Experts are constantly creating new security systems to protect individuals and businesses from hackers. From those who want to attend popular events like the Olympics to avoiding an angry boss, hackers are preying on gullible victims to circumvent network security systems and steal sensitive information. If you don’t want to be the next victim, read about the most common social engineering scams here.

Phishing

This is the most frequently used social engineering attack, especially against small businesses. Check out these frightening statistics:

• Kaspersky Labs revealed that its anti-phishing system prevented more than 107 million attempts to connect users to malicious websites in just one quarter of 2018.
• Barkly added that 85% of companies have fallen prey to this nefarious scheme.
• And PhishMe reports that the number of these scams is growing by at least 65% per year.

How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information like names, addresses, login information, social security, and credit card numbers.

To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources, but they are wolves in sheep’s clothing.

One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.

Tailgating

What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.

Quid pro quo

Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift, concert tickets, a T-shirt, or early access to a popular game in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gift is a cheap trinket or the tickets are fake, but damages from stolen information are all too real.

Pretexting

Fraudsters pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.

In spite of the many security measures available today, fraudsters and their social engineering schemes continue to haunt and harm many businesses. Thus, it’s best to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!

To shield your business from social engineering attacks, don’t take chances! Get in touch with us today.

The post 4 Social engineering scams to watch out for appeared first on Complete Technology Resources, Inc..

Can you name five cybersecurity best practices? Most people can’t, and few of those who can, actually follow them. Unfortunately, cyberattacks are far too common to be lax about staying safe online. Your identity could be stolen, or even worse, you could expose private information belonging to your company’s clients. There are many ways you can protect yourself, but this list is a great starting point.

1. Multi-factor authentication (MFA)

This tool earns the number one spot on our list because it can keep you safe even after a hacker has stolen one of your passwords. That’s because MFA requires more than one form of identification to grant access to an account.

The most common example is a temporary code that is sent to your mobile device. Only someone with both the password and access to your smartphone will be able to log in. Almost any online account provider offers this service, and some let you require additional types of verification, such as a fingerprint or facial scan.

2. Password managers

Every online account linked to your name should have a unique password with at least 12 characters that doesn’t contain facts about you (avoid anniversary dates, pet names, etc.). Hackers have tools to guess thousands of passwords per second based on your personal details, and the first thing they do after cracking a password is to try it on other accounts.

Password manager apps create random strings of characters and let you save them in an encrypted list. You only need one complex password to log into the manager, and you’ll have easy access to all your credentials. No more memorizing long phrases, or reusing passwords!

3. Software updates

Software developers and hackers are constantly searching for vulnerabilities that can be exploited. Sometimes, a developer will find one before hackers and release a proactive update to fix it. Other times, hackers find the vulnerability first and release malware to exploit it, forcing the developer to issue a reactive update as quickly as possible.

Either way, you must update all your applications as often as possible. If you are too busy, check the software settings for an automatic update option. The inconvenience of updating when you aren’t prepared to is nothing compared to the pain of a data breach.

4. Disable flash player

Adobe Flash Player is one of the most popular ways to stream media on the web, but it has such a poor security record that most experts recommend that users block the plugin on all their devices. Flash Player has been hacked thousands of times, and products from companies like Microsoft, Apple, and Google regularly display reminders to turn it off. Open your web browser’s settings and look for the Plugins or Content Settings menu, then disable Adobe Flash Player.

5. HTTPS Everywhere

Just a few years ago, most websites used unencrypted connections, which meant anything you typed into a form on that site would be sent in plain text and could be intercepted with little effort. HTTPS was created to facilitate safer connections, but many sites were slow to adopt it or didn’t make it the default option.

HTTPS Everywhere is a browser extension that ensures you use an encrypted connection whenever possible and are alerted when one isn’t available on a page that requests sensitive information. It takes less than one minute and a few clicks to install it.

If you run a business with 10 or more employees, these simple tips won’t be enough to keep you safe. You’ll need a team of certified professionals that can install and manage several security solutions that work in unison. If you don’t have access to that level of expertise, our team is available to help. Give us a call today to learn more.

The post 5 Simple but effective cybersecurity tricks appeared first on Complete Technology Resources, Inc..

The cloud allows businesses to take a more hands-off approach to managing their IT resources. And the hybrid cloud is rapidly becoming the most popular option in this category, especially for small- and medium-sized businesses (SMBs).

Hybrid clouds are a combination of private and public clouds. In the former, data and applications that require tighter controls are hosted either internally or privately in an offsite facility. Public clouds are managed externally by third-party providers with the express purpose of reducing a company’s IT infrastructure.

A recent study indicates that 75% of companies have adopted hybrid cloud solutions, mainly because of their numerous benefits. Here are the four most significant advantages of moving to a hybrid cloud environment.

Adaptability

Having the ability to choose between on-site/privately-hosted cloud servers and public ones let you pair the right IT solution with the right job. For example, you can use the private cloud to store sensitive files, while utilizing more robust computing resources from the public cloud to run resource-intensive applications.

Scalability

The hybrid cloud allows you to “scale up” or “scale down” computing resources on an as-needed basis. So if there are last-minute computing demands that your hardware can’t support, or if you’re planning for future expansion, hybrid cloud solutions allow for on-demand increases or decreases in capacity.

Cost efficiency

Does your business struggle to meet seasonal demands? With a hybrid cloud solution, you’ll be able to easily handle spikes in demand by migrating data from insufficient on-premise servers to scalable, pay-as-you-go cloud servers whenever needed, without incurring extra hardware and maintenance costs.

Security

Last but not least are the security advantages of a hybrid cloud solution. You can host sensitive data such as an e-commerce details or an HR platform within the private cloud, where it will be protected by your security systems and kept under close watch. Meanwhile, routine forms and documents can be stored in the public cloud and protected by a trusted third-party.

Here’s how SMBs can set up a hybrid cloud model based on their requirements and the providers available to them:

1. By employing one specialized cloud provider who offers comprehensive hybrid solutions
2. By integrating the services of a private cloud provider with those of a separate public cloud provider
3. By hosting a private cloud themselves and then incorporating a public cloud service into their infrastructure

Our experts can help you transition to a hybrid cloud solution without interruption and without the huge costs. Contact us today to learn more about the benefits that a hybrid cloud can bring to your business.

The post 4 Ways SMBs benefit from hybrid clouds appeared first on Complete Technology Resources, Inc..

The average smartphone user tends to be more concerned about their phone’s physical safety than the threat of malware. Malware and other forms of cyberthreats may be more common in desktops and laptops, but disregarding other devices can lead to disaster.

Mobile malware MO

Mobile malware can be as harmful to a business’s network as infected desktops and laptops. Potential problems include overcharges on phone bills, stolen data, intercepting messages, tricking users with phishing attacks, and sending fake notifications to one’s contact list.

Most malware comes from applications downloaded from third-party app stores and give hackers access to passwords, user account information, and other sensitive personal data. Since many business users link their Android devices to each other, malware could transfer from one device to the next.

Who is responsible?

The burden doesn’t fall solely on smartphone users. App stores such as Google Play Store are responsible, too, such as in the case of the malware-ridden banking and weather apps that were downloaded from the Google Play Store. In these cases, the companies that were affected were urged to provide updates regarding the malicious apps so they could be removed from the store.

How to avoid being victimized by malware

The Google Play Store isn’t 100% secure, but downloading from established app stores -- and not from little-known and less secure ones -- reduces the probability of downloading malicious apps. In cases when an infected app makes its way to the store and starts getting lots of downloads, Google will be quick to remove it from the store and make everyone aware of it.

Despite app stores’ best efforts, it’s nearly impossible to prevent mobile malware from getting through to the store. That’s why it pays to read user reviews where infected users post detailed warnings. Also, regularly updating your mobile device’s operating system and security software helps prevent infection as the latest versions of those are patched against the latest known threats in app stores and elsewhere online.

Malware doesn’t discriminate, so regardless of your computer or mobile device of choice, it will find a way to infect you if your software isn’t up to date. To find out whether your business devices are safe and fully protected, consult our cybersecurity experts today.

The post Android phones at risk of Malware appeared first on Complete Technology Resources, Inc..