fbpx

Has Your Email Been Hijacked?

A common complaint by many users in recent months has been spam emails appearing to come from their own accounts. Despite not knowing why, reports of friends, family, and contacts receiving spam email that appears to come from them has worried many people.

Some have had their accounts suspended or shut down by their service providers as a result. For many, this experience can be highly disruptive. It’s a problem that can cause many issues in both your professional and personal life.

The key to defense is learning how these attacks happen, and figuring out what you can do to protect yourself and your contacts against them.

 

Email security Staffordshire

Hackers Using Your Email Against You

Scammers that send out spam messages are continually looking for ways to make the process faster, cheaper, and more efficient. It’s the best way in which they can make more money every day by scamming unsuspecting victims for even more cash.

One of the most efficient ways they do this is by hijacking ready-made, trusted email accounts like your own. Hackers have several tools at their disposal to attempt to hijack your accounts.

Some of the principles which make email fast and easy to use means that details, such as those in the ‘from’ field, are easy to fake. A hacker might change the information supplied to make it appear as if the email comes from anyone.

There’s not much you can do to defend your email against such an attack. However, you can work to verify that an email, even one you expect to receive, does come from the person you believe it to. If your email provider flags up an incoming email as ‘suspicious’, or ‘untrustworthy’, it may well be.

Stolen Credentials

Hackers often buy large bundles of email addresses and passwords from the dark web. Leaked emails are often put up for sale following hacks of major companies and service providers.

The value of these details comes from passwords being unlikely to have been changed, the details attached to them are trusted, and often get hackers access to additional services too.

How To Detect an Email Intrusion

It can take a long time before you’re aware that malicious hackers are using your details. You might even be the last person in your contacts to know.

The first sign to look out for is a large number of unexpected emails in your inbox. These are likely to be replies to emails you never sent in the first place. Out of office, automatic responses, people complaining about spam, and people responding to the email as if it were genuine may all come to you first.

Keep a close eye on unexpected emails appearing suddenly in either your inbox or outbox. A hacker may be spear-phishing someone that you do business with or trust. By acting as you, using your address and details, they may be able to divert payments or confidential information to their accounts instead.

Protecting Yourself Against Hackers, Attackers, And Hijackers

Sometimes your computer might have been compromised to give hackers access to your services. Malicious software may have infected your machine to steal data and infect your contacts.

Take extra care to change your passwords if you believe your email has been accessed by hacker. Use a different, more secure password for your email than you do for every other service. Your email account is often the key to accessing many of the services you use most.

Run a virus scan and maintain security updates if you think your computer could have been infected. Have your machine and services looked at by a professional if you believe there is a risk your data is being used.

If you think your email could have been hijacked, or your details used elsewhere, give us a call at 01543 889 444 to clean up today.


Invest Well in Your IT Security

“If it ain’t broke, don’t fix it” is a common and useful rule for many business owners. It serves to protect your business against unnecessary costs and unneeded downtime. While protecting your business against many types of danger, it poses an outright threat when it comes to IT security.

Security threats to your firm move so fast that your IT should be working twice as hard as your company just to keep up. Every day, hundreds of thousands of new malware threats are released. Falling even hours behind means any one of these attacks can threaten your business.

The single most dangerous thing IT security can do is stand still. Keeping up with the latest advice, technology, and updates the security industry offers is vital to keep your business safe. This makes up much of the unseen job of IT professionals. Hackers never stop looking for new ways into your system, which means your security can’t stop looking for ways to keep them out.

 

IT Security Staffordshire

Modern Systems for Modern Business

One of the most common security threats a business opens itself to is using an outdated operating system or software package. Many firms are scared to upgrade, update, or renew their IT over fears of breaking legacy systems. Many rely heavily on old software and are afraid to make a large change themselves. Some businesses today still run machines on Windows XP, an operating system first released back in 2001.

Old operating systems stop receiving security updates and patches that protect against newly released attacks. These systems become very vulnerable, presenting a large target for knowledgeable hackers. This happens many years after newer versions have been released, giving knowing IT firms a chance to migrate safely.

Hackers are always on the lookout for businesses that run IT equipment outside of its suggested service life. A server, desktop computer, or peripheral is a golden opportunity for criminals to enter and threaten a business.

Hackers purchase their attacks on the dark web, safe in the knowledge that old systems won’t be patched. These attacks can then be used to attack unguarded firms to steal or compromise vital company data.

An unpatched old machine is like a valuable security door left propped open overnight, a golden opportunity for thieves.

Smart Budgets

Budgeting for business is a difficult task. We aim to make the most of everything we spend and reduce spending as much as we can. IT security can easily fall very far down the list of priorities.

IT can seem like an easy way to cut costs. It’s a department that the customer doesn’t always benefit from directly, and when it’s working well, it might not be on the radar at all. Despite working largely behind the scenes, successful IT is one of the critical components of every highly successful firm. Good IT can be the binding glue that holds the company together.

Even businesses far removed from the IT world typically uses payment machines, ordering systems, and inventory. Even restaurants and retail stores rely on computers to operate. Downtime for any critical system can be a complete disaster. A business can be unable to trade, and costs can mount up fast.

When vital IT components are used by the customer, a sales website, or an automated booking system for example, the problem can multiply tenfold.

Keep On Top Of The Essentials

Good IT isn’t built on high peaks and deep troughs in the yearly budget. The kind of IT that makes your business and helps it to grow is built by smart financing and careful planning. Great technicians are what makes excellent IT.

Maintaining steady updates, keeping pace with the latest security, and building your IT as you build your business keeps you in the driving seat when it matters most.

When IT is planned and issues are solved before they appear, security becomes cheaper, easier, and many times more effective. System upgrades can be planned out months, if not years in advance so you are never caught unaware.

Don’t let your IT be broken before you take steps to fix it. Move ahead of the curve and give us a call at 01543 889 444 so you don’t have to find out what your business looks like without IT.


Don’t Get Hooked by Spear Phishing Attacks

Phishing attacks have been around for a long time in IT. Designed to steal your credentials or trick you into installing malicious software, they have persisted in the IT world precisely because they have been so devastatingly simple and effective. Today, a more modern and more effective version of the same attack is commonly used.

 

Email Phishing Attacks

A typical phishing attack involves an attacker sending out a malicious email to hundreds of thousands, if not millions of users. The attacker’s email is designed to look like it comes from a bank, financial service, or even the tax office. Often aiming to trick you into logging in to a fake online service, a phishing attack captures the login details you enter so an attacker may use them to enter the genuine service later.

By sending out tens of thousands of emails at a time, attackers can guarantee that even if only one half of one percent of people fall for it, there is a lot of profit to be made by draining accounts. Spear phishing is a more modern, more sophisticated, and far more dangerous form of the attack. It’s typically targeted at businesses and their staff.

A Convincing, Dangerous Attack

While a traditional phishing attack throws out a broad net in the hope of capturing as many credentials as possible, spear phishing is targeted and precise. The attack is aimed towards convincing a single business, department, or individual that a fraudulent email or website is genuine.

The attacker focuses on building a relationship and establishing trust with the target. By building trust and convincing the target that they are who they are pretending to be, the user is more likely to open attachments, follow links, or provide sensitive details.

Consider how many times you have followed a link or opened an attachment just because it has come from a contact you have trusted before.

A Trusted E-mail

The malicious email can appear to come from a vendor you deal with regularly. It may even look like an invoice you are expecting to receive. Often attackers can simply substitute the vendors’ banking details for their own, hoping the target will not notice the difference.

Such an attack is very difficult to detect. It takes a keen eye, strong working knowledge, and constant awareness to keep your company protected. Even a single small mistake by an unaware member of staff can compromise your business accounts.

Defending Your Business

The key to stopping a spear phishing attack is education. Learning attack techniques, and how to protect against them is the single biggest thing you can do to enhance business security.

Whenever you deal with a vendor in a business transaction, you should always consider important questions before proceeding. Are you expecting this email? Is the vendor attempting to rush you into a quick decision or transaction? Have you checked all the details are correct and as you expected? Sometimes a simple query to the vendor can protect you against worst-case scenarios.

In many cases, a phishing attack can be halted in its tracks with a strong IT security package. Web filtering prevents malicious emails and links from entering the network, shutting attacks down before any damage can be done.

Good Security Practice

As with many types of IT threat, good security practices help mitigate damage. Locking down security to ensure employees only access the systems they need helps to prevent damage spreading across the network.

Enforcing unique and strong passwords prevents leaked credentials from affecting systems related to the one that has been compromised. Getting employees set up with a password manager and good security policies can do the world of good to boost your security to the level it needs to be.

Give us a call at 01543 889 444 to audit your security practices. It could be the difference that secures your business against sophisticated spear phishing attacks.


What Hackers Target In Small Businesses

Hackers today have many ways to attack small businesses and business owners. Many attempt to use technology to send malware, viruses, or phishing attacks; or use information to con owners and employees into handing over more information than they should.

One or more of these techniques can be combined with gaining physical access to steal from vulnerable firms. Identifying precisely how criminals target businesses and what they deem most valuable can help to protect from the most devastating attacks out there.

Remaining vigilant and informed is one of the most vital things you can do as a business owner to protect your assets and reputation.

 

Business Security

Extortion

Different types of attacks tend to rise and fall in popularity. Fifteen years ago, computer worms were the most common attack that businesses faced. Security software wasn’t as advanced or as widely used at it is today. Computer worms were, at the time, an exceptionally low-cost and efficient way to inflict the maximum amount of damage for minimum cost.

Today ransomware has seen an unfortunate boom in popularity. This technology aims to encrypt the target’s files on their personal computer. This technique denies the victim access and charges a large fee in exchange for the key to retrieve the victim’s own data.

The attack has worked so often because it requires minimal effort and can be used again and again. Many businesses have no option but to pay because the data is worth far more than the ransom demand the hackers have made.

The best defense against ransomware attacks, in addition to strong online security, is an up-to-date offsite backup — one that is tested to work reliably.

Targeting Customer Records

One of the most important things for your firm to take care of is your customer data records. Records which include names, dates of birth, and other personally identifying details. These details are extremely valuable to hackers or criminals who, either use them personally or sell them on to someone who will.

Many regions have strict laws and guidelines about how this information must be stored, accessed and protected. Failing to follow these can result in severe penalties that could devastate any company.

Targeting Financial Information

Like personal information, a small business must take extreme care when storing customer financial information. Sensitive details such as credit card or banking information are a key target for hackers looking to steal money fast.

The impact on your business reputation following a breach of financial data will be severe and devastating. Even a simple mistake can require years of advertising and great PR to repair. Many firms have failed to recover after losing the trust of their customers.

Social Engineering

Most firms today run good IT security packages to protect against online attacks and other forms of malware. Attackers often know to take their methods offline to achieve the best results.

Whether posing as a supplier, customer, or interested party; attackers can seek to gain information that you may be less than willing to hand over to a stranger. Small businesses can often be used to gather information on vendors and suppliers they do business with in order to attack them too.

Be particularly cautious of the information you provide when discussing business with individuals you haven’t spoken to before.

Keeping Small Business Safe

Each of these targets and attacks are just some of the most popular and hard-hitting attacks out there now. The list is forever changing, and the methods we use to protect against them always needs to change too.

Some can be defended against with great security, backups, and software. Others, such as social engineering, need you and your staff to stay up-to-date and remain vigilant about the major attacks affecting small business today.

If you need help tightening your businesses security, give us a call at 01543 889 444


Why You Should Use a Professional Email Address for Your Business

Many people, customers and suppliers, use email to communicate with you and your business. But what does your email address say about your company?

 

Professional Email Services

Imagine if banks used a free email address provider, such as Hotmail, Gmail, Sky or BT. Would you feel comfortable about giving them your personal details let alone any money? That’s how your customers see you and your business, it’ll put your credibility in question and could affect whether they do business with you.

A Free Email Address is Forgettable

What rolls off the tongue better, johnsplumbing_1985@hotmail.co.uk or info@johnsplumbing.co.uk? Not only does the info@johnsplumbing.co.uk email address roll off the tongue a lot better than the Hotmail.co.uk address, but it looks more professional.

Now imagine you see the Hotmail.co.uk email on the side of a van, you are more likely to forget it by the time you get back in front of your computer. Whereas the johnsplumbing.co.uk is easy to remember.

A Free Email Address is not Safe

When you use a free email address provider, you are literally at the mercy of them. If they decide to stop providing an email service or close down your account, you cannot communicate via email to your customers or suppliers. You also have to inform people of your new email address, reprint company literature and update your website. How much time and money would this cost you?

Also, free email accounts are often hacked and leaked on a daily basis. You literally have no control over the security on your account. If you are hacked, you are at the mercy of the provider to resolve it quickly.

By using a professional email address, you have complete control over it. You can reset passwords, create new addresses at will and define the security policies.

A Professional Email Address isn’t as Expensive as you Think

A professional email address is relatively cheap. In fact, towards the end of last year, we quoted a customer for a new email address using their own domain and Office 365 email. They come back to us asking if the price was correct as it was a lot cheaper than they thought.

If you are using a free email address in your business, give us a call on 01543 889 444 and we’ll set you up a professional looking email address and also manage it for you.


5 Red Flags of Phishing Emails: Think Before You Click

A single click can be the difference between maintaining data security and suffering massive financial losses. From the moment just one employee takes the bait in a phishing email, your business is vulnerable to data breaches and extensive downtime.

Quickly spot the red flags and put phishing emails where they belong:

1. Poor spelling and grammar While occasional typos happen to even the best of us, an email filled with errors is a clear warning sign. Most companies push their campaigns through multiple review stages where errors are blitzed and language is refined. Unlikely errors throughout the entire message indicate that the same level of care was not taken, and therefore the message is likely fraudulent.

2. An offer too good to be true Free items or a lottery win sure sound great, but when the offer comes out of nowhere and with no catch? There’s definitely cause for concern. Take care not to get carried away and click without investigating deeper.

3. Random sender who knows too much Phishing has advanced in recent years to include ‘spear phishing’, which is an email or offer designed especially for your business. Culprits take details from your public channels, such as a recent function or award, and then use it against you. The only clues? The sender is unknown – they weren’t at the event or involved in any way. Take a moment to see if their story checks out.

4. The URL or email address is not quite right One of the most effective techniques used in phishing emails is to use domains which sound almost right. For example, [microsoft.info.com] or [pay-pal.com] Hover over the link with your mouse and review where it will take you. If it doesn’t look right, or is completely different from the link text, send that email to the bin.

5. It asks for personal, financial or business details Alarm bells should ring when a message contains a request for personal, business or financial information. If you believe there may be a genuine issue, you can initiate a check using established, trusted channels.

While education is the best way to ensure phishing emails are unsuccessful, a robust spam filter and solid anti-virus system provide peace of mind that your business has the best protection available.

Give us a call to discuss how we can secure your system against costly phishing attacks 01543 899 444 or fill in the form below

    Note: We do not share your data with any third parties