Tag Archives: Email

Top Tricks Cybercriminals Use To Hack Your Computer Network

16 Nov 17
lverbik
, , , , , , , , , , , , ,
No Comments

There’s no denying that cybercrime is on the rise. All it takes is a glance at a few big news stories from the past couple years. Equifax gave up the information of over 100 million people, many of them not even users, to a surgical hacker attack. Last May, over 57,000 infections spread from a single ransomware source across 99 separate countries, with damage reaching everything from hospitals and businesses to vital public utilities like the German railway network. And how many high-profile celebrities have had their phone’s picture feeds hacked and had to deal with the scandal of some maliciously leaked photographs, some of which they’d deleted years before?

But it’s not just massive corporations like Equifax or JPMorgan or actresses like Jennifer Lawrence that are being targeted day in and day out. It’s small businesses, many equipped with far less robust security measures in place. In fact, if you’re an entrepreneur, it’s almost a statistical guarantee that hackers will target your business at some point down the road.

In your company’s battle against cybercrime, it’s essential to stay abreast of the rapidly shifting digital landscape. Only the most up-to-date security technology can even hope to protect you from the ever more sophisticated thieves pounding at your digital door.

However, it’s also important to stay informed. Here are a few of the sneakiest and most common tricks thieves use to snatch your vital data:

Social Engineering Hacking, though it can cost you thousands and thousands of dollars and do just as much damage as its digital counterparts, doesn’t require a single line of code. Instead, they find weaknesses in the “human network” of a business. For example, skilled scammers can call your business’s cell phone provider, posing as the CEO’s spouse, and convince the customer service rep to hand over passwords, Social Security numbers, and sensitive personal information. Many IT departments are susceptible to this same scam.

Often, social engineering is used to gather information that will later be used for a different strategy. Such as …

E-mail Phishing, which hijacks (or fabricates) an e-mail account with trusted authority and sends users an e-mail requesting they click a particular link. Maybe the e-mail looks like it’s from the service department of your company’s time-tracking software, seeking to remedy an error. But when the link is clicked, ransomware or other malware spreads like wildfire through the system, and the user is at the mercy of the hackers. Usually, this is used to extort exorbitant sums of money out of small businesses or individuals. Symantec reports that just last year, over 7,000 businesses of all sizes fell prey to some form of phishing scam, costing them more than $740 million in total.

Brute-Force Password Attacks Or Password Guessing are just what they sound like. Either a hacker uses a software that, after putting in some data about the target (for example, the name of their dog or their anniversary), runs through potential keys ad infinitum. With sufficient information about the target, it’s only a matter of time before the software breaks through. Or, more often than you might think, hackers can simply guess the password. Infiltrators have common passwords that use real words or common structures memorized and can run through hundreds before giving up.

Fault Injection is a different story, usually only used by the most dedicated, sophisticated hackers around the world. Cyberthieves will use a complicated software to scan the source code of their internal software or network, noting every potential weak point in the system. Then, by splicing in strings of code, they can penetrate through and steal data, inject a virus, or employ other digital mischief.

How To Protect Yourself Against These Threats

As they say, forewarned is forearmed, but it’s not enough to keep your eye out for common hacker strategies. As the progress of technology marches on, so do the techniques and softwares used by hackers, resulting in an infinite number of permutations of ways they can penetrate your system.

The only way to be truly secure is by utilizing bleeding-edge security solutions to ensure you stay ahead of the breakneck developments in hacker technology. With constantly updating software dedicated to security, along with some know-how, you can rest a lot easier knowing your data is safe.

4 E-mails You Should NEVER Open

17 May 17
lverbik
, , , , , , , , , , , , , , , , , ,
No Comments

No matter how “bomb-proof” we make your network, you and your employees can still invite a hacker in if you click on a link or open an attachment in an e-mail sent by a cybercriminal. Some spam is obvious (can you say, “Viagra at a discount”?) but others are VERY cleverly designed to sneak past all the filters and trick the recipient into opening the door. Known as a “phishing” e-mail, this still is the #1 way hackers circumvent firewalls, filters and antivirus, so it’s critical that you and your employees know how to spot a threatening e-mail. Here are four types of e-mail ploys you should be on high alert for.

The Authority E-mail. The most common phishing e-mails are ones impersonating your bank, the IRS or some authority figure. The rule of thumb is this: ANY e-mail that comes in where 1) you don’t PERSONALLY know the sender, including e-mails from the IRS, Microsoft or your “bank,” and 2) asks you to “verify” your account should be deleted. Remember, ANY important notification will be sent via old-fashioned snail mail. If it’s important, they can call you.

The “Account Verification” E-mail. Any e-mail that asks you to verify your password, bank information or login credentials, OR to update your account information, should be ignored. No legitimate vendor sends e-mails asking for this; they will simply ask you upon logging in to update or verify your information if that’s necessary.

The Typo E-mail. Another big warning sign is typos. E-mails coming from overseas (which is where most of these attacks come from) are written by people who do not speak or write English well. Therefore, if there are obvious typos or grammar mistakes, delete it.

The Zip File, PDF Or Invoice Attachment. Unless you specifically KNOW the sender of an e-mail, never, ever open an attachment. That includes PDFs, zip files, music and video files and anything referencing an unpaid invoice or accounting file (many hackers use this to get people in accounting departments to open e-mails). Of course, ANY file can carry a virus, so better to delete it than be sorry.

Employees Keeping Your Data Safe? Don’t Count On It

10 Aug 16
lverbik
, , , , , , , , , , , , , ,
No Comments

The biggest block to protecting your company’s data is employee ignorance about cybersecurity. In fact, your employees are probably compromising your data right now and aren’t even aware of it.

In case you haven’t read the reports, a statement from one of the many companies recently forced to close its doors following a cyber-attack involving one of their own employees brings the point home:

“Code Spaces will not be able to operate beyond this point. The cost of resolving this issue and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility.”

Root cause of the disaster? Very likely a phishing attack that one of their own team members unwittingly played a key role in.

If you want even a ghost of a chance that your data remains safe and secure, you MUST be aware of the five ways your employees are probably putting your company at risk right now:

Risky Passcode Practices

A good rule of thumb is, if you can recall a password, it’s probably not safe. Require the use of a random password generator to keep weak passcodes from being the weak link in your data’s defenses. Invest in a company-wide password protection system. And wherever possible, use two-factor authentication for logins to critical sites.

Working Outside a Secured Network

It’s great that your team loves to collaborate. Just make sure it’s done in a secure network. E-mail-sharing and file-sharing over a non-secured network can lead to leaks. Train your team to share sensitive messages and files only within a secure company network. Even better, invest in encryption and collaboration tools that keep your data extra-safe while in transit. After all, great teams need to collaborate. Just make sure it’s getting done without putting your data at risk.

E-mail Naïveté

Most people are aware by now that clicking on unknown links in an e-mail can lead to trouble. Yet clever hackers are sending ever more appealing e-mails that trick the unwary into clicking. Insist that no attachments from unknown sources are to be opened. And require that users on your network look up unknown links before blindly clicking on them.

Unattended Devices

Walking away from an open laptop in a coffee shop is a recipe for disaster. Yet even at the office, stepping away from a workstation can expose sensitive data to snoops. Insist that wherever your team works, they maintain complete visual control over any screen showing confidential company data.

Malicious Acts

You may find it hard to believe, but employees leaking critical data on purpose happens all the time. It may be for a personal venture – or a personal vendetta against your company. Regardless of the cause, it’s always a risk. And you may not see it coming. Safeguard all data coming into or going out from your company. And always change access codes whenever someone leaves your employ – willingly or unwillingly.

Protecting company data in today’s fluid and fast-changing business environment is tough work. If you don’t have a robust protection plan in place, your critical data IS at risk.  Safe data practices by your employees are absolutely critical to your company’s success and survival.

Need an ally to help protect your data from employee sabotage – accidental or otherwise?  Call us today at 317-857-0150 to schedule a complimentary review.

Professional E-mail Addresses

04 May 16
lverbik
, , , , , , , , , , , , , , , , , ,
No Comments

Are you turning business away with your e-mail “saddress”?

We see it all the time and there’s just no excuse for it. It’s just sad, really, when a company is still using an e-mail address that projects a less than professional image to its recipients. What do we mean by that?

Look at your e-mail address. Does it end in @hotmail, @gmail, or—don’t make me say it–@aol? I just URLed in my mouth a little. The time has come to make some simple changes that will have far reaching effects on your business and its perception with your intended audience.

The fastest, easiest and most inexpensive change you can make is to have an e-mail account that links to your business’s domain. For example, joesmith@WidgetCorp.com. This is a simple matter of linking any e-mail account you may use, such as gmail, through your company’s domain. The back end secret is yours; recipients will never see signs of gmail. They only see a business that’s all business.

Another suggestion is to avoid using a clever descriptive name or nickname as part of your e-mail address, like SwankyLover@WidgetCorp.com. You might think it is clever and that it makes you stand out—and it does, but not in the way you want for a professional business. Customers will not find it easy to take SwankyLover seriously, nor will they risk taking a chance on a “persona” rather than a straightforward actual person. Use your name. It shows you are professional and mean business. It lets people know who they’re talking to.

Make sure the body of those e-mails look good, too, by regularly employing templates. There’s nothing worse than a customer receiving hastily written e-mails littered with typos. The easy way to avoid that is the use of templates—pre-written text for the types of communications you have to send out repeatedly. You can actually purchase template programs for this scenario. Another way is to create your own set of templates and store them on Google drive so that all of your employees have access to them. This also creates a consistent level of quality across the company and helps employees who may not have the writing skill set you wish they did.

A closing tip: if you and your employees have signature lines (bio type descriptions) at the end of your e-mails, keep it to one or two sentences, not a novella. If you want people to know more, just include a link so they can make the choice themselves to click through. Putting people off by annoying them with excessive self-promotion is something easily avoided—so why not take the terse road.

We’re delighted to help you take the sad out of e-mail addresses and show your business in the best possible light. For other tips and tricks to gain the advantage using technology, contact TechnoAdvantage today.

Four Rules of Email Etiquette Can Save Your Reputation

25 Nov 15
lverbik
, , , , , , , , , , , ,
No Comments

You may not think of email as having such power, but just as a great email can bring in the business—so these email mistakes can drive customers away and ruin your reputation. And pretty quickly too, if they’re repeated on a consistent basis.  What business technology can do for you can be rapidly undone if you or your employees ignore these four simple rules of email etiquette:

  1. Always use proper spelling and grammar

You would be surprised at the amount of emails that get sent with misspellings, typos and poor grammar. Now, not everyone is a great writer, but there is a fundamental professional standard you should meet that involves using spell-check on every single business email you write. Send enough poorly written emails and the unspoken message you are sending your customers is that you are unprofessional, you don’t care about details, you’re not a quality company—or worse, you’re not even legit. Spelling matters!

  1. Be careful who you CC

We all use group email to keep the team looped in. But this practice can go horribly wrong when you hit the reply button carelessly. If you’re not alert, you may “reply all” when in fact you don’t want specific team members to receive the email. Or how about forwarding or replying and you’ve written something negative about someone on the email thread?  Get out of the habit of thoughtlessly hitting “reply all”—and make it your habit to select recipients one by one every time before you hit “send.” (And, p.s. it is a good practice to NEVER write a negative email. They never disappear and may end up being forwarded and causing harm.)

  1. Don’t be in a hurry when emailing

Emails written in a hurry are obvious to the recipient. Some of the things that can go wrong with them are: unfinished emails sent, typos, incorrect information.  Then you’re forced to send an awkward follow-up email where you have to explain your mistake. Very unprofessional! Moral: Slow down and give your full attention to each email you compose. People know when you’ve rushed through and it sends the message to them that they are unimportant to you. No matter how short the email or seemingly trivial, take your time to honor your recipient and get it right.

  1. Double-check the recipient before you hit “send”

This is another frequent blunder that happens when we get in a hurry and go on autopilot. The culprit is the autofill function. You think you’ve typed in someone’s name and unbeknownst to you, autofill has populated the “to” line with a different person of similar name or address from your contacts and you’ve hit send. This kind of error can be anywhere from embarrassing to downright dangerous, depending on the type of information you are sending out, e.g. confidential corporate info.

These rules of email etiquette are important enough to share with your employees as we all take on the role of representing our employers. Your reputation is at stake and no matter what you email or whom you email, take time, slow down, give it your best, and make sure it’s right before you hit send.  If you have any tips to add to this list, comment below! For more ideas, contact Techno Advantage today!