Security
How To Keep Hackers At Bay
No one wants to have their network “hacked,” but what exactly can a hacker do?
Plenty, and you are right to be afraid!
One common way for hackers to access your network is through spyware or viruses, which are malicious programs written to imbed themselves into your network to gather private information, steal financial data, access passwords, e-mail addresses, and spread themselves to other users. But one of the most common ways for hackers to access your system is through e-mail, or spam e-mail to be more specific.
Phishing is when a hacker sends you a legitimate looking e-mail from a trusted source — like PayPal, your bank, eBay, or any number of other legitimate business web sites. These e-mails will tell you that your account is expired or will be closed if you don’t go to a designated web site and update or verify your account information.
Although you may have seen these e-mails before, be very careful! Hackers are brilliant at making not only the e-mail seem legitimate, but also at making the web site you go to look like the real thing.
If you fall prey to their scam, the site will gather your private information and then use that to access your bank account or to charge your credit card. To protect yourself, install a spam filter and NEVER open or respond to any e-mail requesting account verification. Instead, call the company. If it is a legitimate request, you can verify that with them over the phone.
School is Back in Session
How to Keep Your Kids Safe Online
With school back in session, thousands of children will be surfing the Internet to conduct research, chat with their new classmates and complete homework assignments.
Although the Internet provides a tremendous learning tool for children, left unchecked it can also expose them to inappropriate material and unscrupulous individuals looking to exploit innocent children.
The Statistics of Online Abuse Towards Children Are Alarming
According to a survey conducted by NetAlert, nearly one child in every five has been approached online by a stranger, and 45% have been exposed to material that is pornographic, sexually explicit, violent, racist, or that encourages them to participate in dangerous or illegal activities.
One of the biggest threats are social networking sites like MySpace.com.
But MySpace isn’t the only threat.
According to Highlights of the Youth Internet Safety Survey conducted by the U.S. Department of Justice, one in five children received unwanted sexual solicitations online. There are a growing number of pedophiles using the Internet to gain a child’s confidence and arrange face-to-face meetings.
These cyber criminals are using everything from spam e-mails to online messaging, kid’s chat rooms, and misleading domain names to trap children. If your child uses the Internet, you must take measures to protect them from these dangers.
As part of our back-to-school newsletter edition, we’ve outlined 3 things you should be doing now to keep your kids safe online.
3 Things You Can Do Right Now To Protect Your Children Online
1. Install web and e-mail filtering software to prevent your children from viewing inappropriate material. We recommend using www.bsafeonline.com. Not only will this prevent your children from visiting inappropriate web sites, but it will also stop inappropriate spam.
2. Talk to your kids about online safety and proper Internet usage. Set limits and guidelines about when they can go online, what they can do, and how long they are allowed to be online. Explain why it is dangerous for them to “chat” with strangers online or download suspicious looking files.
3. Give your children specific online guidelines or rules to follow when using the Internet. It’s not enough to warn them about potential risks; pedophiles know how to cloak their identity and gain a child’s confidence to arrange face-to-face meetings.
Require Your Kids To Follow These Rules Online:
- I will not give out personal information such as my address, telephone number, parents’ work addresses, or our e-mail address to anyone online.
- I will tell my parents right away if I see a web site, e-mail, or message that makes me feel uncomfortable.
- I will never send my picture to anyone online or upload my picture to any web site without my parent’s knowledge and permission.
- I will never agree to meet someone face-to-face whom I met online without my parents’ knowledge and permission.
- I will not respond to any messages that are mean or that make me feel uncomfortable in any way.
- If I get a message like that, I will tell my parents right away so that they can contact the online service.
- I will never give my parents’ financial information to anyone, especially their credit card information, bank account information, or social security number.
If you want more information on how to keep your children safe online or to report illegal, violent, or explicit acts towards children, go to www.cybertipline.com.
This site is run by the National Center for Missing & Exploited Children and is a great resource for parents, teachers, and guardians.
Raise IT Security Measures And Lower Your Stress
Updating Your Network Security Protects Your Valuable Data
Simplify. Prevent problems. Do it right, not over. These are just a few of the phrases among the most popular published in “Stress Reducing Tips” articles. But, how do you achieve these goals?
Take a look at your IT security measures first. Protecting your information systems from unauthorized use, disruption or destruction can help you reduce the number of stressful incidents that may arise as a result of a vulnerability. How can you decide what level of security is right for your organization?
Dive into a threat and risk analysis.
We can work with you to review the current security mechanisms and determine what needs to be protected. The level of security necessary for your business is largely reliant on the possible threats. If you have many employees, you may have a greater interest in user account changes versus a small dental practice whose chief concern is confidentiality.
Take advantage of our Free Network Audit and learn about the current options available for firewalls, controlled accessibility, anti-virus, spam filtering and much more.
Take time to develop a plan. Listen to employee feedback, analyze your current operations and review key points for development within your company in order to simplify business processes and protect your company data.
Think of the future.
Is your organization in growth mode or are you looking to stabilize your current position? Many clients come to us with only a few changes and end up with many things they would like completed to help increase security, increase efficiency, decrease operating costs or prepare for the future.
Prevent problems.
Security is everyone’s responsibility. According to Datapro Research, the most common causes of damage are: Terrorism, 3%; water, 10%; technical sabotage, 10%; dishonest people, 10%; fire, 15%; and, finally, human error, 52%. Unfortunately, 81% of this damage is caused by current employees.
You could install the most elaborate security and computer protection systems available, but if passwords are written on sticky notes and stuck to computer monitors in the office, or saved in Word documents, we cannot guarantee security.
New threats and vulnerabilities emerge everyday that can endanger your company. Take a preventive approach to managing your information systems with reliable security measures and proper staff training.
Firewalls and virus protection must be current. If you don’t know if these measures are in place, we can help you identify current software installed and enable or update them if necessary. A good anti-virus or firewall solution will automatically update itself as new updates are available.
Spam filtering is essential and can solve many e-mail problems that plague your inbox. Everyday spammers find new ways to get into e-mail inboxes. A lot of spam is simply unwanted advertising that is just annoying and takes up space. Some, though, are used to transmit viruses, adware or spyware that can eventually infect your entire network.
Take Caution Before Opening your Next e-greeting Card
According to a new article in PC Magazine, cyber criminals are now starting to exploit e-greeting card sites in an attempt to steal confidential information.
In 2007, nearly 1/3 of infected e-mail messages contained a phishing scam, while 7 percent of such e-mail messages masqueraded as an electronic greeting card and directed the target to a malicious site.
Here’s how it works: Hackers place a malicious hyperlink in the e-mail greeting, which first sends the user’s web browser to an exploit server that checks to see if the user’s machine has the most up-to-date security patches.
If it’s unpatched, the server silently force-downloads a rootkit and a keylogger onto the user’s computer before redirecting the web browser to an authentic Yahoo greetings card.
On the user-facing end, the victim clicks the link to view the card. However, the card does not let them know who sent it. The victim closes the card and goes about his business without realizing arootkit was delivered to his PC before he even picked up the card.
How do you avoid this from happening to you? First, never open emails from unknown sources. Second, make sure your PC/Servers always have the most up-to-date security patches. And finally, always maintain an active, up-to-date anti-virus software.
Has Your Computer Been Taken Over By a Bot?
David Perry, global director of education for security software provider Trend Micro, was recently quoted in PCWorld as saying, “An unprotected [Windows] computer will become owned by a bot within 14 minutes.”
A bot is an automated program that takes over your computer and uses it as a spam machine, to copy your personal information, such as credit cards numbers, or something equally as evil.
One way to spot a bot is to be aware of network activity when you aren’t on the Internet. You can put a network status light in your system tray. If you see it blinking when you are not using the Internet, there might be a problem.
Do this: In Windows XP, choose Start, Control Panel, Network Connections. You will see an icon for your network connection. Right-click the network connection and select Properties from the popup menu. Check “Show icon in notification area when connected,” and click OK.
Remember, lots of unexplained network activity can mean your computer is “owned” by a bot.
Double check by going to one of several free scanning sites such as McAfee Free Scan or Trend Micro’s House-Call. Then buy antivirus software, install a firewall, and never open e-mail attachments from unknown sources.
Do You Roll Out The Red Carpet For Identity Thieves?
Just about every web site you visit these days wants you to register and choose a password, especially when making a purchase.
However, if you do this carelessly, you may be setting yourself up as an easy prey for online criminals.
Although we know we should choose unique and hard to decipher passwords that contain both numbers and letters, most people still use easy to remember passwords and words for their convenience.
Below are the top 10 passwords used online according to PC Magazine. If you are using any of the following, you’re putting a big red bullseye on your account for identity theft:
- password
- 123456
- qwerty
- abc123
- letmein
- monkey
- myspace1
- password1
- link182
- [your first name]
If you want to avoid having to remember dozens of hard-to-remember passwords, Robo Form is a great FREE software you can download without having to fear adware or spyware. RoboForm was named PC Magazine Editor’s Choice, and CNET Download. com’s Software of the Year.
After you download the software, it memorizes your passwords and logs you in automatically to every web page with one click.
Best of all, it encrypts your passwords and generates random passwords that hackers cannot guess. You can even back up your passwords so you can copy them to another computer.
How To Keep Your Laptop Safe and Secure
You can’t beat the convenience of checking e-mail and hopping on the Internet at (Wi-Fi) hotspots found in airports, coffee shops, and bookstores. For the uninitiated, hotspots are areas where you can use your wireless laptop to surf the Web.
But the question you have to ask yourself is, just how safe are hotspots? With the proliferation of hackers, viruses and identity theft at an all time high, you’re smart to be concerned. Wi-Fi spots are very attractive to hackers because they can use what’s called an “evil twin” connection to access your laptop.
An evil twin is a hotspot set up by a hacker to lure people from a nearby, legitimate hotspot. For example, when you log in at your favorite coffee shop, you might actually be logging onto the evil twin Internet connection set up by the innocent-looking person working on a laptop at the next table. The most dangerous evil twins remain invisible and allow you to do business as usual. But in the background, they record everything you are typing. Buy something online and they are recording your credit card information. Log on to your bank account, and they can grab your password.
So what can you do to make sure you are not giving an evil twin access to your laptop?
First, know the name of the hotspot you’re going to use by asking someone who works there. Some businesses will give you printed instructions that include the hotspot name. But be careful. Hackers will name their evil twin network by a very similar name as the real hotspot, and may even show up as a stronger signal.
The best protection you can have is connecting via your company’s VPN (virtual private network). A VPN will protect your online information by encrypting your data and activity even if you’re connected through an evil twin.
If you don’t have a company VPN, you should assume that someone is looking over your shoulder and recording everything you type in. Therefore, the BEST protection without a VPN is to never type in information such as credit cards, passwords, or social security numbers when connected to a public Wi-Fi hotspot.
The Simple Document That Could Save Your Company From Complete Disaster
It’s official: end users are the weakest link in the IT security chain. You can set up a firewall, encryption, anti-virus software, and password protection up to your ears, but it won’t save you from the employee who posts his access information to a public website.
Most security breaches, viruses, spyware, and other network problems are a result of human error—an end user unknowingly downloading an infected file, emailing confidential information, or disabling their anti-virus, to name a few.
So what is a company to do? While there is no surefire way to keep end users from making mistakes, you can dramatically reduce the number of problems by creating an acceptable use policy (AUP) and training your employees on what is and what is NOT acceptable behavior.
But if you want your employees to actually adhere to your security policies, here are a few tips:
- Keep it simple. A long, confusing policy that looks like a legal document is about as easy to read as the instruction manual for your digital camera. Make the policies clear and easy to read. Give examples and include screen shots where necessary.
- Provide group training. Many companies make the mistake of distributing their AUP by e-mail and telling employees they must read it on their own. This gives the employees the option of NOT reading and simply signing and submitting. You don’t need hours of classroom training but a simple 15 or 20-minute session will force even the most reluctant users to learn a thing or two.
- Keep employees updated. To add to the above tip, make sure you update employees on a regular basis to keep the policies fresh in their minds and to educate them about new threats.
- Explain the consequences of not following the policy. This is both explaining the negative effects to the business as well as disciplinary actions that will be taken if they refuse to follow policy. Occasional violators should be warned, and habitual violators should be disciplined.
- Monitor their behavior. The best policy in the world won’t work if it’s not enforced. There are many tools on the market that can do this for you automatically.
Need Help In Creating An Acceptable Use Policy and Training Your Staff?
Not only can we help you create a customized acceptable use policy for your staff, but we can also provide training on the topic and even install network monitoring software to make sure it is enforced, and that your
policy is working.
Call us at 734-457-5000 or visit us online at www.MyTechExperts.com for more info!
Hackers Are Now Targeting Macintosh Computers
Until recently, MacIntosh computer users have long enjoyed relative freedom from hacker attacks; however, Symantec says online criminals are now setting their sites on Mac users.
Online porn hunters are the latest target. Visitors to porn sites are led to believe they can download a free video player when in fact they are installing malicious code onto their Macs.
Once the users authorize the transaction, the hackers can redirect the users future browsing to fraudulent web sites and possibly steal the user’s information or passwords.
Sometimes they simply send ads for other pornographic websites. This results in thousands of dollars in income for the criminals.
While common thinking is that Macs are essentially more secure than PCs, security experts argue differently. They believe Macs are no more secure than PCs, and that the relatively low number of viruses, exploits and other cyber attacks directed at Mac users is due to Apple’s relatively small share of the computer market.
With that said, the fact remains that for every single attack on a Mac, there are at least 100 attacks on Windows-based systems.