If you’re wondering why hackers are more prolific now than ever before, perhaps it’s because corporations paid out over $3 billion to fraudsters last year. This year, Southern Oregon University is just the latest victim adding to that rising total by succumbing to a business email compromise (BEC) attack; one of 78 to be exact.
The University received a fraudulent email informing them of a new bank account they should make payments to for the construction of a pavilion and student recreation center. This account obviously belonged to the hackers, thus leading the construction company to inform the University that they were never paid.
BEC scams work when the scammer, posing as a vendor, sends out a convincing email either similar to or hacked from the vendor, informing the victim of a new or changed bank account. Once the money is sent, its usually too late to be recovered by the time the crime is noticed.
Remember, most of these scams rely on a single employee unknowingly clicking on a link, opening an email, or otherwise failing to do basic due diligence before trusting an unknown source. Optfinity provides levels of authenticity, training for staff, encryption, and reporting for all our clients. Want to be sure your company never falls for a BEC, contact us today for a free, no obligation assessment and stop paying the scammers’ mortgages.
Just when you thought you were safe from WannaCry, a new bully is on the playground called Fireball. And this malware has already infected over a quarter billion computers worldwide! One of out every five corporate networks have been compromised. Most of these are in other countries as the US, thankfully for now, only accounts for 2.2% of the infected devices.
How does this malware differ from the others? It sneaks its way onto user’s devices through bundling, where it is paired with other freeware products. Once it is installed, it then utilizes the victim’s browser to turn their search engines and home pages into fake ones. It then installs plugins to boost advertisements and generate ad revenue for the hacker who created Fireball.
We recently covered this seemingly benign threat. While it appears the only current downside is a hacker using your computer to blindly help them make money, don’t forget, they have access to your electronic device. So, at any point, they could change their code and do some serious damage to individuals and corporate enterprises! Remember, free is almost never “free”.
If you’re uncertain if you’ve become a victim of this or any other malware, or just want a good assessment of your systems and their structure and security, contact Optfinity and we’ll provide you with a free, no obligation assessment to help give you peace of mind.
There’s a new malware loose on the streets and this time its attacking Android phones. Its nicknamed “Judy” and currently has infected upwards of 36.5 million devices. This malware has made its way onto so many devices through, now defunct, apps in the Google Play Store.
Luckily, the current malware is relatively benign in that “The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it,” the security report reads. So, at worse, victims might be losing out on data, as the malware is currently written.
The unknown danger is that this malware already has access to your device and at any time, the hackers could decide to make this malware do more malicious things to your equipment other than just helping them make money off ad clicks. It is this potential for more devious actions that should have users worried. Once again, if you’re unsure of your IT security threats or risks, Optfinity can help you out with a free, no obligation assessment.
With new guidelines from the US National Institute of Standards and Technology, we will soon, hopefully, see the elimination of older, outdated standards such as frequent password changes and utilizing special characters. These guidelines will affect both government and business passwords.
Because humans have limited memory capabilities, having to recall long, complicated strings of characters are often impossible and therefore many users just use simple passwords that are easily guessed. Studies have also shown that there is negligible benefit for these more complex passwords at the expense of usability and memorability.
The possible solution? New guidelines allowing for the ending of special characters, longer passwords of up to 64 characters which can include spaces. This will open the door to passwords being created around strings of words or phrases which are easier for humans to remember but harder for computers to guess.
Till this new rollout of password standards, if you need help or advice on how to better manage the dozens of passwords you have to deal with on a daily basis, just contact Optfinity today and we can provide you with several options.
Even a company as large as Disney has fallen victim to hackers, having had files of their recent movie stolen and threatened to be released online if ransoms were not paid. They refused, and clips have since surfaced. Its great news that they refused to pay and instead worked with authorities to try and bring the scammers to justice.
This goes to show that every company, large and small, must do more to protect themselves including security awareness training with employees. Optfinity, through Knowbe4, offers this type of security awareness training to all our clients. Not only does this entail online tutorials and test emails which assess which employees are vulnerable and likely to click on phishing scams, but also reports back to the client to see where their company’s weaknesses lie.
Don’t wait till a naïve employee innocently clicks on a wayward word document emailed to them by a hacker, thus giving them access to every bit of data on your servers. Contact Optfinity today for a free assessment.
Previously, we have shown you how to delete and clear these pesky, residual elements in Internet Explorer that stick around on your computer after you’re finished searching the web. This time, we will be showing you how to do it for Microsoft Edge, their newest web browser. You’ll find updating to this browser comes with many benefits, it’s much faster than IE, and most elements are more user friendly, including spring cleaning of your data.
There are now two easy ways to clear all your data. The first is to click on the three lines in the upper right-hand corner which are the history icon.
Once there, you can individually delete websites by clicking the “X” to the right of each site listed. Or you can delete all by clicking “Clear all history”. This will take you to the next screen where you can select up to eleven different data sets you wish you clear out, including your history, cache, cookies, and form data.
The other way you can access this same information is by clicking on the “more” icon in the upper right hand corner represented by three dots. From there you select “Settings”. On this page you can change your theme, make changes to how your tabs operate, and clear your browsing history, among other things. Once you click on “Choose what to clear”, it will take you to the same screen as shown above.
As you can see, this is far easier as you can delete all your data in one move, as opposed to having to delete your cache/cookies and history separately; not to mention any other data sets you wish to have stricken from the records. If you have any other questions, feel free to contact Optfinity anytime.
The largest ransomware attack in history has already infected over 114,000 Windows systems worldwide. Many of these infections were on older, unsupported versions of Windows such as XP, Vista, and Windows 8. There is a reason any IT professional will advise you to upgrade to any current OS; these systems are constantly supported and updated to ensure the highest level of safety and security.
But in the wake of this unprecedented infection, Microsoft has released an emergency security patch update for all its versions of Windows, including those no longer supported. So, if you’re still utilizing one of these operating systems, download and update now!
This security breach has not only affected small businesses and individuals in over 99 countries, it has also infected such large corporations as Spain’s Telefonica, Russia’s MegaFon, FedEx, and the National Health Service in the U.K. The latter of these forcing the rejection of patients, cancelation of operations, and rescheduling of appointments due to the infection.
What can you do? For starters, follow the seven steps listed in the article, including keeping your system up-to-date and be mindful of phishing emails, which is the main way this ransomware affects users. You should also hire professional IT support to ensure you’re always protected, including having a secure and robust back-up system. Optfinity offers free assessments, so if you’re unsure if your company will survive a possible infection, contact us today. No pressure, no sales gimmicks, just honest care and advice to help small businesses stay safe in this highly dangerous cyber world.
Recently, both Google and Facebook were victims of fraud in which the criminal managed to convincingly impersonate an Asian manufacturer, generate fraudulent emails from the company, and invoice those huge companies for millions of dollars. This was done by simply forging invoices, contracts, and letters from the victim companies.
Luckily, Google and Facebook are large enough to have weathered this crime and could recover almost all the money that was swindled away. But could your company survive a similar fraud attempt, if even for a small fraction of the dollars stolen?
How often are you double checking invoices, letters, and contracts to ensure they are legally representative of the company you are doing business with? It doesn’t take but a minute to call your trusted point of contact at the company you’re contracting with to verify addresses, bank accounts, etc. You may think this is redundant or a waste of employees’ time, but don’t forget that a simple verification task can potentially save you from sending your money to a fraudster trying to steal your hard-earned money.
As in every case involving your personal information, you should be wary of giving it out to strangers, especially when being solicited. The newest scammer craze is being targeted through LinkedIn by a spammer emailing contacts letting them know they are urgently seeking workers.
These emails inform the person that they match qualifications they are seeking for jobs in your region. There is no specificity in the email, it does not originate from a real LinkedIn address, and has countless spelling and grammatical errors. Those red flags alone should be enough to stop you in your tracks. But there are still many out there who would fall for this.
Aside from endangering yourself and your personal data, you also open your company to fraud. These cases, also known as CEO fraud, have resulted in companies losing upwards of tens of millions of dollars. So, ensuring your staff is well trained on how to avoid being a victim of scammers not only protects them, but also your company’s bottom line.
This is a fascinating article on artificial intelligence, where its been and where its going, and how we got there; but moreover, have you thought about how AI may affect your business years down the road? Are you prepared for the changes and challenges that such technology might present?
The article talks about three waves of AI, the first including such technology as Google Maps, smart phones, and traffic lights. Do you think every business which made maps for your car is still in business? How about encyclopedia companies, pagers, or crossing guards? Future AI technology is anticipated to replace most human workers in many fields. What are you doing to anticipate and prepare for this new technology tidal wave to ensure your business does not go under?
A first step in all this is to ensure you have a fully-functioning and knowledgeable IT component within your organization looking out for your best interests. There are many basic steps companies fail at, such as fully integrated websites, mobile apps, cloud storage, and disaster recovery systems. Once you’ve read the article and watched the fascinating video, contact Optfinity today for a free assessment and take your first step in putting your company on the right path to navigating the technology maze just ahead.