Technology by Design

Technology news, reviews, and how to keep your technology running fast and smooth!

Try This to see if Your Fb Account Has Been Hacked!

by Leave a Comment

Mark Zuckerberg

According to a photo on Facebook, if you go into any photo on your Facebook page, and type in the comments section “@[4:0]”, if it changes to Mark Zuckergerg it means your Fb account hasn’t been hacked.  

See the full message here:FB Mark Zuckerberg

Not exactly.  Whether or not this trick works on your account has nothing to do with the security of your account, hacking, or any other nefarious activities.  The real explanation is actually pretty boring.

Every Facebook profile (and page) has a unique ID.  The code “@[4:0] is actually shorthand code, that tells Facebook to produce the name of the Fb profile associated with the ID number 4.  So, typing in “@[837489:0] would produce the name of the Fb profile associated with the number 837489.  Although most Fb accounts created today would have ID numbers in the millions, Mark Zuckerberg (the founder of Facebook) has an account associated with the number 4.  

For many people, typing in “@[4:0]” will work, and it will change as soon as you post.  However, for others it doesn’t work.  It has nothing to do with hackers, etc.  It has more to do with the platform with which you access Facebook.  On certain platforms (usually desktop), Fb automatically inserts a space between the @ and [ symbol when you post the comment, rendering the shorthand code useless, and nothing happens.

A similar ‘trick’ went viral a few years ago, stating that your cell phone has a name that can be discovered by typing in the last 3 digits of your phone number in place of the number ‘4’ in the code.  This was, of course, not true.  

Check out our “Email Red Flags”  for what to watch for, in suspicious emails. 
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

FAQ: On the Hook for Hackers?

by Leave a Comment

Hooked for Hackers

FAQ:

On the Hook for Hackers?

 

 

Once you are hacked, you have to worry about what data was lost, where it went to, and whether it’s being used maliciously.  That, along with towering legal fees, the embarrassment of having to inform all your clients and vendors about the hack, not to mention your damaged reputation, is enough to make your head spin.

Now an U.S. appeals court has confirmed that the U.S. Federal Trades Commission (FTC) can fine organizations that employ poor I.T. security practices.  
You can bet that other countries will follow suit and make organizations libel for their poor I.T. security.  Wyndham

The ruling was part of a lawsuit between the FTC and hotel chain Wyndham, who was hacked 3 times in 2008 & 2009.  Wyndham lost credit card data for more than 620,000 customers, not to mention the $10.6 million they lost due to the fraud.  

FTC outlined specifics of Wyndham’s “poor I.T. security” including:  

  • Wyndham allowed its partner hotels to store credit card information in plain text.
  • Allowed easily guessable passwords in property management software
  • Failed to use firewalls to limit access to the corporate network
  • Failed to restrict third-party vendors from access to its network.

You’re probably shaking your head right now, wondering how a big organization like that could make such huge mistakes…

Unfortunately, these are very common I.T. security steps for organizations to skip unknowingly.

63% of credit card breaches involve the compromise of data that was not known to be stored.  

This means that despite your policies about the handling of credit card data, there is the very real possibility that you have unsecured cardholder information on your servers or desktops.  Odds are your staff put it there for what they perceive as valid business reasons.  Eg.  A department may keep a list of credit card numbers that are billed monthly in an excel spreadsheet instead of figuring out how to use the secure system that’s been installed to manage this.

The top 25 worst passwords represent almost 3% of all passwords in the world.  

This isn’t surprising when you consider that roughly 75% of surveyed people fail to follow best practice guidelines when creating complex passwords for new and existing accounts.  It is estimated that every person has approximately 19 passwords.  That’s a lot of easy passwords to hack…

A firewall is a business’s 1st line of defense.

While many internet services already provide firewall protection, most small business owners are unaware that the vast majority of standard firewalls only monitor incoming traffic by default, giving them a false sense of security and enabling CyberCriminals to view outgoing traffic that may contain credit card information, customer transactions, and other financial communications.

63% of the 2013 Trustwave Global Security Report were linked to a third-party component of I.T. system administration.

Granting access to an outsider lowers your security level.  If they have feeble controls, they become the weakest link in your security chain.  If a hacker compromises their system, he or she can use that as a backdoor into your network.BackDoor Hack

With so many businesses being hacked, and with CyberSecurity being more important than ever, now is not the time to skimp on your I.T. security budget.

The costs are simply too great.

But you can see how easy it is to miss important I.T. security steps.  

We understand that I.T. is not your forte, and you’re just too busy doing your own job to keep up with all the I.T. ‘stuff’.  That’s where we step in.  

Managed IT

Managed Services
We handle everything I.T., so you don’t have to.
 With any of our Monthly Service Plans, you can be sure your I.T. is handled.

Technology by Design_Final logo_HorizontalWe Make I.T. Work!

 

Ask About Our “Core Security Solution” Package!

 

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

FAQ: CyberSecurity – What, Me Worry?

by Leave a Comment

Worry

“I’m Just a Mid-Sized Company.  No Hacker is Going to Attack Me, I’m Not Big Enough”

Or

“No Hacker is Getting Through…I’m Too Smart to Fall for Their Tricks”

 

Those are just a couple of the excuses we hear often when we suggest extra security measures against hackers and CyberCriminals.

Let’s answer both of those excuses, one at a time.

 

Excuse #1:  
“I’m just a small- to mid-sized company.  No hacker is going to attack me, I’m not big enough.”

Businesses not Worried about HacksMany small- to mid-sized companies believe CyberSecurity is a problem only for large high-profile corporations, or those that conduct mainly financial transactions.  Or those executives are naive; they think a serious breach never will happen to their system.  When in fact, these things are happening all the time.  No one talks about it, because they’re embarrassed they were tricked & would rather keep it quiet.

In fact, small and mid-sized businesses may be more vulnerable to attack, because criminals know these businesses do not take substantial preventative measures.

Companies with 250 or fewer employees accounted for 31% of CyberAttacks last year.

Hackers have probably infiltrated many mid-sized businesses already, and the malware sits undetected in their network, incrementally collecting data that shows how to access other systems or stealing proprietary product information.

Business Network SecurityPart of the problem, is that a controller likely set up the I.T. department, and no data security specialist has been appointed.  Or, the “I.T.” person wears too many hats & can’t keep up with the latest malicious code and software patches.

Another part of the problem is that executives may believe that CyberCriminals can’t be stopped, so they are strictly reactive and focus on damage control instead of prevention.

Network entry points for hackers often are the same as for larger, and smaller, companies:  passwords that are easy to guess, lost laptops, vendor access, uninstalled security updates and patches, and employees accessing social networking sites (such as Facebook, Twitter, and LinkedIn) on company computers.Cyber Risk Survey

Hackers are resourceful, and if they want in, they will keep trying until they find a way.  Some of the most resourceful breach points:  videoconferencing, networked printers, thermostats (one leading retailer’s attacker gained access to the company through its heating and cooling system vendor).  Hackers even once invaded an oil company via an online menu at a nearby Chinese restaurant.

The potential ramifications of CyberHacks for small- to mid-sized companies are the same as larger ones – possibility of fines or lawsuits, expense of notifying victimized clients, expense of loss of clients’ confidence, loss of business.  However, the small- to mid-sized business will feel the damage more.

Cyber Attacks cost Companies

According to a 2014 study:

The average cost of a data breach was $5.9 million for all U.S. companies.

The most common causes were malicious or criminal attacks (44%), employee negligence (31%), and system malfunctions (25%).

Still feeling safe?

 

Excuse #2:  
“No Hacker is Getting Through…I’m Too Smart to Fall for Their Tricks”
CyberPentagon
The Pentagon thought they were too smart to get hacked too…until they got hacked.

The Pentagon has divulged that its computer networks were penetrated by suspected Russian hackers using spear-phishing tactics.  The hackers got into their unclassified email network used by the Joint Chiefs of Staff office with approximately 4,000 military and civilian employees.  Although the email system hacked was unclassified, emails can be extremely sensitive (especially at the most senior levels of the Pentagon), and offer details into planning, schedules, or personnel.  

Andre McGregor, a former cyber special agent at the FBI, who is now the Director of Security at Tanium, a CyberSecurity firm, states:

“If you are able to get all that information from three or four individuals’ emails or communication, you have an entire picture of what’s been worked on the classified side.”

The hackers came in through a spear-phishing attack, in which the attacker crafts an email designed to trick the receiver into opening an attachment that contains malware, or clicking on a link to a compromised website.  Once the attack was detected, the Pentagon shut down the computer network, to prevent additional data from leaking.  

10 to 20 percent of empl open attachments

The Pentagon, Anthem, Sony, Target, and Home Depot all thought they were too smart & too hackproof.

 

Think You Should Worry Now?

 

What You Can Do To Prevent CyberHacking?
  1. Partner with a trusted I.T. firm, to gain relevant advice for your CyberSecurity infrastructure.  
  2. Think twice about obtaining Cyber-Insurance – it often doesn’t cover much.  
  3. Realize that CyberSecurity is a business issue, which should be considered part of your firm’s overall strategy.  
  4. Monitor networks for unusually high traffic volume.  
  5. Work with your financial institution to implement multi-factor authentication and dual controls for financial transactions.  
  6. Strengthen administrative passwords.  
  7. Educate employees about CyberSecurity and what to look for.
  8. Do not rely on system users – clients or employees – for protection.
Ask About Our “Core Security Solution” Package!

 

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

 

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

Conquer the Blue Screen of Death

by Leave a Comment

Conquer the Blue Screen of Death

 

BSoD

 

Your screen is filled with seemingly incoherent white text against a blue background.  
If it happens once, you curse, reboot, hope everything was saved to your hard drive, and cross your fingers it doesn’t happen again.  But, if you’re getting the BSoD frequently, you need to listen to the warning…

 

Because you’ve got a problem that needs fixing…FAST.

 

With technology advances, the BSoD is less common than it used to be.

Microsoft calls these “stop errors”, but everyone else has a more descriptive moniker:

“The Blue Screen of Death”,
or BSoD.

Your computer isn’t trying to test your stress limits.  It’s trying to tell you that it needs some TLC.  Really.  

It’s telling you something is wrong, and you need to pay it some serious attention.

To find clues to what is bugging your computer pal, the trick is to find information about your BSoD.  The information you find is usually unrefined and illegible, so you will have to search the internet for a translation.

What to Look For:

You’ll find useful data in that “incoherent white text”.  Look below the 1st paragraph, and under “Technical Information” near the bottom of the screen.BSoD info

You can’t use the Windows’ “Snipping Tool” or “PrtScn” on a BSoD, so you’ll need to write down the information. You can use a camera or smartphone to photograph the screen, however, the photo doesn’t usually present the information as legible.  You can also get information after you’ve rebooted.  

If you get a “Windows has recovered from an Win Unexpected Shutdownunexpected shutdown” message, you hit the jackpot.  Click “View problem details” for technical information.

 

Check for Solution

 

You can also click “Check for solution“, but this usually doesn’t end up being very helpful.

 

 

 

You can also get information after rebooting, viaBlueScreenView the free and portable program “BlueScreenView“.  This lists all your recent BSoDs and offers helpful information.

 

 

 

Once you get the information, use of a search engine (Google or Internet Explorer) can usually help to decipher and diagnose the problem.

If the above doesn’t solve your BSoD problems, you can try the following:

 

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!

 

You can’t stop CyberCriminals from targeting you, 
But you can be prepared for their arrival, and have full shields up.

 

 

 

 

 

 

 

 

 

 

 

 

Shorten Emails To Save Time, and Increase Productivity!

by Leave a Comment

Top 5 Time WastersHow much information is too much?  How much is too little?  Don’t want to sound long-winded, but need to get your point across?  

How many of us add “fluff” (unnecessary information) to our emails?

According to a 2012 study by McKinsey and Company, the average worker spends 28% of their day reading and answering email.  

Employees after email

Eliminating extra information from emails can reclaim a large portion of your workday, and increase productivity.

Boulder, Colo. entrepreneur Andreea Ayers discovered the impact of shortened correspondence when she hired a business coach to help her with her marketing company Launch Grow Joy.  At first, she was concerned she had chosen the wrong person after she read this postscript at the bottom of an email she received:

“To save your time and mine, I’m limiting all my responses to five sentences or less.”

Ayers said, “I thought to properly respond to my questions, she would need to write more than five sentences.”  However, Ayers found that the more she practiced this time-saving method, the more it worked, “We spent less time emailing and more time actually implementing the strategies we were discussing.”

Guy Kawasaki, author of APE:  Author, Publisher, Entrepreneur (Nononina Press, 2013), states “Proper email is a balance between politeness and succinctness.  Less than five sentences is often abrupt and rude, more than five sentences wastes time.”

Slim Down EmailThink about it…how many of your emails could be trimmed of “fluff”, down to 5 sentences?

As managing director of Garage Technology Ventures, Kawasaki’s inbox is often full, but the emails he sends are almost always 5 sentences or less.

Guy shares 4 guidelines to help you get to your point quicker:

Excess Information1.  Your email should answer five simple questions.

When you write an email, it should provide just enough information to answer these 5 questions:  

  1. Who are you?
  2. What do you want?
  3. Why are you asking me?
  4. Why should I do what you’re asking?
  5. What is the next step?

Kawasaki states, “This is all an intelligent person needs to know to make a decision.”

2.  Cut out excessive details to get a response.Response

Read your email over.  Is there any “fluff”, or unnecessary information you can take out before you send it?  People who feel a need to elaborate probably believe their request is on shaky ground in the first place, says Kawasaki.  But adding “fluff” won’t get the recipient to take action.  

“Long emails are either unread or, if they are read, they are unanswered,” says Kawasaki.  “Right now I have 600 read but unanswered emails in my inbox.”

Focus3.  Shorter emails help you stay focused.

Limiting yourself to 5 sentences forces you to think concisely, helping you stay focused, and saving you time.  Shorter emails also allow the recipient to make a quick decision on what action to take, increasing the likelihood that you’ll receive a reply.

If you want to encourage the recipient to reply in a similar fasion, web designer Mike Davidson created five.sentenc.es, a website that explains the philosophy and includes text you can copy and paste into your email signature.

4.  Limit everything…except praise.Praise

Kawasaki states the one exception to the five sentences rule:  “When you really don’t want anything from the recipient and you simply want to heap praise and kindness upon her, then you can go on as long as you like!” 

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!

 

You can’t stop CyberCriminals from targeting you, 
But you can be prepared for their arrival, and have full shields up.

Filed Under: FAQ

Take Back Control of Your Inbox

by Leave a Comment

Take control

Remember the early days, when you controlled your inbox?  

 

 

 You would receive an email from a newsletter that you actually remembered signing up for, or an occasional email from the handful of friends that had hotmail accounts.  
Yes, the inbox world was a calm, peaceful receptacle of messages that were welcomed, even anticipated.

 

Email inboxes are deluged with emails everyday that are neither welcomed, nor anticipated.  The inbox world has become a world of chaos.

As email became widely used, it replaced the face-to-face communication, or even telephone.  It turned into the emotionless primary form of communication.  

It became a major source of wasted work time.Employees after email

How do you retain control of your inbox?  Follow these easy steps:

1.  Setting Boundaries

A friend has the following as an auto-responder to all emails in his inbox:

Email Tips:

I check my email every few hours…be patient.

The shorter your message, the quicker I’ll respond.

The 1st time I received this, I felt disrespected and that he was very rude.  How does he not have time for my email?  Then, I stepped back.  I realized:  This.  Is.  Brilliant.

Email boundaries.  Do you check email first thing in the morning, at lunch, then at the end of the day?  Do you work on emails only from 9 until 11?  Do you only check email on Tuesdays and Thursdays?  You know what’s best for you, but boundaries are crucial.

2.  Don’t Exceed Expectations

Don’t setup false expectations.  Certainly, you want to deliver great service and practice quick communication with clients, but when employees answer a routine email Sunday evening, they just made it acceptable for clients to expect all emails to be answered at that time.  It also sets up the rest of the employees for that client expectation as well.  

Some companies have gone as far as banning email before 6am and after 6pm.  This eases the email burden on employees and eliminates the pressure of trying to catch up or get ahead.  A German car company, Daimler, has installed software that deletes emails for people while they’re on vacation, or out of the office.  

3.  Write Better Emails

Are you writing emails that are too long, too short, too wordy, don’t get the point across?  What the perfect length for an email?

Guy Kawasaki said, “Less than five sentences is often abrupt and rude, more than five sentences wastes time.”  The author and founder of All-Top said, “Proper email is a balance between politeness and succinctness.”

Rethink email writing.  Be polite, yet succinct.

4.  Let it Go

Stop allowing your email to become the most important thing in your life.  Don’t let your inbox dictate your day.  

Take back control of your inbox, and get on with your life.

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!

iPhone 6: Battery Drain

by Leave a Comment

Battery DrainWhy is My iPhone 6 Battery Draining So Fast?

The release of the iPhone 6 and the iPhone 6 Plus was extremely successful for Apple.  However, when iOS 8.1 was released, many iPhone users complained of rapid battery drain.  

There are several things that could cause heavy battery drainage.  

Follow these tips to ensure battery longevity for your iPhone:
Battery Usage

You can check which apps are using more battery power by visiting “Settings” > “General” > “Usage” > “Battery Usage”.  Use this list to see which use the most battery power, which you should use less often, and which you should close right after using.  

iPhone Battery Use

 Background App Refresh

Some apps on your phone can actually be running while it is open but not in use.  These apps are constantly refreshing and using up your battery to push data and check for new content.  Visit “Settings” > “General” > “Background App Refresh”.  Use the “Background App Refresh” toggle to turn this function off completely, or to individually select specific apps to turn on or off.

Background App Refresh
 Location Services

Your battery will constantly used to update your location if your location services are turned on for all your apps.  Visit “Settings” > “Privacy” > “Location Services”, to see which apps are constantly checking for your location.

iPhone Location Services

You can click on each app, and choose whether you want your location to be updated “While Using the App” or “Never”.

iPhone Location Update

 Fetching New Data

The data associated with your “Mail”, “Contacts”, “Calendars” and “iCloud”, are either pushed to your iPhone from the server, or fetched.

“Pushed”:  Your server is looking for new data, such as emails, in real-time to ‘push’, or send, to your iPhone.

“Fetched”:  Data is looked for once you open the app, or when you choose to.

To save battery life visit, “Settings” > “Mail, Contacts, Calendars” > “Fetch New Data”.  Turn off “Push” by clicking on the toggle button.

However, this option isn’t practical if you want to receive your emails frequently.  If this is the case, scroll down to the “Fetch” section and choose how often you want the data pushed to your phone.  To maximize your battery longevity, schedule the “fetch” less often. 

iPhone Fetch New Data

 Parallax

Parallax:  The displacement of an observed object due to a change in the position of the observer.  An example of this is when you turn on your iPhone, and the wallpaper moves as you tilt the phone.

A large amount of battery power is used just to create the animations and the parallax effect to show depth on your iPhone. 

iPhone Parallax

 Brightness

You can use less battery power if you lower the brightness on your iPhone.  Visit “Settings” > “Display & Brightness”.  If you choose “Auto-Brightness”, your phone will detect the amount of light in the environment, and will adjust the display brightness accordingly.  

iPhone Brightness

 These things should help keep your iPhone (and you) happily charged for a longer period of time.

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

 

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!

Beware of Juice-Jacking

by Leave a Comment

 

Beware of Juice-JackingBeware of Juice-Jacking

 

In this age of everything and everywhere digital, more and more public places are providing conveniences for your laptop and smartphone.

Airports, hotels, and some shopping malls now provide free charging kiosks to charge up  your laptop or smartphone, provided you have a USB cord.

Juice Jack Charge

 

But they are just another way you can get jacked!

These publicly-available devices could be configured to read most of the data on your phone, and perhaps even upload malware.

 

What Is Juice-Jacking?

Juice-Jacking:  The illegal downloading of data from a smartphone while it is recharging at a free charging kiosk at an airport or other location.

Juice-Jacking was identified by Black Hat in 2013 as the #1 threat for identity theft and malware for mobile device users.

USBRegardless of the kind of smartphone you have (Android, iPhone, Blackberry, etc.) there is 1 common feature they all have – the power supply and the data stream pass over the same cable.  Whether you’re using the now standard USB miniB connection, or Apple’s proprietary cables, it’s the same:  the cable used to recharge the battery in your phone is the same cable used to transfer and sync your data.

With data and power on the same cable, this offers a way for a malicious user to gain access to your phone during the charging process.  This process, leveraging the USB data/power cable to illegitimately access the phone’s data and/or inject malicious code onto the device, is what is referred to as “juice-jacking”.

Being “juice-jacked” could be a simple invasion of privacy, where your phone pairs with a computer concealed within the charging kiosk, and private information such as photos, contact information are transferred to the malicious device.  Or, it could be an injection of malicious code onto your device.

Juice Jack Free Charge

At the 2011 DefCon (a massive hacker conference held each year in Las Vegas), at least 360 attendees plugged in their smartphones to a charging kiosk built by the same guys who run the infamous Wall of Sheep (a public shaming exercise at DefCon aimed at educating people about the dangers of sending email and other online communications over open wireless networks).  The charging kiosk was built to educate the attendees about the potential perils of juicing up at random public kiosks.  To attract passerby’s, the kiosk was equipped with a variety of charging cables to fit most popular wireless devices.  When no device was connected, the LCD screen on the kiosk displayed a blue image and “Free Cell Phone Charging Kiosk”.  When a device was plugged in, the LCD screen changed to display a red warning sign reading:

Juice Jack Dont Trust

You should not trust public kiosks with your smart phone.  Information can be retrieved or downloaded without your consent.  Luckily for you, this station has taken the ethical route and your data is safe.  Enjoy the free charge!”

 

Brian Markus explained the motivation behind the experiment:

We’d been talking about how dangerous these charging stations could be.  Most smartphones are configured to just connect and dump off data.  Anyone who had an inclination to, could put a system inside one of these kiosks that when someone connects their phone, can suck down all of the photos and data, or write malware to the device.”

One attendee was so shocked by the kiosk that he sent an email to everyone in his company stating they were now required to bring power cables and/or extra batteries on travel, and no longer allowed to use charging kiosks for smart devices in open public areas.

 

What’s The Safest Way to Charge?

The safest way to charge your device, in and out of the workplace/home, is to use the supplied power cord that plugs into a regular electrical outlet.  

If you absolutely have to use a random charging kiosk, completely power off your device before you plug into the kiosk.  However, this only help to prevent data transfer on a small number of devices.

 

What Does This Mean To Me?Cyber Security

In recent years, there have been many, much more malicious, malware and viruses released.  Cyber attacks are on the rise.  Estimates show that CyberCriminals release 3.5 new threats targeting small and medium businesses every second.

  • Small businesses are now the target of 31% of all cyber-attacks.
  • There are approximately 5 cyber attacks every second.
  • 29% of small businesses have experienced a computer-based attack that affected their reputations, involved theft of business information, resulted in loss of customers, or experienced network and/or data centre downtime.
  • In 60% of cases of cyber attacks, attackers are able to compromise a business within minutes.

Businesses need to educate their employees, and block malicious attacks before mobile malware enters its system through infected devices.  Businesses must ensure network layer Data Leakage Prevention (DLP) to prevent the outflow of user/corporate data.

  • 23% of recipients still open phishing emails.
  • 11% of recipients click on the attachments.

Businesses are still slow to install software patches.

  • An overwhelming majority of cyber attacks exploited known vulnerabilities, where the patch had been available for months prior to the breach!
  • 68% of security breaches took months or years to discover.
  • 69% of breaches were discovered by an external party.

 

You can’t stop CyberCriminals from targeting you.
But you can be prepared for their arrival, and have full shields up.

 

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!

 

May the Fourth Be With You

by Leave a Comment

May the Fourth Be With You

 

May the Fourth Be With You is a full-fledged unofficial holiday:  

Star Wars Day.

Star Wars

 

 

 

 

 

 

As far as Lucasfilm and Disney are concerned, it’s very official.
Check out it’s own website at:  http://www.starwars.com/may-the-4th.

 

Legend has it that the phrase was 1st used May 4, 1979, the day that Margaret Thatcher took office as UK Prime Minister.  Allegedely the Conservative party place an ad in the London Evening News,

 

Margaret Thatcher

“May the Fourth Be With You, Maggie.  Congratulations.”

 

 

And that, as they say, “is where history began.”

With the advance of social media, it’s expanded to real-life events, celebrating the day worldwide.

 

May the 4th Yoda

While Lucasfilm did not start the idea of May the 4th (although, I’m sure they wish they had),

they fully embraced the idea, and have been capitalizing on it ever since.

 

May the 4th kicks off a day of celebration, and more and more official Star Wars partners have offered sales, giveaways, and exclusives.  Including hosting parties and other activities to celebrate the day.

 

NASA2
NASA also hopes to send a special message from the International Space Station.  
Although, the Empire plans to jam his transmission.

 

 

Character

 

There are online and in-store deals on Star Wars merchandise and gaming.

Star Wars food, and events where fans dress as their favorite Star Wars character.

 

 

Most events happened over the weekend, although you can celebrate on your own:
  1. Dust off your favorite Star Wars costume (come on, we all know you have one…), and cosplay with your friends.
  2. Have a Star Wars movie marathon.  Atlanta’s Battle and Brew offers Star Wars movies and a themed drink…
  3. Donate.  UNICEF and Lucasfilm/Disney have joined forces with a wearable power band that allows fans, young and old, to get moving and help children in need around the world.
  4. If you happen to be in Sydney, Australia, you can support Scott Loxley.  He’s been walking the country in a sandtrooper costume to raise money for charity.  Participants can “walk a mile” in his boots by hopping on a treadmill.
  5. Stay at home and throw your own Star Wars-themed party, complete with Star Wars-themed treats from The Star Wars Cookbook:  Wookiee Cookies and Other Galactic Recipes.  

 

The Empire Taken Your Computer Over to The Dark Side?

Empire

1-204-800-3166

Lightsaber

For Lightsaber Action!

3 Reasons Email Scams Still Work

by Leave a Comment

3 Reasons Email Scams Still Work

 

With the help of movies and other media, our image of the email scam artist has evolved in the past 10 years.  

 

 

 

We used to picture some greasy guy, still living in his mother’s basement, with a thirst for dirty money.  

Now, when we think of email scam artists, we think of young 20-something’s (still living in their parents’ basement), doing it just because they can.  

And this image is somewhat correct – for the common con artist.  If you’re lucky, this is the one that has you in their sites, and the product is of some dubious quality.

GodfatherHowever, the actual picture of the perpetrators of the mass scams (think Cryptolocker), is quite different.

The CyberCriminals of today that let loose the mass email scams are organized, skilled, and informed.  They use family deaths, holidays, or any other ‘in’, where the potential victim may be more vulnerable.

 

Their goal?  

To separate you from your money, or your information (which eventually lands them money).

These CyberCriminals may be behind phishing emails, pretext calling, and emergency queries, all of which are designed to appear normal, and intend for you to take action on them.  The action is designed to appear ‘simple’ and ‘innocent’,  such as clicking a link, answering a question, or providing access to something.  

The technology that can stop them is just one part of the equation.  Your employees can unravel the most secure technology, with a simple answer, a click of the mouse, or other action.

 

3 Reasons Why Scam Emails

and Other Social Engineering 

Remains a Threat to All Companies:

Helpful

 

 

 

 

1.  We Are Helpful By Nature.

One of the most successful social engineering techniques is the “Request for Help”.  Whether it’s on the phone, in person, or email.  The person engaging your employee may be posing as another employee, a customer, vendor, or member of the media.  They are asking for assistance.  They always throw in some urgency, for effect.  Whichever method they contact your employee, they never allude to, or throw any suspicion on the harmful effect your employee’s assistance may have on the company.

For example, a person could pose as the Senior Vice President of the company, call the switchboard (or random employee), and create a situation that elicits  a feeling of urgency, and wanting to help, and wanting to impress your senior:

“My laptop crashed, and I am operating off my tablet, which isn’t configured for the corporate VPN.  So, I can’t get to my corporate email, but I desperately need to reach out to my team.  Would you be so kind as to forward the employee director to my personal email?  I need to contact them right now, my meeting with an important client is in an hour.”

What would your employee do?  Would they deflect?  Have you prepared them for the false escalation that would accompany a denial?  Such as demands for their name, their supervisor’s name and contact information to ensure punishment of the employee?

Have you prepared senior management for this situation?  What if this really does happen to them?  What is the protocol?  Do they know it?

 

What if a man shows up at the side door of one of your company buildings.  He’s wearing a jacket with the company logo and, to the casual observer, appears to be an employee heading into the office via the side entrance.  He’s wearing an ID tag that may, or may not be, real.  What he doesn’t have is the building’s PIN codes or an ID with a valid near-field communication capability to get through the card swipe.  He simply adjusts his pace, or loiters so he may enter behind an employee with legitimate access.  Once inside, he wanders around and collects laptops, smart cards, hard drives, and papers.

How would your employees address someone following them through the door?  Would they hold the door closed, and demand that they swipe their badge or enter their PIN code?  Or would they be polite and hold the door open and go about their daily business?

Curious

 

 

 

 

 

 

2.  We Are Curious By Nature.

Curiosity is encouraged from the time we are in diapers.  We are encouraged to ask questions, try new experiences, read new things and stay current.  The social engineering professionals (and yes, they are professionals), attempting to set their technological hook into your company-issued devices and, by extension, the network, are crafting their emails and social networking posts to entice your employees to act, and click.  They use everything from natural disasters, epidemics, economic concerns, elections, tax time, famous deaths, family deaths, or any absurdity, all designed to pique your employees’ curiosity, so that they will take action, and click.

How would you implement a “No-Click Policy”.

 

MultiTasker

 

 

 

 

 

3.  We Are Multi-Taskers By Nature.

In this always-connected, always-on world of virtual meetings and engagement, employees may be talking on the phone and scanning their inbox at the same time.  Social engineering pros are counting on your partial-attention, when they begin to conduct surveillance prior to mounting an attack.  Multiple innocuous queries can be made across the enterprise via pretext calls about bring-your-own-device policies, or accessing social networks via company networks.  In every instance, the information gleaned, is the base upon which a scam package is created, which appears to be normal and within company policy to the recipient.

 

How Do You Combat Email Scams

and Other Social Engineering?

 1.  If you are using a data loss prevention system, you already know that you have to invest both time and energy to implement a data classification regime, which assists in tuning out the noise or false positives.

2.  You must ensure adherence to the philosophy of least-privileged access (need-to-know).

3.  Include a robust security information and event management process to ensure knowledge of attempts to access information and successful out-of-pattern access to information.

These foundational elements need to be coupled with a comprehensive Security Awareness Program that is provided continuously.

 

You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

 

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!