We get it (and IT!)

Phone: 1300-728-259 or .

Category Archives: Hacking

Don’t let hackers fool you with these tricks

According to several reports, the volume of malicious cyber attacks have increased since the beginning of the Rio Olympics. And even though our devices have the latest network security systems, hackers have a cunning trick up their sleeves — social engineering. Unlike malware and other viruses, social engineering tricks people into divulging sensitive data to hackers. Unfortunately, businesses are also vulnerable to various social engineering tactics. As a business owner, you should be vigilant of these common scams used by hackers.

Phishing
Phishing scams are perhaps the most common type of social engineering attack. Usually seen as links embedded in email messages, these scams lead potential victims into seemingly trustworthy web pages, where they are prompted to fill in their name, address, login information, social security number, and credit card number.

Phishing emails often appear to come from reputable sources, which makes the embedded link even more compelling to click on. Sometimes phishing emails masquerade as government agencies urging you to fill up a personal survey, and other times phishing scams pose as false banking sites. In fact earlier this year, fraudulent Olympics-themed emails redirected potential victims to fake ticketing services, where they would eventually input their personal and financial information. This led to several cases of stolen identities.

Tailgating

What’s the best way to infiltrate your business? Through your office’s front door, of course! Scam artists can simply befriend an employee near the entrance of the building and ask them to hold the door, thereby gaining access into a restricted area. From here, they can steal valuable company secrets and wreak havoc on your IT infrastructure. Though larger enterprises with sophisticated surveillance systems are prepared for these attacks, small- to mid-sized companies are less so.

Quid pro quo

Similar to phishing, quid pro quo attacks offer appealing services or goods in exchange for highly sensitive information. For example, an attacker may offer potential targets free tickets to attend the Olympic games in exchange for their login credentials. Chances are if the offer sounds too good to be true, it probably is.

Pretexting

Pretexting is another form of social engineering whereby an attacker fabricates a scenario to convince a potential victim into providing access to sensitive data and systems. These types of attacks involve scammers who request personal information from their targets in order to verify their identity. Attackers will usually impersonate co-workers, police, tax authorities, or IT auditors in order to gain their targets’ trust and trick them into divulging company secrets.

The unfortunate reality is that fraudsters and their social engineering tactics are becoming more sophisticated. And with the Olympics underway, individuals and businesses alike should prepare for the oncoming wave of social engineering attacks that threaten our sensitive information. Nevertheless, the best way to avoid these scams is knowing what they are and being critical of every email, pop-up ad, and embedded link that you encounter in the internet.

To find out how you can further protect your business from social engineering attacks, contact us today.

Hundreds Of Dropbox Passwords Leaked, Change Yours Now

Hundreds Of Dropbox Passwords Leaked, Change Yours NowDropbox is experiencing issues

A few hundred Dropbox usernames and passwords have leaked on Reddit, likely from third-party services and possibly as part of a much larger breach. Use this as a timely reminder: and change your DropBox passwords today!

dropbox

The leak, which contains hundreds of accounts with email addresses starting with the letter “b”, come from an anonymous user taking Bitcoin donations for the full leak, which they claim consists of millions of accounts, according to The Next Web. We’re not sure how old these credentials are or which third party apps they came from, but no matter what, it’s time to do the same old song and dance we’re pretty used to by now.

So, if you use Dropbox, be sure to change your password now (and make it strong), as well as your password on any other site that used the same credentials. While you’re at it, you should definitely enable two-factor authentication to keep baddies out of your account (even if your password is leaked).

If your account was one of the “B” accounts already leaked, you should get a notification from Dropbox to reset your account. But in the meantime, we recommend everyone change their passwords.

Update: Dropbox has said in a statement that they were not hacked, and that the leaked credentials likely came from third-party services (as suspected):

Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.

Dropbox claim the passwords have expired, but no matter what, you should change your password. We still don’t know enough about the hack to recommend otherwise.

Hardware for a successful business

hardware_may12_C-Behind every successful business lies strong back-end support. Having the right people in your business is vital, and being equipped with high quality hardware sets the stage for smooth operations. If you’re not sure which hardware is essential for your business, not to worry, we’ll take a look at five essential pieces of hardware that could improve your business productivity without compromising ease of use.

The desktop or laptop computer

The computer has quickly become the workhorse of almost every business, without which most modern businesses would likely not be able to operate. Whether operating a multi-user workstation, laptop or a desktop, investing in a reliable computer will surely save you from stress and sweat.

When looking for a computer for your business, You’re likely going to use a computer for your business for at least three to five years, so go for one that requires low maintenance. Many businesses opt for a reputable choice, like a Mac, or a PC running Windows. Many of the bigger name brands are known for their friendly user interface and minimal upkeep. For those looking for one with portability, try a laptop or ultrabook.

Regardless which system you choose, you need to ensure your new computer is compatible with your existing software and systems. The last thing you want is to invest in us a brand new machine and have to spend even more on new software or hardware updates.

Mobile devices

If you’re constantly on-the-go, having a trusty mobile device can be like having a personal assistant. Think tablets, e-book readers or even smartphones. Not only are these devices easy to carry around, but a lot of them are equipped with useful work applications and specifications that are capable of performing tasks you would usually accomplish using a computer. Many business owners find that the versatility of a mobile device compensates for its cost.

When it comes to mobile devices, there are three main systems businesses have to choose from:

  • Android – Owned by Google, you will find a wide variety of devices suitable for any need.
  • iOS – Owned by Apple, offers reliable products and a wide number of apps for your business.
  • Windows Phone – Owned by Microsoft, these devices are most suitable for offices that utilize Microsoft’s other services. This is largely due in part to the deep integration between systems.

Laserjet printers

Not every business uses a printer but even if your business is one that encourages a paperless work space; investing in a durable laser-jet printer can save time and energy. At some point you will need to print, whether that is a contract, documents or image files.Some laserjet printers are also equipped with a scanner, photocopy and fax function. With a price tag starting from approximately USD$100, having one in-house beats needing one any day.

Wireless routers

Broadband modems are an integral part of any Internet-connected business, but get your hands on a wireless router and you won’t look back at cables again. Not only does a wireless router keep your office connected to the Internet without cables, it also acts as an Internet splitter, meaning all your devices can be connected from anywhere within router range. Not only that, but most modern wireless routers come with built-in firewalls as well as the ability to limit a network to computers you trust, which means more safety for your computer.

Network servers

While personal computers are capable of acting as a network server, a dedicated server will give you the advantages of faster CPU (Central Processing Unit), high-performance memory and increased storage capacity. A good network server solution can effectively support your database, email applications and other files, as well as provide comprehensive security and backup options.

We recommend talking to a specialist to make sure you are buying the right package for both current and future needs. An IT partner like us can be a huge help in selecting, implementing and managing a comprehensive network solution.

Hardware is available in every market and the sheer amount can make choosing the right solutions difficult. However, once equipped hardware can enhance workflow as well as results.

Looking to learn more about hardware and network server solutions? Contact us today.

How to verify Android apps

AndroidTablet_Apr22_AWhen compared to desktop machines or even laptops, tablets like those running Android have the advantage of great mobility and ease of use, which is why they’ve become the ultimate convenience over the last few years. And because more and more people have come to rely on them for work and communications, the security of tablets has become an increasing concern. As Android tablets run with apps that collect its users’ data, this potentially leaves the device open to threats and other damage, and can inadvertently reveal users personal details, especially if the apps are malicious.

So, how can people protect themselves and make sure that their tablet is only running applications that are safe and secure?

Downloading from a trusted source

Downloading an app from well-known and legitimate sources, like Google Play, Samsung or Amazon, used to be good indicators that a site could be trusted. Since these sites are routinely monitored and scanned for fraudulent apps, you can feel assured that any app you buy from these stores are safe to use. But a recently isolated incident involving an app called “Virus Shield”, which sold on Google Play, has lead users to re-evaluate their downloading habits.

“Virus Shield” became a top selling app with several 5-star ratings on Google Play. It was bought and downloaded by over 30,000 Android users, who went on to discover that the app offered no functionality whatsoever. Dubbed as fake and a scam, the app has since been deleted from the store.

Taking more vigilant measures

To avoid becoming a victim in situations like this, there are several effective ways you can make sure your tablet is not vulnerable to fake applications.

  • Be informed when downloading from a trusted source, read about and research the application before making a purchase. Most people tend not to bother reading the small print and reviews that are published online, or on the store’s site itself. These will give you the information you need to protect yourself risk.
  • Change the security settings of your tablet, and enable or disable features as you see fit. The Android operating system is supposed to come with built-in features that will help detect or prevent any threats. If activated or set accordingly, the system will usually alert users when there is abnormal behaviour from the apps installed in the device.
  • Update your software. Some users may find this an inconvenience and forego updates when they come in. But patches from these updates can fix any bug or vulnerabilities of the tablets, which is why it is highly recommended. Sometimes, updates don’t come automatically, so to check online for this, you can simply go to the setting and find the option for system update.

Use third party anti-virus software

Because the market for tablets is growing, companies offering effective anti-virus solutions are increasingly becoming more reliable. If you are not too sure about downloading free anti-virus software from stores like Google Play, for example, then you should purchase separate third-party software for your Android device, from well-established companies that offer good after-purchase customer service.

Third party anti-virus software may come with monthly or yearly subscriptions, as well as different premium rates for different types of security measures. But do consider the benefits versus the cost carefully, before you make any purchase.

If you are looking to learn more about protecting your Android tablet, contact us today to see how we can help.

Security of devices while traveling

Security_Feb10_AThe 2014 Olympic Winter Games is underway and athletes from all over the world have made their way to Sochi, Russia to compete. As with almost every other Olympic Games, there have been a number of issues for organizers to deal with. However, unlike the last Olympics, one of those complaints is about hacking of mobile devices and computers.

Hacking at the Winter Olympics 2014

Well before the Olympics even started in Russia, the Russian government said that they will be surveilling phone and computer communications. Many scoffed at this, writing off the government as being overly ambitious and boasting about a nearly impossible task. The thing is, the Internet in Russia may not be as secure as many believe, being full of hackers. At least according to a report aired on NBC shortly before the games started.

In the report, reporter Richard Engel took new, never opened laptops and mobile devices to Russia and used them. He found that within 24 hours all of the devices had been hacked, exposing the data stored within.

In part of the segment, Engel and a security expert go to a local coffee shop in Moscow and search for Sochi on a mobile device. Almost immediately the device is hacked and malicious software downloaded. Engel notes that the hackers have access to data on the phone along with the ability to record phone calls.

In a follow-up segment, Engel explains a bit more about the laptop issues. When he boots one up and connects to the Internet, hackers are almost immediately snooping around the information, transferring from the machine to the networks. Within a couple of hours, he received a personalized email from a hacker welcoming him to Russia and providing him with some links to interesting websites. Clicking on the link allowed the hackers to access his machine.

One issue is that it hasn’t been stated in any reports whether the Russian government is behind this, or if it’s hackers out to steal information. While you can be sure that the Russians are monitoring communication during the Winter Olympics, it is highly likely that they are not the ones installing malware on phones, rather it’s probably organized crime rings or individual hackers.

I’m not at Sochi so why do I care?

As a business owner half the world away you may be wondering why this news is so important to you, or why you should care. Take a look at any tech-oriented blog or news channel and you will quickly see that the number of attacks on devices, including malware, phishing, spam, etc. is on the rise. It’s now likely a matter of when you will be hacked, not if.

Combine this with the fact that many businesses are going global, or doing business with other companies at a big distance. This has caused many people to go mobile and the tools that have allowed this are laptops and smart devices. Because so many people are now working on a laptop, phone or tablet, these devices have become big targets. The main reason for this is that many people simply don’t take the same safety precautions they take while on the office or even the home computer.

Hackers know this, so logically they have started going after the easier targets. The news reports concerning Russia highlight this issue and is a warning business owners around the world should be aware of, especially if they are going to be traveling with computers or phones that have sensitive information stored within.

That being said, there are a number of tips you can employ to ensure your data is secure when you go mobile. Here are six:

1. Use cloud services wherever possible

Cloud storage services can be incredibly helpful when traveling. They often require a password to access and are usually more secure than most personal and even some business devices. If you are traveling to an area where you are unsure of the security of the Internet or your devices, you could put your most important data in a trusted cloud storage solution.

This is also a good idea because if your device gets stolen, the data is in the cloud and is recoverable. If you have data just stored locally on your hard drive, and your device is stolen, there is a good chance it’s gone forever. For enhanced security, be sure to use a different password for every service.

2. Back up your data before leaving

Speaking of losing data, it is advisable to do a full system backup of all the devices you are taking with you before you leave. This will ensure that if something does happen while you are away, you have a backup of recent data that is recoverable.

3. Secure and update all of your devices

One of the best ways to ensure that your data is secure is to update all of your devices. This means ensuring that the operating systems are up-to-date and any security updates are also installed.

Also, ensure that the programs installed on the devices are updated. This includes the apps on your phone, including the ones that you don’t use.

You should also secure your devices by not only having an antivirus and malware scanner but also requiring a password to access your device.

4. Watch where you connect

These days Internet connections are almost everywhere. In many public spaces like airports, coffee shops, restaurants, etc. many of the connections are open, or free to connect to, and don’t require a password.

While this may seem great, hackers are known to watch these networks and even hack them, gaining access to every bit of information that goes in and out of the network. When you are traveling, try avoiding connecting to these networks if you can. If you really have to, then be sure not to download anything or log into any accounts that hold private data.

5. Know the risks of where you are going

Before you leave, do a quick search for known Internet security issues in the area you will be visiting. If you find any news or posts about threats you can then take the appropriate steps to secure your system ahead of time.

6. If in doubt, leave it at home

In the NBC report, Engle finishes by telling viewers that if they are at all unsure about the security of their devices, or are worried about their data, they should leave the device at home, or delete the data before going. This is a good piece of advice and maybe instead of deleting data completely, you could move it to a storage device like an external hard drive that you leave behind.

If you are looking to learn more about ensuring the security of your devices while you are away from the office contact us today. We have solutions to help.