TA542: It’s Spear-Phishing Season Again.

By -- 2020-12-10 in Blog

When people think of spam emails, it’s usually phishing that comes to mind. These are the emails that make up your junk folder: a truly frightening combination of poor grammar, bad spelling, and vulgarity that makes you question how anyone can fall for a phishing attack. Spear-phishing has become the new way to create a spam email campaign. By targeting specific demographics and crafting believable ‘lure’ emails, cybercriminals can entice people to click untrustworthy links in their emails. In recent years, the group TA542 has been one of the most prolific criminal entities to use spear-phishing as their primary form of cybercrime, sending almost one million fraudulent messages a day.

Their latest attack was a campaign targeting supporters of the Democratic party in the United States. Their lure emails mimic the language on emails sent from Democratic activist groups like ActBlue, leading people to believe that the sender is trustworthy. Once they click on the link in the email, they unwittingly download TA524’s signature malware, a program called Emotet. This does anything from scanning your computer for personal information to downloading your banking credentials. TA542’s combination of realistic lure emails and sophisticated malware makes them a particularly dangerous group of cybercriminals. However, there are still steps you can and should take to protect your data!

Traditional advice about how to avoid phishing scams is not to open links from people or companies that you aren’t familiar with. However, spear-phishing emails mimic those trusted senders. Some ways to stay safe in this new environment is only to open links or documents that you are expecting to receive. When you receive a link in an email that is unfamiliar or unexpected, go to the sender’s website and navigate to the desired page from there. As cybercriminals become more advanced, having outside tech support becomes increasingly important—if someone from your company falls prey to a spear-phishing attack, having secure data backups and a plan for how to mitigate the damage caused by the malware is crucial. If you’re concerned about spear-phishing, reach out to us at info@optfinity.com to learn more.

Is Zoom Back in Business?

By -- 2020-11-30 in Blog, Uncategorized

Work-from-home is the reality for so many of us during the coronavirus pandemic. Being out of the office has its challenges: interrupting kids, spotty internet, and endless miscommunications! However, online meetings have become the symbol of this new working environment, especially the virtual meeting app ‘Zoom’. Part of the app’s popularity was its security. Zoom increased its revenue over 300% during the pandemic, due in part to its security guarantees. That all changed when investigators discovered that the company had not been completely honest about their security protocols.

Zoom had always represented itself as having end-to-end encryption. This meant that no-one except meeting participants could access non-encrypted data on the meeting. It claimed to provide that encryption long as everyone accessed the call using their computers. Instead, users only had access to TLS, transport layer security. This meant that Zoom had access to unencrypted meeting data. The outrage prompted Zoom to release an updated version of their security that included true end-to-end encryption. So now that Zoom’s improved security has been released to the public, is it worth returning to the platform?

The good news is that now Zoom does seem to have full end-to-end encryption. The updated security option is available for everyone, a change from their initial plan to only offer it to paid users.  This makes Zoom one of only a few videoconferencing platforms to offer the service. However, the option does still have its drawbacks. For free users, the feature requires two-factor authentication to enable. Each user has enable the feature, meaning a meeting host cannot enforce the feature. The option is only available in meetings with under 200 members, an 80% reduction in capacity.

In the end, Zoom’s updated security policy makes it a great option for smaller, secure meetings. Individuals and small business owners will love the combination of convenience and security that the free option provides without being inconvenienced by the member limit. However, the removal of features and need for manual authentication from every member makes Zoom’s end-to-end encryption impractical for most large meetings. Cybersecurity has only become more important in the past few months, so making sure your meetings are safe is crucial. If you need help making sure that everything is protected, you can email us here or call us at (703) 790-0400.

Your Computer May Be ‘Fully Compromised’

By -- 2020-11-20 in Blog

The world’s largest software registry, NPM, removed three packages from their site on Thursday after discovering that they contained malicious code.  Each of the packages were ‘libraries’ for the coding language JavaScript.  A library is a collection of resources often used for software development. Because libraries can contain so many different types of data, they are a perfect place to hide malware.  These packages remained on the site for over a year before NPM, the hosting site, removed them.

So what makes this code so dangerous? When downloaded, they create a ‘shell’ on the user’s computer.  This ‘shell’ allows bad actors to connect remotely to the user’s device.  This means that the bad actors had complete access to the information stored on the computer. They could even download more malware to the device so that removing the package did not remove their access.  For this reason, NPM stated that any computer with these packages installed should be considered ‘fully compromised’.

If you downloaded these packages on your devices, you are at risk. You should take some steps to secure your information:

  • Think about wiping your computer.
  • Rotate any sensitive information from a different computer.
  • Remove the package from your computer.

Finally, this is a situation where you should consider seeking outside help.  If you want to keep the compromised device, an outside IT firm is a great resource to make sure that your information is secure.  Contact us here if you think that this may have affected your computer. You can also call us at (703) 790-0400.

The Hack is Coming From Inside the House!

By -- 2020-11-10 in Blog

Sometimes it seems like it’s impossible to keep your business safe. Software is constantly improving. Cybercriminals are becoming more technologically savvy. The list of security to-do’s is growing ever longer. With all that happening, it can be hard to figure out where to start. One option is to hire someone to do the heavy lifting for you. However, taking some simple steps on your own can be a great first start.

The good news is that preventing the vast majority of cybercrime doesn’t require a lot of technical know-how, just some basic knowledge of how cybercrime happens. Most cybercriminals are not spending days writing code to get into your system. Instead, they try to trick you and your employees into opening the door for them. Phishing campaigns are a popular way of doing this: someone sends your employee an unexpected email asking them to click a link or open a file. The next thing you know, your system has been infected with malware and you have to write some very embarrassing emails to your clients explaining why their contact information has been stolen. Most successful cybercrime happens in a situation like this, where someone within the company lets malware in.

So how do you stop it? Have regular meetings with your employees about the importance of information security. Make sure they know the basics. Never open anything from an unfamiliar sender and never install software (or browser add-ons, or applications) unless they are company-approved. Also, don’t click on strange links or visit shady websites. It’s important to ground information security in the real world. While it can be hard to understand how opening a link could cost your company millions, it is a lot easier to get how that same link steals their personal data. That personal touch is a good way to make sure that facts stick. Finally, if you’re in a position of power at your company, take charge! Create complexity guidelines for employee passwords and consider putting a secure password manager on company computers.

If all else fails, feel free to shoot us an email at info@optfinty.com; we’re always ready to help!

Cyberthreats Against Your Company May Start as Low as $40

By -- 2020-09-23 in Blog

As cyberthreats and attacks continue to increase, a recent report by Positive Technologies reveals an analysis that exposes why that is. The report shows the costs of many cybercrime services across the dark web are surprisingly cheap.

According to the report, the costs of cybercrime services can begin from as low as $40 to $4,500. This means that hackers can infiltrate a business’ email and steal sensitive information for under $50 dollars. Since the price of attacks start so low, cybercrime is not directed at only big business. Reports show that 71% of SMBs are not prepared for cybersecurity risks, and with how cheap it is to attack, preparations are necessary. The report encourages all SMBs to begin conducting detailed digital risk assessments to protect their businesses.

Larger businesses must also remain vigilant as they are also not in the clear. Since some cybercrime services are so inexpensive, hackers could purchase multiple attack services to target one larger enterprise from different angles. If you are an SMB and you don’t know where to start, OptfinITy can help.

Feel free to contact us at (703)790-0400 or email us at info@optfinity.com

15 Billion Stolen Credentials Circulating on the Dark Web—Is Your Business at Risk?

By -- 2020-08-25 in Blog

A new cybersecurity study has uncovered a staggering 15 billion stolen account credentials actively circulating on dark web forums, according to researchers at the cybersecurity firm Digital Shadows.

Dark Web Marketplaces Fueling Cybercrime

Among these compromised accounts, the most valuable credentials belong to banking and financial services accounts. On average, these stolen login details are sold for $74 per account. The surge in data breaches—more than 100,000 separate breaches in the last two years—has contributed to a 300% increase in stolen credentials since 2018.

Is Your Company’s Data on the Dark Web?

If you’re not actively monitoring the dark web for your company’s sensitive information, your business could be at risk. Cybercriminals leverage stolen credentials to launch phishing attacks, identity theft, and financial fraud.

Protect Your Business with OptfinITy

At OptfinITy, we provide dark web monitoring and cybersecurity solutions to safeguard your company from data breaches. Don’t wait until it’s too late.

Contact us today at info@optfinity.com or call (703) 790-0400 to learn how we can keep your business secure.

How Cybercriminals are Using the Dark Web to Scam People From US Employee Benefits

By -- 2020-08-24 in Blog

Cybercriminals have been capitalizing on every virtual aspect of the coronavirus pandemic. Malware has been created to tap into the medical, financial, social, and even psychological repercussions of the outbreak.

In a blog post entitled Pandemic Unemployment Scams Made Easy, IntSigns notes that the dramatic rise in unemployment numbers has placed major stress on the people and processes managing unemployment benefits, giving scammers a more vulnerable target for exploitation.

Cybercrime forums on the Dark Web have been populated with conversations on unemployment benefits. IntSights researcher Yoav Harpaz Cohen said he found discussions around the benefits themselves, the regulations from each state, and the steps required to claim the benefits, according to the report.

Typically, most data extracted is paid and bought on the Dark Web

While the Dark Web is filled with illegal activity, there are things you can do to keep your organization safe.   For more information on the dark web and what you can do, join one of our upcoming webinars or contact  us at (703)790-0400 or email us at info@optfinity.com

FBI Warns Companies Still Using Windows 7 After End of Life

By -- 2020-08-11 in Blog

The Federal Bureau of Investigation sent a private industry notification on Monday to partners in the US private sector about the dangers of continuing to use Windows 7 after the operating system reached its official end-of-life earlier this year. The notification mentions that cyber criminals are now targeting computer networks after an operating system achieves end of life since the vulnerability is much more exposed. Continuing use of Windows 7 within your company could  provide criminals with easier access to your computer systems  due to the lack of updates and security. The FBI warns that criminals view Windows 7 as a soft target and isurging companies to consider upgrading their workstations to newer versions of the Windows Operating systems.

Although Windows 7 end of life has occurred early July, 2020, several companies have yet to upgrade. On January 14, 2020, OptfinITY released postcards all over the Virginia district to warn businesses of the dangers of refusing to upgrade to Windows 10 or server 2019. Luckily, we are still willing to help. If your business needs a security update, OptfinITy offers services that will provide security and managed 24 hour IT services. Call us at (703)790-0400 or email us at info@optfinity.com to learn more.

Twitter Hack Exposes High-Profile Accounts: What You Need to Know

By -- 2020-08-4 in Blog

Twitter has finally disclosed details about the major cybersecurity breach that occurred in July 2020, where high-profile accounts were compromised and used to promote cryptocurrency scams.

Who Was Affected?

The attack targeted some of the most well-known figures in the world, including:

  • Amazon CEO Jeff Bezos
  • Tesla CEO Elon Musk
  • Microsoft Co-Founder Bill Gates
  • Former U.S. President Barack Obama
  • President Joe Biden
  • Musician Kanye West

How Did the Hackers Gain Access?

According to Twitter’s official statement, the breach was the result of a sophisticated phone spear phishing attack. Hackers exploited Twitter’s internal account management support tools by targeting a small number of employees. Twitter clarified that there is no evidence suggesting an employee intentionally assisted in the attack.

Here’s how the attack unfolded:

  • Cybercriminals used social engineering tactics to manipulate Twitter employees into divulging login credentials.
  • Attackers gained access to Twitter’s internal network and support tools.
  • Affected employees believed they were speaking to legitimate IT support staff and unintentionally provided information that enabled the breach.
  • Scammers may have used caller ID spoofing via VOIP services to make their calls appear legitimate.

What Can Businesses Learn from This Attack?

This incident highlights the increasing sophistication of phishing scams and underscores the importance of cybersecurity awareness training. Even well-trained employees can fall victim to social engineering tactics if they are not regularly updated on evolving threats.

Protect Your Business from Phishing Attacks

At OptfinITy, we prioritize cybersecurity by offering our clients regular check-in meetings to stay ahead of emerging phishing scams and cyber threats. Our proactive approach ensures your business remains protected from similar attacks.

Don’t wait until your business becomes a target. Contact us today to learn how we can help strengthen your cybersecurity defenses. Call us at (703) 790-0400 or email us at info@optfinity.com.

Stay safe. Stay secure. Stay ahead of cyber threats with OptfinITy.

OptfinITy Ranked Among World’s Most Elite 501

By -- 2020-07-30 in OptfinITy News

OptfinITy Ranked Among World’s Most Elite 501

Managed Service Providers

Annual MSP 501 Identifies Best-in-Class Global MSP Businesses

& Leading Trends in Managed Services

JULY 28, 2020: OptfinITy has been named as one of the world’s premier managed service providers on the prestigious 2020 annual Channel Futures MSP 501 rankings.

For the 13th year running, MSPs from around the globe completed an exhaustive survey and application this spring to self-report product offerings, annual total and recurring revenues, profits, revenue mix, growth opportunities and company and customer demographic information. Applicants are ranked on a unique methodology that weights revenue figures according to long-term health and viability; commitment to recurring revenue; and operational efficiency.

Channel Futures is pleased to name OptfinITy to the 2020 MSP 501.

 

“The Technology industry is a constantly changing and challenging industry and to have an organization like Channel Futures recognize us each year, is a testament to the work and service our hardworking team members provide our clients. ” said Michael Drobnis, CEO of OptfinITy.

In the 13 years since its inception, the MSP 501 has evolved from a competitive ranking list into a vibrant group of service providers, vendors, distributors, consultants and industry analysts working together to define the growing managed service opportunity.

“For the third year running, the applicant pool for the annual MSP 501 has grown year-over-year, making this year’s list the most competitive in the survey’s history,” says Kris Blackmon, Senior Content Director at Channel Partners and Channel Futures. “The MSP 501 leveraged judgement methodology brand-new in 2020 to drill down into not just what makes a big managed service provider, but what makes a great managed service provider. The 2020 winners are truly the best examples of innovation, business acumen and strategic savvy on the planet. We extend our heartfelt congratulations to the 2020 winners and gratitude to the thousands of MSPs that have contributed to the continuing growth and success of both the 501 and the thriving managed services sector.”

About OptfinITy

OptfinITy offers a full suite of IT solutions including managed services, cloud and hosting solutions, application development, website development, mobile application development and phone systems while OptfinITy’s subsidiary, PerusITy, provides cyber security solutions to small and medium sized organizations. Headquartered outside of Washington, DC, OptfinITy services clients throughout the United States.

About Informa Tech

Channel Futures, Channel Partners Online, Channel Partners Conference & Expo and Channel Partners Evolution are part of Informa Tech, a market-leading B2B information provider with depth and specialization in the Information and Communications (ICT) Technology sector. We help drive the future by inspiring the Technology community to design, build and run a better digital world through our market-leading research, media, training and event brands. Every year, we welcome 7,400+ subscribers to our research, more than 3.8 million unique visitors a month to our digital communities, 18,200+ students to our training programs and 225,000 delegates to our events.

 

MEDIA CONTACT:
Allison Francis

Editor, Channel Futures & Channel Partners

Editor, MSP 501

Allison.Francis@informa.com

 

 

Suggested Social Media Accounts and Hashtags to Leverage 

  • Facebook: @ChannelFuturesMSP501
  • Twitter: @MSP_501
  • LinkedIn: MSP 501 Group
  • Instagram: @MSP_501
  • #MSP501
  • #501er