Posts

Top Security Tips for Safe Emailing

Not a day goes by without another phishing scam hitting the news. For many of us, these are just headlines. For the organizations and individuals affected however, a phishing attack can be disastrous. Phishing emails are increasing in frequency, sophistication and severity. How can you best stay protected?

Email threats

Criminals have realized that in order to steal money or information, you don’t need to rob a bank. A simple email will do the job just fine. Phishing emails have been used to steal huge amounts of money ($12 billion according to the FBI) and are responsible for countless data breaches, credential theft, ransomware attacks and other types of malware deployment.

What’s more, thanks to criminal activity on the Dark Web, it’s not only credit card details that are for sale – now full phishing kits are available, starting at around $25.

Most email threats fall into the following categories:

  • Simple scams
  • Phishing emails
  • Fraudulent emails

Simple scams: these range from the classic “you’ve won a competition” to “we’ve been recording you on your web cam” or “your account’s been compromised”. Generally, these are pretty harmless and easy to spot. They rely on emotions such as fear to trick a user into taking action.

Phishing emails: these are emails that purport to be from legitimate senders, yet are cleverly disguised fakes. They range from sophisticated Business Email Compromise (“BEC”) emails – where a fraudster targets someone specific in an organization pretending to be the CEO, for example – to more general emails pretending to be from Microsoft, Netflix, or any other well known organization.

These emails either get you to click a link or download a file – deploying malware onto your system – or direct a user to a fake website where they enter sensitive information.

Fraudulent emails: a subset of phishing emails, these emails target companies pretending to be from suppliers whose banking details have changed. Money is paid into the new account, and the fraudster rides off into the sunset.

Next, we’ll look at what exactly to look out for so that you don’t fall for any of these.

What to look out for

Here are the most important things to look for when checking if an email is legit:

Sender: start by looking carefully at the sender’s address. Not just who they say they are – but the actual address that the email is coming from. Check for any additional or missing letters (“@microsofts.com”), or even non-English characters that can be used to spoof well-known addresses. A common trick is the use of subdomains – don’t be confused by amazon.xyz.com.

Content: look out for anything that’s made to look urgent. Is the message addressed to you, or is it generic, like “Dear Sir” Mouse-over the links. Do they lead to the real company’s website? Asses what action the email is asking for: anything that requires you to “confirm your account” or “update your payment details” should be met with suspicion.

Be wary of any email that mentions voicemails that are waiting for you, or subscription details that need to be updated.

Advanced – header information: most popular email clients – including Gmail and Microsoft Outlook – let you see the original header information (in Outlook: File / Properties / Internet Headers). For more advanced users, going through these headers can give immediate clues as to whether an email is legitimate.

An important note: when it comes to emails, almost anything can be faked. When it comes to email phishing protection, a specific anti-phishing product is the best way to identify and stop phishing attacks. It’s also really important to stay aware, use a healthy dose of skepticism, and where possible confirm details with a phone call.

Staying Email Safe

By protecting your email, you’re taking a massive step in terms of keeping your entire organization protected against cyber threats.

A winning combination combines awareness, training, and tech-based solutions working together to keep you safe.

If you want to find out more about keeping your organization protected against cyber threats, don’t hesitate to get in touch.

hurricane harvey approaching Texas

Donating Responsibly With Data Protection in Miami

From Houston to Corpus Christi, the effects of Hurricane HarveyDonating Responsibly With Data Protection in Miami were felt over the weekend. Hurricane Harvey has become the first major hurricane to hit the United States since Hurricane Wilma in 2005. Houston recorded record levels of rain as a result of the storm. Homeless shelters are expecting an estimated 30,000 people. Needless to say, the pictures of the damage are heartbreaking. Like every disaster, people feel the need to unite and take action. It’s incredibly understandable if you would like to donate to the victims of the hurricane, or help in any sort of way. Many sources has said that the best way to help, for those outside of Texas, is to give cash. While giving money is an effective way of lending aid to those in need, there are always a group of people who are willing to take advantage of a person’s compassion.

At Nerds Support, we have recently learned that there are fraudulent emails going around from hackers looking to capitalize off hurricane Harvey. Because it is common knowledge that most cyberattacks happen through email, our IT support experts would like to remind you to keep data protection in mind as you read your inboxes in these next few weeks.

Signs of a Potential Cyberattack

Earlier this week, the Department of Homeland Security issued a statement regarding awareness of Hurricane Harvey cyberattacks. You are allowed to view the link here, but our Miami IT support experts have left a list of the most important ways to keep your data protected from email cyberattacks.

  •  Do not follow unsolicited web links in email messages.
    • You should do a web search to make sure the links in your email are real.
  • Use caution when opening email attachments.
  • Keep antivirus and other computer software up-to- date.
    • Refer to the Avoiding Social Engineering and Phishing Attacks page for more information on social engineering attacks.
  • Review the Federal Trade Commission information on Charity Scams.
  • Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.

Finally, if you believe you may become the victim of a cyberattack, you are urged to seek out a data protection plan right away.

How to REALLY Help

Despite those out there looking to donate to their own “charities”, there are still a lot of great, verified organizations that will need your help in the next few weeks.

  • Catholic Charities USA, the official domestic relief agency of the US Catholic Church, is taking donations to provide support for Harvey victims. They are accepting donations through text and through a webpage they created. You can access the page and find more information here.
  • Feeding Texas, the Texas chapter for Feeding America, a network of the state’s food banks, is accepting donations here. Like its parent foundation, Feeding Texas uses their network of food banks to feed the hungry. You can also find a list of food bank locations that might need help here.
  • The Texas Diaper Bank is seeking donations to provide diapers to families that have been displaced due to Hurricane Harvey. The bank has set up an Amazon wishlist for donors who would like to buy diapers for the diaper bank. The bank has also set up an FAQ highlighting the many ways you can donate . You can find both of these on the organization’s facebook page.
  • The Houston Coalition for the Homeless, which helps coordinate shelters and outreach for the city’s vulnerable homeless population, has a paged dedicated to shelters in heavily affected areas. To find out how you can help, click here.
  • Portlight is a local organization that offers relief to the disabled and older adults, has released an announcement asking for support.
  • GlobalGiving, a crowdfunding site, has launched a hurricane relief fund aimed at gathering funds for local nonprofits in the storm-stricken region. You can visit the page, and donate, right here.
  • Heart To Heart International is currently giving out hygiene kits to displaced families and need more donations in order to get more kits. The organization is also giving out water and minor medical care. To donate, click here.
  • Austin Pets Alive! has many stray pets that have lost their owners, to find out how you can help click here.

Give Responsibly

There are many great verified charities out there that are motivated to give to victims of Hurricane Harvey. At Nerds Support, our Miami IT consulting team would like to remind you to do the following before you donate to any type of charity.

  • Verify the charity – Conduct an online research on the charity that is reaching out to you. Make sure they have a website and are active on social media.
  • Stay away from suspicious links –  before you click a link, run an online search on the link name. (i.e. A link like saveharveyvictims.com/donate would require an online search).
  • Make Sure Your Data is Safe – 37% of cyberattacks can be avoided if the computer user stays careful. Only open emails from people you know and immediately delete emails from strangers.