By -- 2017-07-24 in Blog

Recently, an internet-connected fish tank at a casino was hacked in an attempt to steal data. This fish tank was web-accessible in order to help automatically feed the fish and keep manage their environment. Once the hacker found the weakness in the tank’s network, they used that to find other vulnerabilities in the casino’s network.

This is just one example of how phishing is not just delivered via a rogue email. Another more common, yet still unusual, attack happened when hackers breached drawing pads connected to unsecured Wi-Fi systems, then using those devices to enact a denial of service attack.

So, if you have any internet connected devices at work or home, often referred to as the Internet of Things, or IOTs, be sure they are as secure as possible to prevent hackers from causing unneeded damage to your systems and data. These can range from your laptop or smartphone to a smart-fridge or cloud-based doorbell system. If its connected to the internet, it can possibly be hacked.

Not only does Optfinity provide thorough protections for our clients, we also provide no-cost, no-obligation assessments for anyone wanting to understand their systems better and have peace of mind knowing fully where their strengths and weaknesses lie, with regards to their technology.

By -- 2017-07-24 in Blog

Do you know if your website is currently in compliance with the Americans with Disabilities Act? Do you work for an organization where it is required for your website to be accessible to people with disabilities? If you’re unsure of either of these questions, you may want to talk to an expert before it’s too late.

A recent case in Florida against Winn-Dixie deemed that their website did not provide customers with disabilities the “full and equal enjoyment of the goods, services, facilities, privileges, advantages, or accommodations of any place of public accommodation … .” They now must implement an accessibility policy to meet current ADA standards, which not only is more costly to implement after the fact, but could leave them vulnerable to costly lawsuits.

While you may not have a large number of customers/clients with access and functional needs, the few you might have are protected under the law and should have equal access to information provided on your website.

Most web creators tackle this issue upfront and there are many resources out there to help ensure you’re currently up-to-date, such as the World Wide Web Consortium.

This may seem like a daunting task, but it doesn’t have to be if you know which resources to utilize. Aside from the resources already mentioned, OptfinITy can provide a free, no-obligation assessment to help ensure you’re aware of your ADA standings with regards to all your IT needs. And remember, aside from saving you from possible legal worries, this is the right thing to do for your business and your customers.

By -- 2017-07-17 in Blog

Adobe Flash Player is a favorite piece of software for hackers to exploit for various reasons: it’s on a lot of computers, users need it to access Flash-based content, and many users do not keep it updated. Because of these and so many others, hackers love coming up with new ways to invade your devices utilizing this software. There is some good news, however; because of the sheer number of attacks, Adobe releases new security patches quite often.

When was the last time you ensured your Adobe Flash Player was updated? Do you have your global settings set to automatically install updates? Do you not even know what Flash is, if you have it, or know how to check if it is updated?

For many people out there, questions like these fall low on their radar, meaning their systems are constantly vulnerable to attacks. For clients of Optfinity, these are questions they never need to ask or even worry about as we ensure everything is constantly updated. A free assessment could answer many questions you might not even have known to ask in ensuring your systems and devices are properly secured. Contact us today, we’d be glad to help.

By -- 2017-07-14 in Blog

Bithumb, which is one of the world’s largest cryptocurrency exchanges, was recently hacked, with the criminals making off with approximately 32,000 customers’ user account information. Thankfully, no passwords were obtained.

This hack was different in that instead of going after the exchange’s internal network, the hackers broke into a home PC of an employee of Bithumb.

One obvious question is why was this employee allowed to house sensitive information on his personal computer which he had in his home? Once this information was obtained, scammers then phoned some victims, trying to access their accounts by posing as Bithumb employees. One victim lost about $8,700.

If anyone ever calls you saying they are from a company, and you have a feeling it might be a scam, don’t hesitate to let them know you’ll call them back just to ensure they are who they say they are. But be sure not to call back a number they give you, instead, call the customer service number listed on their website. This is just one way to protect yourself from phone scams.

Not only is this a lesson in how to prevent being scammed over the phone and what steps you can take, but also on how to ensure all employees are trained properly so that these hacks don’t occur in the first place.

Do you know if employees have access to your company’s data on their personal devices? If so, how confident are you in the security measures protecting said devices?

Optfinity can provide no-cost, no-obligation assessments so that you know how secure or vulnerable your employees, your devices, and your company’s data are. Not only do we provide the know-how, we can also provide the training that your employees may desperately need to ensure they are working just as hard to help keep your business safe from hackers.

By -- 2017-07-3 in Uncategorized

Most of these very expensive ransomware attacks start out as a simple email, on which an employee at an office may have clicked. Perhaps it said resume, tracking number, or something else that seemed harmless; then, before anyone realizes it, they can’t open any company files, their server stops working, and their office comes to a complete halt. It almost sounds like science fiction, but it is happening every day to thousands of companies all across the world; and it doesn’t end there.

Are you aware that in some U.S. States, if a business is the victim of a cyber-attack, they may be penalized for simply being a victim? This all depends on how they respond. Not only could they be legally required to notify the proper authorities of data breaches, but they may also have to publicly announce it as well, so that all their current clients/patients and future potential business are aware of their accidental blunder. This will not only bring blame upon the business but may also leave them in financial dire straits with lenders, banks, and of course, clients.

It is imperative that you have set-up and tested the proper backups, and you have bought the proper insurance to cover all types of losses due to malware, viruses, and any other electronic scams to which you might fall victim. It is even more imperative to make sure you have the proper IT company looking out for your best interests to make sure that you survive such an attack or, more importantly, that you prevent one.

At OptfinITy, we focus on security from all levels; we stop it at the door, on the network, in the cloud and, most importantly, with your people. This is accomplished through our proactive training component which is implemented with all our managed services clients. If you would like to ensure you are prepared, give us a call for your free, no-obligation assessment and we can show you just how secure you are and give you options to help mitigate any future threats.

By -- 2017-06-29 in Blog

A two-year investigation has led to the arrest of two telephone scammers who were preying on vulnerable victims, tricking them into thinking their electronic devices were affected by malware. This investigation was conducted by Microsoft and British police.

One of the ways the scammers tricked their victims into believing their PCs had been infected was by asking them to look for warning or error messages in their Windows Event Viewer’s application logs. While those in the know understand these to be harmless, to someone not very tech savvy, these messages can seem ominous and will more easily pay for someone to help “fix” their computer problems.

It is important to remember no tech company will ever make an unsolicited call to help you fix any problems you might have. So, if you think you may have a problem, or some website or email is convincing you that your computer is at risk, don’t just talk to anyone, call us at OptfinITy anytime and we’ll be glad to assist. Don’t forget, we offer free assessments, so you won’t even need to worry about opening your wallet to get help!

By -- 2017-06-15 in Uncategorized

If you’re wondering why hackers are more prolific now than ever before, perhaps it’s because corporations paid out over $3 billion to fraudsters last year. This year, Southern Oregon University is just the latest victim adding to that rising total by succumbing to a business email compromise (BEC) attack; one of 78 to be exact.

The University received a fraudulent email informing them of a new bank account they should make payments to for the construction of a pavilion and student recreation center. This account obviously belonged to the hackers, thus leading the construction company to inform the University that they were never paid.

BEC scams work when the scammer, posing as a vendor, sends out a convincing email either similar to or hacked from the vendor, informing the victim of a new or changed bank account. Once the money is sent, its usually too late to be recovered by the time the crime is noticed.

Remember, most of these scams rely on a single employee unknowingly clicking on a link, opening an email, or otherwise failing to do basic due diligence before trusting an unknown source. Optfinity provides levels of authenticity, training for staff, encryption, and reporting for all our clients. Want to be sure your company never falls for a BEC, contact us today for a free, no obligation assessment and stop paying the scammers’ mortgages.

By -- 2017-06-7 in Blog

Just when you thought you were safe from WannaCry, a new bully is on the playground called Fireball. And this malware has already infected over a quarter billion computers worldwide! One of out every five corporate networks have been compromised. Most of these are in other countries as the US, thankfully for now, only accounts for 2.2% of the infected devices.

How does this malware differ from the others? It sneaks its way onto user’s devices through bundling, where it is paired with other freeware products. Once it is installed, it then utilizes the victim’s browser to turn their search engines and home pages into fake ones. It then installs plugins to boost advertisements and generate ad revenue for the hacker who created Fireball.

We recently covered this seemingly benign threat. While it appears the only current downside is a hacker using your computer to blindly help them make money, don’t forget, they have access to your electronic device. So, at any point, they could change their code and do some serious damage to individuals and corporate enterprises! Remember, free is almost never “free”.

If you’re uncertain if you’ve become a victim of this or any other malware, or just want a good assessment of your systems and their structure and security, contact Optfinity and we’ll provide you with a free, no obligation assessment to help give you peace of mind.

By -- 2017-05-30 in Uncategorized

There’s a new malware loose on the streets and this time its attacking Android phones.  Its nicknamed “Judy” and currently has infected upwards of 36.5 million devices.  This malware has made its way onto so many devices through, now defunct, apps in the Google Play Store.

Luckily, the current malware is relatively benign in that “The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it,” the security report reads.  So, at worse, victims might be losing out on data, as the malware is currently written.

The unknown danger is that this malware already has access to your device and at any time, the hackers could decide to make this malware do more malicious things to your equipment other than just helping them make money off ad clicks.  It is this potential for more devious actions that should have users worried.  Once again, if you’re unsure of your IT security threats or risks, Optfinity can help you out with a free, no obligation assessment.

By -- 2017-05-30 in Blog

With new guidelines from the US National Institute of Standards and Technology, we will soon, hopefully, see the elimination of older, outdated standards such as frequent password changes and utilizing special characters.  These guidelines will affect both government and business passwords.

Because humans have limited memory capabilities, having to recall long, complicated strings of characters are often impossible and therefore many users just use simple passwords that are easily guessed.  Studies have also shown that there is negligible benefit for these more complex passwords at the expense of usability and memorability.

The possible solution?  New guidelines allowing for the ending of special characters, longer passwords of up to 64 characters which can include spaces.  This will open the door to passwords being created around strings of words or phrases which are easier for humans to remember but harder for computers to guess. 

Till this new rollout of password standards, if you need help or advice on how to better manage the dozens of passwords you have to deal with on a daily basis, just contact Optfinity today and we can provide you with several options.