by Felicien | Sep 29, 2017 | Education
A series of online accounting-specific scams popped up in recent months, prompting cybersecurity experts to take notice.
Late August saw a series of very similar phishing scams make a brief appearance in the inboxes of online accounting software consumers. By spoofing well-known online accounting software companies, these phishing scams have targeted a large number of consumers in an attempt to sneak banking trojans past their cyber defenses in order to steal banking data and other forms of personal information.
Customers of Xero, MYOB, Quickbooks, and Dropbox received phishing emails that contained legitimate looking invoices that would prompt the recipient to download a zip file that contains a malicious JavaScript file. This JavaScript file quietly executes the banking trojan – a version of Dridex malware – onto the user’s computer.
Once this malware is inside of your system, it will seek out banking data for the hacker behind the phishing scam to use as they please.
Online Accounting Users Should Exercise Caution
While email communication from these online accounting companies to their users isn’t unusual, it’s important to take notice of messages that seem out of the ordinary. Unexpected or suspicious-seeming messages should be handled with caution, especially when they come with strange attachments or embedded links. You should never download a zip file coming from an unknown source – a common indicator of a phishing scam – and it’s never a good idea to execute an unknown file format like JavaScript – especially since more and more malware is using this file format to distribute itself to unsuspecting victims.
You know what typical correspondence from your online accounting software provider looks like. Anything that feels wrong to you probably is, and where the security of your sensitive business information is concerned, you can never be too careful. Despite the best efforts of those in the cybersecurity industry, these types of phishing attacks continue to be effective in part because they evolve too fast for the experts to stay ahead of.
Luckily, a lot of these attacks can be stopped in their tracks as long as you and your team are paying attention.
Protect Your Online Accounting Information With Next-Gen Security
Fighting back against cybercrime in its many forms is an ongoing battle, but for every advancement the hackers make, the security industry is making advancements of their own.
Next-generation cybersecurity solutions are tipping the scales back in your business’ favor by offering anti-virus, anti-malware, and firewall software that boosts your defenses against the vulnerabilities and exploits cybercriminals take advantage of. The stronger and more capable your endpoint projections are, the lower your risk of falling victim to a data breach or serious malware infection – and with phishing scams continuing to impact businesses of all sizes, the more obstacles you can throw in a hackers path, the better.
The need to have top-notch IT security solutions in place regardless of the size of your operations hasn’t escaped our notice. {company} offers a complete range of next-generation security solutions to protect your business from threats that are simply more than basic security measures can stand up to.
Our next-generation anti-virus solution offers your business:
Remediation-as-a-Service
Added defense against security exploits and phishing attempts
Encrypted restoration points for added protection against ransomware
Continuous monitoring of your anti-virus and firewall software
Our employee cybersecurity training services add a much-needed extra layer of protection by educating your team on phishing awareness and helping to make sure that when these types of scams start making the rounds, your staff has the know-how needed to outsmart these hackers. It’s not just your online accounting software that has the potential to be targeted in this way.
Aside from having a predictable end goal, the bulk of these phishing attempts follow the same pattern and rely on the same tricks and tactics in order to work. They also tend to rely heavily on cooperation from their targets, which means they’re counting on someone inside your business falling for their ruse and unintentionally helping them get what they want. These digital crimes have a surprisingly big human element to them, and when you take away a hacker’s ability to manipulate that human element, their threats become much less dangerous.
Having smart and capable employees complimenting your cybersecurity safeguards is as close to the perfect IT security solution as you can get. Training your employees is important, but accepting that humans are prone to making mistakes and having the right protections in place is just as important.
Cybercriminals are getting smarter, but so are the security solutions businesses have at their disposal to protect their digital assets like online accounting data, client information, and any other mission-critical data your business relies on and is responsible for.
Ready to put enterprise-grade cybersecurity to work for your business? Contact {company} at {email} or {phone} today to learn more about our Next-Generation Anti-virus solution or to sign up for a complete security audit to find out exactly where your business stands.
by Felicien | Sep 29, 2017 | Education
How to Use the Office 365 App Launcher to Work Smarter and More Productively
Few people will argue that Office 365 offers many features that can help them work more productively. For instance, the cloud-based software and storage will let you work from just about anywhere, use multiple devices, and also collaborate with ease. Typically, Microsoft productivity products have a good reputation for functioning well and offering the features that most people need to do their jobs.
In fact, the main complaint about Office subscriptions is that they come with so many different features that it’s often difficult to find the right tool or document to start working. For example, in the past, lots of us have run into a few snags with these apps:
Opening up the apps: When you want to open up Word, Excel, or other apps do you find yourself searching for existing documents that you can open just to get the app to open? Yes, we certainly used to do the same! Sometimes, it seemed quicker to just find a Word document than to hunt around for the Word App icon on the computer or other devices.
Knowing which apps are included: The other issue with bundles of apps like the ones that we buy with Office 365 is that they’re first purchased for a few driver apps, like Word and Excel. Like us, you might not even be aware of every piece of software that you have purchased access to. Plenty of users waste time and money to find free or paid applications for certain tasks, and only later, they realize they already had paid for access to a Microsoft product that would have worked very well.
How the Office 365 App Launcher Will Help You Work Smarter
If you’ve ever found that the setup for Office products has hampered your productivity, you should take a few moments to learn more about how the Office 365 App Launcher can help you work smarter and get even more value out of your software products.
Since Office relies so much upon providing online and cloud-based services, you might consider the recent suggestions from the official Office 365 blog to use your products directly from the new app launcher within your browser.
Find Your Customized App Launcher at Office.com
To get started, simply log into Office.com directly. After you have logged in, you will find that the Office 365 App Launcher has already been personalized for you. For example:
You will see icons for your own set of most-used apps at the top. You can get started without having to look around for them.
On the lower area of the screen, you will see a list of recent documents. You can simply click these to continue working with them right away.
You won’t have to hunt around in different directories or app menus for the apps that you regularly use. Instead, you can just get started by clicking the app icons or one of the recent documents on the list. This feature should help you save time and frustration when you just want to resume work fast.
Explore Your Apps
The features described above will help you get started with common or recent tasks very quickly. However, because those features have been tailored to your typical usage patterns, they won’t help you explore features of Office 365 that you have never or infrequently used. In order to make sure you make the most of your products, the app launcher also includes a feature that helps you learn more about all of the products that you already have access too.
To start learning about different apps, find the link below the list of app icons that invites you to: Explore all of your apps. This exploration function can help you get the most out of your software:
You don’t need to know the name of a particular app that you may want to use for collaboration, image editing, and so on. Instead, you should just have a task that you would like to perform in mind.
This feature will base its first app suggestions upon your subscription and typical usage patterns. For example, you may see some suggestions that are based upon other apps that you use.
Of course, you may want to perform some task that isn’t closely related to your typical work. In that case, you can improve the suggestions by using search terms in the search bar towards the top of the screen.
You can also use this exploration feature to do more than simply comb through all of your apps. For instance, you may have collaborated with a particular person on a document that you need to find so you can search for that person’s name to find the documents you worked together on.
Let the Smart Features of the App Launcher Help You Work Smarter
The new Office 365 Office App Launcher offers a great solution for people who want to make the most of their subscription. Its smart search and listing features can almost serve you as an office assistant that will rapidly help you find the documents and software that you need.
If you have any questions, you can rely on us here at {company} in {city}. Simply contact us by calling {phone} or sending an email to {email} for more information.
by Felicien | Sep 29, 2017 | Education
The iPhone X was announced a few short weeks ago, but why do major manufacturers skip release numbers? Turns out, there’s a great reason.
Apple recently held their annual release party while the world watched and waited to see what new wonders were in store. When the dust settled, there was a fair amount of surprise that the iPhone 8 Plus and the iPhone X were the only versions announced. What happened to the iPhone 9? Was it simply overlooked? For that matter, what happened to the BlackBerry BB9 and the Windows 9 Phone? While it may seem a bit crazy, there’s a logical reason why these major manufacturers decided to skip releasing a version 9 of their popular phones and instead went straight from 8 to 10.
Apple’s iPhone X Release
The big news is the iPhone X: the all-new, all-screen iPhone that has a price point as voluminous as the screen size. While innovative for Apple, the iPhone X doesn’t display a great deal of functionality that can’t already be found in a variety of other platforms, such as the lack of physical home button on the front or the OLED screen that provides a whopping 2,436 x 1,125 pixels of resolution — called the Super Retina Display by the hardware giant. The one truly new feature is the Face ID, which is encountering challenges in production, which has caused delays in delivery such as those that have plagued Apple technology repeatedly in the past. It’s now estimated that Apple will be attempting to fulfill current iPhone X orders well into 2018.
Romeo and Juliet
Aside from improved video resolution, better battery time, cool augmented reality features and a 7-megapixel front camera, the new iPhone X delivers 30 percent greater speed than previous versions. Perhaps the most intriguing part of the Face ID feature is the fact that you will literally be one in a million — one in a million chances of someone else unlocking your phone with their face, that is. Apps that currently use Touch ID will be transitioned to Face ID, something that not all users are overjoyed about. The Romeo module inside the phone is an infrared dot projector that creates a depth map of faces by utilizing more than 30,000 invisible dots, while the data returned from the mapping is surveyed and analyzed by the Juliet module.
Long History of Skips
Microsoft, in particular, has a long history of skipping numbers in their naming conventions. Think back to Windows 10, which skipped Windows 9 and went directly from Windows 7 to 10 to make it appear that there were a few generations between the releases. This marketing trick makes version 7 seem much older than it really is, with the side effect of encouraging users to move more quickly to Windows 10. This clever and subtle play with numbers provides hardware and software manufacturers with a way to entice users to the latest edition with the idea that the upgrade may be more significant and the gap between functionality more expansive. The theories swirling around the iPhone X and the lack of an iPhone 9 range from grim to hilarious, but perhaps the easiest to understand the reason for the skip in this particular instance is that the tech is being announced on the tenth anniversary of the iPhone’s original release date. When you think about it, it might be a bit confusing to have a tenth-anniversary phone that was named the iPhone 9 — and that may be the simplest explanation of all for the skip.
Human Nature
Superstition is a big part of human nature, and perhaps one of the least-studied as well. Die-hard sports fans dress up wearing certain socks or their team won’t win. Some people insist upon getting out of bed on the same side every day or doing things in a certain order as part of their morning routine. Still, others wear lucky jewelry before a big job interview or skip over cracks in the sidewalk when taking a walk. This behavior is reinforced when these extraneous actions happen to lead to a positive outcome, while an unexpectedly bad outcome could turn your lucky charm into a bad omen. The crux of human nature is to assign power to inanimate objects or ideals, which allows us to feel slightly more confident in the outcome — which can reduce overall anxiety and increase our comfort levels with a particular action. This is the reason why few hotels have a floor numbered thirteen; a number which some individuals feel has negative connotations or is dangerous.
Cultural Context
While unverified, there are some reports that the number 9 has some seriously negative meanings in Asian languages, with one translation meaning a literal curse in Chinese and torture or agony in Japanese. With the massive Asian market for technology, this would likely be reason enough for Apple to make a skip over the number to avoid any chance of alienating a large portion of their buying public. Whether or not this is accurate, it is true that cultural context is important when considering product naming and other conventions. The leap over the 9 version provides a visual and audio cue that the changes to the technology are significant, something that is well-accepted across cultural and language boundaries.
While conspiracy theories abound, one thing is absolutely certain. The iPhone X is set to fundamentally change the way Apple users relate to their phones through the revolutionary new Face ID. Learn how this technology will impact your {city} business, and how to integrate new endpoints safely into your system when you work with {company}. Contact our professionals today at {phone} or via email to {email}.
Contact our professionals today at {phone} or via email to {email}.
by Felicien | Sep 29, 2017 | Education
Maintaining your nonprofit’s strategic mission focus is critical and often requires next-generation technology to an executive on objectives. IT managed services providers offer exceptional support and value, with a cost structure that is sustainable for mid-size nonprofits.
Guiding your nonprofit organization to true sustainability while maintaining exceptional mission impact can be a challenging task and one that is littered with damaging assumptions. Navigating through the landmines requires a full understanding of business realities and concepts and how they relate to a nonprofit environment, which can be very different than for-profit strategies and financial leadership principles. For-profit organizations may look for ways to reduce long-term costs by paying additional funds upfront, while not-for-profit organizations may find it more fiscally responsible to spread payments over time. This is one of the many reasons that IT managed services are especially applicable for nonprofits — the ability to reduce upfront costs and still receive exceptional support for new technology initiatives.
Vital Improvements
Nonprofits are often running incredibly lean, with only a minimal staff to do the massive number of required tasks, often while meeting aggressive fundraising or mission-oriented goals. In this go-go-go mentality, technology can fall by the wayside — with the unfortunate side-effect of causing more frustration for donors and staff alike. Even simple items such as optimizing donation pages for mobile delivery can be out of reach for beleaguered nonprofit teams, even though this straightforward fix would likely net significant new dollars that could be put towards the mission of the organization. Data security is another overlooked area for nonprofits, which can be especially dangerous considering the high likelihood that fundraising organizations are storing personal information, causing increased liability concerns as well as negative publicity should a breach occur. Updating key systems and maintaining adequate security levels are vital improvements that nonprofits need on the technology side of the business.
Tech Adoption and Effectiveness
When technology isn’t effective, it’s unlikely that adoption levels will lag behind as well. Employees are quick to research workarounds when they perceive that a certain task is taking longer or being less efficient than expected, which can result in data and security lapses that can be difficult to overcome. It’s important for financial leaders of nonprofits to set aside adequate funds to maintain and improve business systems that will support the overall mission of the organization. Unfortunately, there are unique challenges associated with nonprofit organizations, such as sudden swings in funding levels and the inability to quickly budget additional funds should there be an emergency such as a serious software or hardware breakdown.
Lifecycle Planning
Technology teams are always planning for the next generation of hardware, software and business needs — which requires a thorough understanding of the technology landscape as well as the financial chops to advocate leadership for upgrades and essential new expenditures. This lifecycle planning is what keeps constituents able to complete transactions with the nonprofits, and provides employees with the tools needed to perform daily activities. When the unexpected happens, such as several computers that break down before their lifecycle is scheduled to end, a nonprofit can be forced to pull funds away from mission projects to keep technology running. This has a ripple effect on the organization that can cause an extended recovery period. With IT managed services, lifecycle planning becomes much more fluid as business leaders are able to lease expensive hardware instead of purchasing upfront to reduce the requirement for capital outlay.
Systematic Cash Flow
IT departments in for-profit, as well as not-for-profit organizations, have an ongoing struggle around budgeting, due to the variable nature of technology in general. It can be difficult to project twelve months to three years in advance what the costs are for technology projects to keep the organization moving forward, but that is exactly what IT directors are called upon to do on a regular basis in the nonprofit world. Costs are normalized as much as possible over a long period of time to reduce the risk of large, unexpected expenses that could derail other projects. The dependable, flat-rate IT support associated with managed services provides a proactive system of monitoring and maintenance to ensure that your organization’s data stays safe and that operations continue uninterrupted even in the event of a natural disaster or other calamities.
Enterprise-Level Performance and Reliability
Just because nonprofits may be smaller or have a reduced budget, doesn’t mean that the complexity level is lessened! Fortunately, IT managed services such as cloud hosting, business networking, telecom services and more provide enterprise-level functionality at a greatly reduced price. Healthcare organizations often struggle with security and compliance, and managed services providers (MSPs) are able to help support even these complicated needs at a rate that most nonprofits can afford due to the shared nature of these services. In addition, an MSP can function as an extended staff member and provide valuable knowledge about the industry or specific market segments that your internal IT team may not have time to research.
Learn more about how your nonprofit can benefit from IT managed services when you contact {company} today at {phone} or via email to {email}. Our security and services professionals will work with you to understand your key requirements and craft a solution that will work for your {city} organization.
by Felicien | Sep 28, 2017 | Education
High Sierra’s Password Theft Vulnerability
Learn how a macOS update named High Sierra can leave your passwords vulnerable to theft.
As this tech giant usually does before a new release, Apple generated massive excitement over High Sierra. This free upgrade for macOS includes an extra two gigs of memory and plenty of new or updated features. According to Apple, some of the highlights of High Sierra include better video streaming, new graphics editing features, and more efficient data storage. Apple also says that some of the changes will also help pave the way for future innovations. It’s easy to understand why this company’s customers wait eagerly for updates to their devices.
Still, shortly after the recent release, the apple may have turned a bit sour for some people. The Washington Post and other news outlets reported on a serious security vulnerability. Hackers can potentially craft apps that can steal stored passwords from the device. Some outside security experts expressed disappointment that Apple knew about the vulnerability before the release and did not rush out a patch.
How Can Hackers Steal Passwords With High Sierra?
To understand how hackers can steal passwords from High Sierra, it helps to understand a little bit about how the operating system stores them. If you already use devices with macOS, you may already understand that:
You have a master password for your device.
You also can have your device store various passwords for apps and websites in something that Apple calls the “keychain.”
This convenience keeps you from having to remember all of the passwords you might use, and you can find similar features on almost all sorts of devices and operating systems.
The problem is that if you use unsigned apps or those that aren’t approved for distribution within the Apple Store, those apps may be able to pull the passwords out of your keychain without knowing your master password. A security researcher named Patrick Wardle uncovered this exploit, made his discovery public, and even informed Apple about it in advance of the public release. Wardle says the vulnerability allows hackers to pull out passwords as text so anybody can read them.
Since the release, he has expressed disappointment that the company did not patch the problem but assumes that they will eventually. He also said that this vulnerability could affect older versions of macOS and even OS-X.
How Can You Protect Your Passwords With High Sierra?
If you try to install an unsigned app, the operating system will warn you. Apple’s response to Wardle and the public was that they have always advised their customers to only download signed apps from the Apple Store. A company spokesman said that they encourage their customers to refuse any app that triggers a warning that it has not been certified by Apple and that this measure can help keep devices from getting infected with malware.
Until Apple releases a patch and perhaps, even afterward, you might protect yourself by:
Only downloading trusted apps
Making certain that you only have trusted apps already downloaded on your devices
Running antivirus scans
Is Your Mac Safe When You Only Download Signed Apps?
Even if you take care to only download signed apps, you won’t have a guarantee that your device is completely safe. The problem is that it’s possible for a clever cybercriminal to inject the exploit into a digitally signed application with falsified or stolen credentials. In fact, a security company uncovered this very thing as recently as March of 2017. Obviously, this was several months before the release of High Sierra.
The security company, Sixgill, said that their researchers found an online discussion of a remote attack Trojan, appropriately called a RAT, on an underground forum that exists for buying and selling digital exploits. Some of the most damaging features of this malware include controlling cameras, keylogging, and executing remote commands. However, Sixgill said the most alarming thing about the app is that it appeared to have a legitimate digital signature and would not trip any sort of warning message when installed. Somehow, the author of the malware managed to bypass or defraud Apple’s normal filters.
Can You Keep Your Apple Devices Secure?
Anyway, these stories are not meant to alarm anybody or contend that one operating system has more vulnerabilities than another one. Apple and its competitors typically do a good job of staying on top of security vulnerabilities as they are uncovered. It’s just possible that nobody can really offer you any 100-percent-foolproof cybersecurity guarantees. Typically, your security will depend upon a combination of your prudence when downloading apps, applying released security patches, and using security software.
We are here to keep your valuable information as secure as informed people and modern technology will allow. Here at {company} in {city}, we’re waiting to help protect you, your data, and your devices. You can call us at {phone} or send an email to {email} to get in touch with us.
