Month: August 2022

Free vector graphics of Website

6 Discontinued Technology Tools You Should Not Be Using Any Longer

By

On August 20, 2022

In IT Management

One constant about technology is that it changes rapidly. Tools that were once staples, like Internet Explorer and Adobe Flash, age out. New tools replace those that are obsolete. Discontinued technology can leave computers and networks vulnerable to attacks.

While older technology may still run fine on your systems that doesn’t mean that it’s okay to use. One of the biggest dangers of using outdated technology is that it can lead to a data breach.

Outdated software and hardware no longer receive vital security updates. Updates often patch newly found and exploited system vulnerabilities. No security patches means a device is a sitting duck for a cybersecurity breach.

Approximately 1 in 3 data breaches are due to unpatched system vulnerabilities.

Another problem with using discontinued technology is that it can leave you behind. Your business can end up looking like you’re in the stone ages to your customers, and they can lose faith and trust.

Important reasons to keep your technology updated to a supported version are:

  • Reduce the risk of a data breach or malware infection
  • Meet data privacy compliance requirements
  • To keep a good reputation and foster customer trust
  • To be competitive in your market
  • To mitigate hardware and software compatibility issues
  • To enable employee productivity

Older systems are clunky and get in the way of employee productivity. If you keep these older systems in use, it can lead to the loss of good team members due to frustration.

49% of surveyed workers say they would consider leaving their jobs due to poor technology.

Following is a list of outdated technology tools that you should replace as soon as possible. Are any of these still in use on your home computer or within your business?

Get Rid of This Tech Now If You’re Still Using It

Internet Explorer

Many moons ago, Internet Explorer (IE) used to be the number one browser in the world. But, over time, Google Chrome and other browsers edged it out. Including its replacement, Microsoft Edge.

Microsoft began phasing out IE with the introduction of Microsoft Edge in 2015. In recent years, fewer applications have been supporting use in IE. The browser loses all support beginning on June 15, 2022.

Adobe Flash

Millions of websites used Adobe Flash in the early 2000s. But other tools can now do the animations and other neat things Flash could do. This made the tool obsolete, and Adobe ended it.

The Adobe Flash Player lost all support, including security updates, as of January 1, 2021. Do you still have this lingering on any of your computers? If so, you should uninstall the browser plugin and any Flash software.

Windows 7 and Earlier

Windows 7 was a very popular operating system, but it’s now gone the way of the dinosaur. Replacements, Windows 10 and Windows 11 are now in widespread use. The Windows 7 OS lost support on January 14, 2020.

While it may still technically run, it’s very vulnerable to hacks. Microsoft Windows OS is also a high-value target for hackers. So, you can be sure they are out there looking for systems still running this obsolete version of Windows.

macOS 10.14 Mojave and Earlier

Because of the cost of iMacs and MacBooks, people tend to hang onto them as long as possible. Once these devices get to a certain point, updates no longer work. This leaves the hardware stuck on an older and non-supported macOS version.

If you are running macOS 10.14 Mojave or earlier, then your OS is no longer supported by Apple, and you need to upgrade.

Oracle 18c Database

If your business uses Oracle databases, then you may want to check your current version. If you are running the Oracle 18C Database, then you are vulnerable. Breaches can easily happen due to unpatched system vulnerabilities.

The Oracle 18C Database lost all support in June of 2021. If you have upgraded, then you’ll want to keep an eye out for another upcoming end-of-support date. Both Oracle 19C and 21C will lose premiere support in April of 2024.

Microsoft SQL Server 2014

Another popular database tool is Microsoft’s SQL. If you are using SQL Server 2014, then mainstream support has already ended. And in July of 2024, all support, including security updates will stop.

This gives you a little more time to upgrade before you’re in danger of not getting security patches. But it is better to upgrade sooner rather than later. This leaves plenty of time for testing and verification of the upgrade.

Get Help Upgrading Your Technology & Reducing Risk

Upgrades can be scary, especially if everything has been running great. You may be afraid that a migration or upgrade will cause issues. We can help you upgrade your technology smoothly and do thorough testing afterward. Schedule a technology review today.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free vector graphics of Hack

How Using the SLAM Method Can Improve Phishing Detection

By

On August 11, 2022

In Cybersecurity

There is a reason why phishing is usually at the top of the list for security awareness training. For the last decade or two, it has been the main delivery method for all types of attacks. Ransomware, credential theft, database breaches, and more launch via a phishing email.

Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses. They use AI-based tactics to make targeted phishing more efficient, for example.

If phishing didn’t continue working, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked. They open malicious file attachments, click on dangerous links, and reveal passwords.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Studies show that as soon as 6 months after training, phishing detection skills wane. Employees begin forgetting what they’ve learned, and cybersecurity suffers as a result.

Want to give employees a “hook” they can use for memory retention? Introduce the SLAM method of phishing identification.

What is the SLAM Method for Phishing Identification?

One of the mnemonic devices known to help people remember information is the use of an acronym. SLAM is an acronym for four key areas of an email message to check before trusting it.

These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to use, it’s quicker for them to check suspicious email. This device helps them avoid missing something important. All they need to do use the cues in the acronym.

Check the Sender

It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike. People often mistake a spoofed address for the real thing.

In this phishing email below, the email address domain is “@emcom.bankofamerica.com.” The scammer is impersonating Bank of America. This is one way that scammers try to trick you, by putting the real company’s URL inside their fake one.

Check the Sender

You can see that the email is very convincing. It has likely fooled many people into divulging their personal details. People applying for a credit card provide a Social Security Number, income, and more.

Doing a quick search on the email address, quickly reveals it to be a scam. And a trap used in both email and SMS phishing attacks.

Scam Email search

It only takes a few seconds to type an email address into Google. This allows you to see if any scam warnings come up indicating a phishing email.

Hover Over Links Without Clicking

Hyperlinks are popular to use in emails. They can often get past antivirus/anti-malware filters. Those filters are looking for file attachments that contain malware. But a link to a malicious site doesn’t contain any dangerous code. Instead, it links to a site that does.

Links can be in the form of hyperlinked words, images, and buttons in an email. When on a computer, it’s important to hover over links without clicking on them to reveal the true URL. This often can immediately call out a fake email scam.

Hover over links without clicking

When looking at email on a mobile device, it can be trickier to see the URL without clicking on it. There is no mouse like there is with a PC. In this case, it’s best not to click the URL at all. Instead go to the purported site to check the validity of the message.

Never Open Unexpected or Strange File Attachments

File attachments are still widely used in phishing emails. Messages may have them attached, promising a large sale order. The recipient might see a familiar word document and open it without thinking.

It’s getting harder to know what file formats to avoid opening. Cybercriminals have become savvier about infecting all types of documents with malware. There have even been PDFs with malware embedded.

Never open strange or unexpected file attachments. Use an antivirus/anti-malware application to scan all attachments before opening.

Read the Message Carefully

We’ve gotten great at scanning through text as technology has progressed. It helps us quickly process a lot of incoming information each day. But if you rush through a phishing email, you can miss some telltale signs that it’s a fake.

Look at the phishing example posted above in the “Links” section. There is a small error in grammar in the second sentence. Did you spot it?

It says, “We confirmation that your item has shipped,” instead of “We confirm that your item has shipped.” These types of errors can be hard to spot but are a big red flag that the email is not legitimate.

Get Help Combatting Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free illustrations of Cyber

Did You Just Receive a Text from Yourself? Learn What Smishing Scams to Expect

By

On August 2, 2022

In Cybersecurity

How many text messages from companies do you receive today as compared to about two years ago? If you’re like many people, it’s quite a few more.

This is because retailers have begun bypassing bloated email inboxes. They are urging consumers to sign up for SMS alerts for shipment tracking and sale notices. The medical industry has also joined the trend. Pharmacies send automated refill notices and doctor’s offices send SMS appointment reminders.

These kinds of texts can be convenient. But retail stores and medical practices aren’t the only ones grabbing your attention by text. Cybercriminal groups are also using text messaging to send out phishing.

Phishing by SMS is “smishing,” and it’s becoming a major problem.

Case in point, in 2020, smishing rose by 328%, and during the first six months of 2021, it skyrocketed nearly 700% more. Phishing via SMS has become a big risk area. Especially as companies adjust data security to a more remote and mobile workforce.

How Can I Text Myself?

If you haven’t yet received a text message only to find your own phone number as the sender, then you likely will soon. This smishing scam is fast making the rounds and results in a lot of confusion. Confusion is good for scammers. It often causes people to click a malicious link in a message to find out more details.

Cybercriminals can make it look like a text message they sent you is coming from your number. They use VoIP connections and clever spoofing software.

If you ever see this, it’s a big giveaway that this is an SMS phishing scam. You should not interact with the message in any way and delete it instead. Some carriers will also offer the option to delete and report a scam SMS.

Popular Smishing Scams to Watch Out For

Smishing is very dangerous right now because many people are not aware of it. There’s a false sense of security. People think only those they have given it to will have their phone number.

But this isn’t the case. Mobile numbers are available through both legitimate and illegitimate methods. Advertisers can buy lists of them online. Data breaches that expose customer information are up for grabs on the Dark Web. This includes mobile numbers.

Less than 35% of the population knows what smishing is.

It’s important to understand that phishing email scams are morphing. They’ve evolved into SMS scams that may look different and be harder to detect.

For example, you can’t check the email address to see if it’s legitimate. Most people won’t know the legitimate number that Amazon shipping updates come from.

Text messages also commonly use those shortened URLs. These mask the true URL, and it’s not as easy to hover over it to see it on a phone as it is on a computer.

You need to be aware of what’s out there. Here are some of the popular phishing scams that you may see in your own text messages soon.

Problem With a Delivery

Who doesn’t love getting packages? This smishing scam leverages that fact and purports to be from a known shipper like USPS or FedEx. It states that there is a package held up for delivery to you because it needs more details.

The link can take users to a form that captures personal information used for identity theft. One tactic using this scam is to ask for a small monetary sum to release a package. Scammers created the site to get your credit card number.

Fake Appointment Scheduling

This scam happened to a community in South Carolina. They had recently had an installation of AT&T fiber internet lines in their neighborhood. Following the installation, AT&T did a customer drive to sign people up for the service.

During this time, one homeowner reported that he received a text message. It pretended to be from AT&T about scheduling his fiber internet installation. He thought it was suspicious because the address they gave was wrong. The scammer had wanted him to text back personal details.

Get Your Free Gift

Another recent smishing scam is a text message that doesn’t say who it’s from. It says, “Thank you for your recent payment. Here is a free gift for you.” It includes a link at the bottom of the message.

This is a widespread scam that many have noted online. And it’s an example of a scammer using a common fact. The fact that most people would’ve paid some type of bill recently and mistake the text to be from a company they know. It also lures people in with the promise of giving them a free gift.

Does Your Mobile Device Have the Security It Needs?

Smishing scams are very clever and can easily infect your device with malware. Do you have the proper security precautions (mobile antivirus, DNS filtering, etc.)?

If not, give us a call. We can help!


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Powered by WordPress & Theme by Anders Norén