If You Haven’t, Upgrading from Windows 7 Should Be a Priority

f your computer is running Windows 7 as its operating system, it’s time to start thinking about the future. Microsoft has officially unveiled the End-of-Life date for Windows 7, meaning that they will eventually stop supporting computers running the much-loved operating system. What does this mean for your business? Let’s find out.

What is End-of-Life for Operating Systems?
End-of-Life doesn’t necessarily mean that your computer’s will just stop working–rather, they will just stop receiving extended support from Microsoft. Although mainstream support for Windows 7 ended on January 15th, 2015, Microsoft will continue to provide extended support for the operating system until January 14th, 2020. Assuming you have Service Pack 1 installed, your operating system will cease to receive updates following the Windows 7 End-of-Life date. While you’re still receiving security updates, there are no new features being added to your operating system.

Basically, End-of-Life means that the operating system no longer receives any important updates, meaning that it’s a security best practice to update away from Windows 7 before it becomes a liability.

Why Does End-of-Life Exist?
There is a constant war going on between software developers and malicious entities, like hackers. They are constantly trying to undermine the efforts of security professionals to keep businesses and their technology solutions safe from threats. Software developers put out patches frequently to prevent hackers from making headway in this war, but it’s hard to support all existing versions of operating systems at all times. When Microsoft ends support for an older version of an operating system, they are essentially giving ground to hackers, but let’s face it–if you’re using older software that is no longer supported, you could stand to take advantage of more recent, user-friendly solutions with all new features in the first place.

What You Should Do
The easiest way to get around the pitfall of using older software like Windows 7 is to just install Windows 10 as soon as you can. If you can’t do so immediately, it’s best to think about preparing your organization for a move to Windows 10 in the near future. Make sure that any workstations used by your business meet the following minimum requirements.

• Processor: 1GHz processor or faster
• Memory: 1GB RAM for 32-bit; 2GB for 64-bit
• Hard disk space: Up to 20GB available
• Required video card: 800 x 600 screen resolution or higher. DirectX 9 graphics processor with WDDM driver

If your workstations don’t meet these requirements, perhaps it’s time to invest in some upgrades for them as well.

If you’re looking to keep your technology in proper working order, even in the face of End-of-Life events, Net Activity can help. Our managed services will ensure your technology stays optimized and operational for the long haul. To learn more, reach out to us at 216-503-5150.

What Does Your Technology Roadmap Look Like for 2019?

A technology roadmap is a key asset to use when planning your business for the near future. IT is volatile and demands that you always think ahead, so if you want to make sure technology doesn’t become a major pain point for your organization, it’s best to start thinking ahead. We’re here to help you get started thinking about how your business technology should change and adapt over the course of 2019.

First, we’ll give you a brief overview of what you should expect when putting together an IT roadmap. You’ll want to focus on how much growth you anticipate, as well as how technology can influence or augment this growth. Another important aspect to consider is the resources your business currently has versus how much you will need in the future to achieve your goals. Finally, think about what kind of risks are associated with how much growth you are planning for, as well as how you can minimize the chances of this affecting your organization as time passes.

Projected Growth and Technology
Over time, your business will grow, whether it’s onboarding new clients or hiring more staff to make sure operations progress smoothly. You should have a plan for how much you expect to grow over the next year, so you can make sure technology solutions can adapt to this number as needed. For example, if you suspect that you’ll onboard 10 new employees next year, you should begin to make preparations now so as to minimize the growing pains later. Bandwidth deficiencies due to unexpected growth can floor your network and access speeds, making this a particularly important aspect to consider.

Resource Planning for the Future
The same consideration should be shown for your clients. If you onboard too many clients without enough staff or resources to effectively serve them, you’re not just doing the customers a disservice–you’re harming your own business (and its reputation) in the process. By being forward-thinking about your business’ specific needs, you can prevent these kinds of issues from cropping up in the first place.

Review your existing IT systems and tactics
When you plan an IT strategy it’s important to remember that you’re not starting from scratch. Reviewing your existing IT systems and tactics will help you define problems, see what’s working and where resources can best be saved by making use of what is already available.

Risk Factors Associated with Growth
The more users and clients you onboard, the more technology your business is going to use; and the more technology your organization implements, the greater the risk of security issues. It goes without saying that the more endpoints are on your network, the more likely your business is to encounter dangerous situations. Therefore, you should have measures put in place to ensure the integrity of your data storage systems and any endpoints connected to them. This includes mobile devices, which are an aspect of data security that can quickly spiral into a major problem if left unchecked.

Ready to get started planning 2019?   Net Activity can help your business plan for the future with an IT roadmap. To learn more, reach out to us at 216-503-5150.

6 Reasons To Back Up Your Mobile Devices

Companies such as Apple, Samsung, and others have turned mobile phones into mini-computers that can serve as a substitute for your laptop, or as a storage device. If you’re using a smartphone as a communications and storage device, backing up now would be a wise move.

Malware on mobile

More than two-thirds of the world’s population use a mobile phone with internet connection, so dangers in these handy devices are to be expected. Scarier than the thought of being offline is being online and exposed to malware.

If you use your mobile devices as extensions of your work computers, backing them up is a must. Mobile phones have become as vulnerable to malware as laptops and desktops are, especially if you consider the fact that many professionals and business owners use them for emailing confidential documents and storing business-critical files.

Device disasters

Malware isn’t the only disaster that can hurt your smartphone. Because you carry it wherever you go, your device can easily be stolen, misplaced, or damaged. They may be easily replaceable, but the data they contain is not. Here are some security threats to look out for:

• Data leakage
  Something as simple as transferring files onto a public cloud storage service, or pasting confidential information in the wrong place could compromise your business. In fact, according to specialist insurance provider Beazley, “unintended disclosure” accounted for 41% of data breaches reported by healthcare organizations during the first three quarters of 2017.
• Social engineering
  Tricking people online into handing over their personal and financial data is no longer confined to desktops, as this trend is already happening on mobile devices. In a report by IBM, it was found out that users are three times more vulnerable to fall for phishing attacks on mobile devices compared to desktops. This is because phones are where people will most likely see a message first, making them a popular attack vector by cybercriminals.
• Wi-Fi interference
  When we connect our devices to public Wi-Fi networks, we are putting critical information at risk. According to Wandera, nearly a quarter of devices in 2017 connected to potentially insecure networks, and some even encountered a man-in-the-middle attack, where someone anonymously intercepts communication between two parties.
• Out-of-date devices
  A vast majority of manufacturers, most particularly on the Android front, are ineffective at providing updates for their devices. This can inconvenience end users, as this exposes them to the many threats lurking online. Some smartphones and tablets may receive a security patch from time to time, but manufacturers eventually stop doing so after a while.
• Physical device breaches
  While this may seem unlikely for some, lost or unattended devices can still become a major security risk, especially if they are not employing proper security measures such as PIN codes and encryption.

Backup options

Performing backups on iOS and Android devices is a quick and painless process. For example, companies that use Office 365 or Google’s G Suite enable company-wide backup settings from a single dashboard. Apple’s backup settings usually need to be configured on each device, but it’s a pretty simple process.

There are also robust third-party options to back up all your organization’s mobile devices. The best of these are cloud backup services that sync devices and back up contacts, photos, videos, and other critical files in one neat system. These mobile backup tools are offered on monthly or lifetime subscription schemes, which provides small businesses with enough flexibility to ensure long-term protection.

Our experts can provide practical advice on security for your business’s computers and mobile devices. Call us to ask about mobile backup and other security solutions today.

Is it Time for your Business to Upgrade Your IT? Here are the Signs…

Chances are if you are in business today, there are a lot of devices on your network that you haven’t touched in years, might not be using, or don’t even need. Unfortunately, there are times when the technology you have doesn’t really do much other than take up space. If you feel like you are spending too much on your technology, you may not be wrong. By finding the IT that helps your business do business better, and scrapping plans for implementing technology that doesn’t provide sustainable returns may be a good strategy.

When you start to ascertain whether or not a piece of technology needs to be replaced or just eliminated, the first decision you have to make is obviously how does this piece of technology affect our product/service. If you can utilize the piece of technology and it helps fulfill opportunities, promotes productivity and efficiency, or is overall just a benefit for the company, it is pretty easy to ascertain how to proceed. If the piece of technology doesn’t provide obvious benefits, then you should try and understand what the problems are and why you may need to eliminate that technology.

It isn’t always that simple. Today, we will go through technology that you might find in today’s business and describe the relevant signs that a piece of it may be failing.

Server Hard Drives
Traditional computing environments utilize hard disk drives (HDD) that generally last between three-to-five years and will show indications that a failure is imminent. They include:

• The drive is making strange noises (clicking, whirring, humming).
• Repeated crashes and software errors.
• Repeated disk errors.
• Strange computer behavior.

These can also be signs that any computer that runs an HDD. Today there are computers that have what are known as solid state drives (SSD) in them. SSDs are largely expected to last longer, five-to-seven year and don’t always have the telltale signs of failure that HDDs do. Here is where monitoring your SSD comes in. Just like the RMM service we provide at Palindrome Consulting, if you like, you can download software that will allow you to monitor the strength of your SSD.

Beyond that, there are some signs that your SSD is on its last legs. Error messages that continuously pop up, files that can’t be written or read, and there are frequent crashes during the boot phase. Upgrading your hard drive before a major failure of your IT would keep downtime to a minimum and keep costs associated with that downtime to a minimum.

Networking
Major networking problems can derail any business’ relationships. The loss of access to the Internet and the data workers need to do their jobs extends pretty quickly to the cost of the product or service, and the staff’s ability to support. If you are having a problem staying connected, or getting the bandwidth that you need, you probably have a problem with a router, switch, or some other part of your networking system.

What’s worse than having hardware that is failing? Not having that hardware in the first place. If your company needs help with their wireless network, mobile computing management system, or any other system used to connect people or move data around, reaching out to the IT professionals at Net Activity can be a great decision.

If your IT seems like it is failing there is only one way to be sure that won’t be horribly costly for your business, call our professional technicians to do a full assessment of your business’ technology today at 216-503-5150.

3 Ways to Safely Browse the Internet in the Workplace

One thing you should be doing to protect your data – and your company – is to make use of privacy-protecting browser extensions. Depending on the nature of your business, both you and your employees are likely to be online at least some, if not all, of the working day. What are some of the browser extensions that can make the experience more secure?

Prevent browser tracking

If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, try installing a tool for private browsing. These programs offer protection against tracking by blocking third-party cookies as well as malware. Some extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter, Facebook or Google+.

Block advertising

While online ads may seem harmless, the truth is they can contain scripts and widgets that send your data back to a third party. A decent ad blocking program will block banner, rollover and pop-up ads, and also prevent you from inadvertently visiting a site that may contain malware.
Many blockers contain additional features such as the ability to disable cookies and scripts used by third-parties on a site, the option to block specific items, and even options to ‘clean up’ Facebook, and hide YouTube comments. The major blockers work with Google Chrome, Safari, and Firefox and you’ll be able to find everything from user-friendly solutions to more advanced tools that are customizable down to the tiniest degree.

Consider installing a VPN

Unfortunately, browser tracking, malware, and adware are not the only internet nasties that you need to be concerned about. but the good news is that there a number of other extensions that you can download to really get a grip on your online safety. A VPN (Virtual Private Network) is something else to consider. VPNs encrypt your internet traffic, effectively shutting out anyone who may be trying to see what you’re doing.

Commonly used in countries where the internet is heavily censored by the powers that be, a VPN allows for private browsing as well as enabling users to access blocked sites – in China’s case that’s anything from blogs criticizing the government to Facebook and Instagram. There are hundreds of VPNs on the market so do a little research and find one that suits you best.

Finally, it goes without saying that having anti-virus and anti-malware software installed on your PC, tablet, and even your smartphone is crucial if you want to ensure your online safety.

Is browsing at your workplace secure? Would you like a more comprehensive security system for your business? We can tell you all about it and help your business protect itself from online threats. Get in touch with us today.

3 Ways Email Encryption Keeps Your Messages Safe

Encryption is a very important tool in today’s business environment, especially if you are trying to protect your email communications. Today, we’ll discuss the benefits of using encryption for your business’ communications solutions, but without an understanding of what encryption actually is, the conversation might be a little harder to understand.

Defining Encryption
Encryption means that your data is scrambled in a way that obscures it from just anyone viewing it. What this means for email is that only the intended recipient can decrypt it, preventing those who might try to intercept it from being able to read it. For business email, this is particularly helpful.

Security
Security is the biggest reason to use encryption, and since it’s such an effective way to obscure data from prying eyes, it’s no wonder why. Many businesses utilize private or sensitive data, making it extremely important that it’s not exposed while in transit. In contrast to the way that hackers used to go about their business–breaking into networks and stealing data–many have opted instead to simply take a peek at the data while it’s moving from point A to point B. Encryption means they can’t do this anymore… well, they can, but they won’t see anything worth stealing due to the encryption scrambling the data.

Compliance
If your industry is one that must comply with regulations regarding data privacy, you might have to use encryption, so you can dodge hefty fines for not doing so. One of the best examples is the Health Insurance Portability and Accountability Act, or HIPAA. What this states is that health information and records absolutely cannot be shared without the patient’s consent, meaning that if a hacker were to steal this information, the company responsible for storing it would be in direct violation of HIPAA. If you use encryption to make sure this doesn’t happen, you can protect your business from liability for this and your users from having their personal information stolen.

Efficiency
If you take the right measures to protect your email systems, then you’ll make the entire process easier as a whole. If you take the time to install systems that automatically encrypt your email, then that means you won’t have to manually do it.

Net Activity can help you secure your email solution. To learn more, reach out to us at 216-503-5150.

The Internet of Things Continues to Expand

The Internet of Things is now made up of over 15 billion devices. 15 billion. This number includes both consumer devices in a home environment as well as business devices that are typically used in an office setting. As such, you cannot risk ignoring this phenomenon, whether it’s from a security standpoint or one of practicality. We’ll discuss the many ways the IoT is shaping business practices in today’s modern office.

A Brief Review of the IoT
An Internet of Things device tends to have its typical functionality along with additional connection to the Internet. The only real caveat is that the device needs to not be something that would ordinarily have Internet connection as its primary function. Consider fitness devices like watches that can send data to your phone for easy viewing, as well as devices like Amazon Echo that can help you control your home with voice commands.

The convenience and “cool” factor surrounding these devices makes them popular among consumers, and as such, there is a high adoption rate for this technology. Projections place the economic value of the Internet of Things at approximately $4-$11 trillion by 2025, with some 20.4 billion devices all around the world by 2020.

Home Usage by Businesses
Since the IoT is largely associated with personal use and casual purposes, it’s largely known for being relatively insecure compared to other types of devices. However, Gartner reports that businesses are still using IoT devices, and not just to a minor degree. In fact, it’s estimated that 63% of IoT devices in 2017 were owned by consumers, while businesses contributed to 57% of the spending on IoT technology.

This trend isn’t surprising, as the kind of features that consumers want, also translate well to a business’ needs. For example, some of the devices used by consumers, like IoT powered security cameras, can also be used to monitor the office. Of course, the opposite is also true; there are devices for businesses that consumers simply can’t purchase due to the high price tag. An example of this is the smart devices used by subscription-based services like gyms. The IoT fitness equipment might be too expensive for the average user, but it’s just right for these kinds of businesses.

Barriers to the IoT
Implementing the Internet of Things in the workplace can be challenging. Before investing too much, be sure to check if there is a measurable need that the device addresses. The IoT is definitely more suited to businesses that have a lot of repetitive work, as it can be used to alleviate the monotony of these tasks. However, it’s important to make sure that an investment into the IoT will be worth it from a financial standpoint. Of course, security will continue to be a problem for IoT devices, so it’s also critical that you take this into account.

To get started thinking about the Internet of Things as an asset rather than a threat, reach out to Net Activity at 216-503-5150.

Office 365 Beefs Up Anti-Phishing Measures

There are plenty of things to love about Office 365. For a small monthly fee, it gives you the latest cloud-based version of Microsoft Office apps and robust communication tools that improve collaboration and productivity. But it’s also an extremely secure platform that can defend against the most cunning phishing attacks.

Effective anti-phishing solutions must be able to recognize the key elements of a phishing attack, which includes spoofed (or forged) emails, compromised accounts, unsafe links, and harmful attachments. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features so it can better detect these elements and prevent a wide variety of phishing scams. These enhancements include:

• Anti-impersonation measures – ATP will now look for potential phishing indicators in an email, including the sender’s address, name, and links, to identify whether the user is being impersonated. You can specify high-profile targets within your organization, such as managers and C-level executives, so Office 365 can protect these users from email impersonation. Office 365 also utilizes machine learning to analyze a user’s email patterns and flag suspicious contacts that have had no prior correspondence with your company.
• Anti-spoofing technology – This feature reviews and blocks senders that disguise their true email address. You can even enable safety tips that flag certain email domains that have strange characters. For instance, if your real domain is Acme.com, a spoofed domain could be Acḿe.com.
• Email link scanning – Office 365 launched Safe Links, which scans emails for fraudulent links and redirects users to a safe page in case it does contain harmful materials. This feature also applies to email attachments, ensuring you’re protected against all types of phishing scams.

Due to these improvements, Office 365 had the lowest phish rate among other well-known email services between May 1 and September 16, 2018. The company has stopped over five billion phishing attempts and protected users against seven billion potentially malicious links. If you’re looking for a secure email platform, Office 365 is the best option for your business.

That said, it’s not a substitute for good security awareness. No matter how secure Office 365 is, employees still need to be adequately trained to recognize a phishing email when they see one. Hackers are constantly changing their tactics to evade Office 365’s detection systems, so it’s important that everyone is alert at all times.

If you need a well-fortified email service, we can implement and manage Office 365 for you. We even offer practical security advice to make sure your business, employees, and assets are safe and sound. Contact us now.

Effective Conferencing Goes a Long Way

Many organizations that don’t have the same breadth of funding and services might wind up spending more capital in attempts to compete with these larger organizations, but the way forward isn’t always clear. For small businesses that have trouble managing the many moving parts of their business, communication is key–especially in an age where so many businesses have remote employees who are not always in the office to speak to directly. We’ll discuss what the modern face of communications looks like with a particular focus on conferencing services.

Web conferencing solutions give companies like yours the opportunity to host business meetings in an online location, and all anyone needs to join is a computer (or mobile device) and an Internet connection. This gives your employees the freedom to get work done while out of the office. Additionally, there are many other benefits to using conferencing solutions. They include:

Saving on Travel Costs
In-person meetings are one of the big parts of doing business, but remote workers often can’t make this happen. Video conferencing makes this much easier, as you don’t have to worry about travel costs or being face-to-face with the others to have a conversation with someone about an important project.

Speeds Up Business
Meetings can be time-consuming. Rounding up everyone into the same room can make for a challenging and stressful situation, which is why it’s so much easier to simply use the Internet and a conferencing solution to make it happen. Since you don’t have to wait for everyone to be in physical attendance, this type of conferencing can help your business save time and money.

Flexibility
Scheduling meetings around the schedules of all other attendees can be difficult at times, as everyone has a different set of daily goals and responsibilities. Therefore, they appreciate the flexibility that a conferencing solution can offer. With the ability to share screens, collaborate in an online environment, and send out instant messages and emails, everyone can be updated about the status of the meeting easily.

Build Engagement
Conferencing gives your business the chance to engage with both current and potential clients in an easily-accessible format. Some conferencing solutions have built-in webinar options that give attendees the option to phone-in with their mobile device or with their desktop. Attendees can speak or type in the interface as well, giving you the chance to answer questions and interact with them.

A modern conferencing solution can go a long way for your business. To learn more about how you can use a conferencing solution to reduce costs, reach out to Net Activity at 216-503-5150.

Phishing Scams Use Many Kinds of Bait

Phishing scams have one of the most descriptive names in all of computing, mostly because of how similar phishing is with fishing. Just as one does when one goes fishing, bait is dangled in the hopes of getting a bite – but to take the comparison one step further, different types of bait can be used, depending on the catch one is trying to make.

 Just as one can fish with live bait, lures, or flies, there are different methods that a hacker can use in their phishing attack. Therefore, in order to truly protect your business against phishing attempts, you need to ensure that you and your employees can identify all of the different phishing methods they may encounter. These practices are good to take home with you too, as personal email accounts are also targets of phishing.

 Deactivation Threats

Only too often, an organization will appear to send someone a notice that their account is going to be deactivated, and they have to follow a provided link to log back in – right now – in order to preserve their account. This “helpful” email will also suggest that they update their credit card information, too. You know… just to be safe.

These scams are easy to spot if the service that is being deactivated isn’t one that is actually used. However, some businesses have accounts with a very substantial number of companies, so it can be difficult to keep track without the proper systems in place. These scams are only more convincing if there is actually an account with the service that is apparently reaching out. Even worse, it isn’t uncommon for these scams to come with warnings against scams or claims of security, or one that actually links to the legitimate company website.

 To fight against these scams, it never hurts to try the URL test. Hover your mouse over any links without clicking, and check to see if the URL matches what you would type into your browser. An even safer course of action is to reach out to the company directly through another method, like sending a fresh email to their support or giving them a call instead to confirm that the email was sent from them.

 Nigerian Scams
These classic scams are the ones that probably first pop into your mind when you hear the phrase “email scam.” You know the ones – out of the blue, someone contacts you with a request that you assist them in moving a large share of money, with a considerable portion of it going to you for your troubles. These scams are known as such because the first wave of them originated in Nigeria, pertaining to a Nigerian prince. However, instead of riches as their reward, victims of these scams have their own finances stolen, and are even sometimes arrested if they are lured to Nigeria itself, as has happened in the past (after all, they are conspiring to remove Nigerian monies from the country).

These scams, like many others, can be foiled by the old adage, “If it’s too good to be true, it probably is.” However, many people from all walks of life and levels of presumed intelligence have been fooled by these scams.

 Government Threats
Fortunately, most of Orwell’s 1984 can still be considered fiction, but these scams rely on the opinion that Big Brother is very real, and very much out to get us – especially if one is engaged in behavior that isn’t considered acceptable in public context, or is just plain illegal. These phishing scams are the ones that claim that the FBI is about to kick down a user’s door for illegally downloading content or watching adult materials. The only way the guilty user can (supposedly) save themselves? Pay immediately, using the provided link. Sometimes, that’s the only thing the computer can do at this point, because the scam included some ransomware that’s locked the computer up. Of course, that’s something you should never do, because it only encourages the hacker to continue their actions, and there’s no guarantee that the hacker will live up to their end of the deal.

 These scams can take a few different shapes. Some scammers like to phish users by creating a fake alert that malware has taken over the computer, so someone needs to remote in and fix it. This way, if a scammer is trying to gain access to your device, they just need to wait for you to give it to them. Don’t.

 If your computer has been infected with ransomware as a side effect of this scam, you’re going to have to wipe your computer and start fresh from a comprehensive backup solution (which is something that your organization definitely needs to have). This is annoying, but it is a much better alternative than paying a huge sum to probably not get your access back. Otherwise, all you need to do is ignore the email, after reporting it to IT, of course. The Federal Bureau of Investigation (or whoever is allegedly about to storm your location) has more important things to do than hunt you down, unless there’s a different reason they may want to.

Wire Transfer Scams
Proving that something as simple as phishing can turn even the biggest companies into victims, one only has to look to Google and Facebook for an example. A combined $100 million was taken from the companies when a scammer named Evaldas Rimasauskas posed as hardware supplier Quanta Computer. Basically, by examining the accounting department’s records, Rimasauskas was able to fraudulently submit invoices and collect his bounty from the Internet giants over a period of two years.

Again, the most effective way to stop these kinds of scams is to simply have the controls in place to prevent them from being effective. Make sure that any money transfers are fully vetted, verified, and authenticated before sending them, and ideally, the computers used to send them should be isolated from the Internet and your network unless actively in use.

Work Mules
The Internet has made the job-hunting process a lot easier for quite a few people. Unfortunately, it also makes it a lot easier for scammers to launder the money they have stolen by leveraging these job-seekers as unwitting co-conspirators. By hiring people on these job sites, a scammer will deposit their ill-gotten funds into their accounts, with orders to transfer that money to another account or to convert it into a cryptocurrency. Many will include these tasks as a part of a greater list of responsibilities to make the “job” seem more legitimate. Some will pay a salary, and others will just have the “employee” keep a portion of the deposited money.

While it may sound like a dream job, this kind of work is more of a legal nightmare for those involved, seeing as it is a crime. Anyone who unwittingly participates in these scams needs to cut ties with the scammers and retain some legal counsel, as they could very well face money laundering charges.

SMS Phishing
Thanks to cellular devices, phishing has been able to go mobile in a few big ways: phishing via SMS, or ‘smishing’, and phishing via spammy social engineering voice calls, or “vishing”. Smishing effectively just takes the typical phishing email and transplants it to a text message. Vishing prompts you to input sensitive information through a recorded message. For instance, a typical vishing attempt might appear to come from your credit card company and ask you to input your card number to confirm whether or not you’ve been breached. If you hand over your number, the answer is automatically “yes”.

Despite these efforts being relatively very basic, they are often a success for the scammer simply because of the delivery method. Surprisingly, people still don’t anticipate that a scam can come in via text. However, if a message is received that seems suspect, your defense against a potential scam of this kind is just as basic as the scam’s efforts: ignore it and delete it.

SWATting
These phishing scams are hugely dangerous, as the wrong move could ultimately lead to the loss of life with terrifying ease. Imagine, you’re at home, far from your work technology (not counting the smartphone in your pocket), just relaxing at the end of a long day… and a fully-equipped specialized squad of law enforcement officers suddenly bursts through your door, weapons at the ready.

This is the effect of a SWATting attack, in which a cybercriminal spoofs a phone number to call in hugely serious threat, prompting a massive response from law enforcement. Let’s face it, it’s hard to be productive with sirens blasting outside the office and officers shouting commands into bullhorns outside, let alone when the investigation makes its way inside the office. While you’re distracted, the cybercriminal works on whatever goal they have with the confidence that you’ll be looking the other way for quite some time. Some high-profile cybersecurity experts and reporters have been targeted by these attacks so often, their police departments call them back to confirm that yes, there is an actual emergency before deploying the big guns.

With any luck, this attack will only ever be rolled out against you sparingly, if at all. However, it may not hurt to inform your local law enforcement about these threats before one strikes, especially if you have reason to believe that you may be a particularly good target.

Phone Forwarding
This variety of phishing has been around for years. Basically, instead of your phone ringing when a customer tries to call, the call is forwarded to a phone in the possession of a scammer. This is because the scammer has already reached out to the phone company on your behalf and requested that any incoming calls to your number are rerouted to a phone they control. Alternatively, they may have convinced you or one of your employees to dial a sequence of numbers after reaching out to you.

If yours is the type of business to accept credit card payments, the caller may be only too willing to hand over their card details to the scammer. After all, they’re just trying to place an order. As far as they know, they called you, and are talking to you. This scam can also be used to stick you with their telephone charges. Protecting your business can be somewhat simple, as long as you’re being mindful. Don’t press buttons based on the request of an incoming call, and make sure you have a reasonably good working relationship with your telephone provider.

SEO Poisoning and Look-Alike Websites
Finally, there are tons of phishing scams that lurk online, waiting for you to click on the wrong thing. Quite deviously, scammers are embracing the use of Search Engine Optimization, commonly referred to as SEO.

SEO practices are how some websites always seem to rank higher than others when you turn to a search engine for answers. By making certain choices and meeting certain criteria, these websites meet the standards of the search engines well enough that the search engine decides to rank them more highly in the list. For instance, as this was being written, a quick Google search for “seo” returned about 411 million results in less than a second. Based on the factors that Google takes into account, those 411 million results were also sorted by anticipated relevance and the quality of their SEO preparedness.

Unfortunately, this tool can be used to a scammer’s advantage as well. A scammer might send you a simple little virus, just a program that brings up a warning for error code 357. There’s no such thing as error code 357, but you may not know that. So, you turn to Google (or whatever your preferred search engine may be) and look up error code 357. A well-prepared scammer will have created a well-optimized page detailing error code 357 and offering a download to fix it. This download, unfortunately, contains a nasty payload that you just welcomed into your system.

Alternatively, many scammers will just replicate websites in great detail, and using SEO tactics, make it easy for someone doing a quick Google search to click on the wrong one. From there, anywhere the victim can “log in” is an opportunity for their credentials to be stolen.

Fighting Back Against Phishing
Clearly, phishing is a little more complicated than many people realize. If you want our assistance and expertise in setting up solutions that can help keep phishing scams and other threats out, give Net Activity a call at 216-503-5150.