ITonDemand Blog

Technology news, alerts, and insights.

Don’t Fall for This PayPal Invoice Scam

Be careful about a PayPal invoice scam that has been showing up in personal and business email accounts. It combines a fake payment request using PayPal’s legitimate invoice tool and uses the “seller note to customer” section to offer a fraudulent help desk number. The scam is designed to target people who might pay upfront or call the number listed. This latest scam...

What Is Social Engineering and How Do You Stop It?

Social engineering has been gaining awareness in recent years, leaving many people wondering how to stop it. According to Purplesec's 2021 report, an alarming 98% of cyber attacks rely on social engineering. 71% of attacks involve malware, most of those happening by email. It's a standard method of attack that has affected most industries and has continued to grow in...

How to Stop a Scammer Before It’s Too late

You want to know when you have a virus on your computer as soon as possible.   If you are unaware of a virus, you lost all your important files. One virus could your photos and digital life. Even thinking about it is terrifying.   All scammers know we’d be lost without our computers. We don’t always know what’s going on behind the screen. This is why they’ve been able...

Hackers Begin Targeting VPNs as the World Moves Remote

A few weeks ago, VPN use was limited, compared to today. Tens of thousands of businesses have moved exclusively to VPNs in the past week posing a unique security vulnerability and opportunity for hackers. In an alert issued March 13, the Cybersecurity and Infrastructure Security Agency (CISA), a department of Homeland Security, encouraged organizations to adopt a...

LookBack Malware Targets Utilities Companies

Lookback Looks to Shutdown Us UtilitiesThe U.S. utilities sector is starting to see higher levels of spearphishing attacks using “LookBack” malware.  According to a security researcher, spear phishing email campaigns have been identified containing the malware initially targeting three major US utilities companies. The fraudulent emails impersonate a U.S.-based...

Phishing Emails Disguised as Office365 File Deletion Emails

Threat Level: High A recently-discovered phishing scam pretending to be from the "Office 365 Team" is trying to trick users into their log-in credentials. The alert notifies the user of an unusual volume of file deletions and urges users to review the activity. When redirected, the users are encouraged to log-in to a page that is hosted on Azure, increasing the perceived...

Beware of TrickBot

Malware attacks are on the rise, but thankfully, so is the vigilance of individuals and IT MSPs.   However the next big threat is on the horizon. On March 14th, the Cybersecurity and Infrastructure Security Agency, a unit of the Department of Homeland Security, released a report on malware called TrickBot.What Is Trickbot?No matter how secure one might think their server...

Does This Email Smell Phishy to You?

How To Identify if an Email Is a Phishing Attack91% of all cyber attacks are delivered through an email. A company of 5,000 employees will receive an estimated 14,400 malicious emails per year.It’s not abnormal to receive phishing emails. It’s only dangerous if you fall for the bait. So how can you tell a phishing scam apart from a task that needs attention? Look at the...

Office365 “Non-Delivery” Phishing Scam

Below are two emails alleging to be Office365 informing the recipient of undelivered messages.  Can you spot which one is the phishing scam?Email 1Email 2Quick Ways To Identify Phishing Scams Always look at the URL If the URL looks in any way incorrect, don’t enter your account information. If redirected in this case, the URL on the fraudulent landing page is incorrect....