Sunday, April 30, 2017

#Ransomware stat 9: 63% of IT pros say an attack lead to business threatening downtime

Saturday, April 29, 2017

#Ransomware stat 4: 60% of providers report 1-5 attacks against #SMBs, 40% report 6+ attacks

Friday, April 28, 2017

#Ransomware stat 8: Causes of ransomware? Phishing emails and lack of employee training.

Thursday, April 27, 2017

#Ransomware stat 2: 95% of IT service pros agree, ransomware is a problem for SMBs

Tuesday, April 25, 2017

Are you ready for a flood?

Have you given much thought to your office flooding? Have you thought your office can never flood, you are on high ground?

What about the pipes in your office, or your hot water heater?

They don't always break when you are at your office..

This morning I got a call from my property manager to let me know the suite next to mine had a hotter heater rupture.. and the office is standing in 1 inch of water..

How much is 1 inch? Just enough to get into a power strip on the floor, enough to get into a computer or other electronics..

So besides backing up properly, what do you do?

Get all of your computers and plugs off the floor.

Thursday, April 20, 2017

Wednesday, April 19, 2017

Thursday, April 13, 2017

Beware of Spoofed Emails and Spoofers

Beware of Spoofed Emails and Spoofers

Yesterday one of my office tenants showed me the following spoofed email.

I guess I might ought to define what I mean by the term Spoof.

Spoof - defined:  1.  Imitate (something) while exaggerating its characteristic features for comic effect.  "It is a movie that spoofs other movies."  2.  Hoax or trick (someone).  "they proceed to spoof Western intelligence with false information"

Email spoofing is the forgery of an email header so that the message appears to have originated form someone or somewhere other than the actual source.  Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source.  Spoofing, in general is a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.

This spoof was impressive.  Basically, he received an email notification that his Fidelity Investment's account was locked.  He, though knowing better, clicked on the link to find out what the problem was.  He then realized that he should not have opened the email.

When I say impressive, the email looked like it came from Fidelity Investments, it had many of the realistic drop down windows and functions like Fidelity Investment's as you can see above.

Note:  The email should have been addressed to the recipient in the body of the email.

But, once he placed his curser over the email address the sight took him to, he could clearly tell that it was not from Fidelity.  (See below)

The Spoofer is phishing for unsuspecting people who have an account at Fidelity Investments and is trying to obtain your logon information and password.  Once the Spoofer has it, he / she will liquidate your account and steal your hard-earned money.

It is easy to get sucked in.  Be very careful.  If you receive one of these emails, and you will if you have not already, do not click on the link on the email, instead go directly to the website you normally go to and log on to your account to verify that there is a problem.  And verify that you are locked out of your account, which in my friend's case he was not.

I recently received such a Spoof from what looked to be an email from Drop Box.  Like my friend, I clicked on the link and started to log on to my Drop Box account.  I immediately realized I was spoofed.  I contacted my I.T. firm, Bit by Bit, and the representative verified I was correct.  He told me to log on to my account and change my password immediately.  I did so and I have had no problem since.

My assistant more recently told me as she was looking at her emails on her phone and she had received a notification from her bank she was locked out of her account.   I told her not to log on through the email but through her bank website directly.  She quickly found she was not locked out.

The take away,

There are many crooked people who want to take your money.  Be very careful, be very aware of them.  Do not click on the spoofed email links directly. I was listening to the news this morning and online theft is the biggest and growing crime.  No longer do you find banks robbed at gun point like we have in the past.  Online criminals are very hard to catch and prosecute.  The ill-gotten gains they obtain are tremendous.

Be careful out there.

For more information on how I may be able to contribute to your financial success contact me below.

Corey Callaway
Registered Investment Advisor
(817) 274-4877

Monday, April 10, 2017

How to Protect Yourself and Your Company from the Threat of Online Extortion

You may think that crimes like extortion only happen to other people, or that the only victims are the wealthy, the famous and the well connected. It would be nice to think that, but the sad fact is that extortion can happen to anyone. Whether it is a hacker who threatens to reveal your ID and passwords to a criminal gang or an ex-partner who threatens to reveal intimate details about your relationship or compromising photographs or videos, extortion is a crime that can happen to anyone.

The fact that extortion can happen to anyone means that everyone need to take proactive steps to protect themselves and stop the potential victimizers in their tracks. The fact is there are simple things you can do to protect yourself from the threat of extortion and avoid becoming a victim of this growing type of crime. Here are some tips to get you started.

Safeguard Your Computer
These days a great many extortion efforts originate in the online world, so simply safeguarding your computer can go a long way toward protecting you. Make sure your computer is running the latest antivirus software, and that the virus definitions are updated on at least a daily basis. Be wary of unsolicited emails and avoid clicking on unknown links. Be on the lookout for the early warning signs of a malware or virus infection, including a sudden slowdown in computer performance or being inundated with pop-up ads.

Be sure to protect your other electronic devices as well, and lock down your wireless network with a strong password. You should be running security software on your tablet and smartphone as well, since an infection there could spread to the rest of your home network.

Watch What You Share
These days many of us live our lives online ,and that can be a lot of fun. It is great to catch up with old friends and college roommates, but be careful what you share and with whom. Keep your Facebook page and other social media sites private, and check the security settings frequently to make sure you are properly protected.

Be careful what you share with the public via social media, since an enterprising criminal or an ex-partner with ill intent could put the pieces together and find a way to blackmail or extort you. Sharing personal details on social media is always a risk, so think before you post.

Be Aware of Current Scams 
In some cases a criminal who tries to extort money from you will have real harmful information to reveal, but in other cases they will just be bluffing. How you approach the extortion attempt may depend in large measure on how believable the individual's claims are, so it pays to be aware of current scams and the stories of other victims and potential victims.

There are always plenty of these kinds of scams going around, both online and off. They take many forms and pop up in many parts of the country. One common extortion attempt involves a caller purporting to be from the FBI, IRS or other governmental authority. The caller claims that the victim owes money or has committed a crime, and they demand money to head off the arrest or reduce the charges.

The fact that the IRS, FBI and other branches of the government do not operate in this manner is one clear sign that these are pure extortion attempts. If you are contacted by anyone claiming to be from the IRS, FBI or other government agency, you should contact the police right away to report the attempted crime.

What to Do If Someone Attempts to Victimize You
If you feel that you are the victim of an extortion attempt, it is important to protect yourself and report the suspected crime right away. Agreeing to pay will only make matters worse - once the criminal realizes that you are willing to pay they will only make further demands in an attempt to drain your cash and victimize you further.

There are strict laws against extortion, and the authorities take these kinds of attempts very seriously. If you are contacted by someone trying to extort money from you, the first step is to report the event to the local authorities. You may also want to report the extortion attempt to the FBI and state police to further protect your rights and help you get the justice you deserve.

If the extortion attempt originated online, you can also contact the company hosting the suspicious website. Web hosts take their reputations seriously, and they do not want to be seen as assisting criminal enterprises. If the criminals involved claimed to be from a legitimate entity like the IRS, the FBI or a company like Google, you can also contact the agency or company and let them know. There is often a cat and mouse game between the bad guys and legitimate businesses, and notifying those companies of the extortion attempt will help them protect themselves - and their customers.

Bit by Bit can help you mitigate these risks! Our expert staff can help with updating systems, backup, antivirus, and security. If you would like to discuss needs in more detail please contact us at 877.860.5831 x190.

Robert Blake