Phishing Emails Disguised as Office365 File Deletion Emails

Phishing Emails Disguised as Office365 File Deletion Emails

Threat Level: High

A recently-discovered phishing scam pretending to be from the “Office 365 Team” is trying to trick users into their log-in credentials.

The alert notifies the user of an unusual volume of file deletions and urges users to review the activity.

When redirected, the users are encouraged to log-in to a page that is hosted on Azure, increasing the perceived legitimacy of the phishing campaign. The hackers have even gone as far as securing the page with a certificate signed by Microsoft.

It’s important to remember that Microsoft login forms will be coming from microsoft.com, live.com, microsoftonline.com, and outlook.com domains only.

If you think you may have been deceived by a phishing scam, it’s important to contact ITonDemand urgently to begin Incident Response.

For more information on avoiding phishing scams, download our phishing infographic below.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

What to do about Windows 7 End-of-life

What to do about Windows 7 End-of-life

Windows 7 End-of-life In case you are unaware -- Windows 7 is coming to an end. Microsoft has planned for this for a long time. However, most users have not it seems. According to web analytics vendor, Net Applications, Windows 7 actually saw its user share increase...

read more

ITonDemand was created over a decade ago to help support businesses and organizations IT services.  We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do.  We make your IT work for you.

1423 Powhatan St, Alexandria, VA 22314

233 SW 3rd St, Ocala, FL 34471

info@itondemand.com

800-297-8293

 

Intel chip flaw presents vulnerability from “Zombieload”

Intel chip flaw presents vulnerability from “Zombieload”

Threat Level: High

Intel announced last week, in what seemed to be a busy week for bugs, a critical flaw in their processors dating back to 2011.

The flaw is linked to the processor’s “zombie load” function, giving it its name. Zombie load occurs when a computer processor can’t properly process a load of data and needs to ask for help in order to prevent a crash. This function has been exploited to allow hackers to grab any data that was recently been accessed by the processor.

Intel processors are in 76.8% of computers worldwide. That includes both PC and Mac.

Protecting your machine

Microsoft, Google, and Apple have all released patches to address the vulnerability. Rather than clicking “Remind me tomorrow”, it’s vital to update your computer in a timely manner. 

However, due to the nature of a hardware flaw, the vulnerability will never truly be eliminated.

While Intel itself only rated the threat as “medium”, security experts are fearing it is much worse. “On a scale of 1 to 10, this is ’10’ serious,” said Robert Siciliano, CEO of Safr.me.

What we are doing about it:

ITonDemand is approving the recommended patches and will be sending them out to our user’s machines.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

What to do about Windows 7 End-of-life

What to do about Windows 7 End-of-life

Windows 7 End-of-life In case you are unaware -- Windows 7 is coming to an end. Microsoft has planned for this for a long time. However, most users have not it seems. According to web analytics vendor, Net Applications, Windows 7 actually saw its user share increase...

read more

ITonDemand was created over a decade ago to help support businesses and organizations IT services.  We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do.  We make your IT work for you.

1423 Powhatan St, Alexandria, VA 22314

233 SW 3rd St, Ocala, FL 34471

info@itondemand.com

800-297-8293

 

Office365 is not a Disaster Recovery Plan

Office365 is not a Disaster Recovery Plan

Disaster recovery plans are vital, not just important. Data becomes lost, deleted, purged, corrupted, all the time. Without that measure in place, data is truly lost.

There does seem to be confusion on what constitutes a Disaster Recovery plan, however.

While many systems have some form of data retention, they lack the necessary measures to be considered “disaster recovery”. This leaves security, compliance, and continuity all in question. Office365 is one of those systems.

What Office365 does

Office365 is a subscription-based service for Microsoft’s popular applications like Word, Excel, PowerPoint, and Outlook.

While Office365 uses language like “file-sharing and online storage” and “Microsoft-backed 24/7 Security”, at the end of the day, it is a singular system designed for Microsoft’s product line.

To present an example, as long as e-mails from Outlook are in an uncorrupted state, not deleted or purged beyond the unrecoverable period, and not beyond 3 years, you have your content. That is a standard retention policy for an active email system. But that sounds like a lot of conditions, am I right?

Likewise, collaborative platforms like OneDrive and SharePoint allow multiple users to access necessary documents. However, even those systems require a back up for catastrophic events.

Microsoft only provides any form of recovery under the following events:

  • Loss of service due to their hardware or infrastructure failure
  • Loss of service due to natural disaster or data center outage
  • Short-term (30-day) user-error with recycle bin/version history
  • Short-term (14-day) administrative error with soft-delete for Groups, Mailboxes or services-lead rollback

What Office365 doesn’t do

Under that same example mentioned above, if your email were to become encrypted via ransomware, that is not a situation in which Microsoft will support or recover.

Even in more common events, like an employee leaving, data that is lost in that user’s account is unrecoverable.

Microsoft does not support any of the following events:

  • Loss of data due to departing employees and deactivated accounts (outside retention period / delete and recovery periods)
  • Loss of data due to malicious insiders/hacktivists deleting content
  • Loss of data due to malware/ransomware
  • Recovery from prolonged outages
  • Long-term accidental deletion coverage with selective rollback

Where a Disaster Recovery Plan kicks in

A true data backup functions in one of three ways; an image backup, file and folder backup, or infrastructure redundancy.

Backups succeed by offering a replicate of your data, separated in a geographically different, unconnected storage so if you needed to recover any email or even rebuild the entire email system, you could from the last back-up.

You can’t have a disaster recovery and continuity of business policy without a back-up solution.

And Office365 is not a back-up solution or disaster recovery plan.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

What to do about Windows 7 End-of-life

What to do about Windows 7 End-of-life

Windows 7 End-of-life In case you are unaware -- Windows 7 is coming to an end. Microsoft has planned for this for a long time. However, most users have not it seems. According to web analytics vendor, Net Applications, Windows 7 actually saw its user share increase...

read more

ITonDemand was created over a decade ago to help support businesses and organizations IT services.  We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do.  We make your IT work for you.

1423 Powhatan St, Alexandria, VA 22314

233 SW 3rd St, Ocala, FL 34471

info@itondemand.com

800-297-8293

 

Microsoft Warns of a “Monster” Computer Bug

Microsoft Warns of a “Monster” Computer Bug

Microsoft has announced a vulnerability found in older versions of its Windows Operating Systems. The affected systems include Windows 7, Windows 2003, Windows XP, and Server 2008.

This unusual step for Microsoft, patching outdated systems, really hints at the severity of the uncovered vulnerability.

Microsoft announced the bug on Tuesday in a blog post saying “future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe.”

This vulnerability is being compared to the WannaCry worm that corrupted 200,000 systems just two years ago. Microsoft has said that they haven’t seen an example of anyone capitalizing on this vulnerability but considers it “highly likely”.

While normally Microsoft wouldn’t issue updates for the affected obsolete systems, it has rolled out patches to secure this vulnerability.

Windows 8 and 10 users are unaffected.

What we are doing about it:

ITonDemand is approving the patches from Microsoft and will be sending them out to our user’s machines. It is also important to make the transition from outdated systems, such as Windows 7, to Windows 10.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

What to do about Windows 7 End-of-life

What to do about Windows 7 End-of-life

Windows 7 End-of-life In case you are unaware -- Windows 7 is coming to an end. Microsoft has planned for this for a long time. However, most users have not it seems. According to web analytics vendor, Net Applications, Windows 7 actually saw its user share increase...

read more

ITonDemand was created over a decade ago to help support businesses and organizations IT services.  We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do.  We make your IT work for you.

1423 Powhatan St, Alexandria, VA 22314

233 SW 3rd St, Ocala, FL 34471

info@itondemand.com

800-297-8293

 

Data Backups and Disaster Recovery

Data Backups and Disaster Recovery

Data backup is a critical part of an organization’s overall disaster recovery plan. The concept of data backup is simple: you make copies of your data and store them in a different location in case data is lost or destroyed.

Implementing a data backup plan is not necessarily as easy. There are multiple factors to consider depending on what your organization’s needs are. Here are some key things to consider:

  1. What are your total per hour costs?
  2. What is your “opportunity cost”? How much revenue do you bring in per hour?
  3. What type of data do you primarily produce? For example, office documents, images, publications, audio, video, etc? Or more data-driven, email, CRM data, web data, etc.?
  4. Where does your data reside?
  5. What is your recovery time object?
  6. What is your recovery point objective?

Answering these six simple questions can help you determine what type of data backup strategy your organization would be best suited for.

There are a ton of backup solutions on the market, which is fantastic. However, there are really only three main methodologies to data protection employed today:

Image Backups

Think of this as a picture of the entire dataset at a moment in time. This is useful in the event that there is a catastrophic failure, like a fire, a server crash, or some other major event that requires rebuilding the infrastructure. This method offers quick recovery but can be more expensive to deploy.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

File and Folder backups

This is what people normally think of when they hear backup. This is the one-by-one copying of files from their original location to another location. This is the most common way to do “backups” and is good for scenarios where files are lost, deleted, infected with a virus or some other scenario where you just need to be able to retrieve that copy.

This method is often the least expensive method but is time-consuming to recover if a lot of data needs to be restored. However, is very efficient for restoring small sets of files, which is the most common type of recovery needed.

 

Infrastructure Redundancy

This is a more complex combination of the previous two methods, where the entire dataset, including the server operating systems and all, are copied around to multiple locations in a way that ensures full redundancy of the data and your access to it. Certainly the most expensive, but the best method for ensuring maximum business continuity.

Every solution on the market is some version, or combination, of these three main methods.  

To determine the best strategy for your business or organization you need to get the best answer possible to those first six questions.

Just an Example

Let’s say you’re a small organization of 10 employees. Your organization brings in $150,000 a month and your costs are $100,000 a month. Your team works an average week in terms of hours and most of your work is done on spreadsheets and word documents. You have a “machine” in your office that you store the bulk of your data on. That device is shared but everyone still stores the files they work on regularly in their my documents folder. 

Sound like you?

Ok, so we answered the questions (from above), let’s do some basic math:

(Monthly Costs/Average hours per month) + (Monthly Revenue/Average hours per month) = Hourly Downtime Cost

The above scenario would look like this: ($100,000/180) + ($150,000/180) = $1389 per hour.

This is the dollar amount of a disaster. And while it’s a gamble (to say the least), the consequences can get even more severe than a dollar amount.

For a Michigan Dr’s office, a disastrous ransomware attack even went even as far as costing the future of the practice.

Hardware can be replaced. Software can be replaced. Data cannot. Not without some form of backup, disaster recovery/business continuity strategy. There are, literally, businesses that have closed or been severely hampered by not putting any focus or investment in business continuity, and no one wants to redo something they spent all day on. This is one constituent of your IT budget that you want to spare no expense.

Eric Hubbard

Project Manager, ITonDemand

Other Articles You Might Be Interested In:

What to do about Windows 7 End-of-life

What to do about Windows 7 End-of-life

Windows 7 End-of-life In case you are unaware -- Windows 7 is coming to an end. Microsoft has planned for this for a long time. However, most users have not it seems. According to web analytics vendor, Net Applications, Windows 7 actually saw its user share increase...

read more

ITonDemand was created over a decade ago to help support businesses and organizations IT services.  We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do.  We make your IT work for you.

1423 Powhatan St, Alexandria, VA 22314

233 SW 3rd St, Ocala, FL 34471

info@itondemand.com

800-297-8293