Mother Lode: (209) 694-4599
Central Valley: (209) 790-4560

Category: Security

  • Email Phishing Attacks – Part Duex

    As we posted last March, email phishing attacks continue at record levels. Those who seek to commit fraud keep getting more innovative in their efforts. Many people have become savvy enough to recognize the common tell-tale signs. Whether it’s a tragedy or a fake IRS collection notice, we’re rarely surprised by the bait used by those who are phishing. This is one of those instances that gave us pause.
    A client forwarded an email message that appeared to be a voicemail notification from their office phone. Many of us are used to getting text and email notifications for voicemail messages left for us. Whether the fake notification looks similar to what you normally see or not, one link click whilst in a hurry can lead to compromise.

    The recipient did the right thing. Using the information they have learned about the tactics used by cyber-criminals, the client recognized the clues and didn’t take the bait.
    Remember to always think before you click. Stay smart, the criminals are working hard to stay in business. Don’t let them get into your business.

  • Barracuda Email Spoof

    What the Barracuda Email Spoof Means for Your Business

    Elaborate Scheme to Steal O365 User Credentials

    The email spoof remains one of the favorite tools used by cyber-criminals to phish information. A recently uncovered scheme moved the bar up in terms of sophistication. As if using known brands wasn’t enough, this latest phishing attempt spoofed one of the leading email security firms. As a result, the implications are scary.
    Internet security training firm KnowBe4 reported how the attackers took great effort to cover their tracks. A typical email spoof involves forging the sender address. Known and trusted brands are used to trick recipients into opening the message. This attack however,  went beyond using a known brand and forged the email message header information. In an attempt to give increased credibility, the attackers spoofed the message header information as if the message had been safely validated by Barracuda Networks, an email security company known for tracking and reporting email shenanigans like email spoofing.
    Once a recipient opened the message, they were asked to login to their Office 365 account. The illegitimate landing page was a complete duplicate of the real Office 365 portal. Even a savvy user who took the time to review the message header information could have easily surrendered their O365 account credentials. This is the scary part – this tactic will likely be used over and over again, using other, well known security brands.

    What’s a Small Business to Do?

    If you’ve not discussed how to spot an email spoof with your teams, now is the time. Email phishing attacks are at an all time high. Remind staff to be vigilant and question any email that doesn’t seem quite right. The best rule-of-thumb is to think before you click.
    A plethora of email security solutions are also available. From simple to sophisticated, there is an email security solution for every budget. Talk to your IT department or give us a call about email security in your office.

  • Latest Facebook Data Breach

    Facebook Data Breach Exposes User Data

    540 Million Facebook Users Impacted

    User ID’s, Friends Lists and Photos Among the Data Exposed

    Two separate databases that stored Facebook user profile details on unsecured Amazon AWS cloud servers were discovered this week by cybersecurity research firm Upguard. It was just last April that Facebook admitted malicious actors had likely accessed user data for all of Facebook’s 2.2 billion users. This time, the world’s biggest social network is not to blame.
    The massive data breach was tracked back to Mexico-based media company Cultura Colectiva. Another 3rd-party app, At the Pool, also improperly stored user profile data in a different AWS database, contributing to the breach.
    Upguard notified Cultura Colectiva and Amazon of the exposed data in January. Apparently, no action was taken until April 3rd.

    What This Means for You

    The databases have been secured and taken offline. While it’s unknown whether affected Facebook users will be notified that their data has been compromised, this latest breach is a good reminder to change your passwords, especially passwords used with Facebook.
    IT security best practices call for changing your passwords every 90 days. This may not be achievable for many users. A reasonable goal would be to change your passwords twice a year. Picking notable dates, such as Mother’s Day or the first day of school makes it easier to remember. Just like we’re supposed to change the batteries in our smoke alarms when the time changes. Pick your dates and put a note on the calendar.

    How Do I Create a Secure Password?

    Rather than trying to create and remember a password, try using a phrase or expression. After you’ve picked one, use the first letter of each word in the phrase. Substitute numbers and special charachters for two or more of the letters. Viola! You’ve created an easy to remember, secure password.
    Our Support Center has a How-To article on creating secure passwords that illustrates how easy it can be.

  • Email Phishing Attacks – What You Need to Know

    Over the past 48 hours, we have seen a large spike in email phishing activity. Our Support Department has received calls from several users who have reported receiving email messages that turned out to be phishing attempts. We thought it a good time to share some information about what email phishing attacks are, how to identify an email that is attempting to phish information and what to do if you believe you have received an email phishing message.

    What are email phishing attacks?
    According to the US Department of Homeland Security’s Computer Emergency Readiness Team, email phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.

    Tech-savvy con artists and identity theft criminals will use spam, fake websites constructed to look identical to real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and credit card numbers. Once you take the phisher’s bait, they can use the information to create fake accounts in your name, ruin your credit, and steal your money or even your identity.

    How do I identify a phishing email?
    If you receive an email message that appears to have been sent from a coworker, vendor or other trusted third-party and it’s requesting you to click on a link, open an attachment, take an action (like issuing a check or buying gift cards), or sending information about employees, bank accounts, customers or vendors, it may be a phishing attempt. Stop and scrutinize the message carefully. Here’s some clues to look for that will help determine if the message is a phishing attempt:

    • An email phishing message typically will use awkward sentence structure or use words in the wrong context. Nouns and punctuation may be used incorrectly.
    • An email phishing message will suggest that you requested some information and will ask you to click on a link or open an attachment.
    • A phishing email can look like a fundraising message for a recent disaster or other newsworthy event.
    • A link may be disguised to look like a legitimate site, such as Amazon, Microsoft or a bank.

    I think I just received an email phishing message. What should I do?
    If you think you’ve received an email phishing message, the most important action to take is to stop – don’t click any links, don’t open any attachments, and don’t reply. Some other actions to take are:

    • Don’t open messages from unknown senders
    • Do not click on any links. By hovering your mouse pointer over the link, you can see the actual link displayed in a pop-up info balloon. If the link address looks unusual or does not match the site it states it’s from, it’s a phishing attempt.
    • Call the sender and ask them if they sent you the message. Only follow the link or open the attachment if you can verify its legitimacy with the sender.
    • Do not provide personal information to any unsolicited requests for information
    • Type in a trusted URL for a company’s site into the address bar of your browser to bypass the link in a suspected phishing message
    • If you want to donate, visit the fundraising organization’s web site directly, don’t use any links from any other source.
    • Only provide personal information on sites that have “https” in the web address or have a lock icon at bottom of the browser
    • Immediately delete messages you suspect to be spam

    Email phishing messages can be safely deleted. If a message appears suspicious and you would like help determining whether it’s a phishing attack or not, please call our office at (209) 790-4560 option 2, or send us an email at support@ntelogic.com.

    If you believe you have already responded to an email phishing message, clicked on a suspicious link or opened a suspicious attachment, notify your supervisor and manager, and then call our office at (209) 790-4560 option 2.

    Remember to always stay safe online and think before you click!