Technology Advisor Blog

Do I need a password manager?  The quick answer is YES!  

Hackers thrive on uncertainty, and with COVID-19 cases climbing, a long election cycle, and the holidays approaching, there's a lot of stress and chaos in our lives. This is an important time to remember that hackers take advantage of this uncertainty and it's more important than ever to stay vigilant on line.

Small businesses have been particularly hard hit by the pandemic, and with the financial crisis, any stimulus funds from the government are greatly needed, but don't click too fast! Phishing scams and business email compromise (BEC) scams are an ongoing part of cybersecurity awareness training, but it's important to be aware that hackers have more choices including text messages.

We see this in a recent warning from the Internal Revenue Service to not click on any text messages that you receive which claim to have economic stimulus check information in them. In the scam, victims are instructed to provide banking information for the $1200 check to be deposited into. This trick is just another way that online crime is being committed against unsuspecting consumers – the same consumers who are likely vulnerable and looking for assistance during the pandemic.

The IRS will never ask you for your banking information via a text or phone call and will not send unsolicited texts and emails that are asking you for personal information. If you receive any of the above, get the contact information for the caller, or close the website and go to the official IRS website to call in and inquire about the request or demand. Remember, hackers can disguise links to look legitimate, but most – if not all, government websites should end in the .gov extension – but that does not always ensure it is safe! This is just a factor that can help to determine legitimacy. Also, just because a website address includes the "s" with "https" and has a "lock" icon, it doesn't mean the site is safe.

Even if you keep your security up to date with security patches, antivirus updates, firewall, and more,  these types of attacks are designed to basically get you to effectively open the front door. Years ago, fake websites looked fake - it was easy to spot them. Today, fake website are very convincing - great graphics and text, and you may not be to tell you're at a bad site.

This current scam takes you to a site that appears legitimate, and you may be inclined to enter banking information – don't do it. The verbiage will alert you that you’ve already received the stimulus check, you just need to accept it – sounds easy, but don't do it. Do not click on the link. The Get My Payment site that you are likely being redirected to is not legitimate, even if it looks like the real one.

If you receive this text, screenshot it and email it to phishing@irs.gov along with the date that you got the text, the phone number from which it came from, and your own number. Reporting these scams helps organizations increase awareness so others are less likely to be hacked.

At Ekaru, we strongly recommend ongoing security awareness training to keep your business and your employees safe. A strong foundation of security protection is critical, but for threats that are designed to sneak through and trick users, the human factor is so important. If you know how the scam works, you'll be one step ahead of the hackers.

October was National Cybersecurity Awareness month, and today, November 30th is "Computer Security Day".  Security awareness is a big part of keeping your business safe - keep security top of mind for you, your employees, and your family today and everyday

Each year the National Cyber Security Alliance promotes Cybersecurity Awareness Month during the Month of October.  It's estimated that over 90% of breaches occur as the result of user error, so developing a culture of cybersecurity in your organization is more important than ever.  Each day in October we posted a Myth or a Tip on our social media, and as much as a month of increased awareness helps, Cybersecurity is really an ongoing effort.

Cyber criminals can use data leaked in big breaches to cause more harm to you with phishing emails.  Data from big breaches, which have almost become commonplace, wind up on the Dark Web quite quickly.  After they have your info via the Dark Web, they can craft some very convincing emails to you.  They can use identifiable information to customize the email to make it look legit.

This year’s initiative highlights the importance of empowering individuals and organizations to better protect their part of cyberspace in an increasingly connected world

We all know what we "should" do about passwords, but reality is quite a bit different as a recent report by LogMeIn shows, in collaboration with the National Cybersecurity Alliance.  At Ekaru we're on a mission to help Small Businesses stay strong in the face of cyber threats.  The more you know about the threats you face, the better your chances of keeping your data safe an your name out of the headlines.

For those fortunate enough to be able to make the move to work from home during the pandemic, the rapid change has been a lot to handle.  Cybersecurity threats increased sharply while users are adjusting to a new way of work.  Last week we hosted security expert Jay Ryerse, CISSP, of Connectwise to speak to our community about the impact on small business.  Ekaru wants the cybersecurity culture of our community to transcend the office walls to protect you, your family, and your business.

Zoom meetings have become so popular these days that the word has become a verb!  There are many great collaboration tools (GoToMeeting, Microsoft Teams, etc), and Zoom has emerged as a crowd favorite with huge growth resulting from their popular free version.  

Cyber criminals are working overtime to take advantage of the disruption and confusion caused by the pandemic.  The FBI reports a four fold increase in cyber threats recently and its more important than ever to stay alert, and talk to your team about cybersecurity.  The most common attack vector these days is eMail, and an unknowing employee may click on the wrong link thinking they're getting important safety information.  Think before you click!