phishing / a fish hook on computer keyboard with email sign / computer crime / data theft / cyber crime

Tips to Combat Phishing via Social Media

Tags :

Category : Cyberawareness

Phishing, the practice of trying to lure unsuspecting victims to click on links to install malware or divulging confidential information, is a tactic which unfortunately involves more than just malicious emails. Phishing attacks can also take place in other environments such as via texts, phone calls, or social media.

Facebook, in particular, seems especially prone to these types of nuisances, such as those involving fake websites set up by scammers in the hopes of tricking people into divulging their account information. Facebook does offer some tips to combat these efforts (such as being on the lookout for sloppy messages, messages which claim to have attached passwords, malicious links, or requests for confidential information). However, the threats also involve fake charity requests for victims of the latest natural disaster.

How can you avoid phishing? Below are tips from email security organization Proofpoint for both consumers and IT departments, which I combined with commentary based on my own experiences

Be wary of fake news
Social media con artists use divisive political content to enrage voters and spread misinformation. Avoid “fake news” or news of dubious accuracy and refrain from clicking on links sent to you or posted on social media. Think like a newsroom: You need to confirm accuracy. If you see a news story, verify it on an online news site. Never blindly repost information without checking for accuracy, no matter how much you might wish it to be true.

Be wary of bots

Keep an eye out for bot accounts and block them since they aren’t likely to promote honest or legitimate content. Be cautious of any Twitter and Facebook accounts where something doesn’t look quite right, or he/she seems especially aggressive. Telltale signs of a bot include accounts with random names/numbers, accounts which frequently repost items, accounts posting material which doesn’t seem relevant to the context of a discussion or thread, and accounts which contribute no actual content but just share/retweet other accounts.

Investigate details behind questionable ads

Use Facebook’s “Info and Ads” to determine the motivations behind ads. For instance, when you see a political ad on Facebook which seems suspect or sensational, click the ad and then click the page associated with it. Facebook’s goal is provide “increased accountability for bad actors, which will help to prevent abuse on Facebook” and to “bring additional transparency to Pages and the ads they’re running.”

If the ad comes from a less-than-reputable source, disregard future content from this page or entity as phishing attempts are more likely from these types of accounts.

Avoid clicking links
Do not click on Twitter Direct Message (DM) or Facebook Messenger links unless you are positive they are reputable. They might contain malware or direct you to credential phishing sites that will attempt to steal your passwords or financial information or install malware on your system or device.

Links can also be obfuscated by adding a bunch of unnecessary words or random characters to what seems like a legitimate site in the hopes that you’ll be fooled into opening them. For instance, a link to or might seem OK at first glance but look closer. You can highlight the link and press Ctrl-C to copy it, then open a text editor like Notepad and press Ctrl-V to paste it in for closer inspection.

Use a quality filter
If it is not already on, activate your quality Twitter filter. This tool (which is enabled by default) helps you locate the quality tweets amongst the noise generated by bots and other low-value entities.

To check your setting, click your profile picture at the top right of the Twitter site and then choose “Settings.” At the “Settings” screen, select “Notifications” from the left column. Check the “Quality filter” box to enable the filter.

Note, Twitter states this “does not filter notifications from people you follow or accounts you’ve recently interacted with.”

Also, verify that Twitter accounts purportedly owned by famous people or governmental officials really are who they say they are by ensuring there is a blue circle with a check in it next to their name or Twitter handle.

Finally, unfollow pages of dubious accuracy or pages prone to promoting sensationalistic “click bait” ads or posts.

Want to read the full article?

Don’t fall into Breach Fatigue

Category : Uncategorized

Stu Sjouwerman from Know Be 4 wrote this blog post. I think that it is entirely accurate. Every day, I meet with clients that say “So what? My login is compromised somewhere on the dark web. So, does that mean I am going to be hacked tonight? Does that put me in danger?”. I even had one prospect yell at me and call me an “alarmist”. However, the fact is, yes. You are in danger and with all of the breaches happening, you put yourself and your company’s network (s) in jeopardy. There are plenty of ways to protect yourself – but first, you have to understand the danger. With so many news reports of breaches- we have become complacent.

People shouldn’t let news of data breaches dissuade them from trying to protect their information, according to security researcher Ray [REDACTED]. On the CyberWire’s Hacking Human podcast, Ray referenced an earlier episode of the CyberWire in which Carole Theriault said she often encounters an attitude in which people are resigned to the fact that all their data have potentially already been stolen, and that therefore it’s not worth going to the trouble of trying to prevent future breaches.

“I actually call that the fallacy of futility,” Ray said. “And what it is, is it’s the idea that if we take the fact that online privacy doesn’t exist anymore…if we say, well, there’s no such thing as online privacy…the problem is, is, that’s not a binary statement, right? It doesn’t either exist or it doesn’t. There are varying degrees of privacy.”

Ray explained that even data that’s already been breached is not always easily discoverable or publicly accessible. For example, the OPM breach, which is believed to have been conducted by Chinese hackers, probably resulted in the data falling into the hands of Chinese intelligence services. While that’s not a good thing, it means the data probably aren’t available to petty criminals who could use it for identity theft and other crimes.

“It’s very important to keep in mind that just because your data has been breached before…that doesn’t mean that you’d necessarily want to be involved in others,” Ray said. “And ultimately, some of that data may be different, especially if you’re using unique email addresses. But it is in everyone’s best interest to try to protect themselves, you know, through OPSEC and practicing good security hygiene.”

Ray said much of the problem stems from the sheer number of breaches we hear about on a weekly basis. These breaches involve our data being stolen from companies we interact with, and we usually have no control over what happens to those data.

“I think it really is driven by the fact that, just like in cybersecurity, we have something called alert fatigue,” Ray explained. “We have something called outrage fatigue, and we have something called breach fatigue, which is when you see a big announcement about DoorDash and, you know, millions and millions of people’s information being leaked – or even Words with Friends…we’re so numb to these massive breaches that it feels like they’re almost inevitable, right? And to a certain degree, when humans feel like something is basically inevitable, there is a tendency to just assume that it’s going to happen at all times and that there’s nothing that can be done to mitigate the impact of it.”

There are measures you can take to mitigate the risk and effects of having your data breached. New-school security awareness training can help your employees take steps to secure their data while staying safe from threat actors who may have already compromised it. The CyberWire has the story:

If you want to know more- we can do a dark web scan for your organizations domain – and see how phish prone your users are.

Contact us!

NIST Framework

Careful- they’re getting better….and more successful

Category : Cyberawareness

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it.

The capturing of user credentials online used to takeover accounts is a key starting point for cybercriminals. In some cases, credentials provide access to online email, files, and collaboration where the initial access serves as the foothold to target executives and other key employees, or used to simply steal valuable access to data, bank accounts, and more.

The basis for this kind of attack is brand impersonation. From the phishing email, to the bogus (but very realistic) logon page, the bad guys use a well-known online brand to fool their victims. According to Barracuda’s latest 2019 Spear Phishing Report, the use of brand impersonation is at an all-time high. From the report:

  • 83% of all phishing attacks involve brand impersonation
  • 32% of attacks impersonate Office 365
  • 21% of attacks impersonate a financial institution
  • 20% of attacks impersonate Apple

Attackers are leveraging well-known brands to establish context for the recipient victim. This use of brand impersonation raises the likelihood of a successful attack.

Barracuda recommends a combination of technology and user training to combat this rise in brand impersonation attacks. Technologies such as DMARC authentication and multi-factor authentication can be used as part of a layered approach to stopping these kinds of attacks. Users undergoing Security Awareness Training can be taught to spot suspicious brand impersonation emails before they fall for them and provide credentials.

Brand impersonation is a powerful and effective means for cybercriminals to lower your user’s defenses and improve the chances of successful attack. Putting technology and training controls in place is a necessary step to stop this attack method.

If you would like to talk about a multilayered security approach for your cyber defense, give us a call at 847 329 8600 and we would love to assist!

Microsoft 365


Everyone has an opinion when it comes to Office 365. When the traditional software suite transitioned to a platform of subscription services, users were hesitant to buy into Microsoft’s “your go-to office—anywhere” mantra.

Now, 8 years after the initial release of Office 365, adoption has picked up significantly. In 2018, 56% of global organizations had adopted Office 365 (up from 34% in 2016).

But if you’re not part of that 56%, you’re probably wondering if cloud-based Office 365 services are right for your business.

For many small and mid-sized businesses (SMBs), Office 365 seems like a large investment for “just an email service.” But it’s not just an email service. With Office 365 in the cloud, you get many benefits that help grow your business and cut costs.

Then, you’re left with one question—if Office 365 is so great, why isn’t everyone using it? While there are many attractive benefits, Office 365 isn’t without its challenges. However, the right approach to an Office 365 migration can give you all the “oohs and aahs” without the “uh ohs” of a rough transition.

5 Oohs and Aahs of Office 365 for Small to Mid-Sized Businesses

When you first start evaluating the Office 365 suite of applications and services, it can be a bit overwhelming. There are dozens of tools included in the platform, including Word, Excel, SharePoint, Flow, Teams, PowerApps, and so many more.

As an SMB, it’s fair to wonder which aspects will bring value to your business.

When you cut through all of the product information, the following 5 advantages make an Office 365 migration valuable to any SMB.

1. Yes, We’ll Start with Email

Office 365 is so much more than email. But because email is the most-used employee productivity tool, this list would be incomplete if we didn’t mention it.

The average employee spends over 6 hours per day checking emails. Even minor downtime with a traditional, on-premises Exchange server can derail productivity and cost you thousands of dollars. You could install a backup system to reduce disruption, but that’s not a cheap option.

An Office 365 migration can minimize these issues by bringing your email to the cloud. And even if you experience minor delays from time to time, the odds of a total service outage are extremely low. Office 365 has built-in redundancies to guarantee four-nines availability (a high-availability standard for less than an hour of downtime annually).

It’s important to note that this shift to cloud-based service doesn’t leave your employees with a watered-down version of desktop applications. Office 365 lets you download applications directly to the desktop, providing a balance of cloud benefits and on-premises functionality.

2. Collaboration 3.0

Unlike traditional Office where you had to pay for pieces of software outside of Word, Excel, and PowerPoint, Office 365 includes access to powerful collaboration tools.

Depending on your package, migrating to Office 365 can give you access to tools like Skype for Business, Yammer, Groups, Teams, OneDrive, and more. No more massive email chains, no more frustrating experiences for employees who are working remotely.

Using these tools together can help your employees create workflows for seamless collaboration, sharing information easily and keeping teams on the same page.

3. Enterprise-Grade Security

About 43% of all cyber attacks target small businesses. And the reality is that just one security incident can cost enough to cause SMBs to shut their doors.

Building out your own security stack can be a challenge—both technically and financially. But with Microsoft’s data centers, you get the benefit of enterprise-grade security and high availability at a price fit for SMBs.

There are many different security features built into Office 365, but the following are a few of our favorites for the SMB market:

  • Encrypted Email: Don’t let attackers intercept valuable email communications. Encryption ensures only the intended recipient can read the email.
  • Data Loss Prevention: An added layer of security policies that prevent sensitive information like social security numbers and credit card data from being shared outside the organization via email.
  • Mobile Device Management: If left unchecked, mobile devices can become a security risk. Office 365 helps you keep track of mobile usage and gives you the tools to protect your organization in case of lost or stolen devices.
  • Advanced Threat Analytics (ATA): By scanning emails as they come through your network with machine learning and analytics, Office 365 can eliminate malicious links and attachments before they reach your employees. When you take human error out of the equation, you reduce the likelihood that attackers will compromise your network.

The key to meeting your security needs is to pay close attention to what features come with your subscription. Don’t just look at pricing—make sure your plan comes with the security features most important to your business. Check out Blue Fox Group’s Security Defender, which monitors and defends all security risks at one low monthly fee. 

4. Storage on Steroids

Managing on-premises storage can be a real challenge for SMBs. Hiring technical experts is costly and any missteps can hurt productivity.

Office 365 gives each user 50 GB of storage via Exchange Online, giving employees enough space for email, calendar entries, tasks, notes, contacts, attachments, and more. And in the event that inbox space isn’t enough, OneDrive cloud storage gives you an additional pool of resources to take advantage of. All without having to manage the storage servers themselves.

5. Reduce Capital Spend

One of the greatest advantages of Office 365 is the subscription-based service that lets you take advantage of flexible cloud pricing. You pay an annual or monthly fee per user, eliminating upfront costs and letting you shift from CapEx to OpEx.

If cash flow is a concern, you can opt for a month-to-month pricing structure, which gives you the freedom to turn services on and off according to what you really need to grow your business.

5 Uh-Ohs that Make an Office 365 Migration Go Wrong

Too many articles, resellers, and consultants paint a turn-key picture of Office 365 migrations. But when you talk to early adopters, it becomes clear that migration isn’t always so easy.

We’ve talked to many early adopters who have come back from an Office 365 path beat up and worn down by many unexpected challenges that no one prepared them for.

We know that your business can benefit from an Office 365 migration—we just don’t want you to go into it thinking the process will be wrinkle-free. Whether you’re looking for a hybrid approach or going all-in on Office 365, these 5 “uh-ohs” can bring any migration path to a halt. If you take steps to avoid them, you’ll be able to reap the benefits of Office 365.

1. Migration Confusion

All the high-level discussions about Office 365 benefits and advice for migration make the process sound simple. But when you dig a little deeper into the details of deployment, things can get complicated. What starts as enthusiasm for migration can quickly turn to confusion about execution.

You need a full deployment and migration plan if you want to succeed. And the best approach is to get an outside expert with a solid track record to put you on an Office 365 path to success. Finding the right IT partner will ensure your migration fits with existing infrastructure and accounts for both performance needs and security risks.

2. Impractical Migration Decisions

Unless you’re simply moving Exchange Online to Office 365, you’re looking at a full migration with some kind of hybrid environment. You’ll still want certain mailboxes to stay on premises to maximize control—but the average user can benefit from cloud-based Office 365.

However, many migrations fail when leaders make impractical decisions about what to keep on-prem and what to move to the cloud. For example, if you have sites that experience latency when connected to cloud-based mailboxes, migrating anyway can hurt productivity and lead to disruption. For all the benefits of cloud migration, you’re better off keeping those sites on-prem.

3. Deploying Before Migration Prerequisites are Met

Many SMBs make Office 365 mistakes in the planning phase. But just because you’ve done your due diligence and come up with a strong migration plan doesn’t mean you’re out of the woods.

When you’re blending existing on-premises Exchange instances with Office 365, your on-premises Exchange environment must meet certain requirements. Any misconfigurations or failure to meet prerequisites will prevent Office 365 deployment and disrupt your business.

If you want to make sure you’re meeting prerequisites, download the Office 365 one-pager for a complete list of what you need. But satisfying all of these prerequisites can be complicated, which is why working with a professional IT shop is so valuable. Creating an Office 365 path that navigates these prerequisites with ease will help streamline your migration.

4. Choosing the Wrong Office 365 Plan

Plans and pricing are often the biggest concerns for SMBs that come to us for Office 365 help. One look at the variety of subscription packages can be enough to frustrate any SMB leader. But as frustrating as it can be to sift through the plans, it’s essential to choose the package that supports Azure Active Directory synchronization if you’re creating a hybrid environment.

Home and Small Business versions of Office 365 may look attractive from a pricing perspective. However, they don’t offer Azure AD sync and, therefore, can’t support hybrid deployments.

There are third-party tools available to help you work around this problem, but they could be more trouble than they’re worth. Working with an IT partner can help you find the right balance between pricing package and features and evaluate third-party tools if necessary.

5. Forgetting About Cloud Performance

There’s one question that often gets left out of Office 365 migration discussions (and cloud migration discussions in general)—can your internet bandwidth support the shift?

Depending on the data volumes you’re set to support, heavy bandwidth usage can grind your Office 365 performance to a near halt. Moving your archive data from an on-premises solution to a cloud-based solution outside of Office 365 can help.

But the real key to balancing performance, security, and price is to work with an IT solutions provider that can help you deploy SD-WAN, SIP trunking, and other services that ensure Office 365 is working the way you expect—without ripping and replacing your whole IT environment.

Do you want to learn more? We would love to assist you! Pick up the phone and give us a call 847 329 8600 and we are here to help!

Cyber Security

6 Tips to Improve Cyber Security

Managing cyber security risk involves managing behavioral risks, skills gaps, and technical flaws, the report noted. The US Chamber of Commerce and FICO offered the following recommendations to help businesses stay safe:

1. Use the National Institute of Standards and Technology (NIST) Cybersecurity Frameworkto develop an information security program. The framework enables organizations—regardless of their size, risk profile, or cyber sophistication—to develop a cybersecurity plan or improve an existing one.

2. Develop a reliable understanding of one’s network. This includes identifying assets to apply security management based on risk.

3. Identify functions and teams whose process and policy maturity are not performing adequately. This will enable organizations to identify weak links in technology, personnel, policy, and leadership.

4. Oversee an organization’s network team to confirm alignment to the details of network management policies. Avoid unnecessarily exposing network infrastructure assets and ensure correct configuration for those that must be exposed.

5. Protect and monitor network endpoints. Organizations that monitor endpoints are able to provide an early warning of potential problems.

6. Develop a process to confirm that active certificate management programs are in place and are being implemented.

Or, easier still- give us a call and we can help you navigate the cyber landscape for your organization. Call 847 329 8600 and we can help!

7 Red Flags for email

7 Red Flags You NEED to Educate your Staff on for each email they receive

Email hacking is one of the most common forms of cyber attacks today. It takes place every day and throughout the world. You may be familiar with the email attack that occurred in 2016 during the Presidential Election. John Podesta fell for a phishing attack, which led to the release of a decade’s worth of emails. The hacker posed as Google and alerted Podesta to change his password because of suspicious activity on his account. By clicking on the link within the email, hackers were granted full access to his inbox.

Situations like this happen to businesses of all sizes, and the rate of these cyber attacks is only increasing. Your goal is to protect your business against these attacks, which can be difficult if the employees are not properly trained to identify potential threats. People are tricked into giving hackers information because they are not aware of the warning signs to look out for. However, here is a list of seven red flags to look out for and include in your security training for your staff.

1. “From” Line

The first thing to pay attention to is the address you are receiving the email from. Pay close attention to the sender because the person may appear to be someone you know but in reality, it could be a spoof. Hackers know that people are more likely to trust an email from someone they can recognize, which is why they make the email address appear to be from an existing contact. Let’s look at a quick example of this.

Real Email:
Spoofed Email:

Notice that an “l” is missing from “wellsfargo” in the spoofed email, therefore it appears legitimate but the domain is not accurate.

2. “To” Line

Sometimes, the hacker will send an email to many different people. If you do not personally know the other people in the “to” line or you are being cc’d on a strange email, that should be a red flag. This is the second aspect of an email to pay attention to in order to detect email fraud and prevent email hacking.

3. Hyperlinks

Always be cautious of clicking on embedded links within an email unless you are sure it is from a trusted source. Before you click on a link, you can hover over it with your mouse to see the destination URL before you click on it. If the URL does not match what the text says, it’s not a good idea to click on the hyperlink.

4. Time

Consider the time you receive an email and compare it with the normal time you receive similar emails. Do you generally get an email from the CEO of your company at 2 a.m.? If not, this is an indication of a potentially spoofed email.

The same goes for the specific time of year. Be extra cautious around holiday or tax season, as cybercriminals typically increase phishing attempts when financial information is being shared or online shopping is heightened.

5. Attachments

Attachments may seem harmless, but some can contain malicious viruses or another form of malware. So, as a rule of thumb, do not open attachments that you are not expecting. If a sender does not normally send you attachments, this is a sign that it could be a fraudulent email. In addition, if the attachment has a strange file type such as .exe or a duplicate file type such as .xls.xls you should not download or open it.

6. Subject

Phishing attempts usually try to trick you with scare tactics or immediate action. If the subject line seems fishy, such as “Need wire transfer now” or “Change password immediately”, validate the source before you take any action. The subject may also be irrelevant or not on topic with the rest of the email content, which can be another red flag.

7. Content

The sender may be urging you to update your information or change your password in order to avoid a consequence, which instills fear and prompts action. This is another method to look out for as hackers use this to trick you. In addition, if the grammar or spelling are incorrect and the email seems out of the ordinary, confirm the legitimacy before you click on links or download any files.

So there you have it, seven simple red flags to look out for when examining an email. Never click on links, download files, or transfer money unless you are sure the email is legitimate. We recommend a two-step verification process to establish validity. For example, if you receive an email from your CEO requesting a wire transfer, we recommend you also confirm via phone or in person. This two-step verification process validates the sender through multiple mediums, which helps avoid falling for scams.

It is important for all businesses to take email hacking seriously. Hackers attack corporations and individuals, so understanding social engineering methods is crucial in addition to having proper spam filters and firewalls installed. Lack of employee education is what makes it difficult to properly secure an environment. However, you can use these tips to educate employees both within your company to reduce the risks of a cyber attack.

If you want to see how susceptible your company is, we have a whole suite of free tools for you to measure your vulnerability. See how phish prone your employees are, how strong passwords are or whether or not your domain can be spoofed.


Important Tips for Improving Password Security

Sometimes it is the simplest or most obvious things that can be easily overlooked or taken for granted in life. The IT space is no different and many of the most basic elements, like password management, can often times be overlooked. While it’s not the sexiest of topics, passwords are something we use every day and should be at the forefront of any security plan.

Passwords are the first line of defense against malicious activities in the digital space.

We hear all the time about the importance of strong passwords, and many websites or software require certain password criteria that force them to be difficult to guess. However, the actual execution of these recommended practices is often lacking. The trouble usually lies with the end user who doesn’t take care of their passwords or doesn’t make them difficult enough. Here are some simple, yet highly effective tactics to keep the bad guys out of your information and IT systems.

Hackers’ Tricks
Before we look at the techniques to prevent hackers from gaining access to private information, let’s take a quick look at the most common means these folks use to crack the password code and get the proverbial “keys to the kingdom.”

Guessing – Some people think that no one could ever “guess” their password at random, but hackers are much more sophisticated than that. This technique is not simply sitting in front of a screen and typing many different combinations. First, the hacker finds personal information online and then uses sophisticated programs to help ‘guess’ how that personal identification can be turned into a password.
Dictionary-based attacks – Programs run names and other information against every word in the dictionary.
Brute force attacks – Just like it sounds. By simply running all combinations of keystrokes with a user name, passwords are discovered all the time.
Phishing – Beware of Phishing schemes! These scams try to lure you in with fake offers then track your keystrokes in order to steal private information. If the email or IM request looks odd, ignore it and please don’t click on anything. The trouble is that people are oftentimes tricked into giving away valuable data without even knowing.
Shoulder surfing – Not all hackers are technical whizzes. Shoulder surfers try to catch you entering a password in a public place like a coffee shop or even at a gas station (debit card PINs are vulnerable).

Password Security Tips
So what is your company to do? Educate employees on strong password practices. There is simply no way to guarantee a bulletproof password. If someone wants something bad enough and is smart enough they can figure out what they need to do to get it. Most are not that patient though so any deterrents are usually enough to make them give up and find an easier target.

Some best practices to be teaching employees include:

  1. Make sure password length is at least 8 characters
  2. Don’t use real words
  3. Use both upper and lower case characters
  4. Include numbers and special symbols when allowed
  5. Don’t use personal data
  6. Make patterns random and not sequential or ‘ordered’
  7. Don’t get lazy when it comes to your passwords. Take the extra time to think of something creative, complex and something only you would remember. 

What else can be done? Here are some “do’s” and “don’ts” for password safety.

1. Create different passwords for different accounts and applications. If you create only one password for everything you do online, you are exposing yourself unnecessarily. Sure it’s easier to use one but it provides more chances for someone to figure your password out, and if they do, gives them a great starting point for accessing other personal data of yours.
2. Keep corporate and personal passwords separate.
3. Change your passwords often (ideally every month)
4. Always log off your computer or lock it when you leave it for any period of time

Now Some Don’ts:
1.Don’t write passwords down or store then in the office

2.Don’t store passwords on any device

3.Don’t give passwords in emails or IMs

4.Don’t give your manager your password

5. Don’t discuss passwords with others

6. Don’t use the “it’s easy to type’ rule (like asdfjkl;) since that will be easier for a lurker to see what you typed

After reading this, I’m sure you feel like you have some work to do. It’s never too early to start utilizing these recommended practices and you may not even know what data may currently be exposed or at risk.

Changing your passwords and using the above techniques can help protect you and your staff from malicious web attacks. Don’t overlook the importance of password management – it could make all the difference when a hacker sets his targets on you or your business.


5 Things Everyone Gets Wrong About Anti Virus

It shouldn’t be news to anyone that cyber threats are on the rise. As advanced hacking techniques continue to proliferate in the wild, the requirement to have an effective security solution has never been more pressing.

With the market awash with vendors making bold claims, and news stories making even bolder headlines, it can be hard to separate the fact from the fiction. If you’re new to offering endpoint security, here are five basic things you need to know to ensure that you get right about the options available.

1. Viruses Aren’t the Only Threat

Security threats have evolved beyond all recognition from the early days of the computer virus, but most security solutions still carry the term “anti-virus” in their name, which is really something of a misnomer in the modern threatscape.

The reality is that cyber attacks take many different forms that have nothing to do with being a virus, and they can range from the indiscriminate to the highly targeted. These include ransomware, spear-phishing, drive-by attacks and both software and hardware vulnerabilities that can lead to loss of customer and corporate data. Attackers are now even weaponizing machine learning to produce highly-targeted campaigns, at low cost to themselves.

Also, don’t forget that threats can come from within; disgruntled employees know the weaknesses of your system better than any outsider. Good endpoint security needs to be able to detect bad behaviour no matter the point of origin.

2. Malicious Files Aren’t the Whole Story

Most people think that security software works by scanning files on the local computer and deciding whether they are malicious or not. Like the term ‘anti-virus’, that’s a bit of an old-fashioned way of thinking about it. Although there are still legacy AV programs that primarily work in that way, even they will usually offer some additional functions such as blocking malicious websites or detecting excessive use of resources typically used by ransomware and crypto-miners.

However, for truly effective protection, you should be looking at security solutions that do more than that. Today’s cyber criminals are able to leverage fileless attacks, change DNS settings to re-route your network traffic and inject code into legitimate processes. A legacy AV solution that primarily focuses on scanning for malicious files is, like last week’s soup, well past its sell-by-date.

3. Trust Is a System Weak Point

As we hinted in the previous point, untrusted software is not the only danger to the endpoint. Even first-party and established software brands can be leveraged to breach a system.

While MS Office Macro attacks have a long history, Macro-less attacks such as DDE can exploit vulnerabilities that will bypass many security solutions because they appear to be coming from trusted applications. Similarly, most businesses will likely have a need for legitimate PowerShell operations, and yet PowerShell-powered attacks are becoming increasingly common. You need a security solution that’s smart enough to allow PowerShell to maintain your productivity, but also able to ensure that it can tell the difference between malicious and legitimate behaviour.

Modern malware can also run without interference on many systems running AV solutions if it is able to operate with system-level privileges, whether through a privilege escalation vulnerability or other methods of infection. This is because many AV packages take the wrong approach by granting trust by identity, rather than by behaviour. When security solutions take this kind of “whitelisting” approach, the endpoint is left vulnerable to supply chain attacks and fake certificates.

4. There’s Power in Simplicity

Security software doesn’t have to be hard to use, and you shouldn’t have to be a security expert to manage it. Unfortunately, a lot of security software gives business owners just that impression, overcomplicating things with diagnostic tools and components that require specialist training courses to master. Be sure to choose an endpoint solution that minimizes maintenance tasks, presents a clean, easy-to-understand interface and provides one-click remediation.

You want a solution that anyone in your team can quickly learn and operate. It’s important for business continuity that knowledge of your security solution is not tied to specially-trained members of staff. Who knows how long before they move on, taking their expert knowledge of your security solution with them?

5. Security Is a Mindset, Not a Product

Probably the biggest thing you can get wrong about AV software is believing that it can solve all your security issues in one fell swoop. Threats come in many shapes and forms: from indiscriminate ransomware attacks to disgruntled employees. What’s your plan of action when (don’t think “if”) a breach occurs? How will you respond? Failure to have a response plan in place could mean greater damage to your customers, your data and your reputation.

Main Takeaway

Ignore the stereotype of sophisticated cybercriminals targeting billion-dollar businesses. Most attacks are opportunistic and target not the wealthy or famous, but the unprepared. According to a 2018 SentinelOne survey of US companies, 56 percent suffered a ransomware attack in the last year. Given that the majority of organizations will be hacked over their lifetime, it is incumbent upon organizations to have a fallback position.

Cyber secuirty

Cyber security myths you should stop telling yourself

While many cyber security myths persist, some are more damaging than others, here are four common cyber security myths and their impact on risk.

Cyber security preparedness is one of the major obstacles facing businesses today, and due to its importance, it can be a magnet for myths. Attacks emerge and cripple systems availability or swipe data quickly and unexpectedly. It happens so fast that the myths so many businesses hold onto as facts are only apparent in the aftermath of an attack.

Myth 1: Small organisations are low-value targets for hackers.

Thinking you’re not a target is one of the biggest mistakes a company can make. According to data collected from more than 2,200 confirmed data breaches, 58 per cent of security event victims were small businesses. But why would malicious actors target small companies?

Compute resources are valuable – malicious actors seek out available computing resources as network nodes to expand their bot networks, which they use to initiate DDoS attacks, for crypto-jacking, to propagate ransomware and spam or for numerous other crimes. Malicious actors build their networks by leveraging free resources, and your systems might be among them.

No matter the size of an organisation, data is valuable and power. Every organisation stores some data that’s critical to its business but holds little value to others. Malicious actors exploit this by unleashing ransomware that cuts off data access, availability, or both, crippling the organisation. Malicious actors then generate revenue through ransom payments.

Small businesses can be an indirect victim and used as a stepping stone into other targets. Malicious actors might target seemingly innocent, low-risk third-party vendors to get to those vendors’ customers. This has been evidenced by the cyber-espionage group known as Dragonfly, which successfully “trojanised” legitimate industrial control system (ICS) software. To do so, the group first compromised the websites of the ICS software suppliers and replaced legitimate files in their repositories with their own malware infected versions. Subsequently, when the ICS software was downloaded from the suppliers’ websites it would install malware alongside legitimate ICS software.

Myth 2: There’s no reason to invest in security when organisations with tight security controls still experience security breaches.

Some organisations rationalise a small cyber security budget by arguing that investing in security is a losing game. They hear about security breaches at large organisations, with presumably large cyber security budgets, and assume if these organisations can fall victim, then what chance does their organisation have?

Tools are just one pillar of a solid security strategy, people and process are equally important. An organisation allocating budget toward security might not be focussing it to the most effective areas. An organisation can have a big budget for tools but if it lacks the right cyber security talent or its processes are faulty, it can still get hit.

Research has illustrated how long it can take before an intrusion is detected. The time taken by firms to detect breaches increased by 40 per cent from 2016 to 175 days on average in 2017, according to the latest M-Trends report by security firm FireEye. Organisations that invest in reactive security controls, in combination with proactive security controls such as Intrusion Prevention Systems (IPS), may identify suspicious behaviours earlier and limit the damage.

Organisations that shrug off tight security controls are focusing solely on the immediate effects of infiltration, not on the total cost of the security incident. Granted, security controls are not 100 per cent effective at detection and prevention, but they can save significant time and money during each of the subsequent incident response stages: analysis, containment, eradication, recovery and post-incident activities.

Myth 3: Our organisation has not been breached before, so we’re still safe.

Often, organisations incorrectly assume their security risks remain relatively static, when they don’t have a way to effectively evaluate those risks. Projecting future risks based on historical events can be dangerous.

Defining the scope of what to secure requires identifying exactly how many applications, servers, network devices, storage devices and more are within an organisation. When faced with either insufficient or overwhelming amounts of data, the scope may be simplified, and assumptions drawn that can lead to vulnerabilities.

Organisations might assume a particular server doesn’t contain sensitive data and is less likely to be the target of an attack. But it might not be data that malicious actors are after, as mentioned; servers might be valuable as a foothold into another environment. Lastly, people often underestimate risk due to future aversion – the problem of assuming that because the future is unknown it cannot be tested.

Myth 4: Security is an expense, not a revenue generator.

Organisations prioritise investment in services that generate revenue, especially when budgets are tight. This can leave cyber security, viewed as an expense, on the back burner, when it should be considered a revenue generator.

Data breaches continue to rise globally, and cyber security will influence buying decisions. Organisations that store personal, financial and other sensitive data need to ensure that it is secure. So, businesses can influence customers’ perception of security by proactively marketing the high level of security they adhere to, differentiating their company from their competitors.

Data breaches are only one impact from an adverse security incident. Another is downtime. Consumers can’t purchase products or pay for services if a web site, or the infrastructure that supports web transactions, is unavailable. When the global ransomware WannaCry attack crippled the NHS, hit international shipper FedEx and infected computers in 150 countries in 2016, NHS staff in the UK were forced to revert to pen and paper and use their own mobiles after the attack affected key systems, including telephones.

During the same attack, operations of FedEx’s TNT Express unit in Europe were disrupted by the attack and the company’s following published earnings revealed the cost of falling victim to the attack to be an estimated $300 million in lost earnings.

Whether it’s assuming that an organisation is not a target or that security spend is only ever an expense, buying into these common cyber security myths can set a business up for serious disruption, unhappy customers, a tarnished reputation, not to mention the cost of recovery.

Want some help? Download our free tools and see how your company compares!

By  Security 

Cyber hygiene

Do you have good cyber hygiene?


It is cyber security month. Here are the habits that every computer user needs to maintain for good cyber hygiene.

We know it’s important to have good habits in many parts of our lives, from our work to our daily hygiene. However, quite a few of us forget that we need to have good computer habits, too. Developing wise practices in connection with our computers and smartphones can make our lives much easier and help us to stay much safer on the internet.

Back Up Your Files

One thing that many people fail to do is back up their files. All it takes is one catastrophic computer crash and days or even months of work can be lost. Priceless family photos, fun videos with friends, key work files, and important school assignments that were a work in progress can be lost. Backing up your files isn’t that hard nor is it expensive. And, to make things even better and easier, you have many different options from cloud-based backups (such as GoogleDrive, OneDrive, or DropBox), convenient USB thumb drives, portable hard drives, and even specialized backup drives. A good practice is to make sure your files are backed up daily, or at least weekly.

Keep Your Software Updated

Software updates can be a pain, but they are vital to ensuring that your computer and software runs smoothly. In fact, one of the major reasons that updates are released is to fix bugs and issues that could make your computer vulnerable to cyber threats. Hackers know about these bugs and vulnerabilities. If you don’t allow your system to install the patches and fixes, then you are making yourself a prime target for a cyber attack.

Keep in mind that you don’t have to perform updates in the middle of your work anymore. Most software (and smartphones) will give you options for when the update should take place, so you can choose times when you aren’t busy on your computer.

Be Smart When Using Public Wi-Fi

Public Wi-Fi in places like fast food restaurants and coffee shops can be tempting to use when you need an internet connection, but they can also be dangerous. These public Wi-Fi networks are a common target of hackers, and even hackers with minimal skill can quickly figure out things like your social media credentials and more.

If you do have to use public Wi-Fi, take safety precautions such as turning off network discovery, file sharing, and printer sharing and make sure your firewall is turned on. Don’t be an easy target for hackers.

Make Use of Antivirus Software and Passwords

Would you leave your front door unlocked if you lived in a high-crime neighborhood? Well, the internet is a high-crime neighborhood. Failure to use updated anti-virus software and good passwords is the same as leaving your door unlocked. You can’t afford to make it easy for the wrong people to access your personal and financial information.

Your first line of defense lies in the passwords you choose. Don’t use easy to guess passwords, and don’t use the same passwords for everything. Include letters and symbols with your passwords to make them harder to crack, and add some numbers for good measure.

Your second line of defense, much like a deadbolt for your front door, is anti-virus and firewall software. They don’t have to be expensive in order to do a good job of protecting your computer. It is also vital that you keep your anti-virus and firewall software updated and don’t ignore alerts they provide.

Be Careful with Email

Going back to our analogy of living in a high crime area: if your doorbell rang in the middle of the night, would you fling the door open and invite whoever it was inside? You would probably want to make sure who it was, and even check their ID if they claimed to be some kind of official demanding access to your home. Strangely enough, far too often we inadvertently provide access to individuals with malicious intentions when we click on links in emails without making sure where those emails are really from.

In short, don’t open an email unless you have a good idea of who it is from, and beware of clicking links in emails even if they seem to be from friends. Be cautious about opening attachments, too. In short, be as careful with your email as you are with your front door.


You work hard to keep yourself safe from physical dangers such as criminals and disease. It makes sense that you should work just as hard to keep your electronic devices safe, too. Backing up files (including documents, photos, and videos), keeping your software updated, and being smart when on public Wi-Fi is a good start. Add to that antivirus and firewall software, robust passwords, and the careful use of email and you are on the road to developing excellent computer habits that will keep your files, data, and personal information safe.