways to do this, cybercriminals have discovered a new attack method using Microsoft Office.

What’s the new Office threat?
The Office exploit takes advantage of Microsoft’s Dynamic Data Exchange (DDE), a protocol that sends messages and data between applications. For example, DDE can be used to automatically update a table in a Word document with data collected in an Excel spreadsheet.

The problem with this is hackers can create DDE-enabled documents that link to malicious sources rather than to other Office apps. Theoretically, this allows hackers to launch scripts that download Trojan viruses from the internet and execute it before the user is even aware of the attack.
And unlike most malware-embedded Office files, which are usually blocked by security protocols from Microsoft, DDE exploits are instant. Once a compromised Word file is opened, it automatically executes the hack.

Outlook at risk
What’s even more alarming are the DDE vulnerabilities in Outlook. Recent reports found that hackers can embed malicious code in the body of an email or calendar invite, allowing them to perform phishing scams without a file attachment.

Fortunately, Outlook DDE attacks are not as automated as Word or Excel DDE attacks. Two dialog boxes will usually appear when you open the email asking if you want to update a document with data from linked files and start a specific application. Simply clicking ‘No’ on either of these boxes will stop the attack from executing.

Defending against DDE attacks
Beyond saying no, you can protect yourself by following these security best practices:
• Evaluate the authenticity of unsolicited emails before interacting with them and don’t open attachments from unfamiliar contacts.
• View emails in plain text format to completely stop DDE attacks embedded directly in emails from running. Note that this will also disable all original formatting, colors, images, and buttons.
• Use a strong email security system that prevents phishing emails, spam, and other unwanted messages from reaching your inbox.
• Get in the habit of checking for Microsoft updates, as they’re usually quick to release patches after vulnerabilities have been discovered.

Last but not least, consider working with our team. We’re Microsoft Office experts who can keep you safe from the latest threats. Call us today to get started!
Published with Considerations from TechAdvisory SOURCE

These days most people are familiar with what Cryptolocker and Ransomware are. Either your business has been affected, you have a friend who has a friend who’s has fallen victim or maybe heard about it on the nightly news. Ransomware is a particular type of malware advanced enough to limit users from accessing their information unless a ransom amount is paid.

Every day the number of professionals and small businesses being targeted by ransomware is increasing.

As we all know information and the ability to access it is the foundation of any business. The only way to protect this information is to execute an effective backup solution in your IT environment and make sure you’re ready for any possible threat.

In the event of a disaster your backup solution is only as good as its restoration capability. In situations where hardware fails or becomes infected, a little preparation can go a long way. A lot of businesses spend a lot of time and resources picking and investing in a backup solution but often times forget one vital step: regular testing of their backup’s restorability as part of their disaster recovery plan.

If there is a problem with a backup that hasn’t been tested, often you won’t know until it’s too late. A lot of ransomware will try to encrypt data on a network as well as that on removable drives. To make sure your business stays safe it’s important to make sure at least one copy of your backups are safe in your local environment.

Here GCInfotech we believe in an effective strategy called the “3-2-1” rule. This rule states that your business should have 3 copies of your data, stored in 2 different types of media with 1 backup kept off site. Also, ensuring all files in a backup are readable and making sure backups are intact physically all goes into testing your backups and making sure they’re able to be restored when you need them.

Ideally backups should be tested after any change is made. If a new backup is created, test it. If a new machine or server is added, test it. It can be time consuming and seemingly impossible for some organizations depending on the size of the backup. If you can’t check backups after every change, be sure you’re checking regularly.

Standard practice is to replicate a full restore at least quarterly. Logs may be checked to verify which items were included in your backup, as well as checking for errors and informational messages. By not testing applications and files you’re making the assumption that not only have you correctly selected everything that will be required to recover from a failure, and that everything backed up properly, but also that it will restore perfectly at the times when you need it most.

Privacy and security are major concerns for businesses developing a data protection strategy. Ensuring critical data is safely backed up, kept private, and readily available is essential to maintaining productivity and eliminating downtime caused by data-related interruptions or malfunctions. Implementing a data backup plan that meets your privacy and protection needs is a business priority.

Not sure where to start? Give GCInfotech a call to discuss the available solutions that would work best for your company. Together, we can make your business work smarter, faster and more efficiently.