Mother Lode: (209) 694-4599
Central Valley: (209) 790-4560

Author: NTELogic

  • Email Phishing Attacks – Part Duex

    As we posted last March, email phishing attacks continue at record levels. Those who seek to commit fraud keep getting more innovative in their efforts. Many people have become savvy enough to recognize the common tell-tale signs. Whether it’s a tragedy or a fake IRS collection notice, we’re rarely surprised by the bait used by those who are phishing. This is one of those instances that gave us pause.
    A client forwarded an email message that appeared to be a voicemail notification from their office phone. Many of us are used to getting text and email notifications for voicemail messages left for us. Whether the fake notification looks similar to what you normally see or not, one link click whilst in a hurry can lead to compromise.

    The recipient did the right thing. Using the information they have learned about the tactics used by cyber-criminals, the client recognized the clues and didn’t take the bait.
    Remember to always think before you click. Stay smart, the criminals are working hard to stay in business. Don’t let them get into your business.

  • Office Tips & Tricks: Using Filters in Excel

    Use Excel Filters to Make Short Work of Long Columns

    Filters are a powerful tool in Excel that let you mask information from your view. For example, filters can be used to only show you the rows that have Widgets as the item type or only show you rows that have blank cells in a particular column.
    For filters to work properly, your range of cells needs to have a column heading (a label at the top of each column). You turn on filters by clicking inside your range and then choosing Home > Sort & Filter > Filter. Voila, a drop down arrow appears next to each column heading. Clicking on any column’s drop down arrow provides a list of all entries in the column. Selecting any entry causes Excel to show only the rows that match that entry.
    Note that on the drop-down menu there are additional filters that can be applied, depending on what type of data is in the column. You may see Text Filters or Number Filters or Data Filters. From those drop-downs you can select additional filters to change what’s displayed even more.
    After you have chosen a particular entry to be filtered, the drop-down arrow on that column changes its icon. To restore the view of all entries, click the drop-down and check Select All or click on Home > Sort & Filters > Filter to turn them off completely.
    More than one column can be filtered at a time, but they are cumulative. The second filter will not overwrite the results of the first filter. It instead restricts it further it. Excel’s basic filter works as an AND statement. You can create more complex filters using the Advanced Filter option. Advanced Filter allows you to filter using AND OR statements.
    Filters can make working with your Excel data easier and faster. Give them a try.

  • Office Tips & Tricks: Proof Listening with Word's Read Aloud Function

    Proof Listen with Word’s Read Aloud Function

    Sit back and let your ears do the work

    If you’re a business owner, you write daily. Emails, notes, documents, blog posts, social media, you name it. It’s your business, you’ve got to write it. Like many, you either stress over “its” versus “it’s,” or you don’t. You write what you think is correct and if it isn’t, you hope the reader can forgive you.
    It seems a simple task to proofread your own work, however for most, it’s not. In fact, it’s painful. Many experts say you shouldn’t proofread your own work, and here’s why – you already know the story. Your mind will skip over typos and other errors, instead filling in the correct version. That’s why it’s usually better to have someone else proofread your work, however that’s not always possible. Why not sit back and let your ears do the proofing?
    Word’s Read Aloud function is a nifty tool that can ease the pain of proofing your work. It’s been around since Office 2003, and was known as Text-to-Speech. The Read Aloud function is much improved over previous versions. It can read your document out loud like an audio book. In addition, it highlights each word simultaneously as it’s being read.
     
    NTELogic.com | Word's Read Aloud function is found on the Review tab of the Ribbon

    Get Started Using Word’s Read Aloud Function

    To use Word’s Read Aloud function, just click ReviewRead Aloud on the ribbon. Easier than that, simply press Ctrl+Alt+Space Bar and Word’s Read Aloud will start automatically from wherever the cursor is positioned.
    You can adjust the reading speed and change the voice pitch from the settings. Click the Settings button on the Read Aloud menu. If you have additional language packs installed, you can use the read Aloud function in the language of your choice. (Bonus tip: you can use Word’s Read Aloud function to learn a new language!)
    While Word’s Read Aloud function isn’t perfect, it’s pretty close. If you prefer to not have someone else proof your work, the Read Aloud function is a great substitute. So grab a beverage, sit back and let the proof listening begin.
     

  • Barracuda Email Spoof

    What the Barracuda Email Spoof Means for Your Business

    Elaborate Scheme to Steal O365 User Credentials

    The email spoof remains one of the favorite tools used by cyber-criminals to phish information. A recently uncovered scheme moved the bar up in terms of sophistication. As if using known brands wasn’t enough, this latest phishing attempt spoofed one of the leading email security firms. As a result, the implications are scary.
    Internet security training firm KnowBe4 reported how the attackers took great effort to cover their tracks. A typical email spoof involves forging the sender address. Known and trusted brands are used to trick recipients into opening the message. This attack however,  went beyond using a known brand and forged the email message header information. In an attempt to give increased credibility, the attackers spoofed the message header information as if the message had been safely validated by Barracuda Networks, an email security company known for tracking and reporting email shenanigans like email spoofing.
    Once a recipient opened the message, they were asked to login to their Office 365 account. The illegitimate landing page was a complete duplicate of the real Office 365 portal. Even a savvy user who took the time to review the message header information could have easily surrendered their O365 account credentials. This is the scary part – this tactic will likely be used over and over again, using other, well known security brands.

    What’s a Small Business to Do?

    If you’ve not discussed how to spot an email spoof with your teams, now is the time. Email phishing attacks are at an all time high. Remind staff to be vigilant and question any email that doesn’t seem quite right. The best rule-of-thumb is to think before you click.
    A plethora of email security solutions are also available. From simple to sophisticated, there is an email security solution for every budget. Talk to your IT department or give us a call about email security in your office.

  • Latest Facebook Data Breach

    Facebook Data Breach Exposes User Data

    540 Million Facebook Users Impacted

    User ID’s, Friends Lists and Photos Among the Data Exposed

    Two separate databases that stored Facebook user profile details on unsecured Amazon AWS cloud servers were discovered this week by cybersecurity research firm Upguard. It was just last April that Facebook admitted malicious actors had likely accessed user data for all of Facebook’s 2.2 billion users. This time, the world’s biggest social network is not to blame.
    The massive data breach was tracked back to Mexico-based media company Cultura Colectiva. Another 3rd-party app, At the Pool, also improperly stored user profile data in a different AWS database, contributing to the breach.
    Upguard notified Cultura Colectiva and Amazon of the exposed data in January. Apparently, no action was taken until April 3rd.

    What This Means for You

    The databases have been secured and taken offline. While it’s unknown whether affected Facebook users will be notified that their data has been compromised, this latest breach is a good reminder to change your passwords, especially passwords used with Facebook.
    IT security best practices call for changing your passwords every 90 days. This may not be achievable for many users. A reasonable goal would be to change your passwords twice a year. Picking notable dates, such as Mother’s Day or the first day of school makes it easier to remember. Just like we’re supposed to change the batteries in our smoke alarms when the time changes. Pick your dates and put a note on the calendar.

    How Do I Create a Secure Password?

    Rather than trying to create and remember a password, try using a phrase or expression. After you’ve picked one, use the first letter of each word in the phrase. Substitute numbers and special charachters for two or more of the letters. Viola! You’ve created an easy to remember, secure password.
    Our Support Center has a How-To article on creating secure passwords that illustrates how easy it can be.

  • World Backup Day

    March 31st is World Backup Day

    The day before April Fool’s Day reminds us to protect our important data

    Data keeps your business moving. You share and store online your personal information. Your devices hold the files, images and music that matter most. World Backup Day is an annual reminder to take action.
    On average, we spend almost half of each day on our digital devices. We rely on these devices to keep our day organized, our precious moments captured, and our business running at top speed.
    The data we store and use every day is one of the most valuable assets we have. How are you protecting your data? It can only take a moment to loose some or all of it. Here’s some sobering facts that underscore the importance of backing up our data:

    Don’t become the April fool who didn’t backup their data. There are many choices available that make backing up your files easy and automatic.
    If you already have a backup plan in place, use March 31st to make sure it’s working properly. If you don’t have a plan, use the day to get one.
    Once you’ve backed up, tell the world by using the hashtag #WorldBackUpDay .
    Protect what matters most in your digital life this World Backup Day.

  • Email Phishing Attacks – What You Need to Know

    Over the past 48 hours, we have seen a large spike in email phishing activity. Our Support Department has received calls from several users who have reported receiving email messages that turned out to be phishing attempts. We thought it a good time to share some information about what email phishing attacks are, how to identify an email that is attempting to phish information and what to do if you believe you have received an email phishing message.

    What are email phishing attacks?
    According to the US Department of Homeland Security’s Computer Emergency Readiness Team, email phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.

    Tech-savvy con artists and identity theft criminals will use spam, fake websites constructed to look identical to real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and credit card numbers. Once you take the phisher’s bait, they can use the information to create fake accounts in your name, ruin your credit, and steal your money or even your identity.

    How do I identify a phishing email?
    If you receive an email message that appears to have been sent from a coworker, vendor or other trusted third-party and it’s requesting you to click on a link, open an attachment, take an action (like issuing a check or buying gift cards), or sending information about employees, bank accounts, customers or vendors, it may be a phishing attempt. Stop and scrutinize the message carefully. Here’s some clues to look for that will help determine if the message is a phishing attempt:

    • An email phishing message typically will use awkward sentence structure or use words in the wrong context. Nouns and punctuation may be used incorrectly.
    • An email phishing message will suggest that you requested some information and will ask you to click on a link or open an attachment.
    • A phishing email can look like a fundraising message for a recent disaster or other newsworthy event.
    • A link may be disguised to look like a legitimate site, such as Amazon, Microsoft or a bank.

    I think I just received an email phishing message. What should I do?
    If you think you’ve received an email phishing message, the most important action to take is to stop – don’t click any links, don’t open any attachments, and don’t reply. Some other actions to take are:

    • Don’t open messages from unknown senders
    • Do not click on any links. By hovering your mouse pointer over the link, you can see the actual link displayed in a pop-up info balloon. If the link address looks unusual or does not match the site it states it’s from, it’s a phishing attempt.
    • Call the sender and ask them if they sent you the message. Only follow the link or open the attachment if you can verify its legitimacy with the sender.
    • Do not provide personal information to any unsolicited requests for information
    • Type in a trusted URL for a company’s site into the address bar of your browser to bypass the link in a suspected phishing message
    • If you want to donate, visit the fundraising organization’s web site directly, don’t use any links from any other source.
    • Only provide personal information on sites that have “https” in the web address or have a lock icon at bottom of the browser
    • Immediately delete messages you suspect to be spam

    Email phishing messages can be safely deleted. If a message appears suspicious and you would like help determining whether it’s a phishing attack or not, please call our office at (209) 790-4560 option 2, or send us an email at support@ntelogic.com.

    If you believe you have already responded to an email phishing message, clicked on a suspicious link or opened a suspicious attachment, notify your supervisor and manager, and then call our office at (209) 790-4560 option 2.

    Remember to always stay safe online and think before you click!