About Sandra Viveiros

This author has not yet filled in any details.
So far Sandra Viveiros has created 128 blog entries.

5 Essential Web Design Tips

By |2018-06-16T11:23:21-04:00June 16th, 2018|Uncategorized, Website Design|

A solid website design will bring more traffic to your website with the increase in potential customers and excellent advertising of your business. Living in this digital age where technology and design is on the cutting edge, it is very important to update your content, and sometimes the look/layout of your website.

By providing a reliable and easy source for potential customers to find your business’ services and products, a large positive impact will build your business’ reputation within your community and around the world.

Here are 5 helpful tips when it comes to creating that masterpiece on the web:

1) Use the Right Typography

Choosing the right style and size of font for use on your website doesn’t seem to be a priority; however it can make or break any website. Since most of the website will consist of text of some sort, be it: describing products and services, banners, or information about your company, make sure to pick a font that is legible (including font size), good contrast on the website, and similar to what you’ve already decided upon for your logo.

(more…)

Over 90,000 Canadians at Risk After BMO and CIBC Bank Client Data is Compromised

By |2018-06-13T12:46:52-04:00June 13th, 2018|Uncategorized|

On the morning of May 28, 2018, CIBC owned bank Simplii Financial and the Bank of Montreal went public, both revealing that the personal information of thousands of customers had been stolen by hackers. Simplii Financial reported approximately 40,000 customers accounts compromised, while BMO reported 50,000 [1].

It is unaware how the data was breached; however, a letter was sent to media outlets across Canada by an individual who claims to have the stolen personal data. The letter threatens to sell the data to “criminals” if a $1-million ransom is not paid by 11:59 pm on May 28th by the banks. It is still not public if this ransom was paid out or not [2].

A BMO spokesperson, Paul Gammal, commented that BMO is “proactively contacting customers and taking all available means to protect their accounts, including blocking online and mobile access to accounts that may have been impacted, personally calling each impacted customer, as well as offering them free credit monitoring” [3]. However, customers of BMO and Simplii are still experiencing long wait times on refunds for the fraudulent transactions onto their credit cards.

Is it enough to be reactive, and not proactive?

With the new Digital Privacy Act coming into effect Nov 1st 2018, Canadian companies are required to disclose to clients when their personal information has been compromised due to a security breach [4]. With cybercrime becoming more advanced and ransomware attacks bound to have more media coverage, an attacked business may be irreparable without significant procedures in place for data protection and business continuity.

For small-to-medium size businesses (SMBs), it is no longer a matter of “if” ransomware will affect your business, but a matter of “when.” Paying the ransom is never the right choice either, with 13% of business in Canada who paid did not get returned the data that was stolen from them. Here are some more concerning statistics:

  1. SMBs paid $301 MILLION to hackers in the last year.
  2. Construction/Manufacturing is the top targeted vertical for hackers this year.
  3. 79% of providers report 1-5 attacks against SMBs, 21% report 6+ attacks.
  4. 26% of IT pros reported multiple attacks against SMBs in a single day.
  5. Cryptolocker is still king with 84% of IT pros still battling this giant.
  6. Less than 1 in 3 incidents of ransomware are reported to authorities.
  7. 33% of MSPs report ransomware encrypted an SMB’s backup.
  8. 75% of IT pros say an attack lead to business threatening downtime.
  9. 4% of IT pros report mobile #ransomware attacks in the last year.
  10.  An estimated 5% of global small-to-medium businesses (SMB’s) fell victim to ransomware from 2016-2017.

It is more important than ever to have significant procedures in place to protect SMBs from cybercrime. A business that is unaware and unprepared is at extreme risk to an unfulfilling end.

Feel free to Contact Us for more information on our data protection services.

Phishing Email Compromises Client’s Office 365 Email Account

By |2018-05-09T11:39:36-04:00May 9th, 2018|Office 365 & G Suite, Uncategorized|

Last week one of our client’s LinkedIn account and Office 365 email account was compromised by a phishing scam. An email was then sent from this user’s compromised Office 365 email account with the subject ‘John Smith has shared “CEO Emails” with you’ with a PDF attached containing a link to log into a Dropbox account to view this document. This email went out to all contacts this compromised user has ever emailed from their Office 365 email account.

Image 1

image 2

Some recipients who received the email and felt it was suspicious replied to the user’s email address, and the recipients received one more email confirming that in fact ‘It is legit. Please proceed to view in Dropbox’ from the user’s compromised mailbox. The hacker gained access to the user’s email and sent out reply emails confirming the Dropbox email to try and trick people to get more credentials. The hacker also added a rule to move all incoming emails to the delete folder. If you entered your information into the Dropbox screen it would tell you ‘please try again later, the services are down’.

image 2

image 4

One of these phishing emails were also sent to our E-Tech Helpdesk Ticketing System and we were in contact with the client right away. We reset the user’s compromised mailbox password and the user changed their LinkedIn Password. We increased the security and compliance to the next level, by enforcing two-factor authentication and enforcing password policy. We scanned this user’s computer for malware and viruses, but nothing was found. We confirmed that the malware/virus is quarantined at Office 365 cloud by generating anti-malware, anti-virus, and spam reports from Office 365 and confirmed no other mailboxes were compromised.

The best tips to avoid this type of Phishing scam are to:

  • Enforce password policy every 42 days
  • Enforce Password complexity (using symbols, capitals, numbers etc.)
  • Enforce Two-step Factor Authentication on both your personal and work emails
  • Open only Microsoft documents (Word, Excel, PowerPoint), and Adobe (PDF)
  • If you receive PDF or word document attachment, make sure it’s making sense to you and relates to your work (hover over the link first to see where it will take you, example: if its Dropbox it should say https://www.dropbox.com LinkedIn should be https://www.linkedin.com)
  • Avoid opening social media links attached in the email or inside PDF, or word document files
  • Pay attention to the sender email address that is in the ‘From:’ address box, and the domain that the email was sent from (hover over the email address, see if its legit, example: if its Dropbox it would say someone@dropbox.com if its LinkedIn it would say someone@linkedin.com)
  • Pay attention to the content of the email. If you see grammar mistakes, please confirm with the sender and mark this email as spam (instead of replying to the email you’re not sure about, call the user or email them in a new email thread)

Here are some links for more information on Phishing Hacks:

https://www.microsoft.com/en-us/wdsi/threats/support-scams

https://blogs.technet.microsoft.com/office365security/how-to-deal-with-ransomware/

https://dev.etechcomputing.com/how-to-identify-phishing-emails/

https://dev.etechcomputing.com/beware-phishing-scam-for-office-365-users/ 

Feel free to Contact Us for more information.

Recent Windstorm and the Importance of Having a Business Continuity Plan

By |2018-05-09T10:44:56-04:00May 9th, 2018|Uncategorized|

On Friday, May 4, 2018 there were major power outages due to the windstorm that hit Ontario and Quebec. Power outages and road closures continued for days after the storm. Gusts of wind between 90 – 110 km/hr knocked down many hydro lines, trees, damaged thousands of homes[1], and caused 3 unfortunate deaths[2]. As of Friday evening, Toronto Hydro reported 30,000 customers without power, Hydro One reporting 126,000 customers without power[3]. Even flights were grounded at Toronto Pearson International Airport and Billy Bishop Airport. No flights were allowed to land and no flights could take off[4].

This caused huge impact for some businesses that were operating last Friday. Some businesses were forced to shut down early and close its doors to customers. Whether they had no power or had part of their roof torn off, business was impacted for the day[5][6].

Every business must prepare for the worst. Those that don’t may never fully recover from a disaster. But not all disasters are created equal. And not all businesses are at risk for every kind of disaster but as we saw here in Toronto last week, severe windstorms do happen. It’s important to have a Business Continuity Plan in place for any kind of disaster including but not limited to: flood, fire, wind or thunder storm. Last Friday’s major windstorm didn’t impact any of our customers because of the redundancy of our managed services, we had ZERO outages.

A windstorm, of course, can force a business to have to relocate all its operations temporarily or be forced to shut down a few days. Below we have outlined the 3 Key Principles of a Business Continuity Plan:

  1. Get employees involved. Business Continuity Plans only work if everyone understands them. Employees are also a great source of ideas and insights about how your business might be affected by a disaster. Business must communicate Business Continuity Plans to employees regularly.
  2. Keep customers in the loop. Customers are the lifeblood of every business. They should be treated as such even during a disaster. Alerts on the company website, email broadcasts, social media and text messages to key contacts’ mobile phones are all good ways for a business to express concern about the impact of a disaster on its customers. That level of service can even help transform a disaster into an opportunity for greater long-term customer loyalty. Collaborate with suppliers. Businesses increasingly work in tightly interdependent networks of suppliers and partners. By working collaboratively with these third parties, businesses can make themselves even more resilient and well protected against disasters large and small.
  3. Periodically test and update Business Continuity Plans. It’s not enough to formulate a plan once and put it on paper. Assumptions about a plan should be validated with real-life testing. Plans also must be updated continuously to ensure that they accommodate changes in the business’s products, services, relationships, size, geographic reach, etc.

In conclusion, data backup is not enough. Many businesses think they’re safe just because they’ve backed up their critical files. The problem is that those files depend on applications and systems to be of any use to the business. That’s why, in the event of a disaster, it’s essential to be able to run applications on-demand from virtual machines backed up in the cloud.

Feel free to Contact Us for more information.

Title

ABOUT US

201 Consumers Road
Suite 204
Toronto, Ontario
M2J 4G8
(647) 361-8191

EXPERTISE

HELPFUL LINKS

E-Tech. All Rights Reserved 2024.

Accessibility by WAH
Go to Top