Published on: October 14, 2019 in
The volume of malicious cyber attacks is increasing every year. Although many companies use the latest network security systems, they aren’t immune to the hackers’ favorite strategy — social engineering. Unlike malware, social engineering tricks people into volunteering sensitive data. Here’s what you should know to protect your business.
This is the most frequently used social engineering attack, especially against small businesses. Check out these frightening statistics:
How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information like names, addresses, login information, social security, and credit card numbers.
To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources, but they are wolves in sheep’s clothing.
One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.
What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.
Quid pro quo
Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift, concert tickets, a T-shirt, or early access to a popular game in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gift is a cheap trinket or the tickets are fake, but damages from stolen information are all too real.
Fraudsters pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.
In spite of the many security measures available today, fraudsters and their social engineering schemes continue to haunt and harm many businesses. Thus, it’s best to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!
To shield your business from social engineering attacks, don’t take chances! Get in touch with us today.
Published on: September 16, 2019 in
Cybersecurity is everyone’s responsibility. But you don’t need to be an IT expert to know how to protect yourself from a cyberattack. To help you get started, here are helpful terms you need to know so you’re not left in the dark, whether you’re teaching yourself how to update your anti-malware, updating your systems, or consulting your tech support.
For a long time, the phrase “computer virus” was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as malware.
Don’t let all the other words ending in “ware” confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid for its return.
Intrusion protection system(IPS)
There are several ways to safeguard your network from malware, but IPSs are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.
Not all types of malware rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of what is called “social engineering” to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.
Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.
Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well-known malware variants.
Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyberattackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.
When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.
When antivirus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.
We aren’t just creating a glossary of cybersecurity terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out just how we can help you with your IT woes.
Published on: September 2, 2019 in
You’ve received a message from one of your Facebook friends. You click on the link not knowing what you’ve gotten yourself into. This describes one of the latest social media adware schemes, which has wreaked havoc on Facebook users worldwide.
What is it?
Little is known about the adware itself or those behind it, but it was uncovered by David Jacoby, senior security researcher at Kaspersky Lab, when he received a Facebook message from one of his friends, only to find out that wasn’t the case.
Basically, the adware uses Facebook Messenger to track your browser activity and pushes you to click on malicious ads or give out personal information.
How does it work?
By clickjacking and hijacking credentials of Facebook users, the adware is able to send messages to people in the victim’s contact list. If you’re one of those people, you’ll receive a phony message from your friend’s compromised Facebook account.
The message includes your friend’s name followed by the word “Video,” a shocked face emoji, and a shortened URL. Once clicked, the URL will redirect you to a Google Doc with a blurred photo taken from your friend’s Facebook page, disguised as a video. If you click on the “video”, you’ll be redirected to one of a number of targeted websites based on your browser, operating system, and location.
For instance, if you use Google Chrome, you’ll be sent to a website that looks exactly like YouTube, complete with the official logo. The hoax website will show you a fake error message to trick you into downloading a malicious Chrome extension.
If you’re on Firefox, you’ll be sent to a site with a false Flash Player update notice and a Windows adware executable; the same goes with OS X except the adware is hidden in a .dmg file.
The goal here is to move your browser through a set of websites so tracking cookies can monitor your activity and display malicious ads or you can be “social engineered” to give up confidential information.
How do you avoid falling victim?
Facebook has rolled out a number of automated systems to stop harmful links and files. What’s more, they will provide you with a free antivirus scan if they suspect that your account has been compromised by adware.
Still, you should be very skeptical about any shortened URL links sent to you by your Facebook friends, no matter how long you’ve been friends.
Due to their low key nature as potential security endpoints, cyber criminals are turning to social media platforms as their new medium of choice. To keep your business safe, you need to stay up-to-date and educate your employees. If you have any other questions about social media and how it can impact your business, just give us a call.
Published on: February 20, 2017 in
When disaster strikes, organizations need to put their business continuity plans into action and recover their IT systems as quickly as possible. Failing to do so can mean serious financial and reputational repercussions. Despite this, investments in disaster recovery are set aside each year for high-tech IT investments, and every year companies and employees continue to suffer for it. Here are some reasons why disaster recovery is well worth your time, effort, and resources in 2017.
DR isn’t a huge investment
A common misconception about disaster recovery is that it’s a large, bank-breaking investment. Expensive data centers, networks, and server maintenance usually come into mind when a business owner is confronted with the idea of business continuity. And while that may have been true in the past, establishing a strong disaster recovery plan today is as simple as having a secure, compliant cloud-based disaster recovery provider like TECHLINQ. Agreement pricing models are actually comparatively low, meaning you can have minimal downtime while still having enough to invest in new technology.
Onsite backups alone just won’t cut it
Although you might feel secure with a manual backup server down the hall, it is still susceptible to local disasters and, ultimately, does very little in minimizing company downtime. When disaster recovery solutions are hosted both locally and in the cloud, restoring critical data and applications is a much less time-consuming process.
Business disasters can be man-made, too
Even if your workplace is nowhere near frequent disaster zones, cyber attacks and negligent employees can leave the same impact on your business as any natural disaster can. Setting a weak password, clicking on a suspicious link, or connecting to unsecured channels is enough to shut down a 5-, 10-, or even 50-year-old business in mere minutes.
Sure, installing adequate network security is a critical strategy against malicious actors, but last year’s barrage of data breaches suggests that having a Plan B is a must. A suitable disaster recovery plan ensures that your data’s integrity is intact and your business can keep going, no matter the malware, worm, or denial-of-service attack.
Downtime will cost you
A business without a DR plan might come out unscathed after a brief power outage, but why risk the potential damages? Either way, extended downtime will cost your business. First, there’s the general loss of productivity. Every time your employees lose the ability to access network resources, money goes down the drain. Then there’s the cost of corrupted company data, damaged hardware, and the inevitable customer backlash. Add all those variables together, and you end up with a business-crippling cost.
So, if you want 2017 to be the best year for your business, make the smart choice and proactively take part in creating your company’s business continuity plan. Your business will be in a better position financially with it than without it.
Keep your business safe, recover from any disaster, and contact us today to set up a TECHLINQ Backup agreement.
Published on: February 6, 2017 in
The crystal ball certainly won’t be making an appearance anytime soon, so it’s time to start preparing for the far more realistic technology trends of the coming year. Investing in the right technology could be the thing that sets you apart from your competitors in the coming year, and all it takes is a little research and education. Until someone invents a crystal ball, you’re stuck with our professional projections on the state of web services in 2017.
#1 On-premises servers will survive another year
Cloud adoption will most likely continue its stellar rise, but that doesn’t mean it will be hard to find affordable service for your in-house server or data center. Based on a recent survey of companies that utilize cloud services, nearly half will continue operating some sort of on-site data management in response to perceptions of security or compliance concerns. We may not believe those worries are well-founded, but that does mean hybrid clouds will continue to be a popular option.
#2 Voice commands will get better
Although better voice command technology may not mean much for running a business, big vendors like Amazon releasing development kits and application program interfaces does mean you have the opportunity to make your products and services more accessible via popular consumer technology such as Alexa.
#3 The Internet of Things (IoT) hasn’t peaked yet
Marketing experts are just as certain that consumers are feeling oversaturated with references to machine learning as they are that IoT hasn’t yet reached its full buzzword potential. If prices of connected devices come down, and their functionality improves, you can bet “IoT” will be one of the most profitable keywords of the year. If this technology doesn’t integrate with your products or services, there’s significant potential for its rise to stardom to make in-house business automation a whole lot better.
#4 Containers won’t just be a fad
As a subset of virtualized computing, containers unshackle applications from the constraints of single operating system compatibility. And with several vendors jumping into the market in late 2016 (such as Amazon Web Services), it’s a trend that we’re fairly confident will grow next year.
The market for web services may seem too fickle to gamble on, but as a small business owner, you don’t have much of a choice. Technology is essential to reaching new customers, operating efficiently, and remaining competitive with your business rivals. If you’re ready to start the new year with a new outlook on these technologies, call us today.
Published on: October 24, 2016 in
There are a lot of web-based email platforms in the marketplace. Many come and go, but there’s a reason Gmail has crossed the 1 billion monthly active user milestone and is still standing strong as one of the world’s most popular web-based email clients. It’s extremely easy to use and is always up-to-date and secure, courtesy of Google. But if you’re just using Gmail for sending and receiving emails, you’re really missing out on some of its nifty features that allow you to manage your email more effectively. Here are some tips to make the most of Gmail.
Ever had that moment when you’re in a hurry to type up an email and send it off only to notice a few seconds later there were a couple of mistakes? Maybe you’ve forgotten to attach a file or misspelled a word. Heck, you may have even sent it to the wrong recipient! Don’t worry, we’ve all been there. This is the moment where Gmail’s ‘Undo Send’ feature will become your new best friend. You can activate this by clicking on the gear icon on the top right hand corner of Gmail, then go to Settings. Scroll down to ‘Undo Send’ and hit the ‘Enable’ box. Now you have up to 30 seconds to click the ‘Undo’ button that will pop up once your email’s been sent.
Create to-do lists
Gmail provides an easy way to create a task list that you can use to keep track of all the things you have to do in a minimizable window. This way you won’t have to send yourself an email and clutter your inbox every time you need to remind yourself to do something. Adding a to-do list is easy; simply click the ‘Mail’ menu in the upper left corner of the Gmail window and choose ‘Tasks’. A small window will appear in the bottom right corner of the page, and here you can type in your tasks and check the boxes once you’ve completed each of them.
Some emails are too important to be buried in a crowded inbox. This is where you can use Gmail’s Star feature to your advantage. Adding stars is a way to single out emails that need to be read later or require a follow-up. You might already know that clicking the yellow star beside the email will highlight the line and makes the message easier to find. But there’s a way to take things up a notch. Navigate to ‘Settings’ and scroll down to the ‘Stars’ section. Here you can drag the stars from the ‘Not in use’ row up to the ‘In use’ row to make them active. Once you’re done, hit ‘Save’. You could use the blue star for emails that need a follow-up, red for problems, question mark for the ones that require clarification and so on.
Use canned responses
Have you ever had to answer the same questions sent by clients over and over again? Well you’re in luck. Gmail has a productive hack that allows you to create and send off repetitive messages in just a few clicks. Activate it by heading over to ‘Settings’, ‘Labs’ and click the ‘Enable’ button in the ‘Canned Responses’ tab. Now type up a response email. Click the arrow in the lower right corner of the message box and select ‘Canned Responses’. You can add common phrases, sentences or email bodies that you find yourself using a lot, whether for marketing inquiries, sales pitches or client requests.
With these Gmail features you can save time, get more things done and become more productive. If you want to learn more about Gmail or any other Google apps, please get in touch with us today.
Published on: October 3, 2016 in
Here on earth, clouds are relatively simple phenomena: visible masses of water vapor making their way across the sky. But in the world of IT, “the cloud” is a bit more complex, referring to technology that allows businesses to take a more hands-off approach to managing their IT resources. And the “hybrid cloud” is rapidly becoming the most popular variety.
Hybrid clouds are a combination of private clouds (where data and applications that require tighter controls are hosted either internally or privately in the cloud space); and public clouds (which are operated externally by third-party providers with the express purpose of reducing a company’s IT infrastructure).
A recent “State of the Cloud” report indicates that 71% of all cloud users are now implementing hybrid cloud solutions, mainly because the ways in which they benefit small- and medium-sized businesses are so numerous. Here we’ve highlighted what we consider to be the 4 most significant benefits of hybrid cloud solutions.
Does your industry go through seasonal workload increases? With a hybrid cloud solution, you’ll be able to easily handle spikes in demand by migrating data from maxed-out on-premise servers to scalable, pay-as-you-go “servers in the sky” whenever needed, without incurring any extra hardware and maintenance costs.
Having the ability to choose between on-site/privately-hosted cloud servers and ones on the public cloud gives you more than just cost flexibility. It also gives you the capacity to pair the right IT solution with the right job, like keeping smaller projects on your local or private cloud, while utilizing the more robust computing resources on offer from the public cloud for your bigger projects.
What exactly does this common IT buzzword mean for your organization? In a nutshell, it means that the hybrid cloud allows you to “scale up” or “scale down” on an as-needed basis. So if there are last-minute demand increases that your hardware can’t support, or if you’re simply planning for future expansion, hybrid cloud solutions allow for on-demand increases or decreases in capacity.
Last, but certainly not least, are the security advantages of a hybrid cloud solution. SMBs are able to host within the private cloud their more sensitive data such as an e-commerce website or HR platform, while using the public cloud space for less sensitive data where it’s more cost effective and there is less likely to be major problems should there ever be a security breach.
SMBs can set up their hybrid cloud model in a few different ways, depending on their precise needs and the types of providers available to them:
- By employing one specialized cloud provider who offers “soup-to-nuts” hybrid solutions
- By integrating the services of a private cloud provider with those of a public cloud provider themselves
- By hosting a private cloud themselves and then adopting a public cloud service which is incorporated into their infrastructure
So as more of our customers’ IT infrastructure moves to the cloud, we’re adapting and developing innovative ways to maintain hybrid cloud environments. What this means for you is we’ve got the know-how to provide outright cloud solutions, or at the very least the expert consultation you need, to ensure that your day-to-day operations transition to a hybrid cloud solution without interruption and in a cost-effective manner. Contact us today to learn more about the benefits that the hybrid cloud can bring to your business.