Businesses around the world are being struck with a cyber-attack that sends victims a fake invoice that looks real enough to fool to most employees. It’s an old scam that used to see bills faxed or mailed in, but it’s made its way into the digital world and instances are on the rise.
Chances are you’ve already seen some of the less effective attempts, like an email advising your domain is expiring, except it’s not from your host and your domain is nowhere near expiration. These new attacks are more advanced, in that they look completely legitimate and are often from contractors/suppliers you actually use. Logos are correct, spelling and grammar are spot on, and they might even refer to actual work or invoice numbers. The sender name may also be the normal contact you’d associate with that business, or even a co-worker, as cyber-criminals are able to effectively ‘spoof’ real accounts and real people. While it’s worrying that they know enough about your business to wear that disguise so well, a successful attack relies on you not knowing what to look for, or even that fakes are a possibility. With that in mind, here are two types of invoice attacks you might receive: The Payment Redirect This style of fake invoice either explicitly states payment should be made to a certain account, perhaps with a friendly note about the new details, or includes a payment link direct to the new account. Your accounts payable person believes they’re doing the right thing by resolving the invoice and unwittingly sends company money offshore. The problem usually isn’t discovered until the real invoice from the real supplier comes in or the transaction is flagged in an audit. Due to the nature of international cyber-crime, it’s unlikely you’ll be able to recover the funds even if you catch it quickly. The Malware Click Rather than go for the immediate cash grab, this style of attack asks your employee to click a link to download the invoice. The email may even look like the ones normally generated by popular accounting tools like Quickbooks or Xero, making the click seem safe. Once your employee has clicked the link, malware is downloaded that can trigger ransomware or data breaches. While an up-to-date anti-virus should block the attack at that stage, it’s not always guaranteed, especially with new and undiscovered malware. If it does get through, the malware quickly embeds itself deep into your systems, often silently lurking until detected or activated. How to Stay Safe Awareness is key to ensuring these types of attacks have no impact on your business. As always, keep your anti-virus and spam filters up to date to minimize the risk of the emails getting through in the first place. Then, consider implementing a simple set of procedures regarding payments. These could include verifying account changes with a phone call (to the number you have on record, not the one in the email), double checking invoices against work orders, appointing a single administrator to restrict access to accounts, or even two-factor authorization for payments. Simple pre-emptive checks like hovering the mouse over any links before clicking and quickly making sure it looks right can also help. Like your own business, your contractors and suppliers are extra careful with their invoicing, so if anything looks off - even in the slightest - hold back on payment/clicking until it’s been reviewed. Fake invoices attacks may be increasing, but that doesn’t mean your business will become a statistic, especially now that you know what’s going on and how you can stop them. We can help increase your security, talk to us today. Call us at 262-515-9499. 15 years after the world united to crack down on spam emails, we’re still struggling with overloaded inboxes. All that unwanted email continues to flood the internet, much of it targeted towards small businesses, and the impact goes wider than you might think. Here’s the full breakdown of how modern spam works and how it’s hurting your business.
What is spam? Generally speaking, spam is any unwanted message that lands in your email, comes via text, social media messaging, or other communication platform. It might be sent to your main business account, eg your ‘contact us’ email, or direct to your employees. Most of the time, spam is annoying but relatively innocent messages from another business inviting you to buy/do/see something. They’re newsletters, reminders, invitations, sales pitches, etc. You may know the sender and have a previous relationship with them, or they might be a complete stranger. Occasionally, spam may even be part of a cyber attack. Why you’re getting spammed. Maybe you or your employee signed up for a newsletter or bought a $1 raffle ticket to win a car. Perhaps you got onto the mailing list accidentally after enquiring about a product, not knowing that simply getting a brochure sent through would trigger a spam-avalanche. Often there’s fine print that says they’ll not only use your details to send you their marketing, but they’ll share your details with 3rd parties so they can send you messages too. That single email address can be passed around the internet like wildfire, and before you know it, you’re buried under spam. Sometimes, and more than we’d like to think, your details are found illicitly, perhaps through a hacked website for example, like the recent LinkedIn leak. More often though, your email is simply collected by a computer ‘scraping’ the internet - scouring forums and websites for plain text or linked emails and selling them as prime spam targets. It’s easy to see how individual office employees receive an average of 120 emails daily, over half of which are spam! More than annoying. We all know spam is annoying, but did you know it’s also resource hungry? Your employees are spending hours each week sorting their email, assessing each one for relevance and deleting the spam. Too often, legitimate emails from clients and customers get caught up and are accidentally deleted. Add in the temptation to read the more interesting spam emails and productivity drops to zero. On the other side of the business, your email server might be dedicating storage and processing power to spam emails, occasionally to the point where inboxes get full and real mail is bouncing out. While most spam is simply an unwanted newsletter or sale notice, there’s also the risk that any links may be a cyber-attack in disguise. After all, one click is all it takes to open the door to viruses, ransomware, phishing or other security emergencies. How to stop the spam. The 2003 Can Spam Act (a global set of anti-spam laws) requires all marketers to follow certain rules, like not adding people to mailing lists without permission, and always including an ‘unsubscribe’ link. So firstly, make sure you’re not accidentally giving people permission to email you - check the fine print or privacy policy. Next, look for the unsubscribe link at the bottom of the email. Unfortunately, not all of them include the link, or they hide it somewhere impossible to see. The worst spammers take that ‘unsubscribe’ click to confirm that your email address is valid/active and then sell it on. Talk to us about your anti-spam protections. Call us at 262-515-9499. At last count, Facebook has clocked up over 2.7 billion users, which makes the platform more attractive than ever for scammers and hackers. While you may be logging in to share your latest family photos or catch up with friends, the chances of accidentally triggering a scam or malware are increasing daily. Here’s how to stay safe on Facebook and stop the spread.
Look out for freebies and surveys Everybody loves a freebie and for the most part the competition posts on Facebook are legitimate. On the flip side though, when you see a giveaway for vouchers from a mega-store, alarm bells should ring. ‘Do this quick survey and we’ll send you a $50 Amazon Voucher!’ - it’s too good to be true. Even one click can take you on a messy journey through the underbelly of the web, picking up trackers and malware at every stop and at the end, you’re asked to share the post so your friends can get a voucher too...except nobody ever gets the reward. Check your permissions with games and quizzes Whenever you access a new game or quiz, you’ll need to give permissions for it to access your Facebook profile. Most people click the okay button without any thought, but if you review the permissions you’re giving, you’ll often find they’re asking for a massive amount of personal data; public profile, friend list, email address, birthday and newsfeed. Do they really need ALL this information? Sometimes the shakedown is from necessity, but sometimes the apps are preparing to launch attacks against you both on and off Facebook. For example, when you call your bank they ask certain questions like your full name, birthday and maybe which high school you went to. All that information is in your Facebook profile and now shared with your permission. Don’t friend people you don’t know Having lots of friends is always nice, but that friend accept could end up costing you. It might be someone pretending to know you, or a picture of a pretty girl to entice men (and vice versa). Once you friend them, they get access to everything your friends can see. In this case, it’s more than the risk of someone knowing your personal data, you’ve just given them intimate access to your life. It’s exactly how romance scams start, and there are even cases where the victim finds photos of their children circulating the internet. If it’s weird, forget it It doesn’t happen very often, but hackers find ways to take advantage of flaws in Facebook. A common hack that keeps popping up in various forms is to embed malware in a link. The virus then infects your machine and contacts all your friends with an enticing message, like asking whether a picture is of them. When they click to view the picture, the virus catches them and their friend list, and so on. Facebook is pretty good at staying on top of these flaws, but they need time to fix it. Just like if you got a weird email with an attachment from a friend, use that same level of scrutiny in your Facebook and don’t open messages or links that seem out of place. Need help securing your privacy? Talk to us. Click here to Contact us. The invention of Wi-Fi has been a science fiction dream come true. We can use our laptops anywhere in the house, our phones are using home internet instead of sucking down our cellular data, and our gadgets are all communicating. It’s essentially the backbone of the smart tech boom for home and business alike. Most networks are password-protected with an encryption called “WPA2” and this has been safe and secure, until now.
Recently, a security flaw called KRACK was discovered that allows hackers to break into Wi-Fi networks – even the secured ones. Your laptop, mobile phone, gaming console and even your smart fridge are possibly vulnerable as a result. How KRACK works: The Key Reinstallation AttaCK isn’t a problem with your device or how it was set up. It’s a problem with the Wi-Fi technology itself. The attack gets between your device and the access point (eg router) to reset the encryption key so hackers can view all network traffic in plain text. Since we rely on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, chat messages, emails, photos and more. NOTE: The hacker must be in physical range of your Wi-fi to exploit this flaw, it doesn’t work remotely like other attacks we’ve seen recently. Given most Wi-Fi ranges extend well past your own home/business, this is small comfort, but important to know. How to protect yourself Run your updates: Software updates are being released which fix the flaw. Microsoft has already released one for Windows, Apple has one coming in a few weeks. Take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update, or if they’re older, may not get an update to fix this issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support. Be very careful with public Wi-Fi: While your local business center, library or school campus has expert IT professionals keeping guard over your security, it’s a very different matter at your local coffee shop. It’s unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them a dollop of private information with their coffee. Check your browser security: Before sending anything secure over the internet, check you’re using a HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS. If you need help updating your devices, or want us to check if you’re safe, contact us. Sometimes computers do wacky things that ring alarm bells and make us dive for cover. Next thing you know, you’re running scans on repeat and demanding everyone come clean about their browsing habits. Fortunately, not all weird occurrences are caused by viruses – sometimes your computer is simply overloaded, overheating or in desperate need of a reboot. Here are the tell-tale signs of a malware attack: 1. Bizarre error messages Look for messages popping up from nowhere that make no sense, are poorly worded or plain gibberish – especially if they’re about a program you don’t even have. Take note of anti-virus warnings too, check the warning is from YOUR anti-virus software and looks like it should. If a message pops up that isn’t quite right, don’t click. Not even to clear or cancel the message. Close the browser or shut down the computer instead, then run a full scan. 2. Suddenly deactivated anti-virus/malware protection You know the best way to get past the guard? Send him for a coffee break! Certain viruses are programmed to take out the security systems first, leaving you open to infection. If you reboot and your protections aren’t back on the job, you are more than likely under attack. Attempt to start the anti-virus manually and you’ll know for sure. 3. Social media messages you didn’t send Are your friends replying to messages you never wrote? Your login details might have been hacked and your friends are now being tricked into giving up personal information or money. Change your password immediately, and advise your friends of the hack. 4. Web browser acting up Perhaps you’ve noticed your homepage has changed, it’s using an odd search engine or opening/redirecting unwanted sites. If your browser has gone rogue, it’s definitely a virus, usually one intended to steal your personal or financial details. Skip the online banking and email until your scans come up clear and everything is working normally again. 5. Sluggish performance If your computer speed has dropped, boot up takes an eternity and even moving the mouse has become a chore, it’s a sign that something is wrong. But not necessarily a virus. Run your anti-virus scan and if that resolves it, great. If not, your computer likely needs a tune-up or quickie repair. 6. Constant computer activity You’re off the computer but the hard drive is going nuts, the fans are whirring, and the network lights are flashing like a disco? It’s almost like someone IS using the computer! Viruses and malware attacks use your computer resources, sometimes even more than you do. Take note of what’s normal, and what’s not. Credit reporting company Equifax has just revealed that its databases were hacked in a large-scale breach affecting millions across the US, UK & Canada. While no hacking event is ever good news, some are easier to ignore than others – this isn’t one of them. The sensitive nature of the exposed data now requires immediate action for all those even possibly affected.
The short version: Equifax is one of the three main organizations in the US that manages & calculates credit scores. To do that effectively, they have access to almost every piece of financial data for adults in the country, plus pretty much anyone who’s lived/worked in the US. We’re talking social security, tax file numbers, drivers’ license, credit card numbers…the big stuff. On July 29, Equifax disclosed the breach, stating that hackers had repeatedly gotten in through a vulnerability in the web application from mid-May to July of this year. If you’re an Equifax customer: As scary as all that sounds, what’s done is done. Equifax, cyber-security experts & law enforcement officials are on the case, working to minimize the long-term damage. The best action now is to protect yourself against fallout: 1. Go to: http://www.equifaxsecurity2017.com to see if your data may have been affected. There was some news that this site was delivering random results, but Equifax announced it has been corrected. At this stage, it’s safest to assume everyone with a credit history has been impacted, so unless that link gives a definite ‘no you’re safe’ response, continue with the following recommendations. 2. Claim the Equifax free year of credit monitoring & identity theft insurance (if you’re a US resident). If you’re not eligible, consider sourcing your own. As the hacked data will continue to circulate for some time, also consider extending your credit monitoring for a few more years. 3. Keep a close eye on your finances and accounts. Check for notifications of new credit applications, monitor your statements and bills, and immediately report any suspicious activity or sudden change in billing. 4. Change all your passwords to be strong, unique and long. Any of the stolen data may give hackers a free pass into the rest of your bank accounts, email and personal information. 5. Add two-factor authentication where possible. This is when an account demands a second layer of authentication before allowing access or changes – getting the password correct isn’t enough, the hacker would also need to get the special code sent by SMS. 6. Consider freezing your credit report. This makes it harder for identity thieves to open accounts under your name, as access is completely restricted until you choose to un-freeze. Need help with your passwords? Give us a call at 262-515-9499. Have you ever thought about how much your data is worth? Information is possibly the most valuable part of your business – there’s your client database, accounting software and inventory management, and of course, any intellectual property you may own.
When ransomware hits, businesses are suddenly forced to re-assess the value of their data: is it worth saving, and what’s the deeper cost of the attack? Most ransomware attacks cost $150-$600 to get your files released, but that’s only IF the cyber-criminals honor the payment and actually give you the decryption key. Meanwhile, new client calls are still coming in and you may find yourself unable to operate with your systems down. Paying the ransom or restoring from an unaffected backup seems like a quick fix, but it doesn’t end there. There’s still the downtime involved to restore all your data – possibly days – and that’s a lot of lost productivity. Plus, if word gets out that your data has been compromised, you may find confidence in your business plummets and your existing clients head elsewhere. That $150 ransom may end up costing well over $150,000! Keep your systems up to date: Many ransomware attacks take advantage of a flaw in older versions of Windows, ones that have since been patched by Microsoft. But to be protected, businesses must be up to date with their patches AND be running a supported version of Windows. Delaying patches and updates puts your business at risk - we can help you update automatically. Lock down employee computers: Very few staff will require full administrator access to your business network. The higher their level of permissions, the more damage a person can do – either accidentally with a whoopsie click, or by inadvertently installing malware. By locking down your employee computers, you have a better chance of containing a malware attack to non-vital systems. Our experts can design an access management plan that gives you best of both worlds: flexibility PLUS security. Educate your workplace: Most employees believe they’re being cyber-safe but the reality is quite different. Many malicious links and embedded malware have become hard to spot in an instant – which is all it takes to click and regret. We can work with your staff to establish procedures around checking links for authenticity before clicking, awareness around verifying the source of attachments, and the importance of anti-virus scanning. We’ll help get the message through! Have a solid backup plan: When ransomware hits, a connected backup = infected backup. Unfortunately, synced options such as Dropbox immediately clone the infected files, rendering them useless. The only safe backups will be the ones both physically and electronically disconnected, with systems designed to protect against attacks like this. Our experts can set you up with a backup system that makes recovery a breeze. Be proactive: The best way to avoid the financial cost of a ransomware attack is to prevent it from happening in the first place. Smart businesses are the ones watching these widespread ransomware attacks from the sidelines, completely unaffected and seizing opportunities while their competitors are down. Our managed services can help protect your business against the next cyber-attack. Call us today at 262-515-9499. Finding the balance between Facebook privacy and Facebook fun can be challenging. It’s a double-edged sword that allows us to connect with friends no matter where they live, but it also publicly shares information that just a few years ago, we’d never dream of putting online. You can search for people based on where they went to school, town they live in, clubs they belong to, who they’re related to…but when is it too much?
Your birthday is the first piece of info collected when you sign up, and it’s great getting birthday wishes from friends and family when it appears in their newsfeed. But while Facebook is sending you balloons and funny memes, your birthday is now public knowledge. It seems harmless, but when you call your bank or other institution, what’s the first question they ask to verify your identity? Your birthday! Some password recovery systems even ask questions like ‘which high school did you go to?’ assuming this is knowledge that only you would know. Except…you’ve just publicly shared it on Facebook. Whoops! We’ve all heard stories of people who’ve lost their jobs after less-than-wholesome pictures or statements have gone public. If you have a reputation to keep, you definitely don’t want pictures from last weekend’s private party showing up, especially if you really let your hair down. While you can’t control what others do with photos they take of you, you can control whether or not you’re tagged in them. Fortunately, there are settings in Facebook that allow you to control who sees what information and what happens when you’re tagged. Despite what you may have heard or seen floating around in a Facebook share hoax, you do have complete control over your Facebook privacy, and it’s easy to adjust. How to Check and Adjust Your Facebook Privacy Settings 1. See what your account looks like to an outsider From your Facebook homepage, click your name on the blue bar at the top of the page. Click the three dots next to ‘View Activity Log’ and then select ‘View as…’ 2. Run a quick privacy checkup Click the question mark in the top right corner and choose ‘privacy checkup’. Think about what you really need to share – do people need to know the YEAR of your birth or just your birthday? Your friends will still get the notification, and you’ll still get the balloons. 3. Edit advanced privacy While the checkup covers the most obvious info, you can go much deeper. Click the V-shaped dropdown to the right of the question mark. Go to settings and choose privacy. 4. Adjust timeline and tagging In the privacy settings, you can explicitly control who can tag you, who can see or share the tagged content, and what shows up on your newsfeed. Tightening your Facebook privacy only takes a few minutes, but it can save you a whole lot of trouble in the future. If you need help with this, just give us a call at 262-515-9499. Every employee shares one inescapable flaw that is putting your business at risk. They’re human. 59% of data breaches can be traced back to something an employee did (or didn’t do), which invited a cyber-attack. To lock hackers out, build security awareness and respect into your company culture, so that maintaining digital security becomes as routine as making coffee.
Starter Topics:
If you need help implementing better security practices in your business, contact us here. Ransomware has undeniably been the biggest security threat of 2016. No-one was safe. Hackers targeted everyone and everything, including home PCs – and they were astoundingly successful – earning themselves upwards of $846 million from US reported incidents alone. Business is booming for hackers, with thousands of attacks each day bringing in an average of $640 per target. Perhaps even more alarmingly, the financial cost of each individual attack is on the rise – the more ransomware proves to be an easy earner for them, the more they demand each time. For a quick payday, some hackers offer to ‘rescue’ you from immediate danger – for a fee. One method is to trick you into thinking you have a virus that will spread if you don’t pay money to remove it immediately. Another much scarier method is to pretend to be the FBI and say your computer was involved in a crime (anything from money laundering to child pornography) and you can avoid going to prison by paying a few hundred dollars.
Thousands of regular people are also waking up every day to discover they’ve been locked out of their own files. Entire music and video libraries, digital photos from the past 5 years, personal budget files and even their secret novel draft …all held hostage until the user pays a ransom. The encryption is so strong and unbreakable that paying the ransom often becomes the only solution. The way ransomware gets onto your computer is deviously simple. Generally, the hackers convince you to click an email attachment/link or pop-up. With both approaches, the hacker usually offers helpful information, for example:
It’s so tempting to click through for more details and that’s what the hackers count on. Their messages and pop-ups aren’t obvious threats and so slip easily under our radar. Unfortunately, they’re not the most trustworthy bunch so paying may not actually unlock your files, and one payment can quickly become several. To make matters worse, they can encrypt any backups connected to your computer too, like a USB drive. Having a backup is super important in any situation, but in cases like this, the right backup is needed. Not only one stored separate from your network, but one created recently with all the files you can’t bear to lose. Before restoring your backup, however, you’ll need to make sure the malware isn’t lurking in the background, ready to not just re-infect your restored files but also the backup drive itself. To avoid finding yourself up to the waist in ransom demands or sending hackers money each month, we recommend being wary of email attachments, even from friends and family. If you’re not sure what the file is, don’t click it. They may not have sent that email intentionally; their infected system may be auto-emailing everyone in the address book. You should also be careful with any popups that appear out of place, especially ones that try to make you panic. If it doesn’t sound right or look right, don’t click it. Ransomware is just too dangerous to risk. Contact Us to set your computer up with protections against ransomware, and put backups in place that will keep your important files safe. |
Tech Force BlogWe provide you with important, practical tips and insight for your technology and networks for both home and business. Archives
March 2023
Categories
All
|