fb
NTELogic.com | Blog

Blog

Email Safety

Share & Follow Us

Hackers Steal, Release Web Site Membership Records

Email SecurityThis week, 36 million names, addresses and phone numbers of registered users that were stolen as part of a hack attack against the Ashley Madison site – a dating site that focuses on extra-marital affairs – were posted on the Internet. All these records are now out in the open, exposing highly sensitive personal information.
Internet criminals are going to exploit this in many ways, sending spam, phishing and possibly blackmail messages, using social engineering tactics to make people click on links or open infected attachments. Be on the lookout for threatening email messages which slip through spam filters that have anything to do with Ashley Madison, or that refer to cheating spouses and delete them immediately. These malicious messages may arrive in your work or home email inboxes, or both, so being vigilant is critically important.

General Online Security

As the old cliche goes: If you receive an email or phone call, or visit a web site that offers something that seems to good to be true – it is. Each time there is a known threat or data leak, cyber-criminals go to work, preying on unaware users. Several times a month, our staff receive phone calls from someone claiming to be with Microsoft or Oracle and that they’re calling to help us with a problem they have detected on our computer. This scam befalls thousands of unsuspecting home and business users every week. You can expect this trend to accelerate with the Ashley Madison data dump.
Be wary of anything that doesn’t seem right, sound right or feel right. Report any unusual contacts to your IT department or IT Support provider.

Basic Computer Security

This is a good time to review your security practices. Following good security practices combined with protection for your computers will protect you against most threats and invasions of your online privacy. Here’s some basic security tips for your computers:
Start by checking in with your Anti Virus program:

  • Are you using a current, up-to-date version of anti virus software?
  • Is your anti virus program’s virus definitions – the list of know threats –  up-to-date?
  • Is your anti virus program set to automatically scan your computer periodically?
  • Does your anti virus program provide online identity protection?
  • Does your anti virus program have firewall protection?

Beyond your anti virus software, some other basic computer security tips include:

  • Never plug a USB or other external drive into your computer unless it is from a known, trusted source.
  • Always scan files from a USB or other external drive with your anti virus program, even if the drive is from a known source (they may not know their files are infected).
  • Use a secure, encrypted file sync and share service such as Ntelogic’s ShareSync, Dropbox for Business or Business OneDrive.
  • In the office, always lock your computer screen when you leave your computer unattended. On Windows computers, this is accomplished by pressing Ctrl+Alt+Del and selecting Lock from the options.
Email Messages

Email is a leading source for virus and spyware infections as well as online identity theft through social engineering, or “phishing”. The United States Computer Emergency Readiness Team provides the following security tips for email:

  • Be suspicious of unsolicited email messages from individuals asking about employees, company or personal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
  • Never open any file attached to an email message unless you know then sender and are expecting the file. Even then, do not open the file attachment directly from within your email program. Save the attachment to your computer (such as, on your Desktop or in your Documents folder), and then have your anti virus program scan the file to ensure it does not contain a virus, worm, spyware or other malicious software.
  • Do not provide any of your personal information, or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
  • Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (link below).
  • Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.

If you do not have current, up-to-date anti virus protection, or would like to learn more about content filtering, online identity protection or additional ways to secure your email, Ntelogic is ready to help. Contact us today so we can assist you with your online security.
Additional information resources:


Share & Follow Us

Share

No Comments

Post a Comment

Comment
Name
Email
Website