(Tech) Security

Helpfull

Helpful tips for keeping your email safe

Email is one of the best things the internet has given us. We use it to sign up for websites, apply for jobs, make payments, get in touch with friends and family, and many more. However, your email is also one of the platforms hackers can exploit to steal information or launch malware attacks. Here are crucial steps to take to safeguard your email account.

Use separate email accounts

Most people use a single email account for all their needs. As a result, information from websites, newsletters, shopping deals, and messages from work gets sent to one inbox. But what happens when someone breaks into it? There’s a good chance they could gain access to all the stored information and use them in fraudulent dealings.
Having at least two separate email accounts will not only boost your security, but it will also increase your productivity. You can have a personal account to communicate with your friends and family, and a professional email account solely for work-related tasks.

Set strong passwords

Some email users often overlook the importance of having strong email account passwords. You might be surprised to learn that email passwords like “123456,” “qwerty,” and “password” are still the most common around. For the sake of security, set longer passwords or passphrases that contain a good mix of upper- and lowercase letters, numbers, and special characters. Make sure these passwords are unique to that account to keep all your other password-protected accounts safe.
You should also consider enabling multifactor authentication (MFA). This creates an extra layer of security by requesting for another method to verify your identity, like a fingerprint scan or a temporary activation code sent to your mobile phone.

Beware of email scams

When you see a link in an email, don’t click on it unless you’ve assessed its authenticity. You never know where those links might lead you. Sometimes they are safe, but other times they can infect your computer with malware or send you to a compromised website.
It’s always good to know who the email message is coming from. If you’re expecting a file from your friend or family, then go ahead and open the attachment. However, emails coming from unknown sources or those that have strange account names such as “@amazon6753.com” are most likely to be email scams.
These types of attacks are known as phishing, and they can be remarkably clever. For example, cybercriminals may masquerade as high-profile companies like Amazon, Facebook, or Bank of America to catch their victims off guard. They create emails with a sense of urgency by claiming that there’s an issue with your account and that you should send them information or click on a link to “confirm” your personal details. This link will either install malware on your device or lead you to a fraudulent site.
Even if there was a genuine issue with your account, legitimate companies would never ask something so suspicious over email. If you get these messages, contact the company directly through a verified website or phone number — not the contact details on the email.

Monitor account activity

Periodically watch over your account activity. Make sure to limit access privileges to apps if you want to ensure maximum privacy and security. Also, check for any suspicious activities in your logs, such as unusual devices and IP addresses that have accessed your account. This indicates that hackers may have successfully broken into your account. If this is the case, sign out of all web sessions and change your password as soon as possible.

Encrypt emails and update your software

Email encryption ensures that any message you send won’t be intercepted and viewed by unauthorized users. Meanwhile, installing the latest updates for your anti-malware, firewalls, and email security software filters potential email scams and fixes any vulnerabilities hackers can exploit.
Protecting your email accounts from various threats can be a daunting process, but with the right support, it should be effortless. Talk to us today for all your cybersecurity needs.

spam-distraction

Distributed spam distraction hides illegal activities

As annoying as spam email is, it’s usually pretty harmless. But hackers have been using a method called distributed spam distraction (DSD) where spam email is used to carry out illegal activities. Learn more about DSD and how you can safeguard your systems against it.

What is DSD?

DSD is a type of attack wherein cybercriminals inundate email inboxes with as many as 60,000 spam emails. These emails don’t contain dangerous links, ads, or attachments, just random excerpts of text taken from books and websites. But because of the sheer volume of these emails, deleting and blocking each one of them can be daunting. And worse, the email and IP addresses used to send them are all different, so victims can’t simply block a specific sender.

While these spam messages may seem like harmless annoyances, their true purpose is to draw victims’ attention away from what hackers are doing behind the scenes — which is to steal and use your personally identifiable information to conduct a raft of illegal activities. These include stealing money from your bank account or making unauthorized purchases in your name. In a DSD attack, the thousands of spam emails you get serve as a smokescreen that hides payment confirmation messages.

New tactics

Over the years, hackers have developed new DSD tactics. Several reports show that instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that weed out the malicious code and text used in traditional DSD attacks.

Also, anyone can go on the dark web and pay for DSD services. For as little as $40, you can get a hacker to send out 20,000 spam emails to a specific target. All you need to do is provide the hacker with your target’s name, email address, and credit card number — all of which can also be purchased on the dark web.

How to protect yourself from DSD

DSD is a clear sign that your account has been hijacked, so whenever you receive dozens of emails in quick succession, contact your bank to cancel any unfamiliar transactions and change your login credentials as soon as possible. Also, you should update your anti-spam software (or get one if you don’t have one) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected online. You should regularly change your passwords and PINs, enable multifactor authentication, set up SMS and/or email alerts for whenever online purchases are made in your name, and be careful about sharing personal information with others.

DSD is just one of many cyberthreats out there. For expert advice on how to ensure your safety and security online, get in touch with our team of IT professionals.

facebook-login

Your password may not be secure — update it now

The National Institute of Standards and Technology (NIST) once said that a good password consisted of three things: upper- and lowercase letter, numbers, and symbols. However, the NIST recently reversed its stance on good passwords. Here’s why and what they are now recommending.

The problem

The issue isn’t that the NIST advised people to create easy-to-crack passwords, but their previous advice inadvertently made people create weak passwords using predictable capitalization, special characters, and numbers, like “P@ssW0rd1.”

Such a password may seem secure, but the strings of characters and numbers could easily be compromised by hackers using common algorithms.

What’s more, the NIST also recommended that people change their passwords regularly, but did not specify how and when to change them. Since many people thought their passwords were already secure because they’ve included special characters in them, most only added or changed one character.

The NIST essentially forced everyone to use passwords that are hard for humans to remember but easy for a hacker’s algorithm to crack.

Eventually, the institution admitted that this can cause more problems than solutions. It has reversed its stance on organizational password management requirements, and is now recommending banishing forced periodic password changes and getting rid of complexity requirements.

The solution

Security consultant Frank Abagnale and Chief Hacking Officer for KnowBe4 Kevin Mitnick both see a future without passwords. Both security experts advise enterprises to implement multifactor authentication in login policies. This requires a user to present two valid credentials aside from a password to gain access to an account. This could be a code sent to the account owner’s smartphone, a login prompt on a mobile device, or a facial or a fingerprint scan. This way, hackers’ login efforts are futile unless they fulfill the succeeding security requirements. Moreover, Mitnick recommended implementing long passphrases of 25 characters or more, such as “recedemarmaladecrockplacate” or “cavalryfigurineunderdoneexalted.” These are much more difficult to guess and less prone to hacking. As for the frequency of changing passphrases, it will depend on a company’s risk tolerance. Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to crack. You should also enforce the following security solutions within your company:
  • Single sign-on – allows users to securely access multiple accounts with one set of credentials
  • Account monitoring tools – recognizes suspicious activity and locks out hackers
When it comes to security, ignorance is your business’s kryptonite. If you’d like to learn about what else you can do to remain secure, just give us a call.
fileless-malware

Fileless malware: The invisible threat

Scanning the files you download is not enough to detect malware these days. Hackers have found a clever way to get around antivirus and anti-malware software by using fileless malware. Since this malware is not as visible as traditional malware, it can infect your entire infrastructure without you even knowing. Let’s take a closer look at how fileless malware works and what you can do to defend against them.

What is fileless malware?

Fileless malware is malicious software that doesn’t rely on executable files to infect your infrastructure. Rather, it hides in your computer’s random access memory (RAM) and uses trusted, legitimate processes such as Microsoft Office macros, PowerShell, and Windows Management Instrumentation (WMI).

Fileless malware isn’t as visible as traditional malware. They use a variety of techniques to stay persistent, and can adversely affect the integrity of a business’s processes and the infrastructures that run them. Because there are no files to trace, fileless malware escapes detection from most anti-malware programs, especially those that use the databases of precedent threats. Most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a hard time establishing where to look.

Fileless malware by the numbers

In November 2016, attacks using fileless malware saw a 13% uptick, according to a report by Trend Micro. Also, in the third quarter of 2016, attacks were 33% higher than in the first quarter. During the first quarter of 2017, more PowerShell-related attacks were reported on over 12,000 unique machines.

Kaspersky Lab uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked toward obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyberattackers to withdraw undisclosed sums of cash from ATMs.

In 2018, Trend Micro also detected a rising trend of fileless threats throughout the first half of the year.

Is your business at risk?

It is unlikely that your business has been targeted in the earliest stages of this strain of malware, but it’s better to be safe than sorry. Businesses should practice defense in depth, where multilayered safeguards are implemented to reduce exposure and mitigate damage. But apart from cultivating a security-aware workforce, what actionable countermeasures can organizations carry out?

While your business might not be in immediate danger, you should employ solutions that analyze behavioral trends. It is also wise to invest in a managed services provider that offers 24/7 network monitoring, proper patches, and software updates. Call us today to get started.

employees-onilne

Should you monitor your employees’ online activities?

To monitor or not to monitor — that is the question. Employee monitoring is a touchy subject. If you’ve ever considered it, then you may ask yourself if it is a good idea for an employer to check on their staff’s online activities. Below are the pros and cons of employee monitoring, and some helpful tips should you push through with it.

The case for monitoring

Here are several reasons why monitoring your employees’ activities on company devices is a good idea. It can help you:
  • Protect your organization from data theft or harm – because careless or disgruntled employees may leak or steal your data.
  • Ensure you have a harassment-free workplace – because cyberharassment (sexual or otherwise) happens among employees.
  • Ensure members of your staff comply with policies – such as not downloading illegal programs or spending time on websites with illegal or hostile content.
  • Provide evidence in case of a lawsuit – should an employee participate in illegal activities using your business’s computers (heaven forbid!), monitoring their device can provide evidence of their involvement.
Sadly, many business owners who monitor their employees often discover that their staff members aren’t focused solely on the company’s success.

Arguments against employee monitoring

Of course, you should also be aware of the potential downsides to monitoring. These include:
  • Productivity loss – monitoring can put a damper on employee morale, and you may see the distrust leading to productivity losses.
  • Lost privacy and lawsuits – you’ll likely learn personal details about your employees that you would’ve never known about had you not monitored them. You may discover their political or religious views, sexual orientation, or medical problems. This subjects your business to potential privacy or discrimination issues if you or your management team acts negatively based on any of this information.

Monitoring guidelines to follow

If you decide to monitor your employees, here are a few tips you should follow.

1. Create written policies
When you monitor your employees, ask yourself: “Am I doing this for security purposes? Is it to ensure my employees aren’t wasting time on games or social media?” If your monitoring policies are too strict, you could create an atmosphere of distrust.

Set guidelines for acceptable use of email and social media, web browsing, instant messaging, and downloading software and apps. Also, make sure to include how monitoring will be carried out and how data will be used, secured, and destroyed.

2. Tell your employees
It’s important to inform your employees about the scope of your monitoring policies. If they find out you’re doing it secretly, you could face legal issues. By being transparent, you may actually see a boost in productivity by deterring employees from wasting time on the web.

When you tell your employees, explain why you’re doing it and the risks your business faces from misuse of digital assets. Reassure them you’re not doing it to spy on their personal life, but to create a compliant and law-abiding workplace. Because their activities will now be less private, encourage your staff to use their smartphones for personal matters. Also, provide your employees a copy of your written policy for them to read and sign.

3. Get the right technology tools
You don’t need to know each and every employee activity, so look for apps and software that alert you of the most relevant problems, so you can focus on more important tasks.

If implemented correctly, employee monitoring makes your business more secure and productive. For more information about security and other IT support tools, get in touch with us today.

android-malware

Watch out for this Android malware

Security researchers have discovered a new Android malware called DEFENSOR ID that snuck its way into the Google Play Store. Forensic analysis shows that the malware takes advantage of an Android device’s Accessibility Services to infiltrate the system and cause damage without being detected. To help you avoid this dangerous strain of malware, we’ve compiled everything you need to know in this blog entry.

What is DEFENSOR ID?

DEFENSOR ID is a banking Trojan that minimizes its malicious capabilities to sneak past security checks and infiltrate the Google Play Store. The malware’s primary function is to request access to an Android device’s Accessibility Service, which would allow hackers to execute a variety of commands.

For starters, if unwitting users grant access to DEFENSOR ID, the malware can observe any launched apps and send sensitive information back to hackers. This means hackers can steal anything from passwords and private emails to banking information and one-time SMS activation codes for two-step verification processes.

DEFENSOR ID also allows hackers to remotely uninstall apps, launch programs, and perform gestures (e.g., tap, swipe, click) within the launched program. In theory, this feature can enable hackers to empty a victim’s bank account with minimal effort.

What’s more, the Trojan extends the lock screen timeout to 10 minutes so that cybercriminals have enough time to perform their malicious operations.

Beware of apps leveraging Accessibility Services

According to researchers, DEFENSOR ID targeted Brazilian users and was downloaded over a dozen times. But despite its small success rate, it’s possible that more malware will leverage these techniques to steal sensitive information and control user devices. In fact, earlier in 2020, McAfee researchers discovered Android/LeifAccess malware that exploited Accessibility Services to leave fake reviews on the Google Play Store.

Plus, a common Android issue is that many independent software developers can upload their apps to the Google Play Store and easily circumvent security checks. So, if users aren’t thoroughly vetting the apps they download onto their devices, attacks similar to DEFENSOR ID will become more widespread.

Malware that can abuse Accessibility Services may even give rise to more deceptive online scams or massive-scale data breaches that can shut down businesses.

How to defend against DEFENSOR ID

Developing a healthy skepticism of apps in the Google Play Store is the best way to prevent malware attacks like DEFENSOR ID. This involves training your staff to get in the habit of evaluating an app before downloading it. More specifically, they should be verifying whether user reviews seem authentic, checking the total ratings and downloads, and consulting with security experts whether an app is safe.

Businesses should also use endpoint security software to control what apps users can install on their company-registered devices. By limiting downloads to a few, fully verified apps, you can minimize your company’s exposure to mobile malware.

If you want to keep your business safe from malware and other cyberthreats, it’s in your best interest to call cybersecurity experts like us. Not only do we provide top-notch security solutions, but we also offer proactive maintenance services to protect your IT at all times.

business-printers

How to protect your business printers from hackers

Organizations spend resources on keeping their technology and devices secure, but they often overlook one crucial piece of hardware: printers. Printers, just like computers and Wi-Fi networks, can be an entry point for hackers and a gateway to your business’s sensitive information. Here’s what you need to know about keeping your printers secure.

What makes business printers vulnerable to cyberattacks?

When assessing network security threats, companies primarily focus on servers and computers not only because they are the most exposed to external threats, but also because they get the bulk of cyberattacks. Printers are often at the bottom of the list since they are not prime targets. What’s more, their functions seem to be internal at first glance, as they don’t interact with external systems.

But it’s exactly because of their primary functions, namely printing and scanning, that make print devices perfect cybercriminal targets. Businesses run important documents such as tax forms, employee information, medical records, and financial statements through print devices, and hackers would definitely love to get their hands on them.

And they can — easily.

Network printers store previous print jobs in their hard drive, sometimes including those that have been canceled. If anyone accesses the printer — even remotely — they may be able to see those documents by hacking into the printer using a specialized tool.

Files can also be intercepted during wireless transmission, as modern printers can now be connected to the web. Not only can hackers exploit printers’ open network ports to view data, but they can also take over vulnerable printers and transmit their own data through the machine.

What can you do to protect your business printers?

Business printers should not be disregarded when planning a cybersecurity strategy. Keep your print devices secure by following these best practices:

  • Monitor your network continuously and promptly install printer software updates and patches. Printer manufacturers often release software support or updates, so regularly check for those.
  • Change the default password and administrator login credentials of printers with web management capabilities.
  • Only allow company-owned devices to connect to your printers.
  • Always connect to your printers using secure connections. Conversely, avoid accessing your printers through a public internet connection.
  • Restrict printer access by using a firewall.
  • If your wireless printer has the feature that requires users to enter a PIN before they can print documents, enable it to prevent unauthorized access.
  • If you don’t use your printer for fax and email, isolate your printer from your main company network and disable out-of-network printing.
  • If you handle classified data, do not connect your printer to any network. Instead, connect it directly to your computer using data cables, or print from a thumb drive.
  • Secure your printouts by enabling manual feed. This setting requires a user to manually input paper (or any material to be printed on), so there are reduced risks of the printed document getting stolen or being left in the printing area.

Another way to secure your printers is by partnering with an IT company that can take care of your printer-related worries. From thwarting attacks to reducing management costs to keeping your printer at optimal functionality, our experts can help.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

How To Keep Uninvited Guests Out of Your Zoom Event

Zoom is a videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations.  With most of the country working from home and using Zoom as well as other cloud-based communications there has been an uptick in hacking stories.  So, what are we to do?  Let’s look at a few ways we can practice Zoom Safety. At designDATA we believe the following best practices will help:

  • Create separate passwords for each virtual meeting;
  • Establish a Zoom waiting room for meeting participants
  • Lockdown the meeting once everyone invited to attend has joined
  • Do not publicly post-meeting links on social media or any other public forum

How to Best Manage Passwords

How to Best Manage Passwords

The average person can have nearly 100 passwords (or more!) when combining professional and personal accounts and services. That is a lot to remember! Many often use the same email and password for many (if not all) accounts, so they have less to remember. This is the number one liability for accounts online: password reuse. If a popular streaming service suffers a security breach, you may not be too concerned with someone watching a show on your account. However, if your log in information for this service is the same for your banking or other sensitive accounts, the damage can be much more severe. When sites suffer a breach, the hackers immediately try those credentials on banking, email and other sites to see how many areas they can log into with one password. So, it is vitally important to have a different password for every account. In addition, to be really secure, your passwords should all be at least 15 characters (some cybersecurity analysts recommend 25 characters.) How is it humanly possible to remember up to 100 unique lengthy passwords? It’s not! That’s where password managers come into play. A password manager will become your best friend, because it takes care of three critical tasks for you:
  1. It generates lengthy, complex passwords for each of your accounts or logins
  2. It stores these complex passwords in a digital “vault”
  3. It automatically fills in this complex password every time you log into a site
People often say “I’m already using my Internet browser to save my passwords – isn’t that the same thing?” No! Browsers are designed for us to surf the Internet, and although they can store passwords, it doesn’t mean that your passwords are secure. It also means your passwords would be in one browser, so they wouldn’t be available if you use a different browser. Whereas with a password manager, you could log into your personal vault from any browser, making them much more versatile. What if the Password Manger is compromised? Great question! LastPass has been hacked multiple times, but the number of compromised passwords? ZERO. LastPass encrypts all passwords, so the company never sees your passwords, keeping your passwords secure even if a security incident occurs. To find the best password managers for you, your family, and/or your business, we recommend Googling “Best Password Managers”, and you will see a number of reviews of the top password managers available today. Also, please contact your Program Manager to ensure your organization is enrolled in designDATA’s complimentary Dark Web Scan offering which will notify you if any account in your organization has shown up on the Dark Web. Stay safe out there! by Imran Khan

Phishing Scams Aim to Exploit Coronavirus Fears

How To Keep Uninvited Guests Out of Your Zoom Event

Zoom is a videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations.  With most of the country working from home and using Zoom as well as other cloud-based communications there has been an uptick in hacking stories.  So, what are we to do?  Let’s look at a few ways we can practice Zoom Safety. At designDATA we believe the following best practices will help:

  • Create separate passwords for each virtual meeting;
  • Establish a Zoom waiting room for meeting participants
  • Lockdown the meeting once everyone invited to attend has joined
  • Do not publicly post-meeting links on social media or any other public forum