Posts

Be careful with social engineering scams that install malware

Reduce Malware Infections in 7 Steps

7 IT Solutions To Reduce the Risk Of Malware Infections

Friday, June 26 2020 The University of California at San Francisco School of Medicine paid over $1 million to regain access to data after hackers encrypted it with malware.

Situations like this happen all the time. Unfortunately, businesses and institutions across the world have failed to properly prepare for cyberattacks. In many cases it’s a matter of outdated infrastructure and insufficient funding. In other cases, it’s neglect or improper training.

Because of the fact that if your system is infected, you likely won’t be getting your files back unless you pay the ransom, you likely don’t want this to infect your work systems. One of the ways to limit the possibility of this is to educate your employees on how to minimize the chances their systems will be infected. Here are seven practical IT solutions to reduce the risk of malware infections.

1) Watch out For Vulnerabilities

Cyber attackers are using all kinds of technology to exploit networks and systems. One piece of malicious tech they use are exploit kits. Exploit kit, also exploit packs, are programs used to deliver malware to a vulnerable network.

What do I mean by vulnerable? A vulnerability in software is a mistake, or error, in the code. The hacker manipulates the user into visiting a malicious website and if any errors exist in the code of the system, the exploit can be implemented.

Furthermore, exploit kits function in the background making it difficult to determine when you’re experiencing an attack.

Update your operating system, browsers, and plugins. If there’s an update to your computer waiting on queue, don’t let it linger.  Additionally, updates to operating systems, browsers, and plugins are often released to patch any security vulnerabilities discovered.

You can protect yourself from these types of attacks by avoiding links and remembering to update your software. Many of us have the nasty habit of putting off systems updates. The little icon in the corner that reminds us of a new update is often seen as a bother. However, consider the alternative.

These systems updates fix any security vulnerabilities the developers and programmers uncover. There is actually a type of vulnerability called a Zero-Day vulnerability and it happens when hackers exploit undiscovered or unintended vulnerabilities. The malware is actually called zero-day exploits.

This applies to mobile phones as well. Software updates on your phone are meant to strengthen the software and patch any flaws the programmers missed when releasing the software. Software is constantly improving because code is constantly improving.

This explanation in many ways oversimplifies the process but it works for our purposes.

2) Remove Software and Files From your Systems You aren’t using

We’ve all heard of spring cleaning. We look through all the things we have and toss out what we don’t use. If we let things accumulate they create clutter and can create big problems. Well, the same thing applies to software on your devices.

You have to periodically look through all the software on your devices and determine which ones are outdated and which ones are worth keeping. For example, Microsoft no longer releases software updates for Windows 7 and Windows XP. Furthermore, using these applications without support or patch updates puts you in a position to get hacked.

How old are the applications you use? When did you last update them?

Do your homework and find out or someone else will.

3) Be aware of Social Engineering

Cybercriminals spread malware into your systems through social engineering tactics like phishing. There are older, less commons ways too that are worth going over. In some cases, a hacker will place an unlabeled USB in a public place or an office. The idea is that an unsuspecting victim will pick it up, consider it harmless and claim it as their own. This is also a form of social engineering because it still manipulates users into executing a certain action.

There are anti phishing tools you can use like Retruster that protect against fraudulent emails, phishing and ransomware. There are also many plug ins available for free that help users identify malicious links by creating a “safe to click” marker on them.

4) Inspect your Inbox Like Your business depended on it: Because it does.

Understand that the biggest vulnerability your business has walks on two feet. It doesn’t matter how many tools, tips and software updates you have if you fall for a social engineering scam. And it doesn’t just happen to small companies either.

Facebook and Google put together were victim to a payment scam of over $100 million. Between 2013 and 2015 a Lithuanian hacker managed to send each company fake invoices while pretending to be an Asian manufacturer they were in business with.

This is an example of Vishing, a.k.a. voice phishing. Leading to the next point:

5) Always Verify credentials with Cold Callers

Vishing is a bit more difficult to pull off on companies. However, when done correctly it can generate a huge amount of profit for the scammer like I mentioned with Facebook and Google.

Depending on the company you might get a call from someone pretending to be Microsoft. In other cases it’ll be a vendor or a bank checking in. It’s difficult to say in what form these scams will come because the scammers tailor them specifically for a business.

In the case of Facebook and Google, for example, the scammers had to know they two companies were working with that specific vendor.

For your company it will be different according to your specific circumstances. If it isn’t believable then the victim won’t fall for it.

6) Make sure You have a Secure Connection

Whether you’re working in the office or remotely, you need to ensure your connection is secure. If you’re working from home, perhaps you’ll need a VPN to protect your Wi-Fi connection. Additionally, when you’re browsing on the web make sure the website is secure.

7) Use strong passwords with Multi-layer authentication

A large percentage of people reuse the same passwords for the personal and professional logins. It’s time to change that habit. Companies like Google and Apple created password generators that create strong, complex passwords. However, don’t leave it up to google.

If your business doesn’t use multi-layer authentication for access to important documents, files or websites, you’re living in the past. Nerds Support uses multi factor password authentication to ensure whoever is logging in can only do so if they are the right person.

Our systems require a mobile phone confirmation, email confirmation and password confirmation in order to provide access to our systems. That way, if a device gets stolen or a hacker gains access to a password, neither will be enough to access files alone.

Conclusion

Malware attacks are growing. Now that businesses are moving towards remote work, protecting against these types of attacks are more important than ever. Cyber security is not just about the technologies that protect your important data. It’s also about what you are doing to protect your business. It is the first and the last line of defense.

Nerds Support Contact Us Leaderboard

cyber hacker breaches the security of thousands of Canadian CPA firms

CPA Canada Breach Exposes Over 300,000 People

Data Breach in CPA Canada

A breach of CPA Canada exposed the personal data of over 300,000 Canadian accountants and stakeholders.

According to existing reports, the information pertained to the distribution of CPA Magazine. CPA Canada said credit card numbers and passwords were encrypted and not among the exposed data. The cyber criminals accessed CPA Canada members’ contact information on the organization’s website.

Approximately 329,000 individuals were notified of the breach and warned of possible attacks in the future.

It warned members to stay vigilant of possible phishing emails, texts or phone calls that may come as a result of the attack.

Taking Secure Steps

Members of CPA Canada will have to check their emails frequently and be careful not to open any attachments from unsolicited messages.

CPA Canada took steps to secure its systems to secure their site, however the breach could have happened months earlier. As is the case with many breaches, it’s difficult to pinpoint when exactly a breach happens.

The association ties the incident to an alert issued in April about a phishing campaign that requested users to change their CPA Canada password due to a website breach. This is a common way cyber attackers gain access to information.

A similar breach occurred after the launch of Disney Plus. Experts say that hackers sent fraudulent emails asking users to “verify” their passwords so they could be saved and sold on the dark web.

They explain that the emails originated from the IT department where the victim was employed. The emails indicates that the IT department suspected a security issue with the domain cpacanada.ca.

This is Nothing New For CPA’s

Unfortunately, this type of event is too common for accounting firms. In April 2020, the IRS issued warnings to taxpayers and firms to be aware of phishing scams involving the stimulus checks from the CARES Act.

Cyber security experts advise accountants to take even greater care of their data especially when working remotely.

Forcing digitalization has left many firms more vulnerable to attacks than ever. The usual types of phishing attacks are all present only now they’re more frequent. Hackers know that firms that had issues shifting to a remote environment left many digital vulnerabilities exposed.

The IRS itself had struggled with enabling employees to work remotely. Changes to internal systems and readjustments made for enabling remote access leaves gaps for attackers firms might not otherwise have.

Some Firms are More Vulnerable Than Others

CPA Canada reports that all activities are normal for now, but things could have turned out much worse. Accounting firms that neglect their cybersecurity can quickly become the victims of hackers. The moment attackers gain access, they encrypt and freeze data until your firm pays their fee.

Larger firms are safer because they perform frequent audits and have security consultants ready in hand. However, smaller firms might not have the resources and cyber security skills necessary to protect themselves.

These firms still deal with sensitive financial information so they become preferred targets by hackers. It’s much easier for a hacker to attack several small firms than one larger one.

Conversely, firms experience attacks caused by spiteful or careless employees. Performing regular backups is better than doing nothing but there is no guarantee the hacker won’t just keep your data hostage. Paying the ransom doesn’t guarantee an end to the attack either.

How Do you Prepare Against Phishing Attacks?

The best way to prepare for an attack is to do incremental backups and consistently testing those backups. Backups are useless if you can’t restore your systems should something happen.

Working Remotely Adds New Risks

Now that CPA firms are working remotely, they might not have the same resources or security measures they would have in an office setting. Firm employees typically access applications through their secured office desktops. Accessing these same applications on a personal device could mean they are easier to breach even with a VPN.

IF a CPA failed to assess the security measures needed to function remotely it can leave the doors open to a cyber attack that breaches systems quickly.

Compliance is Key

A way smaller firms can avoid scenarios like the one mentioned above is by applying best practices when it comes to IT security. Even if you are a smaller firm with limited IT personnel, there are Managed IT services providers that can supply you with the needed boost in security.

How? By doing what the larger firms are doing, applying best practices to all of your systems. A CPA has to follow strict compliance regulations in order to operate. SOX and FINRA regulations, for example, require regular audits that demonstrate sensitive financial data is kept safe.

The added benefit achieving compliance is that it requires a secure IT infrastructure. By auditing and verifying compliance firm are also checking for cyber vulnerabilities.

Cyber criminals have learned that companies are increasingly more difficult to infiltrate by directly breaking through their security systems. That is why they rely on phishing attacks to go around this problem.

Phishing Attacks Still Happen Because They Still Work

In the case of CPA Canada a phishing scam exposed valuable information. Phishing scams are still the most popular form of cyber attack today. That is because it doesn’t target a network, it targets the user.

Phishing is all about manipulating the target into performing an action. It can be downloading an infected attachment or clicking on a malicious link.

With phishing scams, hackers don’t have to worry about the strength of a firm’s network because no matter how strong the network, it’s only as strong as its most gullible employee.

It can be even worse when added to a remote environment. Having a dedicated team of IT experts available 24/7 improves an employee’s chances of avoiding a phishing attack altogether.

Nerds Support has comprehensive IT solutions that allow our technicians to flag and monitor potential email scams. However, the safest action to take if you have a limited IT team is to send suspicious emails over to your IT department rather than opening them yourself.

CPA Canada has contacted the Canadian Anti-Fraud Center and private authorities to conduct a proper investigation. Only time will tell the ramifications of this breach and how vulnerable those affected really are.

Scammer calls citizen who just collected their stimulus check

How to Stay Protected Against Stimulus Check Scams

Stimulus Check Scams

President Donald Trump signed a Coronavirus Aid plan that would guarantee millions of Americans stimulus checks from the government.

Although many may see this as a positive, there are scammers looking to profit off this plan. Remember there is no sign-up required to receive the stimulus check. The process is automatic for all qualifying Americans.

How Will I Be Contacted?

The IRS always contacts taxpayers through traditional mail. Therefore, if you receive a phone call, email or text message from an “IRS official” stating you need to apply or register, it’s likely a scam.

The treasury department makes it clear on their website: “If you receive calls, emails, or other communications claiming to be from the Treasury Department and offering COVID-19 related grants or stimulus payments in exchange for personal financial information, or an advance fee, or charge of any kind, including the purchase of gift cards, please do not respond.”

How Much Will I Receive?

Americans will receive up to $1200 per person in the coming weeks and parents will receive an additional $500 for each child under 17 years of age.

Furthermore, the IRS clarifies that the agency will post any additional information when it’s available at www.irs.gov/coronavirus.

How Will I Get The Stimulus Check?

Those who file their tax returns electronically and provide the IRS with their bank information will likely get their payments earlier via direct deposit. Some 88% of individual returns were filed electronically in 2018.

Individuals who file their tax returns electronically get their payments earlier through direct deposit.

What if I Don’t Have Direct Deposit?

Those who did not provide the IRS direct deposit information on their 2019 or 2018 tax return will get that opportunity in a new government online portal. This way, citizens won’t have to wait for the check in the mail.

Paper checks are expected to take longer to arrive.

However, details about this online portal have not been released. Until the IRS releases an official web address and further guidance, don’t give out your personal banking information online.

What Types of Scams?

Scammers are taking full advantage of Americans’ financial vulnerability right now.

Details regarding the portal have not been made public, however. So, until the IRS releases more information on the website provided above, don’t give out any personal information.

Scammers target financially vulnerable people the most. The greater the desperation the easier it is to extort and manipulate them.

There have also been reports of fake checks going around. However, if one is informed they have a better chance of not falling victim to these scams.

How Do I Know I’m Being Scammed?

Any and all checks delivered by mail now are scams or fraudulent. It will take the government at least a few weeks to mail out considering the bill was only passed Friday, March 27.

Additionally, any check you receive in the mail that requires online verification or contacting a given number is also fake. Be skeptical of checks for odd amounts of money, specifically checks with a cent amount.

The government stimulus will be for an even amount of money regardless of the amount received.

What Kinds of Scams should I Expect?

Any emails with suspicious links, text messages or even voice messages you receive regarding payment is probably a social engineering scam. If you receive an email that fits the description above, don’t open anything. Simply file a complaint with the FBI or Federal Trade Commission.

This applies to businesses as well. If you are working remotely and find yourself reading an email regarding the stimulus check, contact your IT department immediately. It is always better to be safe than sorry.    

According to CNBC report, coronavirus phishing scams are rising.

The Federal Trade Commission and Federal Deposit Insurance Corp. issued warnings for Americans to be keep aware of cybercriminals who attempt to steal form users with COVID-19 related content.

Scammers work best when they hide behind legitimacy. Therefore, they use headlines, current events, trends and personal information to trick victims into giving up valued information.

Stoking fear and uncertainty is a tried and true method of manipulating a victim. Capitalizing on ignorance is the best method.

Those who don’t keep up with the news or are unclear about the specifics of the stimulus plan passed by President Trump’s administration are likelier to make a mistake than those who aren’t.

What Do These Attacks Look Like?

Scammers launch phishing attacks, through email and text to take advantage of those who have received checks. Often, these messages appear authentic, usually with a call-to-action such as “download our guide to using check” or “Get your money now, click here.”

If you are currently working remotely, contact your fellow employees, team members or IT department to verify any and all emails received. Have a strong cyber security plan in place.  There is strength in numbers and communicating doubts is the best way to deal with uncertainty.

Make sure you have a VoIP system in place to coordinate and communicate with your team, employers, or IT department at all times. This could be Skype, Zoom or any other online communication system.

Hackers are using this time of social distancing and isolation to their advantage, hoping that victims won’t verify the phishing emails they send out.

Having a reliable network of trusted experts or peers is good way to protect yourself from falling into one of these scams.

Phishing Emails - Don't Get Hooked!

social engineering

Spear Phishing

What is spear phishing?

Spear phishing is an email scam targeting a specific individual, business or organizations. It’s like a standard phishing scam except the emails are personalized to target one group or person.

Cyber criminals use these types of attacks with the intention of accessing and selling confidential data to governments and private organizations.

The cyber criminals use individualized methods of social engineering to create a sense of legitimacy to the email. The objective of social engineering is to get anyone from a company or government agency to open a malicious link or visit a virus ridden website.

At that point the cyber criminals can steal the data they need in order to critically affect the target’s networks.

Spear Phishing Could Cost Millions

The city of Naples, Florida lost $700,000 in a spear phishing attack on Monday, August 5.

The money was sent to a fake bank account provided by an attacker posing as a Wright Construction Group representative contracted to work on an infrastructure project in downtown Naples, according to one of their news releases.

The city manager Charles Chapman said the cyber attack was an isolated incident and did not affect their data systems.

Other cities throughout Florida were also targeted in cyber attacks.

How Spear Phishing Works

Phishing and social engineering in general is increasingly becoming a popular method of hacking for cyber criminals, however spear phishing is particularly difficult to detect because they’re designed to appear legitimate and safe. It’s the same with counterfeit dollar bills. The more advanced the counterfeit is, the harder it is to recognize it as fraudulent or fake.
In a spear phishing attack, the hacker gets specific information about their victim to create a sense of trust and security. Like the cyber criminal in Naples who used the information concerning the contract between the city and Wright construction group to his or her advantage. They usually acquire this information through internet research, a previous phishing attempt, maybe a hacked account from within the organization and even social media.

Typical phishing attempts will ask you give some personal information. Sometimes hackers ask for a phone number, other times a credit card or bank account number. Spear phishing attempts follow a similar strategy only more specific. You might be manipulated to click on a link that downloads malware or led to a site that asks for a password or a social security number.

Whaling

There are other forms of spear phishing called “whaling”. Whaling involves targeting institutions posing as a company executive requesting an employee wire money to an account belonging to the hacker. The Naples attack is a modified version of whaling. Instead of posing as the CEO of Wright Construction Group targeting an employee, the cyber criminal posed as a representative of the company targeting one of its clients.

Like phishing, a successful whaling attempt involves coercing someone with a high profile or reputation. The intention can vary but it’s usually all about money. This could mean initiating a wire transfer as in the Naples case or installing malware that infects company servers and steals sensitive data.

Targets of whaling are executives, department heads, spokespeople. This means that they likely have information available to the public that other targets might not. Having importance within a company or an industry means that person is in the public eye. This might limit the pool of targets, but it also raises the reward.

Threats to Businesses

Because of what we’ve mentioned above, spear phishing is not only among the most common types of cyber-attacks, but probably the most dangerous. Most phishing attacks try to cast a wide net, hoping that a handful of email recipients unknowingly give them access to their business and data. All it takes is one person to click and the entire enterprise is at the mercy of a cyber criminal.

Phishing Email Statistics

The Naples example coupled with these statistics are indicative of how effective phishing scams are. It’s important to be aware of how volatile one of these attacks can be and prepare your business against them.

Red Flags of Phishing

The important thing is to avoid clicking on anything until you know what it is and who it’s from with certainty. If someone you know shares a link or a document with you and it’s out of the ordinary that’s a sign it may be malicious.

If the email has a strange address with too many numbers or letters, it’s probably a phishing scam. Another give-a-way is the vernacular contained in the email.

Here’s an example: Let’s say you live in the US and you receive an email from your boss who also lives in the US and was raised in the US. If the email says something like, “Hey, I need you to run some errands for me this afternoon. Send me your mobile.” Mobile is a phrase commonly used in the UK not in the US and could be an indicator of a fake email. A lot of the time cyber attacks will overlook these small but telling details.

This requires a bit of deduction on your part, but if you’re familiar with the person who allegedly sent the email, then it should use this as a way of catching any abnormalities in their word-usage. A little research goes a long way also. If you’re receiving an email from a company, look it up and message them. If things don’t check out, report it through your email provider like Google or Outlook.

When successfully  identifying an email as a phishing scam, alert anyone and everyone in your department. Raise awareness with as many people you can. This puts people in high alert and makes it less likely they fall for the same trick.

Protect Yourself

Phishing and spear phishing specifically might be difficult to spot, but that doesn’t mean you’re helpless against it.
Training employees and raising awareness is the first line of defense against phishing attacks. And with spear phishing becoming more selective, training should expand to clients, vendors and upper management.

Training

Just as we saw with the Naples attack, cyber-attacks are becoming more ingenious and varied. The city of Naples was a client of a construction company and rather than target the company, they targeted the vulnerable client. While employees might protect themselves from phishing attacks by implementing measures put in place by internal IT or a cloud provider, clients might not have these same advantages.

There needs to be a comprehensive training curriculum focused on educating as many people within an industry. Whether it’s clients of a financial firm or the firm itself, for example, there’s no telling who a hacker will target.

Mock tests

Simulating a phishing attack is a helpful tool to assess how employees behave under those circumstances. This would also help in gauging how aware your employees are of phishing attempts.
Spam filters: Once upon a time, spam was just annoying inconveniences that at worst lowered productivity. Now, spam is a useful tool for cyber attackers to target potential victims. Luckily, most spam filters work, and most companies have one.

Be aware of the kinds of information shared on social media. Useful details like birthdays and favorite activities can be found easily in today’s social media culture. Upcoming events can also be used to make spear phishing emails seem more legitimate. Be weary during a big conference or networking event of any strange requests in your inbox.

The Cloud

Cloud service providers often provide the protection and security to prevent a successful spear phishing attack. Nerds Support, for example, advises all its partners to send in any suspicious emails they receive to be analyzed and verified as safe to open. This is a simple technique that comes a long way in safeguarding against these kinds of attacks.
Going back to two factor authentication for a moment,

If an organization moves to the cloud, phishing risks must also be considered. If your company is using a public cloud, you’re accessing any and all relevant applications through the internet. Phishing is most successful when the apps are exposed to the internet, which is standard for a public cloud.

Private cloud hosted apps, like Nerd Support’s have the added security of a VPN (Virtual Private Network). VPN’s simply allow you to establish a secure connection with another network over the internet. However, hacker can always try and find the URL of a cloud service. That allows them to execute targeted phishing attacks on employees of the company.

Two-Factor Authentication

One of the best ways to fight against phishing attacks is a two-factor authentication. This is when you log in and the app or site requires you to log in through another device or apply another password. People see this usually with social media. Instagram and Facebook sometimes ask you to input a code sent to your phone or email. If a user inside a company is compromised in a phishing attack, the attacker won’t be able to access the organization’s IT if the second factor is constantly changing.

Two-factor authentication isn’t typical of most cloud services. Nerds Support offers this feature when you adopt its cloud system but it’s one of few exceptions. Dropbox is another cloud-based h

osting service that adopted a two-factor authentication.

We’re here to help

At the end of the day, its about adopting culture of verification and caution. Nothing is sacred to cyber attackers. They will exploit personal information that appeals to your emotions or they will use a recent tragedy in the news to increase the chances that you “donate” to their cause.

Calling and investigating the sender before replying, double checking with colleagues, making sure that no one is isolated or left out of the loop are all things that make a huge difference.

Hopefully you’ve learned enough to recognize a potential spear phishing attempt so that Naples story doesn’t turn into your own.

To learn more about cyber attacks, phishing and social engineering visit the Nerds Support website or feel free to call and we’ll be happy to answer any questions. Also, check out our video on tips against phishing right here.

If you need any help making your company  safer, feel free to fill out the form here or call us at 305-551-2009.

A business owner trying to secure their business

Why Cloud Security is Better for Your Business

In May 2017, there was a massive, worldwide ransomware attack known as WannaCry that targeted computers running on Microsoft Windows operating system. Organizations that had not installed the Microsoft security updates were affected by the attack.

 If you’re reading this thinking, “That’ll never happen to me or my business,” you’re not alone, but you’re likely to be wrong. Malware attacks are becoming more frequent.   85% of all attachments emailed daily are harmful according to Cyber Defense Magazine. The same magazine states the expected cost of online crime is $6 trillion by 2021. Moving your IT to the cloud may seem laborious and intimidating, but it’s actually the best thing you could do in today’s era of tech-dependence. Your business has the most chances at growth and security with the cloud.

Here are a few reasons why:

1.You are not an IT security expert

You’re running a business; there’s no way you should be expected to keep up with all the new IT security threats that are coming out on a seemingly daily basis. Cloud services providers, like Nerds Support, however, have both the resources and expertise necessary to keep up with new threats. They’re exposed to a huge range of vulnerabilities and threats because they protect businesses daily.

Nerds Support works on all IT related matters exclusively. Giving you periodic updates and staying vigilant of any discrepancies or anomalies within your system. This means they can spot systemic issues that may affect your business long before you can.

2. You can’t stay focused on IT Security around the clock

 To ensure that your business is secure, you need to monitor and manage your IT security at all times. This requires important resources and a budget. Nerds Support’s team monitors, manages and responds 24/7, ready and willing to protect your business from criminal hackers and toxic viruses.

Your data stays encrypted when you transition to a cloud-based infrastructure. It’s how we keep your information safe in transit and storage so that even if it is somehow accessed or acquired by some malicious third party, it’s unreadable. With the cloud you’re always protected by advanced levels of security.

3. You probably don’t have a “Business Continuity Plan

Protecting your data from a cyber-attack is just one way the cloud can be of great value to a business owner. However, another frequent issue that you have to be aware of is network downtime. If your IT is on-premises, the resilience of your network is only as good as the robustness of your server. If this is compromised, damaged or destroyed, your system goes down. If you have on-site infrastructure, the fortitude of your network is highly reliant on your server, and, therefore, vulnerable. If your server is damaged destroyed or compromised in any way, your system will go down.

Cloud service providers, like Nerds Support, don’t rely on one server alone. They have a host of back-up systems both on and off-site, all protected by the most robust network and security available. If a server goes down it gets switched to another server and your business can continue uninterrupted. This allows you the flexibility to do something called ‘virtualize’ your IT infrastructure in the cloud. You can generate multiple copies of your applications, files and even desktops, storing the original in a separate and secure location.

Learn more about the cloud here

Download our FREE E-Book to grow your business with IT Services

Get Your Copy Today!
  • We respect your privacy. We'll NEVER sell, rent or share your email address.