Search Bloguru posts

PSPinc Official Company Blog

http://en.bloguru.com/pspinc

freespace

PSPinc will help your business thrive by providing for all of your technology needs. We offer a wide array of products, including Web & Email Hosting, Website Development, Email Marketing and Data Storage Solutions. Visit pspinc.com to learn more.

Connect with PSPinc on: Facebook | Twitter | Linkedin | Google+

Sign up for our newsletter

A Spooky Tale of Real-Life Hackers

thread
image source: pixabay.com image source: pixabay.com
Happy Halloween, everyone! Today, I want to wrap up my month-long discussion on cyber security with a scary story about a cyber crime that happened in real life. Hopefully, it tunes you into the dangers of cyber thieves and helps you steer clear of their traps…

An acquaintance of mine received a call from Microsoft saying his computer was sending infected (with virus) files. Fearful that his computer was the source of the problem and infecting others, he agreed to work with the person on the line.

First, the agent told him to give her an email address so she could send him a link which would enable her to access his computer and see if his Windows program was being compromised. When he received the link, she asked him to click on it to grant her access to his computer so he wouldn’t need to do anything on his end. And he did.

Once she gained access to his computer, she looked around while he watched his mouse and Windows being remotely accessed and clicked on here and there. A few minutes later, the agent said his Windows program had a security breach and he needed to upgrade his version -- for a fee. She asked for his credit card information, and finally he started to get suspicious.

He checked the phone number which showed a New York area code. He realized he exposed himself (his information) and his computer to an unknown person, so he hung up the phone. He’s lucky he didn’t hand over his credit card information, but his computer needed to be cleaned up because who knows what she did or what malware she left behind.

This story is a prime example of social engineering where someone seemingly legitimate tries to hack your computer and steal your credit card information. They can be very deceiving.

If you ever notice your computer is running slowly, or your cursor is moving without you being in control, or if you receive any notices via email or by phone asking you to take action, DO NOT PANIC! The best remedy is to take your computer offline and consult with someone who can scan your computer to determine whether or not it’s infected. Don’t trust the person who calls you, hang up, and dial a trusted number.

We live in a very convenient and connected world, but the price we pay could be high because of it. Always be on high alert for cyber hackers and be prepared with a plan if you get targeted.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus #Hackers #SocialEngineering

People Who Wowed This Post

How to Prepare for Cyber Attack Disaster

thread
image source: pixabay.com image source: pixabay.com
Most confidential data like your personal information is stored in a secure database when you submit it online, but the recent issue with Equifax shows even companies with multiple firewalls and security measures can be vulnerable at times. Hackers are becoming so sophisticated and technically savvy, that sometimes it’s out of your control and your information may be compromised not because you weren’t prepared, but rather because those in which you trusted your information were breached.

So what should we do? Like our health, we should periodically test and check our information for early detection and signs of something amiss. Also have a plan in case you are victimized.

Here are some points to consider:

1) Check your bank accounts or credit card. Many hackers start with a penny or small transaction to validate your information. If you see unrecognized small transactions, call the bank.

2) Make sure your employees are trained not to give information to someone without first confirming their identity, and test this process on a regular basis. If it’s very sensitive information, you should consider having two layers of approval before giving out the information. Have a procedure in place!

3) Stay current on updated software versions for your websites and devices. Many of these patches and updates are for security reasons.

4) Backup your important data in case you need to recover it. If your server is breached, sometimes it’s very hard to figure out where those programs are installed. You may need to take the server offline right away in order to avoid any further damage.

5) Scan every computer in your office for malware on a regular basis.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus #Hackers #SocialEngineering #Passwords #PasswordProtection #SSL

People Who Wowed This Post

Password Protection: Important Ways to Avoid a Security Breach

thread
image source: pixabay.com image source: pixabay.com
There are multiple points where a cyber security breach can take place – on your computer, through your email inbox, on your server, over email form submissions … no matter the technology, you must take extra precaution not to allow a security hack.

Many email programs, servers and websites are now secured with SSL (Secure Socket Layer) which encrypts your information and transactions between your device and servers. For your emails, you might need to change the settings to adapt the SSL transactions, so reach out to your service provider and make sure that’s set up for you. Many devices such as the iPhone, by default, will set up your mail servers via SSL.

Even if you do have SSL turned on for your emails and online forms, such as your online banking logins, etc., we still recommend you give some thought to your passwords and update them on regular basis.

Although requirements are different from site to site, or server to server, you should consider these basic Dos and Don’ts for creating secure passwords:

Don’t use “password” or “1234” as your password – it’s too easy to guess.
Don’t use your username as your password.
Don’t use confidential information like your social security number.
Don’t store these passwords on your desktops, or on a sticky note somewhere.
Don’t use the same password for all sites.
Don’t use any public information like your phone number.
Do combine words and numbers, if you want easy to remember.
Do select “do not save passwords" when using someone else’ computer.
Do combine uppercase and lowercase letters, numbers, and if allowed, special characters.


Even if you have a hard-to-crack password, you should still update it every 3 - 6 months. We recommend you update all your passwords at the same time so you don’t forget one or the other.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus #Hackers #SocialEngineering #Passwords #PasswordProtection

People Who Wowed This Post

Best Practices for Businesses to Combat Hackers

thread
image source: pixabay.com image source: pixabay.com
In our last blog, we discussed the harm of social engineering and how hackers are getting the information they need for cyber crimes without programming a single line of code. As business owners, we have to be aware of this spoofed communication and create a practice to catch information thieves before you become a victim. Whether it’s to protect your internal company information, or your customer’s information, it’s time to put safe measures in place.

Here are some important steps to consider for your business:

Security Protocols and Policies

First of all, if you don’t have any protocols and polices in place to combat cyber attacks, you should ask a professional to come up with the framework ASAP. Depending on your business model and clients, your main goal is to protect your business from a data breach. So think through possibilities, and be prepared with a policy in place in case something happens.

Training and Testing

Once you have your security protocols and polices in place, you need to train your employees first, then test it to see if it works. Remember, social engineers are good at getting the answers from you instead of answering your questions. Practice withholding information until you’re able to verify someone’s authenticity.

Monitoring and Tracking Performance

Although we want a perfect track record of blocking cyber crimes, humans make mistakes and something could fall through the cracks. The best thing to do is have a way to track all interactions when it comes to outsiders’ requests for information. Ask multiple layers of questions to ensure you can authenticate a person’s real identity. Keep track of such interactions and time stamp them in activity logs so you can review them as needed.

Random Audits

Once you have protocols and policies in place along with activity logs, perform random, unannounced tests to make sure you get the results you wanted. Test more than once, on multiple occasions on a continuous basis.

No system is perfect and people forget, but awareness along with policies in place can help reduce social engineering crimes within your company significantly.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus #Hackers #SocialEngineering

People Who Wowed This Post

Social Engineers: The Human Element to Hacking

thread
image source: pixabay.com image source: pixabay.com
There wouldn’t be internet crimes without humans involved. The human component is the source of cyber crimes, unfortunately, and many of those criminals use a technique called “social engineering.”

According to wikipedia.org, “Social Engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.”

Some say 60% of cyber attacks use social engineering to gain access to important data within corporations. Famous social engineers you may have heard about are Kevin Mitnick and Stephen Wozniak. These master-mind hackers used a variety of means to trick people into giving out their sensitive information like passwords, access codes, and more. Their social engineering skills are not related to how well they can program, but rather how well they connect themselves to people.

Watch this short eye-opening (and shocking) YouTube video about how social engineers can cleverly and quickly work to get your sensitive information: https://youtu.be/lc7scxvKQOo

Another common scheme includes a social engineer posing as a grandchild over the phone and calling a grandparent to request money for bail or some other emergency. They don’t say their name, but Grandpa and Grandma will give it away, for example:

- Hey Grandma, it’s me, your grandson. I need your help!
- Oh, is this Joe?

It’s so important to make sure you’re in control of what information you give out at home or at the office. Make sure no one else is giving it out on your behalf. And unless you are absolutely sure about the person you are speaking with, don’t give any answers right away. Instead, call them back or email them to verify who they say they are.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus #SocialEngineering #Hackers

People Who Wowed This Post

The History and Evolution of Email Phishing

thread
image source: pixabay.com image source: pixabay.com
Phishing is another term used for cyber crimes, where emails are sent to users attempting to gain their personal information. You’ve probably seen scam emails asking you to reclaim your shopping rewards, or initiate a bank transaction, or check your Apple ID logins. Those emails are clever tricks trying to get you to login with your username, passwords, credit card information, and sometimes your social security numbers.

Phishing comes from the word fishing, it is a combination of “phone phreaking” and “fishing.” According to the January 2004 edition of Computer World:

"The word phishing was coined around 1996 by hackers stealing America Online accounts and passwords. By analogy with the sport of angling, these Internet scammers were using e-mail lures, setting out hooks to "fish" for passwords and financial data from the "sea" of Internet users. They knew that although most users wouldn't take the bait, a few likely would. The term was mentioned on the alt.2600 hacker newsgroup in January 1996, but it may have been used earlier in the print journal 2600, The Hacker Quarterly.”

(Source - https://www.computerworld.com/article/2575156/security0/phishing.html)


So as you can see, it’s nothing new, but phishing techniques are becoming more sophisticated and deceitful as their emails improve - making them look more realistic and believable.

Here are some things to think about:

- Banks and the IRS won’t send you unsecured links in which to enter your personal info.
- Links may contain viruses as you click through via browsers.
- Never send personal info via email.
- Don't panic over scary notices that come via email - it could be scammers.
- Call to confirm any suspicious email notifications.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus

People Who Wowed This Post

How to Recognize Email Spoofing

thread
image source: pixabay.com image source: pixabay.com
Beware: What you see in your email may not be what it seems. Although an email may appear to come from someone or an organization you know, the actual email address or the location of the sender’s server may tell you otherwise. Forged emails are the result of what is called “email spoofing.”

Just like any website, all emails contain what we call a header. Email headers are on the back-end (shown in email properties) and they can contain very valuable information about where your email originated from. It contains basic sender information along with the routing information.

Sometimes that basic sender information on the back end header does not match with the sender information you see on the front end in your email’s “from” field. Sometimes that from field won’t even show an address, just a name. And sometimes you’ll see a familiar name with a return-path email address next to it that doesn’t match what you have in your contacts.

Luckily, most email programs can spot these inconsistencies and direct them to a spam folder, but not always. It’s still a good idea to look for these inconsistencies if an email seems suspicious, comes unexpectedly, asks you to reply with personal or financial information, or asks you to open an attached file or click on a link you don’t recognize.

Just know the “from” field in your email may not always be telling you the truth. The name may look familiar, but it could be forged by a third party trying to cause harm.

To see your email header information in Outlook, double-click the suspicious email and go to “file,” then “properties.” For Mac Mail, select the email and go to “view,” then “message” to view either the default header (header only) or the row source. It will come in handy when you need to ask your IT person to troubleshoot the spoofing.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus

People Who Wowed This Post

Understanding the Computer Virus (or Malware)

thread
image source: pixabay.com image source: pixabay.com
Let’s kick off the subject of cyber security by talking about computer viruses. A computer virus is defined as “a type of malicious software program ("malware") that, when executed, replicates itself by modifying other computer programs and inserting its own code.[1] Infected computer programs can include, as well, data files, or the "boot" sector of the hard drive. When this replication succeeds, the affected areas are then said to be "infected" with a computer virus,” according www.Wikipedia.org.

Basically, a virus is a software program that penetrates your computer hard drive or files, and it can crash your computer, make it malfunction, or it can hijack and steal the data stored on your computer. Some of the more recent malware lives on your computer quietly, so you won’t know you’re at risk.

Computer viruses are not new. As a matter of fact, they’ve been around and detected as early as the 1960s. Some of the more well-known viruses in our history include the “Creeper virus” detected in the early 1970s, or “Michaelangelo” first discovered in 1991 infecting computers via floppy drives.

Not all viruses are passed via the internet, but they can also be found within infected files and spread through file transfers. Some viruses can unknowingly be installed on your computer when you click a link on a website that may be infected. Unfortunately, the website owner of that infected link may not even know about the virus, hence that quiet malware which can spread quickly. More sophisticated viruses can detect your key strokes so they can steal your passwords.

With cyber attacks on the rise, cyber security is needed more than ever, and luckily it is free. Especially if you are running a business, you need to make sure you have an anti-virus software installed on your computer(s) with malware detection that scans your computer on a regular basis. Many of these are free like Avast, Malwarebytes, AVG. Windows 8 comes with its own anti-virus software, Microsoft Security Essential, and for Windows 7, it’s free to download.
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware #EmailSpoofing #EmailVirus #EmailPhishing #ComputerVirus

People Who Wowed This Post

How to Combat Rising Cyber Security Threats

thread
image source: pixabay.com image source: pixabay.com
The cost of cyber crime exceeded $1.45 billion in 2016 with almost 300,000 reported crimes, according to the FBI Internet Crime Complaint Center (IC3).* To compare, the dollar amount was reported at just over $1 billion the year before. The growth could indicate more people are reporting cyber attacks now, but it’s more likely showing the increase in cyber crime overall. And these are just the numbers known by the FBI for American cases, which means we are probably facing a larger scale crisis when it comes to the world’s population.

Cyber attacks and security breaches are in our news often, and touch everyone’s life. The recent Equifax data breach goes to show we need to be aware of the tactics of those who try to trick us, and learn how to protect our online identities and sensitive information.

In October, we will cover some of the cyber security issues, as well as the protection methods you can take to protect both your business and personal information.

Let’s first define “Cyber Security.” According to http://whatis.techtarget.com:

“Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security.”

As defined above, cyber security doesn’t just protect your computer, emails and network; it also protects information that pertains to your physical security and your identity. We will cover many points and go more in depth on this topic throughout the month.

*Source: https://pdf.ic3.gov/2016_IC3Report.pdf
#PSPinc #Blog #OnlineMarketing #SmallBusiness #DigitalMarketing #CyberAttacks #CyberSecurity #CyberCrime #Equifax #Malware

People Who Wowed This Post

  • If you are a bloguru member, please login.
    Login
  • If you are not a bloguru member, you may request a free account here:
    Request Account