Have you received an email from a payment service that looks like this? At a glance, it looks like a legitimate email containing an invoice. However, a closer look will uncover a host of discrepancies that reveal this email to be a real phishing attempt received by someone here at OptfinITy. These discrepancies are not ones that a legitimate and trusted payment service like PayPal would include on an email invoice. Here are some of the red flags within this email and things you should look out for before clicking on any email containing financial information:

Red Flags:

1. Check if it was sent to right account
   • Though the person who received this email has been anonymized, that person received this invoice on an email account different than the one linked to their PayPal account.
2. Check names
   • This invoice lists the recipient as Patric Smith, even though Mike Duncombe is initially listed as the invoice sender. Neither of these names are the name of the account holder that received this invoice.
3. Check for spelling and formatting errors
   1. In the first paragraph, there is random capitalization that doesn’t make sense in the context of the paragraph: “…checkout and enjoy No Interest if paid in full…”
   2. In the second paragraph, PayPal is incorrectly formatted as “pay pal”
   3. In the second paragraph, there is a space in between the period that separates the dollar amount and the and cents: “$499 . 30”
   4. In the second paragraph, there is a space after the word that is meant to end the sentence: “…from your bank account . We are there…”
   5. That sentence itself is an incomplete sentence: “Same amount has been debited from your bank account . We are there…”
4. The phone number listed is incorrect
   • A quick Google search will reveal that PayPal’s customer service number is not the one listed within the email, but rather +1 (888) 221-1161

Most reputable payment processors have channels through which you can report phishing emails. If you believe you’ve received a phishing email from an entity claiming to be PayPal, forward the entire email to spoof@paypal.com, and do not alter the subject line or forward the message as an attachment. After that, delete the suspicious email. PayPal will investigate the email and let you know their findings.

Did you know that we provide phishing test services? If you’d like to test yourself and your employees and gage how susceptible your organization is to fraudulent messages, you can reach out to us at info@OptfinITy.com.

Do you have an old Android phone and you don’t know what to do with it? Maybe you’re thinking about storing it in a drawer, selling it, or trading it in. Whether your phone is too old to warrant a high trade-in value, or if you’re just interested in trade-in alternatives, continue reading to learn the top 5 ways to repurpose your old Android.

1. Store your photos: Pictures can take up a significant amount of storage, so store them on your old phone to save room on your new one! You can send photos taken on your new device to the old one, or use your old device as a camera and take it places you’d usually be hesitant to take a new phone, like the beach or lake.
2. Turn it into a Google Home: This process is simple and requires no downloads and no $130 Google Home purchase. First, make sure the phone is updated to the latest Android OS. Next, pair your phone to a Bluetooth speaker and keep both plugged in at all times. Now, you’ll be able to give it Google commands whenever you want!
3. Convert it into a Game Boy: Did you know that you can convert your old Android into a Nintendo Game Boy? All you need is a compatible Android and a $50 Hyperkin Smartboy Mobile Device. To play, you’ll still need to own or buy Game Boy cartridges. Alternatively, you can also play Game Boy advance apps if you don’t have the cartridges.
4. Use as a universal remote: If you’re not sure what to do with an old Android- turn it into a remote! Downloading a remote control app and syncing your phone to your devices will allow you to control things like Rokus, Apple TVs, Xboxes, and even smart light bulbs.
5. Turn it into a home security camera: This is a simple but effective way to keep your eyes on your home while you’re away. Simply download a security camera app and place it in a main room of the house in a place where you have a good view. Additionally, you can set it up outside when you’re home to see who’s knocking on your door.

If you’re interested in discussing phasing our and purchasing new devices for your office space, feel free to reach to to us at info@OptfinITy.com or call us at (703) 790-0400.

Happy Earth Day!

Earth Day marks a time where people reflect on what they’re doing to keep our planet clean and thriving. Whether you compost, recycle, take short showers, or drive electric, take the day to reflect on what you’ve done to help the environment, as well as other ways you can make a difference. Below are 3 technology tips that are good for the planet and your bottom line.

1. Reduce your paper usage: Unless a business document needs to be on paper for legal purposes, avoid printing out things like emails, online forms, and business manuals. Going as paperless as possible saves trees, but also saves you money by reducing the amount you spend on paper and ink. Paper-form documents can also be fairly inefficient for business purposes, as they can’t be integrated, automated, or accessed remotely. The manual nature of dealing with paper documents slows down your business and racks up manual label hours.
2. Implement electronic and cloud storage: So, if you decide to switch to dealing with documents digitally, where do you store them? In the cloud! Physically storing documents necessitates the use of physical space, air conditioning, and other environmental (and financial) burdens. In fact, the paperless Project estimates that to maintain just one file cabinet, it can cost as much as $1,500 and one employee annually. Dealing with file cabinets can also make organization a headache, and the threat of natural disasters wiping out important information is a concern as well. Consider storing vital documents within your electronic business management system, for the sake of the planet and your pockets.
3. Leverage remote work: If you’re in an industry that can allow employees to work remotely, consider implementing a remote or hybrid work plan Working remotely instead of commuting to an office results in less air pollution from vehicle emissions. Additionally, recent studies suggest that as many as 68% of US employees prefer remote work over in-person work. Why is this important for your business? Because happier employees are correlated with higher levels of productivity. This isn’t too surprising when you take into consideration that 77% of remote workers claim that they’re more productive when they work from home.

If you’re looking to move your documents to the cloud (the digital one) or are interested in discussing the logistics of remote employees, you can always reach us at (703) 790-0400 or email us at info@OptfinITy.com.

An astounding number of people use Gmail to send and receive emails. In fact, Gmail accounts for 1.8 billion active email accounts. If you’re part of that 1.8 billon, you may not be familiar with all the platform has to offer. To learn how to best customize and optimize your Gmail experience, read below to uncover the 7 best Gmail tricks you can implement today.

1. Color-Code Important Messages: You probably already know that starring messages puts your most important emails in a separate folder for easy access. However, did you know that you can color-code your messages too? To further organize your emails with color-coded stars, go to settings, scroll down to the General tab, and drag More Color Options to the “In Use” section.
2. Smart Compose: If you write with traditional office lingo, then this tool is a must for you. Just by typing the beginning of a sentence, Google will suggest the remainder of it, saving you time and typing. Smart Compose can be turned on and off under settings, and is even accepting feedback on the quality and relevance of suggested phrases.
3. Unsend an Email: After you send an email, you may notice a small box containing the word “Undo” will appear in the lower right corner of the window. Directly clicking on this will allow you to unsend a message.
4. Advanced Search: This is a useful tool that can help you find pieces of information buried in your inbox. It allows you to search by date, words, sender, receiver, or even by words an email doesn’t To access this tool, simply click the icon with 3 slider bars in the search box at the top of your inbox.
5. Mute Conversation: To mute a thread that gets an excess of replies, first check the box on the left of an email in the thread. On the options bar that appears at the top, select the 3 dots to bring in the dropdown menu. From there, select Mute and enjoy the silence.
6. Customized Inbox: If you wish to prioritize your inbox, first click the Quick Settings gear icon. Next, select a custom inbox based on what you’d like to see first: unread, important, or starred.
7. Confidential Mode: Did you know that you can set an expiration date on a private email? To make an email disappear after a certain amount of elapsed time, click the lock icon near the send button prior to sending an email.

If you have any questions about email deliverability and security, feel free to contact us at info@optfinITy.com.

If you’re like many Americans, you may not have finished filing your taxes yet, and you know that the April 18^th deadline is quickly approaching. Many hackers prey on last-minute filers to take advantage of people’s haste, hoping to gain sensitive information from anxious users. Hackers use a variety of phishing methods to encourage people to click on fraudulent links and attachments, which can result in malware, ransomware, refund-swiping and identity theft. Though cyber-experts say that the best way to protect yourself from these schemes is to file early, here are some ways to protect yourself from tax-related fraud and refund thieves.

• Choose reputable resources: If you’re self-filing online, use a trusted platform. If you choose to hire someone to file for you, ensure that they are who they say they are. Remember, a tax professional or service won’t ask you to email any documents unprotected- they’ll use a secure portal instead.
• Use your home Wi-Fi: As always, use secure and known Wi-Fi networks when accessing financial and personal information, as hackers can access your device an information if you’re filing over public networks.
• Be wary of phishing and smishing: The IRS never sends unsolicited emails or texts. If you need to access online forms or pages, visit the IRS site directly, and don’t take any chances by clicking on unknown links or downloading attachments from unfamiliar sources.
• Get a PIN: You can validate your identity with the IRS and receive a 6-digit code that will prevent criminals from filing a fake tax return using your Social Security Number.
• Implement 2FA and use strong passwords: These both are a must when dealing with financial information. Additionally, using an antivirus software and making sure that your operating system is up to date is recommended, and any paper copies or drives should be stores securely.
• Shred everything: Dumpster diving still happens, so make sure to shred all no longer needed tax documents before throwing them in the trash.

If you’re concerned that your organization’s financial information may have been compromised, you can reach out to us at info@OptfinITy.com

Spring marks a time of regrowth and change, and many take this season as an opportunity to tidy up their house or apartment. However, Spring is also a good time to remember to clean up your technology and cyber footprint. Throughout the year, people widen their cyber footprint by doing things like paying bills, shopping, or using social media. To remove this type of clutter and protect yourself and your loved ones from potential attacks, there are several things you can do this Spring.

First, review your passwords and update them with stronger, more unique ones when necessary. Use Multi-Factor Authentication (MFA) on accounts that contain sensitive information, such as bank or retirement accounts.

Next, review all email accounts. Organize your emails into folders of items you want to keep and delete the ones you no longer need or unsubscribe from spam senders. You may also want to review and update filters to send unwanted marketing or spam messages directly to trash.

Social media accounts often also need a bit of tidying up. Here, it is useful to search yourself online to get an idea of what comes up for curious searchers. To clean up your accounts, review your privacy setting as well as photos and videos and determine if you want to change any settings or delete any content. If you wish to delete an account, don’t just delete the app, delete or deactivate your entire account.

Perhaps most importantly, make sure all of your devices and operating systems are updated and review and test your backup and data recovery plan. Additionally, make sure that you can restore from a backup and review what you’re backing up, as well as your backup location and media.

If you’re interested in discussing network best practices and running your organization’s IT systems smoothly, feel free to reach out to us regarding your concerns at info@OptfinITy.com, or call us at (703) 790-0400. We will be happy to have a free no obligation consultation.

QR codes are everywhere these days. From restaurant tables to Super Bowl ads, their range of uses and applications has boomed since the onset of the pandemic. As usual, cybercriminals have taken note. The FBI has warned consumers that hackers are now creating malicious QR codes designed to trick unsuspecting scanners into giving away banking or login information. In early January, residents and tourists of Austin, TX experienced this first-hand when tens of malicious QR code stickers were placed on parking meters, promising motorists that they would allow them to pay for parking online. Cyber experts have determined that as of now, scanning these suspicious codes won’t affect your phone by secretly downloading malware, but instead, will lead you do sites designed to phish for your financial or personal information.

So, what can you do to spot potential QR code scams?

• Think before you scan: This is most relevant for codes in public places. Does the sticker appear to be part of an advertisement, sign, or display? If it looks out of place, it probably is.
  • If the scanned site looks strange or asks for sensitive information that doesn’t seem to be relevant, don’t give that information out.
  • When in doubt, ask the store or display owner for a paper copy of the document you’re trying to access.
• Don’t scan codes within unsolicited mail: As far as emails go, there is virtually no legitimate reason that a trusted sender would require a receiver to use a second device to access a safe and legitimate site via email.
  • This also applies to paper mail; if there’s a code in a piece of unsolicited junk mail, its safe to assume that scanning it may not be safe.
• Preview the code’s URL: Most smartphone cameras running the latest OS allow users to preview a code’s URL as you start to scan it. If the URL looks strange, trust your gut and move on.
  • Using a free secure scanner app is also helpful in spotting malicious links before your phone opens them.
• Use a password manager: If a QR code takes you to a convincing, but fake, website that you have an account with, a password manager will still know the difference and won’t autofill your passwords.

If you’re interested in discussing online safety and how to avoid and recover from phishing scans, you can reach out to us at info@OptfinITy.com.

If you frequent any social media platform, you’ve more than likely seen seemingly harmless, wacky quizzes pop up on your feed or timeline.  A lot of these tend to be associated with Facebook, but quizzes and surveys on Twitter and Instagram, as well as “Get to Know Me” videos on TikTok all serve a similar function: to harvest personal information from unsuspecting users.

Many times, these lighthearted posts are common security questions.  Headlines such as “Your Metal Band Name is the Street you Grew Up On + Favorite Pet’s Name” may appear benign, but the comments under such posts often contain a goldmine of potential passwords or answers to security questions. While there are plenty of question game posts that were created by cybercriminals with the intent of gaining access to sensitive information, not every quiz post is crafted by a hacker. However, these posts can be harmful regardless of the creator’s intent, as they are usually public and have no limits to who can view the post’s comments. Some examples of a quiz post a social media phisher may publish include:

• Who even remembers their kindergarten teacher? Let’s celebrate our educators this week!
• Nobody’s first car was a Ford- prove me wrong!
• Name a TV show you could watch forever and never get tired of!

It’s nearly impossible to avoid coming across one of these phishing scams on social media, but there are steps you can take to protect yourself. First, don’t give out sensitive information on social media. Though some prompts may be tempting to complete, don’t answer or share quizzes asking for personal details. Additionally, keep an eye out for posts that create a sense of urgency and panic. Cybercriminals exploit emotions like curiosity, fear, greed, and helpfulness to create a sense of urgency to entice you to share information or click on a link. Lastly, when in doubt, flag or report a post if it seems suspicious.

For more information regarding online safety and best practices, you can always reach out to us at info@OptfinITy.com.