Be a smart fish in a phishing online world

Phishing has become the hot topic word in security today. It is where the majority of modern malware comes from. Phishing scams according to the Microsoft Safety and Security Center are, “[E]mail messages, websites, and phone calls are designed to steal money.” What Microsoft fails to mention is sometimes information is what hackers are after since it can be held for ransom. Here are a few ways you can protect yourself against the 3 main methods of phishing.

 

Email Phishing

Email phishing functions in some of the most deceiving ways. Official logos can be stolen for use of malicious entities, and email addresses can be spoofed. The best way to protect against this kind of vulnerability is by using a spam filter service such as Barracuda Email Security Service.  Sifting through email otherwise is much more risky. Some ways to detect phishing scams is to check that the email address matches the domain of the sender. For example: Emails from Microsoft should be from @Microsoft.com rather than a domain like @msft-support-hotmail.com. Another way to check is by hovering over links to make sure they are going to what they say they are going to. For example: if a link goes to www.absne.com and when you hover over, another url pops up, this is not a legitimate message. There are many other ways  email phishing can come through. You can learn more and take a free phishing test by Dell Sonicwall here: https://www.sonicwall.com/en-us/phishing-iq-test

Website Phishing

Website Phishing is often associated with pop-ups, but it also comes through links. For example, an ad link on Facebook may lead to a page where malware may exist.To avoid falling for this hook check if there is a small ad indicator (usually labeled ad, adsense, or ads). Use the same procedure with website links as you would use in email links. Be wary of articles along the side or at the bottom of even respectable news sites or local news sites. Look out for attention grabbing phrases such as “You won’t believe what..-“ or “Kanye uses this…-” or “In just 2 days..-“ and similar language. These are designed to be click-bait pulling you to malware or ad-ridden holes of the internet.

 

Phone Phishing

You or someone you know may have received calls that sound like this. “Hi this is Dell tech support, we found there is a virus on your network I need to remote in to remove it”.

These calls often result in the installation of malware and a possible charge for the false service provided by a fraud service provider.

Dell, Microsoft, and other systems manufacturers will not contact you for a malware infection. If your MSP provider were to contact you in regards to an infection you would likely be working with a technician already introduced to you.

In conclusion, it is very possible to avoid phishing scams just by being a smart fish. If it gets hard to determine however never hesitate to ask your IT technician!

Privacy Matters

Privacy. It’s a minimum requested to service providers when on the web. But what does privacy compromise on the internet? There are a few parts to internet privacy you may have heard of before: Cookies, Private browsing (aka incognito in Google Chrome), and VPN connections. But what does this all mean? Does it really protect you? And what is it protecting you from?

Let’s start with what information is collected

Most information collected is used to send ads that are more relevant to you that you will be more likely to click on. This information is extremely valuable and the relevance of these ads and whether they are clicked on has a direct impact on company profits. This of course is unmalicious in nature. The question is what information are they using and whether you want that information collected.

So, let’s talk about the methods used to obtain this information. Some methods are cookies, and fingerprints.

Cookies:

A cookie is a small file that a website downloads to your web browser that collects data about you. Some cookies are necessary, such as an authentication cookie that tracks whether you login or log out of their site. Other cookies are unnecessary such as third-party tracking cookies, which can be issued by a site other than the site you are visiting.

Fingerprints:

Fingerprints in this case isn’t the appendage that extends from your hand. Fingerprints are a new form of tracking technology used on the web and you may have heard little about them. Rather than installing a data file tracking data, your device is identified by operating system and a unique tracking key. This means that your use can be tracked across browsers or applications.

So how do we take some control on what data is being collected on us?

There are a few options:

1. Enable private browsing:

Private browsing clears cookies, trackers, and searches at the end of every session.

2. Disable Trackers that integrate into your Operating System and browser

Your OS plays a key role in allowing fingerprint trackers to work. If you disable tracking in your OS this can can help preserve your autonomy from fingerprint trackers.

Here are some places you can do that:

MacOS

 

Windows Initial Setup

 

3. Use a VPN

A VPN connection (Virtual Private Network) has two possibilities that you may have heard of. One is to connect to an office’s network remotely, the other way is to connect to VPN’s designed to prevent trackers from finding your location. This also creates inconsistency in their data. A good choice for a free and fast and trusted VPN connection is Opera VPN. One detail about using this method is it can disconnect local network resources while running the VPN connection.

 

In conclusion, you are a valuable asset to the internet. Although there are many ways to prevent unwanted data from being tracked, tracking is necessary to use any website. It is best to conclude that your value on the internet is best spent on the applications you feel should be benefited by your presence, and making a point that you value your privacy on the internet does effect change on how the internet evolves.

Top 4 Ways to use Technology to Reach Your 2018 Business Goals

2018 is almost here! Automated Business Solutions is here to provide you with some tips to make sure your office’s technology helps you reach your goals. Here are a few ideas:

 

1. Use productivity apps to help you meet your personal goals in the office

One of my favorite productivity apps is Forest by SeekrTech. If you’re anything like me, you may easily be distracted by your phone. When it isn’t productive for you to be using your smartphone, use Forest. With Forest, you can set a timer for how long you need to remain focused on a task outside of your smartphone. If you keep Forest open until the timer runs out you will earn credits and plant a virtual tree. These credits are exchanged to plant real trees in the world. Forest accomplishes this in partnership Trees for the Future. Using Forest makes your productivity time charitable, and rewards you for staying focused. Forest is available for iOS, Android, and now has a Chrome webapp and Firefox addon. You can find out more about Forest at the website at https://www.forestapp.cc/en/

Mindfulness meditation has proven to boost productivity and focus in the workplace and its practice is often a New Year’s resolution of its own. Headspace and Calm. are apps designed to assist with practice of mindfulness. Headspace now comes with business plans and is used by companies like Linkedin, Airbnb, Google, and Spotify. Each app walks you through guided meditations designed to relieve stress, anxiety, and to improve positivity, focus, and energy. Although each comes with a free trial, both require paid addons or subscriptions in order to continually progress with the app.

Calm.
Headspace

If you don’t have a personal goal yet (we won’t tell anyone) there is an app help you find vision and ease to attain it. The TED app gives you access to thousands of videos of TED talks on almost every topic. Speakers offer inspiring and visionary ideas in your area of expertise. If you need motivation, start with the TED app to set your 2018 skyrocketing.

TED app

When using your phone as a productivity tool, use the Outlook app to access your calendar, set reminders, access email from your smartphone. The Outlook app integrates with Office365 so your Outlook webapp, Outlook desktop application, and phone application will always be in sync. Just sign in with your company’s Office365 account and get moving!

Outlook for iOS

 

2. Check your backups

When backups are initially set up they don’t operate under the policy of ‘set it and forget it’! Although your managed services provider may be getting positive backup reports they may not know that you want a new drive backed up, or that the new laptop that came in holds mission critical data. Take the time to think through where some of the most important information is being saved and have your managed services provider check to make sure those areas have backups, If its only a few files that are the most critical such as a Quickbooks file, Barracuda MSP backup may be the best solution for you, if it’s the whole network, ask about our Barracuda Backup appliances, that keep a local copy of your backups on the network and uploads to the cloud to provide high reliability and efficiency in your backups, ABS covers both solutions in our MaxxD plans. Hard drive failures don’t happen often, but when they do, give yourself the peace of mind that you have a backup.

Barracuda Backup Appliance

3. Have your network evaluated for efficiency and security

Your office may be less secure than you think. Hackers and malware creators use phishing methods that, without a careful eye can deceive some of the most vigilant technology users. It’s good to have powerful antivirus on your network to combat viruses and malware but it is better to prevent malware from landing on your network. Using tools such as a Dell Sonicwall firewall or a Barracuda Essentials Email security filter can reduce the risk of malware by more than half.

Sonicwall
Barracuda Essentials

 

4. Have toner replacements ready to go

If you’re looking for greater efficiency from your office in 2018, there is nothing more frustrating than having that efficiency interrupted by a stalled printer, this can leave a whole department down until  that printer is serviced or until toner arrives. You can prevent that from happening by keeping backup toner on hand or if you have a supplies contract sign up to use a tool like FMAudit to make sure your printing supplier is aware when your toner is starting to run low or if a maintenance kit is close to expiring, That way replacements will arrive before you run out.

 

Canon Toner

 

 

 

We hope you can reach every goal you set this coming year.

From all of us at ABS have a Happy New Year!

Encryption: A positive tool, in the right hands

Encryption, We hear the term used often. Some associate it with security and protection. Others with breaches and destruction. It is at the heart of many new problems, solutions, and innovations. But what is encryption? And why can it be seen as either a good or bad thing?

Encryption is the process of converting readable data into unreadable data, only to be made readable again if decrypted with the proper decryption key. It was created to secure the transfers of sensitive data, and has its roots dating back to the enigma machines of World War II (pictured in featured image), cracked by the English computer scientist and mathematician Alan Turing. Today encryption is used to protect sensitive data such as banking information, medical records transmissions, and critical business data. But is Encryption a very secure process? And how is it done?

In a nutshell encryption scrambles up data and saves it. The only way the data can be unscrambled is if the user has a decryption key or algorithm to unscramble or decrypt the data. To demonstrate I created a small Python program with a very basic encryption algorithm to demonstrate: click here to learn more.

There are many positive ways encryption can be used. The AES encryption standard is used by the U.S. Government and many business such as Automated Business Solutions MaxxD cloud backup Services. It prevents outsiders from prying in on your personal data. This is especially effective when your data is saved on a space such as the cloud.

But there are some ways encryption can be used negatively. In the case where data is encrypted without access from the proper user such as in ransomware. Ransomware can infiltrate a computer or network through methods such as email phishing, or insecure sites.  Once it infects a system it can encrypt data away from the proper user. By doing this, the virus creator can hold data ransom from a user, withholding the encryption key until a certain amount of money is sent usually via Bitcoin. The best way to secure your network from this type of malicious use of encryption would be through Automated Business Solutions MaxxP protection services, which is powered by Barracuda email filters that prevent phishing scams from ever reaching your network, And MaxxM monitoring services that provide Bitdefender Antivirus and patching services that can provide immunity from a cyber-attack via ransomware.

The last area where we see encryption technology is an area such as Bitcoin, in this area, rather than securing data from other users or accounts, the publicity of the data becomes the security of it. When transactions occur with bitcoin, an encrypted key is assigned to the owner of the coins, only the owner of the coins can decrypt them to their public key to use for transactions.

In conclusion, encryption is a powerful technology. The best way for our networks to survive in an encrypted world is to use the technology effectively.

A Closer Look at Encryption

I created this basic encryption program that converts a line of text into their ordinal numbers (i.e. A=97, space= 32) then runs a mathematical function on the numbers to scramble the data. In this simple example the program adds 2 to each of the ordinal numbers.

Write what you would like to encrypt: a b c d

[‘a’, ‘ ‘, ‘b’, ‘ ‘, ‘c’, ‘ ‘, ‘d’]

 

This is the unencrypted ordinal numbers

[97, 32, 98, 32, 99, 32, 100]

 

This is the encrypted ordinal numbers

[99, 34, 100, 34, 101, 34, 102]

 

This is the encrypted data

[‘c’, ‘”‘, ‘d’, ‘”‘, ‘e’, ‘”‘, ‘f’]

 

In this case it is very easy to see how the algorithm works, abcd became cdef  and instead of spaces, they were replaced with quotation marks. So this would be an easy encryption algorithm to break. Let’s see how it works with a complete sentence:

 

Write what you would like to encrypt: The quick brown fox jumps over the lazy dog

[‘T’, ‘h’, ‘e’, ‘ ‘, ‘q’, ‘u’, ‘i’, ‘c’, ‘k’, ‘ ‘, ‘b’, ‘r’, ‘o’, ‘w’, ‘n’, ‘ ‘, ‘f’, ‘o’, ‘x’, ‘ ‘, ‘j’, ‘u’, ‘m’, ‘p’, ‘s’, ‘ ‘, ‘o’, ‘v’, ‘e’, ‘r’, ‘ ‘, ‘t’, ‘h’, ‘e’, ‘ ‘, ‘l’, ‘a’, ‘z’, ‘y’, ‘ ‘, ‘d’, ‘o’, ‘g’]

 

This is the unencrypted ordinal numbers

[84, 104, 101, 32, 113, 117, 105, 99, 107, 32, 98, 114, 111, 119, 110, 32, 102, 111, 120, 32, 106, 117, 109, 112, 115, 32, 111, 118, 101, 114, 32, 116, 104, 101, 32, 108, 97, 122, 121, 32, 100, 111, 103]

 

This is the encrypted ordinal numbers

[86, 106, 103, 34, 115, 119, 107, 101, 109, 34, 100, 116, 113, 121, 112, 34, 104, 113, 122, 34, 108, 119, 111, 114, 117, 34, 113, 120, 103, 116, 34, 118, 106, 103, 34, 110, 99, 124, 123, 34, 102, 113, 105]

 

This is the encrypted data

[‘V’, ‘j’, ‘g’, ‘”‘, ‘s’, ‘w’, ‘k’, ‘e’, ‘m’, ‘”‘, ‘d’, ‘t’, ‘q’, ‘y’, ‘p’, ‘”‘, ‘h’, ‘q’, ‘z’, ‘”‘, ‘l’, ‘w’, ‘o’, ‘r’, ‘u’, ‘”‘, ‘q’, ‘x’, ‘g’, ‘t’, ‘”‘, ‘v’, ‘j’, ‘g’, ‘”‘, ‘n’, ‘c’, ‘|’, ‘{‘, ‘”‘, ‘f’, ‘q’, ‘i’]

 

As we can see, even an algorithm this simple can make the data unreadable, “The quick brown fox jumps over the lazy dog” became “Vjg”swkem”dtqyp”hqz”lworu”qxgt”vjg”nc|{“fql” . All it takes to decrypt this data would be to run it through a decryption program that subtracts two from each ordinal number and outputs the numbers back to letters.

Encryption becomes more secure as the function that scrambles the data gets more complex. There are standards of encryption which are often defined by a bitrate. The bitrate defines the amount of bits that the decryption key uses. The most common form of encryption is AES, it is trusted as the standard by the U.S. government. It ciphers data at 128-bits, 192-bits, or 256-bits. AES Encryption is used in Automated Business Solutions MaxxD backup Solutions powered by Barracuda.

Black Friday Special Tech Talk: Augmented Reality Shopping

There are always new and exciting ways to use technology. This year has been big for augmented reality,Microsoft announced Mixed Reality headsets and has made available AR hardware from 3rd parties such as Dell, Acer, and Lenovo.

Apple announced ARkit and released iOS 11 with new augmented reality features.

Apple ARKit was announced at Apple WWDC 2017

One of the most immediate uses of Augmented reality is Amazon’s AR view. All you need is iOS 11 and the Amazon app, select the little camera in the upper right hand corner and tap AR view. There are a list of items available on Amazon to be viewed in your own space via Augmented Reality. I tried it out on my iPhone and found it to be fairly robust.

Here are some pictures in the office here at ABS:

What if this were my office chair?
You could call this a real life image of a DOS machine.

This is a fun way to shop and allows you to avoid the the black friday horror stories in style. We wish you all a happy Thanksgiving weekend, happy shopping, and happy holidays from all of us here at ABS!

Smart Things versus Privacy

Since the dawn of Internet of things, the tech giants have brought us a wave of new products that fit every nook of our homelife. Among the most revolutionary are smart speakers. Each device is activated by a wake word (“Alexa”, “Hey Siri”, “Ok Google”, “Hey Cortana”) after which it listens for a command or question: “…what’s the weather like tomorrow?” “Order more paper towels”, ” play classical radio on Apple music” “Turn on the lights” are just a few of the types of commands these virtual assistants will answer to. According to Techcrunch.com on a report by Juniper Research, 55% of U.S. households are expected to have a smart speaker. That is 70 million households with a device with microphones capable of capturing sound across a home!

Amazon brought us the Echo lineup, Google brought us Google Home, and Microsoft and Apple recently stepped into the smart speaker world with the Harmon Kardon Invoke smart speaker powered by Microsoft’s Cortana, and Apple’s recently announced HomePod powered by Apple’s Siri. The products function as speakers that can listen for commands, and execute applications and activate other smart home devices.

Amazon Echo 2 is Amazon’s hardware answer for their virtual assistant Alexa. powered by Amazon cloud services (image from Amazon.com)

With this newfound convenience there are concerns about privacy. Google recently revealed that a flaw in the design of the Google Home mini was causing it to record conversations without activation by the wake word. When privacy flaws emerge it does make the average consumer more hesitant to adopt such a powerful device. After all these are devices that were designed to control the rest of the smart things we install in our homes including smart locks, cloud security cameras, and smart thermostats.

Google Home Mini, powered by Google Assistant (Image from store.Google.com)

The concerns many people face today with smart speakers are similar to the concerns we faced at the dawn of cellular phones and in a new wave with smartphones. Suspicions of government or corporate spying on our day to day lives became a concern for some and subject of debate. Since that time, new protocols have been implemented to assure autonomy in personal phone use. Apple encrypts text message conversations in iMessage, and Snapchat launched encrypted picture communications.

 

Apple HomePod, powered by Apple’s Siri (image from Apple.com)

Based on this history, we can expect a similar evolution to occur as smart things begin to integrate more and more into our daily lives and privacy becomes a weightier concern. already, strides have been made in the programming of these devices to answer privacy concerns Microsoft’s Cortana saves personal data it collects locally to a computer rather than to the cloud in a place called Cortana’s Notebook. If a user chooses to sync data to the cloud, Microsoft provides a highly secure 2 factor authentication on personal accounts. Users can edit or remove data stored there at any time. Apple programmed Siri to hold the personal data it collects encrypted in iCloud storage, so you control what data Apple retains for use of Siri. Google’s privacy site allows you to delete your search history either by voice assistant or by text from Google’s servers at privacy.google.com, all encrypted and secured by your Google account. Amazon has made it clear they wish to prevent exploitation of their users by banning repugnant ads from the Alexa platform .

Harmon Kardon Invoke powered by Microsoft Cortana, (image from PCMag.com)

 

Every company producing Smart speakers has a strong privacy policy and each can be found below:

Apple:

https://www.apple.com/privacy/

Google:

https://privacy.google.com/

Microsoft:

https://privacy.microsoft.com/en-us/windows-10-cortana-and-privacy

Amazon:

https://www.amazon.com/gp/help/customer/display.html?nodeId=468496

 

 

 

 

Sources:

https://www.privacyrights.org/consumer-guides/privacy-age-smartphone

http://money.cnn.com/2017/10/11/technology/google-home-mini-security-flaw/index.html

Voice-enabled smart speakers to reach 55% of U.S. households by 2022, says report

 

ABS is Going Green

Automated Business Solutions is proud to announce new partnership with Goodwill Industries of Rhode Island! Goodwill Industries of Rhode Island has a proud heritage of helping those with barriers to employment find employment. This is done by providing training, education, and other services in order to enhance a persons capacity for independent living, increased quality of life and work. Donations from individuals, corporations, small businesses, educational institutions, healthcare facilities, and government agencies, help provide Goodwill Industries the revenue to continue to offer educational and training opportunities to the Rhode Island community.

At Automated Business Solutions, we believe engaging in our community is very important. Our new partnership with Goodwill Industries of Rhode Island will not only allow us to help strengthen our community involvement, but also help to protect our environment. Beginning in September, all ABS electronics and toner cartridges will now be recycled through Goodwill Industries Electronic Waste (EWASTE) Recycle Program. Used and end-of-life computers, laptops, monitors, audio and video equipment, printer and toner cartridges, and various other electronics will now be properly recycled in accordance to The Responsible Recycling Practices Standard (R2). The R2 Standard is recognized by the Environmental Protection Agency (EPA) and designed to promote and assess responsible practices for electronics recyclers. By certifying to this Standard, used and end-of-life electronic equipment will be managed in an environmentally responsible manner, and protective of the health and safety of workers and the public. Because of this, Automated Business Solutions can proudly and confidently promote a “greener” community.

Password Security: It’s Time for a Change

 

Your favorite password probably isn’t safe. As you can see in the cartoon above, we’ve all been using passwords that are hard for us to remember and easy for computers to guess.

It’s never been more important to have strong passwords. As you likely already know, credit reporting agency Equifax has been hacked. If you haven’t already, you should take these steps to protect yourself immediately. That aside, who’s to say someone logging into your bank account with your correct information and password isn’t you? It’s imperative that we all do the best we can to protect ourselves as hacks similar to this one seem to be happening left and right.

Creating strong passwords and remembering them is a pain, but I promise it is less painful than finding out someone has stolen your identity. Just last month, a person in Russia hacked into my eBay account and purchased an iPhone and some clothing. He then tried to get the shipping address changed.


It made no difference to Viktor Petryashin that I hadn’t used my eBay account in years. He cracked my old password from middle school “Awesome7” and went on a shopping spree.

The best way to protect yourself? Use a password manager. You can check out the best here. Most will create complex passwords for you, save them for easy copy/paste and utilize browser extensions to automatically type them in for you. All you need to remember is one strong master password. Then you can let the password manager handle the rest. Once it’s set up, clear the saved passwords from your browser and never save them there again.

Remember, these common password set-ups are NOT okay.
Mykid2001
Monkey
M0nk3y
Password123

It feels less and less likely that our data is safe online. If these major companies can be hacked, what’s to stop anyone from hacking me? Our last line of defense is a strong password.

You wouldn’t install a home security system and leave the safe wide open. Protect yourself.