Office365 “Non-Delivery” Phishing Scam

Office365 “Non-Delivery” Phishing Scam

Below are two emails alleging to be Office365 informing the recipient of undelivered messages.  Can you spot which one is the phishing scam?

 

Email 1

Email 2

If you guessed that Email 1 is the phishing scam, you are correct! 

In a new phishing scam targeting Office365 users, hackers are attempting to steal login credentials to infiltrate business’ systems. When the user clicks “Send Again”, it takes users to a fraudulent Office365 login screen. After the information is entered, the site redirects to outlook, leaving the user believing they are in no danger.

This is an example of a high-level phishing scam. 

Quick Ways to Identify Phishing Scams

1. Always look at the URL

If the URL looks in any way incorrect, don’t enter your account information.

If redirected in this case, the URL on the fraudulent landing page is incorrect.

2. Specificity

Phishing scams will generally omit specific names, addresses, or titles and use phrases like “Dear User”

In this case, the email says “Your messages couldn’t be delivered” rather than “Your message to email@address.com couldn’t be delivered.”

3. Display Name

Make sure that the display name matches the URL from the email.

In the fraudulent email, the address is sent from the URL us.ibm.com, rather than as from Microsoft Outlook. 

What can you do?

“Education and vigilance are the best line of defense against these types of attacks,” said Steve Condit, Director of Partner Development for ITonDemand. Keeping you and your staff informed on what to look for is the most effective way to stay secure. 

If you have fallen victim to this scam, the best course of action is to make sure you change the affected passwords as well as any accounts or applications that may have been connected to the affected email address. 

If you still have concerns on how to keep your business secure, contact us here.

Other Articles You Might Be Interested In:

Two IT Shifts That Will Impact You in 2019

Two IT Shifts That Will Impact You in 2019

Knowledge is power. Every year brings changes and developments in technology. We, at ITonDemand, are continuously focused on providing the highest quality service and a comprehensive security solution. This means looking ahead proactively for how these developments...

read more
Are You Operating a Data Silo?

Are You Operating a Data Silo?

Clear communication within your company is important. Clear communication with your clients is vital. If you are operating in a "data silo" you are muddying the communication both internally and externally. But are you operating a data silo? You may not even...

read more

Have a Question?

How would you generally categorize your question?

Is My Home Network Secure?

Is My Home Network Secure?

When you’re at work, you access your email, documents, financials, and so on with a certain level of assurance of security. You probably didn’t set up that business network though.

In a Gallup survey of 15,000 people, 43% cited some remote work. Of those working remote, how many don’t consider the security of their home network?

Most homeowners stick to the basics with their home network; functionality. After all, if it isn’t broke, don’t fix it.

But between online shopping, bill payment, and your client’s sensitive data, do you actually know if your home network secure?

Here are four steps you can take to make sure it is.

Change your router login

When you move into a new home, it’s exciting. You’re redecorating and getting your new accounts turned on and getting your cable and internet hooked up. The last thing on your mind is changing the login credentials of your router.

If you are using a router setup by your ISP, it’s likely that both your username and password are admin.

This is a serious security issue if left unaddressed. Unique login credentials are a basic line of defense.

To change your login:

  • Access the login screen to your router by entering the IP address of your router into the search bar.
  • Login using username and password found on the back or bottom of the router.

(Probably admin and admin)

  • Under Security Settings, select User.
  • This should bring you to a prompt to change the password.

While most routers are similar if you have issues contact your ISP for specific instructions.

Enable WPA2

Enabling WPA2 means that the data you share over your wireless network is encrypted. This protects sensitive information that may be transmitted.

You can use either WPA2 – Personal or WPA2 – Enterprise. Each has their strengths and weaknesses. If you are less tech-savvy, personal will work just fine for you.

To turn on WPA2:

  • While logged into your router, select the network you wish to change.
    • Either 2.4 GHz or 5 GHz
  • Under Basic or Security, select the encryption type you want to use.

Disable Your 2.4 GHz Network

Lower frequencies travel longer distances. This is why you can see your neighbors wifi and their clever network names. The only problem with this is that if they can see it so can potential hackers.

The 5GHz network is a more recent development. Because it operates at a higher frequency, it is limited by solid walls and won’t function outside of a home. Not all devices are compatible with a 5GHz network, such as iPhone 4s and earlier and even some tablets. Although, if you do a lot of streaming, you’ll enjoy faster speeds with 5GHz.  

To disable your 2.4GHz network:

  • While logged into your router, select 2.4GHz network.
  • Under Basic, select Disable 2.4GHz Wireless

Firewall

Firewalls are a front line of defense in network security. They limit traffic based on security rules. Most wireless routers come with some form of firewall. However, it may not be enabled by default.

To turn on your router’s firewall:

  • While logged into your router, select Access Control.
  • Select Firewall.
  • From the menu, you can select the level of security from the firewall.

    Better Safe than Sorry

    At ITonDemand, we are fully committed to secure systems, wherever they may be.

    Don’t neglect your home network. It may be out of sight, running peacefully in the background. But, it is a vital part of your data security.

    Other Articles You Might Be Interested In:

    Two IT Shifts That Will Impact You in 2019

    Two IT Shifts That Will Impact You in 2019

    Knowledge is power. Every year brings changes and developments in technology. We, at ITonDemand, are continuously focused on providing the highest quality service and a comprehensive security solution. This means looking ahead proactively for how these developments...

    read more
    Are You Operating a Data Silo?

    Are You Operating a Data Silo?

    Clear communication within your company is important. Clear communication with your clients is vital. If you are operating in a "data silo" you are muddying the communication both internally and externally. But are you operating a data silo? You may not even...

    read more

    Have a Question?

    How would you generally categorize your question?

    5 steps to protect yourself from phishing scams on Cyber Monday

    5 steps to protect yourself from phishing scams on Cyber Monday

     

    Cyber Monday is filled with online deals on products and electronics.  But did you know, Cyber Monday poses the biggest security threat to your data through phishing scams?

     

    Opportunistic hackers regularly use heavy online days, like Cyber Monday, to launch phishing scams. 

    Here are 5 steps to protect yourself:

     

    Don’t Click That Link

    Refrain from clicking any links or download any attachments in the suspicious email. Instead, open up your web browser and go to the website in question by typing it into the URL bar.

     

    Read The URL

    Phishers are known to use company logos and write in a matter that seems legit.  The URL link often times will be very close to the actual site URL with a minor misspelling or change.  If you notice a link that is close but not quite right you could be redirected to a spoofed domain.

     

    Never respond to validate your account without you initiating

    If you receive an email asking you to validate a login or account, don’t. If you did not initiate a password reset or account validation then you should not receive communication.  If you are still concerned, go to the site in your browser and log in with your credentials.

     

    Never open account login email on a public wifi

    Information sent through public wifi is highly susceptible to rerouting.  This means a user may think they are logging into a site.  Instead, a user may be rerouted to a duplicate site where their login information is captured.

     

    If you can validate verbally

    Many sites are now allowing you to confirm your login or credential changes over the phone.  This is used to protect users from the previously listed dangers.  If this option is available to you, use it.

     

    All in all, vigilance will save you the headaches and pain of having your accounts hacked.  Your MSP can and should protect your business.  However, there are still precautions you should take to keep your data secure.

     

    Other Articles You Might Be Interested In:

    Two IT Shifts That Will Impact You in 2019

    Two IT Shifts That Will Impact You in 2019

    Knowledge is power. Every year brings changes and developments in technology. We, at ITonDemand, are continuously focused on providing the highest quality service and a comprehensive security solution. This means looking ahead proactively for how these developments...

    read more
    Are You Operating a Data Silo?

    Are You Operating a Data Silo?

    Clear communication within your company is important. Clear communication with your clients is vital. If you are operating in a "data silo" you are muddying the communication both internally and externally. But are you operating a data silo? You may not even...

    read more

    Have a Question?

    How would you generally categorize your question?

    Why Working at ITonDemand will jumpstart your career – Interview with Career Source

    Why Working at ITonDemand will jumpstart your career – Interview with Career Source

    Over the summer, ITonDemand was featured in an interview spot with Career Source’s Laura Burns on 96.3 The Source with Larry and Robin. We were able to discuss the in’s and out’s of our work at ITonDemand and what we look for in team members.  If you have ever thought about working at or with an IT company, this interview will give you insight on what it would be like and what is expected on the job. The answer might surprise you.

    What does ITonDemand Sell?

    We sell easy technology for businesses. Businesses want to focus on what they do. Whether they sell a certain product, insurance, or another service, they don’t want to have to focus on their technology. Partnering with us means getting to focus all of your energy on your own business’s goals and objectives.

     

    Is it unusual for businesses to need guidance when it comes to technology?

    Absolutely not. When you become our client, or as we say, “our partners”, it means you now have a liaison in the tech industry. We give you guidance on understanding your business and showing you how to build technology around your business’s unique needs.

    “When you drive your car, you don’t need to know how to fix it to drive it. You bring it to a mechanic.”

    Do you focus on your client’s main goal and build their site around that?

     

    Yes, absolutely. Our process is to identify our client’s wants and needs and leverage technology to see their mission through. From the beginning, it is all about making their business work smarter.

     

    What does the role, Director of Partner Development entail?

     

    It means making sure that we meld with our client’s company and not the other way around. As it goes with developing any business relationship, you have to start by understanding them as a business.

    “We are in the business of giving businesses the best user experience possible.”

    Then begin to grasp their workflow with technology and how they interface. Then we can learn how to guide them through their technology needs. Every business is different and every user within an organization is too. We strive to make sure that every user gets the most of technology to do their job well.

    Being partnered with CareerSource means you must be looking for new employees?

     

    Yes, we are always looking for good team members to join our growing company. We have had a wonderful experience working with Career Source and would recommend their services to any business in need of hard-working employees.

     

    What are you looking for at ITonDemand?

     

    Of course, technical experience that meets industry standards is a must but we find certain soft skills to be even more important in our line of work. We value communication skills, or better yet, translation skills in our team members because not everyone is fluent in “tech-anese”. Being able to explain issues or processes in layman’s terms gets team members focused on the end user’s experience, not their own.

     

    How many current job openings are there?

     

    As of right now, there are four jobs listed but as stated before, we are always looking and accepting resumes from those that are interested. The review process can be tough and that is in part why we use Career Source. Not every business can have a fully staffed and dedicated human resources department and Career Source steps in and provides a much-needed resource to local businesses.

    Likewise, not every small business has the luxury of having a full IT department on hand. That is where ITonDemand comes in.

    Watch the full interview below. 

    Other Articles You Might Be Interested In:

    Two IT Shifts That Will Impact You in 2019

    Two IT Shifts That Will Impact You in 2019

    Knowledge is power. Every year brings changes and developments in technology. We, at ITonDemand, are continuously focused on providing the highest quality service and a comprehensive security solution. This means looking ahead proactively for how these developments...

    read more
    Are You Operating a Data Silo?

    Are You Operating a Data Silo?

    Clear communication within your company is important. Clear communication with your clients is vital. If you are operating in a "data silo" you are muddying the communication both internally and externally. But are you operating a data silo? You may not even...

    read more

    Have a Question?

    How would you generally categorize your question?

    Are Cloud Services Secure?

    Are Cloud Services Secure?

    On google search, if you start to type in the phrase “Are Cloud Services..”, right behind “Are Cloud Services Taxable?” is “Are Cloud Services Safe?” 
    Cloud services aren’t new. In fact, “The Cloud” has been around since the early days of computing, it just went by a different name back then. I am sure some of our “wiser” visitors remember something called a “Main Frame”. This old IBM article from the 90’s does a great job of explaining, in terms of the time, what it is. Doesn’t sound much different than today’s explanation of the Cloud, does it? The main difference in today’s version of this old technology is one of scale. Here is where the question of security becomes extremely important.

    Today’s Cloud (yesterday’s Main Frame) is available not only to individuals within a company, inside their building, on their local network. It’s available, by design, to the entire world. This is both its strength, in that it has revolutionized the way we interact in every facet of our lives and its weakness. The virtues of the transparent, accessible, always on and connected cloud expose important information in a way that can be devastating. That is why the consideration of security in the cloud has some fundamental principles that you should use when you approach any cloud service.

    Cloud security isn’t one simple answer but rather a series of different aspects to observe. While there are several aspects to security, we’re going to focus on two in this article; the technology and the user.

     

    The Technology

    The first thing to consider is whether the technology itself employs key components of a secure system. The short answer, generally yes. Here are the key things to look for as telltale signs that you are using cloud services that are “technically” secure.

     

    Encryption

    An absolute must-have for any cloud technology, including websites, is encryption. Cloud services encrypt data to keep it in the right hands. What this means is that your data is run through an algorithm to hide your data from anyone trying to get ahold of it that isn’t you. If a hacker were to get ahold of your data, they would need the encryption key and even then it would take a large amount of work and time to process any of that information.

     

    Multi-Factor Authentication

    When you go to get a driver’s license or a passport, the DMV asks for two forms of identification to make sure you are who you say you are. Cloud Security uses Multi-Factor Authentication in the same way for the same purpose. To gain access to an account via a username and password, you will also need to verify your identity through an associated phone number, email account, or fingerprint.

     

    Frequent Updates and Upgrades

    Developers are constantly working to maintain and improve their platform’s security. When a developer identifies a vulnerability in their code, they will address it in the form of an “update, upgrade, or patch”. These aren’t just to improve the cosmetics of the UI, but to make you more secure. If users continuously hit “Remind me tomorrow” on necessary updates, they are putting themselves in a position to be victims of data loss.

     

    The User

    “User Error” is absolutely the easiest and most common point of exploitation to any system. Setting up solid security practices across your digital life is your best line of defense.

    It might be You, not them

    Both cloud services themselves and the settings you decide on such as password and two-factor-authentication have a lot to do with your cloud security.

    You may remember the infamous Apple iCloud hack from 2014. Hackers were able to access the personal data of celebrities and released it to the public. What you never heard from the media, however, was that Apple was never breached. Rather, the hackers were persistent enough to guess the passwords and security questions of the 26 victims.

    Following the attack, Apple increased its use of multi-factor authentication, mentioned above, to protect users, however, it didn’t make it the default setting so unless users opted-in, they were left out.

    Password Policies

    To protect yourself, have a strong password, unique to each account you have using at least 8 characters, mixing upper and lowercase letters, numbers, and special characters. Don’t use any name or number associated with your identity and change it every six months.

    Here’s a way to make any password you have more secure.

    Say your password was carnival87.

    By using alternating upper and lowercase letters, and inserting special characters for comparable letters you could make it C@rN!vAL87. Just by making those small adjustments, your password is now significantly more secure and less likely to be guessed.

     

    Phishing

    Phishing is the term for hackers that attempt to obtain information from anyone that can be tricked into believing them. Some scams even contain website landing pages that are well designed and allow you to “reset your password” and can even send you a confirmation email after the fact. 

    Learning how to identify phishing attacks and even training your staff to do so can protect your cloud accounts from a data breach.

    Ask yourself-

    • Is there something weird about the email address?
    • If I hover over a link in the email, does the URL look strange? (DON’T CLICK)
    • Are there spelling mistakes or vague pronouns like “Dear Customer“?

    Other things to remember are to not to open attachments, and don’t be fooled by an email just because it appears to be marked “urgent”.

     

    Finding what’s right for you

    Cloud services aren’t a one-stop shop. Some are built to be more versatile and accessible while others are intended for extreme security.

    All Cloud Services weren’t created equal

    When it comes to cloud storage, different services function differently. SpiderOak, for example, encrypts your data before it is sent to them and leaves the encryption key local to your device. This means it’s only accessible by you; not even SpiderOak employees.

    If you want to learn more about different services and how they function, you can read more here on TechAdvisor.

    While there are many different functions of cloud services, security needs to be thought about this way:

     

    If the answer to those questions are all yes, then your cloud services are secure.

    Other Articles You Might Be Interested In:

    Two IT Shifts That Will Impact You in 2019

    Two IT Shifts That Will Impact You in 2019

    Knowledge is power. Every year brings changes and developments in technology. We, at ITonDemand, are continuously focused on providing the highest quality service and a comprehensive security solution. This means looking ahead proactively for how these developments...

    read more
    Are You Operating a Data Silo?

    Are You Operating a Data Silo?

    Clear communication within your company is important. Clear communication with your clients is vital. If you are operating in a "data silo" you are muddying the communication both internally and externally. But are you operating a data silo? You may not even...

    read more

    Have a Question?

    How would you generally categorize your question?

    Is My Website Really Secure?

    Is My Website Really Secure?

    It’s pretty normal for someone to go weeks without looking at their own website. After all, if you know what you put up there, why would you unless you wanted something changed?

    Imagine, to your dismay, receiving a phone call or email from a long standing client, troubled by your website. You go on only to see the content on your site altered maliciously and your reputation tarnished, both personally and professionally.

    That’s not the time to wish that you had a more secure site.

    To know if your site is really secure, ask yourself these questions and if it’s not, we have 4 tools for you.

    Is it up to date?

    When a hacker tries to seize control of a site, what they look for is vulnerabilities in your sites code. They can do this in various ways but generally, it doesn’t take them frantically pounding away at a keyboard like they do in the movies.

    Just as hackers work against your site, the developers behind your site constantly work to make their code more secure. When developers find an area of weakness, they will send out updates, patches, etc. that fix the issue. If you don’t keep both your site and its plugins up to date, hackers are going to be more likely to exploit those areas.

     

    Does your site use HTTP or HTTPS?

    Sites use HTTP by default. It stands for Hypertext Transfer Protocol. HTTPS stands for Hypertext Transfer Protocol Secure. You probably see where I’m going with that.

    HTTPS is for sites that utilize SSL or Secure Sockets Layer. This means that information that is transferred between the visitor’s browser and the website’s server is encrypted. For someone to decipher the information, they would need the encryption key that is only available on the web server.

    SSL certificates are cheap, if not free with most hosting services. If you are utilizing any type of online shopping, HTTPS is a must but overall, it will make your site more secure. 

    Does your site use parameterized queries?

    This one is a little more involved but the main idea is this; instead of entering a username and password into a field, hackers can enter bits of code aimed at corrupting systems or retrieving information inside of your website. This process sets “parameters” for what can be entered into a “query”. For more information, check out this article from Microsoft.

     

    How strong are your passwords?

    I can’t believe I’m saying this but in 2018 the most commonly used password is still “123456” followed by answers like “QWERTYUIOP” (which is just the first row of letters on the keyboard.)

    Having a company-wide password policy that dictates the strength of passwords will keep your site secure from a would-be-hacker getting access.

     

    So is your website really secure?

    Ask yourself these questions and you will get your answer. There’s no one-sided answer to your security and as threats continue to evolve, your security will need to evolve with it. If you are questioning your security, check out these tools.

    Wordfence – Firewall and Malware Security

    At over 2 million downloads, Wordfence is one of the highest rated security plugins for WordPress and has over 2 million active installations. Wordfence’s free plugin blocks malicious traffic going to your site and their premium version offers more robust features.

    VIP Scanner

    VIP Scanner scans the code of your site, including all themes and files you may use to identify any potential security loopholes that may leave you vulnerable. 

    iThemes

    iThemes bans users that have previously attacked other sites by blocking their IP address.

    BBQ – Block Bad Queries

    This plugin protects websites from injection-related attacks. At over 90,000 downloads and a perfect 5/5 in reviews, this is a simple but comprehensive solution with a BBQ Pro version available.

    Other Articles You Might Be Interested In:

    Two IT Shifts That Will Impact You in 2019

    Two IT Shifts That Will Impact You in 2019

    Knowledge is power. Every year brings changes and developments in technology. We, at ITonDemand, are continuously focused on providing the highest quality service and a comprehensive security solution. This means looking ahead proactively for how these developments...

    read more
    Are You Operating a Data Silo?

    Are You Operating a Data Silo?

    Clear communication within your company is important. Clear communication with your clients is vital. If you are operating in a "data silo" you are muddying the communication both internally and externally. But are you operating a data silo? You may not even...

    read more

    Have a Question?

    How would you generally categorize your question?