Blog

January 30th, 2015

Productivity_Jan29_BWe all know technology is evolving rapidly - at times it can feel like software companies release a new update each week. It can be exhausting to keep up. But when it comes to business, technology is either helping your company to succeed or holding it back from doing better things. To make life easier, here are four ideas on how to use technology to keep costs down and staff productivity up.

Work together from anywhere

With the onset of Cloud technology, it’s now possible for your employees to work easily from anywhere - be it Bangkok, Belize or Boston. With Cloud-based suite products, employees can log on from remote locations and access company files. All they need is a web-enabled device.

Cloud-based technology also makes it easier than ever for your staff to collaborate. While one employee is in a coffee shop in Vancouver and another is at a desktop in your office, they can both be editing the same document at the same time. This makes it easy for your staff to remain on the same page, both literally and metaphorically, which in turn boosts both productivity and profits.

While many SMBs use public Cloud applications like Google Drive, Dropbox and Evernote, private pro-level options are available, which come with more security and more features.

Keep all your data in the Cloud

The fact is that searching through spreadsheets for information stored in bloated data sets can be a huge waste of time. By having all your data in the Cloud, all your information will be in one place. So when you’re looking for that critical client receipt for your taxes, you’ll know where it is immediately.

Thanks to its remote access and collaboration possibilities, the Cloud also gives you and your staff easy access to all of your data wherever in the world you are.

Identify bottlenecks and upgrade your technology

Facing the facts about your current technology is key to increasing productivity. Yes we know you love your tablet from way back in 2008. You even named her Susie, after your niece, because they’re both so darn creative. But let’s face it, Susie is old now and is slowing down your business. She’s served you well, but it’s time to upgrade.

And desktops aren’t the only technology that can slow you down. There are also unreliable internet connections, obsolete software and outdated email providers. The list goes on…

The solution is to take a careful inventory of your current IT technology and see what’s keeping your business from reaching its true productivity potential. After you have your list, update your technology accordingly. Then create a plan to regularly upgrade your IT resources, so your employees are never being slowed down.

Outsource your IT

As the old saying goes, ‘out of sight, out of mind’. Whether you have a part-time contractor or a fully-staffed IT department, the mere presence of tech staff onsite in your workplace can be a distraction. When you’re focusing on sales or setting up meetings with potential clients, a knock at your door from your IT colleague - because he or she has just discovered a glitch in your system - can take you out of the flow of the task at hand.

On the other hand, outsourced IT departments are proactive in preventing technical issues from popping up in the first place. They’ll fix problems without you even knowing they existed, and without distracting you from your core work. All of which means a great boost to your day-to-day productivity - and therefore profitability.

Want to know more ways IT can enhance your company’s productivity? Contact us today to learn how.

Published with permission from TechAdvisory.org. Source.

Topic Productivity
January 29th, 2015

Security_Jan28_BMost of us have suffered the horrors of a computer virus at some point, and we know the damage that can be caused by these security infections. Our work gets disrupted as IT systems go down and, if we’re really unlucky, sensitive and valuable data might be lost or even leaked. But there’s a silver lining to most viruses, worms and other such malware, in that they can at least be tracked down and removed. Well, not always - enter the invisible Poweliks, which even your most sophisticated anti-virus software might not be able to protect you against. So, what do you need to know and how can you protect yourself?

What is Poweliks?

Security firm Symantec describes Poweliks as a trojan horse that performs malicious activities on the compromised computer. But it’s no ordinary trojan - unlike the majority, which infect your computer with malicious files, Poweliks is a silent and invisible threat that hides away in the memory registry of your system. It’s not entirely new for a virus to seek to cover its tracks by making itself "file-less" but, in contrast with Poweliks, most are wiped when you restart your computer and its memory is cleared. Worse still, Poweliks hijacks the legitimate processes and applications running on your network, inserting its code into them where it can largely evade detection.

First discovered back in August 2014, Poweliks has therefore created something of a headache for firms behind conventional security solutions like anti-virus software. Symantec and others have admittedly managed a number of updates to their protection in response to the threat posed by Poweliks. But although very minor records of the presence of the trojan are left behind by way, for instance, of registry logs, the signs of its destructive presence are much lower key than the computer world is used to, meaning Poweliks is unlikely to show up on most system scans.

Poweliks has links to Kazakhstan, the home of two servers the malware connects to once it is up and running from within your computer. The servers in Kazakhstan then send commands to the bug to tell it what to do next. In theory, this then makes way for the tool to be used to download other undesirable programs that could infect your system without your knowledge. It could equally be used to steal and disseminate data from your network.

How can I best protect myself?

As well as the anti-virus updates that have gradually been released - but which are still likely to have only a limited impact on threats of this type compared with those of the past - a number of Poweliks removal guides are now available online. Nevertheless, prevention as ever, remains better than cure. One method reported to have been employed in the distribution of the Poweliks infection is embedding it in a Microsoft Word document, which is then sent as an attachment to spam emails, and which the attackers hope your curiosity will lead you to open. Among the senders that these spam messages have masqueraded as being from are the United States Postal Service and Canada Post. Of course the best advice remains to be suspicious of any and every email attachment you open, particularly if you weren’t expecting mail or it's from someone you don’t know.

Should I be concerned?

In fact, revisiting your everyday security precautions is probably pretty good advice all round, since experts predict that this type of threat is likely to become ever more common as attackers seek to exploit the techniques of Poweliks in order for their infiltration to remain unnoticed for as long as possible. Sure enough, a number of copycat threats have already been detected by security specialists as of the start of 2015.

General awareness around web sites you choose to visit is also recommendable in particular, since others have also reported the bug making its way onto their systems thanks to so-called ‘drive-by download attacks’ - whereby simply visiting a malicious web site is enough to trigger the infection, and actively downloading a file isn’t even necessary. As a result, organizations may wish to consider more comprehensive filtering of internet access, or at the very least reactive blocking of known malicious sites, in order to prevent employees from inadvertently infecting a company network.

To find out more about IT security solutions and protecting your technology from attack, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
January 27th, 2015

iPhone_Jan27_B

We’re all busy. Our schedules are loaded with work, fitness regimes, kids’ soccer practices - it’s enough to make your head spin. So when your son or daughter gets sick, how do you squeeze their care into your day? The iPhone’s latest health apps and accessories may be the solution you’ve been searching for, giving you the ability to book a virtual doctor appointment from home and even keep track of your own medical history to speed up those in-person doctor visits. For three ways the iPhone is revolutionizing health care, read on.

At-home ear infection diagnosis

If you have a young child, you'll already know that ear infections are a common nuisance. By the age of 3, roughly 80% of all children have suffered from this affliction. And this problem alone costs the medical industry roughly 3.5 billion dollars annually.

In today’s world, full of long work hours and overloaded schedules, it can be difficult to find the time to visit a doctor. And if you live in a remote area, the challenge is even greater. But when little Johnny’s ear infection means you're waking up at night to deal with a screaming toddler, you know that something needs to be done. The iPhone’s new Oto Home device could be your solution.

For $79 you can bring the technology of an otoscope (the device your doctor uses to look into your ear at a checkup) directly into your home. Not the whole thing of course. Instead, the Oto Home is just the small black cone-like part at the tip of the otoscope that the doctor inserts into your ear. Now you can attach this tool to your iPhone’s camera, and use it to take a video of the inside of your child’s ear, which can then be sent to your doctor via email. For a $49 fee, your doctor can diagnose and provide a prescription almost instantly.

At this time, the device is only available in California, but will likely be approved for use in more states soon.

Medical history for quicker doctor appointments

Whether you need to keep a close eye on a sick relative’s temperature or want to have a record of your own medical history, iPhone’s new Swaive app can help. Like the Oto Home device, the Swaive also involves your ear. But instead of diagnosing ear infections, the Swaive acts as an in-ear thermometer.

In combination with Apple’s Health app, the Swaive can keep track of your temperature over weeks, months or years. With this app, you can also record any kind of recurring physical symptom or medication you’re taking. This information can then be sent to your physician.

Even better, the next time you pop in for an in-person doctor visit, this info can speed up the process as it acts as a recent medical history.

Virtual doctor appointments from anywhere

But if you’d rather not visit the doctor at all, now you can make a virtual appointment through an app called Amwell. This allows you to Facetime with your physician at anytime, with no appointment necessary.

The way Amwell works is simple. A patient can open the app and scroll through the physicians who are part of the Amwell network. Just like other online health databases, you’ll be able to see the doctor’s years in practice, education and patient rating. Once you’ve made your choice, you can sign up for a $49 virtual visit where a doctor can provide instant feedback, diagnosis and treatment. Best of all, Amwell visits are covered by some insurance providers. So once you get your printable receipt, you can still get reimbursed.

Looking for more tips on how your iPhone can make life easier? Contact us today and learn how we can help.

Published with permission from TechAdvisory.org. Source.

Topic iPhone
January 22nd, 2015

socialmedia_Jan20_BIn today’s digital world, social media has become a vital tool that effectively helps accelerate business development and the relationship-building process between different organizations. And with solid communication being at the core of business development, let’s take a look at how social media can help drive partnering processes for the better.

In most cases, a business development manager already has an idea of the kind of company with which to partner. Their next step is to contact that company via a phone call or email. However, this can be an unreliable way to reach out, especially when your potential partner has never heard of you. Social media speeds up this process by identifying the best person to contact, as well as determining if you have any mutual connections.

Simply put, social media lets you understand the background of different companies and gives you an idea of the different players involved, before you even engage in a dialogue. With this in mind, let’s take a look at four ways you can utilize information available on social media to enhance your business development success.

  1. Social media is an extra pair of eyes Social media allows you to see first-hand what potential partners, competitors, and customers are doing, which is a major asset when it comes to your business development and performance. This can also reveal business-relationship possibilities or even warn where it is best to stay away. It’s crucial to position yourself and your company as industry experts by sharing mind-blowing content as well as highlighting recent successes.
  2. There’s no universal message in social media The way people behave and connect across different social media platforms varies, therefore it is important to adjust accordingly. For instance, you might use Twitter to promote ongoing marketing campaigns, share content, and direct customer service requests. You may use Facebook for larger marketing initiatives, such as showcasing a company’s culture and resources. It’s important to remember that there’s no universal rule to utilizing social media and that it is beneficial to be flexible. Think about what your individual goals are and work out which social media platform is the best avenue to explore.
  3. Leverage employee relationships If you’re looking to connect with an individual in a specific company, make it a habit to check and see if anyone in your company has a pre-existing relationship with that person. Social media channels like Facebook and LinkedIn make it fairly easy to spot mutual connections, so it is a good idea to get into the habit of checking. Whether you ask your colleague to help make an introduction or to arrange a meeting, a mutual connection gives you the competitive edge in effective business development.
  4. Use social media as a touchpoint Social media is not only essential to business development, but also complements other more traditional practices, such as when you’ve sent an email or voicemail to a business prospect that has gone unanswered. It’s understandable that people get so busy they can delay, forget or pass over an inquiry, but instead of passively waiting for a reply, why not make it standard practice to follow up separately via LinkedIn or other social media platforms? This way you can build additional opportunities with potential partners, increase the likelihood of a response, and even forge a future business relationship.
The fundamentals of business development are strong relationships with a partner or companies with a good reputation, who will have a positive impact on your business, such as marketing an initiative collaboratively. Social media can get this whole process started, so the next time you’re looking to contact a business prospect or potential partner, start by visiting their social media channels to get the heads up to help you in your quest.

Looking to learn more about the benefits of social media in business? Contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
January 20th, 2015

AppleMacOS_Jan16_BMacs are full of great tools and shortcuts to help drive productivity and increase the speed at which you work. And if you know about the built-in tricks available to make your life easier, computers can help in speeding you along and allow you to achieve your goals more quickly. A new year presents a new chance to pick up skills like this, or to brush up on those you already know but have fallen out of the habit of using. These three Mac tips will have you working at lightning speed!

Make searching easier

Need to hunt down a file? You can make the process easier by not searching for just one word, or even a series of words in sequence, but by instead searching for a logical combination of terms as a Boolean expression. Boolean expressions combine search terms with conditions like ‘and’, ‘or’ and ‘not’ to specify whether you want results that contain all, or only some, of your search terms. These expressions are supported by native Mac apps including Spotlight, Mail and Calendar, and by plenty of third-party apps too.

For instance, if you wanted to track down client invoices that have not yet been marked as paid, you might begin by searching for files containing the word ‘invoice’. This term alone would bring up plenty of results you had no interest in, but by using a Boolean expression which takes the terms ‘and’, ‘or’ and ‘not’ to create a logical statement, you could run a search for ‘invoice NOT paid’.

Protect your passwords

We’ve all heard the recommendation that our passwords should be long, difficult to guess and full of unnatural-feeling characters like mixed-case letters, numbers and punctuation - easier said than put into practice. Add to that the fact that, if we want to be truly secure, we shouldn’t use the same password for more than one account, and suddenly creating hack-roof passwords becomes a real challenge. Even once you’ve invented them, how on earth are you supposed to remember all of these different passwords?

Well, there’s an app for that. Or several, to be precise - the Apple-specific iCloud Keychain syncs your passwords across your devices and then fills them in when necessary, remembering what you can’t. On other operating systems, 1Password and LastPass are good alternatives.

Simplify your coding

Does your day-to-day work involve writing of some kind? You can make your job simpler by forgetting often difficult to read HTML code in favour of much friendlier, more attractive and easier to work with Markdown code. Based on plain text, Markdown is compatible with almost all word processors, meaning you don’t need to worry about using a specific text editor for fear of risking the corruption of your code. Simplified codes, such as Marketing to create a hyperlink, are transformed into formatted documents by a converter that takes the effort out of writing.

Numerous versions of Markdown have expanded upon the original idea to add additional features and bring further design richness to your finished document, but all of them offer the basics you’ll need to produce in your writing. Examples of apps that act as dedicated Markdown editors are Marked 2, iA Writer and Editorial.

If you’re looking to learn more about productivity tips or other Mac features, get in touch today and see what we can do to help.

Published with permission from TechAdvisory.org. Source.

Topic Apple Mac OS
January 14th, 2015

Security_Jan12_BAny business can become the victim of security breaches on a mass scale, as shown by the debacle which recently eclipsed Sony and forced it to temporarily cancel the release of blockbuster movie The Interview. Beneath the dramatic headlines are lessons for small business owners everywhere in how simple errors in IT security management can have grave consequences. These tips will help prevent your firm being the next to suffer Sony’s fate.

Don’t let basic security habits slip

Our modern-day instinct tells us that the answer to potential security breaches is to install new layers of Antivirus software, firewalls and further encryption systems. While these are all worthy additions to your company’s armor of security shields, they will do little to help if good old-fashioned protective habits are allowed to slide.

Instill a disciplined, security-conscious mentality in your organization, and keep the messages simple so that staff remember and follow them. Focus on regularly changing passwords and keeping them secret, being vigilant about avoiding unexpected links in email messages, and limiting network access for the likes of external contractors to that which is absolutely necessary.

One of the ways hackers made their way into the Sony network was by tricking administrators into thinking they had a legitimate need for access: teach your staff to be careful, and praise cautiousness even if it turns out access is warranted. Encourage staff to flag up potential security lapses, and make sure they know that reports will be followed up and loopholes closed.

Take a flexible and agile approach to IT

IT changes, and so do the ways best suited to keeping it safe. This means it is vitally important to keep your IT systems up to date, and where necessary to do away with outdated practices that could leave your business technology exposed. This involves more than just ensuring that your network is running updated Antivirus software to catch the latest bugs and worms - it means staying abreast of emerging methods to mitigate potential threats from hackers worldwide.

All of this uses staff and resources that your small business might not have - which is where outsourced managed services come in. Using a managed service provider as an add-on to your own IT team can give you extra flexibility and the ability to keep abreast of industry security developments, even when you lack the time to do so yourself.

Equally, know when it is time to ditch data - think of emerging social networks like Snapchat, which set messages to self-destruct after a set time, as your cue to make your data retention policy less permanent, particularly in relation to email. If you no longer have a business need or a regulatory requirement to retain information, then delete it - in the process you can limit the possible damage even if the worst should occur and you fall victim to an external attack.

Backup, backup, backup

The last thing you want in the event of a security breach is for it to hit your day-to-day operations - the potential damage caused by the hack itself is likely to give you enough to worry about. But that is exactly the situation Sony found itself in after its latest hack, with its email system down and staff forced to return to the days of pen, paper and even the fax machine.

As well as ensuring alternative means of communication remain open to your business in the aftermath of a possible attack, it is also vital to make sure that you retain access to the information most critical to your work. Regular, secured backups help ensure that, whatever happens, the show is able to go on and your firm’s productivity and revenue are not unduly hit. Engaging professionals to undertake your backups on a managed service basis also means this can happen routinely and without fail, while you stay focused on running your business.

Want to learn more about how to reduce your IT network’s vulnerability to attack? Get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
January 13th, 2015

iPad_Jan12_BSince the arrival of the iPad back in 2010, businesses have been able to stay connected and easily work on-the-go like never before. Still, many people are constantly looking to increase their iPad’s versatility through different applications available in the App Store. And now, thanks to Duet Display, you can effortlessly turn your iPad into your second Mac screen!

Duet Display, developed by a former Apple engineer, Rahul Dewan, will turn your iPad into an external screen for your Mac, and does so using a cable that you already use to charge and sync your iPad. To be precise, it’s actually two apps — one for your iOS device and a companion app for your Mac that lets it recognize an iPad or iPhone as a second screen.

How does Duet Display work?

  1. Download Duet Display from the Apple Store for $14.99
  2. Install Duet Display for OS X
  3. Duet Display will add a little settings icon to the right side of your menu bar and requires a password when you’re installing it on your Mac. This is because the app needs to install display drivers.
  4. Open the Duet Display app on your iPad and plug it into your Mac with a lightning cable (or a 30-pin cable if you’ve got an older iPad that’s still supported).
  5. Now you can enjoy working with two screens!
Because your iPad is plugged in, you won’t have to worry about your iPad’s battery. And while you’re using Duet Display on the iPad, you’ll still get your regular iOS notifications. You can also set your computer to use all the pixels on your iPad’s Retina display (2,048x1,536 pixel resolution), or you can set your iPad to regular resolution too. Duet Display works with all Macs running on OS X Yosemite and any iPads or iPhones running iOS 5.1.1 or above, meaning it will work with your old iPad. The only downside is you can only connect a single iOS device for now.

The growing number of applications in the App Store means there are often new ways to make use of your iPad being introduced. Looking to learn more about the iPad and its capabilities? Contact us and see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic iPad
January 7th, 2015

web_Dec26_BIn order for a business to reach the highest number of customers, it is important to have an online presence. The first step to take in achieving this is to create a website and then you are going to need to establish it online. This is done through a Web host. If this isn't an area you know much about then here is an overview of what a Web host is and the two most common types of hosting.

What exactly is a Web host?

When creating a website, you are going to need to find a way to get the files and pages that make up your site online and available for all Internet users to see. In order to do this, you are going to need to work with a Web host who provides space on a server for you to host your website files (what the user sees when they visit your site).

A good way to think of a Web host is as being similar to a company that businesses rent premises from. You pay the company to rent space to host your Website so that you can run your business. Many Web hosts also offer a service called domain hosting, which allows you to create a Web address so users can access your website e.g., google.com, inc.com, etc. Combine these two services together and you have the main foundations for your website.

Beyond simply hosting your website, Web hosts often host domain-based email addresses, website databases, videos, etc. Essentially, whatever needs to go on your website will need to be stored with your Web host.

When you sign up with a Web host you will usually pay a monthly fee, which the company uses to maintain and invest in new servers for hosting, decreased access speeds, and better services.

What are the two most common types of Web hosting?

There are hundreds, if not thousands of Web hosts around the world, but you can fit almost all of them in one of two categories:
  1. Shared hosting - Hosting where multiple, different websites are stored on one physical hosting server. Sites avet their own partition (section of storage) that is kept separate from other sites on the same server.
  2. Dedicated hosting - Hosting where one website is hosted per server. This means you have all of the server's capacity to yourself. No other websites beyond yours and the other sites you run are hosted.

Which one is best for my business website?

The vast majority of websites on the Internet are hosted via shared hosting services. This is because this way is more affordable, while still offering generally stable access and access speeds. For almost all small to medium businesses who want fairly simple websites, or sites with minimal features, a shared host is ideal.

If your website is going to be large, e.g., thousands of pages, and you are going to need to host complex features like advanced ecommerce, streaming, etc., then it would be best to opt for a dedicated hosting service.

As a general rule of thumb, for most business needs a shared hosting service is sufficient. Dedicated hosting is more suitable for large sites like Google, Amazon, government sites, etc.

There are a wide-variety of Web hosts out there and it can be a challenge to select one that works well for your business. What we recommend is contacting us. With our expertise and solutions, we can help find a Web host that will work best for your website and business needs. Contact us today to shine the spotlight on your online presence.

Published with permission from TechAdvisory.org. Source.

Topic Web
January 6th, 2015

osx_Dec25_BIt is time to start looking at what is ahead in terms of tech developments in 2015. When it comes to Apple, 2014 was one of their better years, with new versions of nearly everything introduced. While it is still a little early yet to say whether 2015 will be the same, there are some interesting changes and innovations expected from Apple in the year to come.

1. Apple focuses more on business solutions

Early in 2014, Apple announced that they would be entering a long-term partnership with enterprise giant IBM. The idea behind this was that Apple would work with IBM to develop a better way to bring mobile solutions to businesses and whole industries.

Up until now there has been little announced beyond this initial partnership. However, you can expect that both IBM and Apple are working on big developments that could debut in 2015. One indicator of this is the way many Apple products, mobile devices especially, are being integrated into businesses. Most devices, like the iPad, enter the business via an employee bringing them to the office (BYOD), and using their own device for work.

While this has worked well for many companies, the business side (apps, marketing, company-wide management, etc.) has largely been lacking or unsupported. It is a fair belief to think that Apple will continue to develop products in 2015, but leverage the IBM partnership to make devices easier to use and integrate into business; while also taking advantage of IBM's wide industry expertise to launch industry-specific apps and services.

2. A larger iPad

Rumors started to fly about Apple developing a larger iPad for release some time in 2015. The word is that they are working on a 12.9 inch device that is supposedly being targeted to be a replacement for low-end PC's small netbooks. This device could be great for businesses, especially those with employees who are on the road a lot, or who work directly with clients. Think about it: A highly portable tablet with enough screen space to run most apps, combined with a subscription to Office 365 or Google Apps, with a possible keyboard case. It could very well be a great solution for many businesses.

We can't say when, or 100% for sure if this device will be released, but signs and rumors are pointing to a likely launch in 2015.

3. Apple Watch

This prediction is pretty much a no-brainer, largely because it has already been announced. Scheduled to be released in the spring of 2015, the Apple Watch should be the wearable of the year. Like most other Apple products, this will no doubt be a popular product with high demand from the domestic market.

At this time however, it really doesn't look like there will be much use for this product for businesses for the time being. Sure, it provides a convenient way to interact with your phone, but many businesses will likely see it as more of a distraction than a help. That being said, some employees will probably purchase one privately so you do need to aware of this device, especially when it comes to your BYOD program and it the device is used for business activities.

4. An incremental update to the iPhone

With 2014 seeing the release of both the iPhone 6 and 6 Plus, Apple brought some high-powered devices to the market that were a big step over even the iPhone 5. In 2015, Apple will likely have a hard time outdoing the iPhone 6, so will likely introduce a small update to the phone instead.

This version will probably have an improved processor and some small improvements that will make the phone a little more competitive, with other devices released in the coming year. We don't however expect an iPhone 7 or 7 Plus this year.

5. A smaller update to OS X

The past two years have seen back-to-back big versions of OS X drop. The most recent version, Yosemite, was a new design introduced along with a number of new features that brought the desktop operating system closer to Apple's mobile operating system iOS.

In 2015 you can expect a new version of OS X to be unveiled and likely released, but we are pretty sure that it won't be as big of an update as the last two. From what Apple has said about these systems, it looks like most features introduced in the next version of OS X will bring the iOS and OS X even closer together.

We're curious to know what you would like to see from Apple in 2015. Let us know!. And, if you would like to learn more about implementing any existing Apple devices into your business, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Apple Mac OS
December 31st, 2014

security_dec24_BTake some time and research how companies are hacked and you will quickly come to realize that there are a wide variety of methods at a hackers disposal. One of the increasingly common, and effective strategies being employed is spear phishing. In early December 2014, a new spear phishing attack was uncovered, one that has proven to be quite effective against large businesses, and could possibly target small companies as well.

What is spear phishing?

Spear phishing is an advanced form of phishing where attackers troll the Internet for relevant information about you and then create a personalized email that is sent to you. This email is usually developed so that it appears to be coming from a friend or trusted partner and contains links to a site or program that can initiate an attack or steal information.

More often than not, these links are to websites where you enter account information, passwords, and even bank account details, or any other personal information which can be used to break into computers and even steal your identity.

What is this latest spear phishing attack?

This new form of spear phishing, being carried out by an organization who calls themselves FIN4, has actually been around since as early as mid 2013. When they attack Wall Street listed companies they are doing so to steal valuable plans and insider information.

What we know is that they send highly savvy and targeted emails to people at a company, trying to harvest Microsoft Outlook account information. Once they have this crucial data they then target others inside, or connected to, the organization, with the same email, while also injecting the code into ongoing messages. This method can spread the attack quickly, leading to a potentially massive security breach.

In the email examples of this phishing threat, the attackers write mainly about mergers and other highly valuable information. They also include a link to a forum to discuss the issues raised further. These emails come from people the recipient already knows, and the link is to a site that asks them to enter their Outlook account and password before gaining access. When this information is entered, it is captured by the attacker and used to launch more attacks.

What can we do to protect our systems?

From what we know, this attack is being carried out largely against law firms, finance companies, and other large organizations. While this discounts many small businesses, there is a good chance that the attackers will turn to small businesses operating with larger companies at some point.

Because this is an email-based attack, you need to be extra vigilant when opening all emails. Be sure to look at the sender's address, and read the body of the email carefully. While hackers generally have good English skills, they aren't fully fluent, which means you will notice small mistakes. Also, keep in mind previous emails sent by the recipient. If the tone and style is off, then the email may be fake.

It is important to always look carefully at all links in email messages. If a link looks suspicious, then ask the recipient for more information or to tell you where the link goes. If you come across any site asking you to enter account information, be extra careful. Look at the URL address in your browser, if it doesn't sat HTTPS:// before the address, then it may be a good idea to avoid this.

If you have any questions on spear phishing and how you can prevent it, contact us today to see how we can protect your business.

Published with permission from TechAdvisory.org. Source.

Topic Security