Some criminal tactics work so well year after year at fooling people into clicking malicious links or downloading malware-laden attachments that they spawn multiple variations.

Phishing is responsible for 90% of all data breaches, and just about every business on the planet has been the recipient of a phishing email. It continues to be the most popular tool in a hacker’s toolbox because it continues to work, and there are so many ways to deploy phishing.

When planning IT security solutions for business, phishing continues to be difficult to combat because it can take so many forms. A few of these include:

·      Phishing with email attachments

·      Phishing with malicious links

·      Text phishing

·      Social media phishing

·      Targeted spear or whale phishing 

And once people get wise to one type of phishing ploy, scammers quickly adjust and bring out brand new ones. One of the newer ones that was first spotted in 2018 is a SharePoint/OneDrive phishing scam that tricks users into giving up their Office 365 login credentials.

The SharePoint scam is clever in that it disguises itself as a common type of email that companies using Office 365 might see every day - an invitation to collaborate on SharePoint. 

It looks legitimate at first but is really redirecting the user to a spoofed login page to steal their username and password.  

How Does the SharePoint/OneDrive Scam Work?

This phishing scam begins when a user receives a seemingly normal invitation to collaborate through SharePoint, and it will include a link to a OneDrive document. The link will appear legitimate, having “onedrive” in the URL as it should, which tricks many users into letting their guard down and believing it to be real.

The trick of this type of phishing scam is that the link really IS a link to a OneDrive document that the scammer has put up. Because the link is to a trusted resource, it can slide right by undetected in many anti-phishing programs that look for malicious links. 

This is one way that phishing keeps evolving. As scammers find that their ploys are getting blocked, they look for ways around the system, which is through the use of links on services like OneDrive or Google Drive that an app won’t be programmed to flag as dangerous.

The next step in the ploy happens when the user clicks the OneDrive document link in the email to access the shared file. It directs them outside of OneDrive to a third-party website with a spoofed Microsoft Office 365 login page.

The page is designed to look exactly like the real thing that users have most likely seen so many times, they don’t think twice about entering their login credentials. 

As soon as the employee enters their login, the scammers have them and the person may then realize something is not right, because they’re not finding a shared document they were expecting to see. Others may shrug it off as something just not working right with the SharePoint service. 

What Can Hackers Do with My Office 365 Credentials?

Login credentials for an Office 365 account can score a hacker anywhere between $15-$100 each, with administrator logins being sold for the most money.

They’re so valuable because they can let criminals into all sorts of areas of the platform for nefarious reasons. With your login credentials for Office 365, hackers can access:

·      Email (for sending spam and more phishing)

·      Cloud storage with sensitive business information

·      Access to other user accounts using an admin login

Why This Phishing Attack is Particularly Dangerous 

There are two key factors at play with the SharePoint phishing scam that makes it particularly dangerous for an organization.

One is the trust factor. Users are seeing a standard OneDrive link in an email that they will typically trust. Some employees also may think that the SharePoint invitation must be an internal one and anything coming from their own company’s system would be safe.

The second factor is the ability of these phishing links to get past security applications, like Microsoft’s Advanced Threat Protection. These services won’t typically identify a OneDrive file link as malicious, so the email gets through. This also causes the user to place trust that it’s legitimate, because they mistakenly think, “the security software would’ve caught it if it wasn’t real.”

Tips to Avoid Falling for the SharePoint Phishing Scam

While phishing is getting more sophisticated, that doesn’t mean you don’t have any defenses against it. There are several things that your business can do to safeguard your Office 365 platform from this type of scam.

·      Educate Your Users: Conduct ongoing employee cybersecurity education about this and other phishing threats out there, so users know what to be on the lookout for.

·      Use Multi-factor Authentication: Using multi-factor authentication can stop a thief from being able to use stolen login credentials for your Office 365 account because they won’t have access to the device that receives the login PIN.

·      Use a Web Filtering Application: Security applications that include web filtering can warn users if they’ve just clicked to access a dangerous page, including those designed to spoof a login page. 

·      Protect Workstations with Endpoint Protection: A 3rd party endpoint protection application can often catch phishing emails that other software might miss.

Get Help Securing Your Office from Phishing Attacks

Phishing comes in multiple forms and is constantly evolving. Make sure you have a cybersecurity strategy in place that can keep your data protected. BrainStomp can help you with the best security solution based upon your office software and workflows.

Schedule a free security consultation today! Call 260-918-3548 or reach out online.

After email itself, the second most used area of Outlook for most people is the calendar. Whether it’s used for appointment scheduling or task reminders, having a place to plan your days and weeks often helps keep things from falling through the cracks.

Whether your calendar is a burden or a lifesaver, often depends upon how well you can optimize it and integrate it to work with the rest of your office technology.

Outlook in Office 365 has multiple collaborative tools that can boost team performance and streamline your workflow if you know how to use them. A benefit of collaboration tools is they inherently boost productivity.

When employees are connected, organizations have seen a boost in productivity of 20-25%.

Get more out of your Outlook calendar and keep your team connecting effectively with these pro Outlook calendar tips.

Tips for Making the Most of Outlook Calendar

If you’re looking to stay organized and on top of your game when it comes to calendar management, these tips are sure to help.

1. View Two Time Zones at the Same Time

When you’re meeting with people in other countries, trying to find a suitable time can be a challenge. You can make it much easier by enabling a second time zone view in your Outlook Calendar.

Just go to Options > Calendar > Time zones > Show a second time zone

2. Create a Calendar Item from an Email

Quickly create a calendar item that includes notes from an email and send it around without even leaving your inbox.

When you’re in an email message, go to the Message tab, and in the Respond group, click Meeting.

This opens a meeting window and includes the content from the email, you can edit the date and time, attach any pertinent files, and invite others from the same window. You’ll also be able to copy the meeting to your calendar with a click.

3. Use Automatic Colors for Organization

You can organize meeting types by color so you can easily see what your schedule looks like at a glance. For example, you could put marketing meetings in purple and accounting meetings in green and set up your system to do it automatically.

You use a keyword to automate the color code, such as “marketing,” and create a rule to apply that color to meetings using that keyword.

Steps include:

• Click the View tab in the Calendar window and then click the View Settings button.

• Click Conditional Formatting and Add to create a new rule

• Enter the rule name and choose a color

• Click on Condition

• On the Appointments and Meetings tab enter the keyword in the Search For the Words control

• Retain the In Subject Field Only default setting, then click okay until you return to the Calendar window

When you create a calendar item using the keyword, it will automatically be color-coded to the color you set.

4. Share Your Calendar over MS Exchange Server

If your office uses Microsoft Exchange Server, then you can take full advantage of shared calendars and can share your calendar with those inside or outside your organization or create a calendar that’s shared by a group, so everyone knows what’s happening each day.

To share a calendar, click “Share My Calendar” on the Navigation Pane. This opens a Permissions tab in Calendar Properties.

Select the calendar to share and the permission level, then click to add users to give access to.

5. Insert Holidays (from Any Country) into Your Calendar

Save time when planning around holidays both in the U.S. and other countries. When you insert holidays into your calendar, you don’t have to Google them each time to schedule around them.

Go to File > Options > Calendar > Add Holidays, and you’ll get a list of multiple countries to choose from.

6. Start Outlook in Calendar View

By default, Outlook opens at your email inbox, but if you’d like to get a view of your day first before sorting through email, you can change this to open in the calendar window instead.

Go to File > Options, click Advanced. In the Outlook Start and Exit section, click Browse and then click Calendar.

7. Attach a Calendar Reminder to Emails

Following up with colleagues who are late for meetings or miss deadlines can be tiresome and time-consuming. Make it easier by attaching a calendar reminder to an email.

This feature will send a calendar alert to your email recipients reminding them of an important date for you.

From the Outlook Home tab, choose Follow Up and then click Add Reminder. Set the time you’d like the alert to appear and click the Reminder checkbox.

Keep Your Office Connected and Efficient

Looking for ways to better utilize your technology to keep your team connected, efficient, and productive? BrainStomp can help you streamline your workflows and choose the applications that will support your needs the best.

Schedule a free technology consultation today! Call 260-918-3548 or reach out online.

How organized you are has a direct correlation to time management. According to the Wall Street Journal, office workers waste an average of 40% of their day due to lack of organizational skills.

With a good deal of that workday time spent reading and responding to emails, applying organization to your Outlook inbox can make a big difference in productivity and time management.

Often, companies looking for modern IT solutions adopt applications that can help them streamline and reduce wasted time, but to get the full benefit from apps like Office 365 and Outlook, it’s important to know the secrets of good organization and how they can help you achieve it.

The average person spends 28% of their workday reading and replying to email.

Our BrainStomp team has put together some of our favorite ways to effortlessly organize your Outlook email and become a master of efficiency.

Tricks for Saving Time witth Outlook Organization

These tips can help even the most unorganized person find more time in their day by spending less of it searching for things in their inbox. Try out these tips and see for yourself!

Use Outlook Folders

Creating personal folders in Outlook allows you to easily separate your mail by category or subject, making it much easier to find that last email from that big customer or review online purchase receipts.

You can use them in multiple ways to save time, here are two:

• Have all mail come into your inbox, then once addressed, move it to the appropriate subject folder.

• Automate incoming messages based upon sender or subject line to automatically move from your inbox to the appropriate folder.

In the left pane of Outlook, right-click where you’d like to add the folder and click New Folder, add the name and press Enter.

Add Color Codes with Categories

Reduce time searching through your inbox by using categories to color code according to subject. It will help you instantly spot a message of a particular type.

Color categories also help you stay organized across other Outlook items and will impact:

• Email messages

• Notes

• Contacts

• Appointments

From an email message, you can right-click the message and select Categorize, then select a category from the list.

Create categories by going to the Tags group on the top ribbon and select Categorize > All Categories. In the Color Categories dialog box, select New.

Let Quick Steps Organize for You

You can set up Quick Steps in Outlook to give you an additional helping hand when it comes to your email organization. It’s a big time-saver and can eliminate hours spent trying to sift through an inbox that’s become overwhelmed.

You can use any number of automations in a Quick Step, here are some of the defaults that Microsoft provides for you to get started.

• Move a message to a specific mail folder and mark it as read

• Open a reply to a message and delete the original message

• Forward a message automatically to others on your team or to your manager

You can create a Quick Step by selecting Home, then in the Quick Steps group select the More arrow. This opens the Manage Quick Steps dialog. Select a Quick Step or select one to change and click Edit.

You’ll see multiple options to use for actions that you can combine together so they execute in one click.

Use Focused Inbox to Designate Important Mail

A handy organizational feature that splits your inbox in two is called Focused Inbox. What it does is create two different inbox tabs, Focused and Other. In Outlook for Windows the Focused Inbox is available for Office 365, Exchange, and Outlook.com accounts.

You can use the View tab to easily tab between your Focused Inbox and Other, so you can keep more important messages grouped together in one place. You can easily move messages between the two inboxes when needed and set all messages from a particular sender to automatically come into your Focused Inbox.

Delete Redundant Messages with Conversation Cleanup

Do you have multiple messages with much of the same information due to replies back and forth? An easy way to reduce your inbox clutter is through the Conversation Cleanup tool in Outlook.

When you use Conversation Cleanup it will evaluate the contents of each message in a specific conversation, and if a message is completely contained in another message, it will move it to your deleted items.

To use it, go to the Home tab and in the Delete group, click Clean Up.

You can then choose from the following options:

• Clean Up Conversation

• Clean Up Folder

• Clean Up Folder & Subfolders

You also have flexibility in setting specific commands, such as to never delete a flagged message.

Find More Time-Saving Tricks with BrainStomp

The BrainStomp team is all about technology optimization and we can help your office reduce wasted time and make the most of the applications you’re using to positively impact productivity and your bottom line.

Schedule a free technology consultation today! Call 260-918-3548 or reach out online.

Certain time-saving tricks can completely change your workflow and save you minutes per day and hours per week. These generally involve repetitive tasks that you do often, such as emailing a new contact your product information or sending weekly reports to your department head.

While most people don’t think of Outlook first when it comes to productivity tools, it does have two distinct features that can be real time savers - templates and Quick Parts blocks.

The average worker spends 209 minutes each day checking work email, which is about 3.5 hours per day. If you can shave even 30% of that time off by optimizing how you utilize Outlook, that can be significant savings.

To look at that in productivity dollars, say someone makes $25 per hour. If they spend one hour less on email per day, that’s $125 per week or roughly $500 per month in productivity savings just by being more efficient on one program.

Understanding the cost savings that comes from technology optimization is part of what Brain Stomp does when we provide IT consulting services. Technology is such a big part of every industry now that a few efficiency tricks can make all the difference. 

So, let’s take a deep dive in to templates and blocks in Outlook and find out how they can help you reduce the amount of time you spend in your email inbox each day.

How to Set Up Email Templates in Outlook

First, we’re going to look at email templates. These are entire emails that you save and can be used later at the click of a button. 

Say your design firm needs certain information from a new client in order to draft up a proposal. Instead of typing that in every time or trying to find an old email to copy/paste from, you could set up an email template that has all the details the client needs to know that you could send at the click of a button. 

Besides making the template itself, there are ways to use template that can also shave minutes off each email message. 

How to Create an Email Template:

1.    On the Home tab, in the New group, click New E-mail

2.    Type the email message, apply formatting, etc. 

3.    Once it’s done, click the File tab in the message window

4.    Click Save As

5.    When saving choose Outlook Template from the Save as type list

6.    Give the template a name and click Save

TIP: Don’t add your signature if you already have your email signature coming in automatically each time you create a new message. It will autofill in the template when you use it.

How to Access an Email Template:

When you get ready to use a template to send an email do the following:

1.    Select New Items > More Items > Choose Form

2.    Under Look In, click User Templates in File System

3.    This will open the default templates folder (c:\users\username\appdata\roaming\microsoft\templates)

4.    Browse to the template you want and select it.

5.    You can now make any edits needed, add To, CC, BCC, etc. 

Make it Faster with the Quick Access Toolbar

You can add the “Choose Form” command to the Outlook Quick Access Toolbar to make it even easer for you to grab a template when you need it.

Just click the New Items > More Items

Right-click the Choose Form item, and in the menu that pops up, choose Add to Quick Access Toolbar

How to Use Quick Parts (Blocks) in Outlook

Do you have a particular block of text that you use often in different types of email? For example, you may have to continually provide the color options that your paint shop offers when speaking with a variety of different clients about different projects. 

This is where Quick Parts come in. Quick Parts are reusable text blocks that you can insert in email messages. They can even include images and text formatting, like bullets. A few examples of potential uses include: 

·      Cancellation policy

·      Directions to your office

·      Answers to frequently asked questions

·      A holiday promotion

·      Links to details about a product

When you’re typing an email and get to the part where you need to add that frequently used bit of text, you can just click to insert your saved Quick Parts block. 

How to Make a Quick Parts Block

1.    From the message that contains the text you want, highlight the text to save

2.    On the Insert tab, in the Text group, click Quick Parts

3.    Click Save Selection to Quick Part Gallery

4.    Fill out the requested information (name, gallery, category, description, insert options)

You’ll be able to set one of three different insert options, which include:

·      Insert in its own paragraph

·      Insert content in its own page

·      Insert content only 

How to Use a Quick Parts Block

1.    Have your cursor where you want to insert the saved text block in your email message

2.    On the Insert tab, in the Text group, click Quick Parts

3.    Right-click the gallery pane, select the block you want and click Insert

You can use Quick Parts blocks as well when you’re creating an email template in Outlook.

Find Optimizations to Save You Time & Money 

Brain Stomp can sit down with you and take a look at the types of workflows you’re currently using and identify areas of optimization that will save you time and money. Make your day more efficient and learn some cool Office tricks at the same time!

Schedule a free technology optimization consultation today! Call 260-918-3548 or reach out online.

How much time do you spend each day sifting through emails, moving them into folders, or tagging them for follow up? The average person spends 28% of their workday dealing with email messages. 

That’s about 2.6 hours per day just handling messages, which is a pretty significant chunk of time. Often, it’s the unruliness of all those incoming emails that makes sorting through them time consuming.

Some people try to power through to a “zero-inbox” by end of day by moving emails to other folders (which may still need to be addressed later), and others just watch their email inbox fill up helplessly, knowing that in about a month, they’ll end up deleting old ones they never got to (hoping the sender re-emailed them later or contacted them another way).

What many people don’t realize is that modern office IT is designed to make workflows easier if you know what tools to use, and they may already have an app that could significantly cut down on their time spent handling email.

Outlook is a powerful email application that has only gotten better over time, as have most MS Office programs. And one particularly helpful area of the program is where you set up automation rules. These rules can do automatically, what’s usually done by hand as well as keep you on top of the most important messages.

The Best Automations to Use in Outlook

Anyone can benefit from a helping hand keeping their inbox organized and reducing the time it takes to go through email every day. Here are some Outlook Power Tips to make you a pro at putting together an inbox that organizes itself!

First, here are two ways you can get to the rules panel:

1.    Select File > Manage Rules & Alerts

2.    Right-click on a message and choose Rules

You can create the rule manually or let the Rules Wizard guide you with some templates.

Moving Messages to a Folder Automatically

One of the easiest and most popular automations to use is to move incoming messages to a particular mail folder automatically based upon things like the sender or keywords in the subject line.

This can help you ensure you don’t miss an important email from a client because it’s buried in the middle of a bunch of spam. It’s also a way to save you time from having to manually sort your messages into folders by letting Outlook do it for you.

Just set up a Rule that sets the parameter of how you want the system to identify the message (i.e. from email address or email domain, subject line keywords) and then tell it where to put the emails that match. 

You’ll see that you can also have an alert pop up or play a specific sound based upon the same criteria.

Flag a Message for Follow Up

Have you ever looked through your inbox and found an old message that you meant to follow up on but had completely forgotten about? A flag rule can ensure that doesn’t’ happen again by reminding you about it. 

Click Message > Follow Up

Then choose when you’d like to receive the reminder alert. You can use the Custom dialog box to create a custom description of the follow up action, such as “Check to see if contract has been sent back.” 

You can set flags both for your own messages and for recipients of your messages that also use Outlook. 

Use Quick Steps to Automate Multiple Actions

If you take multiple actions on specific emails, such as forwarding them to a particular department, moving them to a folder, and flagging them for later follow up, Outlook’s Quick Steps can do all those tasks for you.

You can create your own Quick Steps and use some of the template default actions, like:

·      Move a message to a folder and mark as read

·      Move a message to a folder, mark as complete, and mark as read

·      Forward the email to another person

·      Forward the email to multiple people

·      Open a reply window and delete the initial message 

You can access this area in the Home panel, Quick Steps group. 

Apply Categories to Your Messages 

Color-coded categories in Outlook is another way to help organize messages and quickly identify where they fall in your workflow. For example, you might put all invoicing related emails in a “green” category and all immediate problem related ones in a “red” category. 

Once you set up your categories in Outlook, they can be applied automatically by creating a rule. 

You’ll first set up a condition, which can be the importance marked on the email, the email sender, or any other standard parameter. Then you can add in the action to assign it to a specific category. This can also be one of multiple actions set up in Quick Steps.

Are You Fully Utilizing Your Office Applications? 

Often companies are already using great applications, but they’re not using them to their fullest. Brain Stomp can go through a full streamlining of your workflows using the tools you already have to help you get the most out of them. 

Schedule a free office optimization consultation today! Call 260-918-3548 or reach out online.

Since the advent of the digital age, the number of documents created each week in the average office has increased by leaps and bounds. In just the last two years, 90% of the world’s data has been created.

For offices still using paper files, multiple dangers exist, such as physical damage, getting lost or misfiled, or becoming aged and unreadable over the years.

Many offices now struggle with managing both paper and digital files effectively, including:

·     Ensuring they’re safe from unauthorized access

·     Keeping them easy to find when needed

·     Preventing destruction or loss of files

·     Storing them securely in archives for years

There are also multiple workstations and mobile devices used to create and store company files, which makes proper IT management of that data even more complex. The best solution for keeping a handle on all your files is to use a server for centralized storage.

Both on-premise and cloud-based servers give you one central location for file storage, they also enable software that can facilitate backup and recovery. For paper files, those should really be scanned in and converted to digital so all your company’s files can be stored in the same place.

Why Server File Storage is Important

58% of small businesses are not prepared for data loss, and it can cost them dearly. Whether files are lost to accidental deletion, due to a stolen laptop, or a fire or flood, they can significantly impact a company’s bottom line and in some cases cause them to have to close their doors.

When storing files on a server, it’s important to remember to always keep one copy offsite. The best backup plans use both a local on-premise server for backups as well as an offsite cloud server through a 3rdparty provider.

Here are reasons it’s essential to use server storage for your business documents. 

Locate Files Faster

Office professionals spend an average of 4.5 hours per week just looking for files. If you’re not using server storage with search capabilities, you could have employees looking through filing cabinets or searching various hard drives for hours to find a specific document. That’s an inefficient use of time that saps office productivity.

Server storage platforms include keyword search capability that make it easy to instantly find files that are even years old. By having all your office files on the same server, you also ensure nothing is missed if you’re looking for all past customer orders, for example, and can ensure paper orders forms are represented digitally, so everything’s in one central location. 

Protect Your Business from Catastrophic Data Loss

In the case of a natural disaster, fire, or theft at your premises, if you have your files stored on an offsite server, you ensure business continuity. Backup and disaster recovery software can allow you to quickly download lost data to another device that’s internet connected.

 If you’re storing all your files onsite, a single catastrophic even can cause you to lose the copies on your workstations and your entire backup copy.

Save on Storage Costs

Digital file storage is much less expensive than storing paper files in a filing cabinet. Beyond the cost of the paper itself, you have the cost of filing cabinets, folders, and the square footage that those filing cabinets take up. As the years go by, your ability to archive is limited by your physical space.

With your files being stored on a server in digital format, the cost per file is minuscule compared to a paper file. Scaling up as more files are created is as easy as clicking a button. You not only save on the paper and filing costs, you’re also not giving up a portion of your office to storage of paper documents.

Improved Data Security & Compliance

When you have files spread out in filing cabinets and multiple desktop workstations, ensuring that sensitive information that needs to be protected under data privacy rules like HIPAA or PCI, is extremely difficult.

Using centralized server storage for your documents allows you to not only know where they all are, but to also put safeguards in place, such as user privileges and password requirements, that ensure they’re properly protected from being stolen or from unauthorized access 

Allows for Better Visibility

Say your website team is working on your About Us page and they need some older files to fill out your history timeline. If those files are stuffed in a folder in the back of a dusty filing cabinet, they might never find them, or it may take them hours of unproductive time to locate them.

When all your files are digitized and stored electronically on a server, your team has instant access to whatever they need, facilitating their task at hand and ensuring better file visibility to all that need to access them.

Need Help Organizing Your Digital Documents?

If you’re somewhere in between “all digital” and still using folders and filing cabinets, BrainStomp can work with you to put together an organized, easily accessible, and secure server storage system. 

Schedule a free consultation today! Just call us at 260-918-3548 or reach out online.

Passwords have become ingrained into our daily lives. We use them for getting into our personal bank account or social media as well as for multiple work applications each day. 

The average email address is associated with approximately 130 different online logins, so it’s no wonder that most people feel like they have password overload. 

Login credentials are one of the hot commodities on the cyber black market, because they can get criminals into all types of different accounts and allow them to breach a company’s network. Passwords are generally more valuable that just the benefit that can be gained from one account breach, because people typically use the same password for multiple logins.

But as annoying as it is to have to juggle multiple passwords, they’re often the only barrier that’s keeping a network or device from being breached. No matter how good your managed IT security is, if a hacker has a user’s password, they can bypass security and gain access to plant malware or spyware and steal all types of sensitive data.

It can be a constant battle to convey the importance of password security to employees and have them understand the significance of why a particular policy is put into place that might make it slightly harder for them to use their applications. We’ll try to make it a bit easier by providing answers to several common questions asked about password security.

Understanding the Importance of Credential Security 

According to“The 2019 State of Password and Authentication Security Behaviors Report,”51% of survey respondents had experienced a phishing attack, but 57% of them said it did not have any impact on how they managed their passwords.

Passwords seem to be one of those things that everyone knows they need to secure, but unfortunately many people just don’t and fall into the same bad habits of:

·     Using weak passwords

·     Sharing passwords with colleagues

·     Reusing the same password for multiple accounts

·     Not changing passwords regularly

Here are answers to common password security questions that can hopefully illuminate the importance of putting good password management at the top of your data security checklist.

Why does my password have to be so complicated?

The weaker a password is, the easier it is to hack. Cybercriminals have a list of the most common passwords (12345, qwerty, password123, etc.), and too often that’s all they need to break into a corporate network.

Passwords that are too short (less than about 7 characters) and use all lowercase letters, make it easy for a hacker to breach either by guessing or using a software designed to crack a login.

Complicated passwords that are long, use a combination of symbols, numbers, and upper and lowercase letters are much more difficult for a hacker to get past.

Why do I have to change my password so much?

If you keep using the same password for years without changing it, that makes it much more susceptible to being breached. And even if you use a strong password, with data breaches happening more often at large corporations like Target and Marriott, your credentials can easily get exposed, and generally these breaches aren’t found out until months after the fact.

Changing your password regularly can help keep it more secure, especially in the event it’s been exposed in a data breach of a vendor you use. The use of a password manager can help with remembering passwords when they’re changed regularly.

Why is wrong to share my password with a colleague? 

You’re on the road and need to access something at the office, you call in and give a coworker your password so they can access the file you need. What’s so wrong with that? Well, anytime you share your password with someone else, you lose control over its security. 

Even if it’s a trusted friend, they could accidentally leave your password written down on a sticky note on the desk or share it with someone else. Whatever happens on your login is your responsibility, even if it wasn’t you that logged in, so it’s best to never share your password. 

How much does multi-factor authentication (MFA) really help?

You may be wondering if you should use multi-factor authentication (also known as two-factor authentication) or if it’s going to be more hassle than it’s worth. It turns out that MFA significantly increases the security of your logins. 

According to a study by Google, enabling MFA prevented 100% of automated bot attacks that use stolen password lists and 96% of phishing attacks trying to steal passwords. So, using MFA on all your logins is definitely worth the few extra seconds it takes to enter a code sent to you via text message as a second factor of authentication.

How am I supposed to remember a bunch of unique, difficult passwords?

If someone had even 20 different logins (most people use many more than that between home and work) and each of those used what’s considered a strong password and each one used a completely different password, it would be impossible for the average person to remember them all. And especially so if they changed regularly.

The answer is to use a password management application. Not only does it reduce the passwords you have to remember to one, it also can suggest strong passwords when setting up logins and will keep your passwords stored securely in a password vault.

Get a Handle on Your Company’s Password Security

For many companies, their password security is the weakest link in their cybersecurity strategy. Working with BrainStomp, you can put policies into place that will be easy for you and your employees to adopt and keep your data safe.

Schedule a free consultation today! Just call us at 260-918-3548 or reach out online.

It usually starts innocently enough. You’re expecting a shipping email with tracking for a holiday purchase, so you add your personal email to your work PC. Then it just becomes so darn convenient to have a chance to check on your emails during the day you just leave it there.

Or you may work remotely, and instead of having to switch from your work PC when you get off, it’s just easier to make that family photo collage on the same computer. Before you know it, you’ve got personal items in folders throughout your hard drive and may not realize these all are being backed up to a corporate account by your employer’s managed cloud backup.

While it’s often more convenient at the time, using your work PC for personal reasons can be a huge problem for both you and your employer that can come with consequences ranging from the embarrassing to the severe.

 If you’ve ever saved personal files to your work computer, you’ll want to read on to find out why it’s not a good idea and you should probably clean all those personal files off it as soon as possible.

Don’t Mix Work & Personal on Your Work PC 

While many employers will have no trouble recognizing the problem with mixing personal items with your work on your company computer, the person doing it might not realize the risks they’re taking. Following, are several of them.

Personal Photos Ending Up in the Wrong Hands

Once you start using your work computer for personal use and possibly connect your iCloud or OneDrive account that automatically downloads your smartphone photos, you could end up with personal pictures showing up and being seen by your superiors that you wanted to keep private.

The digital world is so automated today that being able to send personal texts from your work PC might have been the reason you added your account in the first place, but that one connection could open the floodgates to automatic syncs of your music, photos, videos, and more.

A Former Employer Could End up Owning Your IP

There was a case mentioned on Quora where an employee used their work laptop for a personal coding project. They parted ways with their employer and started their own company. As their former company was recycling their PC, they found the code that was the basis for the employee’s new company and claimed it as their property because it was made on a computer that they owned. 

After going to court, because the personal code had been created on the former employer’s work computer, they ended up winning and took possession of his business.

If you’re using your work PC to work on any type of personal project from creating a new software idea to designing graphics, technically your employer could claim that work is theirs since you created and saved it on their property.

You Could End Up Downloading a Virus

A phishing email can come into any email inbox, but if your employer has special anti-phishing protection on work emails, but your personal email does not, you could end up accidentally infecting your company’s network due to use of your personal email on a work device.

If you have accounts that are connected to your work PC but not protected by their cybersecurity applications, you’re putting your company at a huge risk of a data breach.

Your Personal Data Could End Up on the Company’s Cloud Backup 

As we noted, using a company PC for personal use generally happens innocently, with just a file or two. But that can quickly snowball into you having multiple personal files in different folders on the hard drive.

Many companies put automated backup software on employee computers to ensure data is safely backed up and recoverable in the event of a data breach, natural disaster or other serious event. That means all your personal items on that hard drive are being backed up as well to the company’s cloud backup system and even if you delete them from your PC, they could still be stored on the cloud service.

You Could Get Fired

Of course, one of the most severe consequences is being fired because it’s found out you’re using your work PC for personal use. Checking personal emails during working hours? Automatic downloads of swimsuit photos taken over the weekend? Unsecure email putting the company’s network at risk? Any of these could be grounds for dismissal. 

It’s better to have a policy where personal and work data do not mix at all on any computers. That not only keeps you and your data protected it also protects your company from a security breach.

Looking for Reliable Workstations or Servers? We Have You Covered!

Employees often like working on their work PCs because they tend to be faster and have more capabilities than consumer computers. If you need help finding anything from routers to PCs, BrainStomp can provide competitive pricing on multiple hardware solutions.

 Contact us today for any hardware needs. Call 260-918-3548 or reach out online.

The average office worker receives about 121 emails per day. These consist of a mix of spam, phishing emails, along with the legitimate ones. That’s a lot of messages to have to sort through on a daily basis.

The sheer volume of email that a person has to go through daily coupled with the sophistication of fake phishing emails can make if easy for someone to accidentally click a malicious link or download a malware-laden attachment.

How many of those 121 emails per day are legitimate? Less than half. According to the “2019 Internet Security Threat Report” by Symantec, 57.5% of the email received in the U.S. is spam. Of that about 16 per month are malicious phishing emails.

If you have just 25 employees, that means there could be 400 chances each month for someone to get fooled into downloading a malware like ransomware into your network and initiating a data breach. 

Many companies turn to modern office IT support and strong anti-spam and anti-phishing applications to help combat the constant influx of dangerous emails into employee inboxes, but the last line of defense is the employee who has to decide whether an email is legitimate or not.

What should you do if you aren’t sure about the legitimacy of an email you received? There are a few strategies you can employ to check out a questionable email before you unintentionally unleash a cyberattack.

Tips for Handling Emails You Aren’t Sure About 

There’s a reason that phishing is the number one method used to deliver malware and malicious scripts designed to hack networks for any number of insidious reasons. It works. 

Phishing uses multiple tactics such as a sense of urgency or offer of a sale to trick users into opening a seemingly innocent Word attachment or clicking a link to a website. Many high-profile data breaches that you hear about in the news are the result of a targeted phishing campaign designed to gain access to an organization’s network (such as the DNC email server hack during the 2016 election).

So how do you know if an email is a trap? Here are things you should do if you receive a questionable email that you’re unsure about. 

Hover Over Any Links to Reveal their URL

An easy way to tell if that “bill” from AT&T is legitimate, is to hover over the link without clicking it to reveal the true URL.

Phishing scammers often spoof legitimate companies, using their logos and signature lines to make their fake emails look like the real thing. But by hovering over the URL, you can see (as in the example below) when a URL does not match the company it’s pretending to be coming from.

Look for Common Phishing Keywords in the Subject Line

There are certain keywords that phishing emails will employ to tug on your emotions to get you to open an email. Be very wary when seeing the following, which are the top keyword’s phishing scammers use according to the Symantec report.

·     Urgent

·     Request

·     Important

·     Payment or Outstanding Payment

·     Attention

·     Info

·     Important Update

·     Attn

·     Transaction

Ask Yourself if the Email is Expected or Not

One tactic hackers use is the promise of a purchase order from someone, but it’s a company you’ve never heard of. Ask yourself if a questionable email is expected. Do you know the company sending it or the sender? Were you expecting a PO from this company? 

Or if the email looks to be from a colleague (accounts are often hacked) ask if the language the person is using matches what you expect from them and double check with them to make sure they really sent it. Any emails out of the ordinary should be questioned. 

Get a Second Opinion

It’s always better to pause and ask for a second opinion rather than click on a virus-laden attachment in a rush. If you have someone that’s computer-savvy at your office or an in-house IT person, ask them before you download or click anything on the email. If you use an IT provider, like BrainStomp, give them a call. We can often tell immediately whether an email is a phishing scam or not.

Look at the Header Source 

If you click to view the header source code of the message, you’ll often find that the sender has a completely different email address than the email purports to be from. Just like when you hover over a URL, the raw source code of the message can often be an indicator or a phishing email.

Run All File Attachments Through a Malware Scanning App

It’s a good rule of thumb to run all email attachments through a malware and virus scanning applications before opening them. One of the most popular document types that phishing scammers use is a .doc (Word document) that most people would think was legitimate. 

The most popular file types for malicious email attachments are: 

·     .doc, .dot (37%)

·     .exe (19.5%)

·     .rtf (14%)

·     .xls, .xlt, .xla (7.2%)

·     .jar (5.6%)

·     .html, .htm (5.5%)

·     .docx (2.3%

Find Solutions That Keep Phishing & Spam Away

The best way to mitigate the dangers of phishing email and anti-productive spam is to use a software that can keep these out of your employee inboxes in the first place. BrainStomp can help you deploy smart cybersecurity solutions to keep your network safe in the face of multiple threats.

Schedule a free security consultation with us today! Call 260-918-3548 or reach out online.

One of the most vital pieces of data security at an office is the system that helps detect and prevent intrusions by viruses, ransomware, and other forms of malware. 

These malicious threats can wreak havoc on a network if it’s not properly protected by managed IT security or other strong antivirus/anti-malware tools. These tools need to be able to not only detect malware that’s been logged in a threat database but also those “Zero-Day” threats that have been just released and aren’t catalogued anywhere yet.

76% of successful attacks on an organization’s endpoints in 2018 were due to zero-day malware.

Most of your older forms of antivirus or anti-malware software worked exclusive off a database of known threats. While this database is still an important component of malware protection, today’s threats go beyond just the known dangers and now email inboxes are being hit with brand new forms of malware not seen before.

So, how do modern cybersecurity protections identify zero-day threats as well as other malicious malware and viruses? Through the use of something called “sandboxing.”

We’ll explore further what sandboxing is and why you want to make sure that any anti-phishing software, antivirus, or anti-malware tool you use includes this technology.

How Does Sandboxing Work?

The term sandboxing comes from childhood memories of playing the sandbox. You were pretty self-contained in there and could basically play in the dirt without messing up anything else outside the sandbox.

Sandboxing when it comes to malicious scripts uses the same concept. The sandbox environment replicates a computer environment, but it’s contained and separate from your own operating system and files. It’s designed to fool a virus, malware, or other type of threat into thinking it’s already made its way past any antivirus defenses, so it will start to “play,” aka do the malicious thing it was designed for, and get caught. 

As anti-malware programs have become more sophisticated, so have the malware and other threats they’re designed to stop. Many of them go into a type of stealth mode meant to get it past the security defenses of a firewall or software, then once it’s in a computer or server, it executes the pre-programmed commands. 

Here are some of the key benefits of sandboxing.

Catches Suspicious Threats Proactively

Phishing is the number one cause of data breaches. Hackers continue to use it because it works and is a fairly cheap way to deliver malware to a single device or entire organization.

When a user accidentally opens a virus-laden attachment, it can infect an entire system or network. 

But, if you have an anti-phishing program with sandboxing capabilities, it proactively checks file attachments by putting them in the sandbox environment, then watching how they act. Any dangerous activity, and the threat is quarantined and eradicated before it had a chance to reach your hard drive.

Is Able to Stop Zero-Day Threats

The sandboxing capabilities of a software are typically combined with advanced protection through artificial intelligence and ability to learn by observing how the threat acts in the environment. 

Since sandboxing uses observed behavior in a safe environment, rather that just checking a database of known threats, it’s able to catch zero-day viruses and malware that can get through other programs simply because their signatures aren’t recognized.

Works Well with Other Security Tools

Sandboxing compliments other securities tools, like firewalls, by sharing the information learned and updating your internal threat matrix with the data provided by the quarantined scripts.  

With this shared knowledge, your entire cybersecurity infrastructure is stronger and able to detect any similar patterns from new threats. 

Can Provide Remote Connection Protections 

When you have employees logging in from a variety of locations and devices, data security becomes even more complex. Sandboxing tools can be configured to collaborate with remote desktop protocol to secure remote connections to the company network from outside the office, boosting the security of your mobile workforce.

New Windows 10 Pro Sandboxing Feature 

If you’re a user of Windows 10 Pro, a handy feature was released in the latest 1903 update that came out at the end of May and was rolled out throughout the summer called Windows Sandbox.

This gives you an isolated, temporary desktop environment to use where you can run software that is untrusted or questionable. The Windows Sandbox is separate from your own files, so you can observe the program without worrying about it impacting your system. Once you complete the sandbox session, all files are permanently deleted automatically.

One note: This does not replace the sandboxing needed in an anti-phishing, antivirus, or anti-malware program, as it’s not built to work with email attachments, etc. like those programs are. However, it is a very useful new feature that will allow you run lesser known software in a safe environment before installing it on your computer.

Does Your Cybersecurity Include Threat Sandboxing?

If you’re unsure whether or not your cybersecurity can catch zero-day threats or protect you through sandboxing, give BrainStomp a call. We can do a complete assessment of your IT security and let you know where you stand. 

Get your security assessment today by calling 260-918-3548 or contacting us online.