Author Archives: Tina

  • 0

Small business is big business for cybercrime & criminals

Don’t be fooled thinking that your company is too small to be of interest to cybercriminals. Your credit card numbers, employee payroll information and social security numbers, your tax documents are just as valuable as a large companies. The statistics posted by Trend Micro in their April 2017 report are alarming:
• Cyber criminals unleash a new threat targeting Small Business every second
• The cost to the victims can be huge – the FBI estimates that $6 million was stolen by one malware attack of multiple businesses called Cryptolocker in 2017
• Small businesses are common targets of cyber criminals since many don’t invest in security like larger companies


How can you better protect your users and your network from Cybercrime?

Password protect everything!

A good, strong password is one of the easiest ways to protect yourself from cybercrime. From your computer, to your server, to your handheld devices, the information you store on these devices is only as secure as the password that is protecting it. Passwords should include:
– the use of both upper- and lower-case letters (case sensitivity)
– inclusion of one or more numerical digits
– inclusion of special characters, e.g. @, #, $ etc
– don’t use common words from the dictionary
– don’t use personal information like your birthday, kids name, etc.
– and should be as long as possible

Don’t save your information!

Many website will ask if you would like to save your password or personal information in order to automatically log in the next time you visit the site. Although this is convenient, it is not safe. If your device is breached or stolen this gives the cyber-criminal access to websites you have previously visited such as bank sites, vendor sites, etc. It is best to choose to enter your information every time you login. This helps protect your device but also keeps your passwords fresh in your mind.

Protect your mobile devices!

Mobile devices have a high theft rate so protecting them in every way you can is smart. There are several third party applications that can locate and wipe your smart-phone and laptop if stolen. Try a program like “find my iPhone” or “phone sheriff” to remotely locate, lock, or wipe a phone.

  • 0

IRS W-2 Email Fraud Alert

Warning: The IRS has issued an alert to warn of a new email phishing scheme involving W-2 information. The sender is posing as a top-level administrator, such as the CEO or HR Director, and requesting that you update your W-2 information or send them your W-2(s). Please ensure that if your employees receive a suspicious email, they do not respond or interact with any included links or attachments, but rather report it to you directly.
Here are some additional tips to help you and your employees stay secure:
• Keep your username and password confidential
• Use a different password for each system
• Always confirm you have logged out after using a website
• Be mindful on shared computers
• Install anti-virus software and keep it updated
• Be vigilant in regards to emails requesting sensitive information

Last but not least, ask a professional if something doesn’t look right.

  • 0

Support for older versions of Internet Explorer ended January 12th

Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical supports and security updates. Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, and technical support on Windows 7, Windows 8.1, and Windows 10. If you are running older versions of IE Microsoft will no longer provide security updates or technical support. On current versions of their software Microsoft updates patch vulnerabilities that may be exploited by malware, helping to keep users and their data safer.
Although I never recommend that you are an early adopter, staying current is important. IE11 had been out since late in 2013, so if you’re not running it you are really behind.

Internet Explorer 11 offers improved security, increased performance, better backward compatibility, and support for the web standards that power today’s websites and services. Microsoft encourages customers to upgrade and stay up-to-date on the latest browser for a faster, more secure browsing experience.

  • 0

Financial Fraud via Email Compromise

Recently I had a client that got an email that looked very legitimate. It looked like it was coming from the General Manager and going to the CFO asking for a check to be sent for $9000 for a project they were working on. The cyber-criminal addressed the CFO by name, had basic details about the project, and even mimicked the General Manager’s writing style. It took me a minute to verify that it was a phishing attack. Today, I read an article from Huntington Bank alerting to the same kind of criminal activity so I thought I would share that information with you as well.

Business Email Compromise Fraud – published by Huntington Bank January 2017
Within your day-to-day business operations, be on alert for a tactic used by cyber-criminals known as Business Email Compromise (BEC), also referred to as a “masquerading scheme”. It’s a payment fraud scam that continues to gain momentum. Here are some of the details:

Generally, a fraudster begins by hacking the email account of an executive at a company, often the CEO. The fraudster uses information obtained from the executive’s emails to send what appears to be a legitimate payment request (commonly wire transfer) to the employee(s) within the organization responsible for executing outbound transactions. Fraudsters will use various techniques to forge or “spoof” an email address, so that the email appears to come directly from the executive. As a result, the recipient of the email is duped into sending the requested payment to an account controlled by the fraudster.

Fraudsters can also compromise a vendor’s email, sending manipulated invoices to the vendor’s clients with fraudulent payment instructions.

There have also been several scenarios where the fraudster simply inserts themselves into the email traffic of a legitimate transaction being orchestrated between two parties (i.e. purchasing inventory, closing on a property, etc.), providing updated payment instructions at the last minute.

As always, it’s better to be safe than sorry.  I’m glad my client asked about the email before cutting the check.  Be safe out there!

  • 0

Windows 10 Free Upgrade expires soon

Windows 10

If Microsoft’s upgrade notifications weren’t enough to compel you to install Windows 10, then maybe a deadline is. After July 29th Windows 10 will no longer be a free. Microsoft has told us that the upgrade would only be free for a year and believe it or not, the year is up!

With the year anniversary of Windows 10 right around the corner, the company revealed the features coming out and they include advanced gestures, new Cortana commands and the merged version of the Windows/Xbox One app stores. So if you haven’t upgraded to Windows 10 what are you waiting for?!

As always, before any upgrade make sure that your hardware specs meet the requirements to run Windows 10.v We’ve listed some below from Microsoft’s site but please make sure you consult a professional if you have questions:

  • Windows 10 Home users will receive updates from Windows Update automatically when it’s available. Windows 10 Pro and Windows 10 Enterprise users will have the ability to postpone updates. The amount of time that Windows 10 Pro users can postpone updates is limited.
  • Small storage devices, like devices with 32GB hard drives or older devices with full hard drives, may need additional storage to complete the upgrade. You’ll see instructions during the upgrade telling you what to do. You may need to either remove unneeded files from your device, or insert a USB flash drive to complete the upgrade.
  • Some devices with either little free space available or smaller hard drives, like 32 GB storage PCs, may have little free space available after upgrading. You may free up disk space and easily delete files like temporary files or your previous version of Windows within the Storage system setting. Files for the previous version of Windows give you the option to remove Windows 10 and go back to your previous version of Windows. These files are automatically deleted a month after you upgrade. To free up space, you can delete them now.
  • If your PC or tablet is currently running Windows 7 SP1 or Windows 8.1 Update, you can check to see if it meets the requirements by using ‘Check my PC’ in the Get Windows 10 app. To open the Get Windows 10 app, click on the small Windows icon found at the right end of the taskbar. If you don’t see it, visit our Windows 10 Q&A page for more info.
  • Many applications, files, and settings will migrate as part of the upgrade. However, some applications or settings may not migrate.
  • For anti-malware applications, Windows will check to see if your anti-malware subscription is current (not expired) and compatible during the upgrade.
    If your anti-malware subscription is not current (expired), Windows will uninstall your application and enable Windows Defender.
  • Some applications that came from your OEM may be removed prior to upgrade.
  • For certain third party applications, the “Get Windows 10” app will scan for application compatibility. If there is a known issue that will prevent the upgrade, you will be notified of the list of applications with known issues. You can choose to accept and the applications will be removed from the system prior to upgrade. Please be sure to copy the list before you accept the removal of the application.
  • Microsoft Family Safety child users with local accounts (accounts tied to the machine) will not have their safety settings migrated to Windows 10 during the upgrade. This means that after the upgrade to Windows 10 is complete, parents would need to setup safety settings for the child user along with a Microsoft account if they do not have one. To find out more about the changes, visit the FAQ page.
    Some apps and content sold separately. Feature and app availability and experience may vary by device and market.