Technology Advisor Blog

A Creepy eMail in Your Inbox - Someone Knows Your Password

Posted by Ann Westerheim on 11/12/18 10:02 AM

Social-Media-Graphic-Comprimised-CredentialsThe Cybersecurity landscape is constantly changing, and there's a new threat to watch out for:  Extortion emails that contain either a past or current password.   We saw a big wave of these emails over the summer and shared a blog post with our community,: A Creepy Twist on Ransomware: Using your Hacked Passwords and we're seeing another wave now, with some more variations.

Here's the intro from the new email we're seeing:

"Hello

I'm a hacker who cracked your email as well as devices a few weeks back.  

You entered your password on one of the websites you visited, and I intercepted it. 

Here is the password from <your email address> on the moment of the hack:  <an email you will recognize>

Clearly one can change it, or perhaps you already changed it.  

Nonetheless, it isn't going to change anything, my own malicious software updated it each and every time.

Do not necessarily attempt to get in touch with me or find me, since I sent you email from your own account.  

Via your own email address, I uploaded harmful code to your Operating System.

I saved all your contacts along with friends, acquaintances, relatives, and an entire record of visits to Web resources..."

The email goes on to demand payment to a bitcoin wallet, and references images taken from the webcam.   It further says that law enforcement can't help you.

This email, and emails like it are very scary.  The email is made to look like someone hacked into your email account, but in fact it's just a "spoofed" email (the return path is not actually you, but it looks like it is).  

Bad actors can harvest passwords from the dark web and you may recognize the password identified.  One of the reasons this scam works so well is that you will likely recognize the password, as many people use the same password or similar passwords for multiple accounts.  Threats like this are launched using automated systems, and users who may not be aware of these threats work could be terrified of messages like these.

We track major breaches on a weekly basis, and also monitor the dark web for compromised credentials.  It may take a very long time for a breach to be acknowledged, but with dark web monitoring, you'll get advance notice.  

We strongly advise a layered approach to security.  Employee security awareness training, password managers, next-generation antivirus, and dark web monitoring are strongly advised to help keep your users secure.  The security landscape is constantly evolving and the layers of security you may have put in place years ago are no longer sufficient. 

Everyone has a different level of risk that you're okay with, there are probably some gaps that you're not comfortable with.   Our mission is to make sure you have the information you need to be aware of the current cybersecurity landscape and to make informed decisions about your acceptable risk level.

 

 

How the Dark Web Impacts Small Businesses

Posted by Ann Westerheim on 11/2/18 11:06 AM

DarkWebIdentity theft is an unfortunate occurrence that is all too familiar with most business owners, but do those individuals know where the compromised data will end up? Often, these business owners are unaware of the virtual marketplace where stolen data is purchased and sold by cybercriminals; a place known as the “Dark Web”.

An article on Lexology explores what the Dark Web is, what information is available for purchase there and how it impacts small businesses.

What is the Dark Web?

The Dark Web, which is not accessible through traditional search engines is often associated with a place used for illegal criminal activity. While cybercriminals tend to use the Dark Web as a place to buy and sell stolen information, there are also sites within it that do not engage in criminal activity. For many, the most appealing aspect of the Dark Web is its anonymity.

What's for sale on the Dark Web?

Information sold on the Dark Web varies, and includes items such as stolen account information from financial institutions, stolen credit cards, forged real-estate documents, stolen credentials, and compromised medical records. Even more alarming, the Dark Web contains subcategories allowing a criminal to search for a specific brand of credit card as well a specific location associated with that card. Not only can these criminals find individual stolen items on the Dark Web, but in some cases, entire “wallets” of compromised information are available for purchase, containing items such as a driver’s license, social security number, birth certificate and credit card information.

What is stolen personal information used for?

When stolen information is obtained by criminals, it can be used for countless activities like securing credit, mortgages, loans and tax refunds. It is also possible that a criminal could create a “synthetic identity” using stolen information and combining it with fictitious information, thus creating a new, difficult to discover identity.

Why are stolen credentials so valuable? 

Stolen user names and passwords are becoming increasing popular among cybercriminals.  Identity thieves will often hire “account checkers” who take stolen credentials and attempt to break into various accounts across the web using those user names and passwords. The idea here is that many individuals have poor password practices and are using the same user name and password across various accounts, including business account such as banking and eCommerce. If the “account checker” is successful, the identity thief suddenly has access to multiple accounts, in some cases allowing them the opportunity to open additional accounts across financial and business-horizons. 

Why should small businesses be concerned about the Dark Web?

Since the Dark Web is a marketplace for stolen data, most personal information stolen from small businesses will end up there, creating major cause for concern. With the media so often publicizing large-scale corporate data breaches, small businesses often think they're "under the radar" and not a target for cybercriminals, however that is not the case. Cybercriminals are far less concerned about the size of a business than they are with how vulnerable their target is. Small businesses often lack resources to effectively mitigate the risks of a cyberattack, making them a prime target for identity theft as well as other cybercrime.

At a recent Federal Trade Commission (FTC) conference, privacy specialists noted that information available for purchase on the Dark Web was up to twenty times more likely to come from a company who suffered a data breach that was not reported to the media. The FTC also announced at the conference that the majority of breaches investigated by the U.S. Secret Service involved small businesses rather than large corporations.

How can you reduce the risk for your small business?

To reduce the risks of a cybercriminal gaining access to your company’s information/network, you must ensure you have proper security measures in place. The FTC has a webpage that can assist with security options for businesses of any size.  In addition, it is crucial that your employees are properly trained on security, including appropriate password practices. There is also talk of a government-led cyber threat sharing program which would help enhance security across all industries by sharing cyber threat data. 

Enhanced security technology is part of the solution here, but user security awareness is increasingly becoming the weakest link.  It just takes one user in your organization to click on the wrong link and do a lot of harm.  

Tags: cybersecurity, Dark Web

A New Twist on the Microsoft Support Scam

Posted by Ann Westerheim on 11/1/18 10:42 AM

The "tech support" scam is a common threat on the Internet.  While working on your computer, a pop up will appear that says your computer has a problem and help is just a phone call or click away.  Many of these scams pretend to be from Microsoft.  The graphics may look very professional, and the tech jargon sounds convincing enough that may people fall for these scams.  After the "repair" is done, then you'll be asked for a credit card to pay.  Most people assume they won't fall for a scam, but if you're very busy, and the support price is low enough, it could seem like the fastest and most efficient way to get support and get back to work.  

A new twist on this scam is that some bad actors make the scam more convincing by directing users to go to the Microsoft Support page, and then give them a code to get support via LogMeIn.  Since you've been directed to a legitimate website, you may think you're safe, but the code you enter will simply direct you to whichever user is connected on the other end - NOT Microsoft, because the code is independent of the site. 

LogMeIn Rescue is a remote support tool used by thousands of legitimate businesses, including Microsoft (and Ekaru), but legitimate products are not immune to bad actors with nefarious intent.  Some are using trial accounts and appear and disappear on line, so they're hard to catch.

Always be alert on line.  Many scams rely on busy users who need to get their support problem resolved as quickly as possible and get back to work.  THINK BEFORE YOU CLICK!

If you have any suspicions that something may not be right, DO NOT CONNECT.  If you have already connected, then hit the "kill switch" to end the session immediately.

LogMeIn Disconnect

LogMeIn has set up a site to report abuse.  If you're approached by a suspicious technician, capture and report – but do NOT enter – the six-digit PIN code they provide. Immediately send this and any other related information: https://secure.logmeinrescue.com/ReportAbuse/Send.

They request that you provide the following details:

  • In what way you were approached (email, phone call, etc.)
  • Exact date and time of the scam
  • The PIN code or link you were instructed to use (if you have it).

In general, always be suspicious if someone offers to help you and you didn't ask for help.  Another red flag is if you're asked to either upload or download files, and don't provide any credit card or personal information over the phone.

We recommend on-going security awareness for ALL employees.  The security landscape is constantly changing, and there are probably some gaps that you're not aware of if you're not keeping up.  Scammers are always improving and updating their techniques, so you and your team need to be aware of the latest threats.   Call us for help setting up a security awareness training plan, or sign up for training on-line.

Remember:  If a pop up appears on your computer saying you have a problem and help is available, DON'T call or click.  Call your own trusted computer support specialist instead!

Reference Link from the LogMeIn Support Site:  Avoiding scammer who abuse LogMeIn Rescue accounts.

Tags: data security, cybersecurity

Got Ransomware?  What's your Disaster Recovery Plan?

Posted by Ann Westerheim on 10/30/18 1:50 PM

Social Graphic - RansomwareDisaster recovery is a basic element of good business continuity planning. You've probably heard the phrase and like many businesses, it's something you'll get around to "later". 

Business continuity planning refers to the broad range of plans created so that a business can continue to be operational no matter what negative event might occur. Business continuity planning addresses severe, catastrophic events, loss of a key employee, director, or other principals in the organization, severe natural disasters that incapacitate a physical location, employee mistakes, and insider threats, etc. Basically anything that can go wrong!  Disaster recovery planning is one piece of this broad planning. Specifically, disaster recovery plans refer to how to quickly recover from some event that compromises your IT infrastructure.

In general, smaller businesses - which often have no IT support staff - will utilize the services of a managed service provider, like Ekaru,  to develop disaster recovery plans.
 
One piece of your disaster recovery planning needs to address how the business can protect its data from a ransomware attack. Unlike more well known viruses, ransomware doesn't just access your data, it locks it down so it is unusable. The business model behind this approach is simple: They are betting you will have no segregated backups and will be willing to buy back access to your data.  Ransomware isn't about how valuable your data is to your attacker, its about how valuable your data is to you.
 
We strongly advise multiple layers of security to protect your data.  There's no such thing as 100% security, so in addition to all the security measures you put in place, a rock solid backup is required.  Plan in advance what your Recovery Point Objective needs to be:  how much data can you lose?  15 minutes?  One hour?  One week?  The frequency of your backup matters.  Also, what is your Recovery Time Objective?  How long can you wait to get your data back?  Some backups may take a week or more to recover?  How much will that cost your business to be down for a week.  Every business has a different level of risk they can live with.  New threats mean this is a question that needs to be constantly revisited, and you may find some gaps that you can't live with.  Plan IN ADVANCE to make sure you fully understand your current risk level, your options to decrease your list, and then make a decision about your level of protection.  One of the worst phone calls we get is from the business got hit with data and it's too late to talk about protection.  You don't need a complicated plan, but don't get caught by surprise.

Tags: ransomware, cybersecurity, backup

Ransomware:  Don't be a victim!

Posted by Ann Westerheim on 10/23/18 2:26 PM

Ransomware_Blog_10-2018We hear routinely in the news that a major corporation or government agency has had its data integrity compromised, with millions of pieces of personal data accessed. In these cases the criminals behind the attack hope to get money by selling that data to other criminals. In the case of ransomware, the criminals want your money, and try to get it by holding your data hostage. Plain, old fashioned kidnapping with a hi-tech spin.  It's not about how much your data is worth to them, it's about how much it's worth to you.
 
It's not just happening far away, the attacks are local as well.  Earlier this year, the Leominster School District here in Massachusetts got hit with Ransomware and ended up paying $10,000 Ransom.  
 
What can you do to avoid falling victim?
 
Prevention is the best cure. Follow standard “data hygiene” principles that you probably hear about all of the time. Update your operating system, software, and apps whenever a new release or patch is released. Do this ASAP. Some patches may be released solely as a result of the discovery of a vulnerability. Watch out for phishing scams. If anything looks “off” about an email, don’t open it. And never open links you aren't totally sure of. Some people recommend sending the email back to the sender, but we advise against this because you may just be "raising your hand" for the bad actors.  If you get, for example, an email from your credit card company, instead call the number on the back of your card.
 
The most important thing you can do to make sure your data cannot be held ransom is strictly adhering to a regimen of backups. However, even backups may not be foolproof. If your data has been infected and you are unaware of it, or the backup is not segregated from your network, your backups may also be corrupted. Given the severe consequences of a ransomware attack to any business, consider having a security evaluation done by a managed service provider who will have the security expertise to advise on the best backup protocols for your situation.
 

Tags: cybersecurity, ransomware

You've Got Ransomware... Now What?

Posted by Ann Westerheim on 10/16/18 3:36 PM

Ransomware_ResponsesIf you're unfortunate enough to be the victim of a ransomware attack, there are basically only three options open to you. Ransomware is a type of computer virus that kidnaps your data and holds it hostage for money. It has become increasingly common attacking governments and all manner of business and non-for profit institutions.  These are often automated attacks that are broadly distributed, so even if you're a small business you're still at risk.  Too many small businesses think they're "under the radar" and in fact, about half of ransomware attacks hit small businesses.
 
Why is ransomware so nasty? Because it steals the most important thing your business possesses. Data. It's not about the value of your data to someone else, its about the value of your data to you.  Worse, once infected there isn’t generally a way out. No one can “disinfect” your machine. You aren't going to be able to call in IT support to solve the problem. Basically, you have three options.
  1. Pay the ransom. This payment is usually via bitcoin (a digital currency). Some ransomware viruses even provide help lines if you're having trouble. Of course there are no guarantees your will get access to your data - these are thieves you’re dealing with.  We strongly advise against this unless there is no other option.  Be sure to make a copy of all data before taking any recovery steps. 
  2. Don’t pay and lose your data - This has its obvious downsides, unless…
  3. You have a safe, clean backup. In that case, you are stuck with the nuisance of restoring your data with the backup, but you aren’t out any money. However, this comes with a caveat: your backups have to be clean. The problem with ransomware viruses is that just making backups may not be sufficient to protect your data, as the backups can be infected also.
As you can see, the first two options aren’t very favorable solutions. The only real defense against an attack is the third option. You have to be prepared ahead of time with a safe, segregated backup. Also, plan in advance to know the difference between a recovery point objective (how much data you may lose) and a recovery time objective (how much time it will take to recover).  Be sure to get the advice of a specialist on how to protect your data from this very serious threat to your business.  Ask Ekaru about our down-time calculator!

Tags: SMB, cybersecurity, ransomware, cybersecurity

5 Surprising Tech Trends Boosting Small Business Growth

Posted by Ann Westerheim on 10/5/18 9:26 AM

Cybersecurity - 5 SMB TrendsRunning a small business is exciting but also very risky. American business owners and managers spend countless hours building enterprises that bring value to the table. However, their survival rate doesn't look rosy according to recent statistics. Approximately 80% of businesses survive their first year, 50% survive their fifth year, and 30% survive their tenth year. The fact that their failure rate only increases over time is cause for concern.

Given the dire situation, what can small businesses do to ensure their survival? At Ekaru, we believe that efficient and growth-oriented businesses rise to the top and capable of weathering the storm during recessions. That’s why we’ve listed several surprising tech trends to help boost the growth of your small business below.

  1. Artificial Intelligence And Machine Learning

Tech giants such as Amazon, Google, and Microsoft have been instrumental in the development and promotion of Artificial Intelligence (AI) and Machine Learning (ML). These companies have reaped the benefits of integrating AI & ML technologies into their existing business processes. They’ve been able to automate tasks, enhance employee productivity, predict customer behavior, and introduce intelligent software services.

Small businesses can also leverage AI & ML as these big players are now competing for the startup market. They’re introducing apps, productivity tools, and services that come embedded with AI & ML from the get-go. Furthermore, they’re becoming increasingly user-friendly allowing staff members of small businesses to take advantage of these with minimal training.

  1. Conversational Chatbots

Business managers understand the importance of responding to their customers, employees, and vendors as quickly as possible. Not only does this improve the effectiveness of their businesses, but also keeps their reputation in good standing. Therefore, implementing an automated and intelligent response pipeline across all communications channels is vital.

A smart way for businesses to communicate via email, messaging apps, social media, and their websites is with chatbots. While chatbots are nothing new, they are becoming more conversational, sophisticated and capable of dealing with increasing market demands. They respond to all inquiries around the clock, hold productive conversations, and bypass commerce bottlenecks.

  1. Cybersecurity

We take cybersecurity seriously at Ekaru and for a good reason. Small businesses are the largest target with 43% of cyberattacks targeting them specifically. We’re also aware that many small and mid-sized companies (SMBs) don’t have large cybersecurity budgets, which increases their vulnerability. But their security issues don’t end there. Quite often, they’ll use weak passwords, store them in insecure places, and don’t educate their employees about password security.

Having pinpointed these glaring problems, we set out to offer small businesses a cost-effective and reliable solution. We introduced Ekaru MyGlue, which is a secure password manager to share, store, and synchronize passwords between executives, employees, contractors, and clients.

  1. Marketing And Sales Automation

Two key areas, which small businesses can easily automate, are their marketing and sales processes. The reason for this is that marketing and sales software offers automated functionality due to AI & ML implementation. They easily integrate into businesses’ existing systems and help to automate and speed up marketing campaigns and sales tasks. Vendors such as Salesforce collaborate with Google to offer such marketing and sales tools for small businesses.

  1. Social Payments

Social payments have been on the rise ever since the advent of PayPal and social media platforms. Consumers enjoy the convenience of transferring funds immediately or within a day by using secure payment processors and mobile wallets. By linking their bank, credit, or debit card accounts to these services, they can easily receive and send funds to people and businesses online.

Many small businesses are running marketing campaigns on social media platforms such as Facebook, Instagram, and Twitter. Some even collaborate with notable social media influencers to spread awareness of their brands, products, and services. Consumers who follow these influencers can make frictionless social payments for any goods and services that interest them. 

Conclusion

As we’ve seen, there are several exciting tech trends that are changing the face of business in a positive way. AI & ML help to automate tasks, chatbots are becoming conversational, cybersecurity is increasingly vital, marketing and sales automation speed up these processes, and social payments are on the rise. Contact us to learn how recent tech trends can boost the growth of your business.

Tags: SMB, cybersecurity

What I learned at Hubspot Inbound 2018

Posted by Nancy Amato on 9/24/18 4:27 PM

Hubspot_Inbound_CollageNancy recently attended Hubspot Inbound 2018 with 24,000 marketing pros from around the country and around the world (plus 400,000 followers!)  "INBOUND is a community of people who are passionate about marketing, selling, and delighting customers in an inbound way. Our annual event and year-round media platform inspire and educate hundreds of thousands of people so that they—and their businesses—can grow better."

Getting out to a conference is a great way to learn and re-charge.  At Ekaru we're always looking for ways to learn and grow.  Here are some of Nancy's thoughts and experiences:

I am excited to share with you what I learned at Hubspot's annual conference –Inbound18Brian Halligan, the co-founder of Hubspot talked about how to fuel your company’s growth.  He believes the old Marketing Funnel that we have been living by in the sales and marketing world has a crack in it.  So he created the Flywheel. His inspiration came from Jeff Bezos who created the circular model and it has helped his growth at Amazon.  Customers are input into our business not output like in the Marketing Funnel.  Modern business needs to embrace this new model, in order to grow in the near future.  Our customers are on the flywheel.  We need to apply force to the flywheel so we can get the biggest return on our investment.  This happens in the engage stage with sales reps.  We then shift to the marketer to attract as many people in as we can.  The loudest channel in the flywheel is to delight.  Put all your force on the wheel into delight in order to make your customer happy. 

We want to have no friction in our buyer’s process.  Brian quotes  ‘’your customer experience has to be 10x lighter”.   The goal is to scale up service, marketing and sales processes.  This new growth model is for sales, marketing and customers to have very little friction and we need to continually delight all of our customers at all times.  The lower the friction in our model, the higher the return on investment will be. 

Dharmesh Shah, the other co-founder to speak from Hubspot talked about how we are living in a new world, and we need to change in order to grow.  Wow…such powerful words!  He said, culture is critical and it defines the destiny in a company.  He believes in SFTC which is Solving For The Customer.  Our goal is to help them succeed and we don’t want to just satisfy them - we want to delight them.  This is part of the cultural code deck (which he has written about in a book) because this puts the customer first.  Remember, the customer experience starts and never ends, just like with the Flywheel that Brian talked about..  What a fabulous great talk by Brian Halligan and Dharmesh Shah.

Another keynote speaker was Shonda Rhimes.  If by chance you do not know who Shonda Rhimes is, she has created six award winning sitcoms on CBS.  She talked about when she walks into a negotiation, she does NOT surrender, for example her recent experience with Netflix.  She is extremely busy with streaming, Netflix and Shondaland.  It is too early for her to mention anything about Shondaland, which by the way An American Television production company that she founded.  As Shonda says ‘it’s where the bad asses live’.  Shonda feels in the working world we have nothing to lose, and must always speak up.  Shonda spoke about how important time management is with work and family.  I also like how she said losing weight sucks, and she recently lost 100 pounds in one year

I really like Alex Rodriguez's speech about his obsessing with learning.  Did you ever think you would hear a former baseball champion speak like that?  He likes to find people who are respectful and successful to be around.  He had his share of strikeouts and failures and has grown from all of that.  Alex likes to be on the Shark Tank and find people who are poor, hungry and driven -  his version of a "PhD".  He summed up what Inbound18 means to him, by saying it means to educate and inspire yourself and surround yourself with good people.  What powerful words those are to live our everyday lives by. 

 

 

Tags: SMB, small business, Marketing

Are your passwords really keeping you safe?

Posted by Ann Westerheim on 9/11/18 3:18 PM

Did you know, half of cyber attacks hit small businesses, and only 14% of small businesses rate their ability to mitigate threats as effective.  Cyber attacks on big businesses make the headlines, and too many small businesses think they’re under the radar.

Weak passwords account for the majority of data breaches.  60% of SMBs have no visibility into employee password habits and have no password policies.  Almost 2/3 of employees in small business use the exact same password for everything.

10% of all passwords are either “password” or “123456”.  No wonder our data isn’t safe!

Best practices for passwords call for STRONG passwords, which include at least eight digits mixed with uppercase and lower case letters, numbers, and symbols.  Also, a DIFFERENT password needs to be used for every application, which for many users can be over 50 passwords!

Can you spot the problem?  How can anyone remember all these passwords, and change them frequently enough? 

To keep your data secure, we recommend using a password manager.  Are your employees re-using passwords? Are they using very weak passwords, are they writing them down on post-its or little notebooks? 

Stop ignoring this important part of your security plan.  Create a clear password policy, educate your employees,  and consider implementing a secure password manager. 

Protect your digital footprint before it’s too late! 

Want to learn more?  Get the infographic.

Wait a minute! The minute by minute cost of Cybercrime

Posted by Ann Westerheim on 8/29/18 5:17 PM

HackerThe cost of cybercrime is no joke. This is easy to say from the perspective of someone whose business it is to know all about cybercrime trends, attack vectors, etc.  But to really quantify how big of a problem cybercrime is in the world of business, it is often easier to compare it to day to day things… like a doctor explaining a complicated procedure or a mechanic telling you why your car is making that noise. So today I would like to compare the cost of cybercrime to the most universal understanding that there is… time.

The cost of cybercrime each minute globally: $1,138,888

The number of cybercrime victims each minute globally: 1,861

Number of records leaked globally each minute (from publicly disclosed incidents): 5,518

The number of new phishing domains each minute: .21

As you can see, cybercrime builds by the minute.  


Read the full article on Dark Reading.

Tags: cybersecurity

Subscribe by Email

Most Popular Posts

Browse by Tag

See all tags...

Connect With Us

Older Blog Posts

For older Ekaru blog posts, go to ekaru.blogspot.com.