Is now the time to go completely cloud based?

Have you been considering if now could be the right time to switch your small business completely to the cloud?  Cloud computing offers many advantages to small businesses and nonprofit organizations, but will it maintain the safety of private information for both your business and customer? The following are things to think about if you make the switch, according to an article from smallbiztechnology.com:

• Train workers to identify attacks by using Security Awareness training software
  • Teach staff to avoid using email links and instead go directly to a website
  • Ensure staff is aware of what phishing attacks may look like and how they work
• Install antivirus and XDR protection
  • Every company device should have the latest virus and malware protection
• Require strong passwords
  • A strong password would include uppercase and lowercase letters, as well as numbers and characters
• Implement password policies which require password changes and complexity requirements
• Set security policies
  • Clearly define protocols such as what to do with unneeded customer data, how often to change passwords, and who can access that data
• Make sure you are complying with the laws
  • Learn the rules regarding data protection based on your companies and your customer’s locations
• Budget
  • Set aside a percentage of your IT budget for security and adjust as needed

Cloud computing can be just as safe as any other form of digital data storage when the proper precautions are taken.

If you have any questions about cloud computing or how best to protect your organization, please contact us at info@optfinity.com.

Do you have an Amazon Alexa in each room too? She’s always there when we need her because she’s always listening. Do you ever wonder if she’s listening a little too much? Smart devices can be very useful, but they can also be really creepy. Can you imagine being woken up by your Amazon Alexa device laughing? There have been hundreds of reports of Alexa devices laughing for no reason. Amazon claims the device is misinterpreting other phases with “Alexa, laugh!” Amazon changed the command to “Alexa, can you laugh?” to avoid triggering the device to laugh. Amazon hopes adding a few extra words will reduce the confusion for Alexa and eliminate the eerie issue. Some customers have complained that they were woken up in the middle of the night by Alexa’s laugh even though no one was talking.

We all enjoy being a little spooked during Halloween time, but I think the Amazon Alexa took it a little too far.

For more information regarding online safety, reach out to us at info@optfinity.com.

Did you hear? Samsung is experiencing a cybersecurity incident. Although the company has informed the public that social security numbers as well as debit card numbers were not accessed, customer’s name, contact and demographic information, date of birth and project registration information have been.

Samsung claims someone gained unauthorized access to their systems in late July. In early August, it was determined that the attacker had obtained customer data, but consumer devices were not affected. Samsung has taken action to secure its systems.

Samsung does not believe it is necessary for customers to take immediate action based on their investigation although the company does suggest that individuals use caution if they receive unsolicited emails relating to Samsung products.

If you would like more information regarding online safety, reach out to us at info@optfinITy.com.

If you’re using Google Chrome, it’s time to check for a critical security update. Google released a Chrome update to patch a significant vulnerability that is actively being exploited in ongoing cyberattacks. Google urged users to update Chrome as soon as possible.

How to update Chrome on iPhone or iPad:

• Open the App Store app on your iPhone or iPad
• Tap Profile Properties in the top right corner. This will open a screen labelled Account. Scroll to Available Updates
• Search for Google Chrome. Tap Update to install the latest browser updates. (You may be asked to provide your Apple ID and password)

If Chrome isn’t listed under available updates, you can go to Google Chrome in the App Store. You may see an option to update Chrome appear, you can tap that button to begin updating.

How to update Chrome on a desktop

It doesn’t matter whether you are using MacOS or Windows, your google Chrome update process is the same.

• Open Google Chrome and click on the More menu (it’s located in the top right corner; it looks like three dots stacked vertically)
• Now you’ll see if an update has been recently released. A green icon means an update was released less than two days ago. An orange icon means there’s been a pending update for four days now. A red icon means an update has been available for at least a week
• Near the bottom of the More menu, click Help and then click About Google Chrome.
• In the new screen that opens, click the Update Google Chrome button (if you don’t see the button, it means you’re already up to date)
• After you’ve clicked the Update Google Chrome button, click Relaunch to finish the update

Chrome will now restart, and you’ll be up to date.

If you have any questions on updating Google Chrome or protecting yourself from security bugs, please contact us at info@optfinity.com.

Let’s be honest, our phones are constantly ringing but not because friends and family miss us and want to talk. It’s the “IRS” asking for money or “credit card companies” telling us we missed a payment, or our account was hacked. It’s telemarketers and scammers attempting to steal our personal information and hack into our accounts.

Americans are expected to get over 52 billion robocalls just within this year alone. I don’t know about you, but I don’t pick up the phone unless I recognize the number, I’d rather risk missing an important call than deal with a spam call.

Although companies like Apple have taken action to warn us about the “scam likely” calls, attackers are becoming more sophisticated. Attackers have been spoofing local numbers and those of popular companies to convince you that they are authentic. Recently, these attackers have been using SMS text messages that come from your own phone number.

Regardless of how the attackers are making their move, companies are trying to make it stop but here is what you can do:

• Don’t answer calls from blocked/unknown numbers
• Don’t answer calls from number you don’t recognize
• Don’t assume incoming calls are from a local number just because it looks like it
• Don’t respond to any questions that can be answered with “Yes”
• If someone calls claiming to be with a specific company, hang up and call that company using their official number from their website to be certain
• If you answer the phone and hear “Hello, can you hear me?” hang up
• If you receive a call requesting you to click a number before being connected to a representative, hang up

By interacting with a voice prompt, you’re verifying that your number is real. They can then sell your number to another company who will begin targeting your number more frequently. If you are an Apple user, Apple has an option to “Silence unknown callers.” This will add the option to route calls from numbers not found in your contacts, mail, or messages to your voicemail.

If you start receiving a lot of spam text messages, you can forward the message to number 7726 (this spells “spam”). This won’t stop the number from texting you, but it will notify your carrier to investigate it and hopefully put an end to it.

If you have any questions about receiving spam calls, please contact us at info@optfinity.com.

What do you do when you have a dumb question? You Google it, right? Just like when you’re sick and want to avoid going to the doctors, so you self-diagnose based off your Google results. I’m sure you have searched numerous odd things in Google throughout the years, I know I have. What if I told you someone could access all your Google searches? Is your face turning red yet? Don’t freak out just yet, there’s a way to keep your searches private.

So, what is Google tracking?

All the contents in your inbox from receipts to private messages including medical documents and bills are scanned by Google. There is a setting called “Smart Compose” that allows Google to scan your emails as you type them. Its purpose is to help you write faster by finishing common phrases.

Turn off Smart Compose

• Open Gmail
• Click on the gear icon in the upper right corner for settings
• Select see all settings
• Click general tab near top of page
• Go to the smart compose section
• Turn writing suggestions off by clicking on the circle next to it
• Click save changes at the bottom

Please note Google will still have access to all the content in your emails unless you switch to a privacy-based email inbox.

Switch to privacy-based email

• Click on the gear icon in top right corner of Gmail and click settings
• Scroll down to E-mail via Google+ option
• Click on the drop-down dialog box Anyone on Google+ set by default and change it to the degree of privacy you want
• Click save changes once you are finished

For more information regarding online safety, reach out to us at info@optfinity.com

Why Clearing Your Cache is Important

You might not think about clearing your cache, but if your phone starts running slower than usual, it’s time to consider it. Clearing your cache does more than just speed up your phone during web browsing; it also keeps things organized and functioning smoothly.

What Happens When You Don’t Clear Your Cache?

Clearing your cache is like cleaning your digital countertop. Without it, your device becomes cluttered. When you visit a website, your phone downloads information like photos, banners, and other data. Your browser stores this information in the cache for easier retrieval. Sounds useful, right? Not quite. Over time, the cached data becomes outdated and no longer matches the current data from the website. This mismatch causes slower loading times and distorted website layouts—similar to a cluttered counter that makes it hard to get anything done.

Benefits of Clearing Your Cache

Clearing your cache gives websites a fresh start in your browser, frees up storage space, and improves overall performance. However, it will sign you out of sites you’re currently logged into. While logging back in might be inconvenient, it ensures faster, more accurate performance.

How to Clear Your Cache on iPhone

Before clearing your cache, remember that all devices signed into your iCloud account will be logged out. You’ll need to sign back in when you use them again. Follow these steps to clear your iPhone’s Safari cache:

1. Open the Settings app on your iPhone
2. Select Safari from the list of apps
3. Go to Advanced > Website Data
4. Scroll down and select Clear History and Website Data
5. Choose Remove Now in the pop-up

How Often Should You Clear Your Cache?

You should clear your cache about once every two months. If you frequently visit a variety of sites, consider doing it more often.

For any questions about clearing your cache, reach out to us at info@optfinity.com.

Apple recently announced back-to-back updates for iOS and Safari operating systems where an attacker could take control of your iPhone or Mac devices. Both updates address major security vulnerabilities, one which allows an application to execute arbitrary code on your device, giving them control of your device while the second one is in the component that powers Safari, mail, and many other apps

Apple has developed a patch for the operating systems. Since both vulnerabilities are likely actively being exploited, Apple users should install the patches by downloading the latest software update as soon as possible.

Business users should be on a plan which has constant monitoring and updating. If you are interested in learning more about the plans OptfinITy offers, feel free to email us at info@optfinity.com or call us at 703-790-0400.

Chinese Government’s $100 Million Proposal

In 2017, the Chinese government offered to invest $100 million to build an ornate Chinese Garden at the National Arboretum in Washington, D.C. The garden would include temples, pavilions, and a 70-foot white pagoda. At first glance, this proposal seemed like a great way to attract tourists.

U.S. Counterintelligence Uncovers Red Flags

However, U.S. counterintelligence officials dug deeper and discovered some concerning details. The pagoda would have been positioned on one of the highest points in Washington, D.C., just two miles from the U.S. Capitol—an ideal location for signals intelligence collection. Moreover, the Chinese officials planned to build the pagoda using materials shipped in diplomatic pouches. U.S. Customs officials would have been prohibited from inspecting these materials.

Project Canceled After Investigation

Upon uncovering these red flags, federal officials acted swiftly and halted the project before construction began. Since 2017, the government has closely investigated Chinese land purchases near critical infrastructure.

Concerns Over Huawei Equipment Near U.S. Military Bases

The FBI’s investigation revealed even more alarming findings. They discovered Chinese-made Huawei equipment installed atop cell towers near U.S. military bases in the Midwest. This equipment had the potential to capture and disrupt highly sensitive Department of Defense communications, including those used by U.S. Strategic Command, which oversees the nation’s nuclear weapons.

Chinese Denial of Espionage Efforts

The Chinese government denies any attempt to spy on the U.S. However, it remains unclear whether any data was intercepted and sent back to Beijing from these towers.

Protecting Your Organization

If the Chinese government is indeed using this equipment for espionage, it raises serious concerns about how secure your organization is. What steps are you taking to protect your data and communications?

For more information on online safety, feel free to contact us at info@optfinity.com.

Cisco Systems, the maker of some of the worlds most complex networking equipment recently suffered a hacking attack.  Except, it wasn’t done via computer.

Vishing or voice phishing is a type of cyberattack where malicious actors use phone calls in attempt to collect confidential information from their targets.

Cisco believes the attack was conducted by hackers linked to the UNC2447 cybercrime gang, Lapsus$ threat actor group and Yanluowang ransomware operators.

These same actors also recently attacked Microsoft Azure, Samsung, T-Mobile, Okta, Nvidia, and Globant.

Luckily for Cisco, no ransomware was detected and Cisco successfully blocked attempts to access the company’s network.

How did this happen?

On May 24, 2022, Cisco was made aware that one of their employee’s credentials were compromised. An attacker gained control of the employee’s personal Google account where credentials saved in the victim’s browser were being synchronized.

The attacker conducted multiple sophisticated voice phishing attacks disguised as various trusted organizations. The attacker convinced the victim to accept the multifactor authentication (MFA) push notification initiated by the attacker. The MFA acceptance gave the attacker access to VPN in the context of the victim.

Regardless of the incident, Cisco continues to promote MFAs such as Duo to protect your accounts.  Do you have 2FA turned on for all of your accounts?  Are you training your employees on the best practices when it comes to online safety?

For more information on online safety including security awareness training, please contact us at info@optfinITy.com.