(866) 251-4459 support@compnetsys.com
Google Docs Being Used to Attack Users With TrickBot Banking Trojan

Google Docs Being Used to Attack Users With TrickBot Banking Trojan

Watch Your Google Docs: Program Being Used to Disseminate TrickBot Malware
Beware of any Google Doc emails you receive. Cyber attackers are using the word processing program for a phishing scam that disseminates TrickBot malware.  

Take extra caution if you receive a Google Docs document sharing email in the near future — it may be a phishing email.
Cofense, a computer and network security company that specializes in phishing scams and data protection, has recently revealed a new cyberattack, which uses Google Docs as its “Trojan horse.”
The scam plays out like this:
1. A user receives a Google Docs document sharing email. The document looks legitimate, and indeed, it is legitimate. Google Docs generates such emails when one user wants to share a Google Docs file with another user.
The text in the email states:
“Have you already received documentation I’ve directed you recently? I am sending them over again.”
2. The email also receives a new button (added by the attackers), which says “Open in Docs.” This button, when clicked on, redirects the user to a new Google Docs landing page.
3. Once the user has arrived on the landing page, they’ll see an error message. This message is fake and says “404 error.”
The idea is to get the user to believe that there was an initial error with the document download and to have them click on a malicious download link — one created by the attackers.
4. The user will click on this link, which is actually the payload of the malware. It’s the malicious software, which will corrupt the computer once downloaded.
The download link appears to be legitimate. In fact, it looks like a PDF document and even has an extension of “.pdf” like a legitimate file. The attackers engineered this extension by taking advantage of the fact that known file type extensions are hidden in Windows (as a default measure). Furthermore, they use a PDF icon as the malware program’s icon, even though the program is not a PDF at all.
5. Once the file has been clicked on and downloaded, the malicious software will begin doing its dirty work on the target’s computer. In this case, the malware is called TrickBot, and it’s an extremely popular and dangerous banking Trojan.
As soon as its executed, TrickBot gets to work and continues being highly active at corrupting its host device. It will begin to copy itself repeatedly onto the device — once every 11 minutes for 414 days. If allowed to run, it will also begin launching an increasing number of Svchost processes.
What Is TrickBot?
TrickBot is a type of malicious software and also goes by the name of TheTrick, TrickLoader, and Trickster.
Discovered in October of 2016, TrickBot is ever-evolving. It has been updated and upgraded continually over the past several years and continues to be a menace used in phishing scams.
TrickBot was originally a type of banking Trojan, and it still is, but it now also has the ability to drop additional malware wherever it lands. As a type of banking Trojan, the main goal of TrickBot has been to obtain sensitive financial information from host devices.
Basically, anything sensitive would be sucked up by TrickBot and delivered back to the source who disseminated it. When TrickBot is on your devices, it can obtain things such as login information for the financial institutions you visit online and drop additional malware such as the equally popular Emotet.
TrickBot can even drop ransomware onto a device. If this occurs, sensitive data and system access may be locked up and/or blocked off. A message will be sent to the device user that their data and/or system access is being held for ransom. Unless the user pays a large sum of money, their data will be lost forever.
How Can You Avoid Falling Victim to This Google Docs Phishing Scam and Others?
Phishing scams remain the chief way that cyber attackers corrupt files, filch information, and steal finances. A phishing scam almost always comes in the form of an email (although such scams can also be operated over the phone).
The goal of a phishing email is to first get the recipient to believe it is legitimate. Therefore, it will be appear to be from a source such as Google Docs, a bank, the IRS, or even a co-worker. The next step is to get the recipient to click on a link, download an attachment, or take another such action, which will inevitably lead to the launch of malicious software.
The best way to protect yourself and your company from phishing scams is to have the appropriate security software and hardware measures in place. Additionally, all employees must be continually educated on how to avoid falling victim to a phishing scam and on trending phishing attacks.

Do You Know What to Do Now That Support for Windows 7 Is Ending?

What to Do Now That Support for Windows 7 Is Ending
In just a few short months, support for Windows 7 will come to an end. Is your business ready?
If your business is currently operating Windows 7, it’s time to switch to Windows 10. Microsoft will be ending technical support for Windows 7 in January 2020.
 
An enormous number of businesses throughout the United States use Windows operating systems to run their companies. In fact, Windows famously runs the majority of the world’s entire population of computers — including those used in business and personal computers (PCs).
Each of these Windows computers has its own version of Windows’ operating system (OS). Right now, the most popular operating systems are Windows 7 and Windows 10. Windows 7 was originally released ten years ago in 2009, and Windows 10 was released in 2015.
Now, Microsoft is phasing out its support for Windows 7. According to the company, this was always the plan:
“Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences.”
So, when will this change take place?
According to the company, “The specific end of support day for Windows 7 will be January 14, 2020.”
They go on to say: “Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.”
What Does the End of Windows 7 Support Mean for Your Business?
First off, it’s important to note that this change is definitely a big deal.
While the initial reaction of some companies and individuals may be that “end of support” doesn’t really matter, this assumption would be rather reckless. If you fail to update to Windows 10, Microsoft’s imminent cessation of support for Windows 7 has the possibility of causing your business huge problems. Specifically, the end of Windows 7 support means that Microsoft will no longer be providing any type of technical support and absolutely no software or security updates or fixes to this operating system.
As a result, if you run into a major technical problem with a computer running Windows 7 after the end-of-service date (January 14, 2020) or if your security is breached, you’ll get no assistance from Microsoft.
While this realization is shocking (and possibly rather annoying) for many, Microsoft has been warning users about the impending change for a long time. If you have Windows 7, you should have been receiving consistent advisories to this effect. Additionally, if you work with an IT service provider, they have likely been alerting you of the future change as well.
Security Issues With Microsoft 7 Moving Forward
One of the biggest reasons to update to Windows 10 is to ensure your company’s security in the face of possible cyberattacks.
When Microsoft says they’ll no longer be providing Windows 7 support, one of the things they’ll no longer be doing is providing security updates. Normally, Microsoft tracks security issues closely. When a specific cyberattack trend or weakness in their system becomes obvious, they release an update to fix the problem or better fend off would-be attackers.
On January 14, 2020, this will stop.
Unfortunately, cyber criminals are gleefully anticipating this date. They will take full advantage of the security gaps left in Windows 7 operating systems if they can. Those who fail to leave Windows 7 and move to Windows 10 will, of course, be the targets.
Have Questions About the Switch to Windows 10?
To be sure, Windows 10 promises to provide many useful updates and upgrades for Microsoft users. At the same time, the transition from Windows 7 to Windows 10 will certainly bring inevitable challenges. You and your employees will be forced to change some of your habits, and certain features you’re used to may become obsolete or have new properties.
If you haven’t already, now is the time to update your business’s software to Windows 10. Doing so sooner rather than later will allow for the fewest number of complications.
If you have questions or concerns about making a smoother transition from Windows 7 to Windows 10, speak to your IT service provider as soon as possible. There are steps you can take to make this transition less of a trial for yourself and your employees.

The New Ways Cybercriminals Pose a Threat to Organizations

The New Ways Cybercriminals Pose a Threat to Organizations

Cybercriminals no longer act alone. Find out the strategies and means cybercriminal networks are using to launch dangerous attacks against your organization. 

According to technology industry blogs, cybercrime incidents are growing by 15 percent each year and cybercrime has become the most profitable type of criminal activity around the globe. Cybercriminals are no longer acting alone and carrying out destructive activities that are relatively simplistic. Instead, cybercriminals have become more sophisticated in their approach. Activities are more damaging and organized. IBM’s CEO and president has stated that the new cybercriminal dangers are “the greatest threat to every profession, every industry, every company in the world.” Being aware of the fact that cybercriminal activity is now executed using the same types of structures and approaches seen in businesses can help IT leaders guard against the dangers cybercrime presents.
Common Types of Cybercriminal Activities
The scale and scope of cybercriminal activities have evolved swiftly since the 1990s. Back then, cybersecurity-related attacks entailed destroying websites and executing simplistic codes that reflected a strong dislike of the corporate culture. Now, modern cybersecurity-related attacks have not only embraced the notion of the corporate model, but have exploited the corporate world’s reliance on digital connectivity. Common cybercriminal activity now involves extortion, the theft of data and information, and sabotage. The design and spread of ransomware through electronic means reaps over $11 billion annually.
Hierarchical Structures
Besides using more sophisticated and profitable methods of wreaking havoc, cybercriminals have formed networks that resemble hierarchical structures within traditional organizations. Many groups of cybercriminals are led by someone who operates as a pseudo executive of a firm who designs an overarching strategy and tasks that are delegated to other leaders who resemble middle managers. In turn, those who work on developing malware and ransomware code are concentrated in a single “department,” while another group is focused on developing and executing distribution methods. Each group represents and operates like a functional department within an organization. Training and recruitment programs are also developed and executed for hackers that wish to join these extensive cybercriminal networks. Knowing that these networks are employing the same strategies and tactics as an experienced corporate marketing department means that any cybersecurity defense plan has to respond in an identical fashion.
The corporate structure and mentality have resulted in the equivalent of million-dollar salaries for some. Cybercriminals are also starting to incorporate other types of illegal activities into their “business models.” Some of those activities include illegal drug production and distribution, human trafficking, and counterfeit goods. Stopping and removing the threats that cybercriminals pose mean considering the possibility that these cybersecurity threats are occurring in conjunction with seemingly unrelated activities. Any defense plan must consider all possibilities and guard all potential and vulnerable points of access.

Using Managed IT Services to Save You Money

Using Managed IT Services to Save You Money

How Using Managed IT Services Saves You Money in the Long Term
Wondering how to make your business’ IT run better without costing more? One popular option to consider is managed IT services companies. 

Digitization. Network. Security. Mobile. As the average business sees more and more complexity in their IT requirements, it can become harder and harder to keep up with the necessary changes to protect your business’ interests and sensitive data. But what if the process could be easy without costing an arm and a leg? Managed IT services can provide this level of care, often at the same or even a lower cost than you would see using in-house employees. Here’s a quick look at how managed IT services can help make your business more efficient and effective.
Using Managed IT Services to Save You Money
Let’s start by defining what a managed IT service is and is not. A managed IT service provides you with a range of services. You pay a monthly subscription cost, and in exchange, the service takes care of your IT needs that are covered under those services. These services can include software updates, managed software-as-a-service options, backup services, website management and similar possibilities. Because they are responsible for these IT assets, these assets are carefully managed to provide you with optimum performance, security and efficiency.
Increase team efficiency by reducing downtime.
Well-run IT systems allow your employees to work at their highest levels of efficiency instead of focusing on computer problems and wasting their time updating systems and on hold with a help desk. Wouldn’t you rather have your people focusing on what your company is best at, promoting growth? When there’s a problem with your IT assets under your managed IT service, your employees don’t have to worry about fixing the problem – the managed IT service handles the entire process.
Every week, 140,000 hard drives fail. An estimated 44% of companies believe that an hour of downtime costs them about $10,000. Instead of having your companies having to stop their work and deal with distractions caused by an IT failure, they can simply continue on another device while the managed IT service takes care of the problem.
Enjoy peace of mind with better network and data security
Every day, we hear about another company that has had its data exposed through a security breach. In fact, in the first four months of 2018, over 260 million records containing sensitive data were exposed. You don’t want your company to be the source of the next big data breach, losing your company’s credibility and trustworthiness in the market, do you?
When you work with a managed IT service, their primary focus is making sure that your IT assets are current on all security patches, updates and anti-virus software, not the rest of the activities that your company undertakes. That allows you to focus on building your business, rather than about whether you’ll be one of the 60% of companies that go out of business within six months of a major data disaster.
Lower your company’s overall IT costs.
Though it seems counterintuitive that hiring out your company’s IT needs would save your business money, it’s actually been proven time and again. If you don’t hire a professional into your company, thinking it’s an unnecessary expense for a small business, then you’ll have employees wasting time trying to troubleshoot their own computer issues or waiting on hold for help desk personnel. Even if you do hire in a professional to handle your in-house work, how will they spend their time if there isn’t enough work to keep them occupied?
For these reasons, businesses typically find that the expense of a managed IT service is lower than that of trying to manage their own IT assets in-house. Because the managed service is only focused on the IT costs of your company and is focused on improving their own efficiency, these companies are focused on providing you with the most efficient service possible. They’re able to share the cost of education, new technology and equipment across a number of clients, reducing the cost.
As you can see, working with a well-run managed IT service can save your company time, money and potential risk. Are you ready to consider the options that are available to you? We offer a range of services, either in a package form or a la carte, should you only want help with a couple of areas. Please feel free to reach out today to discover how we can help your business get ahead through solid managed IT service solutions.

Complimentary Microsoft Outlook Training

Complimentary Microsoft Outlook Training

Every month, we host Microsoft Office and other technology training sessions. Our training sessions are completely free of charge and are available “on-demand”.  Yes, you can tune-in whenever and wherever you like.
 
This month’s training session: 4 Ways To Use Microsoft Outlook Efficiently.
Our in-house Microsoft training specialist, Dawn, will guide you through some very important tips and tricks, such as:

Quick Parts
Templates
Automated Responses
Signatures

Tune into this month’s training by clicking here.