Cybersecurity Awareness a Year-Round Job

by

Cybersecurity Awareness Month heightens our vigilance in October, but we can’t let our guards down at any time of year anymore, especially during the holiday shopping season.

Small businesses are not likely to be attacked directly by cyber criminals unless you do business with more valuable targets. You will, however, be attacked with the phishing emails that hackers  deploy in the hopes that some “fish” will take their bait.

Cyber criminals now use AI writing tools to help make their phishing emails more convincing, too.

You can, however, spot phishing emails by remaining diligent at all times.

My Golden Rules for handling emails:

  • If you don’t know the sender, do not click any links or file attachments. Delete the email.
    • If the email is relevant to you, go directly to the sender’s website in your browser.
    • For well-known brands, hover over the link (don’t click) to see if it goes to the brand’s website (i.e., dell.com versus something.com/dell)
  • If you know the sender, but receive an unexpected email from them, do not click links or file attachments until you confirm that the sender you know actually sent it.
    • Do this by phone — a hacker could hijack the email account and make it look like the sender you know is providing confirmation.
  • If you mistakenly click on a link in an unexpected email, and it takes you to a page to change your password, do not enter your password. Close the page.

Below is a phishing email that I received that incorporates elements of many phishes:

Phishing email characteristics

As you can see, this phishing email:

  • Uses the International date format (day / month) versus the month / date format that I would expect in the U.S.
  • The From: email address is not @intuit.com or @quickbooks.com. It’s @updatessoftware.info.
  • The phone number shows up in searches for known scams.
  • Hovering over the link reveals it goes to techsales.info instead of intuit.com or quickbooks.com.
  • Awkward language
  • The text uses fear tactics by claiming the database will be corrupted and backups automatically removed, preventing recovery, if the deadline is missed.

What would I do with this email?

This email caught my attention because I knew that Quickbooks is requiring desktop software customers to upgrade before Sept. 30 if they want to continue using the desktop software instead of Quickbooks Online.

The International date format, however, gave me pause initially. The fake From: email address sealed it.

Had the hackers spoofed a legitimate Quickbooks email address, the other elements would have still confirmed this as a phish.

You also want to protect your passwords as follows:

  • Use a password manager such as one of these.
  • Do not send passwords in emails and text messages unless encrypted
  • Do not use the same passwords for business and personal use
  • Do not store passwords in word processing files or spreadsheets
  • Do not share your passwords with anyone, including co-workers

If you want more in-depth information about cybersecurity awareness, you can visit the Cybersecurity and Infrastructure Security Agency (CISA) website at https://cisa.gov.

Off-Boarding Employees

by

It happens to every business that has employees. At some point an employee will leave for a variety of reasons including retirement, striking out on their own, health reasons or what they perceive to be a better opportunity at another company.

One interesting look at turnover rates comes from a study of employees changing their employers on LinkedIn. It found that 11 percent of employees posted new employers on their LinkedIn Profile during the 12-month period of their study in 2021 and 2022.

That doesn’t surprise me. In fact, judging by the number of LinkedIn profiles of employed people who still advertise their availability, I believe the number could be higher than 11 percent.

So, accepting that you will have turnover, how do you safely off-board those who leave from an IT standpoint?

The following technology off-boarding checklist will help mitigate the risk of losing valuable corporate knowledge and business in the departing employee’s transition.

Knowledge Loss
Be sure to query the departing employee about specific knowledge of their job that might not be in company manuals and procedures.
If involved in Sales, be sure the departing employee provides all contact information for Customers and Leads.

Social Media accounts
Change or delete the employee’s accounts on all Social Media.

Application logins
Change / disable / delete the employee’s login credentials on all Cloud and Desktop applications.

Email logins and forwarding
Change / disable / delete the employee’s Email login credentials.
Set up forwarding of the employee’s emails to someone else within the organization until customers become aware of the replacement.

Company Device Recovery
If the employee uses company devices such as Smart Phones or Tablets, recover the devices.

Recovering Data from Personal Devices
If the employee used his / her own devices, recover all company information from those devices.

Revoking Access
Disable / Delete access to the devices, applications, files and databases the employee accessed over the corporate network.
Revoke access to the physical building(s).

For help setting up an Off-Boarding Policy for your company, contact me at 302-537-4198, ericm@flexitechs.com, or on our Contact form.

Beat Password Fatigue With a Password Manager

by

By now, in 2021, you’ve most likely experienced at least one breach of an account password whether you know it or not.

Perhaps the fallout didn’t prove devastating, but could there be a time bomb lurking in that stolen password that could cause significant harm?

The answer lies in our use of a small number of passwords for a large number of login credentials. From online shopping and banking to social media to personal accounts like the local library, we use the same passwords over and over and over again.

Thus, while we often think to change the password on the breached account, we don’t often think about changing it on every single account that uses that password as well, and we certainly don’t think to change all of our passwords on a regular basis.

To do so would require spending hours to determine which other user accounts we use that password on and hours more to change them all on a regular basis.

Cyber criminals knows this and take full advantage of our password fatigue to try to break into more sensitive accounts once they steal a password themselves or purchase a breached password.

To corral the password monster, you should use a password manager. A password manager at a minimum should encrypt your passwords, generate complex passwords, warn you if a password isn’t complex enough, and be set to require passwords to change regularly.

Other Password Manager Considerations:

  • Automatic Logins
  • Web Browser Extension to manage web site credentials
  • Security Audit that scores your overall password strength
  • Alerts for weak and re-used passwords
  • A Dark Web data breach monitor to alert you when credentials have been caught up in a data breach
  • Secure storage of identity and payment information for online forms
  • Temporary Clipboard storage of copied passwords

If you suffer from password fatigue, contact us at FlexITechs to learn more about our password manager, which meets all of the above features.

Call us at 302-537-4198, email me personally at ericm@flexitechs.com, or submit our Contact form.

Regularly Test Your Backups

by

If you have a Managed IT Services Provider like FlexITechs, chances are good your backups are not only being monitored for failures but also being tested on a regular basis to ensure that files restore successfully when needed.

There would be nothing worse than finding out after a natural disaster, a fire, or a Ransomware attack that has encrypted all of your files that your backups either were failing or that they won’t restore properly.

If testing your backups was not discussed when you signed up for an automated backup plan or you simply don’t know if they are being tested, ask your backup provider or backup software company if they are being tested and if not, how to do this.

In general, to test your backups, perform the following procedures:

  • At least once a month, pick a random backup date and restore a handful of files to see if they restore successfully (be careful not to restore over the current version of those files)
  • At least once a quarter, perform a deeper restore operation of numerous files from different backup dates, again being careful not to overwrite the current versions of your files
  • At least once a quarter, check all files in the most recent backup to be sure that you are backing up all files that you would need to restore
  • On a daily basis monitor your backups for failures. Any good backup software will let you know whether the backup succeeded or failed with an email or within the software itself
  • If you see errors at any stage of the backup or restore processes, resolve those issues or have your IT or backup service resolve them for you.

Keep in mind that if your data is critical to the operation of your business, you should perform the steps above more frequently to minimize the risk of partial or complete data loss when you need to restore from your backups.

For help implementing a backup testing program or an automated backup program if you don’t have one, call 302-537-4198 or email me personally at ericm@flexitechs.com.