Category: Blog

Can You Spot These Phishing Scams?

Would you or your employees recognize these clever phishing scams? It only takes a click to compromise data. Find out how to protect yourself with these tips.

 

October is Cybersecurity Awareness Month. So ask yourself, how well do you know the common cybersecurity threats?

While we all know about viruses and the perils of visiting shady websites, phishing scams are some of the most frustrating and personally-violating ways that criminals access our systems—and they’re very effective. Each year, businesses in the US lose over $500 million to phishing scams in addition to the collateral damage of data breaches and the public relations nightmares.

Masquerading as urgent requests from the boss’ boss, a charitable organization that needs your help or a government program for people like “you”, it’s not easy to distinguish between authentic communications and a criminal who knows exactly what to say. It pays to be aware of the many weapons that cybercriminals deploy to sabotage individuals and the businesses they work for.

1. We’re Deactivating Your Account If You Don’t Respond Now

Scammers use fear tactics like these to encourage people to click an email link. They may then be prompted to enter login information on an imposter site. Or a pop-up may inform them that their browser is out of date. Clicking download, which may seem second nature to some, puts malware on the computer.

And boom! The computer, and perhaps your whole network, is infected.

Imagine getting this from a credit card company, payment processor, doctor, or assistance program. The criminal knows that the person who gets this will have a visceral response that may compel them to act without thinking.

Employer Security Tip: They should never click the email link. Instead, visit the site directly and look for a message from the company there. 25% of all malware attacks target financial institutions, making any link to a financial business a potential threat.

Make sure you have real-time malware protection and a firewall to limit the damage, should someone fall for this.

2. Act Immediately or the {IRS} Will Freeze Your Accounts

Phishing schemes can come through email, text or even old-fashioned phone calls. In a similar fashion to the threat described above, a criminal is attempting to get information like an SSN or logon info. Regardless of the government agency, this is scary, especially if a person does have outstanding debt, lawsuit or obligation.

Employer Security Tip: Government agencies and courts send certified letters and do not send an email, phone or text threats. Put yourself in the employee’s shoes. People feel embarrassed when they fall for things like this. Because of it, they may say nothing after they click that link, compounding the damage. Encourage employees who think they may have fallen for a scam to contact the IT helpdesk immediately. IT and management alike should respond with empathy, not outrage.

3. Search Engine Phishing Scams

While Google attempts to battle these scammers, a criminal can use a search engine organic results or paid ads to make their spoof website appear above the real site. When the person clicks the link, the site looks exactly right.

Employer Security Tip: Educate employees about websites that may pretend to be your own. They should always double-check the address in the window and look for the “HTTPS” prefix and lock symbol. If your website isn’t “HTTPS”, here’s another reason it should be.

4. This Is Your Boss’ Boss. I Need Your Help.

It’s a classic movie cliche that works in real life. A person gets past security guards by dropping names and making the guard feel that they’re going to get in trouble if they don’t comply. In your business, each employee is a security guard protecting customer data.

With the “boss’ boss” phishing scam, you usually get an email from someone who claims to be someone higher up in the company. They can’t reach your manager. But they’ve heard great things about you and knew you could help.

Employer Security Tip: Talk to employees about phishing scams. Encourage employees to stay level-headed and check things out. And praise an employee rather than criticize them if they ask for verification when a contact turns out to be legit.

Don’t Be Fooled By Phishing Scams

Employees are your first and most important line of defense against phishing scams. But they’re not infallible. And it only takes a second of judgment lapse to do serious damage. So invest in smart security solutions to protect yourself when cybercriminals target your employees and business.

Exchange 2010 Is Being Retired

Many business leaders went into panic mode when Microsoft announced that support for Exchange 2010 would be phased out. For businesses who rely on Exchange 2010 for daily team communication and collaboration, the phasing out of support can seem overwhelming. However, Microsoft is in no way leaving their trusted business leaders high and dry. We’re on a mission to explain what the end of Exchange support means and outline the different options businesses have for moving forward.

Microsoft Exchange 2010 Support Is Ending in January 2020 – What You Need to Know

On January 13^th, 2020, Microsoft Exchange Server 2010 support will officially be off the market. But what exactly does end-of-support mean? Simply put, like most Microsoft solutions, Exchange 2010 has a support lifecycle. Microsoft support lifecycles last an average of ten years after the product’s initial release. When it comes to Exchange 2010, the support lifecycle will end January 2020.

When the Exchange 2010 support lifecycle closes in January 2020, Microsoft will no longer provide:

• Technical support and troubleshooting
• Bug fixes for issue identification
• Security patches for identified vulnerabilities
• Ongoing time-zone updates

Needless to say, without these critical Exchange support services from Microsoft, businesses who rely on the platform will definitely experience hits to functionality, productivity, and security. So, if you haven’t started planning for the phase-out, read on to consider the options available to your business.

Options for Moving Forward: Office 365 or Exchange 2016

Don’t panic – here’s where the doom and gloom stops. Microsoft has multiple solutions in place to help businesses transition from Exchange 2010. If your business or organization relies on Exchange 2010 and you don’t have a plan for transitioning before January 14^th, 2020, check out the two options available to you, explained in detail below.

• Migrate to Office 365

This is by far the easiest and fastest option for transitioning from Exchange 2010. It’s also the most innovative option that will position your organization perfectly to take advantage of Cloud technology for business. Office 365’s line of Cloud-based subscription services is fully equipped for automatic updates and patches meaning your organization won’t have to worry about updating any of your long-trusted Microsoft software products.

Other benefits of migrating to Office 365 include:

• Anytime, anywhere access to all the Microsoft apps you love and trust including Word, Excel, PowerPoint, OneNote, Outlook, Publisher, and more
• Not having to purchase and maintain expensive and tedious hardware
• Cost reduction via the elimination of on-premise servers
• Compliance management and optimization resources
• Analytics and machine learning tools

Businesses who want to migrate from Exchange 2010 to Office 365 have a few options including cutover, express or hybrid migration models. Businesses will also have to make considerations for the number of users and mailboxes they require on their Office 365 platform as well as taking account for the length of migration and the potential downtime that could accompany it. Consulting with a professional IT service company can be very helpful to ensure a seamless migration.

• Upgrade to Exchange 2013 or 2016

For some organizations, Office 365 may not be a suitable transition option. For instance, some businesses are legally required to maintain on-premise email servers and data storage to mitigate security concerns. If your business falls into this category – or if you just prefer an on-premise solution – you can update your Exchange platform by transitioning to Exchange 2013 or 2016.

However, it’s important to note that you’re not required to first upgrade to Exchange 2013 before upgrading to Exchange 2016. In fact, if you’re going to upgrade your Exchange platform, we recommend upgrading directly to Exchange 2016. By upgrading to the newest version, you’ll be positioning your business for more long-term sustainability. Even better? Exchange 2016 is designed to be ultra-compatible with Office 365, so if you’re considering a hybrid migration, Exchange 2016 is your best option by far.

Hiring an IT Provider: Finding Reliable Support for Your Transition

Now that we’ve gone over the details about Exchange 2016 end-of-service and explained your options for transitioning, it’s time for our biggest recommendation of all. If your organization has been relying on Exchange 2010 and you’re trying to make a plan for the transition, you should find a managed IT services provider to help you migrate at smoothly as possible.

Finding the right provider doesn’t have to be an uphill battle, either. Go into your search with a clear idea of which migration option you think would be best for your business. Explain your needs to different providers and ask them how they can help make the transition as smooth as possible. Above all, invest in a provider who is committed to helping you migrate with as little business disruption as possible.

The right provider will:

• Offer strategic consultation and explain your options to you clearly. They’ll also be able to make recommendations for which migration option is best for your business.
• Work carefully to migrate all your business data and will do so in a way that prevents downtime and disruption.
• Be willing to offer ongoing support and consultation to help you optimize your new platform from end-to-end.

If you’re already on the hunt for a migration support partner, don’t hesitate to reach out to the team of IT professionals at Right Hand. Our team has extensive experience with Microsoft migrations and optimizations and we will work alongside you and your team to ensure your transition from Exchange 2010 is as stress-free as possible.

Don’t forget – support for Exchange 2010 will be completely phased out by January 14^th, 2020. Don’t wait until the last minute to migrate! Reach out to our team of professionals at (412) 254-4448 or via email at info@rhtg.net. The Right Hand team is ready and waiting to help you put your migration woes to rest.

Why Outsourcing Your IT services is More Budget-Friendly Than You Think

Businesses are always looking to do more with less and save on overhead costs. Many business leaders cringe at the word ‘outsource’ because they often associate it with another monthly cost. So, many small business pro’s leave the management and optimization of their IT infrastructure to in-house IT staff. While there’s nothing wrong with this in principle, we’re on a mission to explain how outsourced IT services can often save companies money in the long run.

Is In-House IT Support Costing Your Business More Than You Think?

In theory, the idea of a single, in-house IT professional sounds like a dream. You have an expert right there in your office who can handle all the different tech problems that come up and make sure your system is continually functional and secure. However, depending on the size of your business, your industry, and your unique IT needs, this can be a HUGE responsibility for one person to handle.

When your trusted in-house IT professional is overloaded, things get missed and your IT infrastructure suffers and so does your team. When you’ve put all the IT responsibilities on one person’s shoulders downtime can become an issue and your in-house expert likely doesn’t have the time to be continually monitoring your network or planning strategically for the long run.

Also, let’s not forget that hiring an in-house IT employee is by no means cheap. The average annual salary for an in-house IT pro is roughly $50,000 but can often reach upwards of $65,000 or above depending on experience. Keep in mind that these salaries don’t include benefits, sick pay or vacation pay. We don’t have to say anymore – adding a dedicated IT professional to your payroll can add up.

Why Outsourced IT Services Could Save You Money in the Long Run

Here’s the thing: outsourcing to a team of IT professionals sounds expensive, but it really isn’t all that pricey for the value you receive. Even better? The return-on-investment benefits that you’ll see right away and in the long run can be HUGE boosts to cost-efficiency.

With an entire team of professionals working to keep your business network fully-managed, optimized, secure, and innovative, you can say goodbye to all the pesky tech troubles of the past. No more waiting in line for support, no more stalled applications, no more company shut-downs due to careless cybersecurity gaps. Just fully-managed IT service and support when are where you need it.

Here’s everything that a truly valuable outsourced IT package will include:

• End-to-end, enterprise level, managed IT services

The right managed service provider will offer everything your organization needs, from top-to-bottom. They’ll work alongside you to make sure the managed service agreement includes everything you need and nothing that you don’t. This way, you can be sure that your investment makes sense and is custom-built to support your team.

• 24/7 remote support

The right managed service provider will have solutions in place to make sure you and your team have round-the-clock support. Remember when your system crashed but your IT guy was on vacation? Or remember that night you were working after hours and couldn’t get your software to stop glitching? A reliable managed service provider will always have someone on call, so you can rest assured that business never stops.

• On-site support as needed

Listen, we get it. Having an in-house IT professional in the office has its benefits. You can find them, right down the hall and they always have their boots on the ground. But the right managed service provider will be able to get boots on the ground too – and fast. Choose a managed service provider that responds promptly and makes the effort to get on-site when they’re needed.

• Personalized support

Many businesses think that when they outsource, they can kiss personalized customer service goodbye. Don’t believe this myth! There are countless managed IT service providers that prioritize a personalized and customized approach to customer support and service. Don’t settle for anything less.

• Strategic consultation and budget-conscious planning

Finally, since we’re focused on cost-efficiency, make sure the managed service provider you invest in is committed to strategic, forward-thinking planning for the long term. They should be committed to giving you the most value possible and ensuring that your IT infrastructure remains as innovative and cost-efficient as possible.

Finding the Right Provider for Cost-Effective, Outsourced IT Services

So, whether you’re ready to fully outsource your IT services completely, or just want to call in some back-up for your in-house team, the only thing left to do is find the right provider. As you look for outsourced IT providers be sure to do your research, take your time, and don’t settle until you find a managed IT provider that’s the perfect fit for your business.

If your business is looking for a budget-conscious outsourced IT provider, look no further than the trusted team of IT experts at Right Hand. Our team is committed to developing cost-effective managed service arrangements for businesses of any size and in any industry. Above all, we’re committed to providing tangible value to every client we work with. The bottom line is, we believe in offering return-on-investment benefits that businesses can see and measure.

Don’t be afraid to take the outsourcing plunge. Whether you’re ready to completely replace your in-house IT support or just offer them some back-up, the team of reliable IT professionals at Right Hand is on standby, ready to help you optimize IT costs. Reach our team anytime at (412) 238-740 or via email at info@rhtg.net.

Nearly every site or service we use online requires a username and password. Remembering hundreds of unique passwords is just about impossible, and reusing passwords across multiple sites can be dangerous. If one account is compromised in a data breach (and this is likely: check out IdentityForce’s list of all the breaches so far this year), any other account using that same password is now at risk.

Today’s username and password convention is a difficult system to manage well, but it remains important to create strong, unique passwords for your various accounts. We’re here to help today by sharing a few ways to create unique passwords that are strong and memorable.

Base Your Password on a Familiar Phrase

One way to make a password easier to remember is to base it on a phrase or term that’s familiar to you. Notice we didn’t say to use a term that’s familiar to you: “ilovesarah”, “sparky”, and “gocowboys” are all terrible passwords because they’re easy to guess. Anyone who knows that your wife’s name is Sarah, that your dog’s name is Sparky, or that you love the Cowboys might guess these easily.

Instead, come up with something creative, but that still has a connection to something you won’t forget. Something like “R3dsk1nsRool!” would be hard to guess since it runs counter to your actual interests, and it would be hard to crack due to the character variations. You’ll have an easier time remembering it, though, since it connects to one of your true passions.

Another variation on this theme is to take a poem or song lyric that’s meaningful to you and turn it into an acronym. “Row, row, row your boat gently down the stream” could turn into “RrrybGdtS”, for example. Easy to remember; hard to guess.

Use Long Passwords

Long passwords are hard to guess, but they’re even harder to crack using hacker tools. Use a memorable phrase in its entirety, or choose a series of seemingly unrelated words that mean something to you. You’ll create a password that’s easier to remember than the previous method and that’s even harder for a computer to crack. Check out this Xkcd comic, which illustrates this principle with an added dose of humor.

Use Two-Factor Authentication Wherever Possible

You should enable two-factor authentication (2FA) on any site that offers it. 2FA adds a second method of authenticating that you’re who you say you are. Most 2FA methods involve sending a numeric or alphanumeric code to the account owner (that’s you). This code can be sent via email, text message, or even be displayed on a physical key fob. The code is only good for a short window (usually 1, 2, or 5 minutes). After supplying your username and password, you’ll be asked for this code.

Most consumer applications of 2FA involve sending the code via text message. Unless a hacker has stolen or cloned your phone, he or she won’t be able to view this code and thus won’t be able to log in to your accounts—even with your username and password.

Change Your Password Frequently

Changing your password frequently is another way to stay ahead of information thieves. A stolen password is only useful until you change that password to something else. It’s good practice to change your passwords frequently, such as every 3 to 6 months. We realize that can be a lot of work. Changing only your most sensitive passwords (financial, social, and email) is better than changing none.

Use a Password Manager

All this sounds like a lot of work, and it is. Thankfully, there’s a better way. Using a password manager, you can create long, unique, complex passwords for each account — but you don’t have to worry about remembering them! All your passwords are stored in the password manager. All you need to remember is the strong master password you create for this utility.

If you are taking on IT problems you don’t have time to solve and wearing out your workforce in the process, then it may be time for you to consider partnering with an outsourced help desk provider. A help desk service can ease the burden of trying to identify and solve tech issues in your company.

Below, we look at four reasons why finding a reliable help desk partner is a smart solution for your business.

1. Real-Time Answers to IT Problems

When you get answers in real time from a remote help desk, you reduce the amount of downtime it takes to solve issues significantly. Think about this way:

When you contact an IT company to come out and fix a problem, the specialist has to gather their tools, get in the car, drive across town, assess the problem, and then fix the problem. The entire process could take an hour to two hours to complete. The alternative is picking up the phone, getting a response in less than a minute, asking your question, getting a quick analysis via a remote connection, and getting a solution is only a few minutes.

The ability to assess and solve a problem in real time can save you dozens of hours in IT support throughout the year. Your employees can get back to work faster by merely picking up the phone.

2. Someone is Always Available

When you call someone to arrive on site to address an IT issue, you may have to wait for service. Why? Because someone who is driving around town going from client to client spends a lot of time on the road in-between customers. It takes longer to help everybody. On any given day, multiple clients may have issues occurring at the same time.

By contrast, someone who is always in the office is far more likely to be available to help you with your issue. Most IT companies have multiple technicians who are available to talk to you so that you never have to leave a voicemail. You get a call as soon as you dial in, send an email, or submit a request through a client portal.

3. You Get the Entire IT Team – Not Just One Person

Any company that offers managed IT services automatically has a team of experts that come with a specific skill set, education, and specialization. One person may specialize in cybersecurity. Another person may handle your cloud platform. Someone else is on hand to cover all communication issues. Then there is the IT consultant who can offer advice and expertise on a wide range of IT issues. You have an all-star technology team at your disposal.

When you call in and report a problem, you are automatically directed to the right person who understands your issue and can handle it properly. If your problem requires more than one type of solution, then your IT team can assemble and work on it together.

This is something that a single technician cannot handle on site.

4. Out of Sight Does Not Mean Out of Mind

It is easy to assume that if someone is not on site, then they must have forgotten your business and your needs. However, the core components of managed IT – specifically help desk services – is that they must have an eye on your entire infrastructure at all times. It is the only way that they can genuinely provide exceptional IT support.

It is a safe bet that the entire remote team spends more time thinking about your network than anyone in your organization. It is the job you paid them to do so that you can focus all your efforts on running your business. Your IT company invests a considerable amount of time and resources, protecting your network from every conceivable problem that could hurt your business. They are monitoring and managing your technology so that you can sleep at night.

Dependable Computer Help Desk Services

Right Hand partners with businesses to discover and implement IT solutions that protect the networks and data while fostering business growth. To find out more about how we can help you with your IT infrastructure, then contact us today at (412) 254-4448.