From Spear Phishing to Smishing: The Evolution of a Deceptive Practice

by

Phishing is a type of cyber attack that uses deception to trick individuals into giving away sensitive information, such as login credentials or financial information. The goal of a phishing attack is to steal personal information, access sensitive systems, or spread malware.

There are several types of phishing attacks, including:

  • Email phishing: This is the most common type of phishing attack. It involves sending an email that appears to be from a legitimate source, such as a bank or a government agency, and contains a link or an attachment that, when clicked, downloads malware or redirects the user to a fake website designed to steal personal information.
  • Spear phishing: This type of phishing attack is targeted at specific individuals or organizations. The attacker may use personal information, such as the victim’s name or job title, to make the email appear more legitimate.
  • SMS phishing: Also known as “smishing,” this type of phishing attack uses text messages to trick individuals into giving away personal information.
  • Vishing: This type of phishing attack uses phone calls to trick individuals into giving away personal information.

To protect yourself from phishing attacks, it is important to be aware of the signs of a phishing attempt and to exercise caution when clicking on links or downloading attachments from unknown sources. Additionally, you should:

  • Be suspicious of unsolicited emails, even if they appear to be from a legitimate source.
  • Be wary of emails that contain urgent language or ask for personal information.
  • Be cautious when clicking on links or downloading attachments, even if the email appears to be from a trusted source.
  • Use anti-virus software and keep it updated.
  • Use two-factor authentication, if available.
  • Keep your software and operating system up to date.
  • Use a password manager to generate and store strong, unique passwords for each of your accounts.
  • Educate yourself about the latest phishing techniques and how to avoid them.

It is also important for organizations to implement security measures to protect against phishing attacks, such as:

  • Employee education and awareness training
  • Email filtering and anti-spam solutions
  • Web filtering and security software
  • Regular security audits
  • Implementing a incident response plan

Remember that phishing is an ongoing threat and new tactics are being developed all the time, so staying informed and vigilant is key to staying safe online. If you need help, reach out to us and we can work with you to meet your objectives. Schedule a free consultation.

Should You Let an Amateur Loose on Your Network?

by

Most of us know a fair amount about computers, even kids are joining circuits and coding programs in schools – but that does that make everyone an IT expert? It’s fair to say almost all workplaces have that employee who can finesse the printer or use shortcuts nobody else knows about. They have skills, absolutely, but they often know just enough to be dangerous to your business.

Hobby IT skills are learned on home computers which are very different to a professional business setup. When something goes wrong on a home computer, there’s no drastic impact if parts need to be replaced, data is lost or it stays down for a week or two. In a business setting, every problem costs time and money, usually creating a domino effect through the entire network. Would you gamble the success of your business with a non-professional who did a quick Google? It’s unlikely you’d let someone be your lawyer purely because they can deliver a stubborn argument, nor would you let someone perform surgery just because it looked easy on TV. Businesses have unique, specialist IT needs that go beyond amateur computer skills and there’s always going to be more at stake.

Designing and implementing a custom backup plan for your business is a particularly interesting area. While most home users skip this part entirely, an IT professional has seen (and recovered) all manner of situations and will use that knowledge to ensure that if the worst happens, your business is covered. This could mean anything from having a complete copy of your drive stored securely in the cloud or drilling down to backup only the most important data. An IT expert is equipped to help you identify the value in each piece of data and implement a plan so robust that if your business is ever hit by disaster or breach, downtime is minimal – along with losses.

If a disaster ever does occur, like fire, flood or theft, would an amateur know what to do? Who to call? These situations are so charged with tension and panic that making the wrong moves can lead to more damage. A professional helps design continuity/disaster plans, which map out exactly what should happen, who should do it and in what order. It takes out the guesswork and minimizes downtime. Perhaps more importantly, the expertly written disaster plan will include a complete risk analysis so that you know in advance where to strengthen your protection. It also includes a business analysis so you know which systems are dependent so you can stop the domino effect, plus know the legal/contractual impacts, financial impacts and so on.

Your IT professional will also help ensure your business is meeting any regulatory requirements. Many businesses are subject to strict data rules set by government bodies, such as FISMA and HIPAA. The regulations change often and demand increasingly more attention to data security, with hefty penalties for businesses that fall behind. Professionals are constantly in the loop around upcoming revisions and how best to comply with little to no disruption to your daily business. Part of ensuring your business is safe means staying on top of software updates and patching multiple computers at the same time.

The best option is to run the updates before employees arrive for the day, and since the process can take a few hours and be quite fiddly, it’s generally not something amateurs will prioritize. Unfortunately, as we’ve seen with recent cyber-attacks, delaying a security update by even a few days can lead to disaster. Engaging an IT professional is a cost-effective solution that keeps your business running, growing and earning.

Let the professionals manage your tech the right way by calling us at 563-258-7500.

How To Keep Your Tech Squeaky Clean

by

Our tech is something we use every day, but did you know it’s also the most disgusting? Your screen may look clean, but studies show that a mobile phone can be 18x dirtier than a public restroom – ew! It gets worse (sorry)…that keyboard you tap at while eating your morning toast? It’s probably the biggest bacterial threat in your house, with about 20 000 times more germs than a toilet seat, more if you share it with children.

It’s not just sickness we’re up against, because as dust builds up inside gadgets, they also slow down, malfunction or overheat. Your device essentially chokes on ick, as vents and filters are clogged by sucking in pet hair and floating debris. Here’s how to clean your essential tech items without damaging them:

  1. Skip the household cleaners: Most cleaning products are too harsh for our technology and can end up causing permanent damage. You want something that can kill germs and remove everyday grime, without scratching or leaving behind a scented residue. Your best bet is Isopropyl Alcohol. You’ll find it in the first aid section of supermarkets and pharmacies, or at the hardware store.
  2. Power down completely: Turn your tech off all the way, not just sleeping, and unplug from any power sources. Switch wireless keyboards, mice, etc off underneath or remove the batteries.
  3. Remove any cases or covers: Undress your device as much as you can, but leave screen protectors on (unless there’s grime underneath). If your screen protector needs replacing, have a new one ready to apply.
  4. Grab a microfiber cloth: Dampen the cloth with Isopropyl Alcohol and wipe screens and external surfaces gently. Older build-up may require extra effort.
  5. Go deep: You can use a toothbrush or cotton tip to clean between most crevices, but some areas will need a bit more ‘oomph’ to clear. You’ve probably seen people use vacuum cleaners on their keyboard, but these are often TOO powerful and may suck keys or internal parts loose. They also generate damaging static electricity. Another option is to use a tech-specific vacuum, but these are usually underpowered.

Insider tip: Use a can of compressed air to blow the dust out. You can get these from many stores and they come with a long nozzle so you can really get in and direct the pressure. You’ll be surprised what flies out, so it’s best to do this outside! We don’t recommend using compressed air on your computer’s internal fans though, as this can make them spin too fast and damage them.

How often you clean your tech is up to you and your lifestyle. But it’s a good idea to blow out computer internal dust at least twice a year and wiping your tech down 1-2 times per week will definitely reduce germs and grime.

Steer Clear of Coronavirus Scams

by

With the world grappling with a health pandemic, scams are shocking. Regrettably, bad actors are everywhere, always looking for opportunities, and they’re seeing one in the coronavirus. This article outlines what you need to watch out for and how to stay cyber safe.

The last thing you want to read right now is that there’s another threat out there – sorry, but it’s true. Cybercriminals take advantage of fear. They take timely concerns and use them to target victims. Using the anxiety and upheaval around coronavirus is their mission.

So far, several coronavirus-related attempts to cyberscam people have been reported. There are examples of:

  • emails that appear to come from government health departments;
  • offering a tax refund to get people to click on malicious links;
  • memos to staff that appear to come from large employers;
  • COVID-19 test offerings from private companies;
  • fake websites promising to sell face masks or hand sanitizer;
  • soliciting donations to help fund a vaccine.

 

What to Watch Out For

Another concern is the number of bogus websites registered with names relating to COVID-19. The site can look legit but is set up to steal information or infect the victim’s computer with malware.

You may get an email promising the attached information offers coronavirus safety measures, or information shared by the World Health Organization (WHO) if you click on the link, or a similar email pretending to be from a reputable news source, such as the Wall Street Journal (WSJ).

In another example, an email impersonating a healthcare company’s IT team asked people to register for a seminar “about this deadly virus.” Anyone who didn’t question why IT was organizing the meeting clicked to register. By filling out the form, they gave their details to hackers.

What to Do

Be cautious. It’s understandable that you’re anxious, but don’t let that stop you from taking cyber precautions. You should still:

  • be wary of anything that tries to play on your emotions and urges immediate action;
  • question where emails are coming from – remain vigilant even if the communication appears to come from a reliable source;
  • hover over links before clicking them to see where they will take you – for example, in the WSJ example, the Web address was for the “worldstreetjournal”;
  • avoid downloading anything you didn’t ask for;
  • doubt any deals that sound too good to be true (“a mask that stops the virus 99.7% of the time!”);
  • ignore any communications requesting your personal information;
  • don’t be suckered by fraudulent pleas for charity.

Global health organizations generally do not send out emails with advice. Instead, navigate directly to that reputable health institution for real news.

If you’re still not sure about the validity of the communication, check it out. Do so by calling or using another medium to get in touch with the “source” of the received message.

While there is not yet a vaccine for COVID-19, you can put anti-virus protection on your computer. Also, make sure that you’ve applied all available security updates to keep your software safe.

We hope you’ll take care and stay healthy both physically and online in these tough times.

Need help installing security software and keeping your technology safe? Our cybersecurity experts can give your home a tech immunization. Contact us today at 563-258-7500!

Ripeva LLC

(563) 258-7500
450 W Locust Street
 Dubuque, Iowa 52001
Disclaimer
Privacy Policy
Terms of Service

FOLLOW US

VISIT US