Are You Sick of Ongoing IT Issues?

Like a persistent cough or muscle strain that won’t go away, many IT issues prove ongoing. Every time they come back you think about getting an expert’s opinion. Then, the cough fades, you can walk freely again, or your computers are back up and running. You keep on going. Until the next time. If you’re sick of ongoing issues with your IT, look to a Managed Service Provider (MSP) for help.
There are many IT ailments that can negatively impact your ability to do work. Let’s consider some of the particularly common ones, and why an MSP is the right prescription.

#1 Network and Internet issues.
Business is done online these days. Not being able to connect to the network and slow connections are frustrating. Without the Internet, how can you do your job? You can’t even check and send emails! Let alone access team documents or enter data into cloud-based accounting software. A lagging network also slows down application and data loading time. It may only be a few moments of thumb twiddling. But add that up over several times a day and multiple by employees. You’re looking at a decrease in productivity that adds up.
An MSP has the know-how to survey the IT environment for what's causing these frustrations. When there’s a problem, they’re at the ready to resolve it and help improve reliability.

#2 Repeated malware infections.
This can mean a couple of things. First, you don’t have effective system and application protections in place. These attacks shouldn’t be able to make it through the door in the first place. With the right firewalls, anti-spam, and protections, you should be able to keep your system on lock down. You don’t have to do this yourself. Your internal IT team has a lot to manage and monitor. Gain expert backup with an MSP reviewing your security protocols to keep the bad guys at bay.
Secondly, educate employees about the dangers of social engineering. Don’t let them keep falling for the pretexts and downloading malicious files. Also, ensure passwords are strong enough to avoid adding another point of entry. 

#3 Printing problems.
Many businesses are printing less today, but we’re not done with hard copies entirely. So, when a printer starts whirring, spinning endlessly, or can’t connect, efficiency halts. Know that printers sold at big box stores are consumer grade quality. Avoid printer frustrations with solid business-class printers (which your MSP can identify).

#4 Application overload.
Maybe some of your employees prefer Dropbox. Others rely on their free Gmail accounts. This hodgepodge of options can cause chaos. Staff have difficulty remembering the passwords to all of the accounts they need. So, they simplify, and that makes their accounts more hackable. 
Upgrading to business-grade versions of important applications is easier with an MSP. They'll help identify the software that best addresses your business needs.

#5 Aging technology.
You’ve had your current computers for ages. They are slower than you’d like, but you don’t have the time to look for something else. Plus, you can’t imagine having to learn something new. You’re too busy. But aging tech is more likely to fail, which could prove catastrophic if you don’t have the right systems backup.
MSPs know IT. Based on your individual business needs, they can suggest a plan of attack to update the IT and keep it secure. They can also provide backup strategies to prepare for the worst and recover quickly.
Basically, a managed service provider has your back when it comes to IT. Work with experts who focus on technology day in and day out. You’ll typically save money and gain time to spend innovating in your field.
​
Gain a competitive advantage with the support of an MSP. Check Pro+Tech today!

A single click can be the difference between maintaining data security and suffering massive financial losses. From the moment just one employee takes the bait in a phishing email, your business is vulnerable to data breaches and extensive downtime.

Quickly spot the red flags and put phishing emails where they belong:

1. Poor spelling and grammar
While occasional typos happen to even the best of us, an email filled with errors is a clear warning sign. Most companies push their campaigns through multiple review stages where errors are blitzed and language is refined. Unlikely errors throughout the entire message indicate that the same level of care was not taken, and therefore the message is likely fraudulent.

2. An offer too good to be true
Free items or a lottery win sure sound great, but when the offer comes out of nowhere and with no catch? There’s definitely cause for concern. Take care not to get carried away and click without investigating deeper.

3. Random sender who knows too much
Phishing has advanced in recent years to include ‘spear phishing’, which is an email or offer designed especially for your business. Culprits take details from your public channels, such as a recent function or award, and then use it against you. The only clues? The sender is unknown – they weren’t at the event or involved in any way. Take a moment to see if their story checks out.

4. The URL or email address is not quite right
One of the most effective techniques used in phishing emails is to use domains which sound almost right. For example, [microsoft.info.com] or [pay-pal.com]
Hover over the link with your mouse and review where it will take you. If it doesn’t look right, or is completely different from the link text, send that email to the bin.

5. It asks for personal, financial or business details
Alarm bells should ring when a message contains a request for personal, business or financial information.  If you believe there may be a genuine issue, you can initiate a check using established, trusted channels.
While education is the best way to ensure phishing emails are unsuccessful, a robust spam filter and solid anti-virus system provide peace of mind that your business has the best protection available.

Why Do People Create Viruses?

You’d be right in thinking it’s hard to program a computer virus that can spread across the world in a flash - we’re talking days of constant desk-jockey nerd-work.  So why do they bother? Well, it generally comes down to 3 reasons: Money, showing off their skill, or to simply being a jerk. While showing off or being a jerk is pretty self-explanatory, the money side is fascinating.
Here’s how people are making money with computer viruses:

Bank account theft: Virus creators are more than happy to help themselves to your bank details, sneaking in to grab your login details or credit card info. They can either transfer your funds away or use your credit card details to go on a shopping spree. Sometimes they’ll leave the fun to another person though, and simply sell your details to the highest bidder.

Ransomware: Rather than a financial snatch and grab, sometimes a virus will encrypt your files and demand money for the unlock code. Without a true backup plan in place beforehand, you’re at their mercy. You’ll be given very helpful information on how to pay, plus a firm deadline before your files are destroyed permanently.

Ad swappers: A cheeky technique, this is when they create a virus that either puts annoying ads on websites you visit, or places affiliate codes on pages so that when you buy something legitimately – eg, from Amazon – they get a percentage as a ‘referral fee’. Their kickback doesn’t make your purchase cost more and you may not even know you’re supporting their activities.

Bitcoin mining: You might have heard of digital currencies being used for payment, but did you know you can also earn them with your computer processing power? Unfortunately, ‘renting’ out your computer’s processing power means paying more in running costs than you’d make – unless you were very clever and sneaky, and used a virus to rent out other people’s computers.

Botnets: Certain infected computers can be remotely controlled to do whatever the virus creator wants. In this case, they’ll usually set the infected bot computers to overwhelm a target web server, like an e-commerce store. Sometimes it’s done as revenge, but more often it’s blackmail. The ‘Botmaster’ says “pay me thousands of dollars or I’ll crash your site during the biggest shopping day of the year.”

Account stealing: Subscription accounts like Netflix and Hulu are often hijacked, leaving you to pay the bill for someone else’s entertainment. But sometimes, virus creators go one step further with online gaming accounts. All those digital items that you fought so hard for (special clothing, weapons etc.) can carry real world value and be stolen from your account and sold on a black market. Yes, that’s cheating!

If you're worrying about your protection online, make sure to check out our Pro+Tech Managed Services.

5 Ways Managed Services Can Grow Your Business

Managed Service Providers (MSPs) help businesses take a proactive approach to managing their technology without the expensive step of hiring an in-house team. Your MSP is essentially a collection of niche technology experts working behind the scenes to keep your data safe, generate solutions to IT problems and keep your software updated. Even larger businesses who already have an IT person will often call in an MSP when daily support becomes overwhelming or a specific certification is required.

Let’s explore 5 specific business breakthroughs an MSP can give you:

1. It’s extremely cost-effective:  There’s only so much in the budget for IT and responding to events on a break/fix basis will quickly exhaust your accounts.
An MSP works by getting ahead of problems before they occur – making equipment last longer, defending against costly security breaches and keeping the business up and running. Instead of calling for a repair at a high hourly rate, you get a wide array of expert services for one predictable monthly fee.

2. You have access to multiple experts: Businesses usually end up adding extra tasks to an unqualified but enthusiastic employee’s workload, resulting in costly problems. With MSPs, you have access to many people who are experts in very specific areas, and your existing staff can focus on tasks within their job description.

3. Speedy problem resolution: Downtime and business don’t mix, so your MSP will provide a reliable expert on call (usually with 24/7 options) to troubleshoot and resolve any problems. Much of the time, you can also skip the delay of an on-site repair with rapid remote support available in just moments.

4. Fewer problems: A large part of your MSPs service is fixing problems before they happen. While fixing things as they break isn’t the worst approach to IT management, it generally means you’re also suffering productivity losses, downtime and losing money by the second.
Your MSPs primary goal is to ensure these problems are avoided completely, through system monitoring and robust security measures. They’ll also make sure every important software update and security patch is applied immediately, closing breach points and keeping your business safe.

5. Shared responsibilities: As your business grows, so will your IT systems. A good MSP is on top of what your future needs will look like and knows which products and infrastructure are suitable to help you get there. Your MSP doesn’t just monitor your system and repair as required; they share responsibility for your system. This means measuring, reporting, analyzing and optimizing, working with you to introduce new technologies and processes.

Depending on your level of contracted services, your MSP can actually become a catalyst for growth.

Sounds good, doesn’t it? With managed services, your business always has the maximum security against threats, downtime and productivity drops. But for the savvy business owner, it’s also a way you can afford to leverage cutting-edge technologies, with complete peace of mind and ongoing support.

Boost your business with managed services. Check out our Pro+Tech!

​
Why Managed Services Will Save You More Than Money

“Downtime costs money.”
That’s no secret, but it doesn’t quite capture the whole experience…you arrive to work in the morning, grab your coffee knowing you’ve got a hectic day ahead, and are ready to dive in.
For some reason your computer can’t access the database and neither can anyone else’s. You restart the server while fielding calls left, right and center, but are unable to answer any client queries. Your hands are completely tied…and now the server is beeping furiously…what’s going on??!
You’re not just in crisis mode, you’re on damage control as you call every tech you can think of, trying to find one who can come NOW.
Not exactly the day you had planned.

The Break/Fix Days Are Gone

Previously, businesses only addressed their IT needs when something broke. A few hours down meant little in the scope of things. In today’s fast world, businesses rely heavily on IT and downtime just isn’t an option. Even the legalities of simply restoring financial, legal or medical files after a breach raises issues.
The cost of break/fix is now too high, both financially and emotionally.
Simply put, your IT services are remotely monitored and proactively managed by a professional, external business. Your Managed Service Provider (MSP) runs regular diagnostics on equipment to identify impending failure and resolves problems before they happen.

Benefits of Managed Services

Small to medium businesses in particular benefit from managed services, because they don’t usually have an on-site technician to oversee the multiple systems in use. By subscribing to a managed service provider, businesses can have reduced labor costs, access to a knowledge base, future-pacing, better data security and reduced downtime. Businesses can also know exactly what their upcoming costs are and plan accordingly.

Some of the managed services we can provide are:

Remote support – This allows us to help you quickly without needing to be on-site.
Hardware monitoring – We monitor your servers and workstations to catch hardware failures before they happen.
Managed anti-virus – We make sure your anti-virus is up to date and take immediate action if an infection occurs.
Patch management – We make sure your computer’s operating system is up to date, closing access to known vulnerabilities as soon as possible.


Are you interested in giving a managed service a go? Check out Pro+Tech provided by us, your local Small Town Tech folks! 

​

You’ll know if you’re a victim of ransomware. Often you’re met with a red screen telling you your business files are encrypted. You won’t be able to do anything on the computer, although the cybercriminals will provide helpful instructions for how to pay up. How nice. Here’s what to do instead if you’re the victim of a ransomware attack.
Cybersecurity Ventures predicts ransomware will impact businesses every 11 seconds in 2021. Yes, you read that right. That’s up from every 14 seconds in 2019. Another research company reported ransomware increasing 485% year-over-year in 2020.
Know that it’s widely considered a bad idea to pay the ransom, because you’re rewarding the cybercriminal. Plus, you can’t even be sure that they will provide the encryption key needed to regain the use of your files. What! You were going to trust the bad guys?

The Important First Step
The first thing you’ll want to do is make it all go away. Yet wishful thinking is not going to get the job done. Instead, you’re going to have to turn immediately to your disaster response plan, because, of course, you have one of those already. Really, don't underestimate the value of planning in advance for IT infrastructure compromise. Doing it proactively means calm, considered decisions rather than reacting in a crisis.
Step one is going to be identifying the systems involved and isolating them. Once you detect a compromise, limit the spread of infection by disconnecting the devices affected. Ideally, you take only a few computers offline or disconnect an individual network. Even in a large-scale compromise, remove all affected devices from the network to contain the malware.
As part of the isolation, don’t forget to disconnect any connected devices such as storage drives. The ransomware infection will even seek out USB thumb drives.
Power down only the affected devices if you are unable to disconnect them from the network. Why? Because turning them off means you might lose potential evidence.
Malicious actors may be monitoring your business communications. So, move offline to coordinate your response. Phone calls or text messaging will work, or personal email accounts.
Don’t attempt to restore critical systems until you have identified and isolated. After that, your business can move into triage mode. Prioritize what to restore, and recover using your data backup (again, of course, you have one of those, too). Consider how critical each system is for health and safety and revenue generation. Then, get to work restoring systems in an efficient, organized fashion.

Minimizing Ransomware Risk
Ransomware is a major threat to every business sector, and you don’t want to become the next victim. Common best practices include:

• preventing an attack with anti-virus and anti-malware tools;
• installing email filters to keep phishing emails from reaching your employees;
• making frequent backups and keeping them separate from your network;
• keeping up with ransomware and other cybersecurity threats.

Businesses that partner with a managed services provider have someone supporting their efforts to cut ransomware risk. Plus, if the worst happens, the MSP’s IT experts are at the ready to identify and isolate. They can find the samples needed, determine the malware strain you are dealing with, and report the attack.
Your data backup should have recent copies of all information up to (or close to) the time of infection. So, once the MSP has removed all ransomware, they will wipe your systems and storage devices. They can swiftly reformat the hard disks and reinstall everything from scratch.

An MSP can help you plan ahead to contain the damage from a cyberattack. Let our IT experts install best practices, set up safe backups, and track activity on your network. Sign up for Pro+Tech today!

Time to Refresh Your Passwords

We often tend to be creatures of habit, particularly when it comes to technology.  Passwords are a prime example.  Many of us use the same logins for multiple websites and applications because we don't have a photographic memory.  A large percentage of users aren’t aware that this is one of the most significant security dangers they can face online.  It has a simple fix too.
Regularly, in the news today, there are stories about major companies being hacked, their customer data stolen, and their customers left stranded.  Hackers commonly use data stolen from one site to access others where login credentials have been reused between accounts.  In some cases, access to bank accounts has been gained simply by using a compromised email account.
Businesses and individuals can face significant losses simply because a third party outside their control has been hacked or compromised.

The Danger Of Old Passwords
MySpace is a key example of why old and possibly forgotten services pose a security danger when passwords haven't been regularly changed.  Once a thriving popular network, the use of MySpace services declined drastically from 2007 onwards.  While many people moved to new social networks, old accounts typically remained abandoned on their servers.  Hundreds of millions of accounts remained on MySpace servers many years past the firm's peak.
In 2016, MySpace suffered a data leak which exposed usernames, emails, and passwords of 360 million user accounts.  Shortly after the hack, these details were published online for anyone to see.  Many were used to access email accounts, servers, and accounts that shared the same details.

Shared Responsibility
Even if you have never had a MySpace or social media account personally, how many of your employees or coworkers have one or more?  Many have had more social media, forum, or game accounts than they care to remember.  Have their passwords been updated since 2016?
Your business network protects your systems, work, and intellectual property.  For many firms it's the single most critical component, the backbone to business operations.  Keeping it secure regardless of the number of people, staff or clients using it is a crucial task.
Consider how many people currently have access and how many of those may reuse their password on another website or service.  Just reusing your password once can expose you to the hacking of a third party entirely out of your control.

Password Management
Good security practice is to use a unique and strong password for every login you use.  A strong password should include, where possible, capital letters, lowercase letters, numbers, and character symbols.  Many consider this impractical or even impossible, but it is entirely achievable for every firm.
It is clearly impossible to manually remember a strong password for each one of the dozens of logins needed today.  Few would even attempt to.  A password manager makes storing, retrieving, and using unique passwords easy.
When using a password manager, an individual is required to remember only one single strong password to access a database which contains a different login password for each service.  This database can be synced between multiple devices, saved and backed up to the cloud, and even used to create strong passwords for you.
​
Strong Protection
Password managers can be used to implement security policies that demand zero password reuse, between services or over time, and set strict limits over the duration a password can last.  With the right policies in place, both your business and your employees are protected against attacks from hackers that have compromised third-party sites.
The maximum recommended lifetime of a password for any service is a single year.  Make the start of the calendar year the time which you refresh your passwords and start new.

How to Stay Safe While Being Social
​
People happily share their private information online, building robust libraries that can easily become a one-stop goldmine for fraudsters.

It’s not exactly the intention everyone has when they sign up, as the whole point of Facebook is to share your life with your friends. It hooks us into a global community and the experience does depend on us making certain privacy sacrifices.
So how do you balance being social with staying safe?

On Facebook alone, the average person shares 13 pieces of personal information ranging from a fairly innocent name/email combo, all the way to mothers maiden name and home address.

It doesn’t sound like a lot, but those 13 pieces have the power to unravel your life within minutes.

Even checking in at home or a favorite location has become the norm, helping to create a multi-dimensional online identity. The details are available to anyone who cares to look, whether they’re a friend keeping in the loop, or someone with a much darker agenda.

The problem is, you just don’t know who’s looking at your profile or why.

For example, someone could try accessing your email account by clicking the ‘Forgot password’ link. The email service follows its security rules and asks identifying questions like ‘which high school did you go to? What is your pet’s name?’

Unfortunately, the most common identifying checks and answers are probably available on Facebook.
Once your email address is compromised, hackers can use that to break into other services and go through, clicking ‘Reset Password’ on site after site, account after account – they have full access to your email, so there’s nothing stopping them from emptying your bank accounts – or worse.


7 Ways To Secure Your Facebook Without Missing Out on the Fun
​

• Begin by previewing your profile as others see it
• Review what should and should not be visible to strangers
• Consider only sharing partial details, like birth day and month, but not the year
• Only ever ‘Friend’ people you know and trust
• Be wary of duplicate or ‘odd’ friend behaviour – hackers will often clone or hack a friend’s profile and initiate an urgent and uncharacteristic request for money
• Update your past privacy settings too
• Set default future sharing to ‘friends only’

​Ever seen a thriller in which someone asks, “is this a secure line?” The good guys or villains want to be sure their conversations can’t be overhead. When you get a VPN to connect to the Internet, you’re signing up for the online equivalent of a secure line.

VPN stands for virtual private network. Put simply, a VPN connects your computer, smartphone, or tablet to a shared or public network as if you're connecting to a private network. Banks, governments, and companies use VPNs to connect to their networks remotely. Now, it’s becoming more common for the general public to use VPNs. After all, we’re doing online shopping or banking and exchanging sensitive data. We don’t want others to be able to access or track what we do online.

A VPN is an encrypted connection to the internet. It’s your own secure and private internet connection that you can take with you outside of your home.

Benefits of a VPN
There are many advantages to having a VPN. For instance, your VPN also encrypts your online activity. Every internet user has a unique IP address assigned by their internet provider. It’s sort of the technological equivalent of your fingerprint.

​When you connect to the internet using a VPN, your IP address is masked. The address used is that of your VPN provider. So, you look like them rather than your home connection. You might think of the VPN as wearing gloves that prevent you from leaving fingerprints when you move around online.
Your search history isn't logged. You don’t have to worry about bad actors or advertisers tracking your activity. If you want to check social media at work or on a school campus that blocks certain sites, your VPN lets you do so.
You can use the VPN to access a business network securely, too. So, you can use the technology to be more efficient when working remotely.

A VPN can also help you avoid geo-blocking. What’s geo-blocking? It’s a technology that restricts your access to services based on your location. For example, if you were trying to stream a Netflix show from your home country from overseas, you would be geo-blocked. But if Netflix can’t see you’re out of the country, it will let you in to catch up on your favorites.
You could also save money. When your location isn’t known, you can benefit from price disparities – the cost for the same product varies in different regions. The wealthier areas are charged more because sellers can get away with the price markup.

Who can use a VPN?

​Anyone can connect to a VPN. You can connect your computers, phones, or tablets to a VPN. It’s a flexible solution that doesn’t need you to switch internet provider or buy any new equipment.
You can also work with a VPN provider. Some are free, but paid VPN providers tend to offer proven security and greater networking speeds.

Why Your Updates Are More Important Than Ever

Stories about hackers and virus attacks seem to be making the news almost every day, and many of these news stories include tips on how you can avoid becoming a victim. One common theme among these tips is making sure your Windows operating system up to date.
Every day hackers are trying to figure out new ways to break into Microsoft Windows and once they do find a weakness, they try and find a way to spread it. This could be through a malicious email attachment or even something that spreads without your involvement.

Updates Explained
Whenever Microsoft discovers a potential flaw, they push out a small piece of software to all Windows computers running a supported version. If set correctly, your computer will check if there’s any updates or patches and install them automatically. In new versions, this usually happens when you’re shutting down or starting up, and doesn’t impact your experience at all. Unfortunately, some users will manually disable or delay their updates, creating a risky situation.
The update may include security patches, drivers or a simple tweak to address bugs or issues with Windows. Sometimes, they even include new features or applications to improve the stability of your operating system. They’re a good thing!

Not All Versions Get Updates

Some older operating systems are no longer supported, which means unless there are extenuating circumstances, Microsoft won’t issue any new updates. Not a single one – generally, if cyber criminals discover a flaw after support ends, they’re free to exploit it.  For example, Windows XP support ended in 2014, and Windows Vista just ended in April this year. The moment an operating system is retired it becomes a playground for cyber-criminals.
It’s not just Microsoft walking away from these old versions either. Third party software like the Google Chrome browser will still work, but they’ve also stopped supporting old versions with crucial updates and patches. It might seem like everything is working fine because your anti-virus isn’t pinging in alarm, but it just becomes a case of risk, upon risk, upon risk.

What to do with older Windows

As much as you’re comfortable with your older version of Windows, each time you boot up you’re exposing your system, important files and entire network. It only takes one weak entry point in the chain to allow malware into all connected devices. That could mean your photo storage, media center or even smart appliances. It’s not worth it - if you’re running Windows XP or Vista (or older), you need to update to a more modern operating system ASAP. Give us a call to upgrade your computer.

We can also monitor your system remotely and apply your Windows updates with our Pro+Tech Managed Services packages, ensuring you are always up to date and protected. Give us a call at 218-240-8802 or check our Pro+Tech service on our website.

4 Simple Tips to Keep Your Internet Banking Safe

Online banking has boomed in the past few years to become the new norm. Branches are out and apps are in. Half the time when you visit a branch, you’re steered towards a computer for a DIY transaction – with optional assistance.  But is internet banking really safe? You’re always told to keep your financial details private, but now also to jump on board the online banking train – talk about a push/pull scenario! The good news is you CAN bank safely online with a few simple precautions.

Always type in the website address
Many attackers will attempt to trick you into clicking a fake link to your bank website. Usually sent as a ‘phishing email’, they’ll claim there’s a problem and ask you to click through to your bank and correct it ASAP. The link points to a fake website that looks almost exactly like your real bank site and is recording your private account info. You can avoid scams like this simply by accessing your bank by manually typing in the website or using a bookmark.

Avoid public computers and networks
Jumping onto a PC at the library or mall might seem like a quick and easy way to check your account, but public computers are often targeted by scammers. In just a few moments, they can install keyloggers to record usernames, passwords and other private data, then sit back as all future user details are emailed to them. The same problem applies with free, unsecured Wi-Fi. You’re better off using an ATM or a data-enabled smartphone.

Use a strong password with 2- factor authentication
Create a unique password for your online banking, something you’ve never used anywhere else. Mix up words, numbers and symbols to create a complex password that can’t be guessed easily. Avoid giving attackers a head start with data they can find on Facebook, like kids names, pet names, birthdates, etc and really think outside the box. And of course, never write it down anywhere near your wallet, phone or computer. If remembering is likely to be an issue, you might like to consider a secure password manager app. Many banks will also help boost your security with two-factor authentication, sending random codes to your phone (or a special LCD device they provide) to verify any activity.

​Check page security before entering data
Finally, take a micro-second to spot the small padlock icon before you enter any data. You’re looking for a padlock appearing as part of the browser itself, not just an image on the webpage. It will be either in the bottom corner or next to the URL. The address will also start with httpS:// instead of http://. If you don’t see these things, the page is NOT secure and you shouldn’t log in.

​Ransomware has become an undeniable threat to business growth, profitability and security. It’s a ruthless type of malware that locks your keyboard or computer to prevent you from accessing your data until you pay the ransom, which is usually demanded in untraceable Bitcoin. Cyber criminals are turning this type of attack into big business, raking in billions each year as many businesses have no choice but to pay up.

How does ransomware get into the network?
Surprisingly, it’s NOT those random USB drives floating around from unknown sources. That’s old school, and cyber criminals operate much more effectively now. The most common vehicle for ransomware attacks today are email and compromised websites.

One email is all it takes.
We’ve all become so used to email as the major form of business communication that getting someone to click a link is easier than ABC. Ransomware attacks come disguised as legitimate emails that can trick your employees into clicking through to an infected website or opening an infected attachment. Unfortunately, cyber criminals have gotten really, REALLY good at faking internal emails, external communications from stakeholders and seemingly genuine inquiries from customers. They’ll often conceal their ransomware in normal attachments like invoices and reports in Office docs as well as PDFs. Even TXT files can actually be an executable javascript in disguise!

Infected websites aren’t always obvious.
Let’s face it, cyber criminals will infect any web page they can get their hands on, which is why of the less reputable sites should be avoided. But it’s not just about making sure you and your employees stick to suitable sites, mainstream websites can also carry ransomware infections ready to spread to all visitors. It’s happened before – in 2016 the New York Times, BBC & MSN homepages accidentally exposed thousands of web visitors when their infected site showed malicious ads.

What happens during an attack?
As soon as ransomware is in the door, it immediately scans local and connected drives (including connected backups) and encrypts thousands of files. Within minutes, everything from Office files to multimedia is locked up tight, inaccessible to all users – even admin. Then a notification appears demanding a ransom to unlock the files and gives helpful instructions on how to pay it. At this point, many businesses are on hold until the situation can be resolved. Typical options include: restoring from safe, external backups; wiping the entire system and starting again; or paying the ransom and learning a hard lesson in data security. Ransomware may not be fun, but it certainly makes for an interesting day at the office!

We can help you with a complete data security plan, including safe backups, virus protection, advanced firewalls and more. Find out more by visiting our Pro+Tech page.
​

How to Search Google Safely

We all love our Google, quickly finding everything we need on the Internet. It’s replaced dictionaries, encyclopedias, instruction manuals, newspapers and in many cases, even doctors. However, sometimes your search results aren’t the real thing and can be downright malicious. Here’s how to search safely:

Pay attention to the URL in Google
Below every result title there’s a URL in green.  No matter what the title says, this URL is where your click will take you. Unfortunately, cyber-criminals will often list their site with a familiar and trusted title but link you to their scam/malware pages.
For example, the title could be your bank name (eg, Example Bank), which seems legitimate, but the URL could be www.baabpjhg.com which is obviously not your bank. Sometimes they’ll attempt to trick you by putting the real site into the link too, eg www.baabpjhg.com/examplebank.com which makes it even more likely to catch you when skimming through results quickly. When you visit the page, it might look exactly like your bank’s site and ask for your login details, which are then harvested for attack. While jibberish in the link is pretty easy to spot, sometimes they’ll take advantage of a small typo that you can easily miss. For example, www.exampebank.com (missing the letter L).

​Notice Google search results vs paid ads
Google does a pretty good job at making sure the most relevant and legitimate sites are at the top of the list. However paid ads will usually appear above them. Most of the time, these paid ads are also legitimate (and you can quickly check the URL to verify), but occasionally cybercriminals are able to promote their malicious site to the top and catch thousands of victims before being removed.

Believe Google’s malicious site alerts
Sometimes Google knows when something is wrong with a site. It could be a legitimate site that was recently hacked, a security setting that’s malfunctioned, or the site was reported to them as compromised. When this happens, Google stops you clicking through with a message saying “this website may be harmful” or “this site may harm your computer”. Stop immediately, and trust that Google has detected something you don’t want in your house.

​Turn on safe search
You can filter out explicit results by turning on Google Safe Search. While not strictly a cyber-security issue, it can still provide a safer Google experience. Safe Search is normally suggested as a way to protect browsing children, but it also helps adults who aren’t interested in having their search results cluttered with inappropriate links, many of which lead to high-risk sites. Switch Safe Search on/off by clicking Settings > Safe Search.

​

3 Internet Habits to Keep Kids Smart and Safe

How can you make the internet a safer place for your children? It’s a common concern as all parents want their kids to be protected and happy whenever they go online. It’s relatively easy to supervise and monitor the very young ones as they stare delightedly at the Disney Jnr site, but the risks increase greatly as kids get older and more independent.
You’ve probably heard the term ‘cyber safety’ before, but safe internet usage goes beyond reminding them not to talk to strangers. With the evolution of the internet and the way it’s now woven seamlessly into our lives, the focus needs to be on ingrained habits. That means ensuring your children have the tools and predefined responses to online events so that no matter what happens, they’re not placing themselves (or your family) at risk. Setting up these habits is easy, and begins with three basic understandings:

Downloads are a no-go
Most kids can’t tell the difference between a legitimate download and a scam/malicious link. It’s not their fault, the online world is full of things that will trick even the most savvy adult. The difference is that kids tend not to take that extra moment to check exactly where that link is pointing, question whether it’s too good to be true, or even read what they’re agreeing to. They want to get back to what they were doing, and if something pops up, their first instinct is to click ‘yes’ - purely so it goes away. Unfortunately, that single ‘yes’ may have just opened the doors to malware and viruses that will ruin their computer. Set a family rule that they need to ask permission for all downloads (and an adult will check it first), and to never click a popup. When you’re called over to give download permission or check a popup, talk through exactly what you’re checking and why. As your child matures, get them involved in this process so their safe habits extend outside the home.

​Critical thinking is a must
Most youngsters think the internet is a magical place and can’t imagine their life without it. To them, the internet is on the same level as oxygen! With that acceptance though, comes unwavering trust that the internet would never lie to them, never trick them and never hurt them. While we adults know better, it’s only because we already view the internet with a certain level of distrust. The best way to keep kids safe is to teach them to approach every aspect of the internet with critical thinking. That includes teaching them to question the motives of other people online. Is that person really a kid? What do they really want? Unfortunately, all kids do need to be aware that predators use the internet to target and lure children. Ensure your children tell you immediately if a stranger makes contact. Along with this stranger danger, teach them to identify what marks something as suspicious, and what they should avoid. If they come across anything inappropriate, they should shut down the computer and come straight to you.

The internet is forever
Kids have an overwhelming drive to contribute to the internet, they don’t think twice about recording a video, jumping in a chat room or onto social media. The world really is their playground! But what they don’t understand until they’ve been burned, is that anything they upload, write or say is on the internet forever.  Even if they delete it or use a platform where content self-erases, someone can still screenshot and send it right back out. Many cyber-bullying cases are based around this exact type of blow-back. Once your kids know that everything they post is permanent, they’ll be more likely to pause and think.

Everything You Need to Know About Facebook Privacy
Finding the balance between Facebook privacy and Facebook fun can be challenging. It’s a double-edged sword that allows us to connect with friends no matter where they live, but it also publicly shares information that just a few years ago, we’d never dream of putting online. You can search for people based on where they went to school, town they live in, clubs they belong to, who they’re related to…but when is it too much?
Your birthday is the first piece of info collected when you sign up, and it’s great getting birthday wishes from friends and family when it appears in their newsfeed. But while Facebook is sending you balloons and funny memes, your birthday is now public knowledge. It seems harmless, but when you call your bank or other institution, what’s the first question they ask to verify your identity? Your birthday! Some password recovery systems even ask questions like ‘which high school did you go to?’ assuming this is knowledge that only you would know. Except…you’ve just publicly shared it on Facebook. Whoops!
We’ve all heard stories of people who’ve lost their jobs after less-than-wholesome pictures or statements have gone public. If you have a reputation to keep, you definitely don’t want pictures from last weekend’s private party showing up, especially if you really let your hair down. While you can’t control what others do with photos they take of you, you can control whether or not you’re tagged in them.
Fortunately, there are settings in Facebook that allow you to control who sees what information and what happens when you’re tagged. Despite what you may have heard or seen floating around in a Facebook share hoax, you do have complete control over your Facebook privacy, and it’s easy to adjust.
How to Check and Adjust Your Facebook Privacy Settings
1. See what your account looks like to an outsiderFrom your Facebook homepage, click your name on the blue bar at the top of the page. Click the three dots next to ‘View Activity Log’ and then select ‘View as…’
2. Run a quick privacy checkup
Click the question mark in the top right corner and choose ‘privacy checkup’.
Think about what you really need to share – do people need to know the YEAR of your birth or just your birthday? Your friends will still get the notification, and you’ll still get the balloons.
3. Edit advanced privacy
While the checkup covers the most obvious info, you can go much deeper. Click the V-shaped dropdown to the right of the question mark. Go to settings and choose privacy.
4. Adjust timeline and tagging
In the privacy settings, you can explicitly control who can tag you, who can see or share the tagged content, and what shows up on your newsfeed.