Take action to avoid a devious new phishing scam

Take action to avoid a devious new phishing scam

Another day, another scam. And this is a sneaky one.

Cyber criminals are getting smarter. This recent malware threat is unusually smart. It impersonates a highly trusted brand name to get a foot in the door.

Targets receive a convincing looking email that appears to come from a widely used e-signature platform.

Attached to the email is a blank image that’s loaded with empty svg files, which are carefully encoded inside an HTML file attachment (stay with us here).

In short, it’s very clever and it’s tricking its way past a lot of security software.

That puts businesses like yours at risk. Because code within the image sends people to a malicious URL.

Open the attachment and you could unwittingly install malware onto your device – or even your network – which risks exposing your data and leaving you open to a ransomware attack.

Recently, there’s been a wave of HTML attachment attacks on small and medium sized businesses, so it’s clear that companies need to take action to stay ahead of the criminals.

If you use software to sign documents electronically, double-check that emails are genuine before opening any attachments.

There’s a reason why the criminals have chosen to impersonate a trusted name.

Taking things a step further, you could block all emails with this type of attachment, to prevent employees from being exposed to scam emails in the first place.

If you’d like any further advice, or help implementing extra security measures, get in touch.

Published with permission from Your Tech Updates.

When did you last have a health check?

When did you last have a health check?

How’s the January health kick going?

Lots of us take our health seriously – once a year, anyway – and it’s good to spend time thinking about whether you’ve been looking after yourself (and better still, doing something about it).

Your doctor would probably like to see you once a year for a health check, just to pick up any small problems and stop them getting worse.

It’s exactly the same principle with your technology.

So why not book in for an IT check-up, to make sure everything’s in great shape for the journey ahead?

You do this for yourself, you do it for your car, and it’s a good plan to think the same way about your workplace tech. Because it might have to work pretty hard in the year to come.

Getting everything checked out now will pay dividends later.

We’ll help to pick up any minor-but-urgent fixes that could help prevent a disastrous breakdown in a few months’ time. Sometimes a simple software update will speed things up dramatically – which means less time watching the egg timer!  

If there are bigger, but non-urgent jobs that you can safely leave for another day, we’ll tell you that too.

And if you’re all good to go, you can carry on with confidence.

It may even be a great time to think about new technology and prioritize your IT projects. Do you know what you need to prepare for if you want your system to develop as your business grows? That could be something as simple as switching to cloud storage, or it could be a larger project, such as digital transformation.

Our experts carry out top-to-toe IT health checks for all kinds of businesses, and we’ll give you honest, jargon-free advice on the best solutions for a trouble-free tech set-up.

To book your check-up, get in touch.

Published with permission from Your Tech Updates.

Are your younger employees experiencing ‘tech shame’?

Are your younger employees experiencing ‘tech shame’?

It seems that Gen Z and even some Millennial employees are less tech savvy than many employers might expect. It’s an assumption that’s leading to a sense of ‘tech shame’.

Younger workers may have grown up using Snapchat, TikTok and Minecraft, but they’re not always equipped with the skills they need to adapt to the workplace.

A recent study has found that one in five employees aged 18 to 29 feel judged when they encounter technical issues at work. That’s compared to just one in 25 employees aged 40 or over.

The solution may lie in providing better training, not just for younger colleagues and first-jobbers, but for the whole team. Some Gen Z workers may have started their careers during the pandemic. That means they will never have experienced anything other than a digital working environment. Especially if they work remotely or in a hybrid role.

As well as fixing any skill gaps there may be, whole-team training can provide a much-needed confidence boost for young employees.

Another consideration is the provision of tools and devices your team has access to – especially if they’re working remotely.

Younger workers with less available income to spend on home office equipment may be less likely to speak up if they’re struggling.

Simply checking in with employees – particularly if they’re not in the office – can make a big difference to their engagement, productivity, and confidence. If there are any issues, big or small, find a way to put them right, and you’ll notice a positive shift in the whole business.

If you’d like any advice about tech shame or help with training, boosting efficiency or sourcing equipment, we’re here when you need us. Just get in touch.

Published with permission from Your Tech Updates.

A little trust can go a long way

A little trust can go a long way

Countless employers still don’t trust their people to do their best work unless they’re physically in the office. But while managers may be struggling to adjust to our new hybrid world, this perception is a long way from the truth.

Research from around the world reveals that greater flexibility from remote and hybrid working often results in a major boost to productivity. Yet still some firms are bringing back an office-only policy.

Employers may be grappling with the fallout of the last few years and hoping that a return to the office will result in a post-pandemic productivity boost.

But seeing as hybrid workers show improved morale, greater creativity and better collaboration (compared with pre-pandemic levels), this could be a big step in the wrong direction.

Big Brother will never be popular

Some businesses have increased their employee monitoring to try and track performance. But this is often perceived as a Big Brother tactic that ends up having the opposite effect – a drop in productivity, a lack of trust, demoralized teams, and a greater feeling of ‘us and them’.

All businesses need to understand how they are performing and decide which metrics give the best insight into productivity. But this has to be done in a way that doesn’t leave employees feeling like cogs in a machine.

So what’s the answer?

There is some clear advice for building a productive and successful hybrid environment:

  • Encourage people to work in the way that’s best for them
  • Find the right ways to measure performance – without people feeling like they’re constantly being watched
  • Automate repetitive tasks to free up your team’s creativity
  • And provide everyone with the tools and tech they need to do their job properly. That could include choosing the right devices, using communication tools that aid collaboration, and making the right connectivity choices.

We can help with all of this.

So if you’re having trouble adjusting to a hybrid world, get in touch – we’re here to help.

Published with permission from Your Tech Updates.

Windows is the prime target for cyber criminals

Windows is the prime target for cyber criminals

With its huge dominance in the workplace, Microsoft’s Windows has become the prime target for cyber criminals. They’re looking to access your information, disrupt your business, or hold your data to ransom.

Tens of millions of attempted malware attacks were discovered throughout this year, and a massive 95% of those threats were targeted at Windows.

The vast majority of attacks are unsuccessful, but those that do succeed can create havoc for the affected businesses. So you need to be sure that you’re taking all possible precautions to protect your business and your data.

  • Hardware and software companies release regular updates to address threats to Windows users, as well as security patches designed specifically to deal with new risks. These should all be installed as soon as they become available.
  • Your people should be regularly trained in how to spot cyber security threats and what to do if they suspect one.
  • And because it’s not possible to protect every business from 100% of all threats, it’s also important that you have a strong resilience plan in place.

This should detail exactly how your business should react if it falls victim to a cyber attack and who should be notified to take action. Everyone in the company should have access to this document and know to report any potential attack as quickly as possible – that’s the best way to lessen its impact.

If you have an IT service provider, they’ll be able to make the best recommendations to keep your business safe and secure, train your people, and even provide monitoring to spot any potential danger before it becomes a problem.

This is something we do every day. So if we can help your business become more resilient, just get in touch.

Published with permission from Your Tech Updates.

When can you finally forget your password?

When can you finally forget your password?

Passkeys are set to take over from traditional passwords to give us a safer, more secure way of logging into our online accounts.

That will be a major step forward for online security, and it’s gathering pace quickly with more and more big names adopting the technology. So how long will it be before we finally wave goodbye to the password?

This new tech has long been supported by the FIDO alliance – an organization of big tech companies including Apple, Google, and Microsoft – in the hope that it could eventually kill off passwords completely.

These megabrands are already rolling out passkeys on some of their applications. But now some of the big names in password management software are getting in on the act, too, which is likely to speed things up even further.

Passkeys work by creating and storing credentials on your phone, which only you can access. These are called private keys and they’re authenticated by the biometrics you use to log in to that device – your fingerprint, or your phone’s facial recognition system.

When you log into an account, the site will create a public key which then requests your private key. Your matching passkey gives you access to your account, just like a password.

Password managers let you create and store complex passwords, meaning you always have a strong, unique and unguessable password for every site.

But the adoption of passkeys by a growing number of traditional password managers is likely to accelerate the move.

We’ve spent years implementing strong passwords. Will we miss them when they’re gone? Probably not…

Any move towards stronger security is always welcome and we don’t think it will be too long before most online accounts are using passkeys.

If you’d like any help to keep your business secure in 2023, get in touch.

Published with permission from Your Tech Updates.

Are your people Christmas shopping from work?

Are your people Christmas shopping from work?

Almost half of people with social media accounts have admitted to falling for shopping scams. So if members of your team are doing a little last minute Christmas shopping from work, how can you be sure your business is protected?

New research shows that a massive 47% of people have clicked on links hoping to get a great deal, and instead ended up giving financial and personal details to cyber criminals.

That could mean they’re not only putting their own data and money at risk, but your device – and even your network – could be exposed, too.

It’s not just shopping scams that are fooling people online. Phishing links have tricked 36% of people into revealing personal data. Phishing is where you get an email that seems to be from a person or brand you trust, but it’s not.

The same number have fallen for gift card scams – that’s where criminals gain victims’ trust and persuade them to buy gift cards or online vouchers.

If an employee clicks a malicious link or downloads an infected file using their work device, the results for a business can be devastating. The risks go beyond the loss of data and reputation. The cost of downtime while you get going again is enough to put many people out of business for good.

So how can you protect your business against this kind of scam – right now, and throughout the year?

As well as having the right cyber security tools in place – such as firewalls, antivirus software, and strong password management – you should stay focused on training your people. Because your best line of defense is a team that recognizes a threat when they see one.

Make sure they’re aware of the latest scams, and that they know the warning signs to look out for. Advise everyone to check that links are genuine, websites are the real deal, and be suspicious of offers that look too good to be true.

And have a strong plan in place that kicks in the moment a security breach is spotted. Employees should all know to report any incidents immediately, and who they should inform. Acting quickly often lessens the impact of a data breach and makes it faster and less expensive to fix.

As always, if you’d like further help or advice, get in touch.

Published with permission from Your Tech Updates.

Zoom wants to be the new Teams

Zoom wants to be the new Teams

You think Zoom, you think video calls. For millions around the world, it’s a tool they rely on at work every day.

But for productivity, collaboration and workplace integration (as well as video calls), it’s Microsoft Teams that’s leading the way. Its tight integration with other Microsoft 365 services makes it so easy.

Now Zoom is looking for a piece of that action with the launch of a whole suite of features and services. They’re clearly designed to take on Teams and Slack head-to-head.

These will include email, a calendar app, and a virtual co-working space called Zoom Spots. Meanwhile a bunch of upgrades to the Zoom One platform are aiming to improve collaboration, keep chats flowing, and keep projects moving.

While it feels like a logical step for the video conferencing giant, it remains to be seen how widely adopted the new services will be. And before we recommend it to our clients, we’ll want to know that the levels of support, reliability and security are all bulletproof.

Many businesses are already committed to Microsoft Teams, which releases its own improvements almost on a weekly basis. But this is an interesting new development and we’ll be watching what happens carefully.

If you want to know more about the best tools to keep your team working smoothly together, just get in touch.

Published with permission from Your Tech Updates.

Why you will not be fine on this Cloud9

Why you will not be fine on this Cloud9

We go to a lot of effort working to protect our clients from online security threats. These could come in the form of key loggers that record you as you enter your login information, or DDoS (Distributed Denial of Service) attacks, which overwhelm a service with fake traffic, causing it to crash.

As part of our service, we always advise our clients to install software updates as soon as they become available, and support them through the process where they need help.

But if you visit a website that asks you to install an Adobe Flash update… STOP!

Flash itself was actually discontinued in 2020 and is no longer supported, so you should assume that any Flash update messages will be a security threat.

Currently, fake Flash messages are being used as a cover for a new ‘botnet’ campaign that installs a malicious browser extension, called Cloud9. If you use Google Chrome or Microsoft Edge you could be a target.

A botnet forms a group of infected devices that are controlled as one, without the owners’ knowledge, stealing sensitive data, sending spam, or performing DDoS attacks.

Worse still, the Cloud9 botnet will attempt to install additional malware to your device or network if it’s not stopped in time.

This type of attack is hard to spot because it looks like a genuine request, and just about anyone can become a target.

But there are things you can do to protect your business.

First, make everyone aware of the threat. If your people know what to look out for it’s less likely they’ll install the update in the first place.

Next, make sure everyone’s running the latest version of their browser and that security software is up to date.

Finally, enable Enhanced Protection in your browser’s Privacy and Security settings. This will give you a warning if you stumble upon a risky website or download.

We can help you keep your business protected from cyber criminals. Just get in touch.

Published with permission from Your Tech Updates.

Are you losing hours each week setting up video calls?

Are you losing hours each week setting up video calls?

You could be losing a full-time working week for every member of your team, thanks to the hassle of setting up video calls.

Video conferencing has revolutionized team meetings, and saves a huge amount of travel time. But we’re still not getting the full benefit from the new technology, according to new research.

Employees aged between 18 and 24 take up to 10 minutes to get set up for each remote meeting.

Times that by a typical five meetings a week, and it’s suddenly lost you 40 hours every year. That’s a whole working week of wasted time – a figure that gets even higher when you look at older age brackets.

It isn’t necessarily a result of differing technological know-how. The research shows that employees blame the tech itself for the loss of productivity.

Almost a third of people said they didn’t have the right tools for the job, and 23% even said they felt excluded from remote meetings thanks to inadequate tech.

Employees often feel that the audio-visual (AV) technology they’re provided for remote and hybrid working simply isn’t up to the job. That means poor microphones that don’t play ball, jittery webcams that interfere with communication, or the wrong choice of video calling software. All that makes meetings harder to set up and causes them to take longer than they should.

Despite this, businesses that offer remote and hybrid working are reaping the rewards in many other areas, including staff engagement and performance.

But there is a solution.

Assess your employees’ AV technology to make sure their tools are not slowing them down – new webcams and microphones could be a cheap and simple fix.

It’s also a good idea to ask your employees to find out where they see that problems are occurring. If they are finding your existing system difficult to use, or slow to log in to, you should consider alternative options or better training.

If this is something that’s slowing you down, we can help – just get in touch.

Published with permission from Your Tech Updates.