Mother Lode: (209) 694-4599
Central Valley: (209) 790-4560

Author: NTELogic

  • Five Simple Ways to Spot Phishing Emails

    Five Simple Ways to Spot Phishing Emails

    Five Ways to Spot Phishing Emails

    Did you know that 9 out of 10 data breaches today involve a phishing attack? These attacks typically consist of fake emails designed to look like they’re coming from a brand or institution that you trust or do business with.

    Their goal is to compel you to click a link or download an attachment, which then, puts malicious files on your computer. This can enable hackers to steal your identity, breach your employer’s systems, and more.

    The best way to defend yourself against phishing attacks is to identify phony emails before you click on them.

    Here are the five simple ways to spot a phishing email:

    1. Who’s the real sender?
      Make sure the organization name in the From line matches the email address between the brackets: Sam Sender <sam.sender@hisdomain.com>. Watch out for typos or foreign domains – think amaz0n.com or microsoft.com.ch
    2. Check the salutation
      If you have a relationship with the sender’s organization, the email should always greet you by name, not the generic :Dear valued customer”.
    3. Hover your mouse
      Use the mouse hover trick to see the full URL (web address) of any link you’re asked to open. DO NOT click the link, just hover your mouse pointer over the link and the full web address will be displayed. If you don’t recognize the web address, don’t click it.
    4. What’s in the message footer?
      The footer of any legitimate email should include at a minimum:
      – A physical address for the business
      – An unsubscribe button
      If either are missing, the message is likely fake
    5. When in doubt, hit DEL
      If you don’t know the sender or something just doesn’t seem right with the message, simply delete it. If it’s a legitimate message, the sender will resend the message or contact you some other way.

  • Do You VPN?

    NTELogic.com | VPN ServicesDo You VPN?

    If you travel for business, it is highly likely you’ve connected to the free Wi-Fi in the airport terminal, local coffee shop or even on public transit. Have you ever connected to that free Wi-Fi in your hotel room and gotten a creeping sense of dread, wondering if anyone might be able to see what you’re doing online? That’s not just a feeling, it’s a reality. Public and free Wi-Fi networks are the playground of cyber thieves. With a VPN – Virtual Private Network – you can protect your online transactions from snooping eyes.

    What Is a VPN, and How Does It Work?

    A VPN creates an encrypted tunnel between you and a remote server operated by a VPN service. All your internet traffic is routed through this tunnel, so your data is secure from prying eyes along the way. Because your traffic is exiting the VPN server, your computer appears to have the IP address of VPN service server, masking your identity and location.

    Do I Need a VPN On All My Devices?

    Short answer is yes. You need a VPN on all your devices that connect to Wi-Fi outside your trusted office or home network. For the most part, VPN clients are the same for both Windows and macOS.

    What a VPN Won’t Do

    Even with a VPN, things like cookies allow companies to track your internet usage even after you’ve left their sites.

    Protect Yourself With a VPN

    Today, many of us have multiple devices that connect to the web. Modern devices are more powerful than the top computers of just 10 years ago. The internet however, hasn’t really changed. It was designed to be distributed and insecure. Cyber criminals take advantage of the insecure nature of the Internet. This means, unfortunately, it is up to individuals to protect themselves. Antivirus apps and password managers go a long way toward keeping you safer, but a VPN is a uniquely powerful tool that you should definitely have in your personal security toolkit, especially in today’s connected world.

    Ready to Give It a Try?

    Many of the VPN service providers offer a free trial. Others offer a basic VPN service for free, and additional features with a paid version. We are proud to have partnered with Hide Me. Register here (link) for a free account and start your VPN service today. Each free account includes 2GB of data transfer, 1 simultaneous connection (1 device) and your choice of 5 worldwide proxy servers.
    Once you see how powerful and easy to use the Hide.Me VPN service is, we’re confident you’ll want to upgrade to the paid subscription. By upgrading your service, you’ll enjoy unlimited data transfer, 10 simultaneous connections (10 devices) and 60 worldwide proxy server locations. NTELogic takes care of upgrading your service so you never have to worry about a lapse in protection. Give it a try today – it’s free!

  • Email Phishing Attacks – Part Duex

    As we posted last March, email phishing attacks continue at record levels. Those who seek to commit fraud keep getting more innovative in their efforts. Many people have become savvy enough to recognize the common tell-tale signs. Whether it’s a tragedy or a fake IRS collection notice, we’re rarely surprised by the bait used by those who are phishing. This is one of those instances that gave us pause.
    A client forwarded an email message that appeared to be a voicemail notification from their office phone. Many of us are used to getting text and email notifications for voicemail messages left for us. Whether the fake notification looks similar to what you normally see or not, one link click whilst in a hurry can lead to compromise.

    The recipient did the right thing. Using the information they have learned about the tactics used by cyber-criminals, the client recognized the clues and didn’t take the bait.
    Remember to always think before you click. Stay smart, the criminals are working hard to stay in business. Don’t let them get into your business.

  • Office Tips & Tricks: Using Filters in Excel

    Use Excel Filters to Make Short Work of Long Columns

    Filters are a powerful tool in Excel that let you mask information from your view. For example, filters can be used to only show you the rows that have Widgets as the item type or only show you rows that have blank cells in a particular column.
    For filters to work properly, your range of cells needs to have a column heading (a label at the top of each column). You turn on filters by clicking inside your range and then choosing Home > Sort & Filter > Filter. Voila, a drop down arrow appears next to each column heading. Clicking on any column’s drop down arrow provides a list of all entries in the column. Selecting any entry causes Excel to show only the rows that match that entry.
    Note that on the drop-down menu there are additional filters that can be applied, depending on what type of data is in the column. You may see Text Filters or Number Filters or Data Filters. From those drop-downs you can select additional filters to change what’s displayed even more.
    After you have chosen a particular entry to be filtered, the drop-down arrow on that column changes its icon. To restore the view of all entries, click the drop-down and check Select All or click on Home > Sort & Filters > Filter to turn them off completely.
    More than one column can be filtered at a time, but they are cumulative. The second filter will not overwrite the results of the first filter. It instead restricts it further it. Excel’s basic filter works as an AND statement. You can create more complex filters using the Advanced Filter option. Advanced Filter allows you to filter using AND OR statements.
    Filters can make working with your Excel data easier and faster. Give them a try.

  • Office Tips & Tricks: Proof Listening with Word's Read Aloud Function

    Proof Listen with Word’s Read Aloud Function

    Sit back and let your ears do the work

    If you’re a business owner, you write daily. Emails, notes, documents, blog posts, social media, you name it. It’s your business, you’ve got to write it. Like many, you either stress over “its” versus “it’s,” or you don’t. You write what you think is correct and if it isn’t, you hope the reader can forgive you.
    It seems a simple task to proofread your own work, however for most, it’s not. In fact, it’s painful. Many experts say you shouldn’t proofread your own work, and here’s why – you already know the story. Your mind will skip over typos and other errors, instead filling in the correct version. That’s why it’s usually better to have someone else proofread your work, however that’s not always possible. Why not sit back and let your ears do the proofing?
    Word’s Read Aloud function is a nifty tool that can ease the pain of proofing your work. It’s been around since Office 2003, and was known as Text-to-Speech. The Read Aloud function is much improved over previous versions. It can read your document out loud like an audio book. In addition, it highlights each word simultaneously as it’s being read.
     
    NTELogic.com | Word's Read Aloud function is found on the Review tab of the Ribbon

    Get Started Using Word’s Read Aloud Function

    To use Word’s Read Aloud function, just click ReviewRead Aloud on the ribbon. Easier than that, simply press Ctrl+Alt+Space Bar and Word’s Read Aloud will start automatically from wherever the cursor is positioned.
    You can adjust the reading speed and change the voice pitch from the settings. Click the Settings button on the Read Aloud menu. If you have additional language packs installed, you can use the read Aloud function in the language of your choice. (Bonus tip: you can use Word’s Read Aloud function to learn a new language!)
    While Word’s Read Aloud function isn’t perfect, it’s pretty close. If you prefer to not have someone else proof your work, the Read Aloud function is a great substitute. So grab a beverage, sit back and let the proof listening begin.
     

  • Barracuda Email Spoof

    What the Barracuda Email Spoof Means for Your Business

    Elaborate Scheme to Steal O365 User Credentials

    The email spoof remains one of the favorite tools used by cyber-criminals to phish information. A recently uncovered scheme moved the bar up in terms of sophistication. As if using known brands wasn’t enough, this latest phishing attempt spoofed one of the leading email security firms. As a result, the implications are scary.
    Internet security training firm KnowBe4 reported how the attackers took great effort to cover their tracks. A typical email spoof involves forging the sender address. Known and trusted brands are used to trick recipients into opening the message. This attack however,  went beyond using a known brand and forged the email message header information. In an attempt to give increased credibility, the attackers spoofed the message header information as if the message had been safely validated by Barracuda Networks, an email security company known for tracking and reporting email shenanigans like email spoofing.
    Once a recipient opened the message, they were asked to login to their Office 365 account. The illegitimate landing page was a complete duplicate of the real Office 365 portal. Even a savvy user who took the time to review the message header information could have easily surrendered their O365 account credentials. This is the scary part – this tactic will likely be used over and over again, using other, well known security brands.

    What’s a Small Business to Do?

    If you’ve not discussed how to spot an email spoof with your teams, now is the time. Email phishing attacks are at an all time high. Remind staff to be vigilant and question any email that doesn’t seem quite right. The best rule-of-thumb is to think before you click.
    A plethora of email security solutions are also available. From simple to sophisticated, there is an email security solution for every budget. Talk to your IT department or give us a call about email security in your office.

  • Latest Facebook Data Breach

    Facebook Data Breach Exposes User Data

    540 Million Facebook Users Impacted

    User ID’s, Friends Lists and Photos Among the Data Exposed

    Two separate databases that stored Facebook user profile details on unsecured Amazon AWS cloud servers were discovered this week by cybersecurity research firm Upguard. It was just last April that Facebook admitted malicious actors had likely accessed user data for all of Facebook’s 2.2 billion users. This time, the world’s biggest social network is not to blame.
    The massive data breach was tracked back to Mexico-based media company Cultura Colectiva. Another 3rd-party app, At the Pool, also improperly stored user profile data in a different AWS database, contributing to the breach.
    Upguard notified Cultura Colectiva and Amazon of the exposed data in January. Apparently, no action was taken until April 3rd.

    What This Means for You

    The databases have been secured and taken offline. While it’s unknown whether affected Facebook users will be notified that their data has been compromised, this latest breach is a good reminder to change your passwords, especially passwords used with Facebook.
    IT security best practices call for changing your passwords every 90 days. This may not be achievable for many users. A reasonable goal would be to change your passwords twice a year. Picking notable dates, such as Mother’s Day or the first day of school makes it easier to remember. Just like we’re supposed to change the batteries in our smoke alarms when the time changes. Pick your dates and put a note on the calendar.

    How Do I Create a Secure Password?

    Rather than trying to create and remember a password, try using a phrase or expression. After you’ve picked one, use the first letter of each word in the phrase. Substitute numbers and special charachters for two or more of the letters. Viola! You’ve created an easy to remember, secure password.
    Our Support Center has a How-To article on creating secure passwords that illustrates how easy it can be.

  • World Backup Day

    March 31st is World Backup Day

    The day before April Fool’s Day reminds us to protect our important data

    Data keeps your business moving. You share and store online your personal information. Your devices hold the files, images and music that matter most. World Backup Day is an annual reminder to take action.
    On average, we spend almost half of each day on our digital devices. We rely on these devices to keep our day organized, our precious moments captured, and our business running at top speed.
    The data we store and use every day is one of the most valuable assets we have. How are you protecting your data? It can only take a moment to loose some or all of it. Here’s some sobering facts that underscore the importance of backing up our data:

    Don’t become the April fool who didn’t backup their data. There are many choices available that make backing up your files easy and automatic.
    If you already have a backup plan in place, use March 31st to make sure it’s working properly. If you don’t have a plan, use the day to get one.
    Once you’ve backed up, tell the world by using the hashtag #WorldBackUpDay .
    Protect what matters most in your digital life this World Backup Day.

  • Email Phishing Attacks – What You Need to Know

    Over the past 48 hours, we have seen a large spike in email phishing activity. Our Support Department has received calls from several users who have reported receiving email messages that turned out to be phishing attempts. We thought it a good time to share some information about what email phishing attacks are, how to identify an email that is attempting to phish information and what to do if you believe you have received an email phishing message.

    What are email phishing attacks?
    According to the US Department of Homeland Security’s Computer Emergency Readiness Team, email phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.

    Tech-savvy con artists and identity theft criminals will use spam, fake websites constructed to look identical to real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and credit card numbers. Once you take the phisher’s bait, they can use the information to create fake accounts in your name, ruin your credit, and steal your money or even your identity.

    How do I identify a phishing email?
    If you receive an email message that appears to have been sent from a coworker, vendor or other trusted third-party and it’s requesting you to click on a link, open an attachment, take an action (like issuing a check or buying gift cards), or sending information about employees, bank accounts, customers or vendors, it may be a phishing attempt. Stop and scrutinize the message carefully. Here’s some clues to look for that will help determine if the message is a phishing attempt:

    • An email phishing message typically will use awkward sentence structure or use words in the wrong context. Nouns and punctuation may be used incorrectly.
    • An email phishing message will suggest that you requested some information and will ask you to click on a link or open an attachment.
    • A phishing email can look like a fundraising message for a recent disaster or other newsworthy event.
    • A link may be disguised to look like a legitimate site, such as Amazon, Microsoft or a bank.

    I think I just received an email phishing message. What should I do?
    If you think you’ve received an email phishing message, the most important action to take is to stop – don’t click any links, don’t open any attachments, and don’t reply. Some other actions to take are:

    • Don’t open messages from unknown senders
    • Do not click on any links. By hovering your mouse pointer over the link, you can see the actual link displayed in a pop-up info balloon. If the link address looks unusual or does not match the site it states it’s from, it’s a phishing attempt.
    • Call the sender and ask them if they sent you the message. Only follow the link or open the attachment if you can verify its legitimacy with the sender.
    • Do not provide personal information to any unsolicited requests for information
    • Type in a trusted URL for a company’s site into the address bar of your browser to bypass the link in a suspected phishing message
    • If you want to donate, visit the fundraising organization’s web site directly, don’t use any links from any other source.
    • Only provide personal information on sites that have “https” in the web address or have a lock icon at bottom of the browser
    • Immediately delete messages you suspect to be spam

    Email phishing messages can be safely deleted. If a message appears suspicious and you would like help determining whether it’s a phishing attack or not, please call our office at (209) 790-4560 option 2, or send us an email at support@ntelogic.com.

    If you believe you have already responded to an email phishing message, clicked on a suspicious link or opened a suspicious attachment, notify your supervisor and manager, and then call our office at (209) 790-4560 option 2.

    Remember to always stay safe online and think before you click!