By -- 2018-09-19 in Blog

When a natural disaster or great tragedy occurs such as a massive hurricane or the Boston bombing, your immediate reaction may be to want to help those who are suffering during these circumstances by sending monetary donations. Unfortunately, cybercriminals know this and take advantage of people’s good will through phishing scams and the creation of fraudulent websites that ask for monetary relief. According to a recent cyber intel advisory, there has been a spike in the number of registered domains containing words such as “claims,” “compensation,” “lawyers,” “relief,” and “funds” in the wake of the formation of Hurricane Florence, which suggests there are many new fraudulent websites being created targeting people who want to donate to disaster relief efforts. To best protect your technology from being exposed to malware, here are a few guidelines to follow in the wake of a disaster:

  1. Highly question any individual plea for financial assistance. This includes solicitations on social media, direct emails and crowd funding websites. Even if it appears to come from a trusted source, always double check with the Federal Trade Commission Consumer Information website or National Voluntary Organizations Active in Disaster website for guidance.
  2. Beware of emails containing links that claim to lead to a website with “more information” or photos. Although the photos and information may be relevant, it is extremely important to double check if it is a trusted website before clicking on the link.
  3. A good way to check to see if a website is legitimate is to scroll over the URL. If the URL says something different than where you are trying to go, you know it’s a fraudulent website. For example, you may receive an email that says donate here for hurricane disaster relief efforts at, but when you scroll over the hyperlink it would say
  4. Never even open a spam email, let alone click on the attachments or links inside, and never reply to an email with or give any personal information to a website that you are not 100% positive is legitimate.

You should always be following safe email practices, but in the wake of disastrous events it is especially important to be on the lookout for phishing and malware schemes since they routinely spike under these circumstances. Once your technology is compromised, it is expensive to fix, so don’t put yourself in that position. If you have any questions about how to prevent yourself from becoming a victim of a malware or phishing attack, don’t hesitate to give us a call here at OptfinITy at 703-790-0400 or visit us on our website at

By -- 2018-09-18 in Blog

If you are running a small business or organization, you can’t afford to be spending money on anything that isn’t directly boosting awareness or increasing revenue. While paying for ad space on websites with high amounts of traffic is a great way to get your name out there, it is important to be wary of fraudulent websites. These websites will appear to be good options but are in fact phony websites stuffed with keywords which make their site rank high on Google.

Ad fraud is a killer for small organizations and continues to put thousands out of business by draining them of their advertising budget and leaving them with no return on their investment. A recent article from provides a few suggestions on how to avoid becoming a victim of ad fraud.

  1. Always question the sources of traffic when purchasing ad space. A great way to do this is to run buying tests using third-party verification for both non-human and invalid traffic to make sure you are not being scammed and throwing away your money.
  2. Always work directly with advertisers and make sure it’s someone you can talk to, ensuring that it’s a real person. Many scams will hide their identities and it is therefore recommended to only deal with advertisers who can prove their identities.
  3. Use AI which can help you fight ad fraud by filtering fraudulent IP addresses, cleaning spam bots, monitoring site traffic, and detecting sophisticated click fraud. AI is the most effective defense mechanism you can use to fight ad fraud due to its capability to analyze complex data and its self-learning mode.

It seems the list goes on and on for the types of scams on the internet these days, and with the ever-increasing dependence on technology, it is extremely important to be aware of the threats your organization faces. If you have any questions about how to keep your organization secure, don’t hesitate to give us a call at 703-790-0400 or visit us on our website at

By -- 2018-09-13 in Blog

It seems there is an app for almost everything today, and your business or organization should be no exception. Having a mobile app for your business establishes credibility and gives people another way to interact with your organization. Perhaps your organization already has in place a responsive website that allows for an optimal user experience on every device and you’re thinking why create an app? A recent article answers this question and illustrates the importance of creating a mobile app for your organization.

Due to the increasing number of smart phone users, mobile apps provide an easy-to-use alternative to your website since they are built specifically for mobile devices and touch navigation. Therefore, your app can be used as a fun, interactive platform to engage with those interested in your organization.

Since the number of mobile apps continues to grow, having one for your organization gives a boost to your organization’s credibility and will allow you to keep up with or even set yourself apart from the competition. People spend way more time on their phones than their other devices such as laptops or computers. Therefore, if you direct someone to your app to answer any questions they may have about your organization, you already have the upper hand on an organization with only a website because they will be able to access your information instantly from wherever they are.

You can also use your app to give clients a more personalized experience by giving them the option to enable receiving notifications that will keep them in the loop with what’s going on in your business or organization. For example, you could send them notifications about upcoming events or special promotions. Instead of sending a promotional announcement via email and risking it being sent to junk or deleted, the same brief notification would show up on their smart phone screen ensuring they would see it.

As always, OptfinITy is here to assist your business or organization with its IT needs and we do create Mobile apps. If you have any questions about our mobile app development services, feel free to give us a call at 703-790-0400 or visit us on our website at

By -- 2018-09-12 in Blog

While it appears the DC Metro area is not going to get the brunt of the storm this time around, it is important to prepare your business for potential disasters like Hurricane Florence.

In addition to the potential for damaging winds, other things to consider include flooding, loss of electricity for prolonged times and the potential loss of internet and telecommunication systems.   In order to help you prepare your business, here are a list of things you can do to get your business ready.


Review/Update/Test your Business Continuity Plan

If you are reading this and saying, what is a Business Continuity Plan, now is probably not the best time to be creating a complex one but at a minimum, your business continuity plan should a written down document that describes all of the products and services you offer your clients as well as the tools and technologies you use to operate your business.

Within that document and list should be a plan of those things you can do, should you find yourself unable to operate any of those processes or deliver any of those services.


Review Your Backups

While OptfinITy clients have backups in place which are tested and confirmed regularly, the first thing you should be doing is making sure ALL of your data is backed up AND can be restored.   It is not enough to make sure that your program confirms that the data is backed up, you need to test and make sure you can restore the data.

This includes but is not limited to server backups, cloud backups, and workstation backups.  Additionally, it is important to make sure you have backed up the configuration of your network devices.  While a network device could get an electrical surge and fail, making sure the system is backed up is the difference between being down for 1 day (time to get the new hardware) and 2-3 days to reconfigure it.   If you are not doing this regularly, talk to us about how you can.


Check Your Phone Systems and Backup Systems

Most businesses have moved to VOIP based phone systems which means that once the internet goes down (due to power other issues), their phones go down.   Many of these phone carriers/systems will allow you to forward calls to a single external number, whether that is a landline or someone’s cell phone.   You should look into how to do this and then put in place a plan for handling these phone calls.


Communicate! Consider using Social Media

So what happens if power is out, the phones don’t work and you don’t have access to your systems? You need to plan for this. Some of those things you can do include:

  • Save a copy of all contacts and emails for your clients, employees and vendors locally – even consider printing them out.
  • Make sure you can access email outside of the office (if you aren’t using cloud based email, now is the time to consider it)
  • Consider using social media channels to let people know the status of your phones, office.
  • Make sure to let your employees know of the plans before it happens, so that everyone stays out of harms way, especially if you can’t email when the storm occurs.


Make sure your Battery Backup Works

For those systems which are not mission critical, we recommend powering down and unplugging workstations, servers and other network equipment until the storm has passed through. For those which are mission critical, it is imperative to make sure that your battery backup is working and configured properly. Computer operating systems can become corrupt if their power is cut suddenly and damage can occur to the hardware.


Monitor your on-premises server rooms.

If you have a server room in an office that could lose power, know how long your equipment can run on your battery backup power. Make sure you have a way to monitor if the power goes out and you lose cooling. You might be astonished at how much heat servers generate and how quickly a server room gets so hot that your equipment overheats.


Unsure what to do?

If you currently work with OptfinITy, just give us a call at 703-790-0400 and talk with your account manager.  If you are not already working with OptfinITy, give us a call as well and we will see how we can help.

By -- 2018-09-11 in Blog

While entering a coffee shop, a restaurant, or even the mall, the first thing many people do is connect to the WiFi network. People connect to public WiFi networks constantly to allow for better functionality on their devices or to allow them to continue to access the internet and email from devices that don’t use data such as laptops. While this is undeniably convenient, if you are not taking the right precautions while connecting to public WiFi you are putting your information and data at risk. A article provides some suggested precautions to take before and while you are connected to public WiFi.

  1. Make sure you’re connected to the right network- Pretty much everywhere you go there are going to be a variety of network options to choose from. You need to make sure you are connecting to the one that’s secure. It’s very easy and common for cybercriminals to set up malicious networks that will give them immediate access to your information once you connect. Also make sure you are using that organizations network and not something that looks like it.  For example, PANERA might be a real one while Panerawifi is not.
  2. Refrain from making online purchases- Yes, it can be tempting to jump on that flash sale. However, when you purchase something on a public network, your credit card information, even if encrypted, will be sent through the airwaves where it has a chance to be intercepted.
  3. Don’t log into anything, but if necessary, make sure its encrypted- Cybercriminals are always lurking around on public WiFi networks, and it is not uncommon to have your password stolen after logging into any type of account.
  4. Use different passwords- Regarding number three above, if your password is stolen, you don’t want it to be your password for everything. Since this obviously gives a cybercriminal the key to all your accounts and information, you want to have different and complex passwords for each one.
  5. Use a Virtual Private Network (VPN)- Although setting one up can be complicated, it is well worth it since it will essentially turn your public internet session into a private one. VPNs are commonly used by businesses to allow their employees to connect to their office networks and work securely from a remote location.

While it can be easy to get caught up in the convenience of having access to WiFi almost everywhere we go, it is important to remember that these networks are public, and therefore, anything you wouldn’t want other people to see should not be done while using these networks. If you have any questions about VPNs or WiFi security give us a call here at OptfinITy at 703-790-0400 or visit us on our website at

By -- 2018-09-6 in Blog

We use passwords for everything. Our email, social media, bank accounts, and many other online platforms require passwords for access. Since passwords are needed for so many things, many people choose to go with easy-to-remember passwords, or use one password for everything. While it may be convenient to not have to memorize a bunch of passwords or forget the composition of a complex one, you are essentially leaving all your personal information out in the open if you create weak passwords. A recent article from gives some basic do’s and don’ts for password creation as well as addresses the issue of forgetting your complex password.

Here are some of those items:

  1. Don’t use a simple pattern. Example: “qwertyuiop” or “asdfghjk”
  2. Don’t use a favorite sports team. If you must, substitute characters for letters.
  3. Use your birthyear at the end of a phrase but don’t use it alone.
  4. Never use your children’s names.
  5. Don’t use swear words and phrases, hobbies, famous athletes, car brands, or movie names.

What you should be doing is ensuring that:

  1. All passwords have at least eight characters or more and contain a mix of character types.
  2. Your password is changed often…at least once a month for bank and other financial related logins or that it is adequately complex using a password tool.

An easy trick to create unique, strong passwords, is to come up with a phrase that you will remember such as “I eat 4 tacos for lunch daily.” You can take the first letter from each word in the phrase, turn the “four” into a number, and you have your base password: ie4tfld. Then, to create unique passwords for your different accounts, use the first and last letters of the account you are signing into and insert them in the beginning and end of the base password. Capitalize the first or last letter and you have a strong, unique password for every site. For example, your password for your Netflix account would be nie4tfldX, and your password for your Hulu account would be Hie4tfldu.

As always, OptfinITy is here to answer any questions regarding technology for your business or organization. If you have any doubts about password strength or protection don’t hesitate to give us a call at 703-790-0400, or visit us on our website at

By -- 2018-09-4 in Blog

Whether you like it or not, Google has the ability to track where you are at all times if you are using any of their apps on your smart phone.  Although there are benefits to having your location known, such as the ability to quickly get directions to a restaurant nearby or check the local weather, you may prefer your privacy over these convenient features.

Google offered the option to pause your location history which they said meant your location will no longer be stored, but it turns out that many Google apps such as maps and weather will continue to store time-stamped location data without your permission even while the pause your location history setting is activated.

To prevent the ongoing collection of location data, there is another setting you will need to deactivate that you may have never noticed before which is called “Web & App Activity.” This setting is enabled by default, and you would never know by reading its description that it affects the collection of location data, but rather that it is only related to your search engine results.

By pausing these settings you will miss out on the positive features that come along with them such as personalized web browsing with suggestions based on your current location and browsing history, but you can also feel at ease knowing that Google isn’t creating a time stamp for every move you make on your smart phone.

If you have any questions about how the location services are being used on your mobile device, or want to learn more about network privacy and security, give OptfinITy a call at 703-790-0400 or visit our website at

By -- 2018-08-30 in Blog

With hurricane season now in full swing, it’s time to think about precautions to take in the event of a major storm to prevent disastrous loss of data. This recent article provided some strategies to avoid, and some of those highlights include:

  • Make sure to back up everything including power, file, and server backups.
  • When a storm is approaching, turn off your devices beforehand to prevent them from attempting to reboot themselves and cause serious shortages in electricity.
  • Utilize uninterruptable power supplies for your electronic devices which will allow you time to save and close important programs in the event of a power outage.

Keep backups off site to keep your information safe if your main equipment is damaged or destroyed. As always, OptfinITy is here to answer any questions you may have regarding how to best prepare your technology for a hurricane or other disaster. If we can provide any assistance, give us a call at 703-790-0400 or visit us on the web at

By -- 2018-08-28 in Blog

While you have probably heard about bitcoin, you may not be familiar with a new type of cybercrime on the rise called cryptojacking. Cryptojacking is essentially when a cybercriminal uses someone else’s computer or web browser without their permission to develop cryptocurrency. They usually infiltrate their victim’s system through a phishing email or an infected website and then utilize the infected machine for a long period of time before people notice.

What can you do to protect yourself? A few recommendations include:

  1. Make your employees aware of cryptojacking. Remind them to not open strange or suspicious emails and never open attachments or click on links they aren’t expecting to receive.
  2. Install ad blockers, specifically ones that have the capability to block cryptomining scripts.
  3. Maintain and monitor browser extensions and keep your web filtering tools up to date.

As mentioned above, it can be difficult to know when a hacker is cryptomining on your computer or website so be sure to keep on the lookout for a variety of red flags including:

  1. A sudden high number of help desk complaints regarding slow computer performance.
  2. Overheating Systems.
  3. File changes on your web server or changes to pages on your website.

This is only the beginning for cryptomining given that the amount of money to be made via illegal cryptomines is extremely high and requires little technical skill. You don’t want your organization to be responsible for exposing visitors to your website to crytomining script, so if you want to learn more about how to keep yourself and your organization protected, don’t hesitate to give us a call at 703-790-0400 or visit us on the web at

By -- 2018-08-15 in OptfinITy News

OptinITy to present at the annual Fairfax County Small Business Forum

The Small Business Forum offers small business owners opportunities to network, seek coaching and “find out what is available in our business ecosystem” by engaging with fellow business people, Fairfax County agencies, Federal agencies, larger corporations who seek subcontractors, and business services exhibitors all under one roof for five hours (all costs are absorbed by Fairfax County as part of their community service).  The 2017 Forum had 500+ small business attendees.  Some of the past successes include several small businesses securing contracts during our Forum, as well as numerous long-standing business relationships initiated during sessions.

We hope to see you there.