You can easily tell whether a website is encrypted, and therefore safe, if a padlock icon appears next to its URL and if it starts with HTTPS (instead of just HTTP). Unfortunately, hackers now use the very same tool that’s supposed to protect browsers from malicious entities via encrypted phishing sites.

How hackers use encryption to carry out phishing scams

According to recent research, 24% of phishing scams in 2017 use web encryption -- an astounding increase from last year’s 3%. This means more HTTPS sites may not be truly safe.

Phishing scammers rely on their victims to do what they ask, which is why it’s so effective. And with this new trick, unsuspecting users are more likely to be deceived. What makes this encryption-aided scam even more effective -- and dangerous -- is that it makes hackers’ phishing email or text that much more authentic-looking.

For example, if you receive an email that purports to be from Amazon and includes a link to an encrypted site, there’s now a slightly higher chance you’d believe this email is the real deal. Clearly, if you’ve never purchased anything from Amazon, you’d know that this is a fake. But then again, there are millions of Amazon customers who could be misled into thinking that that email is legitimate.

Does encryption mean a safer internet?

With organizations like the Internet Security Research Group and Google promoting encryption, the world wide web should be a safer place, but that’s not necessarily the case. In fact, encrypting more legitimate websites could simply result in an increased number of encrypted phishing sites.

It may also be useful to know that not all phishing sites use encryption. Many phishing scams are still carried out using websites that may or may not be encrypted.

What you can do to ensure safety

This isn’t meant to cause panic, and despite this new phishing tactic, encryption is still an essential security tool that every business must implement.

Websites with HTTPS are still much safer than unencrypted ones. This is why it’s more important than ever to be vigilant when visiting suspicious sites and clicking on links. If you receive an email from PayPal asking you to verify your bank account details or password to a seemingly secure link, be wary. Some phishing scams are easy to detect, but some are not.

Practice extreme caution when responding to requests for sensitive data. Consider the source of the message, think before clicking, and don’t hesitate to seek the advice of an expert in case you have doubts. Phishers succeed only if you do what they ask you to do.

Phishing and other cyber scams are constantly getting upgrades, and no single solution can prevent hackers from attacking you. But your business could be much safer with the right cyber security protections in place. If this is exactly what you need, get in touch with our cyber security technicians.

The post Are the encrypted sites you visit safe? appeared first on Complete Technology Resources, Inc..

While Apple products are renowned for being highly secure, they’re not completely immune to cyberattacks. Fortunately, Apple frequently releases updates to fix any issue that they’ve discovered. And if you have macOS High Sierra, you need to make sure you’re running the latest patch.

Serious bug
On November 28th, security researchers reported a serious bug in macOS High Sierra that allows anyone to easily take control of any Mac computer. Normally, users are asked for their username and password before logging into their Mac, installing a new application, or changing settings. However, this recent bug allows users to simply type “root” as a username, leave the password field blank, and click “unlock” to gain full access.

This means if hackers have physical access to a machine, not even passwords can stop them from getting inside. They could, for instance, log in with "root," reset the username and password, and enjoy future access to the machine at any time. They could also install spyware with ease and monitor your activity 24/7 without being detected.

The bug was so alarming that Apple released an emergency patch within a day. But even the fix had problems, and when users installed the next major macOS update, High Sierra 10.13.1, the bug reappeared.

Luckily, Apple was quickly made aware of this secondary problem and rolled out a 10.13.2 update on December 6th to completely resolve the issue.

Other threats to Apple security
This wasn’t the only problem Apple had to deal with recently. In October, Apple released an update for Key Reinstallation Attacks (KRACK) -- a type of attack that essentially breaks the encryption protocols between a router and a device, allowing hackers to read private messages and steal other sensitive data.

And last week, an iOS 11 update was rolled out to fix glaring weaknesses in Apple’s HomeKit Internet of Things framework, which enables hackers to exploit smart devices like security cameras and door locks.

How to protect yourself
The importance of checking for updates and installing them as soon as possible cannot be understated. Hackers are more active than ever and will use any means necessary to breach your network. Updating your software is the best way to reduce the number of exploitable entry points into your business.

To install updates for Apple devices, open the App Store, and click on Updates. All critical updates should be displayed on the window, but if you don’t see the one you’re looking for, use the Search field to find it.

Even though the potentially devastating High Sierra bug has been fixed, you should consider creating a genuine root user password to prevent others from gaining access to your machine just by typing in “root.”

To do this, open Directory Utility, which can be found in the Users & Groups tab in System Preferences. From there, click on Edit and select Enable root user, where you will be prompted to set a password. And last but not least, make sure you set a strong password.

Protecting your systems is a full-time job, so if you’re not experienced with computers, call us today. We’ll give you the tools and services you need to stay safe from a wide range of cyberattacks.

The post Apple releases another critical update appeared first on Complete Technology Resources, Inc..

While Apple products are renowned for being highly secure, they’re not completely immune to cyberattacks. Fortunately, Apple frequently releases updates to fix any issue that they’ve discovered. And if you have macOS High Sierra, you need to make sure you’re running the latest patch.

Serious bug
On November 28th, security researchers reported a serious bug in macOS High Sierra that allows anyone to easily take control of any Mac computer. Normally, users are asked for their username and password before logging into their Mac, installing a new application, or changing settings. However, this recent bug allows users to simply type “root” as a username, leave the password field blank, and click “unlock” to gain full access.

This means if hackers have physical access to a machine, not even passwords can stop them from getting inside. They could, for instance, log in with "root," reset the username and password, and enjoy future access to the machine at any time. They could also install spyware with ease and monitor your activity 24/7 without being detected.

The bug was so alarming that Apple released an emergency patch within a day. But even the fix had problems, and when users installed the next major macOS update, High Sierra 10.13.1, the bug reappeared.

Luckily, Apple was quickly made aware of this secondary problem and rolled out a 10.13.2 update on December 6th to completely resolve the issue.

Other threats to Apple security
This wasn’t the only problem Apple had to deal with recently. In October, Apple released an update for Key Reinstallation Attacks (KRACK) -- a type of attack that essentially breaks the encryption protocols between a router and a device, allowing hackers to read private messages and steal other sensitive data.

And last week, an iOS 11 update was rolled out to fix glaring weaknesses in Apple’s HomeKit Internet of Things framework, which enables hackers to exploit smart devices like security cameras and door locks.

How to protect yourself
The importance of checking for updates and installing them as soon as possible cannot be understated. Hackers are more active than ever and will use any means necessary to breach your network. Updating your software is the best way to reduce the number of exploitable entry points into your business.

To install updates for Apple devices, open the App Store, and click on Updates. All critical updates should be displayed on the window, but if you don’t see the one you’re looking for, use the Search field to find it.

Even though the potentially devastating High Sierra bug has been fixed, you should consider creating a genuine root user password to prevent others from gaining access to your machine just by typing in “root.”

To do this, open Directory Utility, which can be found in the Users & Groups tab in System Preferences. From there, click on Edit and select Enable root user, where you will be prompted to set a password. And last but not least, make sure you set a strong password.

Protecting your systems is a full-time job, so if you’re not experienced with computers, call us today. We’ll give you the tools and services you need to stay safe from a wide range of cyberattacks.

The post Apple releases another critical update appeared first on Complete Technology Resources, Inc..