Email Security Tips

In this line of business there’s always something new; a new product, a new service, a new technology. One of the few things however that hasn’t changed is spam emails.

There was a bit of a golden age of email, that ended about two years ago. It was after the terrible period when email was so riddled with spam and malicious links that the only effective way to combat it was to to simply block or ignore all email from anyone you’ve never previously received email from. Effectively creating your own personal list of allowed senders.

Then our email providers got smarter, spam filters got better and spam for the most part became much less of a hassle as our email providers were quietly delivering the emails that it knew we didn’t want to our Junk or Spam folders.

Then came Phishing.

Truthfully the war between those trying to protect our digital lives and those trying to exploit it never ended. It’s a perennial cat-and-mouse game, a see-saw which will inevitably move the balance of power back and forth over time. We are currently in a time where that power has unarguably shifted out of our favor.

Phishing emails, or worse yet, Spear-Phishing emails are those that specifically target you or users like you, and attempt to trick you into divulging sensitive information or directly extract money for the benefit of the bad-actor. They’re more prevalent today than ever and there’s no easy way to prevent them. There are some things you can, and absolutely should do to protect yourself (and others) from these emails.

1. Enable Multi-Factor Authentication

Whatever service you use for email, it should give you the option to enable multi-factor (sometimes referred to as two-step) authentication. The most popular providers do (Gmail, Outlook.com, Yahoo, AOL), if your provider doesn’t you should very seriously consider changing providers.

Multi-Factor Authentication or MFA is a security feature that asks for not only a password to access your account but also some other piece of information that only you should have. Typically this is a code sent you during the login process.

For reasons beyond the scope of the blog post you should avoid using the SMS option and always choose using an authentication app if given the option.

2. Pay Attention

The reason spam and phishing emails continue to be sent is because they continue to be effective. People click on them and type in their passwords. The best thing you can do is be suspicious. Don’t trust the name displayed in the “from” field, check the email address itself. If the email is asking you to take some action verify it with the requester first with a quick phone call. If the email is asking you to update a password don’t click the link in the email, go to the website yourself in another tab. A good rule is to not click on links inside emails and don’t download attachments from people your don’t know and are not expecting.

3. Use an Email Security Service

We’re back to the days when typically the email service you’re using isn’t going to be sophisticated enough to protect your from spam and phishing emails. There are companies that have the ability to detect spam and phishing emails, warn you of the potential danger and in some cases remove the email even before it hits your inbox.

Another feature some of these services often include is training for users. They can send fake spam and phishing emails so that users learn to be more discerning, and provide training for users who fall prey. They also can provide reports so you know which users may need additional mandatory email security training.

These services are only available for businesses and typically incur an additional charge per user per month but they are well worth the time and frustration they save.


Worried about email security at your company or organization? Give us a call and let’s work on a solution together.

Cryptojacking: Hackers Don’t Always Want Your Data

Among the various cyberthreats that currently exist, there is an increase in the number of systems that are being hacked for the purpose of cryptomining.  Cryptomining, also known as cryptojacking, which is the illicit  mining of bitcoin and other cryptocurrencies using compromised systems is rapidly replacing ransomware as the exploit of choice. Hackers are exploiting systems in order to use that computer processing power, storage, and memory to earn cryptocurrency by running programs that mine cryptocurrencies.

The cryptojackers can access your systems through all the standard means of breaking into vulnerable systems that don’t have appropriate security updates. Even network devices like your home router, cellphones, and internet of things devices (like Amazon Echo and Google Home; or a smart fridge or tv) can be susceptible to being exploited. And in the process, they can run up your electricity bill.

You may not know that you’ve been hacked, other than system performance slowdowns (when noticeable) and higher electric bills. The usual ransom notes, or markers of stolen passwords or credit card numbers are not present, because they are not necessarily trying to access your personal data. Moreover these hackers try to avoid detection for as long as possible to increase their potential earnings.

While the primary purpose of the hack is not to steal your data, you still face a threat if someone has compromised your network to perform cryptocurrency mining. It still represents a breach of security and the hackers can at any point maliciously target your data or systems. Additionally, the stealing of your computing resources could adversely affect the operations of your systems, and thus your business.

To limit your exposure to cryptocurrency mining hacks, keep your servers and computer systems up to date. Penetration testing can identify any vulnerabilities in web-based custom applications that you use. As a managed services provider and Miami IT consultants, we keep clients’ systems safe and design solutions that protect the systems and data of businesses. Call us for cybersecurity assessments.

Invizio Co-Founder Kevin Michael to Appear on Entrepreneurship Panel at Johnson & Wales University

On March 21st, the Johnson and Wales College of Business is hosting its spring conference titled Innovation, Information & Inclusivity: Driving Business in the Digital Era. 

Invizio co-founder Kevin Michael will be speaking on a panel about entrepreneurship with Roger Duarte, B.S., Founder and Chairman of George Stone Crab and Co-founder of MyCevicheMadeleine Daryadel, B.S., Partner and President of WeddingQuickQuoteValentina Villarubio, M.B.A., Owner & Creative Director Dopodomani; and Daniel Rotenberg, M.B.A., Managing Director at Ocean Lane Capital.

Suzan McDowell of Circle of One Marketing will deliver the conference’s keynote address.

Follow us on Instagram and Twitter for pictures and updates from the event!

 

 

 

Five Reasons Why You Should Upgrade to Windows 10

On, July 29, 2015 Microsoft released its latest operating system, Windows 10. This came 3 years after the release of their prior major operating system, Windows 8. Windows 8 was widely panned by the tech journalist community but mostly by the general public who never understood the Start Screen and tiles paradigm. As someone who used Windows 8 from the very beginning, I understand mental acrobatics required to successfully make the shift from the user interface of Windows 7 to Windows 8 (I made the transition fairly easily by mostly ignoring the Start Screen).

Microsoft has acknowledged the fact that many users and most importantly many business customers actively avoided moving to Windows 8. Microsoft took the best parts of Windows 7 and Windows 8 and left out the worst parts of each in crafting Windows 10. As someone who regularly has conversations with people about their computers, I understand the trepidation users have about upgrading their computers. To both the users who upgraded or bought a new PC only to be greeted with the dreaded, Start Screen and the user who is completely comfortable and satisfied with the familiarity and stability of their Windows 7 PC, what follow are five reasons why you absolutely should upgrade to Windows 10.

1. Windows 10 is free*

Microsoft made Windows 10 a free upgrade for everyone who has a computer running Windows 7 or higher (Windows 7, Windows 8, Windows 8.1). Microsoft wants to avoid what happened with Vista and subsequently with Windows 8 where users, en masse avoided buying new PCs or upgrading to the latest operating system. Microsoft wants to get as many people on the same operating system as possible, so for the first year Windows 10 will be a free upgrade that users can simply download and install.

2. Windows 10 is familiar

Compared to Windows 8, Windows 10 has many similar features to earlier versions of Windows, making it more familiar and intuitive to use.

3. No More Start Screen*

For most users, they will never see the dreaded Start Screen again, Windows 10 brings back the more familiar Start Menu

4. No More Charms Bar

5. Windows 10 is the last version of Windows

Microsoft is moving to a model where Windows is delivered more like a service than as a product. This means that once you have Windows 10 you will receive updates on a regular basis that provide security patches, stability improvements and new features automatically. Microsoft will stop issuing such updates for the older versions, so those version will not be as secure or efficient to use.

If you are hesitant about making the upgrade, contact us and we can help you make the transition.

CryptoLocker Malware

What you need to know to keep your computer secure.

As technology and computer’s advance, so do the viruses, trojans, and malware that plague your operating systems. Perpetual updates to anti-virus programs, malware scanners, and firewalls usually keep up with these nefarious activities, but one such malware has proven to be resistant to security updates. The now infamous CryptoLocker is a ransomware trojan which targets computers using Microsoft Windows. The malware appeared in September of 2013.

A CryptoLocker infection can be acquired from various sources. The most common is from an email attachment. When a computer is infected and CryptoLocker is initiated, the malware encrypts files stored on your PC’s local, mounted, and even networked drives. Your files are encrypted by using an RSA public-key cryptography, which means that the key to access your files is stored on the CryptoLocker’s server. Visit bitcoin code German to see how it operates. When your computer is infected, a message will appear offering you the ability to decrypt your data with a payment through BitCoins or other types of coins and cryptocurrency (find more information at https://ethereumcodebot.com/). Additionally, you must pay the ransom by a deadline or risk losing the deletion of the private key and therefore losing access to your private files. If the deadline is missed, CryptoLocker offers to decrypt the data for a much higher ransom.

Here’s what you need to know:

– Always avoid email attachments from unknown senders.
– Back up your PC files consistently.
– Avoid storing passwords, sensitive financial data or other personal information on your computer.
– If CryptoLocker infects your PC, removing the malware itself will not give you access to your encrypted files.
– If your computer is infected, do not try to connect a storage device to recover your back up files.
– Most users report that paying the ransom will allow you to recover your files.
– Consult an IT professional if your computer has been infected with CryptoLocker.

With these general safety tips, most users can avoid common viruses and malware. In the event of a computer or network infection, please call our help desk immediately at 1-888-930-1117.