Our Blog

January 30th, 2015

web_Dec26_CIt is really important for a business to have a presence online these days. The first step to take to achieve this is to create a website. When businesses set out to develop and set up a new website, one of the most important aspects they need to decide upon is a Web host. Here is an overview of what exactly a Web host is and the two most common types of hosting.

What exactly is a Web host?

When creating a website, you are going to need to find a way to get the files and pages that make up your site online and available for all Internet users to see. In order to do this, you are going to need to work with a Web host who provides space on a server for you to host your website files (what the user sees when they visit your site).

A good way to think of a Web host is as being similar to a company that businesses rent premises from. You pay the company to rent space to host your Website so that you can run your business. Many Web hosts also offer a service called domain hosting, which allows you to create a Web address so users can access your website e.g., google.com, inc.com, etc. Combine these two services together and you have the main foundations for your website.

Beyond simply hosting your website, Web hosts often host domain-based email addresses, website databases, videos, etc. Essentially, whatever needs to go on your website will need to be stored with your Web host.

When you sign up with a Web host you will usually pay a monthly fee, which the company uses to maintain and invest in new servers for hosting, decreased access speeds, and better services.

What are the two most common types of Web hosting?

There are hundreds, if not thousands of Web hosts around the world, but you can fit almost all of them in one of two categories:

  1. Shared hosting - Hosting where multiple, different websites are stored on one physical hosting server. Sites avet their own partition (section of storage) that is kept separate from other sites on the same server.
  2. Dedicated hosting - Hosting where one website is hosted per server. This means you have all of the server’s capacity to yourself. No other websites beyond yours and the other sites you run are hosted.

Which one is best for my business website?

The vast majority of websites on the Internet are hosted via shared hosting services. This is because this way is more affordable, while still offering generally stable access and access speeds. For almost all small to medium businesses who want fairly simple websites, or sites with minimal features, a shared host is ideal.

If your website is going to be large, e.g., thousands of pages, and you are going to need to host complex features like advanced ecommerce, streaming, etc., then it would be best to opt for a dedicated hosting service.

As a general rule of thumb, for most business needs a shared hosting service is sufficient. Dedicated hosting is more suitable for large sites like Google, Amazon, government sites, etc. Our site at www.aztechworks.com is in a shared hosting environment and suits us very well.

There are a wide-variety of Web hosts out there and it can be a challenge to select one that works well for your business. What we recommend is contacting us. With our expertise and solutions, we can help find a Web host that will work best for your website and business needs. Contact us today at 623-444-2395 or ask@aztechworks.com to shine the spotlight on your online presence.

Published with permission from TechAdvisory.org. Source.
Topic Web
January 29th, 2015

socialmedia_Jan20_CRegardless of the industry in which you operate, it’s undeniable that social media has become an essential platform for many businesses of all sizes to easily engage and interact with customers and potential customers, as well as boost visibility. But there’s more to social media than market reach and penetration and it can prove to be a powerful tool for driving dynamic business development too.

In most cases, a business development manager already has an idea of the kind of company with which to partner. Their next step is to contact that company via a phone call or email. However, this can be an unreliable way to reach out, especially when your potential partner has never heard of you. Social media speeds up this process by identifying the best person to contact, as well as determining if you have any mutual connections.

Simply put, social media lets you understand the background of different companies and gives you an idea of the different players involved, before you even engage in a dialogue. With this in mind, let’s take a look at four ways you can utilize information available on social media to enhance your business development success.

  1. Social media is an extra pair of eyes
    Social media allows you to see first-hand what potential partners, competitors, and customers are doing, which is a major asset when it comes to your business development and performance. This can also reveal business-relationship possibilities or even warn where it is best to stay away. It’s crucial to position yourself and your company as industry experts by sharing mind-blowing content as well as highlighting recent successes.
  2. There’s no universal message in social media
    The way people behave and connect across different social media platforms varies, therefore it is important to adjust accordingly. For instance, you might use Twitter to promote ongoing marketing campaigns, share content, and direct customer service requests. You may use Facebook for larger marketing initiatives, such as showcasing a company’s culture and resources. It’s important to remember that there’s no universal rule to utilizing social media and that it is beneficial to be flexible. Think about what your individual goals are and work out which social media platform is the best avenue to explore. Test and measure and then test and measure again to get a finer point on your posts and direction to get maximum results.
  3. Leverage employee relationships
    If you’re looking to connect with an individual in a specific company, make it a habit to check and see if anyone in your company has a pre-existing relationship with that person. Social media channels like Facebook and LinkedIn make it fairly easy to spot mutual connections, so it is a good idea to get into the habit of checking. Whether you ask your colleague to help make an introduction or to arrange a meeting, a mutual connection gives you the competitive edge in effective business development.
  4. Use social media as a touchpoint
    Social media is not only essential to business development, but also complements other more traditional practices, such as when you’ve sent an email or voicemail to a business prospect that has gone unanswered. It’s understandable that people get so busy they can delay, forget or pass over an inquiry, but instead of passively waiting for a reply, why not make it standard practice to follow up separately via LinkedIn or other social media platforms? This way you can build additional opportunities with potential partners, increase the likelihood of a response, and even forge a future business relationship.

The fundamentals of business development are strong relationships with a partner or companies with a good reputation, who will have a positive impact on your business, such as marketing an initiative collaboratively. Social media can get this whole process started, so the next time you’re looking to contact a business prospect or potential partner, start by visiting their social media channels to get the heads up to help you in your quest.

Looking to learn more about the benefits of social media in business? Contact us today at 623-444-2395 or ask@aztechworks.com.

Published with permission from TechAdvisory.org. Source.
Topic Social Media
January 28th, 2015

AppleMacOS_Jan16_CDespite Macs being full of shortcuts and tricks and tools to speed up your work processes, we all know how easy it is to fall out of the habit of using them and instead to go back to our old habits. Yet with the New Year comes the perfect opportunity to get back on top of your game and put all those shortcuts to good use in using your Mac to ease work pressures. Speed up, wise up and clean up with these productivity-boosting Mac hacks.

Make searching easier

Need to hunt down a file? You can make the process easier by not searching for just one word, or even a series of words in sequence, but by instead searching for a logical combination of terms as a Boolean expression. Boolean expressions combine search terms with conditions like ‘and’, ‘or’ and ‘not’ to specify whether you want results that contain all, or only some, of your search terms. These expressions are supported by native Mac apps including Spotlight, Mail and Calendar, and by plenty of third-party apps too.

For instance, if you wanted to track down client invoices that have not yet been marked as paid, you might begin by searching for files containing the word ‘invoice’. This term alone would bring up plenty of results you had no interest in, but by using a Boolean expression which takes the terms ‘and’, ‘or’ and ‘not’ to create a logical statement, you could run a search for ‘invoice NOT paid’.

Protect your passwords

We’ve all heard the recommendation that our passwords should be long, difficult to guess and full of unnatural-feeling characters like mixed-case letters, numbers and punctuation – easier said than put into practice. Add to that the fact that, if we want to be truly secure, we shouldn’t use the same password for more than one account, and suddenly creating hack-roof passwords becomes a real challenge. Even once you’ve invented them, how on earth are you supposed to remember all of these different passwords?

Well, there’s an app for that. Or several, to be precise – the Apple-specific iCloud Keychain syncs your passwords across your devices and then fills them in when necessary, remembering what you can’t. Or as an alternative and for cross-platform compatibility, programs like RoboForm, 1Password and LastPass are good alternatives. We make extensive use of RoboForm so we have secured access to  account passwords on our Macs, Windows Machines, iPhones, and Android devices.

Simplify your coding

Does your day-to-day work involve writing of some kind? You can make your job simpler by forgetting often difficult to read HTML code in favor of much friendlier, more attractive and easier to work with Markdown code. Based on plain text, Markdown is compatible with almost all word processors, meaning you don’t need to worry about using a specific text editor for fear of risking the corruption of your code. Simplified codes, such as Marketing to create a hyperlink, are transformed into formatted documents by a converter that takes the effort out of writing.

Numerous versions of Markdown have expanded upon the original idea to add additional features and bring further design richness to your finished document, but all of them offer the basics you’ll need to produce in your writing. Examples of apps that act as dedicated Markdown editors are Marked 2, iA Writer and Editorial.

If you’re looking to learn more about productivity tips or other Mac features, get in touch with us today at 623-444-2395 or ask@aztechworks.com and see what we can do to help.

Published with permission from TechAdvisory.org. Source.
Topic Apple Mac OS
January 27th, 2015

Security_Jan12_CThe scale of the recent security breaches at Sony, which led to the cancellation of The Interview’s theatrical release, can make the company’s problems seem beyond the realm of the average small business. But the security mishaps that created the circumstances for the hack are as applicable to us small business owners as they are to multimillion dollar corporations. These three tips will take you back to security basics and help avert your own big-screen drama.

1) Don’t let basic security habits slip

Our modern-day instinct tells us that the answer to potential security breaches is to install new layers of antivirus software, firewalls and further encryption systems. While these are all worthy additions to your company’s armor of security shields, they will do little to help if good old-fashioned good, protective habits are allowed to slide.

Create a disciplined, from the top down, security-conscious culture in your organization, and keep the message simple so that staff remember and follow them. Focus on regularly changing passwords and keeping them complex (10 or more characters with capitals, numbers, and symbols), being vigilant about avoiding unexpected links in email messages, and limiting network access for the likes of external contractors to that which is absolutely necessary.

One of the ways hackers made their way into the Sony network was by tricking administrators into thinking they had a legitimate need for access: teach your staff to be careful, and praise cautiousness even if it turns out access is warranted. Encourage staff to flag up potential security lapses, and make sure they know that reports will be followed up and loopholes closed.

2) Take a flexible and agile approach to IT

IT changes, and so do the ways best suited to keeping it safe. This means it is vitally important to keep your IT systems up to date, and where necessary to do away with outdated practices that could leave your business technology exposed. This involves more than just ensuring that your network is running updated antivirus software to catch the latest bugs and worms – it means staying abreast of emerging methods to mitigate potential threats from hackers worldwide.

All of this uses staff and resources that your small business might not have – which is where outsourced managed services come in. Using a managed service provider as an add-on to your own IT team can give you extra flexibility and the ability to keep abreast of industry security developments, even when you lack the time to do so yourself.

Equally, know when it is time to ditch data – think of emerging social networks like Snapchat, which set messages to self-destruct after a set time, as your cue to make your data retention policy less permanent, particularly in relation to email. If you no longer have a business need or a regulatory requirement to retain information, then delete it – in the process you can limit the possible damage even if the worst should occur and you fall victim to an external attack.

3) Backup, backup, backup!

The last thing you want in the event of a security breach is for it to hit your day-to-day operations – the potential damage caused by the hack itself is likely to give you enough to worry about. But that is exactly the situation Sony found itself in after its latest hack, with its email system down and staff forced to return to the days of pen, paper and even the fax machine.

As well as ensuring alternative means of communication remain open to your business in the aftermath of a possible attack, it is also vital to make sure that you retain access to the information most critical to your work. Regular, secured backups help ensure that, whatever happens, the show is able to go on and your firm’s productivity and revenue are not unduly hit. Engaging professionals to undertake your backups on a managed service basis also means this can happen routinely and without fail, while you stay focused on running your business.

Want to learn more about how to reduce your IT network’s vulnerability to attack? Call us at 623-444-2395 or ask@aztechworks.com.

Published with permission from TechAdvisory.org. Source.
Topic Security
January 15th, 2015

Microsoft will no longer offer mainstream support for Windows 7 after January 13th. The end of mainstream support means the operating system will no longer receive new features. The company will continue to offer security updates and hotfix support.

Starting Thursday January 13  Microsoft ends mainstream support of the 5 year old operating system. From then on the company will only offer extended support on Windows 7. The extended support stage ends at January 14th 2020 after which Microsoft will no longer offer updates and security patches. SO no need to panic yet.

Although Windows 7 is half way its lifecycle, the operating system is used by more than 50% of all internet users, according to research companies StatCounter and Net Applications. According to Net Applications the market share of Windows 7 increased last year, due in part of Microsoft no longer supporting Windows XP.

The end of Window XP supported resulted in more companies and consumers switching to a newer Windows version. Many companies decided to ignore Windows 8 and move to Windows 7. Despite the migration of XP users, StatCounter reported a decrease in Windows 7 users, mainly in benefit of Windows 8.1

Market researcher Gartner warned companies in August last year to prepare for the end of support of Windows 7.  “The end of Windows 7 support seems far away, but the time between when the next version of Windows 10 may ship, and support for Windows 7 will end, is about the same timeframe as from when Windows XP support ended”, said Stephen Kleynhans from Gartner.

Microsoft will also no longer offer support on other products starting tomorrow. Besides the end of mainstream support for Windows 7 the company also ends support for Virtual Server 2005, Systems Management Server 2003, Host Integration Server 2004, Visual FoxPro 9.0 and Windows CE 5.0.

 

January 13th, 2015

cryptowallCryptoWall is the latest strain of ransomware  to rise to prominence, extorting more than $1 million from victims and wreaking havoc on thousands of police departments, businesses, and individuals across the globe.

On the surface, CryptoWall is similar to its better-known predecessor Cryptolocker, another strain of crypto-ransomware that came out last year or so. But there are many differences.

Victims are typically infected with CryptoWall by opening a malicious email attachment, though drive-by-downloads on infected websites are also possible. The email attachments are often zip files that contain executables (programs) disguised as PDFs.

Once on the system, CryptoWall scans the internal hard drive of the computer all mapped drives of any connected servers and encrypts or scrambles important files. A text file then opens to explain the situation: the victims’ files are encrypted and a ransom must be paid to unlock them. The ransom is typically $500 in Bitcoins, which will double if not paid within seven days.

Threat of a different color

A few features of CryptoWall 2.0 highlight the growing sophistication of ransomware. Information comes from a recent in-depth analysis:

  • Avoids sandboxing – CryptoWall infection begins with a “dropper” that enters the user’s system. The dropper first checks whether it is operating in a virtual environment before downloading and installing the core malware files. If a virtual environment is detected, the download and installation do not occur. This is a great case for using virtual environments in small businesses!
  • Disguises files – Critical parts of CryptoWall arrive with multiple layers of encryption. This is to avoid detection by security products until its too late.
  • Tor network – CryptoWall uses the Tor anonymity network for its command-and-control communication. This makes it much harder to find and shut down the ransomware’s servers.
  • 32 bit and 64 bit – The malware can detect if it is in a 32-bit or 64-bit Windows environment and execute the corresponding version of its code.

How to remove CryptoWall

CryptoWall removal is typically not a challenge. A simple scan with antivirus/antimalware software can handle it in minutes.

The real challenge is how to decrypt/unscramble the files once they are locked. Even after the malware is removed, the files will remain encrypted. Unlocking them without a key is practically impossible.

Once files are locked, the only hope of unlocking them is to pay the ransom. This is likely to work but it is far from guaranteed and we do not recommend it (feeding criminals just makes them worse). A better idea is to remove the malware, delete the encrypted files, and restore them from backup if possible. You can work with your IT service provider on cleaning up after the infection. However prevention is the best medicine.

How to prevent CryptoWall

The old adage that an ounce of prevention is worth a pound of cure could not be more right in this case. How to prevent and mitigate a CryptoWall infection:

Block – Use a good email filtering service so that the malicious attachments that install CryptoWall are blocked and never get to you. Work with your IT provider to block CryptoWall traffic using your business-class router/security device. The associated with IP currently is 146.185.220.0/23. If you are using a consumer-class router for your business (something you purchased maybe from BestBuy or Staples in the $100 to $200 range), you need to throw that piece of junk away right now and get a security device/router/firewall.

Patch – Always maintain the latest versions of your router firmware, antivirus, operating systems, and 3rd party software like Java and Flash.

Educate – Explain to users the dangers and warning signs of phishing emails and suspicious attachments.

Backup – Maintain and routinely verify backups of all important files both onsite and offsite. Test them often. Ensure they are configured to prevent backup of infected files.

Plan – Assume disaster is inevitable. Plan how you will respond.

Configure – Adjust security settings to prevent forced downloads.

Control – Use web filtering to control the sites users can access. Use egress or outbound traffic filtering to prevent connections to malicious hosts.

January 13th, 2015

In an attempt to push users toward the most recent installment of Internet Explorer (IE 11), Microsoft has announced that, as of January 2016, all older versions of Internet Explorer will reach their end-of-support date. This means discontinued patching and security update support, putting all who refuse the upgrade at risk.

As with all good things, they must eventually come to an end. For some, this might be a breath of relief, while for others it may seem like a bit of a letdown. Believe it or not, some people are still opting to run the less secure Windows XP when they could update to something much nicer and more secure. But, according to Microsoft, on January 12, 2016, “only the most recent version of Internet Explorer available for a supported operating system will receive technical support and security updates.”

Though most older versions of Internet Explorer have long since been eradicated from public use, Internet Explorer 8 remains one of the more popular versions of the web browser. According to NetMarketShare.com, worldwide browser usage on desktop operating systems are:

These numbers do not reflect mobile OS usage, but as you can see, Internet Explorer 8 is the most widely used version of Internet Explorer. Windows XP may have reached its end-of-support date in April 2014, but Internet Explorer 8 is still going strong on a number of machines (both XP and non-XP).

This change in policy won’t just affect IE 8 users, either. Internet Explorer 9, while being supported on Windows Vista, will reach its end-of-support in 2017. Internet Explorer 10 will also only be available on Windows Server 2012, leaving Windows users with a decision; continue to run unsecured web browsers, or upgrade to a more recent operating system. According to ZDNet, 98 percent of all Windows users will be required to have Internet Explorer 11, if they desire to use Microsoft’s web browser with security updates and patches.

This puts some businesses in tricky situations, as some of their applications may not operate without older versions of Internet Explorer. Microsoft offers an enterprise mode for IE 11, which lets you access backward compatibility for your legacy applications while you upgrade to more modern technology. There might also be wiggle room for businesses to receive patches, similar to the Windows XP deals some businesses have made (for a hefty fee, of course), but it would be much more economical in the long run to just upgrade away from your legacy software.

January 6th, 2015

Looking back at it, 2014 was a great year for Apple. From the iPhone 6 to iOS 8 and OS X Yosemite, along with other new products, there were many useful products and systems introduced. Now it is time to look forward to 2015 and what tech developments we might benefit from in the year ahead. Here are five changes we expect from Apple in the foreseeable future.

 

 

1. Apple focuses more on business solutions

Early in 2014, Apple announced that they would be entering a long-term partnership with enterprise giant IBM. The idea behind this was that Apple would work with IBM to develop a better way to bring mobile solutions to businesses and whole industries.

Up until now there has been little announced beyond this initial partnership. However, you can expect that both IBM and Apple are working on big developments that could debut in 2015. One indicator of this is the way many Apple products, mobile devices especially, are being integrated into businesses. Most devices, like the iPad, enter the business via an employee bringing them to the office (BYOD), and using their own device for work.

While this has worked well for many companies, the business side (apps, marketing, company-wide management, etc.) has largely been lacking or unsupported. It is a fair belief to think that Apple will continue to develop products in 2015, but leverage the IBM partnership to make devices easier to use and integrate into business; while also taking advantage of IBM’s wide industry expertise to launch industry-specific apps and services.

 

2. A larger iPad

Rumors started to fly about Apple developing a larger iPad for release some time in 2015. The word is that they are working on a 12.9 inch device that is supposedly being targeted to be a replacement for low-end PC’s small netbooks.
This device could be great for businesses, especially those with employees who are on the road a lot, or who work directly with clients. Think about it: A highly portable tablet with enough screen space to run most apps, combined with a subscription to Office 365 or Google Apps, with a possible keyboard case. It could very well be a great solution for many businesses.

We can’t say when, or 100% for sure if this device will be released, but signs and rumors are pointing to a likely launch in 2015.

 

3. Apple Watch

This prediction is pretty much a no-brainer, largely because it has already been announced. Scheduled to be released in the spring of 2015, the Apple Watch should be the wearable of the year. Like most other Apple products, this will no doubt be a popular product with high demand from the domestic market.

At this time however, it really doesn’t look like there will be much use for this product for businesses for the time being. Sure, it provides a convenient way to interact with your phone, but many businesses will likely see it as more of a distraction than a help. That being said, some employees will probably purchase one privately so you do need to aware of this device, especially when it comes to your BYOD program and it the device is used for business activities.

 

4. An incremental update to the iPhone

With 2014 seeing the release of both the iPhone 6 and 6 Plus, Apple brought some high-powered devices to the market that were a big step over even the iPhone 5. In 2015, Apple will likely have a hard time outdoing the iPhone 6, so will likely introduce a small update to the phone instead.

This version will probably have an improved processor and some small improvements that will make the phone a little more competitive, with other devices released in the coming year. We don’t however expect an iPhone 7 or 7 Plus this year.

 

5. A smaller update to OS X

The past two years have seen back-to-back big versions of OS X drop. The most recent version, Yosemite, was a new design introduced along with a number of new features that brought the desktop operating system closer to Apple’s mobile operating system iOS.

In 2015 you can expect a new version of OS X to be unveiled and likely released, but we are pretty sure that it won’t be as big of an update as the last two. From what Apple has said about these systems, it looks like most features introduced in the next version of OS X will bring the iOS and OS X even closer together.

We’re curious to know what you would like to see from Apple in 2015. Let us know!. And, if you would like to learn more about implementing any existing Apple devices into your business, contact us today.

 

Published with permission from TechAdvisory.org. Source.
Topic Apple Mac OS
January 1st, 2015

hardware_Dec25_CAn antivirus scanner is one of the most essential parts of any security plan. These useful programs scan computers and systems for potential infections and get rid of them, ensuring your files and systems are safe. Because many of these protection programs are subscription based however, it can be easy to let the validity expire. If this does happen, is it really such a big deal though?

What happens when an antivirus subscription expires?

While each program will treat an expired subscription slightly different, generally speaking, most will still function in some way. You will normally be able to run a scan, but you likely won't be able to deal with any malware or security threats. Features like automated scanning will also be turned off.

Other programs will stop updating the essential virus and malware databases that are used by the program to identify and clean new malware. This means that while you will be secure from known viruses and security flaws up to the date of the last database update, you will not be secure against newly discovered viruses.

Some popular programs like Kaspersky offer an antivirus scanner trial version or a program that comes with a newly purchased computer.With programs like these, they will normally stop functioning once the trial period is over. Yes, they will still open, but you won't be able to scan or perform any tasks.

In short, when your subscription expires, your systems will no longer be secure, or as protected as they should be. Interestingly enough, in mid-November 2014, Microsoft released its Security Intelligence Report 17. This report found that computers and systems with expired malware were only slightly less likely to be infected than systems without any malware scanners installed.

What do I do if my subscription is about to expire?

Before your subscription expires you should take steps to back up all of your systems and data. The reason for this is that should something happen you have a clean backup to revert to. Once this is carried out, then consider renewing your subscription. Most programs allow you to do this directly from the scanner itself, so it is often fairly straightforward.

As a business owner however, you are going to need to keep track of your systems and licenses. What we recommend is creating a spreadsheet with information on the subscription applied to all systems. Take account of when the scanner was installed on each system, how long the subscription period is for, and when it will expire.

What if my subscriptions are about to expire, but I don't like my current program?

There may come a time when the scanner you have selected simply isn't living up to your expectations. Maybe it takes too long to scan, uses too many resources, or simply isn't able to protect all of your systems. Regardless of the reason, switching scanners is always an option.

If you are thinking of moving to another scanner, we strongly recommend that before you do anything, you back up your systems. You can then start looking for other systems. We strongly recommend that you contact us, as we can help identify a solution that will work for your business and systems. We can then help ensure that the transition is carried out in a way that will not leave your systems open to attack.

We may have a managed antivirus solution that will work for your business. By using a system like this, we can help protect your systems, keeping them secure and always up to date, all without you having to get involved. All you need to do is get in touch to find our more.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
December 31st, 2014

security_dec24_CWhen looking into the ways companies are hacked, you quickly realize that there are so many different tactics out there that it is mind-boggling. One of the more effective methods used recently is spear phishing, and in early December 2014, a new spear phishing attack was uncovered. This threat, while directed at larger organizations, could be turned against smaller businesses as well, and is therefore worth you knowing about.

What is spear phishing?

Spear phishing is an advanced form of phishing where attackers troll the Internet for relevant information about you and then create a personalized email that is sent to you. This email is usually developed so that it appears to be coming from a friend or trusted partner and contains links to a site or program that can initiate an attack or steal information.

More often than not, these links are to websites where you enter account information, passwords, and even bank account details, or any other personal information which can be used to break into computers and even steal your identity.

What is this latest spear phishing attack?

This new form of spear phishing, being carried out by an organization who calls themselves FIN4, has actually been around since as early as mid 2013. When they attack Wall Street listed companies they are doing so to steal valuable plans and insider information.

What we know is that they send highly savvy and targeted emails to people at a company, trying to harvest Microsoft Outlook account information. Once they have this crucial data they then target others inside, or connected to, the organization, with the same email, while also injecting the code into ongoing messages. This method can spread the attack quickly, leading to a potentially massive security breach.

In the email examples of this phishing threat, the attackers write mainly about mergers and other highly valuable information. They also include a link to a forum to discuss the issues raised further. These emails come from people the recipient already knows, and the link is to a site that asks them to enter their Outlook account and password before gaining access. When this information is entered, it is captured by the attacker and used to launch more attacks.

What can we do to protect our systems?

From what we know, this attack is being carried out largely against law firms, finance companies, and other large organizations. While this discounts many small businesses, there is a good chance that the attackers will turn to small businesses operating with larger companies at some point.

Because this is an email-based attack, you need to be extra vigilant when opening all emails. Be sure to look at the sender's address, and read the body of the email carefully. While hackers generally have good English skills, they aren't fully fluent, which means you will notice small mistakes. Also, keep in mind previous emails sent by the recipient. If the tone and style is off, then the email may be fake.

It is important to always look carefully at all links in email messages. If a link looks suspicious, then ask the recipient for more information or to tell you where the link goes. If you come across any site asking you to enter account information, be extra careful. Look at the URL address in your browser, if it doesn't sat HTTPS:// before the address, then it may be a good idea to avoid this.

If you have any questions on spear phishing and how you can prevent it, contact us today to see how we can protect your business.

Published with permission from TechAdvisory.org. Source.

Topic Security