13 Jan 2017

Phishing emails – how to spot them

Don't get caught in a phishing scam

Phishing attacks are more rampant than ever before, rising by more than 162 percent from 2010 to 2014. They cost organizations around the globe $4.5 billion every year and over half of internet users get at least one phishing email per day.

The best defense companies have against phishing attacks is to block malicious emails before they reach customers with the DMARC (Domain-based Message Authentication Reporting and Conformance) standard. Brands must also work with a vendor that can offer email threat intelligence data revealing attacks beyond DMARC (e.g., attacks that spoof their brand using domains outside of the company’s control).

Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox. And those messages are extremely effective—97% of people around the globe cannot identify a sophisticated phishing email. That’s where customer education comes in.

Here are 10 tips on how to identify a phishing or spoofing email. Share them externally with your customers and internally with your company.

Tip 1: Don’t trust the display name
A favorite phishing tactic among cybercriminals is to spoof the display name of an email. Return Path analyzed more than 760,000 email threats targeting 40 of the world’s largest brands and found that nearly half of all email threats spoofed the brand in the display name.

Here’s how it works: If a fraudster wanted to spoof the hypothetical brand “My Bank,” the email may look something like:

How to identify phishing

Phishing email example

Since My Bank doesn’t own the domain “secure.com,” DMARC will not block this email on My Bank’s behalf, even if My Bank has set their DMARC policy for mybank.com to reject messages that fail to authenticate. This fraudulent email, once delivered, appears legitimate because most user inboxes only present the display name. Don’t trust the display name. Check the email address in the header from—if looks suspicious, don’t open the email.

Tip 2: Look but don’t click
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new window and type in website address directly rather than clicking on the link from unsolicited emails.

Tip 3: Check for spelling mistakes
Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Tip 5: Don’t give up personal information
Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.

Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”

Tip 7: Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.

Tip 8: Don’t click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Tip 9: Don’t trust the header from email address
Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address. Return Path found that nearly 30% of more than 760,000 email threats spoofed brands somewhere in the header from email address with more than two thirds spoofing the brand in the email domain alone.

Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

Share this
16 Jul 2015

Service First moves to BitDefender

As part of our continued efforts to bring you the best possible solutions for your business, we are excited to announce that the Service First Managed Antivirus (MAV) engine is now powered by Bitdefender. Bitdefender has consistently been among the tops for both protection and performance.

With the threat landscape continuing to evolve and with new variants emerging almost daily, we want to ensure we are providing the best protection possible to you and your customers. Incorporating the Bitdefender antivirus engine into MAV helps us meet this challenge.

We have tried to keep the look and feel of the new MAV offering as similar as possible to the existing solution, but there are a number of key benefits being introduced that we’d like to make you aware of:

• Better Malware Protection
Third-party testing proves our new solution to be more effective against fighting malware and viruses, while introducing less false positives – providing you better overall protection and security. The addition of Behavioural Scanning, along with Active Protection, will provide yet another layer of defense.
• System Variables within Exclusions
One of the most requested features we have had for MAV is the ability to use system variables within policy exclusions – we are very happy to now be able to deliver this to you! This greatly simplifies matters by ensuring one exclusion can apply across multiple operating systems.
• “Snooze” Feature for Easier Maintenance
Our new “Snooze” feature allows you to temporarily disable MAV, for up to one hour, giving you the ability to more easily perform maintenance on a given machine. This means there is no longer a need to move the device into a new policy while performing maintenance.
• Site Concentrator Applied Across All Devices
The previous restrictions for laptops to use the Site Concentrator has been removed. All MAV devices can now download definitions and updates via the Site Concentrator.
• Direct Communication to the Endpoint
MAV endpoints will now receive instant commands sent from the dashboard. This means you no longer have to wait for the endpoint to check in to the server to receive scanning and update commands.

Share this
16 Jul 2015

What is a Managed Service Provider?

A managed services provider (MSP) is most often an information technology (IT) services provider that manages and assumes responsibility for providing a defined set of services to its clients either proactively or as the MSP (not the client) determines that services are needed. Most MSPs bill an upfront setup or transition fee and an ongoing flat or near-fixed monthly fee, which benefits clients by providing them with predictable IT support costs.

As organisations face significant challenges in scaling and managing their global Information Technology infrastructure while effectively reducing costs, it becomes much more cost effective to gain access to best in class tool sets, hardware, software and even niche technology experts by only paying for what they use by using managed service providers.

Sometimes, MSPs are contracted to manage multiple staffing vendors and to measure their effectiveness in filling positions according to a customer’s standards and requirements. In effect, the MSP serves as a “neutral” party that offers the customer a complete workforce solution while ensuring efficient operation and leveraging multiple staffing companies to obtain competitive rates. In this situation, MSPs typically use a Vendor Management System (VMS) as a software tool to provide transparency and efficiency — along with detailed metrics to the user — related to every aspect of the contingent and contract workforce. The model has proven its usefulness in the private sector, notably among Fortune 500 companies, and is poised to become more common in the government arena. (Source: Wikipedia)

Simply put, a Managed Service Provider is contracted to manage your network and IT infrastructure. This management may include servers, workstations, IT Budget, cloud services, data backup, disaster recovery and email solutions. Service First allows customizations of its services and management options.

Share this
16 Jul 2015

Windows 10 Release !

Microsoft has confirmed the availability of Windows 10, and the official release of the highly-anticipated new operating system. The company will begin rolling out Windows 10 in 190 countries and 111 languages on July 29th.

Windows 7 and Windows 8.1 users can pre-register for their free Windows 10 upgrade by clicking the Windows logo that will have appeared on the right-hand side of their taskbar.

However, clicking the button does not necessarily mean they will get Windows 10 on July 29th. The update will first be rolled out to the 4.4 million people who have taken part in the Windows Insider program.

Microsoft will then begin notifying people who have reserved their copy of Windows 10 in waves, slowly scaling up after July 29th. Once a copy becomes available, Microsoft will scan the user’s computer to check if it is compatible, and then download Windows 10 automatically.

If the user’s system is not yet ready to be upgraded to Windows 10, Microsoft will provide more details during the upgrade process. In some cases, users will need to contact an application provider or device manufacturer to learn more.

The update is free to anyone with a registered version of Windows 7 or Windows 8.1 who opts in within a year. Anyone who is still on Windows 8 will have to upgrade to Windows 8.1 to qualify for the free upgrade.

Share this
11 Jun 2015

Risks of using Windows Server 2003

July 2015 marked the End of Life (EOL) for Microsoft Windows Server 2003. Many large corporations still use this robust but tired server os. There are many risks however for those not moving forward.

What are some of the biggest concerns? Take a look:

1. No more security updates: Next summer will see the end of security updates and paid per-incident support that were available for the operating system. No more bug fixes. No further vulnerabilities addressed. Just because it’s an old OS doesn’t mean it’s a forgotten one: as of November this year, for example, Windows Server 2003 editions and service packs were still turning up among the affected software listed in Microsoft security bulletins about critical vulnerabilities, like this one.
2. Your OS is not an island: A compromised Windows Server 2003 operating system could open the door for the bad guys to pry into other systems in your data centre for the purpose of launching attacks against them. Also, if your third-party business applications code support is tied to the status of the underlying operating system, that support—including anything it may cover in the way of security—also may suffer if you continue to run those apps under Windows Server 2003.
3. Falling out of compliance: Companies in many industries—financial, healthcare, e-commerce, and so on—are dealing with a lot of sensitive customer data, and a lot of it is subject to either industry body or government regulations around privacy and security. When the Windows Server 2003 extended support cycle ends, such companies still using it may find that their virtualized and physical instances of the OS are now out of compliance with regulated industry or regulated data mandates, impacting all associated apps and data. These businesses may fail their audits. So, even if the operating system or data itself isn’t compromised, a business’ status very well could be – potentially resulting in fines, damaged relationships with key partners who are anxious about their own compliance standing, or even the shuttering of their own enterprise.
4. Misusing valuable funds: A company that expends energy, resources and dollars on mitigation technologies to help continue to secure the aged OS by making it harder for attackers to exploit vulnerabilities could lose its focus on the overall enterprise and data security picture—not to mention sacrifice some of the budget that should be supporting that end. That could jeopardize a multitude of other critical software and systems and sensitive information.
5. Legacy applications can cause security issues: All this said, there are risks associated with migrating from the older to the newer OS, as well. Unsupported legacy applications could leave an organization open to security risks, or data could be lost during the transition.

Effectively dealing with these risks comes down to carefully planning your changeover to Windows Server 2012. A well-plotted and well-executed move to the next-generation server OS is also a move that will keep your business current with security updates, with third-party application support, and with compliance requirements, and at the same time save your company from spending money and time on stopgap measures. IT service and solutions providers can be a big help, also aiding in ensuring that your move will take place without data loss. And they or business app vendors hopefully also can address any concerns related to running old apps on a new OS, or suggest alternate options.

The bottom line. Upgrade to a new modern OS to protect your business from vulnerability!

Share this
05 Mar 2015

Beware the Microsoft Support Scam

Avoid tech support phone scams

Cybercriminals don’t just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:

  • Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
  • Take control of your computer remotely and adjust settings to leave your computer vulnerable.
  • Request credit card information so they can bill you for phony services.
  • Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.

Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

Telephone tech support scams: What you need to know

Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.

Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.

Do not trust unsolicited calls. Do not provide any personal information.

Here are some of the organizations that cybercriminals claim to be from:

  • Windows Helpdesk
  • Windows Service Center
  • Microsoft Tech Support
  • Microsoft Support
  • Windows Technical Department Support Group
  • Microsoft Research and Development Team (Microsoft R & D Team)

Report phone scams

Learn about how to report phone fraud in the United States. Outside of the US, contact your local authorities.

How to protect yourself from telephone tech support scams

If someone claiming to be from Microsoft tech support calls you:

  • Do not purchase any software or services.
  • Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
  • Take the caller’s information down and immediately report it to your local authorities.
  • Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.

What to do if you already gave information to a tech support person

If you think that you might have downloaded malware from a phone tech support scam website or allowed a cybercriminal to access your computer, take these steps:

  • Change your computer’s password, change the password on your main email account, and change the password for any financial accounts, especially your bank and credit card.
  • Scan your computer with the Microsoft Safety Scanner to find out if you have malware installed on your computer.
  • Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charge you for it, this is also a scam.)Note: In Windows 8, Windows Defender replaces Microsoft Security Essentials. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or you clicked a suspicious link online or in an email message.

    Learn more about Windows Defender

Will Microsoft ever call me?

There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer—such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.

Source: Microsoft

Direct Link: http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

Share this

© 2015 Service First ...Total Solutions. Site customization by Treefrog Digital

Click Me