Posts

,

How to spot ‘spear phishing’, an insidious cybercrime trend

True story: At a company I once worked for, employees received an email about an unexpected bonus. In private Slack channels, we wondered whether it was a well-played phishing attempt. Turns out, the bonus was legit, but so was our inclination to question it. Phishing—when cybercriminals pose as legitimate institutions to get info or money from you—is the origin of up to 90 percent of breaches and hacking incidents, says Frank Cilluffo, director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security in Alabama.

These cyber bad guys have even taken it to the next level with “spear phishing,” a practice of sending emails that appear to be from someone you personally know. “This happened to me once and it was a humbling experience,” says Adam Doupé, director of the Center for Cybersecurity and Digital Forensics at Arizona State University in Tempe. Turns out, the email seemed to be coming from a colleague, and Doupé was boarding a plane when he got it so he wasn’t as careful as he would normally be. “I ended up replying with my cell phone number,” recalls Doupé. “When the phisher responded with a request to send gift cards, the alarm bells went off.”

Knowing that a cybersecurity expert got played, an average person has to be hypervigilant. But could you be missing out on legit offers and emails because you’re being too cautious? Your first line of defense: install a protection software (like Malwarebytes). This sort of protection that lives on your computer, coupled with our expert tips below, will stop phishers in their tracks.

3 Ways To Tell If It’s Phishing Or Not

Experts say there are a few things you can do if you’re unsure whether an email is a phishing attempt.

1. Check the email address carefully.

Hover your cursor over the full email—not just the sender’s name—to see if anything looks off. “For instance, instead of .com, the address may contain .ru,” says Cilluffo. (.Ru indicates that it’s from a Russian server.) Compare the address on a recent email to one that you’ve responded to previously.

2. Call or text the person you think may have sent the email.

Ever receive an email from a friend or colleague and it seems off? Maybe it’s much briefer than usual or perhaps they addressed you by your full name rather than a nickname. Trust your gut, and don’t respond or click on any links or attachments until you’ve verified the email. While it truly may just be a link to their kids’ fundraiser, it could be the work of a cyber criminal trying to get you to download malware—aka malicious software.

3. Verify through an independent news source.

Sometimes you may receive an email about an important recall notice or info about a class-action lawsuit. Search on a trustworthy news site whether the link contained in your email appears in any news articles, suggests Doupé.

Bottom line?

Cyber criminals are getting more and more creative at making their phishing attempts appear legitimate. Go with your gut, slow down to verify the validity of messages you receive and install a protection software (like Malwarebytes) to stop phishers before they start.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from yahoo.com SOURCE

/by
, ,

5 Tips to work smarter in Outlook

Microsoft Outlook comes with a raft of features that make managing your busy schedule and boosting your productivity easier. If you find Outlook’s myriad capabilities a little overwhelming, don’t worry — these tips and tricks will have you using Outlook like a pro in no time.

Organize your inbox

Is your Outlook inbox getting a little too cluttered for your liking? Use the Clean Up feature to tidy up your inbox.

From your inbox, click the Home tab and choose from one of three Clean Up options:

  • Clean Up Conversation – reviews an email thread or a conversation and deletes redundant messages
  • Clean Up Folder – reviews conversations in a selected folder and deletes redundant messages
  • Clean Up Folder & Subfolders – reviews all messages in a selected folder and any subfolders, and deletes redundant messages in all of them

Ignore conversations

Besides redundant messages, group conversations that aren’t relevant to you can clutter up your inbox. The Ignore button helps you organize your inbox and focus on relevant emails.

To activate this feature, select a message, then click Home > Ignore > Ignore Conversation. Alternatively, you can open a message in a new window and click Ignore under the Delete function. You can easily revert this action by going to the Deleted Items folder and clicking Ignore > Stop Ignoring Conversation.

Send links to files

This function is especially useful when you need to send large files to your coworkers or clients. You can send a link to the file instead of the file itself as well as set permissions to allow recipients to edit and collaborate on linked files in real time.

To do this, upload the file you wish to send to OneDrive. Then from the message box, click Attach File > Browse web locations > OneDrive.

Tag contacts

To get the attention of a specific person in a group email or meeting invite, use the @Mention function. This works particularly well for emails sent to multiple recipients or if you want to convey the urgency of your message.

In the body of your email or invite message, type the @ symbol followed by the name of the person you want to tag (e.g., @johndoe). Doing so will highlight the name in the message and automatically add it to the To line of your message.

You can also search for messages you’re tagged in by selecting Filter Email from the Home tab, and then clicking Mentioned.

Add notes to emails

With Outlook, you can add sticky notes to specific parts of an email. To add a sticky note, simply drag your cursor to highlight your chosen text in the email, and then release the mouse button to trigger a pop-up object menu. On that object menu, select Add Note. This will open a OneNote feed within Outlook, where you can add text or images to your sticky note.

Schedule a Teams meeting

Teams is Microsoft’s unified communication and collaboration platform, and it includes the Outlook add-in. This feature allows you to set up Teams meetings directly from Outlook. It also lets you view, accept, or join meetings while in either app.

To schedule a Teams meeting on Outlook, follow these steps:

  1. Switch to the calendar view on Outlook. Click the New Teams Meeting tab.
  2. Add individual participants or entire contact groups to the Required or Optional fields.
  3. Type in the topic, start time, and end time of the meeting. There’s no need to add the dial-in phone numbers and conferencing IDs to the invite, as Outlook does this automatically for you.
  4. Create a message inviting the recipients to the meeting, then click Send.

Share emails to Teams

With Outlook, you can easily share an email from your inbox directly to a specific Teams channel. To do that, follow these steps:

  1. Select the email you want to share.
  2. Click the Share to Teams button.
  3. On the Share to Microsoft Teams pop-up menu, type the name of the person or channel you want to share to. Check the “Include attachments” tickbox if you want to include the email’s attachments.

These are just some of the things you can do to improve your Outlook experience. For more on how to get the most out of Outlook and other Microsoft products, drop us a line today.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by

Six Essential Cloud Solutions for Every Business

Over the past several years, the debate about cloud technology in business has moved away from “Is it a safe option?” to “How can I move more of my tools to the cloud?” There is an overwhelming number of options and many business owners don’t know where to start. If that’s the position you find yourself in, we recommend starting with six basic tools.

Email

Every business needs email. And while there are plenty of non-cloud options to choose from, they require a lot of maintenance. Opting for cloud-based email means you pay for the service without worrying about hardware requirements or software updates. These issues, among others, will be handled by the provider and backed by service level guarantees.

File storage

Storing company files in the cloud is a great way to give employees more mobility and flexibility. Everyone can access information from almost any internet-enabled device without compromising security, since providers include things like encryption and multi-factor authentication as part of the monthly service fee.

You can opt for either DIY cloud storage such as Microsoft’s OneDrive and Dropbox or a slightly more expensive managed solution that will provide customization opportunities and regulatory compliance management.

Document creation and collaboration

It’s easy to confuse apps like Office 365 and Google Docs with cloud file storage but they’re not the same. What sets them apart is whether or not you can edit documents stored on these platforms. In most cases, multiple users can alter the same document simultaneously and see mirror images on their screens even if they’re hundreds of miles apart.

Between faster document turnaround times and fewer separate versions of files, there’s no reason to keep everything offline. Business owners used to worry about security but vendors today invest 100 times more resources in protecting client info than a small operation could ever match.

Server hosting

Whether your business requires a single low-scale server or several high-powered ones, it’s becoming harder to justify maintaining those at your physical location. They’re too finicky and expensive compared to their cloud alternatives.

Server hosting enables you to accomplish via an app all that you could with in-house hardware. The costs are also spread out month to month rather than all at once during the setup phase.

Backup and recovery

The entire basis of cloud technology is that you have total access to hardware and software that’s located far from your office. That makes things like cloud file storage and server hosting perfect for recovering from a disaster. If a natural disaster or cyberattack renders your office inoperable, all you need to do is log in to your cloud platform from somewhere else.

If you are looking to move your business into the cloud, we have a broad range of products tailored to small businesses.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

/by

Fix these enterprise security flaws now

As businesses have become more reliant on digital technology for day-to-day operations, they’ve also become a favorite target of internet threats. If you want to protect your organization from cyberattacks, make sure your security is clear of the following flaws.

Open wireless networks

With one main internet line and a couple of wireless routers, a whole office can go online. A wireless internet connection saves money, but there is an inherent risk that it’s an unsecure network.

If you need a secure network, plugging in a wireless router and creating a basic network is not enough. If you don’t set a password on your routers, then anyone within range can connect. With fairly simple tools and a bit of know-how, hackers and criminals can start capturing data that goes in and out of the network, and even attacking the network and computers attached.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with strong passwords. Many internet service providers that install hardware when setting up networks will often just use an easy password for the router, such as the company’s main phone number. These need to be changed.

Email is not secure

Most companies that have implemented a new email system in the past couple of years will most likely be secure. This is especially true if they use cloud-based options or well-known email systems like Exchange, which offer enhanced security and scanning.

The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as “clear passwords”’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and compromise your systems and data.

If you are using an older email system, it is advisable to upgrade to a newer one, especially if it doesn’t use encryption.

Mobile devices that aren’t secure enough

Mobile devices offer a great way to stay connected and productive while out of the office. However, if you use your tablet or phone to connect to office systems but don’t have security measures in place, you compromise your networks.

Imagine you have linked your work email to your tablet but don’t have a screen lock enabled, and you lose your device. Anyone who picks it up will have access to your email and all your sensitive information. The same goes if you install a mobile device app with malware on it. Your infected device will spread this malicious program to your entire network and cause major disruption to your business.

Take steps to ensure that employee devices have adequate security, such as passcodes, and that your company has sufficient security policies in place to govern their use. Lastly, mobile device management solutions are specifically designed to prevent your bring your own device (BYOD) policy from being a risk with employee devices causing havoc to your network.

Anti-malware software that isn’t maintained

These days, it is essential that you have anti-malware software installed on all devices in your company, and that you take the time to configure these properly.

It could be that scans are scheduled during business hours. If you install these solutions onto your systems and they start to scan during work time, most employees will just turn the scanner off, leaving your systems vulnerable.

The same goes for not properly ensuring that these systems are updated. Updates are important for software, especially anti-malware applications, because they implement new databases that contain recently discovered threats and the fixes for them.

Therefore, anti-malware software needs to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

Lack of firewalls

A firewall is a network security tool that can be configured to block data traffic from entering and leaving the network. For instance, it can protect data from being accessed from outside the network. While many modems or routers include firewalls, they are often not robust enough for business use.

What you need is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like a managed services provider (MSP), in order for them to be most effective.

How do I ensure proper business security?

The best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you set up proper security measures in place and that they are managed properly. Tech peace of mind means your focus can be on creating a successful company instead.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

/by