Received an email? Do you click or not click? – Malware, Scams, Trojans, Viruses could be lurking

The internet has become an indispensable tool for everyday life, both personal and business. Its global use and familiarity has also opened the doors for cyber-criminals to take every opportunity to exploit vulnerable people through disturbing online attacks. Online scams and malware are also becoming increasingly sophisticated, and while IT professionals are aware of what to look for and how to fix problems when they arise, their colleagues may be confused by the latest scams discussed in the media.

Botnets

A botnet is the result of a criminal using malware (malicious software) to turn a computer into a bot, short for robot. In conjunction with a large number of other computers, these systems together form a botnet. Bots can often propagate themselves across the Internet by searching for vulnerable and unprotected computers. Exposed computers can be infected quickly and unknown to the user stay dormant until they are required to perform their detrimental attack. Once infected these bots can be controlled remotely to perform automated tasks over the internet such as sending out spam, malware and spyware; launching denial of service (DoS) attacks against other systems; or participating in other types of cyber-crime such as theft or fraud.

Hacking

Computer hacking has been around much longer then people have had PCs in their own homes, and is the term used to describe gaining unauthorised access into a computer. Hacking can be used to find weaknesses in your security settings which are then exploited to gain sensitive or personal information, to install malware, or to block or hijack your access to websites or email.

Malware

Extremely common, malware, or malicious software, is software you don’t want to infect your computer. Malware includes computer viruses, worms, ransomware and Trojan horses. Specifically designed to disrupt, damage or gain control of a computer system or data, therein each of these types of malware has its own purpose. Malware does a range of things, it may tell you that your computer has a security problem, re-formats your hard drive, alters, deletes or encrypts files; steals sensitive information, sends unauthorised emails, or takes control of your computer and all of the software on it.

Types of Malware

Viruses

A computer virus when executed will replicate by inserting copies of itself (possibly modified) into your computer programs, data files, the hard drive or connected network shares. By doing this the virus infects your system and interferes with the way a computer operates. Viruses are often spread via normal looking attachments in an email message or instant message; through downloads, or in pirated software.

Trojan Horse

Like the Greek tale, the Trojan horse or Trojan, employs social engineering so that it looks legitimate, useful or interesting to the potential victim who is then more susceptible to installing it on their computer. As a non-self-replicating type of malware program it is designed so when it is executed it carries out the actions determined in the program, often including joining the computer to a botnet.

Ransomware

As a relatively recent addition to the malware family, ransomware is a digital form of extortion. When you open a malicious email attachment or click a malicious link in an email message, instant message, on a social networking site, or other website; ransomware is downloaded onto your computer and is designed to block access to all your files and programs until a sum of money is paid. A computer becomes basically inoperable as you have no access to any of your files (unless you have done regular data backups). It is generally advised that you don’t pay the ransom as you cannot be guaranteed you will get the key or code to unlock your files.

Phishing

Phishing has also become a firm favourite of cyber-criminals. These sophisticated modern day forgers use deception and social engineering techniques to trick users. This is done by sending emails, text messages or website links purporting to be from authentic companies that the victim may have had previous communications with (also called spoofing). These fake messages or links are then used to persuade the recipient to reveal personal information including usernames, passwords and credit card details. Phishing scams have become increasingly prevalent because they are easy to execute, and with little effort.

Spam

Spam is another common method for sending information out and collecting it from unsuspecting people. Spam is usually the mass distribution of unsolicited messages, marketing, advertising or pornography. Spam tends to annoy people mostly by clogging their inboxes with junk, however it can also be a vehicle for malware, scams, fraud and threats to privacy.

TIPS FOR CYBER SECURITY

It is vital that anyone who sends and receives emails daily (at home or at work) is made aware and well educated on these common types of cyber threats.
There are a wide range of things you should remember or put into place within your organisation, to ensure your computer/computers are protected the best way possible.

• Avoid giving your email address out online. If you publish your email address on the web, make it unscannable so that it cannot be harvested by bots. There are alternative ways to display an email address which in turn makes it hard for spambots and cyber criminals to harvest it.

• Never open an attachment that is a .zip file or .exe file unless you are expecting it. Files from unknown senders often contain some kind of malware or virus.

• Check who is sending you email communication. Be aware that malware, phishing scams or spam may come from unrecognisable or odd email addresses, however legitimate email addresses can be forged easily.

• Never respond. If unsure, report the message as ‘spam’ to your service provider, and delete it! Also, you should delete the email from your trash to save you accidentally opening it in the future.

• Only click links from trusted senders. If an email has a link you don’t recognise, take a closer look by hovering your mouse over and checking the destination in your browser. If it doesn’t match, it is not legitimate.

• Check for spelling, grammar and syntax. Most malware, phishing scams or spam originate from foreign countries so may contain some very obvious errors.

• A reputable company or organisation will never use an email to request personal information. If you think there is a possibility it may be legitimate, type the real URL into your browser or contact the company directly.

• Reading an email in plain text rather than html can help to avoid phishing attempts, however this is not 100% foolproof.

• Report any suspicious or scam emails to the company that is being imitated, your email security provider, or to SCAMwatch.

• If a computer runs slowly, keeps crashing or stops responding often, this could be a sign that the computer is infected. Get an IT professional to take a look for you.

• It is extremely important to back up your data every single day.

• Utilise multilayered defences. This includes installing anti-virus, anti-malware, anti-spyware, and using cloud based email filtering and web filtering services. You should also not conduct day to day work with Administrator privileges on your workstation. Instead, you should use elevated privileges only when required, for example to install trusted software. Having one form of protection alone may not cover you for all the possible threats.

• Keep your software regularly updated. Software that updates automatically is incredibly beneficial to busy organisations.

• Use strong passwords and keep them secret. It is also a good idea to change them on a regular basis. Don’t use the same password for multiple accounts.

• Install a firewall on your computer and never turn it off.

• Increase security settings on your browser. You can limit user rights to certain online sites.

• Use external devices cautiously. This includes USBs and iPads/iPhones etc. as these can become infected with malware, corrupting your computer.

Cyber criminals are quite adept at tricking email users into falling for their scams. They are always coming up with new methods of deception. It is in the best interest of every company to ensure all their employees are educated on the most commonly known threats. Staying cyber-vigilant and applying solid security measures, is always the best defence against any future breaches.

Want to add another of level of protection on your email? Filter with Mailguard – the providers of the information above.

Need more information, quote on Mailguard or training for your staff?
Contact Us NOW! – Don’t Delay

SITCLOUD Datacentre Migration for all Hosted Services

Due to client and services growth, our provider of SITCLOUD has made the decision to migrate a large portion of its services to a bigger data centre, this will increase our data centre footprint but it will also provide us better flexibility and improved data centre services.

For a virtual view of the new data centre please click on the below link, for those interested in seeing the data centre that can be arranged post migration;

https://www.youtube.com/watch?v=ZtwMsjnjJds

 

A very careful migration strategy has been formulated so as to reduce the requirement for outages, however outages are required and will be used to relocate these services but also further enhance the functionality with software updates and network upgrades.

 

The following System Maintenance periods will occur.

 

Microsoft Exchange will be unaffected for outage 1 and 2

Outage Period 1  – 13/08/2014

Services Affected:

VPS and Terminal Server Hosting in our datacentre

Microsoft CRM Hosting

Microsoft Lync Hosting

Microsoft SharePoint Hosting

Active Directory Authentication

Virtual Desktop Hosting

We anticipate an approximate outage of 10-15 Minutes for each service during this day in preparation if any preparation is required and server needs a restart. Networking will also be changing at this time to cater for the new datacentre.

We will be doing this one customer and service at a time.

 

Outage Period 2 – 16-17/08/2014

Services Affected:

Legacy VPS and Server Hosting

You will be migrated to our new infrastructure and will be individually contacted in preparation for the datacentre move.

 

Outage Period 3 – TBA we anticipate 13th to the 14th September for this move.

All Systems will have interruptions for 2-6 Hours. Some systems will have minimal outage however we may encounter issues along with this complex move but will do our best to avoid them.

Public IP Addresses will be changed on ALL Systems and you will be notified of the exact crossover times and details well before this happens, these clients will be contacted direct and will be provided a scope of works outlining the services effected and the outage window.

If you have any questions or concerns please contact us and we will be happy to answer any questions you may have.

Security systems with a difference – also for OH&S, tracking and safety with and without physical internet

Wondered how to get some surveillance happening without an internet connection?

We have the answer… An example of this might be a construction site which is a mobile container and moves site to site. Security on these premises is paramount not only for theft, but health, safety and tracking. With the ability to have internet on 3G/4G, wired infrastructure is a thing of the past.

Surveillance made simple

Having security cameras in your business is one thing, but storing and retrieving the data, is another. So many clients find that when it comes time to actually reviewing the video and/or audio footage, it is either too hard to find or isn’t there.

Let us work with you in giving you a demo on how this technology works. Going to a retail store and buying a kit may not be enough in a court of law.

Aerial Time lapse videoConstructionSite_EntranceGates Above shows the quality of a couple of screenshots.

Contact Us  for a NO OBLIGATION meeting to discuss your security needs.

Solar Security

$30 per month service fee to login to our service portal.
Data bundle SIM is not included in the initial purchase ($1,995.00) as your prospect can supply this themselves,
from either TELSTRA or OPTUS.
eMail alarm notification is free, but we charge you $0.50c for every SMS sent out as an alarm notification.