We’ve all been there. You're scrolling through your Facebook feed, and an ad pops up promising to help you grow your business with some AI-powered software…
Sounds tempting, doesn't it? Without giving it much thought, you click to see what it’s about.
Bad news: This is a big 🚩
Cybercriminals have been found creating Facebook ads that promise to supercharge your productivity and revenue. But when you click, there's a catch.
The software they ask you to install is actually malware (malicious software).
And when it’s on your computer it can give the criminals access to your Facebook data, including your ad budget.
You might think, "Who'd fall for such an obvious trick?"
But let's be real. When you're a small business owner juggling a million things at once, it's easy to take the bait. And these hackers are smart. They know how to make their phony offers look legit, and how to hide the malware on your computer so it’s hard to spot.
How do you stay safe? First, be skeptical of offers that seem too good to be true, because they often are. You can verify ads by Googling the advertiser before clicking on them.
And above all, take steps to secure your Facebook account. Use two-factor authentication, where you use a second device to prove it’s really you logging in.
Remember, these cyber criminals might be sneaky, but they're not infallible. For instance, the researchers who uncovered this scheme found several Vietnamese keywords in the malicious script.
This is another stark reminder of the importance of good cyber security. Yes, running a business is a juggling act, and adding another ball to the mix might feel overwhelming.
But think of it this way: Would you rather spend a little time now securing your account or a lot of time later dealing with the fall out of a breach?
As the saying goes, "Prevention is better than cure." So, stay safe, stay alert, and protect what you've worked so hard to build. If you need some help doing that, get in touch.
Ever been tempted to download the beta version of your favorite app, ready to test out all the cool new features before everyone else?
The FBI has some news that might just make you think twice.
Cyber criminals have come up with a brand new trick to lure us into their lair. They’re hiding malicious code in fake beta versions of popular apps, turning unsuspecting people’s mobiles into their personal piggy banks.
Now, don't get us wrong, we love innovation as much as the next team of tech enthusiasts. But whilst beta versions have a certain allure, they haven't gone through the rigorous security checks that apps in the official app stores must pass.
Criminals send fake emails pretending to be the developers of popular apps, offering early access to new beta versions.
But of course they’re fake too. Once installed, they can do all sorts of bad things, including accessing data from your finance apps and even taking over your mobile
If your staff download them onto company devices, could your business be compromised?
There’s a moral to our story. And it's a simple one: Patience is a virtue.
Hold off on downloading beta versions of apps. Wait until they're stable and officially released in app stores. Good things come to those who wait, and that includes secure apps.
If you have downloaded beta versions in the past, keep an eye out for red flags like faster battery drain, poor performance, persistent pop-up ads, and apps asking for unnecessary permissions.
In this digital age, we must be as smart and savvy as the technology we use. So, before you hit download, take a moment to think: is this app worth the risk?
Train your staff to think the same way. And if you do give them business mobiles, consider a Mobile Device Management solution to control what they can do with them.
We can help keep all your devices better protected. Get in touch.
How many times have you been in the middle of an urgent email, attaching a critical file, only to be met with the dreaded notification – "file too large to send"?
Frustrating, isn't it?
Well, Microsoft has heard our collective sighs of exasperation. They've announced an update that promises to banish the 'file too large' issue once and for all.
And this is one of those rare times where something that feels too good to be true is actually true!
In an official post on the Microsoft 365 roadmap, the tech giant’s revealed its plan to integrate Outlook with Microsoft's OneDrive cloud storage platform.
It means when you hit that attachment size limit, Outlook will ask you to upload your file to OneDrive, so your document still reaches the intended recipient.
Clever, don't you think?
Android devices get this new feature first, but for everyone else, the rollout is due this month. We don't have long to wait.
Soon you’ll no longer need to compress, resize, or even abandon your large files. Or turn to third-party services (which can be a security risk). Microsoft is paving the way for a smoother, more efficient email experience.
If you’d like a hand getting more from your Microsoft 365 subscription, get in touch.
You’ve checked your pockets, your bag, under pillows … and then it hits you. You left your work phone on the table at the coffee shop.
It's not the device itself that’s got you worried, but all the sensitive business information stored on it. If that mobile ends up in the wrong hands, you’re facing a nightmare.
But that worry could be over. Microsoft and Samsung are joining forces to make your work mobiles safer. This month, they’re launching a groundbreaking solution to help protect anyone who uses a Samsung Galaxy device in the workplace.
With something called on-device attestation. It lets companies see if mobile devices have been compromised, even at their deepest components. Think of it as a security guard for your cell phone.
Samsung brings its software and hardware innovations to the table, whilst Microsoft provides its endpoint management expertise.
And whilst other device attestation tools require a network connection and access to cloud services, this solution works reliably regardless of network connectivity or device ownership model.
This solution will be released alongside Microsoft Intune (previously known as Windows Intune), a unified endpoint management service for both corporate devices and BYOD (Bring Your Own Device). And it will be available to select Samsung Galaxy smartphones and tablets, especially those "Secured by Knox".
So, whether you're working from the office, a busy coffee shop, or a remote cabin in the woods, you can rest assured your device is safe.
In business, your mobile is more than just a communication device. It's a vault of sensitive (and valuable) information. And with Microsoft and Samsung on the case, that vault just got a lot safer.
If we can help you keep any of your devices more secure, get in touch.
You’re no stranger to the endless threats lurking in your email inbox. But have you ever considered that an email that seems to be from Microsoft could end up being your worst nightmare?
Microsoft, the tech giant we all know and trust, has become the most imitated brand when it comes to phishing attacks. That’s where cybercriminals send you an email that contains a malicious link or file. They’re trying to steal your data.
And while Microsoft isn't to blame for this, you and your employees need to be on high alert for anything that seems suspicious.
During the second quarter of 2023, Microsoft soared to the top spot of brands imitated by criminals, accounting for a whopping 29% of brand phishing attempts.
This places it well ahead of Google in second place (at 19.5%) and Apple in third place (at 5.2%). Together, these three tech titans account for more than half of the observed brand imitator attacks.
But what does this mean for your business?
Despite a clear surge in fake emails targeting millions of Windows and Microsoft 365 customers worldwide, careful observation can help protect you from identity theft and fraud attacks.
Whilst the most imitated brands change from quarter to quarter, cyber criminals are less likely to change their tactics.
They use legitimate-looking logos, colors, and fonts. Phishing scams frequently use domains or URLs that are similar to the real deal. But a careful scan of these, along with the content of any messages, will often expose typos and errors – the tell-tale signs of a phishing attack.
One of the latest attacks claims there has been unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from login credentials to payment details.
And whilst tech firms continue to be popular scam subjects, many cybercriminals have turned to financial services like online banking, gift cards, and online shopping orders. Wells Fargo and Amazon both rounded up the top five during Q2 2023, accounting for 4.2% and 4% of brand phishing attempts respectively.
What can you do to protect your business?
The answer is simpler than you might think. The best course of action when it comes to phishing is to slow down, observe, and analyze. Check for discrepancies in URLs, domains, and message text.
If we can help you keep your team aware of the risks, get in touch.
In the fast-evolving world of technology, business owners and managers like you are always on the lookout for the next big thing to give them a competitive edge.
Have you considered how AI tools might be able to help?
ChatGPT – or Generative Pretrained Transformer, if you want to get technical – has been making big waves all year. It’s an AI model developed by OpenAI that’s designed to generate human-like text based on the prompts it's given. Think of it like having a professional writer at your beck and call, ready to generate content, answer queries, or even draft emails whenever you need.
Lots of other AI models have also been released, including one from Google called Bard. Unlike ChatGPT, Bard can browse the web for its answers (you can do this in ChatGPT, but you must be a paying Plus subscriber and have switched on web browsing in the settings).
Some businesses already use AI tools, mainly for customer service and content creation. That’s like buying a Ferrari just to drive to the grocery store. They can do so much more!
Here are three of the other ways an AI tool can turbocharge your business…
- Stay ahead with trend detection: Remember the feeling when you realized too late that the last ‘big thing’ could’ve been a gold mine? With an AI tool, you'll be the one setting the trends, not following them. Simply ask it to "Provide a short analysis of the latest [insert your industry] trends", and you're armed with powerful knowledge.
- Enhance productivity with keystone habits: Increased productivity is the holy grail for any business owner. With an AI tool, you can tap into cutting-edge research to supercharge your work habits. Just ask for the "top 5 latest ways to [improve a specific area]". We bet you spot a new idea you’d never thought of.
- Make better decisions with summaries of complex events: Ask your tool to explain [something complex] to a 12 year old… that’s a clever way to get a summary anyone can understand.
ChatGPT, Bard and all the others are more than just AI writing assistants… they’re your secret weapon in the business world. It's time to stop using your Ferrari just for the grocery runs and start taking it for a real spin.
If we can help you use AI more in your business, get in touch.
Are you aware that the rise in global VPN usage has skyrocketed? The reasons are clear as day: Virtual Private Networks offer increased security, anonymity, and allow access to geo-restricted content online.
But here's the million-dollar question: Are all VPNs created equal?
The answer is a resounding no. And that has potential implications for your business.
Free VPNs, although tempting with their zero-cost allure, aren’t always what they promise to be. Why, you ask? Let's take a closer look at free VPN services.
For starters, it's important to understand that running a VPN service comes with substantial costs. Servers, infrastructure, maintenance, staff – these aren't free.
So how do free VPN providers keep the lights on? Some employ tactics that could compromise your privacy and security.
Imagine this: You're sipping your morning coffee, browsing the net through a free VPN, believing your online activities are private. In reality, your sensitive information might be collected and sold to the highest bidder.
Cyber criminals, advertizers, even government agencies could potentially get their hands on your data.
Shocking, isn't it?
Moreover, free VPNs are notorious for injecting unwanted ads and tracking cookies into your browsing sessions. Ever wondered why you're suddenly bombarded with eerily accurate ads? It's probably your free VPN service cashing in on your browsing habits.
Now, consider the potential danger if an employee downloads a free VPN on a company device, or on their personal device that they use for work. Company data could be exposed, representing a significant business risk. Picture a scenario where your company's sensitive data falls into the wrong hands - a chilling thought, isn't it?
So, what's the solution?
It's crucial to educate your employees about the risks associated with free VPNs. Encourage the use of reliable, paid VPN services that guarantee no logging of data, robust encryption, and superior user privacy.
In fact, you may choose to provide one to them. If we can help you find the safest, most suitable VPN for your business, get in touch.
Remember, when it comes to online security, free often comes at a higher cost. Isn't it worth investing a few $$ a month to protect your company's valuable information?
You may think that cyber-attacks only happen to large corporations. But unfortunately, that's not the case.
According to a recent report, almost two-thirds of small and medium-sized businesses (SMBs) suffered at least one cyber attack over the past year. That's a staggering number, and it should serve as a wake-up call for businesses everywhere.
But it gets worse.
More and more businesses are also experiencing repeat attacks, with 87% reporting at least two successful attacks over the past year. And on average, a company suffers almost five successful cyber incidents.
The question is, why are these attacks happening, and what can you do to prevent them?
The most common types of cyber-attacks that businesses face are malware and ransomware.
Malware is malicious software. It invades your system and can cause all sorts of problems, from slowing down your operations to stealing your data.
Ransomware is even more dangerous as it encrypts your data, making it impossible for you to access it unless you pay a ransom fee. This can be devastating for any business and can lead to significant losses and downtime.
What factors are contributing to more successful attacks?
One reason is the rise in BYOD (Bring Your Own Device). This means employees using their personal devices to access company information, which can be risky.
Another factor is the explosion of productivity apps, which can create security vulnerabilities if not properly secured.
Finally, the number of devices we're using now means there are more entry points for cybercriminals to exploit.
The good news is that there are steps you can take to protect your business. Here are five solid security steps you can take.
- Use strong passwords: Passwords are your first line of defense, so make sure they're strong and unique. Better yet, use a password manager that can create and remember randomly generated passwords
- Keep software up to date: Software updates often contain security fixes, so make sure you're always running the latest version. This applies to both your operating system and all applications you use
- Train your staff: Educate your employees on how to identify phishing emails and other scams. You can also run regular security awareness training sessions to keep everyone up to date
- Backup your data: Doing this means if you do suffer a cyber attack, you can restore your systems quickly and with less disruption
- Use antivirus software: This can help protect your systems from malware and other threats. Make sure you're running a reputable and up-to-date solution
Remember, prevention is always better than cure. Take action today to help you stay protected.
And if that seems like a lot of extra work, let us help. Get in touch today.
How many times a day do you respond to an email without really thinking about its contents?
Maybe it's a request for some information. Perhaps it’s asking you to pay an invoice. All mundane stuff. But no sooner than you’ve hit send, you've fallen victim to a Business Email Compromise (BEC) attack.
A BEC attack occurs when a cybercriminal gains access to your business email account and uses it to trick your employees, customers, or partners into sending them money or sensitive information. They do this by impersonating someone senior, and abusing their position of trust.
It might sound like something that only happens to big corporations, but that's not the case.
According to the FBI, small and medium-sized businesses are just as vulnerable to BEC attacks as larger ones. In fact, these attacks have cost businesses more than $26 billion over the past few years.
And Microsoft brings more bad news, with its recent findings showing that they’re getting both more destructive and harder to detect.
So, what can you do to protect your business from BEC attacks? Here’s our advice:
- Educate your employees: They are the first line of defense against BEC attacks. They need to know how to spot phishing emails, suspicious requests, and fake invoices. Train them regularly on cyber security best practice, like strong passwords, multi-factor authentication, and secure file sharing.
- Use advanced email security solutions: Basic email protections like antispam and antivirus software are no longer enough to block BEC attacks. You need more advanced solutions that use artificial intelligence and machine learning to detect and prevent these attacks in real-time. Look for email security providers that offer features like domain-based message authentication, reporting, and conformance (DMARC), sender policy framework (SPF), and DomainKeys Identified Mail (DKIM).
- Set up transaction verification procedures: Before transferring funds or sensitive information, establish a verification process that confirms the authenticity of the request. This could include a phone call, video conference, or face-to-face meeting. Don't rely on email alone to confirm these types of requests.
- Monitor your email traffic: Regularly monitor your email traffic for anomalies and unusual patterns. Look for signs like unknown senders, unusual login locations, changes to email settings or forwarding rules, and unexpected emails. Make sure you have a clear protocol in place for reporting and responding to any suspicious activity.
- Keep your software up to date: Ensure that you're always running the latest version of your operating system, email software, and other software applications. These updates often include vital security patches that address known vulnerabilities.
BEC attacks are becoming more common and more sophisticated, but with the right awareness, training, and security solutions, you can protect your business.
Don't wait until it's too late – take action today to keep your business safe.
If you want to know more about how to protect your business from cyber threats, our team is always ready to help you. Give us a call.
Microsoft has announced that the current version of Windows 10, released in 2022, will be its final release.
If you're currently using Windows 10, you might wonder what this means for your day-to-day operations.
The good news is that your computers won’t suddenly stop working. The current updates and security patches for Windows 10 won’t disappear anytime soon either.
However, you may want to consider upgrading to Windows 11 sooner rather than later. Microsoft has made it clear that it will be devoting all its attention to the new operating system from now on, so future developments and innovation will be focused on Windows 11.
Upgrading can be a daunting task, but moving to Windows 11 has so many benefits:
Windows 11 has been designed to maximize efficiency and performance across all types of devices, making it a no-brainer for businesses looking for faster and more efficient technology.
Improved user experience
The interface has been updated with a more modern look, making it easier to navigate and customize.
Windows 11 comes with Microsoft's most advanced security features, making it harder for cybercriminals to breach your system.
Better integration with cloud services
Windows 11 gives you access to a range of cloud-based services, making it easier to collaborate with other team members and enhance your business' productivity.
If you're still hesitant about upgrading, keep in mind that Microsoft will eventually stop releasing security updates for Windows 10. We’re expecting it to be in late 2025. This means staying with Windows 10 for too long could put your business at risk of security threats.
The sooner you upgrade, the better your protection against these threats, and the more significant the benefits you'll be able to reap from Windows 11.
Like any big project, making the move to Windows 11 needs to be planned and implemented properly. Your hardware needs to meet certain requirements and, of course, you’ll need to make sure it’s done without affecting day-to-day operations.
If you’d like help making the transition with as little disruption as possible, get in touch.