The digital workplace has benefited us all through faster communications and the ability to do business anywhere the internet can take us, but it’s also brought along new cyber predators working to infiltrate networks and steal sensitive data. 

Email fraud rose 80% from the third quarter of 2017 to the third quarter of 2018. (Proofpoint) 

Both email fraud and credential phishing attacks, where malware is planted to steal login credentials, rose significantly in 2018 and the trend continues in 2019. Phishing is the number one cause of data breaches and email is used most often (96% of the time) as the delivery method.

As part of our Modern Office IT support, BrainStomp monitors the health and security of business networks 24/7, preventing costly downtime and dangerous data breaches. We work with businesses to beef up their end user security, which is often the last line of defense against network intrusions via spam and phishing emails. 

What can you and your team do to protect yourselves from falling into a phishing trap? We’ve got five vital tips below to help keep you safe.

5 Important Tips for End User Security

Hackers use email as their favorite form of attack because it works. Phishing emails have become more sophisticated, mimicking the look of an email from a legitimate company and often employing scare tactics or promises of a sale to cause people to click before they think.

Examples of common phishing tactics employed:

·     “Your email account has been compromised, click here now to secure it.”
·     “Please find an urgent purchase order attached and send payment details.”
·     “We’ve just processed your (non-existent)order for $375.22. Click here to see more.”

But despite the shady tactics used by cybercriminals, you can protect yourself from spam, scams, and phishing attacks by employing end user security best practices.

Hover Before You Click

Phishing emails will often hide the true URL of a malicious site behind linked text. You can’t see what the real URL is until you hover over it with your cursor. Get in the habit of hovering over all links in an email or social media post BEFORE you click on them to see whether they’re taking you to a legitimate site.

In this example below, this phishing email is designed to look just like one from AT&T, but when hovering over the linked text “right here,” the true URL is revealed to be a fake going to a malicious site having nothing to do with AT&T. 

Use an Anti-Phishing & Anti-Spam Software 

During the course of a hectic day is when users are most vulnerable to accidentally clicking on a phishing link or downloading a malicious attachment. They’re trying to get through their inbox as fast as possible, and their defenses are down.

 A good anti-phishing and anti-spam software can help users out by being on the lookout for any dangerous emails and sandbox anything suspicious, protecting your system from a virus infection and alerting you to dangerous spam patterns.

Use Two-Factor Authentication 

One of the main pieces of information that malware-laden phishing emails go after are login credentials. If they can plant spyware on your system that records keystrokes, they can gain login access to any number of company applications and access sensitive data.

Two-factor authentication requires a second factor to login beyond just your username/password combination. This is typically a code that’s sent via text message to your phone at the time of login that has to be entered to gain access to the site or application. 

This helps thwart hackers that steal your login credentials, because even with that stolen username and password, they won’t be able to get past the two-factor authentication to breach your account.

Keep Software and Operating Systems Updated

The more users you have, the more chance that all workstation computers aren’t being regularly updated for software, firmware, and operating system updates. It’s easy to hit “remind me later” when an update reminder pops up, but this means your system could be missing important security updates that patch vulnerabilities.

Spammers sending phishing emails often exploit these vulnerabilities, just hoping the user hasn’t applied the latest updates. Using an automated or managed method of keeping all systems updated ensures you won’t fall victim to a breach that could’ve been easily avoided.

Be Suspicious & Get a Second Opinion 

Often after an employee mistakenly clicks on a phishing link and downloads a virus, they’ll say, “I thought that email looked strange, but I wasn’t sure.”

When it comes to email security, being suspicious of anything in your inbox that’s not both expected and from an email address you know is one of the best ways to avoid becoming a victim.

Some things to question are:

·     If the “to” email address line is to “multiple recipients” rather than just to you
·     If the sender’s email address is hidden or unknown to you
·     If you receive an email you’re not expecting (i.e. a PO from an unknown customer)
·     An email that’s trying to elicit an urgent response
·     An email with improper grammar or misspellings 

When in doubt, it’s always better to get a second opinion from someone else at your office or an IT pro that you have a help desk relationship with before you do anything else. A few minutes double checking a strange email can save you days of trying to recover from a virus infection.

How’s Your Cybersecurity Situation?

 If you got hit with a phishing attack tomorrow, would your network and user security protocols hold up? Don’t wonder, get a security review from BrainStomp. We can take a look at your cybersecurity plan and make any needed suggestions to ensure your network safety.

Contact us today to ensure your security at 260-918-3548 or through our contact form.

You’ve been using Windows 7 at your office since it first launched in 2009. It’s been a good stable operating system that everyone’s used to. But even the best of them must come to an end and that time has arrived for Windows 7.

Microsoft product lifecycles tend to run about 10 years, and they come in two phases. The first phase is when mainstream support ends, and the second is when extended support ends (aka end of life).

That critical end of life (EOL) date is fast approaching for Windows 7 and arrives on January 14, 2020. After that date, standard patches and all security updates will be discontinued (unless you purchase a limited extension plan).

With Windows 7 nearly at its end of life date, we’ve been busy helping clients upgrade before the end of the year. If you haven’t upgraded yet, there’s still time if you act now. Read on for our tips on preparing your business for an upgrade from Windows 7 to Windows 10. 

What Happens If I Use Windows 7 Past January 14, 2020?

If you’ve procrastinated and still have PCs running Windows 7 past its end of life date in January 2020, you’re leaving your business at extreme risk of a data breach. When extended support ends for an OS, it means found vulnerabilities are no longer patched, and your network becomes an easy target for hackers.

Nearly 60% of organizations that had a data breach within the past two years point to an unpatched vulnerability as the cause. 

Here are the key problems with running an operating system after it’s reached the EOL date:

·     Your network and data are at high risk for a data breach
·     Newer peripherals and software will increasingly stop supporting the older OS
·     As technology evolves, you may find that your system is not keeping up and experiences more errors and incompatibilities

Steps to Prepare Your Office for a Phase Out of Windows 7

You still have time to plan and implement a phase-out of the older operating system and upgrade to Windows 10. Here are the steps to take as soon as possible to ensure continued data security for your business.

Identify All Computers Running Windows 7

Before you purchase that first Windows 10 replacement; you first need to know how many replacements you’re going to have in total. Do a full inventory of office desktops and laptops and identify which ones are running the Windows 7 operating system.

Decide Which PCs to Upgrade and Which to Replace

Not all PCs will have the hardware necessary or be worth it to upgrade to Windows 10. Our recommendations for running Windows 10.

·     3 gigahertz or faster processor
·     8 GB Memory  – 16 GB if running Office
·     256GB gigabytes or larger hard disk Solid State Drive (SSD)
·     Graphics card that’s compatible with Direct X 9 or later with WDDM 1.0 driver
·     800x600 display
·     System less than 3 years old

From your list of all computers running Windows 7, separate those that can be upgraded from those that can’t or shouldn’t due to age.

Upgrade and Purchase

You’ll have several months to spread out the cost of the OS and computer upgrades if you start right away. For each non-upgradable PC, you’ll want to price out replacements. Include any IT costs needed to help to migrate the data from the old PC to the new one.

Companies will want to ensure they’re getting Windows 10 Pro and not Windows 10 Home preloaded on any new PCs, so you’ll have all the features you need for business, such as support for Active Directory.

For those PC’s being upgraded, you’ll need to purchase Windows 10 and plan for an OS upgrade. The time it takes to do the upgrade can vary from an hour to several hours, depending upon factors like the age of the computer, how much data is on it, and the speed of your internet connection.

Planning for Staff Transition

Beyond just the hardware and OS upgrades, you have a team that’s going to be impacted by the upgrade to the new system in a couple of key ways that you’ll want to manage.

1.   Work disruption during the time their PC is being upgraded
2.   Learning the new operating system

You can minimize disruptions by planning upgrades during non-working hours or have an alternate device for staff to use while the computer is being upgraded.

Help your team reduce any productivity dips after the switch from Windows 7 to 10 by having a training session on the newer OS to get them up to speed before they’re sitting in front that new desktop environment.

Need Help with a Windows Upgrade?

BrainStomp can ensure a smooth transition for your office before the Windows 7 EOL date, and as a Microsoft partner, we can also help you find the best prices on new PCs and Windows 10.

You don’t have to do this alone.

Our brains are here to help. Call 260-918-3548 or reach out online.