Let’s be honest—our phones won’t stop ringing. But it’s not friends or family checking in. Instead, it’s the “IRS” demanding money, “credit card companies” warning about missed payments, or scammers trying to steal personal information.

Americans will receive over 52 billion robocalls this year. Many people, myself included, ignore unknown numbers to avoid spam.

Scammers Are Getting Smarter

Companies like Apple now warn users about “scam likely” calls, but scammers keep evolving. They spoof local numbers and well-known companies to appear legitimate. Lately, they’ve even sent SMS messages that appear to come from your own phone number.

How to Protect Yourself

Companies are working to stop robocalls, but you can take steps to stay safe:

• Ignore unknown numbers – Don’t answer blocked or unfamiliar calls.
• Beware of local-looking numbers – Scammers spoof numbers to seem local.
• Avoid saying “Yes” – Don’t respond to questions that prompt a “Yes” answer.
• Verify companies directly – If a caller claims to represent a company, hang up and call the official number from their website.
• Hang up on suspicious calls – If you hear, “Hello, can you hear me?” or a prompt to press a number, disconnect immediately.

Why You Shouldn’t Engage

Interacting with these calls confirms your number is active. Scammers then sell your number, leading to even more spam.

Apple users can enable “Silence Unknown Callers” to send calls from unknown numbers straight to voicemail.

Stop Spam Text Messages

If spam texts flood your inbox, forward them to 7726 (SPAM) to alert your carrier. This won’t block the number but helps stop future scams.

Need Help?

For questions about spam calls, contact us at info@optfinity.com.

What do you do when you have a dumb question? You Google it, right? Just like when you’re sick and want to avoid going to the doctors, so you self-diagnose based off your Google results. I’m sure you have searched numerous odd things in Google throughout the years, I know I have. What if I told you someone could access all your Google searches? Is your face turning red yet? Don’t freak out just yet, there’s a way to keep your searches private.

So, what is Google tracking?

All the contents in your inbox from receipts to private messages including medical documents and bills are scanned by Google. There is a setting called “Smart Compose” that allows Google to scan your emails as you type them. Its purpose is to help you write faster by finishing common phrases.

Turn off Smart Compose

• Open Gmail
• Click on the gear icon in the upper right corner for settings
• Select see all settings
• Click general tab near top of page
• Go to the smart compose section
• Turn writing suggestions off by clicking on the circle next to it
• Click save changes at the bottom

Please note Google will still have access to all the content in your emails unless you switch to a privacy-based email inbox.

Switch to privacy-based email

• Click on the gear icon in top right corner of Gmail and click settings
• Scroll down to E-mail via Google+ option
• Click on the drop-down dialog box Anyone on Google+ set by default and change it to the degree of privacy you want
• Click save changes once you are finished

For more information regarding online safety, reach out to us at info@optfinity.com

Why Clearing Your Cache is Important

You might not think about clearing your cache, but if your phone starts running slower than usual, it’s time to consider it. Clearing your cache does more than just speed up your phone during web browsing; it also keeps things organized and functioning smoothly.

What Happens When You Don’t Clear Your Cache?

Clearing your cache is like cleaning your digital countertop. Without it, your device becomes cluttered. When you visit a website, your phone downloads information like photos, banners, and other data. Your browser stores this information in the cache for easier retrieval. Sounds useful, right? Not quite. Over time, the cached data becomes outdated and no longer matches the current data from the website. This mismatch causes slower loading times and distorted website layouts—similar to a cluttered counter that makes it hard to get anything done.

Benefits of Clearing Your Cache

Clearing your cache gives websites a fresh start in your browser, frees up storage space, and improves overall performance. However, it will sign you out of sites you’re currently logged into. While logging back in might be inconvenient, it ensures faster, more accurate performance.

How to Clear Your Cache on iPhone

Before clearing your cache, remember that all devices signed into your iCloud account will be logged out. You’ll need to sign back in when you use them again. Follow these steps to clear your iPhone’s Safari cache:

1. Open the Settings app on your iPhone
2. Select Safari from the list of apps
3. Go to Advanced > Website Data
4. Scroll down and select Clear History and Website Data
5. Choose Remove Now in the pop-up

How Often Should You Clear Your Cache?

You should clear your cache about once every two months. If you frequently visit a variety of sites, consider doing it more often.

For any questions about clearing your cache, reach out to us at info@optfinity.com.

Apple recently announced back-to-back updates for iOS and Safari operating systems where an attacker could take control of your iPhone or Mac devices. Both updates address major security vulnerabilities, one which allows an application to execute arbitrary code on your device, giving them control of your device while the second one is in the component that powers Safari, mail, and many other apps

Apple has developed a patch for the operating systems. Since both vulnerabilities are likely actively being exploited, Apple users should install the patches by downloading the latest software update as soon as possible.

Business users should be on a plan which has constant monitoring and updating. If you are interested in learning more about the plans OptfinITy offers, feel free to email us at info@optfinity.com or call us at 703-790-0400.

Chinese Government’s $100 Million Proposal

In 2017, the Chinese government offered to invest $100 million to build an ornate Chinese Garden at the National Arboretum in Washington, D.C. The garden would include temples, pavilions, and a 70-foot white pagoda. At first glance, this proposal seemed like a great way to attract tourists.

U.S. Counterintelligence Uncovers Red Flags

However, U.S. counterintelligence officials dug deeper and discovered some concerning details. The pagoda would have been positioned on one of the highest points in Washington, D.C., just two miles from the U.S. Capitol—an ideal location for signals intelligence collection. Moreover, the Chinese officials planned to build the pagoda using materials shipped in diplomatic pouches. U.S. Customs officials would have been prohibited from inspecting these materials.

Project Canceled After Investigation

Upon uncovering these red flags, federal officials acted swiftly and halted the project before construction began. Since 2017, the government has closely investigated Chinese land purchases near critical infrastructure.

Concerns Over Huawei Equipment Near U.S. Military Bases

The FBI’s investigation revealed even more alarming findings. They discovered Chinese-made Huawei equipment installed atop cell towers near U.S. military bases in the Midwest. This equipment had the potential to capture and disrupt highly sensitive Department of Defense communications, including those used by U.S. Strategic Command, which oversees the nation’s nuclear weapons.

Chinese Denial of Espionage Efforts

The Chinese government denies any attempt to spy on the U.S. However, it remains unclear whether any data was intercepted and sent back to Beijing from these towers.

Protecting Your Organization

If the Chinese government is indeed using this equipment for espionage, it raises serious concerns about how secure your organization is. What steps are you taking to protect your data and communications?

For more information on online safety, feel free to contact us at info@optfinity.com.

Cisco Systems, the maker of some of the worlds most complex networking equipment recently suffered a hacking attack.  Except, it wasn’t done via computer.

Vishing or voice phishing is a type of cyberattack where malicious actors use phone calls in attempt to collect confidential information from their targets.

Cisco believes the attack was conducted by hackers linked to the UNC2447 cybercrime gang, Lapsus$ threat actor group and Yanluowang ransomware operators.

These same actors also recently attacked Microsoft Azure, Samsung, T-Mobile, Okta, Nvidia, and Globant.

Luckily for Cisco, no ransomware was detected and Cisco successfully blocked attempts to access the company’s network.

How did this happen?

On May 24, 2022, Cisco was made aware that one of their employee’s credentials were compromised. An attacker gained control of the employee’s personal Google account where credentials saved in the victim’s browser were being synchronized.

The attacker conducted multiple sophisticated voice phishing attacks disguised as various trusted organizations. The attacker convinced the victim to accept the multifactor authentication (MFA) push notification initiated by the attacker. The MFA acceptance gave the attacker access to VPN in the context of the victim.

Regardless of the incident, Cisco continues to promote MFAs such as Duo to protect your accounts.  Do you have 2FA turned on for all of your accounts?  Are you training your employees on the best practices when it comes to online safety?

For more information on online safety including security awareness training, please contact us at info@optfinITy.com.

Apple Announces New Lockdown Mode

Apple is introducing a new feature designed to protect its users from advanced hacking and targeted spyware. Unlike typical Apple features that focus on bug fixes or improving battery life, this feature provides enhanced security measures for devices.

Key Security Features

The new lockdown mode includes several protection features:

• Blocking Attachments and Link Previews: Apple will block attachments and link previews in messages.
• Limiting Hackable Web Technologies: It will restrict potentially vulnerable web browsing technologies.
• Screening Incoming FaceTime Calls: The system will prevent FaceTime calls from unknown numbers.
• Accessory Connection Restrictions: Apple devices will only accept accessory connections when the device is unlocked.

This lockdown mode will be available for iPhones, iPads, and Mac computers.

Free Release and Research Funding

Apple plans to release the new lockdown mode later this year, and it will be free for all Apple users. In addition, Apple announced a $10 million grant and a bug bounty of up to $2 million to encourage further research into improving device security.

Previous Efforts to Combat Hackers

In response to the Pegasus spyware, Apple issued a free software update last year to prevent the company from developing or selling any more hacker tools. Additionally, Apple began sending “threat notifications” to potential victims of these tools. Since November, Apple has notified people in approximately 150 countries, though most individuals will not be targeted by highly sophisticated cyberattacks.

Plans for Expansion

Apple plans to expand the lockdown mode over time. Currently, the feature disables various computer functions that could expose users to potential attacks.

Competition from Google

Apple is not the only company enhancing its security measures. Google has introduced “Advanced Account Protection,” designed to safeguard individuals at higher risk of targeted online attacks. This feature adds an extra layer of security to logins and downloads.

Apple’s Ongoing Commitment to Security

Apple remains dedicated to strengthening its security features and continues researching this growing threat to enhance protection for its users.

For more information about online safety, contact us at info@Optfinity.com.

Could you be providing people around you with your personal information and not really know it? You probably are.

A security researcher sat outside a coffee shop and was able to read individuals’ current location; and even past locations, including but not limited to the gym they go to, their job, and even their home.

Using an online database and a wireless auditing device, any educated computer user could possibly track someone’s location. In fact, when you aren’t connected to your Wi-Fi at work or at home, your phone is sending out signals to find networks to connect to. The signal from your phone can then be cross-referenced to see where you are based on the networks you are near.

So, what can you do? First, it is highly recommended to change the name of your home Wi-Fi network at least once a year. Make sure to use a common name such as a favorite band. By adding “_NOMAP” to the end of your home Wi-Fi name, this also lets mapping companies know you don’t want your Wi-Fi network published online, although that is not a guarantee.

For more information about what else you can do including network connection safety practices, reach out to us at info@OptfinITy.com

Have you received an email from a payment service that looks like this?

At a glance, it appears to be a legitimate email containing an invoice. However, a closer look reveals several discrepancies that show this email is a phishing attempt, received by someone here at OptfinITy.

A legitimate and trusted payment service like PayPal would never include these discrepancies in an email invoice. Here are some red flags within this email and things you should look out for before clicking on any email containing financial information:

Red Flags to Watch Out For

Check if it was sent to the right account
Though we anonymized the person who received this email, that person received the invoice on an email account different from the one linked to their PayPal account.

Check names
This invoice lists the recipient as Patric Smith, even though Mike Duncombe is initially listed as the invoice sender. Neither of these names belongs to the account holder who received this invoice.

Check for spelling and formatting errors
The phone number listed is incorrect.
A quick Google search will reveal that PayPal’s customer service number is +1 (888) 221-1161, not the one listed in the email.

What Are Next Steps?
Most reputable payment processors have channels through which you can report phishing emails. If you believe you’ve received a phishing email from an entity claiming to be PayPal, forward the entire email to spoof@paypal.com, and do not alter the subject line or forward the message as an attachment. Afterward, delete the suspicious email. PayPal will investigate the email and inform you of their findings.

Did you know we provide phishing test services? If you’d like to test yourself and your employees and gauge how susceptible your organization is to fraudulent messages, reach out to us at info@OptfinITy.com