By -- 2017-07-14 in Blog

Bithumb, which is one of the world’s largest cryptocurrency exchanges, was recently hacked, with the criminals making off with approximately 32,000 customers’ user account information. Thankfully, no passwords were obtained.

This hack was different in that instead of going after the exchange’s internal network, the hackers broke into a home PC of an employee of Bithumb. One obvious question is why was this employee allowed to house sensitive information on his personal computer which he had in his home? Once this information was obtained, scammers then phoned some victims, trying to access their accounts by posing as Bithumb employees. One victim lost about $8,700.

If anyone ever calls you saying they are from a company, and you have a feeling it might be a scam, don’t hesitate to let them know you’ll call them back just to ensure they are who they say they are. But be sure not to call back a number they give you, instead, call the customer service number listed on their website. This is just one way to protect yourself from phone scams.

Not only is this a lesson in how to prevent being scammed over the phone and what steps you can take, but also on how to ensure all employees are trained properly so that these hacks don’t occur in the first place. Do you know if employees have access to your company’s data on their personal devices? If so, how confident are you in the security measures protecting said devices?

Optfinity can provide no-cost, no-obligation assessments so that you know how secure or vulnerable your employees, your devices, and your company’s data are. Not only do we provide the know-how, we can also provide the training that your employees may desperately need to ensure they are working just as hard to help keep your business safe from hackers.

By -- 2017-07-3 in Uncategorized

Most of these very expensive ransomware attacks start out as a simple email, on which an employee at an office may have clicked. Perhaps it said resume, tracking number, or something else that seemed harmless; then, before anyone realizes it, they can’t open any company files, their server stops working, and their office comes to a complete halt. It almost sounds like science fiction, but it is happening every day to thousands of companies all across the world; and it doesn’t end there.

Are you aware that in some U.S. States, if a business is the victim of a cyber-attack, they may be penalized for simply being a victim? This all depends on how they respond. Not only could they be legally required to notify the proper authorities of data breaches, but they may also have to publicly announce it as well, so that all their current clients/patients and future potential business are aware of their accidental blunder. This will not only bring blame upon the business, but may also leave them in financial dire straits with lenders, banks, and of course, clients.

It is imperative that you have set-up and tested the proper backups and you have bought the proper insurance to cover all types of losses due to malware, viruses, and any other electronic scams to which you might fall victim. It is even more imperative to make sure you have the proper IT company looking out for your best interests to make sure that you survive such an attack or, more importantly, that you prevent one.

At OptfinITy, we focus on security from all levels; we stop it at the door, on the network, in the cloud and, most importantly, with your people. This is accomplished through our proactive training component which is implemented with all our managed services clients. If you would like to ensure you are prepared, give us a call for your free, no-obligation assessment and we can show you just how secure you are and give you options to help mitigate any future threats.

By -- 2017-06-29 in Blog

A two-year investigation has led to the arrest of two telephone scammers who were preying on vulnerable victims, tricking them into thinking their electronic devices were affected by malware. This investigation was conducted by Microsoft and British police.

One of the ways the scammers tricked their victims into believing their PCs had been infected was by asking them to look for warning or error messages in their Windows Event Viewer’s application logs. While those in the know understand these to be harmless, to someone not very tech savvy, these messages can seem ominous and will more easily pay for someone to help “fix” their computer problems.

It is important to remember no tech company will ever make an unsolicited call to help you fix any problems you might have. So, if you think you may have a problem, or some website or email is convincing you that your computer is at risk, don’t just talk to anyone, call us at OptfinITy anytime and we’ll be glad to assist. Don’t forget, we offer free assessments, so you won’t even need to worry about opening your wallet to get help!

By -- 2017-06-15 in Uncategorized

If you’re wondering why hackers are more prolific now than ever before, perhaps it’s because corporations paid out over $3 billion to fraudsters last year. This year, Southern Oregon University is just the latest victim adding to that rising total by succumbing to a business email compromise (BEC) attack; one of 78 to be exact.

The University received a fraudulent email informing them of a new bank account they should make payments to for the construction of a pavilion and student recreation center. This account obviously belonged to the hackers, thus leading the construction company to inform the University that they were never paid.

BEC scams work when the scammer, posing as a vendor, sends out a convincing email either similar to or hacked from the vendor, informing the victim of a new or changed bank account. Once the money is sent, its usually too late to be recovered by the time the crime is noticed.

Remember, most of these scams rely on a single employee unknowingly clicking on a link, opening an email, or otherwise failing to do basic due diligence before trusting an unknown source. Optfinity provides levels of authenticity, training for staff, encryption, and reporting for all our clients. Want to be sure your company never falls for a BEC, contact us today for a free, no obligation assessment and stop paying the scammers’ mortgages.

By -- 2017-06-7 in Blog

Just when you thought you were safe from WannaCry, a new bully is on the playground called Fireball. And this malware has already infected over a quarter billion computers worldwide! One of out every five corporate networks have been compromised. Most of these are in other countries as the US, thankfully for now, only accounts for 2.2% of the infected devices.

How does this malware differ from the others? It sneaks its way onto user’s devices through bundling, where it is paired with other freeware products. Once it is installed, it then utilizes the victim’s browser to turn their search engines and home pages into fake ones. It then installs plugins to boost advertisements and generate ad revenue for the hacker who created Fireball.

We recently covered this seemingly benign threat. While it appears the only current downside is a hacker using your computer to blindly help them make money, don’t forget, they have access to your electronic device. So, at any point, they could change their code and do some serious damage to individuals and corporate enterprises! Remember, free is almost never “free”.

If you’re uncertain if you’ve become a victim of this or any other malware, or just want a good assessment of your systems and their structure and security, contact Optfinity and we’ll provide you with a free, no obligation assessment to help give you peace of mind.

By -- 2017-05-30 in Uncategorized

 

There’s a new malware loose on the streets and this time its attacking Android phones.  Its nicknamed “Judy” and currently has infected upwards of 36.5 million devices.  This malware has made its way onto so many devices through, now defunct, apps in the Google Play Store.

Luckily, the current malware is relatively benign in that “The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it,” the security report reads.  So, at worse, victims might be losing out on data, as the malware is currently written.

The unknown danger is that this malware already has access to your device and at any time, the hackers could decide to make this malware do more malicious things to your equipment other than just helping them make money off ad clicks.  It is this potential for more devious actions that should have users worried.  Once again, if you’re unsure of your IT security threats or risks, Optfinity can help you out with a free, no obligation assessment.

By -- 2017-05-30 in Blog

 

With new guidelines from the US National Institute of Standards and Technology, we will soon, hopefully, see the elimination of older, outdated standards such as frequent password changes and utilizing special characters.  These guidelines will affect both government and business passwords.

Because humans have limited memory capabilities, having to recall long, complicated strings of characters are often impossible and therefore many users just use simple passwords that are easily guessed.  Studies have also shown that there is negligible benefit for these more complex passwords at the expense of usability and memorability.

The possible solution?  New guidelines allowing for the ending of special characters, longer passwords of up to 64 characters which can include spaces.  This will open the door to passwords being created around strings of words or phrases which are easier for humans to remember but harder for computers to guess. 

Till this new rollout of password standards, if you need help or advice on how to better manage the dozens of passwords you have to deal with on a daily basis, just contact Optfinity today and we can provide you with several options.

By -- 2017-05-23 in Blog

 

Even a company as large as Disney has fallen victim to hackers, having had files of their recent movie stolen and threatened to be released online if ransoms were not paid.  They refused, and clips have since surfaced.  Its great news that they refused to pay and instead worked with authorities to try and bring the scammers to justice.

This goes to show that every company, large and small, must do more to protect themselves including security awareness training with employees.  Optfinity, through Knowbe4, offers this type of security awareness training to all our clients.  Not only does this entail online tutorials and test emails which assess which employees are vulnerable and likely to click on phishing scams, but also reports back to the client to see where their company’s weaknesses lie.

Don’t wait till a naïve employee innocently clicks on a wayward word document emailed to them by a hacker, thus giving them access to every bit of data on your servers.  Contact Optfinity today for a free assessment.

By -- 2017-05-17 in Blog

 

Previously, we have shown you how to delete and clear these pesky, residual elements in Internet Explorer that stick around on your computer after you’re finished searching the web.  This time, we will be showing you how to do it for Microsoft Edge, their newest web browser.  You’ll find updating to this browser comes with many benefits, it’s much faster than IE, and most elements are more user friendly, including spring cleaning of your data.

There are now two easy ways to clear all your data.  The first is to click on the three lines in the upper right-hand corner which are the history icon. 

Once there, you can individually delete websites by clicking the “X” to the right of each site listed.  Or you can delete all by clicking “Clear all history”.  This will take you to the next screen where you can select up to eleven different data sets you wish you clear out, including your history, cache, cookies, and form data.

The other way you can access this same information is by clicking on the “more” icon in the upper right hand corner represented by three dots.  From there you select “Settings”.  On this page you can change your theme, make changes to how your tabs operate, and clear your browsing history, among other things.  Once you click on “Choose what to clear”, it will take you to the same screen as shown above.

As you can see, this is far easier as you can delete all your data in one move, as opposed to having to delete your cache/cookies and history separately; not to mention any other data sets you wish to have stricken from the records.  If you have any other questions, feel free to contact Optfinity anytime.

By -- 2017-05-15 in Blog

 

The largest ransomware attack in history has already infected over 114,000 Windows systems worldwide.  Many of these infections were on older, unsupported versions of Windows such as XP, Vista, and Windows 8.  There is a reason any IT professional will advise you to upgrade to any current OS; these systems are constantly supported and updated to ensure the highest level of safety and security.

But in the wake of this unprecedented infection, Microsoft has released an emergency security patch update for all its versions of Windows, including those no longer supported.  So, if you’re still utilizing one of these operating systems, download and update now!

This security breach has not only affected small businesses and individuals in over 99 countries, it has also infected such large corporations as Spain’s Telefonica, Russia’s MegaFon, FedEx, and the National Health Service in the U.K.  The latter of these forcing the rejection of patients, cancelation of operations, and rescheduling of appointments due to the infection.

What can you do?  For starters, follow the seven steps listed in the article, including keeping your system up-to-date and be mindful of phishing emails, which is the main way this ransomware affects users.  You should also hire professional IT support to ensure you’re always protected, including having a secure and robust back-up system.  Optfinity offers free assessments, so if you’re unsure if your company will survive a possible infection, contact us today.  No pressure, no sales gimmicks, just honest care and advice to help small businesses stay safe in this highly dangerous cyber world.