Technology Advisor Blog

Windows June 2026 Patch Tuesday: What Small Businesses Need to Know

lhanson@ekaru.com (Linda Hanson) — Fri, 12 Jun 2026 12:52:18 GMT

Microsoft released its June 2026 Patch Tuesday security update yesterday and this one is historically large.

June 2026 marks the largest single Patch Tuesday release in the program's history, addressing 200 security vulnerabilities across Windows, Office, Azure, Exchange, Hyper-V, and related products. For small businesses in Massachusetts that rely on Windows devices, there are several things worth understanding before the end of the week.

At Ekaru, we provide managed IT services for small businesses across greater Boston. Staying ahead of security patches is one of the most important things a small business IT support provider can do for its clients. Here is what matters most this month.

The Secure Boot Deadline Is 16 Days Away

Before diving into this month's new vulnerabilities, the most important reminder for any small business still running Windows devices is this: the Secure Boot certificate expiration deadline is June 26, 2026, just 14 days away.

If your devices have not yet received the May 2026 update, June's Patch Tuesday is your final scheduled opportunity to get compliant before that deadline. Boot-level malware will be impossible to detect or remove with standard tools on devices that miss this window. The June 26 deadline is absolute and non-negotiable.

If Ekaru manages your IT, your devices should already be tracked. If you are not sure, run Windows Update today and confirm KB5089549 from May is installed alongside this month's updates. This is exactly the kind of proactive IT management that protects small businesses in the Boston area from preventable security incidents.

What Microsoft Fixed in June 2026

Of the 200 Windows security updates addressed this month, 33 are rated Critical, 166 are rated Important, and one is rated Moderate. Twenty-eight of the critical flaws are remote code execution vulnerabilities, four are elevation of privilege issues, and one is an information disclosure flaw.

Here are the Microsoft security patches small businesses should understand:

Windows Kernel Remote Code Execution

This is the most serious vulnerability management concern in this month's release. A remote unauthenticated attacker can run code at SYSTEM level with no user interaction, through a flaw in how the kernel handles TCP/IP. In plain English, an attacker on the internet could potentially take full control of an unpatched Windows device without any employee clicking anything. This one alone makes June's Windows 11 update urgent for every business.

Windows BitLocker Security Bypass

This vulnerability allows an attacker with physical access to a device to bypass BitLocker's full-disk encryption and access the data on it. For small businesses that rely on BitLocker to protect laptops, particularly important if a device is ever lost or stolen, this fix is essential. This patch closes a significant gap in your endpoint security protection.

Windows Denial of Service

This vulnerability is related to an attack technique that can affect web servers and knock them offline in seconds. For businesses running any web-facing services or applications on Windows Server, this is worth prioritizing.

Remote Desktop Services

Remote Desktop Client received the most concentrated cluster of critical patches this month with 11 total fixes. If your team uses Remote Desktop to connect to office computers or servers remotely, this month's security patch is non-negotiable.

What You Should Do Today

The steps are the same as every month but this month they are more urgent than usual given the severity of the vulnerabilities and the approaching Secure Boot deadline.

Go to Settings, select Windows Update, and check for updates. Install everything available and then do a full Restart, not just Shut Down. The restart is what completes the installation process.

If any devices in your office show errors during the update process, contact your IT support provider before the end of the week. With the June 26 Secure Boot deadline approaching, there is no comfortable buffer left. Unpatched systems remain one of the leading entry points for ransomware attacks targeting small businesses.

Ekaru Helps You Stay Ahead

The Ekaru team provides managed IT services in Boston and monitors Windows updates for small businesses across Westford, Acton, Chelmsford, Lowell, and the greater Boston area. Our patch management services include security update tracking, compliance monitoring, and device management to catch update failures before they become problems.

Not sure whether your business is protected? A free IT assessment is the fastest way to find out.

Cybersecurity in 2026: What Small Businesses Need to Learn from 22,000 Data Breaches

Ann Westerheim — Wed, 03 Jun 2026 19:43:45 GMT

Every year, Verizon publishes its Data Breach Investigations Report (DBIR), one of the most respected cybersecurity reports in the industry. The 2026 report analyzed more than 22,000 confirmed data breaches across 145 countries, making it one of the largest collections of real-world cybersecurity data available.

At Ekaru, we pay close attention to reports like this because they help us separate trends from headlines. Instead of relying on assumptions, we can see exactly how attackers are succeeding, where businesses are struggling, and what organizations can do to better protect themselves.

Before we dive into the findings, it's helpful to understand two terms you'll see throughout cybersecurity reports:

Incident: A security event that disrupts business operations, compromises systems, or creates a security risk.

Breach: A type of incident where sensitive information is actually accessed, stolen, or exposed to someone who shouldn't have it.

In other words, every breach is an incident, but not every incident becomes a breach. For example, a ransomware attack or website outage may be considered a security incident even if no customer or company data is stolen.

The biggest takeaway from this year's report is surprisingly simple:

Cybersecurity fundamentals matter more than ever.

While artificial intelligence, ransomware, and sophisticated cybercriminal groups continue to dominate the news, most successful breaches still come down to a handful of preventable issues. Here are the lessons small businesses should take away from Verizon's findings.

1. Unpatched Systems Have Become the #1 Way Attackers Get In

For years, stolen passwords were the most common way attackers gained access to business systems. That's no longer the case.

According to the Verizon DBIR, exploiting software vulnerabilities is now the leading method attackers use to gain initial access to organizations (and AI makes that easier and faster!).

In plain English, this means cybercriminals are actively scanning the internet looking for outdated software, unpatched firewalls, vulnerable VPNs, and exposed systems. Once they find one, they can often gain access without ever needing a password. They use automated tools and scan - have you ever looked at your firewall logs or Microsoft 365 logs to see who's trying to get in?

For small businesses, this highlights the importance of:

Regular software updates
Security patch management
Vulnerability assessments
Continuous monitoring

Many organizations don't get breached because they lack expensive security tools. They get breached because a known vulnerability remained unpatched for too long. Those boring and annoying updates? Don't delay!

2. Ransomware Isn't Going Away

Ransomware continues to be one of the most significant cybersecurity threats facing businesses today.

Nearly half of all breaches analyzed in the report involved ransomware or extortion-related activity.

The impact goes far beyond encrypted files. Modern ransomware attacks often involve data theft, operational disruption, reputational damage, and regulatory concerns. What would you do if confidential client information was published on the Dark Web?

The good news is that businesses are becoming more resilient. Verizon found that a growing number of organizations are refusing to pay ransoms and instead relying on recovery plans and backups.

That's exactly why we continue to emphasize:

Tested backups
Endpoint protection
Email security
Incident response planning
Business continuity strategies

The best ransomware response is preparation long before an attack occurs.

3. Your Security Is Only As Strong As Your Vendors

One of the most eye-opening findings from this year's report was the dramatic increase in breaches involving third parties.

Think about all the external services your business relies on every day:

Microsoft 365
Payroll providers
Accounting software
Cloud storage platforms
CRM systems
IT service providers (And this is the big reason we completed the GTIA Cybersecurity Trustmark this year!)

Businesses today are more connected than ever. While those connections improve productivity, they also increase risk.

A security issue at a vendor can quickly become a security issue for your organization.

This doesn't mean avoiding cloud services or modern business applications. It means understanding who has access to your data, enabling security controls like multifactor authentication, and periodically reviewing your vendor relationships.

4. People Are Still a Major Target

Technology wasn't the only focus of this year's report.

Verizon found that the human element was involved in nearly two-thirds of breaches.

What's changing is how attackers are targeting people.

Traditional phishing emails remain common, but attackers are increasingly using phone calls, text messages, and impersonation tactics to trick employees into providing access or sensitive information. With AI, its so easy to clone someone's voice, or create a video with their image. These day's seeing is NOT believing!

Many of these attacks don't look suspicious at first glance. They often appear urgent, helpful, or completely routine. Often the emails contain things like QR Codes or other "security" tools that make it look like the sender is being more secure.

This is why cybersecurity isn't just an IT issue.

Every employee plays a role in protecting the organization.

Regular security awareness training, clear verification procedures, and a culture where employees feel comfortable asking questions can dramatically reduce risk. Talk to your team regularly about cybersecurity. We recently had a great training session over cake at one of our local client sites - just get people talking!

5. Artificial Intelligence Is Helping Attackers, Too

Artificial intelligence is transforming business operations, but it is also becoming a tool for cybercriminals.

The report found growing evidence that attackers are using AI to help write phishing messages, research targets, develop malicious code, and automate parts of their attack process.

This doesn't mean AI is creating entirely new categories of threats.

Instead, it's making existing attacks faster, cheaper, and easier to scale. It's so easy to automatically harvest information from social media, websites, former breaches to make emails look VERY convincing. Gone are they days where you could just tell your team to not click on a "suspicious" email.

The result is that businesses may face a greater volume of convincing phishing attempts and social engineering attacks than ever before.

The answer isn't fear.

The answer is strengthening the fundamentals that have always worked: security awareness, strong authentication, patch management, monitoring, and layered defenses.

What This Means for Small Businesses

When reading cybersecurity headlines, it's easy to assume the biggest risks involve sophisticated nation-state hackers or highly technical attacks.

The Verizon DBIR tells a different story.

Many successful breaches still start with:

An unpatched system
Weak authentication
A trusted vendor being compromised
An employee being deceived
A missing security control

These aren't new problems. They're foundational security challenges that every organization can address.

That's encouraging because it means small businesses are not powerless.

With the right strategy, consistent processes, and ongoing attention to cybersecurity fundamentals, organizations can significantly reduce their risk. There are so many smart and affordable things local businesses can do to help stay safe online. Start small and build a successful program one step at a time. We're currently working with several local businesses getting ready for CMMC compliance - while this seams overwhelming at first, making weekly progress gets the job done.

Final Thoughts

One reason we closely follow research like Verizon's annual DBIR is that it helps us make better recommendations for our clients.

The threat landscape continues to evolve, but the core principles of cybersecurity remain remarkably consistent. Organizations that know what assets they have, keep systems updated, secure accounts with multifactor authentication, train employees, and prepare for incidents are far better positioned to withstand today's threats.

Cybersecurity is not about eliminating risk entirely. It's about making informed decisions that reduce risk and improve resilience.

The businesses that focus on the fundamentals today will be the ones best prepared for whatever comes next.

Interested in continuing the conversation?

About the author:

Ann Westerheim, PhD is the Founder and President of Ekaru, a Technology Service Provider of cybersecurity and IT services for small and medium businesses in the greater Boston area. Ann is an accomplished technology innovator and leader with three engineering degrees from MIT. She has twenty years of high tech experience in research, advanced development, product development, and as an entrepreneur. Her career has spanned a vast range of technology endeavors including research in thin film semiconductors and superconductors, microprocessor fabrication, development of early Internet medical applications, and now focusing on the application of technology in business. She has an avid focus on the "last mile" of technology and decreasing the digital divide.

What It's Like to Work With Ekaru — Boston's Trusted MSP

lhanson@ekaru.com (Linda Hanson) — Thu, 28 May 2026 12:22:31 GMT

What It's Like to Work With Ekaru

Most small business owners come to us after something has already gone wrong.

A ransomware attack that shut down operations for days, an employee who clicked a link they shouldn't have, a laptop stolen from a car with unencrypted client data on it, or simply the slow, creeping realization that their IT setup isn't actually protecting anyone.

If any of that sounds familiar, you're not alone, and you're in exactly the right place.

Who We Are

Ekaru is a managed IT services provider based in Westford, Massachusetts. We have been serving small businesses across greater Boston since 2001 (law firms, medical practices, accounting firms, non-profits, and professional services businesses of every kind.)

Our founder, Ann Westerheim, holds three degrees from MIT and a PhD in engineering. She walked away from high-tech research to build an IT company that actually serves Main Street. That decision shapes everything we do. It is why we explain things in plain English, why we pick up the phone, and why we treat your business like it matters, because it does.

We are a CRN Top 500 Managed Service Provider and one of the first IT providers in New England to earn Generative AI Certification, meaning we are equipped to help your team navigate AI tools safely and strategically.

What Working With Us Actually Looks Like

The first thing most new clients notice is that we are proactive, not reactive.

Traditional IT support waits for something to break and then sends someone to fix it, but that model is expensive, disruptive, and increasingly dangerous in a world where the average ransomware attack goes undetected for weeks before it fires. We monitor your systems continuously, apply security patches before vulnerabilities are exploited, and flag problems before they become crises.

When something does need immediate attention, our team responds. Fast.

"Michael found my issue right away and fixed it in less than 5 minutes. Could not ask for anything better."

"Michael was wonderful! He helped with an emergency in our office in the most efficient and accommodating way. I would highly recommend him to anyone!"

"The whole process was terrific, and Zac got everything taken care of without a hitch!"

Your employees get access to our helpdesk team made of real people, based in Massachusetts, who respond quickly and speak clearly.

"Thank you Jonathan and Michael — you guys are always helpful to get any issues resolved."

"Great service and quick response. Computer is working very well now."

We also handle the things most small business owners don't think about until it's too late. Cybersecurity for small businesses in Massachusetts is not just about having antivirus software, it involves patch management, employee training, HIPAA compliance for healthcare clients, data backup strategy, network security, and making sure your cyber insurance policy can actually be used when you need it. We manage all of it.

Why Small Businesses in Greater Boston Choose Ekaru

There are a lot of managed IT providers in the Boston area. What makes the difference for the businesses that work with us is usually the same thing — they want a partner who understands their business, not just their technology.

A five-person law firm in Westford has different needs than a 50-person accounting firm in Lowell. A medical practice handling protected health information under HIPAA has different compliance obligations than a marketing agency. We have spent 24 years learning the industries our clients work in, and that context changes the quality of advice and support we provide.

We also believe that an informed client is a protected client. That is why Ann wrote Cybersecurity for Main Street, a practical, plain-English guide to cybersecurity for small business owners. It is why we publish free resources, run quarterly electronics recycling events, and host cybersecurity awareness webinars for the greater Boston business community.

Is Ekaru the Right Fit for Your Business?

If you run a small business in the greater Boston area and you rely on technology to operate, you need managed IT support that is proactive, local, and genuinely invested in your success.

If you are not sure whether your current setup is actually protecting you, that is worth finding out. We offer a straightforward IT assessment with no obligation and no jargon.

We have been doing this for over two decades, and we know this community, the risks, and what it takes to keep a small business running securely and with confidence.

What the FBI’s Latest Cybercrime Report Means for Small Businesses

Ann Westerheim — Mon, 18 May 2026 18:20:44 GMT

When many people picture cybercrime, they imagine hackers breaking into giant corporations with sophisticated tools and complex code. But for most small businesses, cybercrime today looks much more ordinary - and much more personal.

It looks like an email from a trusted vendor asking for updated payment information.
It looks like a voicemail that sounds like a company executive requesting an urgent wire transfer.
It looks like a Microsoft 365 login page that appears completely legitimate.

And increasingly, thanks to artificial intelligence, these scams are becoming harder and harder to spot.

The FBI recently released its latest Internet Crime Complaint Center (IC3) report, highlighting billions of dollars in losses tied to cybercrime, including growing losses from AI-assisted scams and cryptocurrency fraud. While the numbers themselves are staggering, the bigger takeaway for local businesses is this:

Cybercriminals are getting better at pretending to be someone you trust.

The Numbers Behind the Headlines

The statistics in the FBI’s newly released Internet Crime Complaint Center (IC3) report are difficult to ignore.

According to the report, Americans lost nearly $21 billion to cyber-enabled crime in 2025 alone. The FBI received more than 1 million complaints, a significant jump from the previous year. Among the most commonly reported issues were phishing and spoofing attacks, extortion, investment scams, compromised business email accounts, and tech support fraud.

One of the most striking findings is how heavily scammers are leaning on cryptocurrency-related fraud. Complaints involving cryptocurrency totaled more than $11 billion in reported losses.

But another statistic stands out for a different reason.

For the first time in the report’s nearly 25-year history, the FBI included a dedicated section on artificial intelligence-related cybercrime. The IC3 received more than 22,000 AI-related complaints, resulting in nearly $893 million in losses.

And those numbers likely represent only part of the picture.

Many people never report scams at all - especially when they feel embarrassed or fear they “should have known better.” Unfortunately, that stigma is exactly what makes cybercrime harder to fight.

The reality is that modern scams are becoming extraordinarily convincing. Criminals are now using AI to generate polished emails, clone voices, create fake identities, and produce believable videos that can imitate coworkers, executives, vendors, or even family members. These scams are designed to create urgency and emotional pressure, often catching people off guard during busy workdays.

This is one of the biggest mindset shifts businesses need to make:

Cybersecurity is no longer just about spotting obvious red flags. Increasingly, it’s about having processes and safeguards in place for situations where something looks legitimate but isn’t.

That’s why even well-run organizations with smart, experienced employees can still become targets.

It can happen to the best of us! Even with proper defenses in place like strong passwords, multifactor authentication, cybersecurity awareness training, phishing emails can still get through to someone's inbox, and just last week we saw yet another case of a clicked link. Fortunately, in this case the local business was protected by Identity Threat Detect and Respond (ITDR), and the attack was stopped just a few seconds after it started! (For more on that, check our recent blog: What if They're Already In? The Blind Spot in Email Security Most Businesses Miss.

Why These Scams Are Becoming More Convincing

For years, phishing emails were often easier to spot. Many contained spelling mistakes, awkward wording, strange formatting, or suspicious-looking links that raised obvious red flags.

That’s changing quickly.

Artificial intelligence is giving cybercriminals new tools to create polished, professional, and highly believable scams at a scale we haven’t seen before. In its latest IC3 report, the FBI noted that AI technology now enables the creation of convincing synthetic content, including fake social media profiles, personalized conversations, audio, video, and other digital content that can be used to support fraud schemes.

The report also warns that AI-generated content is becoming increasingly difficult to detect while simultaneously becoming easier for criminals to create.

That matters for small businesses because many scams today are no longer generic “spam” messages sent to thousands of people. Attackers can now use AI tools to:

write realistic emails without the spelling and grammar mistakes people once looked for
imitate the tone and style of trusted coworkers or vendors
create fake LinkedIn or social media profiles to build credibility
generate convincing text conversations or customer service interactions
clone voices or manipulate audio recordings
produce realistic-looking invoices, documents, or videos

In many cases, these attacks are designed to create urgency and emotional pressure. A message may appear to come from a company executive requesting an immediate payment, a vendor asking to change banking information, or a trusted service provider warning about an account issue.

And because AI allows criminals to personalize these messages quickly, even experienced employees can find them difficult to distinguish from legitimate business communication.

One of the most important things business owners should understand is this: Falling for a scam does not mean someone is careless or unintelligent.

Modern phishing and impersonation attacks are specifically engineered to appear trustworthy. Criminals study how businesses communicate, how approvals happen internally, and what kinds of messages employees are likely to respond to under pressure.

That’s why cybersecurity today is less about expecting employees to “catch every scam” and more about building processes, verification steps, and a workplace culture where people feel comfortable slowing down and asking questions when something seems unusual.

The Human Side of Cybercrime

One thing we often see after a phishing incident is embarrassment.

Employees may hesitate to report suspicious activity because they’re worried they’ll get in trouble or feel foolish for clicking something. Business owners sometimes avoid talking about scams altogether because they think it reflects poorly on their organization.

But silence is exactly what cybercriminals rely on.

The reality is that modern phishing attacks can fool almost anyone under the right circumstances — especially during busy workdays when people are moving quickly and multitasking. AI-generated messages can look remarkably convincing, particularly when they appear to come from trusted coworkers, vendors, or service providers.

Creating a workplace culture where employees feel comfortable reporting suspicious emails, unusual requests, or mistakes early can dramatically reduce the damage from an incident.

In cybersecurity, early reporting matters far more than perfection.

What Small Businesses Can Do Right Now

The good news is that small businesses do not need enormous IT departments or massive security budgets to make themselves significantly harder targets.

Often, the most effective improvements come from a combination of awareness, process, and layered protection.

Here are a few practical steps businesses can take now:

Slow Down Financial Requests

Many scams succeed because they create urgency.

If an employee receives a request involving:

wire transfers
gift cards
payment changes
payroll updates
sensitive documents

there should always be a second method of verification before moving forward.

A quick phone call to a known number can prevent a major financial loss.

Make Reporting Easy

Employees should know:

it’s okay to ask questions
it’s okay to report suspicious messages
it’s better to report something harmless than stay silent

The businesses that respond best to cyber threats are usually the ones where people feel safe speaking up quickly.

Use Multi-Factor Authentication Everywhere Possible

Multi-factor authentication (MFA) remains one of the simplest and most effective protections available.

MFA is a security measure that requires users to verify their identity using two or more methods - such as a password plus a code sent to a phone or generated by an authentication app. MFA helps protect accounts even if a password is stolen.

Even if passwords are stolen through phishing, MFA can often stop attackers from gaining access to email accounts and business systems.

Provide Ongoing Security Awareness Training

Cybersecurity training is no longer just about spotting poor grammar in suspicious emails.

Employees need help understanding:

impersonation tactics
fake login pages
urgent financial scams
AI-generated messaging
text-message phishing (“smishing”)
fake tech support requests

The goal is not to make employees paranoid. It’s to help people recognize when something feels unusual and know what to do next. If you know the message could be a fake, you're more likely to slow down and ask questions.

Have a Trusted IT and Security Partner

When something suspicious happens, time matters.

Having trusted professionals to call can help businesses respond faster, reduce damage, and avoid making stressful decisions alone during an incident.

Cybersecurity Is About Resilience, Not Perfection

The FBI’s report is an important reminder that cybercrime continues to evolve rapidly, especially as AI tools become easier for criminals to use.

But this is not a reason for panic.

It’s a reason for businesses to build practical habits, stronger verification processes, and a culture where employees feel supported instead of blamed.

No business can eliminate every risk entirely. The goal is not perfection - it’s resilience.

At Ekaru, we believe good cybersecurity starts with conversations, awareness, and trusted relationships. Technology matters, but people and processes matter just as much.

If you’d like help reviewing your organization’s cybersecurity practices, employee awareness training, or response planning, we’re always happy to have a conversation.

About the author:

Windows 11 May 2026 Patch Tuesday: What Small Businesses Need to Know

lhanson@ekaru.com (Linda Hanson) — Wed, 13 May 2026 16:11:28 GMT

Microsoft released its May 2026 Patch Tuesday security yesterday. Update KB5089549 is now rolling out to all Windows 11 devices. While this update isn't the flashiest release of the year, it includes improvements that small business owners and their teams will actually notice day to day, along with a critical security deadline that cannot be ignored.

At Ekaru, we specialize in Microsoft applications and managed IT services for small businesses across Greater Boston. Staying ahead of Windows updates, understanding what they mean for your business, your team's productivity, and your security posture is exactly what we're here for.

Here is what matters most about this month's release.

The Secure Boot Deadline: Act Before June 26

This is the most important thing in May's update for small businesses. The Secure Boot certificates used by the vast majority of Windows devices are scheduled to expire starting in June 2026. If a device's UEFI firmware is not updated with the new certificates in time, it will completely lose the ability to boot securely.

What does that mean for your business? If your computers are not updated before June 27, they may no longer start up with the security protections that protect them from unauthorized software at boot, a gap that attackers can exploit.

The good news: this month's update includes the Secure Boot certificate fix and devices will receive it automatically through Windows Update, but only after demonstrating successful update signals. Microsoft is using a phased rollout to help prevent devices from being bricked by incompatible firmware.

If you manage your own Windows updates, run Windows Update today and confirm KB5089549 is installed before the end of May. If Ekaru manages your IT, our team is already tracking this across all supported devices. If you are unsure whether your systems are covered, reach out as this is exactly the kind of deadline that catches businesses off guard.

File Explorer: Finally Fixed

Windows 11 KB5089549 delivers a significant suite of File Explorer fixes, including the elimination of the "white flash" that appeared when opening This PC or resizing the Details pane in dark mode, and the preservation of custom View and Sort preferences no matter how a folder is opened.

For small businesses that rely on shared folders, document management, and day-to-day file navigation, these are genuine quality-of-life improvements that reduce frustration and interruption.

These fixes won't require any action on your part, they apply automatically with the update. But they are a good reminder that keeping Windows current doesn't just mean staying secure; it means your team works on a system that is actively being improved.

Stricter Driver Rules: What Businesses Should Know

Microsoft is updating its Windows Driver Policy as part of a new "secure by default" initiative. Default trust for cross-signed drivers is being removed, meaning only drivers that pass through the Windows Hardware Compatibility Program or a specific allow-list of trusted legacy drivers will be permitted. Windows will audit driver compatibility for at least 100 hours and three reboots before enforcing the block.

For most small businesses using standard business hardware and software, this change will be invisible. However, if your business uses older or niche hardware (specialized printers, legacy scanners, industry-specific devices) this is worth monitoring. Our team will flag any compatibility issues before they affect your operations.

Reliability Improvements Your Team Will Notice

Beyond security, KB5089549 brings a range of fixes that improve everyday reliability:

Windows Hello fingerprint data now persists correctly after major OS upgrades, and face recognition reliability at sign-in has been improved. For businesses using Windows Hello for passwordless sign-in (which we encourage) this is a meaningful fix.

The Microsoft Store has been patched to eliminate several notorious download errors, including error codes 0x80070057 and 0x80073d28.

Startup apps now launch noticeably faster after boot, and the taskbar and system tray load more reliably at sign-in.

If you're Managing Your Own Updates, Here's What You Should Do Today

Go to Settings → Windows Update → Check for updates and confirm KB5089549 is downloading or installed

Do a full Restart, (Not just Shut Down) after the update installs to ensure all changes take effect

If any devices in your office show update errors, contact us before the end of May

The June 26 Secure Boot deadline is 45 days away. May is the comfortable window to get this done.

Ekaru Helps You Stay Ahead

The Ekaru team monitors and manages Windows updates for small businesses across Westford, Acton, Chelmsford, Lowell, and the Greater Boston area. Our managed IT services include:

Security patch management and compliance tracking
Device monitoring to catch update failures before they become problems
Proactive planning around deadlines like the June 2026 Secure Boot transition

If you have questions about this month's update or want to confirm your systems are protected, contact our team today.

What If They’re Already In? The Blind Spot in Email Security Most Businesses Miss

Ann Westerheim — Wed, 06 May 2026 14:20:54 GMT

We hear this all the time:

“We already have email security in place - we’re good.”
“We’re on Microsoft 365 (or Google Workspace) - they take care of that.”

And it’s easy to see why at first that feels like enough.

Platforms like Microsoft and Google provide a powerful foundation - offering the infrastructure, built-in protections, and security features that businesses rely on every day.

But here’s the part that often gets misunderstood:

They provide powerful tools - but they don’t replace a complete security strategy.

And even with strong protections in place…

No system catches everything.

What happens if something does get through?

You’re Doing the Right Things - But That’s Only One Layer

When we talk about protecting your business, it’s not just one thing - it’s a combination of layers working together.

For most organizations, that includes:

Strong passwords
Multi-factor authentication (MFA)
Email filtering and impersonation protection
And just as important… reliable backups

That last one is where we often see some confusion.

If you’re using platforms like Microsoft 365 or Google Workspace, it’s easy to assume your data is automatically backed up.

But that’s not quite how it works.

Those platforms are designed to keep services running and data available - but they’re not a substitute for a true backup strategy that protects you from:

Accidental deletion
Overwritten files
Ransomware or malicious activity
Or even compromised accounts

In other words:

Just because your data is in the cloud doesn’t mean it’s fully protected from loss.

That’s your front line. It’s designed to:

Keep bad emails out
Stop users from clicking dangerous links
Prevent unauthorized access
Keep a copy of your emails in a backup

And it works most of the time.

But attackers have evolved. They’re no longer relying on obvious malware or sloppy phishing emails.

Dear Customer,

We detect unusual activity on your account. You must verify immediately or your account will be suspended.

Click here now to avoid losing access.

Pretty easy to spot, but that's not always the case anymore.

The Attacks Don’t Always Look Suspicious Anymore

During the first quarter of 2026 (January to March), Microsoft Threat Intelligence detected approximately 8.3 billion email-based phishing threats.

We recently saw an example in the community that’s worth sharing: An employee received what looked like a legitimate RFP (Request for Proposal) - something that could easily be a real business opportunity. Nothing unusual about that. Inside the email was a QR code, which actually made it feel more legitimate.

They scanned it.

It led to a convincing login page. They thought the sender was being MORE SECURE by adding a login page.

And just like that, credentials were exposed.

This wasn’t someone being careless. This was a smart, experienced professional handling a normal part of their day - just like your team does with dozens (or hundreds) of emails.

That’s the reality now: Attackers are blending into everyday business workflows.

The Bigger Shift: It’s Not Just About Getting In

For years, cybersecurity has focused on prevention:

Block the bad email
Stop the malicious link
Keep the attacker out

But today’s question is different:

What if they don’t need to break in… because they can just log in?

According to recent findings from Microsoft threat reports, attackers are increasingly targeting identities - not just devices or networks. If they can access a Microsoft 365 account, they don’t need malware.

They are the user.

This Is Where Most Security Strategies Stop

Let’s use a business office security analogy.

Most companies have:

Locked doors
Keycard or code access
Cameras at entry points

That’s your email security and login protection.

But imagine someone steals a valid keycard and entry code and walks right in the front door.

A motion detector would alert that there was movement in the office, which could tip off security, but would your systems notice what they did when they were inside the office? Like accessing sensitive files, taking items when they left?

Bringing this back to email, would you know if someone:

Accessed sensitive emails?
Set up forwarding rules to hide activity?
Sent messages posing as your team?

That’s the gap.

A Missing Layer: Watching What Happens After Login

There’s a growing focus in cybersecurity on something called Identity Threat Detection and Response (ITDR).

You don’t need to remember the acronym. The idea is simple:

It’s about detecting and responding to suspicious activity inside your accounts - not just trying to keep threats out.

This layer looks for things like:

Logins from unusual locations or infrastructure
Strange behavior inside an account
Inbox rules designed to hide activity
Signs that someone else is using a valid session

Because once an attacker is in, the risk isn’t theoretical anymore - it’s active. Here is an anonymized real example of an attack stopped in ONE MINUTE, with full visibility to what the attacker did. Each accessed email can be individually reviewed, and there's peace of mind knowing in this case that nothing was modified, sent, or deleted.

Why This Matters (Even If You’re “Doing Everything Right”)

This is the part that can feel frustrating.

You can have:

Strong passwords
MFA enabled
Solid email filtering

…and still have risk.

Not because you did anything wrong - but because the threat has changed.

Attackers are patient. They test, adapt, and look for the one moment something slips through.

And when it does, the question becomes:

How quickly would you know?

A More Realistic Approach to Security

Good security today isn’t about one perfect tool.

It’s about layers that work together:

Email security → stops most threats before they reach users
MFA and access controls → reduce the chance of unauthorized login
Monitoring and response inside accounts → catches what slips through

That last piece is the one many businesses don’t realize they’re missing.

Want to See What This Looks Like in Real Life?

We’re hosting a short, practical workshop later this month where we’ll walk through:

How modern phishing attacks are actually working
Real examples of account compromise (including what happens after login)
What to look for - and what most businesses don’t see
How to think about security in layers, without overcomplicating things

No jargon. No pressure. Just a clearer picture of what’s really going on—and what you can do about it.

👉 You can find the details here, and note our workshop will be recorded, so you can watch it later.
“What If They’re Already In? The New Reality of Email Security”

Let's keep the conversation going...

If your security strategy is focused only on keeping threats out, you’re covering an important piece of the puzzle.

But today, it’s just as important to ask:

If someone got in… would we know?

If you’d like a friendly second opinion on how your business is handling cybersecurity, or day-to-day IT support, we’re always happy to talk!

About the author:

Ekaru Awarded GTIA Cybersecurity Trustmark for Excellence in Cybersecurity Practices

Ann Westerheim — Wed, 22 Apr 2026 14:43:58 GMT

Ekaru earned the GTIA Cybersecurity Trustmark, recognizing its commitment to secure, compliant IT practices and trusted client protection.

Ekaru, a leading provider of IT support, cybersecurity protection, cloud services, proudly announces its achievement of the Cybersecurity Trustmark issued by the Global Technology Industry Association (GTIA). The Trustmark confirms that Ekaru has undergone a rigorous review of its cybersecurity policies, procedures, and controls.

“Achieving the GTIA Cybersecurity Trustmark reinforces our promise to our clients: security isn’t a feature - it is our foundation,” said Dan Wensley, CEO of GTIA. “This recognition assures our partners and clients that their data is in trusted hands.”

The GTIA Cybersecurity Trustmark follows a detailed evaluation aligned with frameworks such as NIST and CISA. In addition, CREST-accredited third-party assessors ensure audit integrity to the Trustmark standard.

“Earning the GTIA Cybersecurity Trustmark reflects something we’ve always believed: the same security standards we recommend to our clients must be the standards we hold ourselves to every day. Small businesses can’t afford to treat cybersecurity as an afterthought, and we’re committed to helping our clients stay secure and confident as they grow.” Ann Westerheim, PhD. Founder and President of Ekaru.

As cyber threats continue to evolve, small and midsize businesses face increasing pressure to protect their operations, customer data, and reputation. The rapid adoption of AI has created new opportunities for efficiency and growth, but it has also introduced more sophisticated phishing attacks, social engineering, and automated threats that can target organizations of any size. For today’s SMBs, cybersecurity is no longer just an IT issue - it is a business priority directly tied to continuity, trust, and competitiveness. Ekaru is committed to helping clients navigate this changing landscape with practical security strategies, proactive support, and technology planning that not only reduces risk, but also empowers businesses to operate more efficiently, adapt faster, and compete with confidence.

About Ekaru - Ekaru is a trusted provider of managed IT services, cybersecurity, Microsoft 365 cloud solutions, and business communications for small and midsize organizations throughout the Boston area. We help businesses improve productivity, reduce risk, and gain peace of mind through responsive support and strategic technology guidance. With a focus on security, reliability, and long-term client relationships, Ekaru delivers practical solutions that help organizations operate efficiently and grow with confidence every day. For more information, visit ekaru.com.

About the Global Technology Industry Association - The Global Technology Industry Association (GTIA) is the only vendor-neutral, 501(c)(6) non-profit membership community connecting and representing the worldwide IT channel. We set our members up for success by providing benefits that include trusted resources and networking opportunities. In addition, the association sets industry standards that enable companies to build sustainable, secure and profitable businesses in an ever-changing technology landscape. Internationally, GTIA represents tens of thousands of professionals from thousands of ITSPs, vendors, distributors, and other companies serving the IT channel. GTIA was formerly known as the CompTIA Community (the membership arm of CompTIA). For more information, visit gtia.org.

Read the press release on EIN PressWire.

If you’d like a friendly second opinion on how your business is handling cybersecurity, or day-to-day IT support, we’re always happy to talk!

About the author:

Today is Patch Tuesday: Why It Matters for Your Business

Ann Westerheim — Tue, 14 Apr 2026 14:55:29 GMT

April 2026 Updates Released Today

If your computer prompts you to restart today, you might be tempted to click Remind Me Later and move on with your day.

You wouldn’t be alone.

But that small pop-up is tied to one of the most important cybersecurity habits a business can have: staying current with updates.

Today is Patch Tuesday - the second Tuesday of each month, when Microsoft releases security updates, bug fixes, and system improvements for Windows and other Microsoft products. It happens quietly in the background for most people, but for IT teams and cybersecurity professionals, it’s a date we watch closely every single month. Microsoft publishes these releases through its official Security Update Guide each month.

At Ekaru, we pay attention to Patch Tuesday because these updates often fix the kinds of weaknesses attackers look for first. And while updates may seem routine, falling behind can create real risk.

What Is a Patch?

A patch is simply a software fix.

Think of it like repairing a lock, sealing a roof leak, or replacing worn brake pads. Small maintenance tasks may not feel urgent in the moment, but they help prevent much bigger problems later.

Software patches typically do three things:

Fix security vulnerabilities
Resolve bugs or glitches
Improve performance and reliability

Some months bring larger updates than others, but every month matters.

Why Patch Tuesday Is So Important

When Microsoft releases patches, they’re addressing newly discovered issues and improving system stability.

The challenge is that cybercriminals watch Patch Tuesday too.

Once fixes are released, attackers often study them to understand what was corrected. Then they look for businesses that haven’t installed those updates yet.

That creates an avoidable window of opportunity between patch available and patch installed.

This is one reason we’re so focused on patching at Ekaru. It’s not because updates are exciting. It’s because consistency matters, and delays can turn preventable issues into expensive ones.

Organizations like CISA regularly encourage businesses to prioritize remediation of known vulnerabilities and keep systems current as part of good cyber hygiene.

Whether you run a professional office, nonprofit, manufacturer, or local service business, routine updates matter more than most people realize

What Came Out in April 2026?

This month’s Patch Tuesday includes security updates across Microsoft products, along with several Windows 11 improvements that everyday users may actually notice.

Reported highlights for the April 2026 Windows 11 release include:

Improvements to the Windows Settings experience
Easier visibility and management of Smart App Control
Accessibility enhancements in Narrator
File Explorer usability fixes
Better support for certain display and graphics configurations
Reliability improvements for printing, audio, and Remote Desktop experiences

Microsoft also maintains a Windows Release Health dashboard where IT teams can track known issues, rollout status, and resolved problems after updates are released.

While some of these changes sound minor, small improvements can make a real difference across an entire business. A smoother, more stable computer experience means fewer interruptions and less frustration for employees.

And behind the scenes, security fixes remain the most important part of the monthly release.

Sometimes There are Unexpected Results

We were reminded recently that updates can sometimes bring small surprises. One local user found that after a Microsoft update, their default browser had been reset to Edge, so links and files were opening there instead of Chrome. It was a quick fix, but a good reminder that even routine updates can occasionally change settings and may need a little follow-up. There will be glitches along the way, even with the advance testing we do at Ekaru.

Why Businesses Often Fall Behind

We understand why updates get postponed. Most people are trying to get work done, not think about software maintenance.

For many small businesses across Massachusetts and Southern New Hampshire, keeping up with technology updates often falls to the bottom of a busy to-do list.

Common reactions sound like this:

“I’m in the middle of something.”
“I don’t want my computer restarting right now.”
“Everything seems fine.”
“I’ll do it later.”

Completely understandable.

But we’ve seen many situations where a computer appears to be working normally while quietly missing months of important updates. That usually isn’t discovered until there’s a bigger performance issue, security concern, or support emergency.

We often meet business owners across New England who assumed updates were happening automatically, only to learn several devices had quietly fallen behind. This is especially common in hybrid workplaces where laptops move between the office, home, and the road.

Routine patching helps reduce those surprises.

Why We Obsess Over It at Ekaru

Patching is about more than clicking Install Updates.

A well-managed update process includes:

Monitoring new releases
Watching for known issues
Scheduling updates thoughtfully
Confirming devices actually install them
Making sure reboots happen
Following up on failures or devices that missed the cycle

Because in the real world:

Laptops are shut down
Employees postpone reboots
Devices fall out of sync
Updates occasionally fail
Older systems need extra attention

This is the kind of behind-the-scenes work that good IT support handles quietly and consistently. When patch management is done well, it usually goes unnoticed - and that’s a good thing.

What Business Owners Should Ask

Today is a good reminder to ask a few simple questions:

Are our computers updating regularly?
Do we know when updates fail?
Are reboots actually being completed?
Are any systems too old to support properly?
Who is keeping an eye on all of this?

If those answers aren’t clear, it may be time for a conversation. If your business carries cyber insurance (and you should!), these questions matter even more. Many policies ask whether security updates, monitoring, and basic safeguards are in place. If there’s ever a claim, you’ll want to be confident that your real-world practices match what was represented on the application.

Final Thought

Patch Tuesday may not be flashy, but it plays an important role in keeping businesses secure, productive, and resilient.

The safest environments usually aren’t the most complicated ones. They’re the ones that are maintained consistently.

If you’d like a friendly second opinion on how your business is handling updates, cybersecurity, or day-to-day IT support, we’re always happy to talk.

About the author:

Color Coordinating Your Microsoft Outlook Inbox For Boosted Productivity

scarroll@ekaru.com (Sarah Carroll) — Wed, 08 Apr 2026 17:36:26 GMT

Have you noticed your inbox becoming more cluttered? Are you using flagged messages to keep track of important messages and everything else gets lost in the noise of your active inbox? Well, you’re not alone, and there’s a rather colorful solution to assist with organizing your emails that transforms how you interact with your inbox! Emails are more than just keeping in contact with your colleagues and vendors, it’s a task manager, documentation hub, and what keeps your overall daily operations functioning. However, without a structured approach to organization, Outlook can quickly become overwhelming, leading to missed deadlines, overlooked messages, and increased stress.

In today’s blog, we will dive into how to implement a highly effective Outlook organization system. At Ekaru, we specialize in Microsoft for businesses in the greater Boston metropolitan area and surrounding Massachusetts counties. Ensuring you and your team have the tools to maintain overall operations and react proactively to cybersecurity threats.

The Gravity Of A Disorganized Inbox

Before we begin diving into solutions, it’s important to understand that a cluttered inbox doesn’t just look messy, it actively harms productivity and security. In this can affect an individual’s work performance.

When employees spend excessive time searching for emails, re-reading messages, or trying to determine priorities, this results in:

Lost productivity hours across the organization that can affect stakeholders trust and work morale
Increased response times to clients and internal teams
Higher stress levels and decision fatigue
Missed opportunities and deadlines

Even more concerning, disorganization can create cybersecurity blind spots that threat actors can weaponize. Important alerts from IT or security tools can be buried, and phishing emails may go unnoticed amongst the clutter. A good solution; color coordination.

Color Coordination Has More Intention Than You Think

Color coding is one of the most underutilized productivity tools in Outlook. The human brain processes visual information significantly faster than text, and colors trigger immediate recognition.

Users can use various colors for folders in outlook with the intention of:

Instantly recognize priority levels of emails from colleagues and or essential deadlines
Differentiation between departments or clients instead of relying fully on your memory of who and what’s important
Identify action-required emails without opening them
Reduce the time spent scanning inboxes for a specific email

Here are some examples you can use for your folders when organizing:

Red = Urgent / Immediate Action Required
Yellow = Pending / Awaiting Response
Green = Completed / Informational
Blue = Client Communication
Purple = Internal Projects

By using color coordination, this creates a visual workflow in your system that reduces cognitive load and speeds up decision-making. If you are new to color coordinating files on your Outlook, here’s how you can implement a color-coded system.

How to Implement a Color-Coded System in Outlook

While Outlook does not allow direct folder color customization, its Categories feature is extremely powerful when used correctly.

Step-by-Step Strategy for Success:

1. Define Your Color System

Start by identifying the categories that matter most to your business:

Priority levels
Departments (Finance, HR, IT, Sales)
Clients or projects
Task status (Pending, Completed, Follow-up)

Consistency is key! Once your strategy is defined, this system should be standardized across your organization.

2. Create and Customize Categories

Within Outlook:

Navigate to Categorize → All Categories
Create new categories and assign distinct colors
Use clear, standardized naming conventions

For example:

“URGENT – Action Required” (Red)
“Client – Active Projects” (Blue)
“Finance – Billing” (Green)

3. Automate with Rules

Automation is where Outlook becomes truly powerful.

Set rules to:

Automatically assign categories based on sender or keywords
Move emails into designated folders
Flag high-priority communications

Examples:

Emails from your CEO → Automatically tagged Red
Emails containing “Invoice” → Assigned to Finance category
Client-specific emails → Categorized and routed instantly

This eliminates manual sorting and ensures consistency.

4. Train Your Team for Consistency

A system only works if everyone follows it.

Ensure:

Employees understand category meanings
Teams apply categories consistently
New hires are trained during onboarding

Without standardization, even the best system breaks down.

Advanced Outlook Organization Techniques

Color coding is just the foundation. To maximize efficiency, layer in these advanced strategies:

1. Have Rules in Place

You can use rules to assist in organization and prevent chaos such as:

Auto-sort incoming emails
Flag messages for follow-up
Assign categories instantly
Forward critical emails to team members

The Results: Less manual work, more consistency, and fewer missed messages.

2. Search Folders for Dynamic Organization

Search folders act as smart filters that update automatically.

Examples:

Unread Mail
Flagged for Follow-Up
High Importance Emails
Emails from Specific Clients

Instead of digging through folders, Outlook surfaces what matters most in real time.

3. Focused Inbox Optimization

Outlook’s Focused Inbox separates important emails from distractions.

Best practices:

Regularly train the system by marking emails as “Focused” or “Other”
Combine with categories for even stronger prioritization

Its also important to recognize that constant checking of your emails can also hinder your productivity and best practice can be to schedule when to review emails that way you can focus on deep work with no interruptions!

4. The Inbox Zero Methodology

Inbox Zero doesn’t mean having zero emails, it means zero clutter.

For every email:

Respond as soon as possible to avoid emails getting lost
Delegate as to how high of priority it places within your day to day
Archive what has been resolves or no longer relevant
Delete emails that may be spam or you have received by mistake. Overall, avoid letting emails sit unprocessed within your inbox.

Why Email Organization is Critical for Cybersecurity

Email remains the #1 attack vector for cyber threats. A poorly organized inbox increases vulnerability.

Key Risks of Disorganization:

Phishing emails blend in with clutter
Security alerts are overlooked
Employees rush through emails without scrutiny
Sensitive data is mishandled

How Organization Improves Security:

Clear categorization highlights suspicious emails
Priority tagging ensures alerts are seen immediately
Reduced clutter improves focus and decision-making
Structured workflows enforce better data handling

An organized inbox isn’t just efficient; it’s a frontline defense.

How Ekaru Can Elevate the User Outlook Experience

Implementing these strategies on a scale requires more than good intentions. It requires expertise, planning, and ongoing support. That’s where we, the Ekaru team, come in as your local IT and Cybersecurity ally!

Here are some ways we assist you on your Journey To success Using Outlook:

Customized System Design: We analyze your business workflows and design a tailored Outlook organization system. This can look like department-specific category structures, priority-based color frameworks, and folder hierarchies aligned with operations.

Automation & Integration: We configure advanced rules and automation to:

Eliminate manual sorting
Ensure consistency across users
Integrate with your broader IT ecosystem

Proactive User Employee Training: Even the best systems fail without user adoption.

We provide:

Hands-on training sessions
Documentation and best practices
Ongoing support for questions and improvements

Continuous Optimization: As your business evolves, we evolve with you along with your systems. We provide tools to help you evolve such as:

Monitor usage and effectiveness
Refine rules and categories
Scale solutions as your company grows

Bottom Line

When used correctly, Outlook is far more than an email tool, it’s a productivity engine. Color coordination, automation, and structured workflows allow your team to work faster, smarter, and more securely to maintain productivity. Take control of your communication, boost productivity, and strengthen your cybersecurity posture today.

Interested in learning more about our services and how they can assist you you’re your evolving cybersecurity needs, contact us today to schedule your consultation and discover how we can transform your Outlook environment to become more secure and productive across your business.

What Happens When You Click “Report Phishing” in Outlook? (And Why It Matters More Than You Think)

Ann Westerheim — Mon, 06 Apr 2026 16:07:25 GMT

📩 Most employees have seen it.

That little button in Outlook:
👉 “Report Phishing”
👉 “Report Junk”

During a recent Cybersecurity Town Hall with one of our clients in Boston, someone in the room asked about this button - The question most people haven't asked:

What actually happens when someone clicks it?
And more importantly - is anyone paying attention?

This is worth exploring.

🧠 Your Employees Are Your Early Warning System

Even with great email security tools in place, no system is perfect.

Phishing emails still get through.
That’s just reality.

No security tool is 100% perfect - some phishing emails will inevitably get through. Cybercriminals carefully craft their messages to look legitimate, avoiding obvious red flags, suspicious links, or known spam triggers.

What makes the difference is how quickly your business can detect and respond.

And that’s where this simple button becomes powerful.

🛑 What Happens When a User Clicks “Report Phishing”

When someone reports a phishing email in Microsoft Outlook, a few important things happen behind the scenes:

📤 1. The email is sent to Microsoft

Microsoft analyzes the message using global threat intelligence:

Suspicious links
Impersonation attempts
Malware indicators

This helps improve protection - not just for you, but across all Microsoft 365 users.

🗑️ 2. The email is removed from the user’s inbox

It’s typically moved to Junk or Deleted Items, reducing the chance of accidental clicks later.

👀 3. (Optional—but important) Your IT team can be notified

This is the part many small businesses are missing.

With the right configuration:

A copy of the reported email can go to a monitored inbox (like security@yourcompany.com)
Your IT provider can review it quickly
If needed, they can take action across the organization (the email can be removed for other users)

👉 Without this step, the report may only go to Microsoft - and your team never sees it. When a user reports a phishing email, it’s a positive step. Those reports go to Microsoft and help improve detection across the broader ecosystem. If you want to take it a step further, you can also choose to have those reports sent to someone within your organization so they can review and respond more quickly. This could get "noisy" but could also help with Security Awareness Training.

📧 What About “Report Junk”?

“Report Junk” is different.

It tells Microsoft:

“This is unwanted email”

But it does not trigger the same level of urgency or investigation.

No security response
No alerting
No organization-wide action

It helps improve filtering - but it’s not a threat response. For example, you may have signed up for promotional emails from your favorite store at some point in the past. Perhaps today you no longer wish to receive the weekly sales promotions from Kohls, or wherever. We recommend "unsubscribing" as a first course of action, but you could report them as "Junk" to clear them quickly from your inbox and reduce clutter. In this case, though, we do not recommend reporting as "Phishing", because its not really a phishing email. Even if you're annoyed, reserve the phishing flag for a legitimate security concern.

⚠️ Why This Matters for Small Businesses

Here’s what we see all the time:

One employee reports a phishing email
Another employee clicks the same email minutes later
The business didn’t realize it was a broader issue

That gap - between detection and response - is where risk lives.

🛠️ A Simple (and Often Overlooked) Security Upgrade

The good news?

You don’t need expensive security tools to improve this.

Most Microsoft 365 environments already allow you to:

Capture reported phishing emails
Route them to a designated inbox
Review and respond quickly

This turns your team into a real-time detection network. You can elect to configure to remove the email for everyone. This requires that everyone is on the same page, and you have trained users to reserve the "phishing" designation for actual phishing, so everyone doesn't lose access to, for example, a newsletter that is of value.

One quick reminder: avoid forwarding suspicious emails to coworkers to ask, “Is this phishing?” That well-intentioned step can spread the risk - someone may click it. Instead, use the “Report Phishing” button. We've seen this happen way too many times in our local community. In the ProofPoint State of the Phish Report, researchers found an intriguing statistic: 2.5% of people will click a suspicious link out of curiosity - even when they know they shouldn’t! So NEVER forward around suspected phishing emails!

💡 Cybersecurity for Main Street Takeaway

Cybersecurity isn’t just about software, and EVERYONE on the team has an active role to play.

It’s about visibility and response.

When your team clicks “Report Phishing,” that’s not just a button -
it’s a signal.

The question is:

Is anyone listening? Yes! Microsoft is receiving these reports, and you can also designate someone on your team to get the reports as well.

✅ What You Can Do Next

Make sure your “Report Phishing” button is enabled in Outlook
Configure reports to go to a monitored mailbox if you'd like that extra step
Talk to your IT provider about how reports are reviewed and acted on
Reinforce to your team: If something looks suspicious - report it

🔐 Final Thought

Even with the best tools in place, people are still your first line of defense.

But they can also be your fastest detection system -
if you give them a way to raise their hand and someone is ready to respond. Make it a habit to talk about cybersecurity on a regular basis with your team.

❓Got Questions about Cybersecurity?

If you have questions about your security setup - or want to make sure you’re getting the most out of tools you already have - reach out to Ekaru. We’re always happy to help. Contact Us

Technology Advisor Blog

Windows June 2026 Patch Tuesday: What Small Businesses Need to Know

Cybersecurity in 2026: What Small Businesses Need to Learn from 22,000 Data Breaches

Incident: A security event that disrupts business operations, compromises systems, or creates a security risk.

Breach: A type of incident where sensitive information is actually accessed, stolen, or exposed to someone who shouldn't have it.

In other words, every breach is an incident, but not every incident becomes a breach. For example, a ransomware attack or website outage may be considered a security incident even if no customer or company data is stolen.

1. Unpatched Systems Have Become the #1 Way Attackers Get In

2. Ransomware Isn't Going Away

3. Your Security Is Only As Strong As Your Vendors

4. People Are Still a Major Target

5. Artificial Intelligence Is Helping Attackers, Too

What This Means for Small Businesses

Final Thoughts

About the author:

What It's Like to Work With Ekaru — Boston's Trusted MSP

What the FBI’s Latest Cybercrime Report Means for Small Businesses

The Numbers Behind the Headlines

Why These Scams Are Becoming More Convincing

The Human Side of Cybercrime

What Small Businesses Can Do Right Now

Slow Down Financial Requests

Make Reporting Easy

Use Multi-Factor Authentication Everywhere Possible

Provide Ongoing Security Awareness Training

Have a Trusted IT and Security Partner

Cybersecurity Is About Resilience, Not Perfection

About the author:

Windows 11 May 2026 Patch Tuesday: What Small Businesses Need to Know

What If They’re Already In? The Blind Spot in Email Security Most Businesses Miss

You’re Doing the Right Things - But That’s Only One Layer

The Attacks Don’t Always Look Suspicious Anymore

The Bigger Shift: It’s Not Just About Getting In

This Is Where Most Security Strategies Stop

A Missing Layer: Watching What Happens After Login

Why This Matters (Even If You’re “Doing Everything Right”)

A More Realistic Approach to Security

Want to See What This Looks Like in Real Life?

Let's keep the conversation going...

About the author:

Ekaru Awarded GTIA Cybersecurity Trustmark for Excellence in Cybersecurity Practices

Ekaru earned the GTIA Cybersecurity Trustmark, recognizing its commitment to secure, compliant IT practices and trusted client protection.

About the author:

Today is Patch Tuesday: Why It Matters for Your Business

April 2026 Updates Released Today

What Is a Patch?

Why Patch Tuesday Is So Important

What Came Out in April 2026?

Sometimes There are Unexpected Results

Why Businesses Often Fall Behind

Why We Obsess Over It at Ekaru

What Business Owners Should Ask

Final Thought

About the author:

Color Coordinating Your Microsoft Outlook Inbox For Boosted Productivity

The Gravity Of A Disorganized Inbox

Color Coordination Has More Intention Than You Think

How to Implement a Color-Coded System in Outlook

Step-by-Step Strategy for Success:

Advanced Outlook Organization Techniques

How Ekaru Can Elevate the User Outlook Experience

Bottom Line

What Happens When You Click “Report Phishing” in Outlook? (And Why It Matters More Than You Think)

🧠 Your Employees Are Your Early Warning System

🛑 What Happens When a User Clicks “Report Phishing”

📤 1. The email is sent to Microsoft

🗑️ 2. The email is removed from the user’s inbox

👀 3. (Optional—but important) Your IT team can be notified

📧 What About “Report Junk”?

⚠️ Why This Matters for Small Businesses

🛠️ A Simple (and Often Overlooked) Security Upgrade

💡 Cybersecurity for Main Street Takeaway

✅ What You Can Do Next

🔐 Final Thought

❓Got Questions about Cybersecurity?

About the author: