(866) 251-4459 support@compnetsys.com
Email Scam: Sage and Clare Homewares Business in Victoria, Australia Loses $10,000

Email Scam: Sage and Clare Homewares Business in Victoria, Australia Loses $10,000

How Can I Keep My Business Safe From an Email Scam?
Recently, small business owner, Phoebe Bell of Sage and Clare, a popular homeware designer business in Australia, opened up about her company falling prey to email scammers. Sage and Clare lost $10,000 from the hi-tech thieves who Bell says were most likely tracking the company’s emails for months.

As they have done countless times before, Sage and Clare placed a routine stock order with an unnamed supplier. In fact, Bell handled the order herself, emailing back and forth with the supplier about the order for several weeks.
In the midst of negotiating the order, the supplier informed Bell they had a new bank account to pay the money into for the order. Again, this was nothing out of the ordinary, Bell says because suppliers often change bank accounts.
After paying the $10,000 into the supplier’s “new account,” Sage and Clare discovered that their business was the victim of a scam, where a third party posed as the initial supplier. The scammers most likely hacked emails and read through the correspondence between Sage and Clare and the supplier, intercepted the specifics, and then redirected the payment funds.
Fortunately for Sage and Clare, they have the capital to recover from this loss. For some small businesses, losing $10,000 would cripple them.
Ms. Bell said that she was both embarrassed and distressed that this sort of thing could happen to her. She thought that she was smart enough to spot a dirty trick like this. When she opened up about the incident online, she found that many others had gone through a similar experience. She says that if someone had broken into her shop and stolen $10,000, the local police would come out and do a full investigation. But since the incident happened online, there’s nothing the police can do. She did report the theft to her bank, the Australian Federal Police, and the Australian Cybercrime Reporting Network (ACORN).
How Can I Train My Team to Spot Hackers?
How can you keep your business safe from these types of email scams? What kind of safeguards can you put in place to ensure that your business does not fall prey to thieves prowling for businesses who practice naive online transactions?
5 Effective Tools to Keep Your Australian Business Safe from Hackers in 2018
Routinely Train Your Employees
Almost 90% of Cyber Attacks are Caused by an employee’s human error or an honest mistake, according to a cyber consultant, Willis Towers Watson. These circumstances are commonly a result of employees giving sensitive information to hackers who pretend to be clients in need of information.
Routinely scheduling an online security awareness training for all your team will keep your company updated and vigilant to fend off hackers.
 Improve Your Technology
Having anti-virus software in place to protect your company’s site from viruses and malware is the first step in good cybersecurity.
It is essential to have the software updated on a regular basis. We all get the update software notices, and it’s easy to ignore or delay the update to the next day, week or month. Make sure your IT department stays on top of all updates and patches. This will ensure that each computer is up-to-date.
Here are some questions to ask yourself and your team to ensure you are protected from viruses and malware:

Do we have firewall protection?
Are our passwords strong?
Do we use two-factor authentication?

Being able to confidently answer these questions will give you peace of mind that you are doing your best to keep your business safe from cyber-attacks.
Keep a Tight Rein on Internet Access
This key step is often overlooked by employers but is so important. Your IT department can set up your computers so that they cannot access risky sites. Make sure that important company information can only be accessed by a chosen few.
Another good tip is to make it a practice to stay informed about current online data breach scams. Routinely making a habit of following a blog that reports the latest hacking news will help you stay vigilant.
 Don’t Keep Unnecessary Data
It isn’t necessary to store old data or customer information that is outdated or no longer useful for the company. Too often, though, companies don’t take the time to purge old records. Instead, they end up keeping information such as credit card numbers and other sensitive information in their system for customers who are long gone.
When the information is of no further use to your company, have a system in place where it is deleted. This will ensure that you avoid the risk of revealing unnecessary customer information if you are breached.
Adhere to a Phishing Awareness Checklist
Sticking to a protocol of routinely checking off safety practices will keep you aware of potential phishing attacks.
Here are some suggestions of important checklist questions you may want to include:

Do you recognise who’s sending the email?

If not, hover your mouse over the “From:” field to check for the right domain (i.e., an email from Yum Dog Treats should have a domain name of yumdogtreats.com).

Can you identify the sender’s email address?

Don’t open anything when their name is not matched up with the email address. If “Katie Jones” from “Yum Dog Treats” sends you an email, her email address should most likely say something like kjones@yumdogtreats.com, not kjones1989@gmail.com.

Is there an attachment the sender wants you to open?

Be suspicious of all attachments, but especially ones that have two extensions (i.e., file.doc.scr) or small files that are zipped.

Is there a link from the sender?

If so, does the URL convey the message of the email? You can simply hover your mouse over the link to check the URL to read it.
Conclusion
With the current situation, cyber-attacks are increasing dramatically in Australia and around the world. No one is safe. It’s every person’s duty to remain informed and aware of these scams. Ms. Bell learned her lesson the hard way and it cost her $10,000 to do so. You may not be financially able to learn such an expensive lesson.

Do You Know How to Spot Fake Software and Updates? Learn the 7 Red Flags!

Do You Know How to Spot Fake Software and Updates? Learn the 7 Red Flags!

If you are connected to the internet, then you are a target for malware, viruses, and hackers. Every day, 350,000 new malware programs come to the surface. Your firewall and anti-virus protection can only provide so much security. That is why it is very important that you know how to spot fraudulent software and fake updates. Fortunately, there are several common red flags that you and your colleagues can learn to watch out for.
t
Red Flag #1: An Offer to Scan Your System Pops Up on Your Screen
Be very wary of software pop-up ads! If an ad (often disguised as an alert) pops up unexpectedly on your screen and offers to scan your computer for malware or viruses, do not click on it. There is an extremely high probability that the real malware or virus is the downloadable software itself. For example, many of these fake software pop-ups will install a keylogger that records your keystrokes, including logins and passwords – which compromise your system and any accounts that you access through the infected computer. Anti-virus and anti-malware software should only be purchased and installed from well-known, reputable sites.
Red Flag #2: You Receive an Alert That Your Device is Full of Viruses
If an ad is warning you that it has already discovered multiple viruses on your computer, this is another red flag that the software is fake. If you click on the ad, then it will offer to install software to clean up your computer — but the truth is, this program will infect your computer with viruses or malware. This is not how real antivirus software actually warns users.
Red Flag #3: Software Suddenly Demands Your Information
The sneakiest of software scams are often introduced to your computer through an infected email that provides a way for malware to be installed on your system. This malware will provide you with an alert that looks very much like a legitimate anti-virus software alert. If you click on the alert, it will eventually request your credit card information or your personal information. Real anti-virus software never does this.
Red Flag #4: You Receive an Email with an Update Link
If you receive an email with a link to update, beware. The vast majority of modern software and apps will alert you through the software itself or via the system tray when an update is imminent, not with an email. Chances are that the update link in that email will install malware or result in a drive-by download. Beware of emails like this. They should not be opened; much less should any links inside them be followed.
Red Flag #5: A Pop-up Appears That Informs You That You Need to Update A Plug-In
Many of us have problems browsing the web when a pop-up appears via our web browser and tells us that a particular plug-in, say Adobe Flash, needs to be updated or we cannot view the page. These pop-ups can be incredibly convincing, with authentic looking logos. But do not be deceived. This is malware. That is not how a reputable software company will let you know that an update is needed. Never update your software through a browser pop-up.
Red Flag #6: You Receive an Alert from Software You Don’t Own
This one might seem a bit obvious, but many people don’t keep track of what software is on their system, especially if it is a work computer. Because of that, it can be easy to fall for a serious looking alert and click on it before making sure that software in question is something that is actually installed on the system. This trap is more common in businesses than on personal computers, but equally dangerous for both.
Red Flag #7: You get a Pop-up Alert That Your Browser is Outdated
Once again, this is not how modern browsers let you know that you are running an outdated version. This particular scam started making the rounds in February of this year. It detects what type of browser you are using and tailors the pop-up to that browser, with pretty convincing graphics.
Being Smart
Make sure you know what software you actually have installed on your system, especially when it comes to anti-virus software. Be familiar with how that software alerts you that an update is needed, and whether or not it automatically updates. Do not trust updates by email, or any browser pop-ups that try to get you to install something. Be careful about letting a program have access to your computer, or update your browser. Legitimate companies do not use those methods!
Conclusion
A little awareness and common sense can go a long way in helping you and your colleagues to avoid falling for scams that can compromise cybersecurity. In an age of ever-evolving cyber threats, a healthy dose of suspicion can go a long way toward protecting your computer from malicious software and internet scams!

Intel Chip Vulnerabilities: What We Know So Far!

Intel Chip Vulnerabilities: What We Know So Far!

What Do We Know About Terminal Fault (L1TF) Chip Vulnerabilities?

Understanding The L1 Terminal Fault (L1TF)
Intel has recently confirmed L1 Terminal Fault (L1TF) chip vulnerabilities in its processors that can be manipulated by malware and malevolent virtual machines with the intention of stealing private information from a computer’s memory.
Who or What is Vulnerable?
In short, Intel’s desktop, workstation, and server CPUs are exposed. What Intel initially described as impregnatable memory, has been found to have holes. That means sensitive data from other software and other customers’ virtual machines can be stolen from malicious software and guest virtual machines either on a vulnerable device or a cloud platform.
This private information may involve personal and financial accounts, passwords, and encryption keys. Also, they pose a threat to be taken from other customers’ virtual machines, including both System Management Mode (SMM) memory and SGX enclaves.
SGX, made by Intel technology, is intended to guard private information from code geared to peep and pry.
SMM serves as a computer’s clean-up operator.  This is an alternate software system that is usually placed in the computer’s firmware. It also has total control over the computer’s hardware and absolute admittance to all of its data.
Let’s break down the three areas, which Intel has named its L1 Terminal Fault (L1TF) bugs:
CVE-2018-3615
CVE-2018-3615 impacts Software Guard Extensions (SGX). More specifically, Intel says, “Systems with microprocessors utilizing speculative execution and software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis.” The researching teams who discovered CVE-2018-3615, named the vulnerability, Foreshadow.
The Fix:
Fixing this vulnerability will require the microcode update. To be safe, it is also recommended that you update your operating system and VM hypervisor. The patches should be available now for just about all operating systems.
This bug was discovered by two different groups:

Jo Van Bulck, Frank Piessens, Raoul Strackx from imec-DistriNet – KU Leuven.
Marina Minkin, Mark Silberstein from Technion, Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch from The University of Michigan, and Yuval Yarom from University of Adelaide and CSIRO’s Data61.

CVE-2018-3620
According to Intel, “Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis.” In short, CVE-2018-3620 affects operating systems and SMM.
The Fix:
To fix this, operating system kernels will need to be patched. Also, the SMM needs the microcode update, to be safe.
CVE-2018-3646
Intel states, “Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and side-channel analysis.” CVE-2018-3646 affects hypervisors and virtual machines.
The Fix:
Fixing CVE-2018-3646 will require the microcode, operating system, and hypervisor updates in order to protect your data.
Extra Fix:
The way hypervisor software operates is by allowing virtual machines or processors to be run off shared resources of a physical server. At the same time, they use multi-threading – a technique by which a single set of code can be used by several processors at different stages of implementation. Intel calls this Hyperthreading, and it can split one of its cores to act like two separate processors of the multi-core CPU for the hypervisor. This technique creates what Intel calls “sibling threads.”
Since these threads share a pool of L1 cache memory attached to the core, a malicious guest, on one of the virtual processors, could manipulate the third variant of the L1 Terminal Fault and get data used by the other sibling thread.
Even though the virtual processor will recognize this and deny the request of the hacker, if the data is in the cache at the same time, it can be revealed to the hacker.
Both CVE-2018-3620 and CVE-2018-3646 were discovered by Intel’s engineers after the university researchers who discovered “Foreshadow” informed Intel about CVE-2018-3615, the SGX issue.
The Ultimate Fix
The real fix to all these problems will be made by replacing the processors. As Intel stated, when addressing L1TF, “These changes begin with our next-generation Intel Xeon Scalable processors (code-named Cascade Lake), as well as new client processors expected to launch later this year.”
For now, the best advice is to keep patching and be aware of any changes you see in the area of performance and speed with the patches.

Centers for Medicare and Medicaid Services (CMS) Propose Reducing Submission Requirements for Health IT Security Under MIPS

Centers for Medicare and Medicaid Services (CMS) Propose Reducing Submission Requirements for Health IT Security Under MIPS

As providers are all too well aware, their payments from Medicare are affected by their score in the Merit-based Incentive Payment System (MIPS). MIPS imposes a number of requirements; if these are not met, payments may be reduced or denied.

The MIPS requirements apply to all Medicare claims, even those whose performance is not necessarily affected by a MIPS constraint. Among these universal requirements is the meaningful use of electronic health records (EHRs). Within the EHR requirements, we have the promotion of interoperability with other EHR systems, and within that, we have the security requirements. Among the security requirements is an annual security risk assessment.
What Has Changed?
In the Federal Register of July 27, 2018, the Centers for Medicare and Medicaid Services (CMS) proposes that the current security risk assessment requirement in MIPS be replaced. The suggested replacement will be an attestation to the activities included in the security risk assessment standard that has been performed in the past MIPS year.
This essentially switches the scoring of the security risk requirement from the equivalent of a numeric grade to a pass/fail scoring system. A practice or institution passes if it has done the assessment; how well it has done on the assessment falls by the wayside. The requirements are stated in a bare-bones fashion in the Code of Federal Regulations at 45 CFR 164.308.
CMS states that their rationale is, in part, a result of the realization that a risk assessment is done well, or not at all.
What A Serious Risk Assessment Entails
The thinking behind this can be found in the Office of Civil Rights (OCR) newsletter for April 2018.  This newsletter distinguishes a gap analysis (“find the holes”) from a security risk assessment (“make sure there are no holes”). It is a highly useful guide to discerning the scope and the level of effort required for a serious risk assessment.
An article on the HHS website goes into greater detail explaining what is subject to the security rules and why:
All e-PHI created, received, maintained or transmitted by an organization is subject to the Security Rule. The Security Rule requires entities to evaluate risks and vulnerabilities in their environments and to implement reasonable and appropriate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of e-PHI. Risk analysis is the first step in that process.
The guidance issues from OCR noted that the CFR requirements are divided into two categories: required and addressable.

The addressable requirements are not optional. Rather, if the approach specified in an addressable requirement is not feasible, the provider organization must develop an effective alternative to approach to achieve the same end and document this. The tendency to document-but-not-implement should be firmly resisted.
Did You Really Do A Risk Assessment?
Experts suggest that OCR has significantly underestimated the time required to do a serious risk assessment. Obviously, you have to look at hardware-associated risks. Are the BIOS files in your desktops and laptops updated? Has router firmware been updated?
You must take a hard look at software-associated risks as well. Are operating systems patched? You must strategically assess administrative risks: are you enforcing complex password requirements? Are you using biometric identifiers? Is data access truly on a need-to-know basis?
A Helicopter-Level View Is Not Adequate
The reader may protest that those concerns are nowhere to be found in the guidance. True. The point is that an adequate risk assessment will have revealed these as questions that need to be asked on a day-to-day operational basis. A risk assessment that is not dynamic misses all the critical points of vulnerability.
A risk assessment should point out any unnecessary risks and then offer a solid plan to eliminate them. It’s good to remember that the whole point of the endeavor is to make sure that the government (and all organizations) move toward better Internet and network security. With cyber breaches occurring on almost a daily basis, there’s every need to be more cautious about how we handle, store, and transmit Big Data.
The current cost of a data breach has reached between $1.3 million and $3.5 million. The number one most sought-after data that hackers are vying for is healthcare information. On the Dark Web, 30,000 up-to-date healthcare records will fetch a pretty price.
Conclusion
Under this proposed rule change, you will no longer be given a percent of compliance score on your risk assessment. You will simply be in or out of compliance. The upside is less administrative hassle; all you have to do is carry out the activities and attest that you did this. The downside is that this may lead to a relaxation of vigilance at a time when threats are constantly increasing.
 
 

What Are the Top 10 Phishing Email Subject Lines from Q2 2018?

What Are the Top 10 Phishing Email Subject Lines from Q2 2018?

Hackers are constantly throwing in new and clever phishing attacks that threaten email users’ security.  KnowBe4, one of the top security attentiveness and simulated phishing platform contributors recently issued the top 10 phishing email subject lines from this year’s second quarter. Please note, the attacks used most often contain email subject lines that relate to a user’s passwords and security warnings.
An estimated 1 out of 3 people will open a phishing email each day. This tricky way of gathering people’s personal and financial information is getting bigger, despite all the warnings from technology experts.
What is Phishing?
Phishing is a technique that hackers practice to steal personal information, like credit card info or login authorizations. The hacker replicates an existing login page from an online service such as Dropbox, Apple, Gmail or your financial institution. This made-up website holds a code that delivers all the personal data you submit directly to the hacker. To lure you to the bogus website, hackers send a believable email to you. Quite often, the email sent to you will ask you to log in to your bank account because your bank has exposed a transaction that you did not authorize.
Hackers can make these emails look and sound real and their exploits have been very successful. They often use fear. The email will make it sound like you need to take action NOW! So without really checking, the victim clicks the bad link and continues to the bogus landing page where they give the cyber thief their log-in and password information.
Why is Phishing a Concern?
It is reported that consumers, businesses, and organizations will lose an estimated $9 billion in 2018 globally. With so much personal information tied to finances now shared online, hackers use phishing in order to illegally steal your money.
The Anti-Phishing Working Group (APWG) latest quarterly release reported:

Over 11,000 phishing domains were created in the last quarter alone.
The number of phishing sites rose 46% over the previous quarter.
The practice of using SSL certificates on phishing sites continues to rise to lure users into believing a site is legitimate.

Is Phishing Just a Risk for Personal Users?
Because they store a lot of files in the cloud, Phishing is also a risk for all kinds of companies:  Digital design companies, financial institutions, security companies, etc. According to hackmageddon.com, there were 868 reported company security breaches or cyber-attacks in 2017.
What do Hackers need to be successful?
There are generally three things hackers do to gain access to your information:

Build an email account to send emails
Buy a domain and set up a fake website
Think of a tech company that is used often to mask itself as a legit website (Dropbox, Amazon, eBay, etc.)

What Can I Do to Avoid Phishing?
It has become increasingly difficult to guard yourself against phishing. As hard as Apple, Google, and other tech companies have worked to filter them out, hackers are always devising new ways to phish. However, here are some tips on spotting phishing emails:

Try to avoid clicking on buttons and/or links in emails.
Begin using password managers. A password manager aids the user in creating and retrieving complex passwords and storing the passwords in an encrypted database. Therefore, if hackers get one of your passwords, they can’t use it on any of your other accounts.
Don’t put total faith in the green lock icon in your address bar. This only ensures that it is a private channel but does not inform you about who you’re communicating with.
Allow 2FA (two-factor authentication). Two-factor verification is an extra layer of safekeeping otherwise known as “multi-factor authentication.” 2FA requires a password and username, and also something that only the user knows (mother’s maiden name) or has (passcode texted to another device, such as a cell phone).
Be extra cautious if the browser plugin of your password manager doesn’t show your login credentials automatically.
Be quick to report suspicious emails to your friends and colleagues. Organizations who make it easy for their employees to report attacks will see a significant decrease in cyber-attacks. The quicker an IT department can respond to a threat, it will minimize the threat potential damage inflicted on people.

Ironically, the trend for most of these phishing emails are warnings about security alerts.
Here are the top 10 from Q2:

Password Check Required Immediately (15 percent).
Security Alert (12 percent).
Change of Password Required Immediately (11 percent).
A Delivery Attempt was made (10 percent).
Urgent press release to all employees (10 percent).
De-activation of [[email]] in Process (10 percent).
Revised Vacation & Sick Time Policy (9 percent).
UPS Label Delivery, 1ZBE312TNY00015011 (9 percent).
Staff Review 2017 (7 percent).
Company Policies-Updates to our Fraternization Policy (7 percent).