By -- 2022-04-11 in Blog

Spring marks a time of regrowth and change, and many take this season as an opportunity to tidy up their house or apartment. However, Spring is also a good time to remember to clean up your technology and cyber footprint. Throughout the year, people widen their cyber footprint by doing things like paying bills, shopping, or using social media. To remove this type of clutter and protect yourself and your loved ones from potential attacks, there are several things you can do this Spring.

First, review your passwords and update them with stronger, more unique ones when necessary. Use Multi-Factor Authentication (MFA) on accounts that contain sensitive information, such as bank or retirement accounts.

Next, review all email accounts. Organize your emails into folders of items you want to keep and delete the ones you no longer need or unsubscribe from spam senders. You may also want to review and update filters to send unwanted marketing or spam messages directly to trash.

Social media accounts often also need a bit of tidying up. Here, it is useful to search yourself online to get an idea of what comes up for curious searchers. To clean up your accounts, review your privacy setting as well as photos and videos and determine if you want to change any settings or delete any content. If you wish to delete an account, don’t just delete the app, delete or deactivate your entire account.

Perhaps most importantly, make sure all of your devices and operating systems are updated and review and test your backup and data recovery plan. Additionally, make sure that you can restore from a backup and review what you’re backing up, as well as your backup location and media.

If you’re interested in discussing network best practices and running your organization’s IT systems smoothly, feel free to reach out to us regarding your concerns at info@OptfinITy.com, or call us at (703) 790-0400. We will be happy to have a free no obligation consultation.

By -- 2022-04-3 in Blog

QR codes are everywhere these days. From restaurant tables to Super Bowl ads, their range of uses and applications has boomed since the onset of the pandemic. As usual, cybercriminals have taken note. The FBI has warned consumers that hackers are now creating malicious QR codes designed to trick unsuspecting scanners into giving away banking or login information. In early January, residents and tourists of Austin, TX experienced this first-hand when tens of malicious QR code stickers were placed on parking meters, promising motorists that they would allow them to pay for parking online. Cyber experts have determined that as of now, scanning these suspicious codes won’t affect your phone by secretly downloading malware, but instead, will lead you do sites designed to phish for your financial or personal information.

 

So, what can you do to spot potential QR code scams?

  • Think before you scan: This is most relevant for codes in public places. Does the sticker appear to be part of an advertisement, sign, or display? If it looks out of place, it probably is.
    • If the scanned site looks strange or asks for sensitive information that doesn’t seem to be relevant, don’t give that information out.
    • When in doubt, ask the store or display owner for a paper copy of the document you’re trying to access.
  • Don’t scan codes within unsolicited mail: As far as emails go, there is virtually no legitimate reason that a trusted sender would require a receiver to use a second device to access a safe and legitimate site via email.
    • This also applies to paper mail; if there’s a code in a piece of unsolicited junk mail, its safe to assume that scanning it may not be safe.
  • Preview the code’s URL: Most smartphone cameras running the latest OS allow users to preview a code’s URL as you start to scan it. If the URL looks strange, trust your gut and move on.
    • Using a free secure scanner app is also helpful in spotting malicious links before your phone opens them.
  • Use a password manager: If a QR code takes you to a convincing, but fake, website that you have an account with, a password manager will still know the difference and won’t autofill your passwords.

 

If you’re interested in discussing online safety and how to avoid and recover from phishing scans, you can reach out to us at info@OptfinITy.com.

By -- 2022-03-21 in Blog

If you frequent any social media platform, you’ve more than likely seen seemingly harmless, wacky quizzes pop up on your feed or timeline.  A lot of these tend to be associated with Facebook, but quizzes and surveys on Twitter and Instagram, as well as “Get to Know Me” videos on TikTok all serve a similar function: to harvest personal information from unsuspecting users.

Many times, these lighthearted posts are common security questions.  Headlines such as “Your Metal Band Name is the Street you Grew Up On + Favorite Pet’s Name” may appear benign, but the comments under such posts often contain a goldmine of potential passwords or answers to security questions. While there are plenty of question game posts that were created by cybercriminals with the intent of gaining access to sensitive information, not every quiz post is crafted by a hacker. However, these posts can be harmful regardless of the creator’s intent, as they are usually public and have no limits to who can view the post’s comments. Some examples of a quiz post a social media phisher may publish include:

  • Who even remembers their kindergarten teacher? Let’s celebrate our educators this week!
  • Nobody’s first car was a Ford- prove me wrong!
  • Name a TV show you could watch forever and never get tired of!

 

It’s nearly impossible to avoid coming across one of these phishing scams on social media, but there are steps you can take to protect yourself. First, don’t give out sensitive information on social media. Though some prompts may be tempting to complete, don’t answer or share quizzes asking for personal details. Additionally, keep an eye out for posts that create a sense of urgency and panic. Cybercriminals exploit emotions like curiosity, fear, greed, and helpfulness to create a sense of urgency to entice you to share information or click on a link. Lastly, when in doubt, flag or report a post if it seems suspicious.

For more information regarding online safety and best practices, you can always reach out to us at info@OptfinITy.com.

By -- 2022-03-17 in Blog, Uncategorized

If you’re like many non-profits, you may benefit from the Microsoft Non-profit program. This endeavor has enabled nearly 400,000 organizations worldwide to access top-notch technology at discounted rates.  However, there are going to be some major changes to the software donation program that will take place on April 4, 2022 that you should be aware of.

Arguably, the largest change that will take place is that on-premises products will no longer be available to nonprofits as a donation. Microsoft defines on-premises products as “standalone, perpetual licenses that users install on specific computers and that can be used without an internet connection (e.g., Office Standard)”. Instead, the majority of on-premises solutions will continue to be available through cloud donations, but organizations can still request these products through until April 4, 2022.  Windows Pro, Windows Server and SQL Server will still be part of the catalog of on-premises Microsoft software. Organizations operating computer labs, training centers, or providing public-access computers will still be able to access specific on-premises product donations.

Below are some of the cloud donations that will be available for your organization following this change:

  • Microsoft 365 Business Premiumwill continue to be free for up to 10 users
  • Microsoft 365 Business Basiclicenses will continue to be free for up to 300 users
  • The Power Apps Per App planto build low-code and no-code custom workflows is available for free for up to 10 seats.
  • Organizations can also leverage up to $3,500 in Azure services yearly directly from Microsoft in markets where Azure is available.

If you have any questions or concerns regarding this change, feel free to reach out to us at info@OptfinITy.com or call us at (703) 790-0400.

By -- 2022-03-4 in Blog

Apple’s AirTag devices have risen in popularity since their release in 2021. Though their aim is to help users track items such as their keys or bags by attaching an AirTag to them, some have found more nefarious uses for these tracking devices. There have been reported cases of AirTags being slipped into someone’s bag or car without their content. This act of secretly tracking an unsuspecting victim is a serious concern for survivors of domestic abuse, and has also been used in attempts to stalk others or steal cars.

So, what can you do if you believe someone is using an AirTag to track you? The most basic thing you can do is to manually search yourself and your belongings for places where an AirTag may have been slipped in. However, because of its small size, you may not be able to find the device. Therefore, a good next step is to use a Bluetooth tracking app to scan your area to see if there is an AirTag nearby. If you do find an AirTag nearby and want to find its serial number in case you need to alert law enforcement, you can find that number without alerting the owner by using Apple’s Find My app. First, hold the device up to your phone , tap on the name of it, and then you will be able to see its serial number. Alternatively, you can also tap and hold the top of an NFC-capable smart phone to the white side of the AirTag. The webpage that pops up will contain the serial number. To disable the device so that the owner can no longer see your location, twist it counterclockwise on the back by the Apple logo and take the battery out. When in doubt, contact law enforcement if you believe that you’re being tracked. If you’d like to discuss online safety, feel free to contact us at info@OptfinITy.com or call us at (703) 790-0400.

By -- 2022-02-28 in Blog

Cybersecurity experts and the FBI are warning Americans that there will likely be an increase in cybersecurity attacks targeting U.S. citizens and companies. This warning follows a slew of sanctions Western nations have placed on Russia following its invasion of and malware attacks against Ukraine.

Tensions have further escalated since the U.S. and allies blocked some Russian banks from the SWIFT international payment system. Experts warn that ransomware and malware attacks, data wiping and theft, and denial-of-service attacks are among types of attacks that hackers will use as a form of cyberwarfare against the U.S. and its allies.

Cyber experts warn that small- to medium-sized businesses are among the most vulnerable entities, as they typically do not have the cyberattack mitigation plans necessary to prepare for and defend against sophisticated, targeted attacks. The best forms of protection that executives and officials recommend for businesses and individuals alike is to make sure that software and anti-virus systems are up to date, two factor authentication is in place, and a crisis plan has been established. If you’d like to ensure that your organization’s cybersecurity protocols are up to date and secure, feel free to contact us at info@optfinity.com or call us at (703) 790-0400.

By -- 2022-02-24 in Blog

If you’re like millions of other Americans, you’ve probably heard of, if not already played, Wordle. This addictively simple word game has boomed in popularity due to its virality, ad-free nature, and lack of a price tag. Unfortunately, this may change soon. In late January, it was announced that the New York Times bought Wordle. The news rattled many users who fear that their favorite game may soon be put behind a paywall like many of the Times’ own games and articles. This notion was confirmed when the Times stated that the game would “initially remain free” to new and existing players.

Luckily for players, there’s a way to play this game for free should it go behind a paywall. Wordle runs on a browser, which means that all of its code is saved as plaintext on the game’s website. To grab the free  version, players only need to right click in their browser, select “save page as webpage”, and save Wordle as an HTML file. Then, the original game can be played offline. By clicking on the saved HTML file, it should then open the game in a browser, even if you’re offline. Further, because the game is based on a list of over 2,000 five-letter solution words, an offline version should (in theory) allow users to play free every day for seven years. Before dashing to download the HTML, be aware that you may not be able to save your streak, and sharing would be messy- if even possible. If you’d like to learn more about optimizing your technology and devices, feel free to reach out to us at info@optfinity.com.

By -- 2022-02-15 in Uncategorized

Cybersecurity apprehensions surrounding the Olympics have been prevalent for the past few Olympic games, but the 2022 Beijing Winter Olympics have brought on a new set of concerns as it relates to technology.

In 2020, the Tokyo Olympics incurred over 450 million cyber-related incidents, far superseding the number seen during the 2012 London Summer Olympics. For these Olympics, FBI Director Christopher Wray commented on his fears of the host city being situated in China, as the Chinese government has allegedly carried out repeated cyberattacks against Americans in an attempt to steal information and technology from U.S. companies.

As a result, Olympic athletes have been advised to use temporary cell phones while at the Games. Government agencies across the globe have also warned athletes of apps like My 2022 which is used to track players’ health amidst the COVID-19 pandemic, despite it not being secure.

While these are dangers which affect the athletes, viewers of the 2022 Winter Olympics should also use caution when trying to watch the Games. According to Dr. Francis Gaffney, DirectorMimecast Labs & Future Operations, there are 2 major potential threats that viewers should watch out for:

  1. Typosquattting– This is a type of campaign that cybercriminals use to install malware or steal sensitive information. Check sites for typographical errors before clicking on links within seemingly familiar websites, as these criminals sometimes create fake websites that mimic the official Olympics’ site to prey upon unwary users who may mistype what they actually want to search for.
  2. Fake streaming sites– Cybercriminals will often create fake streaming websites that promise viewers free access to the Games. Similar to typosquatting, any login credentials or “free trial” payment information be harvested by threat actors and either used to install malware, or may be sold on the Dark Web. To stay safe while watching the games, keep an eye out for typos on seemingly legitimate sites and don’t visit sites that promise free streaming services of the Olympics.

If you’re interested in discussing internet safety and ensuring that your credentials are safe, you can email us at info@OptfinITy.com or call us at (703) 790-0400.

By -- 2022-02-14 in OptfinITy News

FEBRUARY 14, 2022: OptfinITy announced today that CRN®, a brand of The Channel Company, has named OptfinITy to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2022. CRN’s annual MSP 500 list identifies the leading service providers in North America whose forward-thinking approaches to managed services are changing the landscape of the IT channel, helping end users increase efficiency and simplify IT solutions, while maximizing their return on investment.

 

With many customers still recovering from the impact of the ongoing pandemic, MSPs have become a vital part of the success of businesses worldwide. MSPs not only empower organizations to leverage intricate technologies but also help them keep a strict focus on their core business goals without straining their budgets.

 

OptfinITy was recognized as an MSP Pioneer 250 company due to its extensive managed services portfolio, including on-premises and off-premises capabilities, weighted toward managed services while largely focusing on the SMB market.

 

 

About The Channel Company

The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequalled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace. www.thechannelco.com

 

 

 

 

 

Follow The Channel Company: Twitter, LinkedIn, and Facebook.

© 2022 The Channel Company LLC. CRN is a registered trademark of The Channel Company, LLC. All rights reserved.

The Channel Company Contact:

Jennifer Hogan

The Channel Company

jhogan@thechannelcompany.com

 

By -- 2022-01-25 in Blog

In recent years, Zoom has become one of the most popular video conferencing platforms in the world, boasting over 300 million daily meeting participants- largely due to the sharp increase in remote working trends. Though many people find its interface user-friendly and convenient, it certainly comes with a host of privacy risks. Privacy experts have been concerned about Zoom since 2019, when the software disclosed its involvement in both a webcam hacking scandal along with a bug that allowed uninvited users to snoop in on video meetings- even ones protected with a password (now known as “zoom-bombing”). Since then, Zoom has cleaned up its act and disabled concerning features, such as its built-in attention-tracking features, and enabled security features like end-to-end encryption. However, there are still several privacy concerns to watch out for.

  1. Non-Attendees May be Watching your Recordings: If you pay for a Zoom subscription, be mindful of who you allow to access cloud recordings. This feature, which allows hosts to record the meeting, text transcriptions, and active chats within the meeting, can be useful as a reference for meeting attendees, but can also be accessed by other authorized users at your company- including those who may have never attended the session. If you’re concerned, Zoom allows administrators to limit the recording’s accessibility to only certain preapproved IP addresses.
  2. Zoom May be Sharing your Information with Third Parties: In 2020, Vice’s Motherboard conducted an analysis that found Zoom was sharing user analytics with Facebook- even if the user didn’t have a Facebook account. In March of 2020, Zoom announced the removal of this feature, but its updated privacy policy remained murky regarding its data sharing practices with third parties. Since then, Zoom has clarified that, “No data regarding user activity on the Zoom platform — including video, audio, and chat content — is ever provided to third parties for advertising purposes”. Regardless, you should probably look over your Zoom and device security settings, minimizing permissions when possible. Additionally, make sure your Zoom app is up to date to ensure that any security patches have been installed.

If you would like to discuss software security and account privacy, feel free to contact us at info@optfinity.com.