Office 365 & G Suite

End of Life for Microsoft Office 2010 + Office 2013 on 365

By |2020-11-18T14:20:03-05:00November 18th, 2020|IT Support, Office 365 & G Suite, Uncategorized|

If you’re still running your business on Microsoft Office 2010 applications, your luck is starting to run out. According to Microsoft, Office 2010 has stopped receiving support since October 13th, 2020. Microsoft will also no longer support Office 2013 connecting to Office 365. Now is the time to upgrade to latest version of Microsoft Office, 2019.

What does this mean for you?

You can continue to use Office 2010 without any issues, but after October 13th, you will no longer be provided with technical support, bug fixes, or security fixes for Office 2010 vulnerabilities that may be reported or discovered. This includes security updates which can help protect your PC from harmful viruses, spyware, and other malicious software. Any functionality issues with Office 2013 or earlier connecting to Office 365 will be a billable service as it is no longer supported.

Why should I upgrade?

You might ask, are security and feature updates really that important for my business operations. The answer is a resounding yes!

The well-informed might remember the worldwide cyber attack known as “WannaCry” that struck over 200 000 computers in 2017. This form of ransomware encrypted the computer’s files and demanded ransom payments from companies in order to get them back. How could this happen? WannaCry attacked computers who were still running older Windows operating systems and had not yet been upgraded to the most recent security upgrades.

If you get a security breach, the amount of downtime and recovery could be devastating to deal with especially if you’re a small business or non-profit.

How can E-Tech help?

The best practice with all security risks is to act on them as soon as possible. You can be sure that you’re at risk immediately when the support ends. We can initiate your upgrade seamlessly for you, leaving you stress-free. We encourage you to contact us to to get started.

>

Top 4 Fraud Trends of 2020 and How Criminals are Targeting YOUR Business

By |2020-01-15T12:09:05-05:00January 15th, 2020|Cyber Security Awareness, Dark Web Monitoring, IT Support, Office 365 & G Suite, Uncategorized|

If we asked you to guess which category of crime that continues to inflict companies of all sizes with damages amounting to billions of dollars annually, you probably wouldn’t think it’s cyber crime. Staying updated on the latest attack types and prevention techniques is the only way to future-proof your organization. Facebook was one of the World’s Biggest Data Breaches and Hacks just last September with 419,000,000 compromises. That’s why we have compiled here 4 fraud trends of 2020 from our experts that you won’t want to miss:

Fabrication

Synthetic identity fraud is initiated when a hacker procures a social security number by theft or purchase on the Dark Web, and then fabricates an associated name, DOB, email account, or phone number. From there, the fake identity is legitimized and nurtured in order to exploit lines of credit. Once a fraudster is able to become an authorized user, a process that typically takes 5 months, the “bust-out” is ready to be executed. When the dust settles, creditors and businesses are left with dummy accounts filled to the brim with credit card maximums, loans, and cell phone/utility plans. An example of this is was seen last month in September, where a Toronto man was out $2,775 after e-transfer fraudsters impersonated him on email.

Ransomware

The “R word” can send chills down the spine of any business owner, and for good reason. Two cities in Florida were forced to pay over a million in aggregate bitcoin ransom, only after losing access to phone and email systems for multiple weeks. Municipalities are not alone, and a quick glance at data breach news headlines on any given week will reveal SMB attacks as well. 

Account Takeover

Understanding how criminals are targeting your business or vertical is a fundamental component to any sound cybersecurity strategy. Nevertheless, “the nature of work for a CISO is often reactive”, tasked with establishing a Security Operations Center filled with analysts who are looking to spot a needle in a haystack. On the other hand, the commoditization of crimeware and “spray-and-pray” techniques have led to a higher frequency in breaches, many of which are executed by non-sophisticated hackers. Solving account takeover fraud at the small business and medium enterprise level in today’s world requires purpose-driven teams and technologies that can protect your business smarter and more efficiently. 

Universities and Municipalities

Just last summer, three US universities disclosed data breach incidents within a two-day span. However, this pales in comparison to 2018’s highlight. In March 2018, nine hackers breached 144 US universities, charged with stealing 31 terabytes of data worth roughly $3.4 billion in intellectual property. Such breaches have a ripple effect across all verticals and companies, driving consumer awareness and raising the standard for cybersecurity for everyone. In Canada, the University of Ottawa, City of Saskatoon and City of Burlington all experienced ransomware by simple email compromises. 

How Can E-Tech Help? 

Dark Web Monitoring

Security researchers estimate that in the first half of 2019 alone, 23M+ credit and debit card details were being sold in underground forums. Once such data dumps hit the Dark Web, cybercriminals will exchange stolen information and credentials in order to orchestrate damaging fraud schemes. Dark Web Monitoring is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Get a Free Dark Web Scan Today.

Cyber Security Awareness Training

The number 1 reason people are victimized by cyber crime is human error. No industry is safe from cyber security threats – even experts like us are targeted by cyber criminals. That’s why we recommend our all-in-one comprehensive advanced Cyber Security Awareness Training Program, to keep you and your employees safe from the dark web. Our Training includes: a presentation to your employees, advanced training modules and course completion certificates, phishing email simulators and fully detailed reporting. Try our Free Cyber Security Training Module.

Top 10 Cybersecurity Tips:

  1. Create unique passwords and enforce multi-factor authentication for all network users.
  2. Install spam-filtering solutions with anti-phishing capabilities across your network.
  3. Leverage web-filtering programs that block phishy websites.
  4. Prepare for cryptojacking attacks.
  5. Purchase SMB security suites that include Dark Web monitoring.
  6. Involve all stakeholders in raising cybersecurity awareness across your organization.
  7. Assess your organization’s information, protection, and access regularly.
  8. Ensure that all third-parties have cybersecurity protocols and policies in place.
  9. Build a cybersecurity incident response plan (CIRP) and democratize key information.
  10. Partner up with experts to train your employees every month.
Feel Free to Contact Us for More Information.>

Microsoft Ending Support for Windows 7 on January 14, 2020

By |2019-09-12T10:52:32-04:00September 12th, 2019|IT Support, Office 365 & G Suite, Uncategorized|

If you’re still running your business on Windows 7, your luck is starting to run out. According to Microsoft, Windows 7 will no longer receive support after January 14, 2020. Microsoft will no longer provide security updates or support for PCs running Windows 7. Now is the time to upgrade to latest version of Microsoft, Windows 10. [1]

What does this mean for you?

You can continue to use Windows 7 without any issues, but after January 14, your PC will become more vulnerable to security risks. Windows will operate, but you will stop receiving security and feature updates.

If you’re on a Windows 7 computer, you will not be prompted to get a free upgrade to windows 10 as it was previously for the original Windows 10 release. Now users running on Windows 7 will have to purchase and upgrade version like Windows 10 for a cost.

Microsoft 365 Business comes with a free upgrade for users with a Windows 7, 8, or 8.1 Pro license on their device. By purchasing Microsoft 365 Business, your users can upgrade all their old Windows Pro licensed devices at no additional cost.

Why should I upgrade?

With Microsoft no longer supporting Windows 7, it means you’ll no longer receive security and operation updates

You might ask, are security and feature updates really that important for my business operations. The answer is a resounding yes!

The well-informed might remember the worldwide cyber attack known as “WannaCry” that struck over 200 000 computers in 2017. This form of ransomware encrypted the computer’s files and demanded ransom payments from companies in order to get them back. How could this happen? WannaCry attacked computers who were still running older Windows operating systems and had not yet been upgraded to the most recent security upgrades.

If you get a security breach the amount of downtime and recovery could be devastating to deal with especially if you’re a small business or non-profit.

Besides security and support, other reasons to upgrade to a newer version are: faster speeds on startup, Cortana (talk to your computer just like Siri), access to universal apps, voice typing, and nearby sharing options. [2]

How can E-Tech help?

The best practice with all security risks is to act on them as soon as possible. You can be sure that you’re at risk immediately when the support ends. We can upgrade your Windows 7 PCs seamlessly for you, leaving you stress-free. We encourage you to contact us to to get started. If you’re eager to go through the process yourself, check out this checklist to find out if you should upgrade or replace your equipment:

Can’t see this pdf? Download it here.

>

6 Sophisticated Phishing Email Examples and Why They’ll Trick You

By |2019-09-11T10:38:12-04:00September 11th, 2019|Cyber Security Awareness, Office 365 & G Suite, Uncategorized|

a hacker can infect your email account with ransomware in just seconds! Check it out:

Most cyber attacks happen through phishing attacks, so we compiled a list of the most sophisticated phishing emails we’ve come across:

Here’s 6 Sophisticated Phishing Emails and Why You’ll Fall For Them:

1. Google Sign-In Imitation Emails

Why This Will Trick You: Google is very secure, where they validate anytime your email was used to log in from a unknown device or unusual location. Most social media networks like Facebook, LinkedIn, Instagram, etc. also have this security feature as well, so most users have received an email like this every once in awhile. An attacker can send this fake email to you playing at the fact that you might be more cautious than others with your security. You’re baited into clicking the link for more details, and just like that, you’ve been compromised! How to Avoid Being Tricked: Cyber criminals can’t use Google’s actual email, so they’re most likely sending from a fake/dummy email address like noreply@googel.ITsecurity.net (I made that up on the spot). Always be sure to check the sending email address is actually from the expected source! It’s always important that you hover over any links before you click them. When you hover over a link, you’ll see the URL in the bottom left hand side of your display. It will show you the true destination that the link will send you. This email is very impersonal, meaning your name, account number, email, etc. aren’t anywhere in the email. Google will always include some personalization in their emails to prove their validity.

2. Charity Donation for You

Photo Credits Why This Will Trick You: Doris Buffett is a true philanthropist – so the email is not lying. There are several versions of this phishing email that gets sent around. The look and feel of the email suggest that it’s real. It plays off the human emotions of greed and gullibility, designed for you to click the link and engage with them in conversation. The link is tricky, because the hacker made it look like you could see the full link without hovering. Once you click the link, you’re taken to a malicious website. Responding to the email doesn’t cause immediate harm, but it will show the cyber criminal that you’re gullible and susceptible to well crafted phishing emails, and you can bet that you’ll receive much more in the future. How to Avoid Being Tricked: Like the first example, this phishing email is very impersonal (without even a salutation) and has very little information. A skeptic would ask: “Why did Doris Buffett pick me? What is her ‘large private foundation’ that they couldn’t specify?” Using the hovering trick over the link ‘Peggy’ provided, you’ll be sure to see a different URL than what it says it is.

3. Netflix’s Membership Reset

Photo Credits Why This Will Trick You: If you’re a regular user of Netflix (I certainly am), this will surely come as a shock, and you’ll most like click on one of the links in the email. This is email is also crafted like a smart marketing email – with a clear call to action that catches your attention and entices you to click on it. Really, it makes it seem so easy to restart your membership, like all you have to do is click. It’s not hard to imitate marketing emails from different companies, especially if you’ve seen the emails yourself. All it takes is a hacker to have bit of HTML experience, and they can craft phishing emails that look nearly identical to the company’s real emails. How to Avoid Being Tricked: When you get unexpected emails from company’s claiming that you’ve cancelled your subscription/membership, your account has been locked, etc., it’s always good to take into consideration the validity of the sender and any links before believing that it’s true. Emails like these are required by law to have a ‘Unsubscribe’ option. If you can’t find that option anywhere, chances are that it’s a scam trying to trick you.

4. Bonus Decrease From Your HR Department

Why It Will Trick You: Cyber criminals in this scenario are playing off the idea that the biggest news company’s have known for years: negativity sells. This means that you’re more likely to click on a link if it’s something negative, rather than positive. Everyone at the company would be disappointed to know that their bonuses are decreasing at the end of the year, especially if you thought the work you’ve been doing deserved more attention. Little research would be needed to personalize this email to your company’s HR director. A simple social media search, or even a browse through on your company’s website can give the hacker enough information to create a personalized plan of attack. How to Avoid Being Tricked: Social engineering attacks like this happen all the time. It’s so easy to impersonate one of your company’s employees simply by searching through your website or social media. A lot of time, company’s have their emails listed on their websites, which makes it extremely easy for a hacker to make a fake email address almost identical to it. When receiving a social engineering attack like this, make sure you always check the validity first. Give a call to the person the email is claiming to be. It’s so easy to be tricked in an email, and that’s why it’s always a good idea to check with the source directly.

5. New Company Benefits From Your HR Department

Why It Will Trick You: Who doesn’t love more benefits from your company? The cyber criminals know this and are using an employee’s excitement against them. Like the Netflix example above, this has a clear call to action button that is enticing to click. It’s clear what the email wants you to do: View Policy. It only takes one eager employee to click that blue button and infect all the computers on that network. How To Avoid Being Tricked: You’ve heard it several times throughout this article, because it’s such an important part of your safety: double check the sender’s email address, and hover over any links/buttons that are in the email. Realistically, if your HR department is emailing you about new policy changes, it’ll be sent to multiple people throughout your company or department. It’s easy to check with your next door neighbour and ask if they got the same thing as you did. It’s also possible that the cyber criminals sent a mass email to your whole company. In that this case, contact your HR department through a separate email thread asking about the new benefits.

6. New IT Policy Starting Next Month

Why It Will Trick You: This a well crafted social engineering phishing email. The cyber criminal did his research, knowing what the IT Director’s email signature would look like. The call to action links stands out, making it clear what the criminal is looking for you to do. Once you click the link, it’s possible you’ll be tricked into a signing a document without looking it over, downloading malicious software, or whatever the cyber criminal wishes. This email can be very well timed, because a due date is clear: you’ll have to review and sign the document before April. If an attacker is sending this out in the later days of March, they’ll be more inclined to rush in, to click any links and to sign documents without thinking about the potential risks. How To Tell It’s Phishing: Like many phishing emails, there are a bunch of spelling mistakes, and those are signs of a scan. Think: how many times do you re-read your work emails before sending them off, making sure there’s no spelling or grammatical mistakes? Cyber criminals tend to write with poor English. There are a lot of cases where hackers are sending phishing emails from foreign countries, where English may not be their first language. Other times, hackers are being sloppy, because they know that it only takes 1 person to fall for the scam. They don’t need to have perfect English if 1 person will fall for their mistake-full emails. Reviewing the grammar and spelling mistakes of an email is essential to validating the safety of an email.>

Title

Go to Top