Chinese Government’s $100 Million Proposal

In 2017, the Chinese government offered to invest $100 million to build an ornate Chinese Garden at the National Arboretum in Washington, D.C. The garden would include temples, pavilions, and a 70-foot white pagoda. At first glance, this proposal seemed like a great way to attract tourists.

U.S. Counterintelligence Uncovers Red Flags

However, U.S. counterintelligence officials dug deeper and discovered some concerning details. The pagoda would have been positioned on one of the highest points in Washington, D.C., just two miles from the U.S. Capitol—an ideal location for signals intelligence collection. Moreover, the Chinese officials planned to build the pagoda using materials shipped in diplomatic pouches. U.S. Customs officials would have been prohibited from inspecting these materials.

Project Canceled After Investigation

Upon uncovering these red flags, federal officials acted swiftly and halted the project before construction began. Since 2017, the government has closely investigated Chinese land purchases near critical infrastructure.

Concerns Over Huawei Equipment Near U.S. Military Bases

The FBI’s investigation revealed even more alarming findings. They discovered Chinese-made Huawei equipment installed atop cell towers near U.S. military bases in the Midwest. This equipment had the potential to capture and disrupt highly sensitive Department of Defense communications, including those used by U.S. Strategic Command, which oversees the nation’s nuclear weapons.

Chinese Denial of Espionage Efforts

The Chinese government denies any attempt to spy on the U.S. However, it remains unclear whether any data was intercepted and sent back to Beijing from these towers.

Protecting Your Organization

If the Chinese government is indeed using this equipment for espionage, it raises serious concerns about how secure your organization is. What steps are you taking to protect your data and communications?

For more information on online safety, feel free to contact us at info@optfinity.com.

Cisco Systems, the maker of some of the worlds most complex networking equipment recently suffered a hacking attack.  Except, it wasn’t done via computer.

Vishing or voice phishing is a type of cyberattack where malicious actors use phone calls in attempt to collect confidential information from their targets.

Cisco believes the attack was conducted by hackers linked to the UNC2447 cybercrime gang, Lapsus$ threat actor group and Yanluowang ransomware operators.

These same actors also recently attacked Microsoft Azure, Samsung, T-Mobile, Okta, Nvidia, and Globant.

Luckily for Cisco, no ransomware was detected and Cisco successfully blocked attempts to access the company’s network.

How did this happen?

On May 24, 2022, Cisco was made aware that one of their employee’s credentials were compromised. An attacker gained control of the employee’s personal Google account where credentials saved in the victim’s browser were being synchronized.

The attacker conducted multiple sophisticated voice phishing attacks disguised as various trusted organizations. The attacker convinced the victim to accept the multifactor authentication (MFA) push notification initiated by the attacker. The MFA acceptance gave the attacker access to VPN in the context of the victim.

Regardless of the incident, Cisco continues to promote MFAs such as Duo to protect your accounts.  Do you have 2FA turned on for all of your accounts?  Are you training your employees on the best practices when it comes to online safety?

For more information on online safety including security awareness training, please contact us at info@optfinITy.com.

Apple Announces New Lockdown Mode

Apple is introducing a new feature designed to protect its users from advanced hacking and targeted spyware. Unlike typical Apple features that focus on bug fixes or improving battery life, this feature provides enhanced security measures for devices.

Key Security Features

The new lockdown mode includes several protection features:

• Blocking Attachments and Link Previews: Apple will block attachments and link previews in messages.
• Limiting Hackable Web Technologies: It will restrict potentially vulnerable web browsing technologies.
• Screening Incoming FaceTime Calls: The system will prevent FaceTime calls from unknown numbers.
• Accessory Connection Restrictions: Apple devices will only accept accessory connections when the device is unlocked.

This lockdown mode will be available for iPhones, iPads, and Mac computers.

Free Release and Research Funding

Apple plans to release the new lockdown mode later this year, and it will be free for all Apple users. In addition, Apple announced a $10 million grant and a bug bounty of up to $2 million to encourage further research into improving device security.

Previous Efforts to Combat Hackers

In response to the Pegasus spyware, Apple issued a free software update last year to prevent the company from developing or selling any more hacker tools. Additionally, Apple began sending “threat notifications” to potential victims of these tools. Since November, Apple has notified people in approximately 150 countries, though most individuals will not be targeted by highly sophisticated cyberattacks.

Plans for Expansion

Apple plans to expand the lockdown mode over time. Currently, the feature disables various computer functions that could expose users to potential attacks.

Competition from Google

Apple is not the only company enhancing its security measures. Google has introduced “Advanced Account Protection,” designed to safeguard individuals at higher risk of targeted online attacks. This feature adds an extra layer of security to logins and downloads.

Apple’s Ongoing Commitment to Security

Apple remains dedicated to strengthening its security features and continues researching this growing threat to enhance protection for its users.

For more information about online safety, contact us at info@Optfinity.com.

Could you be providing people around you with your personal information and not really know it? You probably are.

A security researcher sat outside a coffee shop and was able to read individuals’ current location; and even past locations, including but not limited to the gym they go to, their job, and even their home.

Using an online database and a wireless auditing device, any educated computer user could possibly track someone’s location. In fact, when you aren’t connected to your Wi-Fi at work or at home, your phone is sending out signals to find networks to connect to. The signal from your phone can then be cross-referenced to see where you are based on the networks you are near.

So, what can you do? First, it is highly recommended to change the name of your home Wi-Fi network at least once a year. Make sure to use a common name such as a favorite band. By adding “_NOMAP” to the end of your home Wi-Fi name, this also lets mapping companies know you don’t want your Wi-Fi network published online, although that is not a guarantee.

For more information about what else you can do including network connection safety practices, reach out to us at info@OptfinITy.com

Have you received an email from a payment service that looks like this?

At a glance, it appears to be a legitimate email containing an invoice. However, a closer look reveals several discrepancies that show this email is a phishing attempt, received by someone here at OptfinITy.

A legitimate and trusted payment service like PayPal would never include these discrepancies in an email invoice. Here are some red flags within this email and things you should look out for before clicking on any email containing financial information:

Red Flags to Watch Out For

Check if it was sent to the right account
Though we anonymized the person who received this email, that person received the invoice on an email account different from the one linked to their PayPal account.

Check names
This invoice lists the recipient as Patric Smith, even though Mike Duncombe is initially listed as the invoice sender. Neither of these names belongs to the account holder who received this invoice.

Check for spelling and formatting errors
The phone number listed is incorrect.
A quick Google search will reveal that PayPal’s customer service number is +1 (888) 221-1161, not the one listed in the email.

What Are Next Steps?
Most reputable payment processors have channels through which you can report phishing emails. If you believe you’ve received a phishing email from an entity claiming to be PayPal, forward the entire email to spoof@paypal.com, and do not alter the subject line or forward the message as an attachment. Afterward, delete the suspicious email. PayPal will investigate the email and inform you of their findings.

Did you know we provide phishing test services? If you’d like to test yourself and your employees and gauge how susceptible your organization is to fraudulent messages, reach out to us at info@OptfinITy.com

Do you have an old Android phone and don’t know what to do with it? Maybe you’re considering storing it in a drawer, selling it, or trading it in. Whether your phone is too old to have a high trade-in value or you’re simply exploring trade-in alternatives, read on to discover the top 5 ways to repurpose your old Android.

1. Store Your Photos

Pictures can consume a significant amount of storage, so use your old phone to save room on your new one! Transfer photos from your new device to the old one, or use the old device as a camera. You can take it to places where you’d hesitate to bring a new phone, such as the beach or lake.

2. Turn It Into a Google Home

This process requires no downloads and no $130 Google Home purchase. First, update the phone to the latest Android OS. Next, pair it with a Bluetooth speaker and keep both plugged in at all times. Now, you can give Google commands whenever you want!

3. Convert It Into a Game Boy

Transform your old Android into a Nintendo Game Boy with a compatible Android and a $50 Hyperkin Smartboy Mobile Device. To play, use Game Boy cartridges you already own or purchase new ones. Alternatively, download Game Boy Advance apps if you don’t have cartridges.

4. Use It as a Universal Remote

Turn your old Android into a remote by downloading a remote control app and syncing it with your devices. This setup enables you to control devices like Rokus, Apple TVs, Xboxes, and even smart light bulbs.

5. Turn It Into a Home Security Camera

Repurpose your phone to monitor your home while you’re away. Download a security camera app and place the phone in a main room with a good view. Additionally, set it up outside when you’re home to see who’s at the door.

If you’re interested in discussing phasing out old devices and purchasing new ones for your office space, feel free to contact us at info@OptfinITy.com or call (703) 790-0400.

Happy Earth Day!

Earth Day inspires everyone to reflect on their efforts to keep our planet clean and thriving. Whether you compost, recycle, take short showers, or drive an electric vehicle, take time today to assess your impact on the environment and explore new ways to make a difference. Below are three technology tips that benefit both the planet and your bottom line.

1. Reduce Paper Usage

Avoid printing emails, online forms, and business manuals unless absolutely necessary for legal purposes. Minimizing paper usage protects trees and saves money on paper and ink. Paper documents also hinder efficiency since they can’t be integrated, automated, or accessed remotely. Relying on paper slows operations and increases manual labor costs. Transitioning to digital documents streamlines workflows and supports sustainability.

2. Implement Electronic and Cloud Storage

Store documents digitally by leveraging the cloud. Physical storage consumes space, air conditioning, and other costly resources. For instance, maintaining a single file cabinet can cost as much as $1,500 and one employee annually, according to the Paperless Project. Organizing paper files can be cumbersome, and natural disasters can destroy important information. By using electronic business management systems, you protect vital documents while reducing your environmental footprint.

3. Leverage Remote Work

Encourage remote or hybrid work plans if your industry permits it. Remote work reduces air pollution by cutting down on commuting. It also aligns with employee preferences, as 68% of U.S. workers favor remote work. Happier employees are more productive, with 77% of remote workers reporting increased productivity when working from home. This approach benefits your workforce, business, and the environment.

If you want to transition to cloud storage or explore remote work logistics, contact us at (703) 790-0400 or email info@OptfinITy.com.

Maximize Your Gmail Experience with These 7 Tricks

Gmail is the email platform of choice for 1.8 billion active accounts. If you’re among this vast user base, you might not be aware of all the features Gmail offers to enhance your email experience. Check out these seven tips to customize and optimize Gmail to suit your needs.

1. Color-Code Important Messages

Starring messages is a great way to keep important emails easily accessible, but you can take organization a step further by color-coding them. To add color-coded stars:

1. Go to Settings.
2. Scroll down to the General tab.
3. Drag More Color Options to the “In Use” section.

2. Save Time with Smart Compose

Smart Compose is a game-changer for anyone who frequently uses professional language in emails. This feature suggests the rest of your sentence as you type, helping you save time and effort.

• To enable or disable Smart Compose, go to Settings.
• Google even welcomes feedback on the quality of suggested phrases!

3. Unsend an Email

Accidentally hit send? Gmail allows you to undo the action:

• After sending an email, look for the small box with “Undo” in the lower-right corner of your screen.
• Click it to unsend your message instantly.

4. Find Emails Faster with Advanced Search

Advanced Search helps locate information buried in your inbox by filtering emails based on:

• Date, sender, recipient, specific words, or even words the email doesn’t contain.
• Click the icon with three slider bars in the search box at the top of your inbox to access this feature.

5. Mute Annoying Conversations

Stop notifications from overly active email threads without leaving them.

• Check the box to the left of the email in the thread.
• Click the three-dot icon in the top options bar.
• Select Mute from the dropdown menu.

6. Customize Your Inbox Layout

Gmail lets you decide what type of emails to prioritize:

1. Click the Quick Settings gear icon.
2. Select a custom inbox view, such as unread, important, or starred messages.

7. Protect Sensitive Emails with Confidential Mode

Gmail’s Confidential Mode lets you set an expiration date for emails containing sensitive information.

• Before sending an email, click the lock icon near the send button.
• Set the expiration date to ensure the email vanishes after the allotted time.

Have Questions?

For any concerns about email deliverability or security, reach out to us at info@optfinITy.com. Let us help you make the most of your Gmail experience!

Spring: A Season for Digital Renewal

Spring marks a time of regrowth and change, and many people seize this season as an opportunity to tidy up their house or apartment. However, it is also the perfect time to clean up your technology and cyber footprint. Over the year, activities like paying bills, shopping, and using social media can expand your cyber footprint. Taking steps to declutter and protect yourself and your loved ones from potential cyber threats is essential. Here’s how you can refresh your digital life this Spring.

Strengthen Your Passwords

Start by reviewing your passwords. Update them with stronger, more unique combinations when necessary. Additionally, enable Multi-Factor Authentication (MFA) on accounts containing sensitive information, such as bank or retirement accounts. These actions enhance your security and make unauthorized access much more difficult.

Organize Your Email Accounts

Email accounts often accumulate a lot of clutter. Organize your emails by creating folders for items you want to keep and deleting those you no longer need. Unsubscribe from spam senders to reduce future clutter. Take this opportunity to review and update your email filters, ensuring that unwanted marketing or spam messages go directly to the trash.

Tidy Up Your Social Media Profiles

Social media platforms can reveal more about you than you realize. Search your name online to understand what others might find. Review your privacy settings, photos, and videos to decide if any adjustments or deletions are necessary. If you want to close a social media account, ensure you deactivate or delete the account rather than just removing the app from your device.

Update and Test Your Backup and Recovery Plans

Keeping your devices and operating systems updated is critical. This step ensures you’re protected against the latest vulnerabilities. Additionally, review and test your backup and data recovery plan. Confirm that you can restore files from your backup and evaluate what you’re backing up, where it’s stored, and the media used for storage.

Need Help? Let’s Talk

If you’re interested in discussing network best practices and ensuring the smooth operation of your organization’s IT systems, reach out to us at info@OptfinITy.com or call us at (703) 790-0400. We offer free, no-obligation consultations to help you navigate your IT concerns.