Fake Invoice Attacks Are on the Rise - Here’s How to Spot (and Beat) Them
Businesses around the world are being struck with a cyber-attack that sends victims a fake invoice that looks real enough to fool to most employees. It’s an old scam that used to see bills faxed or mailed in, but it’s made its way into the digital world and instances are on the rise.
Chances are you’ve already seen some of the less effective attempts, like an email advising your domain is expiring, except it’s not from your host and your domain is nowhere near expiration. These new attacks are more advanced, in that they look completely legitimate and are often from contractors/suppliers you actually use. Logos are correct, spelling and grammar are spot on, and they might even refer to actual work or invoice numbers. The sender name may also be the normal contact you’d associate with that business, or even a co-worker, as cybercriminals are able to effectively ‘spoof’ real accounts and real people. While it’s worrying that they know enough about your business to wear that disguise so well, a successful attack relies on you not knowing what to look for, or even that fakes are a possibility. With that in mind, here are two types of invoice attacks you might receive:
The Payment Redirect
This style of fake invoice either explicitly states payment should be made to a certain account, perhaps with a friendly note about the new details, or includes a payment link direct to the new account. Your accounts payable person believes they’re doing the right thing by resolving the invoice and unwittingly sends company money offshore. The problem usually isn’t discovered until the real invoice from the real supplier comes in or the transaction is flagged in an audit. Due to the nature of international cybercrime, it’s unlikely you’ll be able to recover the funds even if you catch it quickly.
The Malware Click - Rather than go for the immediate cash grab, this style of attack asks your employee to click a link to download the invoice. The email may even look like the ones normally generated by popular accounting tools like Quickbooks or Xero, making the click seem safe. Once your employee has clicked the link, malware is downloaded that can trigger ransomware or data breaches. While an up-to-date anti-virus should block the attack at that stage, it’s not always guaranteed, especially with new and undiscovered malware. If it does get through, the malware quickly embeds itself deep into your systems, often silently lurking until detected or activated.
How to Stay Safe
Awareness is key to ensuring these types of attacks have no impact on your business. As always, keep your anti-virus and spam filters up to date to minimize the risk of the emails getting through in the first place. Then, consider implementing a simple set of procedures regarding payments.These could include verifying account changes with a phone call (to the number you have on record, not the one in the email), double checking invoices against work orders, appointing a single administrator to restrict access to accounts, or even two-factor authorization for payments. Simple pre-emptive checks like hovering the mouse over any links before clicking and quickly making sure it looks right can also help. Like your own business, your contractors and suppliers are extra careful with their invoicing, so if anything looks off - even in the slightest - hold back on payment/clicking until it’s been reviewed. Fake invoices attacks may be increasing, but that doesn’t mean your business will become a statistic, especially now that you know what’s going on and how you can stop them.
If you're looking for a good anti-virus solution that includes local tech team on hand - try our offer!
Is Your Business Ready for Business-Grade Wi-Fi?
In today’s business world, having great Wi-Fi isn’t a luxury -it’s a necessity. Businesses, with their varying needs, have personal requirements for what constitutes great Wi-Fi. For some small businesses, consumer-grade Wi-Fi may be sufficient, but many find that business-grade Wi-Fi is more appropriate. As companies grow, there becomes a tipping point where business-grade is necessary. So how do you know if your business is ready for business-grade Wi-Fi? Ask yourself the following questions to find out.
How many devices use your Wi-Fi?
It used to be that only desktop computers connected to your Wi-Fi, but that is no longer the case. With the rise of portable devices such as smartphones, tablets, and laptops, each person may be using your Wi-Fi from several devices. Consumer-grade hardware is designed for just a few people (like the amount that live in a single household) but can’t manage larger amounts of users and all of their devices. This is especially true for sustained usage. Remember that your employees aren’t the only people who expect to be able to connect to your Wi-Fi. One of the first things visitors typically do is look for a Wi-Fi network to connect their smartphones to.
What is the size and shape of your workspace?
The number of access points you will need for your Wi-Fi is dependent on the amount of physical space that needs to be covered, the shape of the area, wall material, and the number of users/devices. In smaller spaces, consumer-grade Wi-Fi is good enough. Larger, oddly shaped spaces benefit from business-grade. If your building’s walls are made of brick, cinder blocks, or cement, you likely need more access points than buildings made of other materials. Make sure you have a strong connection from all locations. It’s annoying to only be connected to Wi-Fi in certain areas of a building and find yourself in a deadzone a few steps later.
Access points for business-grade Wi-Fi tend to be more powerful and flexible. For example, some business Wi-Fi systems can transfer Wi-Fi devices from a crowded access point to one that is less busy. By doing this, everybody’s fast speed remains. If you foresee your range needing to increase, such as renting out more space, it’s easier to add more access points to business-grade Wi-Fi than consumer-grade. Businesses that anticipate scaling up soon are better off with business-grade Wi-Fi.
Do you want guests to have the same quality Wi-Fi as workers?
In households, where consumer-grade Wi-Fi is prevalent, all users share the Wi-Fi equally. In a home environment, if children are slowing down the internet with Netflix or video games, it’s not a big problem. However, a choked business Wi-Fi can cause a lot of problems. Business-grade Wi-Fi allows you network management. You can assign a designated amount of bandwidth to different users so they’re unable to clog the entire connection. You can allow visitors internet access without giving them unlimited access to the network.
How much does the internet affect your employees’ productivity?
For some companies, workers only use Wi-Fi for a few quick tasks. With these types of businesses, if the internet is slow, it won’t have a big impact on how much work your employees get done. Consumer-grade Wi-Fi might be a good choice. For other companies, there isn’t much people can accomplish if the Wi-Fi isn’t working well. The slower your employees work, the less money you make. Wi-Fi troubles can also lead to frustrated, unhappy workers. If fast internet is essential for people to complete their daily tasks, business-grade Wi-Fi is important.
Strong Wi-Fi is a necessity for all businesses. This is especially true for larger businesses that connect a lot of devices (from both employees and visitors) and have a big work area. Also for those where employee productivity depends on a strong connection. The goal is to keep your business-critical technology running smoothly. Consider carefully whether consumer-grade Wi-Fi or business-grade Wi-Fi is the best choice for your business. When you ask yourself the questions above, the answer should become clear.
Is your business’s ready for Business-Grade Wi-Fi?
Time to Refresh Your Passwords
We often tend to be creatures of habit, particularly when it comes to technology. Passwords are a prime example. Many of us use the same logins for multiple websites and applications because we don't have a photographic memory. A large percentage of users aren’t aware that this is one of the most significant security dangers they can face online. It has a simple fix too.
Regularly, in the news today, there are stories about major companies being hacked, their customer data stolen, and their customers left stranded. Hackers commonly use data stolen from one site to access others where login credentials have been reused between accounts. In some cases, access to bank accounts has been gained simply by using a compromised email account.
Businesses and individuals can face significant losses simply because a third party outside their control has been hacked or compromised.
The Danger Of Old Passwords
MySpace is a key example of why old and possibly forgotten services pose a security danger when passwords haven't been regularly changed. Once a thriving popular network, the use of MySpace services declined drastically from 2007 onwards. While many people moved to new social networks, old accounts typically remained abandoned on their servers. Hundreds of millions of accounts remained on MySpace servers many years past the firm's peak.
In 2016, MySpace suffered a data leak which exposed usernames, emails, and passwords of 360 million user accounts. Shortly after the hack, these details were published online for anyone to see. Many were used to access email accounts, servers, and accounts that shared the same details.
Even if you have never had a MySpace or social media account personally, how many of your employees or coworkers have one or more? Many have had more social media, forum, or game accounts than they care to remember. Have their passwords been updated since 2016?
Your business network protects your systems, work, and intellectual property. For many firms it's the single most critical component, the backbone to business operations. Keeping it secure regardless of the number of people, staff or clients using it is a crucial task.
Consider how many people currently have access and how many of those may reuse their password on another website or service. Just reusing your password once can expose you to the hacking of a third party entirely out of your control.
Good security practice is to use a unique and strong password for every login you use. A strong password should include, where possible, capital letters, lowercase letters, numbers, and character symbols. Many consider this impractical or even impossible, but it is entirely achievable for every firm.
It is clearly impossible to manually remember a strong password for each one of the dozens of logins needed today. Few would even attempt to. A password manager makes storing, retrieving, and using unique passwords easy.
When using a password manager, an individual is required to remember only one single strong password to access a database which contains a different login password for each service. This database can be synced between multiple devices, saved and backed up to the cloud, and even used to create strong passwords for you.
Password managers can be used to implement security policies that demand zero password reuse, between services or over time, and set strict limits over the duration a password can last. With the right policies in place, both your business and your employees are protected against attacks from hackers that have compromised third-party sites.
The maximum recommended lifetime of a password for any service is a single year. Make the start of the calendar year the time which you refresh your passwords and start new.
:How Refurbished Computers Save You a Bunch (and Get You a Better System)
Refurbished computers are almost like an insider secret - you can get great system specs for a fraction of the price. It’s how many families are meeting their back to school needs and upgrading their old systems, complete with warranty.
There’s one hot tip these people know: a refurb is NOT the same as used. You’re right to avoid those 2nd hand computers you see on Craigslist or Gumtree because there’s a reason that person is selling it! It’s probably slowed to a crawl, making weird noises or flat out broken in a way you’d never discover until too late. Refurbished computers are the complete opposite. They’re computers that have been given a new life, usually with a comprehensive repair, or sometimes they’re brand-new computers that were returned with a small problem like a hard drive failure, so we swap it out and sell it at bargain prices. Occasionally, the computer was even returned simply because the buyer changed their mind, but it’s still essentially brand-new (it might still be in the box!).
Quite often, refurbished computers start their life as business machines, built to the latest specs with business-grade components. When the budget or lease says ‘replace the computers’, that’s what the business does, whether the computers need it or not. There’s nothing wrong with them and they’ve likely been babysat by a corporate IT department who kept them in perfect condition every day. These are great machines that are still plenty fast for home use, both desktops and laptops. Plus, because business-grade components are more durable than the consumer ones, the entire system has been built to last longer and perform better, often up to several years without a problem.
Rather than send these impressive machines to landfill, they are going to be checked and necessary components are going to be replaced and a clean operating system will be re-installed. Next, the machines are going to be put through a stack of verification tests, then packed up ready for their new home. When you talk to us about buying one, we’ll always make sure you get a system that not only keeps up with your needs now, but gives you breathing space for the next few years too.
What are the benefits?
Some people think that refurbished computers are more likely to break, when in truth, in some cases they’re actually more reliable than brand new. Manufacturers have an expected failure rate, a percentage of computers that go straight from the factory to buyers who discover their expensive new system is dead-on-arrival or breaks within weeks. A refurbished computer has already stood the test of time and it performed without missing a beat. By the time it’s gone through our checks and repairs (both required and pre-emptive), a refurbished computer is better than new.
If you need a better computer on a tight budget, let's chat!
Revive Your Slow Computer with an Easy Bottleneck Blitz
Old age creeps up slowly – unless you’re a computer. Then it seems to happen overnight. One day you’re logging in normally and jumping right into the action, the next day booting up takes so long you not only have time to make a cup of coffee, you could have run out to the local café for the good stuff.
This is the stage where many people throw their hands in the air and start wishing for a new computer. Except your computer isn’t broken and doesn’t need replacing, it’s just….slow.
Time-wasting, focus-losing, frustratingly slow.
Like any machine, computers have parts that wear out – particularly if they have moving parts that are in near-constant use.
The hard drive is the #1 cause of speed bottlenecks in most computers.
Traditional hard drives are made up of a stack of round magnetic platters, spinning at up to 7200rpms, while a read/write head on a mechanical arm whizzes back and forth.
Eventually, the platters take longer to spin up, unable to reach full throttle, and the mechanical arm becomes sluggish.
Which leaves you waiting. And waiting…
SSD's Can Give Aging Computers A New Lease on Life
The new era of hard drives is here with Solid State Drives – and they have no moving parts. Zero. They’re actually a lot like your USB stick that continually takes a beating but still performs perfectly.
Making a simple upgrade to SSD can knock minutes (an eternity) off boot time, as well streamlines regular computer operations with rapid fire functionality. They’re:
Shop SSDs on our website.
We aim to provide helpful and easy to understand tech articles.