People are busy, working fast, tired, and overly trusting. Cyber crooks are targeting people's preoccupation and fears around the coronavirus. IT can do its best, but one bad click can breach a system. Learn about current COVID-19 related IT threats in our latest ebook.
LetMeIn101: How the Bad Guys Get Your Password
Passwords are essential to your cybersafety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your laissez-faire attitude is one way bad guys access your passwords.
Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.
Tip: Avoid obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.
Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.
Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.
If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.
Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it’s unique to you.
The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.
Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.
Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.
Tip: Be cautious about your online activity on computers or networks you don’t trust.
Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.
Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.
These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cybercriminals?
N-Line Technologies has been helping small businesses just like yours in Midland, Odessa, and across the Permian Basin keep the bad guys out. We can help.
Contact us today! Call us at 432-279-0671
Has Your Email Been Hijacked?
A common complaint by many users in recent months has been spam emails appearing to come from their own accounts. Despite not knowing why, reports of friends, family, and contacts receiving spam email that appears to come from them has worried many people.
Some have had their accounts suspended or shut down by their service providers as a result. For many, this experience can be highly disruptive. It’s a problem that can cause many issues in both your professional and personal life.
The key to defense is learning how these attacks happen, and figuring out what you can do to protect yourself and your contacts against them.
Hackers Using Your Email Against You
Scammers that send out spam messages are continually looking for ways to make the process faster, cheaper, and more efficient. It’s the best way in which they can make more money every day by scamming unsuspecting victims for even more cash.
One of the most efficient ways they do this is by hijacking ready-made trusted email accounts like your own. Hackers have several tools at their disposal to attempt to hijack your accounts.
Some of the principles which make email fast and easy to use means that details, such as those in the ‘from’ field, are easy to fake. A hacker might change the information supplied to make it appear as if the email comes from anyone.
There’s not much you can do to defend your email against such an attack. However, you can work to verify that an email, even one you expect to receive, does come from the person you believe it to be. If your email provider flags up an incoming email as ‘suspicious’, or ‘untrustworthy’, it may well be. A good spam filter service like our N-Line Spam Control can filter out many fake emails before they get to your inbox.
Stolen Credentials
Hackers often buy large bundles of email addresses and passwords from the dark web. Leaked emails are often put up for sale following hacks of major companies and service providers.
The value of these details comes from passwords being unlikely to have been changed, the details attached to them are trusted, and often give hackers access to additional services too.
How To Detect an Email Intrusion
It can take a long time before you’re aware that malicious hackers are using your details. You might even be the last person in your contacts to know.
The first sign to look out for is a large number of unexpected emails in your inbox. These are likely replies to emails you never sent in the first place. Out of office, automatic responses, people complaining about spam, and people responding to the email as if it were genuine may all come to you first.
Keep a close eye on unexpected emails appearing suddenly in either your inbox or outbox. A hacker may be spear-phishing someone that you do business with or trust. By acting as you, using your address and details, they may be able to divert payments or confidential information to their accounts instead.
Protecting Yourself Against Hackers, Attackers, And Hijackers
Sometimes your computer might have been compromised to give hackers access to your services. Malicious software may have infected your machine to steal data and infect your contacts.
Take extra care to change your passwords if you believe your email has been accessed by a hacker. Use a different, more secure password for your email than you do for every other service. Your email account is often the key to accessing many of the services you use most.
Run a virus scan and maintain security updates if you think your computer could have been infected. Have your machine and services looked at by a professional if you believe there is a risk your data is being used?
N-Line Technologies is here to help you protect your email with business-grade email solutions from Microsoft Office 365. If you think your email could have been hijacked, or your details used elsewhere, click HERE give us a call at 432-279-0671 to clean up today.
We have been serving Midland, Odessa, and the Permian Basin since 2001!
Don’t Get Hooked by Spear-Phishing Attacks
Phishing attacks have been around for a long time in IT. Designed to steal your credentials or trick you into installing malicious software, they have persisted in the IT world precisely because they have been so devastatingly simple and effective. Today, a more modern and more effective version of the same attack is commonly used.
A typical phishing attack involves an attacker sending out a malicious email to hundreds of thousands, if not millions of users. The attacker’s email is designed to look like it comes from a bank, financial service, or even the tax office. Often aiming to trick you into logging in to a fake online service, a phishing attack captures the login details you enter so an attacker may use them to enter the genuine service later.
By sending out tens of thousands of emails at a time, attackers can guarantee that even if only one half of one percent of people fall for it, there is a lot of profit to be made by draining accounts. Spear phishing is a more modern, more sophisticated, and far more dangerous form of the attack. It’s typically targeted at businesses and their staff.
A Convincing, Dangerous Attack
While a traditional phishing attack throws out a broad net in the hope of capturing as many credentials as possible, spear phishing is targeted and precise. The attack is aimed towards convincing a single business, department, or individual that a fraudulent email or website is genuine.
The attacker focuses on building a relationship and establishing trust with the target. By building trust and convincing the target that they are who they are pretending to be, the user is more likely to open attachments, follow links, or provide sensitive details.
They do this by carefully researching your company and its key officers. Often using Google, Facebook, LinkedIn, and other online sources of information so that they can successfully imitate someone you or your employees will trust such a key vendor or business partner, or even a fellow employee.
Consider how many times you have followed a link or opened an attachment just because it has come from a contact you have trusted before.
A Trusted E-mail
The malicious email can appear to come from a vendor you deal with regularly. It may even look like an invoice you are expecting to receive. Often attackers can simply substitute the vendors’ banking details for their own, hoping the target will not notice the difference.
Such an attack is very difficult to detect. It takes a keen eye, strong working knowledge, and constant awareness to keep your company protected. Even a single small mistake by an unaware member of staff can compromise your business accounts.
Defending Your Business
The key to stopping a spear phishing attack is education. Learning attack techniques, and how to protect against them is the single biggest thing you can do to enhance business security.
Whenever you deal with a vendor in a business transaction, you should always consider important questions before proceeding. Are you expecting this email? Is the vendor attempting to rush you into a quick decision or transaction? Have you checked all the details are correct and as you expected? Sometimes a simple query to the vendor can protect you against worst-case scenarios.
In many cases, a phishing attack can be halted in its tracks with a strong IT security package. Web and spam filtering can prevent malicious emails and links from entering the network, shutting attacks down before any damage can be done.
Good Security Practice
As with many types of IT threats, good security practices help mitigate damage. Locking down security to ensure employees only access the systems they need helps to prevent damage from spreading across the network.
Enforcing unique and strong passwords prevents leaked credentials from affecting systems related to the one that has been compromised. Getting employees set up with a password manager and good security policies can do the world of good to boost your security to the level it needs to be.
N-Line Technologies has the tools and know how to help protect your company from sophisticated Spear-Phishing attacks.
Don’t wait until they attack.
Contact us today at 432-279-0671 to audit your security practices.
Should You Pay for a Ransomware Attack?
Let’s face it getting hit with a ransomware attack just plain sucks, your files get encrypted by cybercriminals and are held hostage. You are then left having to decide: should we pay to get them back? Sadly, this is a scene that’s played out across the world with 70% of businesses saying ‘yes’ in 2016 alone. Here’s what you should consider if you’re ever in this situation.
Do you trust them?
We have all seen the TV shows where the rich guy’s son or daughter is kidnapped and when they pay the ransom the kidnappers take the money and kill the kid. This situation is no different. The cold fact is that they’re criminals holding your data hostage, how confident are you that they’ll send the decryption key after you pay up? Most attackers demand you send the payment via untraceable Bitcoin, so you can do nothing if they take the money and run. You’re also equally trapped if they decide they asked too little and come back with increasingly higher demands. If they do send the decryption key, be aware they still have access to your systems and can hit you again at any time until your network is disinfected by experts. Businesses don’t exactly want the embarrassment of a breach publicized either, so many don’t admit to paying the ransom, whether it went to plan or otherwise.
Can you manage the impact?
In the best-case scenario, you can wipe the affected drives and restore from a clean backup without paying the ransom. You might even decide the encrypted files aren’t that important and simply let them go, or even wipe a whole laptop or workstation. On the other hand, if your data management comes under any special regulations, like health or legal, you may find the attack has a much wider, more intense impact. The attacker will usually give you a countdown to motivate a payment, with a threat of deletion when it hits zero. If the data isn’t that valuable, or you have confirmed backups, this urgency has no effect. There are also new types of ransomware like “KillDisk” which can permanently wipe your entire hard drive or even your entire network.
How much do they want?
Cybercriminals rarely send out global attacks with set amounts, instead, they prefer to customize the ransom based on how much they think you can pay. Large corporations and hospitals are hit with very high demands, while small business demands are more modest. They may be criminals, but they’re smart people who know your financial limits. They’ll also consider how much similar businesses have paid and how quickly, then expect you to follow suit.
Are your backups good?
Many businesses are discovering too late that their backup systems aren’t good enough to withstand this kind of attack. Often the backups themselves become infected too, they weren’t up-to-date or they backed up the wrong data. OUCH. It’s worth doing some quick checks on your backup processes because even if you must shut down the system for a day so you can recover, you’re still light years ahead of those without them.
What’s your policy?
More and more often, businesses are adding ransomware to their disaster recovery plans and having predefined actions mapped out. Seemingly simple inclusions like who has final say over the payment decision can stop this chaos in its tracks. Employees and management alike can then approach the situation calmly, ready to make the best decisions for the business.
Stay safe in the first place
Ransomware is just plain evil and it is showing no signs of slowing down. There is just too much easy money for the crooks. As more businesses keep them funded the cybercriminals are steadily launching new attacks and making it their full-time job. Most attacks come via phishing emails – those emails that trick employees into clicking a link – and they can be extremely convincing. While training helps people spot them, it’s no guarantee. We recommend using business-class spam filters, such as our excellent “N-Line Spam Control” Product, to catch these types of emails before they land in your employee inboxes. You want that ransomware attack be something that happens to other businesses, not yours.
N-Line Technologies can help you secure your data systems now!
Call us at 432-279-0671
We proudly service Midland and Odessa Texas and the Permian Basin area.
Contact us today!
Take a step toward cyber safety!
Take a step toward cyber safety! Here’s a collection of tools, services, and other solutions to secure your business and prevent cyber attacks.
N-Line Technologies helps many businesses with these products and many more. We proudly service Midland, Odessa, and the Permian Basin.
Fake Invoice Attacks Are on the Rise – Here’s How to Spot (and Beat) Them!
Businesses around the world are being struck with a cyber-attack that sends victims a fake invoice that looks real enough to fool to most employees. It’s an old scam that used to see bills faxed or mailed in, but it’s made its way into the digital world and instances are on the rise.
Chances are you’ve already seen some of the less effective attempts, like an email advising your domain is expiring, except it’s not from your host and your domain is nowhere near expiration. These new attacks are more advanced, in that they look completely legitimate and are often from contractors/suppliers you actually use. Logos are correct, spelling and grammar are spot on, and they might even refer to actual work or invoice numbers. The sender name may also be the normal contact you’d associate with that business, or even a co-worker, as cybercriminals are able to effectively ‘spoof’ real accounts and real people. While it’s worrying that they know enough about your business to wear that disguise so well, a successful attack relies on you not knowing what to look for, or even that fakes are a possibility. With that in mind, here are two types of invoice attacks you might receive:
The Payment Redirect
This style of fake invoice either explicitly states payment should be made to a certain account, perhaps with a friendly note about the new details, or includes a payment link direct to the new account. Your accounts payable person believes they’re doing the right thing by resolving the invoice and unwittingly sends company money offshore. The problem usually isn’t discovered until the real invoice from the real supplier comes in or the transaction is flagged in an audit. Due to the nature of international cybercrime, it’s unlikely you’ll be able to recover the funds even if you catch it quickly.
The Malware Click – Rather than go for the immediate cash grab, this style of attack asks your employee to click a link to download the invoice. The email may even look like the ones normally generated by popular accounting tools like Quickbooks or Xero, making the click seem safe. Once your employee has clicked the link, malware is downloaded that can trigger ransomware or data breaches. While an up-to-date anti-virus should block the attack at that stage, it’s not always guaranteed, especially with new and undiscovered malware. If it does get through, the malware quickly embeds itself deep into your systems, often silently lurking until detected or activated.
How to Stay Safe
Awareness is key to ensuring these types of attacks have no impact on your business. As always, keep your anti-virus and spam filters up to date to minimize the risk of the emails getting through in the first place. Then, consider implementing a simple set of procedures regarding payments. These could include verifying account changes with a phone call (to the number you have on record, not the one in the email), double checking invoices against work orders, appointing a single administrator to restrict access to accounts, or even two-factor authorization for payments. Simple pre-emptive checks like hovering the mouse over any links before clicking and quickly making sure it looks right can also help. Like your own business, your contractors and suppliers are extra careful with their invoicing, so if anything looks off – even in the slightest – hold back on payment/clicking until it’s been reviewed. Fake invoices attacks may be increasing, but that doesn’t mean your business will become a statistic, especially now that you know what’s going on and how you can stop them.
We can help increase your security, talk to us today. Call us at 432-279-0671
How to Stop Your Business Becoming a Victim of Social Engineering
You can have top-notch security in place but there is still one danger: social engineering. It’s the old kid on the block, but most of us have never heard of it. Perhaps the more familiar term is ‘con’: the art of manipulating people to take certain actions or divulge private information. Social engineers are a special type of hacker who skip the hassle of writing code and go straight to the weakest link in your security defenses – your employees. A phone call, a cheap disguise or casual email may be all it takes to gain access, despite having solid tech protections in place.
Here are just a few examples of how social engineers work:
Email: Pretending to be a co-worker or customer who ‘just quickly’ needs a certain piece of information. It could be a shipping address, login, contact or personal detail that they pretend they already know, but simply don’t have in front of them. The email may even tell you where to get the data from. The hacker may also create a sense of urgency or indicate the fear that they’ll get in trouble without this information. Your employee is naturally inclined to help and quickly sends a reply.
Phone: Posing as IT support, government official or customer, the hacker quickly manipulates your employee into changing a password or giving out information. These attacks are harder to identify and the hacker can be very persuasive, even using background sound effects like a crying baby or call-center noise to trigger empathy or trust.
In person: A delivery man uniform gets past most people without question, as does a repairman. The social engineer can quickly then move into sensitive areas of your business. Once inside, they essentially become invisible, free to install network listening devices, read a Post-it note with a password on it, or tamper with your business in other ways.
It’s impossible to predict when and where (or how) a social engineer will strike. The above attacks aren’t particularly sophisticated, but they are extremely effective. Your staff has been trained to be helpful, but this can also be a weakness. So what can you do to protect your business? First, recognize that not all of your employees have the same level of interaction with people, the front desk clerk taking calls all day would be at higher risk than the factory worker, for example. We recommend cyber-security training for each level of risk identified, focusing on responding to the types of scenarios they might find themselves in. Social engineering is too dangerous to take lightly, and far too common for comfort.
Talk to us about your cyber security options today.
Contact us here or Call us at 432-279-0671
How to Search Google Safely
Search Google Safely
We all love our Google, quickly finding everything we need on the Internet. It’s replaced dictionaries, encyclopedias, instruction manuals, newspapers and in many cases, even doctors. However, sometimes your search results aren’t the real thing and can be downright malicious. Here’s how to search safely:
Pay attention to the URL in Google
Below every result title, there’s a URL in green. No matter what the title says, this URL is where your click will take you. Unfortunately, cyber-criminals will often list their site with a familiar and trusted title but link you to their scam/malware pages.
For example, the title could be your bank name (eg, Example Bank), which seems legitimate, but the URL could be www.baabpjhg.com which is obviously not your bank. Sometimes they’ll attempt to trick you by putting the real site into the link too, eg www.baabpjhg.com/examplebank.com which makes it even more likely to catch you when skimming through results quickly. When you visit the page, it might look exactly like your bank’s site and ask for your login details, which are then harvested for the attack. While jibberish in the link is pretty easy to spot, sometimes they’ll take advantage of a small typo that you can easily miss. For example, www.exampebank.com (missing the letter L).
Notice Google search results vs paid ads
Google does a pretty good job at making sure the most relevant and legitimate sites are at the top of the list. However, paid ads will usually appear above them. Most of the time, these paid ads are also legitimate (and you can quickly check the URL to verify), but occasionally cybercriminals are able to promote their malicious site to the top and catch thousands of victims before being removed.
Believe Google’s malicious site alerts
Sometimes Google knows when something is wrong with a site. It could be a legitimate site that was recently hacked, a security setting that’s malfunctioned, or the site was reported to them as compromised. When this happens, Google stops you clicking through with a message saying “this website may be harmful” or “this site may harm your computer”. Stop immediately, and trust that Google has detected something you don’t want in your house.
Turn on safe search
You can filter out explicit results by turning on Google Safe Search. While not strictly a cyber-security issue, it can still provide a safer Google experience. Safe Search is normally suggested as a way to protect browsing children, but it also helps adults who aren’t interested in having their search results cluttered with inappropriate links, many of which lead to high-risk sites. Switch Safe Search on/off by clicking Settings > Safe Search.
Need some help securing your system? Give us a call at 432-279-0671
Don’t fall for phishing emails with “Equifax Data Breach” in the subject line.
The online con artists and hackers will be lining up in droves for this one. And hitting your email mailbox hard.
On Thursday the Credit Reporting Bureau, Equifax reported that they have suffered a massive data breach in which 143 million Americans have had their credit data stolen. This information includes Social Security Numbers, Drivers License numbers and most of your basic account information on file with the credit bureau. The potential for abuse should be obvious. Crooks can take this information and steal your identity to create credit card accounts run up massive debts and vanish leaving you with a major mess to clean up.
As this is major news the hackers will, of course, use your fear of credit fraud to trick you into opening virus laden emails in hopes of capturing passwords.
What to do about it?
- Check with Equifax and see if your information is part of the data breach. You can do so at https://www.equifaxsecurity2017.com/
- Don’t open emails that are warning about Equifax. If you have an account with Equifax use the link above to check your status. NEVER CLICK ON LINKS in an email.
- Update your antivirus. If you don’t have an antivirus get one now.
- Get a good spam filter. We have several spam solutions for your business such as Office 365. Switching your business to Office 365 for email can dramatically reduce your spam and virus risk with the built in protection from Microsoft.
- Use a good ad block program in your web browser. At N-Line we recommend Ublock Origin for Google Chrome.