bjustice

Helpfull

Helpful tips for keeping your email safe

Email is one of the best things the internet has given us. We use it to sign up for websites, apply for jobs, make payments, get in touch with friends and family, and many more. However, your email is also one of the platforms hackers can exploit to steal information or launch malware attacks. Here are crucial steps to take to safeguard your email account.

Use separate email accounts

Most people use a single email account for all their needs. As a result, information from websites, newsletters, shopping deals, and messages from work gets sent to one inbox. But what happens when someone breaks into it? There’s a good chance they could gain access to all the stored information and use them in fraudulent dealings.
Having at least two separate email accounts will not only boost your security, but it will also increase your productivity. You can have a personal account to communicate with your friends and family, and a professional email account solely for work-related tasks.

Set strong passwords

Some email users often overlook the importance of having strong email account passwords. You might be surprised to learn that email passwords like “123456,” “qwerty,” and “password” are still the most common around. For the sake of security, set longer passwords or passphrases that contain a good mix of upper- and lowercase letters, numbers, and special characters. Make sure these passwords are unique to that account to keep all your other password-protected accounts safe.
You should also consider enabling multifactor authentication (MFA). This creates an extra layer of security by requesting for another method to verify your identity, like a fingerprint scan or a temporary activation code sent to your mobile phone.

Beware of email scams

When you see a link in an email, don’t click on it unless you’ve assessed its authenticity. You never know where those links might lead you. Sometimes they are safe, but other times they can infect your computer with malware or send you to a compromised website.
It’s always good to know who the email message is coming from. If you’re expecting a file from your friend or family, then go ahead and open the attachment. However, emails coming from unknown sources or those that have strange account names such as “@amazon6753.com” are most likely to be email scams.
These types of attacks are known as phishing, and they can be remarkably clever. For example, cybercriminals may masquerade as high-profile companies like Amazon, Facebook, or Bank of America to catch their victims off guard. They create emails with a sense of urgency by claiming that there’s an issue with your account and that you should send them information or click on a link to “confirm” your personal details. This link will either install malware on your device or lead you to a fraudulent site.
Even if there was a genuine issue with your account, legitimate companies would never ask something so suspicious over email. If you get these messages, contact the company directly through a verified website or phone number — not the contact details on the email.

Monitor account activity

Periodically watch over your account activity. Make sure to limit access privileges to apps if you want to ensure maximum privacy and security. Also, check for any suspicious activities in your logs, such as unusual devices and IP addresses that have accessed your account. This indicates that hackers may have successfully broken into your account. If this is the case, sign out of all web sessions and change your password as soon as possible.

Encrypt emails and update your software

Email encryption ensures that any message you send won’t be intercepted and viewed by unauthorized users. Meanwhile, installing the latest updates for your anti-malware, firewalls, and email security software filters potential email scams and fixes any vulnerabilities hackers can exploit.
Protecting your email accounts from various threats can be a daunting process, but with the right support, it should be effortless. Talk to us today for all your cybersecurity needs.

spam-distraction

Distributed spam distraction hides illegal activities

As annoying as spam email is, it’s usually pretty harmless. But hackers have been using a method called distributed spam distraction (DSD) where spam email is used to carry out illegal activities. Learn more about DSD and how you can safeguard your systems against it.

What is DSD?

DSD is a type of attack wherein cybercriminals inundate email inboxes with as many as 60,000 spam emails. These emails don’t contain dangerous links, ads, or attachments, just random excerpts of text taken from books and websites. But because of the sheer volume of these emails, deleting and blocking each one of them can be daunting. And worse, the email and IP addresses used to send them are all different, so victims can’t simply block a specific sender.

While these spam messages may seem like harmless annoyances, their true purpose is to draw victims’ attention away from what hackers are doing behind the scenes — which is to steal and use your personally identifiable information to conduct a raft of illegal activities. These include stealing money from your bank account or making unauthorized purchases in your name. In a DSD attack, the thousands of spam emails you get serve as a smokescreen that hides payment confirmation messages.

New tactics

Over the years, hackers have developed new DSD tactics. Several reports show that instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that weed out the malicious code and text used in traditional DSD attacks.

Also, anyone can go on the dark web and pay for DSD services. For as little as $40, you can get a hacker to send out 20,000 spam emails to a specific target. All you need to do is provide the hacker with your target’s name, email address, and credit card number — all of which can also be purchased on the dark web.

How to protect yourself from DSD

DSD is a clear sign that your account has been hijacked, so whenever you receive dozens of emails in quick succession, contact your bank to cancel any unfamiliar transactions and change your login credentials as soon as possible. Also, you should update your anti-spam software (or get one if you don’t have one) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected online. You should regularly change your passwords and PINs, enable multifactor authentication, set up SMS and/or email alerts for whenever online purchases are made in your name, and be careful about sharing personal information with others.

DSD is just one of many cyberthreats out there. For expert advice on how to ensure your safety and security online, get in touch with our team of IT professionals.

facebook-login

Your password may not be secure — update it now

The National Institute of Standards and Technology (NIST) once said that a good password consisted of three things: upper- and lowercase letter, numbers, and symbols. However, the NIST recently reversed its stance on good passwords. Here’s why and what they are now recommending.

The problem

The issue isn’t that the NIST advised people to create easy-to-crack passwords, but their previous advice inadvertently made people create weak passwords using predictable capitalization, special characters, and numbers, like “P@ssW0rd1.”

Such a password may seem secure, but the strings of characters and numbers could easily be compromised by hackers using common algorithms.

What’s more, the NIST also recommended that people change their passwords regularly, but did not specify how and when to change them. Since many people thought their passwords were already secure because they’ve included special characters in them, most only added or changed one character.

The NIST essentially forced everyone to use passwords that are hard for humans to remember but easy for a hacker’s algorithm to crack.

Eventually, the institution admitted that this can cause more problems than solutions. It has reversed its stance on organizational password management requirements, and is now recommending banishing forced periodic password changes and getting rid of complexity requirements.

The solution

Security consultant Frank Abagnale and Chief Hacking Officer for KnowBe4 Kevin Mitnick both see a future without passwords. Both security experts advise enterprises to implement multifactor authentication in login policies. This requires a user to present two valid credentials aside from a password to gain access to an account. This could be a code sent to the account owner’s smartphone, a login prompt on a mobile device, or a facial or a fingerprint scan. This way, hackers’ login efforts are futile unless they fulfill the succeeding security requirements. Moreover, Mitnick recommended implementing long passphrases of 25 characters or more, such as “recedemarmaladecrockplacate” or “cavalryfigurineunderdoneexalted.” These are much more difficult to guess and less prone to hacking. As for the frequency of changing passphrases, it will depend on a company’s risk tolerance. Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to crack. You should also enforce the following security solutions within your company:
  • Single sign-on – allows users to securely access multiple accounts with one set of credentials
  • Account monitoring tools – recognizes suspicious activity and locks out hackers
When it comes to security, ignorance is your business’s kryptonite. If you’d like to learn about what else you can do to remain secure, just give us a call.
fileless-malware

Fileless malware: The invisible threat

Scanning the files you download is not enough to detect malware these days. Hackers have found a clever way to get around antivirus and anti-malware software by using fileless malware. Since this malware is not as visible as traditional malware, it can infect your entire infrastructure without you even knowing. Let’s take a closer look at how fileless malware works and what you can do to defend against them.

What is fileless malware?

Fileless malware is malicious software that doesn’t rely on executable files to infect your infrastructure. Rather, it hides in your computer’s random access memory (RAM) and uses trusted, legitimate processes such as Microsoft Office macros, PowerShell, and Windows Management Instrumentation (WMI).

Fileless malware isn’t as visible as traditional malware. They use a variety of techniques to stay persistent, and can adversely affect the integrity of a business’s processes and the infrastructures that run them. Because there are no files to trace, fileless malware escapes detection from most anti-malware programs, especially those that use the databases of precedent threats. Most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a hard time establishing where to look.

Fileless malware by the numbers

In November 2016, attacks using fileless malware saw a 13% uptick, according to a report by Trend Micro. Also, in the third quarter of 2016, attacks were 33% higher than in the first quarter. During the first quarter of 2017, more PowerShell-related attacks were reported on over 12,000 unique machines.

Kaspersky Lab uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked toward obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyberattackers to withdraw undisclosed sums of cash from ATMs.

In 2018, Trend Micro also detected a rising trend of fileless threats throughout the first half of the year.

Is your business at risk?

It is unlikely that your business has been targeted in the earliest stages of this strain of malware, but it’s better to be safe than sorry. Businesses should practice defense in depth, where multilayered safeguards are implemented to reduce exposure and mitigate damage. But apart from cultivating a security-aware workforce, what actionable countermeasures can organizations carry out?

While your business might not be in immediate danger, you should employ solutions that analyze behavioral trends. It is also wise to invest in a managed services provider that offers 24/7 network monitoring, proper patches, and software updates. Call us today to get started.

employees-onilne

Should you monitor your employees’ online activities?

To monitor or not to monitor — that is the question. Employee monitoring is a touchy subject. If you’ve ever considered it, then you may ask yourself if it is a good idea for an employer to check on their staff’s online activities. Below are the pros and cons of employee monitoring, and some helpful tips should you push through with it.

The case for monitoring

Here are several reasons why monitoring your employees’ activities on company devices is a good idea. It can help you:
  • Protect your organization from data theft or harm – because careless or disgruntled employees may leak or steal your data.
  • Ensure you have a harassment-free workplace – because cyberharassment (sexual or otherwise) happens among employees.
  • Ensure members of your staff comply with policies – such as not downloading illegal programs or spending time on websites with illegal or hostile content.
  • Provide evidence in case of a lawsuit – should an employee participate in illegal activities using your business’s computers (heaven forbid!), monitoring their device can provide evidence of their involvement.
Sadly, many business owners who monitor their employees often discover that their staff members aren’t focused solely on the company’s success.

Arguments against employee monitoring

Of course, you should also be aware of the potential downsides to monitoring. These include:
  • Productivity loss – monitoring can put a damper on employee morale, and you may see the distrust leading to productivity losses.
  • Lost privacy and lawsuits – you’ll likely learn personal details about your employees that you would’ve never known about had you not monitored them. You may discover their political or religious views, sexual orientation, or medical problems. This subjects your business to potential privacy or discrimination issues if you or your management team acts negatively based on any of this information.

Monitoring guidelines to follow

If you decide to monitor your employees, here are a few tips you should follow.

1. Create written policies
When you monitor your employees, ask yourself: “Am I doing this for security purposes? Is it to ensure my employees aren’t wasting time on games or social media?” If your monitoring policies are too strict, you could create an atmosphere of distrust.

Set guidelines for acceptable use of email and social media, web browsing, instant messaging, and downloading software and apps. Also, make sure to include how monitoring will be carried out and how data will be used, secured, and destroyed.

2. Tell your employees
It’s important to inform your employees about the scope of your monitoring policies. If they find out you’re doing it secretly, you could face legal issues. By being transparent, you may actually see a boost in productivity by deterring employees from wasting time on the web.

When you tell your employees, explain why you’re doing it and the risks your business faces from misuse of digital assets. Reassure them you’re not doing it to spy on their personal life, but to create a compliant and law-abiding workplace. Because their activities will now be less private, encourage your staff to use their smartphones for personal matters. Also, provide your employees a copy of your written policy for them to read and sign.

3. Get the right technology tools
You don’t need to know each and every employee activity, so look for apps and software that alert you of the most relevant problems, so you can focus on more important tasks.

If implemented correctly, employee monitoring makes your business more secure and productive. For more information about security and other IT support tools, get in touch with us today.

android-malware

Watch out for this Android malware

Security researchers have discovered a new Android malware called DEFENSOR ID that snuck its way into the Google Play Store. Forensic analysis shows that the malware takes advantage of an Android device’s Accessibility Services to infiltrate the system and cause damage without being detected. To help you avoid this dangerous strain of malware, we’ve compiled everything you need to know in this blog entry.

What is DEFENSOR ID?

DEFENSOR ID is a banking Trojan that minimizes its malicious capabilities to sneak past security checks and infiltrate the Google Play Store. The malware’s primary function is to request access to an Android device’s Accessibility Service, which would allow hackers to execute a variety of commands.

For starters, if unwitting users grant access to DEFENSOR ID, the malware can observe any launched apps and send sensitive information back to hackers. This means hackers can steal anything from passwords and private emails to banking information and one-time SMS activation codes for two-step verification processes.

DEFENSOR ID also allows hackers to remotely uninstall apps, launch programs, and perform gestures (e.g., tap, swipe, click) within the launched program. In theory, this feature can enable hackers to empty a victim’s bank account with minimal effort.

What’s more, the Trojan extends the lock screen timeout to 10 minutes so that cybercriminals have enough time to perform their malicious operations.

Beware of apps leveraging Accessibility Services

According to researchers, DEFENSOR ID targeted Brazilian users and was downloaded over a dozen times. But despite its small success rate, it’s possible that more malware will leverage these techniques to steal sensitive information and control user devices. In fact, earlier in 2020, McAfee researchers discovered Android/LeifAccess malware that exploited Accessibility Services to leave fake reviews on the Google Play Store.

Plus, a common Android issue is that many independent software developers can upload their apps to the Google Play Store and easily circumvent security checks. So, if users aren’t thoroughly vetting the apps they download onto their devices, attacks similar to DEFENSOR ID will become more widespread.

Malware that can abuse Accessibility Services may even give rise to more deceptive online scams or massive-scale data breaches that can shut down businesses.

How to defend against DEFENSOR ID

Developing a healthy skepticism of apps in the Google Play Store is the best way to prevent malware attacks like DEFENSOR ID. This involves training your staff to get in the habit of evaluating an app before downloading it. More specifically, they should be verifying whether user reviews seem authentic, checking the total ratings and downloads, and consulting with security experts whether an app is safe.

Businesses should also use endpoint security software to control what apps users can install on their company-registered devices. By limiting downloads to a few, fully verified apps, you can minimize your company’s exposure to mobile malware.

If you want to keep your business safe from malware and other cyberthreats, it’s in your best interest to call cybersecurity experts like us. Not only do we provide top-notch security solutions, but we also offer proactive maintenance services to protect your IT at all times.

business-printers

How to protect your business printers from hackers

Organizations spend resources on keeping their technology and devices secure, but they often overlook one crucial piece of hardware: printers. Printers, just like computers and Wi-Fi networks, can be an entry point for hackers and a gateway to your business’s sensitive information. Here’s what you need to know about keeping your printers secure.

What makes business printers vulnerable to cyberattacks?

When assessing network security threats, companies primarily focus on servers and computers not only because they are the most exposed to external threats, but also because they get the bulk of cyberattacks. Printers are often at the bottom of the list since they are not prime targets. What’s more, their functions seem to be internal at first glance, as they don’t interact with external systems.

But it’s exactly because of their primary functions, namely printing and scanning, that make print devices perfect cybercriminal targets. Businesses run important documents such as tax forms, employee information, medical records, and financial statements through print devices, and hackers would definitely love to get their hands on them.

And they can — easily.

Network printers store previous print jobs in their hard drive, sometimes including those that have been canceled. If anyone accesses the printer — even remotely — they may be able to see those documents by hacking into the printer using a specialized tool.

Files can also be intercepted during wireless transmission, as modern printers can now be connected to the web. Not only can hackers exploit printers’ open network ports to view data, but they can also take over vulnerable printers and transmit their own data through the machine.

What can you do to protect your business printers?

Business printers should not be disregarded when planning a cybersecurity strategy. Keep your print devices secure by following these best practices:

  • Monitor your network continuously and promptly install printer software updates and patches. Printer manufacturers often release software support or updates, so regularly check for those.
  • Change the default password and administrator login credentials of printers with web management capabilities.
  • Only allow company-owned devices to connect to your printers.
  • Always connect to your printers using secure connections. Conversely, avoid accessing your printers through a public internet connection.
  • Restrict printer access by using a firewall.
  • If your wireless printer has the feature that requires users to enter a PIN before they can print documents, enable it to prevent unauthorized access.
  • If you don’t use your printer for fax and email, isolate your printer from your main company network and disable out-of-network printing.
  • If you handle classified data, do not connect your printer to any network. Instead, connect it directly to your computer using data cables, or print from a thumb drive.
  • Secure your printouts by enabling manual feed. This setting requires a user to manually input paper (or any material to be printed on), so there are reduced risks of the printed document getting stolen or being left in the printing area.

Another way to secure your printers is by partnering with an IT company that can take care of your printer-related worries. From thwarting attacks to reducing management costs to keeping your printer at optimal functionality, our experts can help.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

Remote working: Will it be the New Norm?

Flexible work setups have often been the subject of debate — employees want the option to work away from the office at least some of the time, but many businesses value well-founded methods and processes. Will the world’s largest work from home experiment change that?

Enforced flexibility

A pandemic is one of the most socially, economically, and politically disruptive events that could ever happen. Infections and fatalities constantly increase, business operations are shut down, and scientists race against time to find a cure.

Companies lucky enough to remain operational still face a significant challenge: maintaining business continuity. For most, the simplest way to achieve this is by moving their business resources online and adopting an effective remote work strategy.

With resilience and careful decision-making — as well as the right tools and processes — you might just find your employees more productive, less stressed out by work, and expressive as ever.

A wealth of benefits

Remote work offers several benefits for both employees and employers. In addition to saving time and eradicating commute-related stress, remote work can improve employee productivity. A number of studies reveal that the freedom to create a comfortable environment and schedule encourages employees to perform at their best.

At the same time, employers benefit from reduced overhead expenses while also having access to a wider pool of applicants. Because workplace flexibility is among the top considerations of many young job seekers, remote work arrangements would be right up their alley.

Employers can also hire outside of reasonable commuting distance, as employees won’t have to report to the office as frequently, if not at all. What’s more, mandatory daily attendance is going out of fashion — more businesses are now prioritizing performance over hours clocked in. Many prefer focusing on the quality of outputs rather than just keeping people in the office from 9 to 5.

Businesses reap great rewards for recognizing performance instead of just presence. This approach makes for more engaged, efficient, and satisfied employees, consequently creating a healthy and progressive company culture.

Encouraging development

Many businesses believe that a traditional office setup helps bring about better relationships and collaborations. However, data actually points out that interpersonal behavior and communication — not solely proximity — are the key drivers of trust and teamwork.

Traditional work arrangements also make it easier for managers to look after their employees — it’s easy to see who is and isn’t at their workstation during office hours. However, mandating work hours and location makes sense only for time-sensitive and location-dependent jobs like retail, manual labor, and healthcare, where employees need to be physically present.

Meanwhile, for knowledge workers whose jobs involve non-routine problem solving, an office cube isn’t always the most conducive environment for devising solutions and innovations. Sometimes, the best and most unique ideas come from exposure to the surroundings, people, and events outside the confines of an office.

Embracing change

Being forced to adopt a work from home policy in the face of a global crisis isn’t an ideal circumstance to test the waters. Full-time remote work doesn’t and won’t work for all businesses. But this shouldn’t stop you from accomplishing projects and sustaining productivity and efficiency. Leverage your resources to help you weather the storm and emerge stronger than before.

Though we have yet to see if remote work is here to stay, it’s currently a nonnegotiable aspect of the corporate setup, and we should learn how to make the most out of it.

Having a strong strategy in place and the right tools and equipment are crucial to ensure effective communication, collaboration, and management. Our experts can help you configure the perfect remote working setup for your business. Call us today.

Why autocomplete passwords are risky

Many people use auto-fill passwords for their convenience. What you might not know is that hackers and advertisers can use them to get access to websites and other applications and gather sensitive information. Learn more about the risks of using autocomplete passwords.

Why auto-fill passwords are so dangerous

Certain web browsers have integrated features that enable usernames and passwords to be automatically entered into a web form. There are also password manager applications that have made it easy to access login credentials. But these aren’t completely safe. They can become a liability if hackers gain access to computers or browsers.

For example, if a hacker gains access to just one account, it’ll be easier for them to obtain access to other accounts because the autocomplete feature will fill in all other saved credentials.

Tricking a browser or password manager into giving up saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users’ login information.

Using auto-fill to track users

For over a decade, there’s been a password security tug-of-war between hackers and cybersecurity professionals. Little do users know that shrewd digital marketers also use password auto-fill to track user activity.

Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to monitor the sites that users visit. AdThink and OnAudience track people based on the usernames in hidden auto-fill forms and sell the information they gather to advertisers. While the intention is not to steal passwords, there’s always the likelihood of exposure.

One simple security tip for today

A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here’s how to do it:

  • If you’re using Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
  • If you’re using Firefox – Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you’re using Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

Being cautious about your password security habits can go a long way in protecting your sensitive data. For managed, 24/7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

3 Hacker types you need to know about

What do you call someone who hunts for security gaps in computer hardware and software? A hacker, right? What about someone who executes a vulnerability test and presents their findings to software vendors to help them improve the quality of their products? There is more than one type of hacker, and understanding the difference is important.

A complicated history

In the 1950s, the term “hacker” was vaguely defined. As computers became more accessible, the word was used to describe someone who explored the details and limits of computer technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were caught breaking into government computer systems — partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cybersecurity consulting businesses, while countless others run amok online, hoping to make a quick buck off of hapless victims.

“Black hat” hackers

Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns to commit all sorts of malicious acts. Crimes such as identity theft, credit card fraud, and extortion are for their sole benefit, but they can also work under the auspices of a corporation or a state and commit espionage and cyberterrorism.

During the 1990s, Kevin Mitnick was a prime example of a black hat hacker. Mitnick went on a two-and-half-year hacking spree wherein he committed wire fraud and stole millions of dollars of data from telecom companies and the National Defense warning system.

After paying his debt to society by spending five years in prison, he set up his own eponymous cybersecurity firm and became its CEO and Chief White Hat Hacker.

“White hat” hackers

Sometimes referred to as ethical hackers or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the Sinclair QDOS operating system on his Sinclair QL, he released Linux, a secure open-source operating system.

“Gray hat” hackers

Whether someone is a security specialist or a cybercriminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hands at both white hat and black hat hacking.

For example, Marcus Hutchins is a known gray hat hacker. He’s most famous for testing the WannaCry ransomware until he found a way to stop it.

During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He was arrested in 2017 and branded a “gray hat” hacker.