Blog

Archive for Business

Employee Negligence The Cause Of Many Data Breaches

data-breach

Enterprise privacy and training programs lack the depth to change dangerous user behavior, Experian study finds.

More than half of organizations attribute a security incident or data breach to a malicious or negligent employee, according to a new survey.

Sixty-six percent of the 601 data protection and privacy training professionals surveyed for the Managing Insider Risk through Training & Culture report say their employees are the weakest link in their efforts to create a strong security posture.

Awareness of the insider risk, though, is not influencing many companies to put in place practices to improve the security culture and training of their employees, the Experian Data Breach Resolution and Ponemon Institute report found.

Only 35% say senior executives think it is a priority to ensure that employees are knowledgeable about how data security risks affect their organizations, and 60% say employees are not knowledgeable or have no knowledge of the company’s security risks.

“It’s no surprise that employee-related security risk is their number one concern,” says Michael Bruemmer, vice president of Experian Data Breach Resolution. “As we have seen in our incident response service that we do for clients, about 80% of all the breaches we service have a root cause in some type of employee negligence.”

Training Programs Inadequate

Each of the organizations in the survey has a training program, but many of these programs do not have the depth and breadth of content to drive significant behavioral changes and reduce the insider risk. Only half of the companies agree or strongly agree that current employee training actually reduces noncompliant behaviors.

Forty-three percent of respondents say that training consists of only one basic course for all employees. These basic courses often do not provide training on the risks that can result in a data breach: 49% of the respondents say training in their organization does not include phishing and social engineering attacks. Only 38% of respondents say the course includes mobile device security, and only 29% say courses include the secure use of cloud services.

Less than half –45% — say their organizations make training mandatory for all employees. Even when mandatory, exceptions are made for certain individuals. For example, 29% of respondents say the CEO and senior level executives in their companies are not required to take the course.

Additionally, if an employee doesn’t pass a privacy test or do well on a training course, 60% of the companies in the survey don’t require them to do anything else but check off the right answers on the test, Bruemmer says.

Responsibility Starts At The Top

The responsibility for data protection and cybersecurity should start at the top with company board members and senior management, he notes. Cybersecurity should be one of the top five strategic priorities, he says. And if companies are setting up an organizational structure, the chief information security officer or an executive with that responsibility, must report at a minimum to the CEO, if not directly to the board.

“So cybersecurity, privacy, and data breach response must have a priority at the highest level of the organization,” Bruemmer says. To back up that argument, Bruemmer notes that 29% of the cybersecurity professionals surveyed say that the lack of senior executive buy-in contributed to the inefficient training.

“In this day and age, given the cost of a data breach, which is about $6.2 million per incident, to not spend the money upfront to address the number one cause of data breaches – a relatively low cost compared to some of the other preparations – it just seems like there is a real miss here,” Bruemmer says.

Mitigating the insider risk, according to Bruemmer, should include both culture and training. Sixty-seven percent of respondents say their organizations do not provide incentives to employees for being proactive in protecting sensitive information or reporting potential issues.

The report recommends that companies should provide employees with incentives to report security issues and safeguard confidential and sensitive information, as well as better communicate the consequences of a data breach. Plus, companies should “gamify” training to make learning about potential security and privacy threats fun.

Meanwhile, federal cybersecurity professionals also recognize that people can be their organization’s greatest cybersecurity asset or greatest liability: 42% of cybersecurity executives surveyed for a new (ISC)² and KPMG LLP report say that people are currently their agency’s greatest vulnerability to cyberattacks.

Lack of accountability was also a consistent theme throughout the federal survey results, as some respondents were unable to identify a senior leader at their agency whose sole responsibility is cybersecurity. Federal cybersecurity executives are still struggling to understand how attacks could potentially breach their systems a year after hackers stole the personal information of 22 million people from the Office of Personal Management databases, according to the (ISC)² report.

Yasin, Rutrell. “Employee Negligence The Cause of Many Data Breaches.” N.p., n.d. Web.


In 2015 43% of data breaches were a result of employees, half were intentional, and the other half accidental.  So let us help you with the “accidental”…

Phishing, spearfishing, socially engineered email and links are designed to get your employees to open the door to malicious attacks, and they appear in various ways. We believe that the best approach is to take a defensive stance by arming your staff with the most updated information.  And since we believe that knowledge is power, we have put together a presentation to explain the many deceptive tricks of hackers and the most common mistakes made by end users. We also have a method to reinforce training by creating a phishing scheme which will test who will “click”.

Employee awareness is the key to fighting the cyberwar!

Give us a call at (732) 780-8615 or send us an email at support@trinityww.com to set up an appointment for a security consultation.

 

Posted in: Business, IT Support, Security

Leave a Comment (0) →

How to Deal With the Rising Threat of Ransomware

ransomwareOf all the money-making schemes hackers employ, the most prevalent is perhaps ransomware, a malware that is usually delivered through infected email attachments and hacked websites or websites featuring ads. Ransomware encrypts files on a user’s computer and renders them unusable until the victim ransoms the key for a specific amount of money.

Cybercriminals are making millions of dollars from ransomware. According to forecasts and assessments made by experts, the threat of ransomware will continue to rise in the months and years to come. Recently, several organizations were badly hit by ransomware, including a police department in Massachusetts, a church in Oregon, schools in South Carolina schools and several medical centers in California and Kentucky, one of which ended up paying the attackers 40 bitcoins (approximately $17,000).

Attacks on individuals seldom make the headlines, but in 2015 alone, the FBI received some 2,500 complaints related to ransomware attacks, which amounted to approximately $24 million in losses to the victims.

Technologies such as modern encryption, the TOR network and digital currencies like bitcoin are contributing to the rising success of ransomware, enabling hackers to stage attacks with more efficiency while hiding their trace.

In many cases, victims are left with no other choice than to pay the attackers, and even the FBI often advises victims to pay the ransom as the only recourse. Traditional methods and tools no longer suffice to deal with the fast-evolving landscape of ransomware viruses, and new approaches are needed to detect and counter its devastating effects.

The problem with traditional security solutions

Most security practices rely largely on regularly updating your operating system, software and antivirus tools, which are effective to protect yourself against known ransomware viruses — but are of no use against its unknown variants.

The other safeguard against ransomware is to keep offline backups of your files, which will enable you to restore your hostage files without paying the crooks. This is a very effective method, but for many organizations, the downtime of a ransomware attack is more damaging than the ransom itself, which warrants the need for methods that can help avoid ransomware altogether.

Prevention through behavior analysis

The high success rates of ransomware attacks are directly attributed to the shortcomings of antivirus software that rely on static, signature-based methods to detect ransomware. With several variants of ransomware being developed on a daily basis, there’s simply no way signature-based defenses can keep up. Udi Shamir, Chief Security Officer at cybersecurity firm Sentinel One, explains, “With minor modifications a cybercriminal can take a well-known form of ransomware like CryptoLocker, and make it completely unknown and undetectable to antivirus software.”

Experts agree that fighting ransomware needs a new approach, one that should be based on behavior analysis rather than signature comparison. “Behavior-based detection mechanisms are now playing a key role in detecting and preventing ransomware-based attacks,” Shamir says. “While there may be many ransomware variants in the wild, they all share a common set of traits that can be detected during execution.”

Most ransomware can be detected through a set of shared behavioral characteristics. Attempts at deleting Windows Shadow Copies, disabling Startup Repair or stopping services such as WinDefend and BITS are telltale signs of ransomware work. “Each of these actions are behaviors that, if detected, translate into a ransomware attack,” Shamir explains.

This is the general idea behind some of the newer security tools — instead of making signature-based comparisons, processes are scrutinized based on their behavior and blocked if found to be carrying out malicious activity. “Once detected, any malicious processes are killed instantly, malicious files are quarantined, and endpoints are removed from the network to prevent any further spread,” Shamir says.

Aside from Sentinel One, other big players such as TrendMicro, Cisco and Kaspersky Labs are also offering behavior-based security tools.

“These new ‘next-generation’ endpoint protection solutions have proven to be effective against all variants of ransomware,” Shamir says.

Prevention without detection

One of the methods ransomware developers use to evade detection is to force their tool to remain in a dormant state while it is under examination by security tools. This enables new variants of the virus to get past antiviruses and even some behavioral-based security solutions without being discovered. Once out of the sandbox, the ransomware is in the ideal environment to unpack its malicious payload and deal its full damage.

The workaround to this technique, as discovered by an Israeli cybersecurity startup, is to trick the ransomware that it is always in the sandbox environment, which will convince it to remain in the “sleeping” state and never wake up to deploy itself.

Minerva Labs, which came out of stealth this January, presented a solution that uses the ransomware’s own evasion techniques against it. “We figured that in order to fight malware, we have to think like the hackers that develop it,” says Eddy Bobritsky, CEO of Minerva Labs.

Traditional methods and tools no longer suffice to deal with the fast-evolving landscape of ransomware viruses.

Minerva has introduced the concept ofa low footprint endpoint protection platform that “prevents targeted attacks as well as ransomware before any damage has been done, without the need to detect them first or to have prior knowledge,” Bobritsky explains.

By simulating the constant presence of different sophisticated cybersecurity tools, such as Intrusion Prevention Systems (IPS), the ransomware becomes trapped in a loop that prevents it from knowing where it is. The malware cannot differentiate between the simulated environment and real security environment that it tries to evade, and thus it stays inactive, “waiting for conditions that will never materialize,” Bobritsky says.

Prevention through a multi-pronged approach

“Per se, new products, tools or technology and processes may not solve the challenges individuals or organizations face when infected with ransomware,” says Jens Monrad, consulting system engineer at security firm FireEye. “Above all we need a fundamentally new way of thinking about cyberattacks.”

Monrad suggests the Adaptive Defense model, which instead of focusing on total prevention recognizes that some ransomware attacks will get through and aims at reducing the time to detect and resolve threats.

“In the adaptive model, security teams have the tools, intelligence, and expertise to detect, prevent, analyze, and resolve ever-evolving tactics used by advanced attackers,” Monrad explains.

Adaptive defense should encompass three core interconnected areas of technology, intelligence and expertise, which, according to Monrad, are fundamental for enterprises, governments and organizations that want to develop their capabilities to minimize the time it takes to discover a threat and recover from it.

At the technology level, Monrad proposes the use of sophisticated security tools. “Simple sandbox solutions aren’t enough though,” he explains, “because in many cases a piece of malicious code and an attack can happen over multiple stages, which makes detection and prevention more challenging, if your sandbox is just relying on a single object.”

This includes viruses that download and execute their malicious payload after getting past the sandbox. That’s why sandboxing should occur at the network level, Monrad argues, where you can “focus on the entire stream of packets, in order to analyze what is happening, in a similar way, as normal users are exposed to the code when they browse the Internet, click on a link in an email or open an attached file.”

At the intelligence level, “data should be gathered and shared across many endpoints and should be managed by a dedicated research team that knows attackers and how they operate,” Monrad says. The right solution should “provide intelligence before a ransomware attack happens, while it is happening and also explain why it did happen,” he says.

The expertise discipline includes experience in responding to data breaches, unique insight into how attacks are happening and knowledge on what sort of operational methods attackers employ in order to carry out successful attacks.

Dickson,Ben. “How to Deal with the Rising Threat of Ransomware” TechCrunch April 2016

Posted in: Business, E-mail, Mobile Computing, Security, Tech Tips for Business Owners

Leave a Comment (0) →

Productivity Breakthroughs for Small Business: A Look at the new Office

ms officeHave you ever stopped to think about all the apps and devices you use every day to get things done? Maybe you use a note-taking app on your phone when you’re on the road, a tablet for keeping track of your inventory and customer orders on the sales floor, and a PC for creating customer newsletters and presentations in the office. Have you ever wished they helped you work better — and worked better together? You are not alone. A recent survey commissioned by Microsoft revealed that 31 percent of small businesses expect to have the same data and user experience across multiple devices. However, given the rise of BYOD, this has traditionally been out of reach for most businesses — 37 percent of small business owners cited integration with desktop, IT and communications infrastructure as a top challenge in supporting a mobile workforce, according to TechAisle.

For small and midsized businesses (SMBs) — where both owners and employees are often asked to wear many hats — the ability to be nimble, be collaborative, and work across different offices and devices is key. Microsoft believes that technology exits to help you do more. Microsoft’s goal in the new Office, released yesterday, is to help people and businesses of all sizes better work together, work easier and worry less — and the best way to start taking advantage of the new Office is via an Office 365 subscription.

Work Together
For many of today’s SMBs, collaboration is central to the way they work, but it’s is not as easy as it could be. Too often, collaboration means emailing files back and forth or joining meetings or calls to talk about a project/document to then deal with version control issues. The new Office reinvents how you work together with colleagues, eliminating many of the common pain points that have traditionally been associated with teamwork. For example, if your team were to use the new version of Office (Word, PowerPoint or OneNote) to make revisions to a customer proposal or sales presentation, everyone would have the ability to edit the same draft at the same time. As the document refreshes, those changes show up, and when you finish a draft it‘s saved across all your devices. This means there are no emails crossing and nothing lost in translation, saving you not only time but also potential headaches.

Office-SMB_1

Work Easier
Co-authoring is one way to collaborate without being in the same room, but there will always be times that call for face-to-face collaboration. What if you have sales reps on the road in three different cities, and you need everyone to get together to discuss some new competitive insights to work into meetings with prospects? You need a videoconference. Actually, you need more than that — a video-enabled meeting is much more than two rooms joined by a camera, after all.

Skype for Business helps you collaborate in different ways using one application. You can see colleagues’ presence, start IM, voice or video conversations, conduct meetings, present documents, and share desktops. And with Skype in-app integration now available across the Office Online and rich client apps, you can IM, share screens, talk or video chat right within your document.

Of course, any time you have technology that promises to “do more,” you may wonder if it will actually mean more work for you. And the last thing anyone needs is to stop and learn a new set of commands and features. With the new Office, that isn’t a worry. It works for you with built-in intelligence capabilities. For example, the new Tell Me* feature allows you to quickly find the right feature or command by asking a question. So, if you’re ever stumped about how to do something on any Office application, just describe the action you want to perform in the Tell Me search bar (e.g., “insert a graph”) and you’ll automatically be given the answer. In addition, with the new Smart Lookup* feature, the new Office bring insights from the Web right into your document.

Worry Less
As more and more SMBs move their data to the cloud, we know that security is still top of mind — more than 60 percent cited data security as a concern in a recent Boston Consulting Group study. With so much important information accessible across your devices, you need to make sure it’s safe. The new Office requires more than one type of credential (for example, a password plus a biometric verification like a voice command) to ensure only the right people are accessing your devices and data. And Office 365 provides automatic monthly security updates, so you can focus your attention elsewhere while remaining confident that your technology is up to date and secure.

More Productive, More Personal and More Secure With Windows 10
Office works across platforms, but together with Windows 10, launched in July, it helps you take productivity to a whole new level.

Windows 10 was created with features to help you with everyday tasks. For example, you get a virtual personal assistant in Cortana, now available on all Windows 10-enabled devices (including PCs). From Internet searches to setting alarms and reminders, Cortana is ready to do your bidding. Its receptivity to voice and natural language means you can easily put Cortana on the job — to schedule meetings, remind you about deliverables and help you find important files — while you focus on more important things to run your business.

Windows 10 also creates a more personal computing experience with new features like Continuum, which enables any screen to become like a PC. And Windows Hello, which greets you by name, provides a fast, secure, password-free way to log in to Windows and Office 365 in one simple step, so you can be productive on the go.

The combination of the new Office and Windows 10 is not only the best for productivity, but also the most secure. With built-in authentication tools, it makes a single identity possible across Office 365** and Windows logins, as well as the Windows Store, OneDrive settings and file synchronization, ensuring secure access to content anywhere.

Quite simply, Windows 10 was built to work. It offers very light management and has minimal complexity, helping SMBs save time, money and energy they can devote to running and growing their businesses instead.

Final Thoughts
Every small business owner knows you can’t do everything yourself. And that’s where technology can help you not only be more productive, but also create new ways to collaborate with confidence.

Smith, David. “Productivity breakthroughs for small business: A look at the new Office” Microsoft, Business Matters September 23, 2015

Posted in: Business, Tech Tips for Business Owners

Leave a Comment (0) →

Why Not Use Vine to Make Short, Sharable Videos for Your Biz?

You might have heard about Vine, the latest video app available form Twitter, and wondered how in the world a six second video clip could possibly do nay wonders for your business!

You’d be surprised!

In fact, smart business owners are using Vine to share these 6–second clips to help them brand, announce, introduce and otherwise promote their businesses in a way nothing else does.

Marketers are always moaning about ways to use Twitter for their business; well, here you go!

A couple of recent examples would include RedVines, Urban Outfitters and Nintendo.

How to use Vine in your business

While still in its infancy, companies are finding innovative ways to use Vine to get the word out. Here’s just a few:

  • Employee introductions — Makes short videos of your best employees. This is terrific way to market your brand, and not simply your products and services. And don’t limit this to management: allow clients and customers see the people who answer phones, load delivery trucks and work the cash registers too. These are the ones they deal with!
  • Behind the scenes clips of your office — Give a glimpse of what goes on at your company, showing different departments or tasks to let your customers get a peek at your office environment. Holiday Vine videos may well be the card de jour this coming season!
  • Your latest promotions — Using Vine as a way to make an inexpensive commercial that is concise and right to the point. According to IAB, 10–15 second spots were the most popular ads. Show off your newest product or advertise your services through a cleverly–cut Vine video.
  • Vine your company announcements — You’re your Tweets about anything to do with your company far more exciting with a Vine video. You can introduce new team members or promotions, and highlight awards or special recognition in an engaging fun, and sharable way!

And even more from Publiseek.com :

  • Show what your product looks like from different angles.
  • Shoot a short personal introduction of your company owners.
  • Record short and crisp customer testimonials after they have used your product.
  • Use Vine to send out 6 sec coverage of your launch or event.
  • If you are a realtor, send out a quick walk through of the property that you have listed. (walk fast!)
  • If you are in fashion business, create a 6 sec video showing your latest, hottest outfits.
  • Share your website design or show how your new app or game works.
  • Food establishments can show menu items and specials.
  • Show your work process by recording its different stages.
  • Interior decorators can use Vine to show what the room looked like before and after.

Vine is trending hot right now, and is a great opportunity to catch some attention with clever, funny and informative short, looping videos that are drop dead easy to make! Grab that Vine before it swings away!

Posted in: Business, Social Media Marketing, Tech Tips for Business Owners

Leave a Comment (0) →

When it’s Smart to Build a Smartphone App for Your Small Business

You may have been pondering whether or not it’s a good idea for your business to spend the time and money needed to develop and implement a mobile app for your business.

Does a mobile app even make sense for your business? What would it cost? Who’s going to update it? These and many other questions need answers before you can really make an informed decision. Let’s look at some of what you need to know.

The Pros and Cons of developing a mobile app for your business

Pros:

  • More than 50 percent of adult Americans are using smartphone technology
  • Keeps your brand prominent in the marketplace
  • Increases customer retention and loyalty, as the app is always in front  of them
  • Users spend more time on apps
  • Usually load faster than mobile sites
  • Available offline, though they would need to login to purchase, or perform any other action.

Cons:

  • A mobile app needs to be made for each platform, iPhone, Android, Windows, or any other platform
  • Mobile apps require ongoing care, both as regard fresh content as well as technology updates
  • Not as easy to optimize as a mobile website
  • Mobile ads may well serve the purpose
  • Can be wildly expensive! While there are some Do It Yourself solutions, they are minimal in functionality and hard to update.

We all know that there are as many uses for an app than you could ever imagine, but some are better than others. Here is an example of how apps were developed in the health care market. Making sure your app is useful and not a mere novelty will go a long way toward helping you make your decision.

While it’s pretty much a given that you need a mobile version of your website, the question of whether or not you need to shell out what could be big bucks for an app is one you need to look at carefully.

Take the time to weigh the pros and cons for your business before you leap into developing a mobile app!

Posted in: Business, Mobile Computing, Tech Tips for Business Owners

Leave a Comment (0) →

Is Single Sign-on Right For Your Business?

When your workers log onto their computers, do they automatically, by entering one password and login name, gain access to all of your business’ software systems? Does their single login allow them to access the company’s Intranet, their e-mail systems and your company’s sales data? If so, your company’s software systems operate under a single sign-on system.

Different versions

There are several versions of single sign-on systems. Under a Kerberos-based system, workers must supply their login names and passwords when signing onto their computers. After this, they get a Kerberos ticket that gives them access to email clients, editing software and other systems. This happens because the Kerberos ticket supplies the user’s credentials to each new system that the user tries to access. This prevents workers from having to re-enter their passwords and login names each time.

Benefits

The main benefit of single sign-on is that workers don’t have to constantly enter passwords and logins every time they need to access a new software system. Not only does this prevent password fatigue for your company’s employees, it also saves time. Employees don’t have to stop working to enter their passwords throughout the day. Single sign-on might also save your company IT costs; your IT department won’t be swamped with as many calls from employees struggling to remember their passwords and login names throughout the day.

Cons

Of course, there is some risk to single sign-on. A hacker can gain access to your company’s software systems more easily if you rely on single sign-on. This is why it’s important for your company to tie single sign-on to authentication methods such as smart cards or one-time password tokens. As with all forms of electronic security, then, single sign-on isn’t perfect. You’ll have to take a close look at your company to determine whether this system is right for your business and your employees.

Posted in: Business, Security, Tech Tips for Business Owners, Technology

Leave a Comment (0) →

Adding Comments to Excel Can Boost Your Productivity

Have you ever re-opened one of your Excel spreadsheets only to find that you’ve forgotten what half the formulas in it stand for? Have you ever opened a spreadsheet only to find yourself asking, “What, exactly, was I up to here?” Well, you can prevent this from happening by adding comments directly to the formula cell in a spreadsheet.

Jogging your memory

The tech Web site Lifehacker explains how to do this. You’ll simply have to access Excel’s N() function. To use this function, add a plus sign after your formula. You can then write out your comment in quotes inside the function.

Why do it

Now, whenever you click on that cell, both your formula and your comment will appear. Doing this can save you plenty of time when poring over a half-finished Excel spreadsheet. You won’t have to wrack your brain trying to remember what you were trying to accomplish.

This function is available in Excel 2013 and earlier versions. If you have Excel don’t be shy about using it. You might be surprised at how much more productive you can be.

Posted in: Business, MS Office Tips and Tricks, Tech Tips for Business Owners, Technology

Leave a Comment (0) →

Not using Word 2013? You’re missing out

Have you been debating whether it’s time to upgrade to Word 2013? PC World says it’s time to stop dithering. The new version of Word is packed with features that can make you and your employees more productive than ever. Maybe you like that current version of Word that you’re using. That’s fine. But before you decide to stick with it, consider these nifty new features that come with Word 2013.

A better design tab

The first reason to upgrade to Word 2013? PC World points to the program’s new and improved design tab. Word 2013 lets users choose from a wide variety of themes, colors and fonts. And if you find a certain combination that you’d like to use all the time, you can click the “Set as Default” option to return these themes every time you create a new document. Microsoft Word 2013 also allows users to preview a document style before they apply it to the entire document.

A better reading experience

Maybe you use Word more often to read documents than to create them. If so, Word 2013 comes with a new Read feature that makes reading Word documents more pleasant than ever. First, the Read feature automatically resizes Word documents so that they fill your entire screen. Secondly, Read provides on-screen arrows that let you flip through pages or swipe the screen from either edge of the display if you’re using a touch-screen monitor. You can also click on images, charts or tables in Read mode to make them bigger, and easier to read.

PDF Viewing

Word 2013 makes editing and reading PDF documents an easier task, too. First, Word 2013 can open any PDF document. But that’s just the beginning. The program also allows you to edit PDF documents without bringing in a third-party application. According to PC World, you can also move images around a PDF document and edit any information contained in a table. For anyone who works with PDFs often, this is an amazing new feature.

Posted in: Business, MS Office Tips and Tricks, Tech Tips for Business Owners, Technology

Leave a Comment (0) →

Phishing Attempts Can Snare the Best of Us, Even the AP

 

We would all like to think that we’re clever enough to detect phishing e-mails in our inboxes. Some of them are easy to spot. But the scam artists behind phishing e-mails are getting better. And that means that they’re netting some high-profile victims. For instance, as Slate recently reported, a particularly sneaky phishing e-mail recently caused a lot of trouble for the Associated Press, the country’s biggest provider of wire-service news.

Syrian Electronic Army

Earlier this year, a group calling itself the Syrian Electronic Army hacked into the Twitter account of the AP and posted a message stating that President Obama had been seriously injured in an explosion at the White House. This Tweet was false, of course. But that didn’t stop the stock market from taking a big plunge. And it shows, too, that even the savviest among us have to be on guard from sophisticated phishing attacks.

The E-mail

The Syrian Electronic Army hacked the AP Twitter account through a process known as spear-phishing. As Slate explains, this involves sending specific recipients e-mail messages that look legitimate. In the case of the AP hack, the group sent a message to AP staffers containing a link to what looked like a Washington Post news story. The message looked professional enough that it tricked some AP staffers into clicking on it, the first step in giving members of the Syrian Electronic Army control over the AP’s Twitter account.

A Warning

It’s easy to poke fun at the AP for getting hacked. But the truth is, no one is safe from the more sophisticated con artists behind the newest phishing attacks. These scammers no longer send phishing e-mails about Nigerian princes. Instead, they send messages that look like they’re coming from people we know. The lesson here? You need to be constantly vigilant if you want to protect yourself from today’s trickiest online scammers.

 

Posted in: Business, Security, Tech Tips for Business Owners

Leave a Comment (0) →

Guilty of These Bad Tech Habits?

No one is perfect. We all have bad habits. Some of us smoke. Some eat in our cars. Some write e-mail messages in all capital letters. Here’s the good news, though. When it comes to technology, it’s relatively simple to identify our bad habits and break them. PCWorld magazine recently ran a list of the most common bad tech habits. Took a look at these tech mistakes. Do you suffer from any of these bad tech habits?

Easy Target

Some of the worst tech bad habits identified by PCWorld make you an easy target for thieves. For instance, do you ever leave your smart phones or tablets sitting at your booth in the coffee shop while you run back to the counter to get another shortbread cookie? Leaving your devices unattended and in plain sight can make it easy for criminals to quickly snatch them and disappear. Or what if you spend all your waking minutes staring at your smart phone screen without taking notice of your surroundings? This bad tech habit can hurt, too. While you’re staring at your screen, you don’t notice that suspicious guy walking close to you. Before you know it, the guy’s popped you in the face, grabbed your smart phone and run away.

Hurting Your Health

Bad tech habits can damage your health, too. Maybe you sit all day hunched in front your computer. This bad posture can lead to serious back pain. It can also cause carpal tunnel syndrome. The solution here? Sit up straight, take frequent computing breaks and purchase a comfortable chair that places less strain on your back. Speaking of breaks, another bad tech habit is not taking any. As PCWorld says, your can hurt your eyes, strain your back and blur your thought processes if you insist on spending the entire work day focusing on your computer screen. Remember to take regular breaks to keep yourself healthy.

Oops

What happens if your computer suffers a sudden hard-drive crash? Will you lose your important files? If you suffer from the bad tech habit of not backing up your files, you probably will. And do you reuse the same passwords frequently at several different Web sites? This tech habit can open you to a world of pain should someone crack that go-to password. Now, instead of gaining access to your personal information on one site, this cyber criminal can gain access to it on several. Finally, do you ignore the updates that publishers create for the software that you most frequently use? Don’t. Ignoring these updates can leave you vulnerable to hacks and keep you from fully enjoying your software.

Posted in: Business, Security, Tech Tips for Business Owners, Technology

Leave a Comment (0) →
Page 1 of 6 12345...»