I.T. Deidre Frith I.T. Deidre Frith

COVID-19 Cyber Threat Exploitation Protection

This two-page guide will educate you about ways to help your business against COVID-19-related scams.
This COVID-19 Cyber Threat Exploitation guideline was created by the Cybersecurity and Infrastructure Security Agency (CISA) and United Kingdom’s National Cyber Security Centre (NCSC). Please feel free to share as needed.

Do you know what password spraying means? In the guide below, you can learn about ways to help your business against COVID-19-related scams. Here is a COVID-19 Cyber Threat Exploitation guideline created by the Cybersecurity and Infrastructure Security Agency (CISA) and United Kingdom’s National Cyber Security Centre (NCSC). Please feel free to share as needed. For more information on the CISA or NCSC, visit www.cisa.gov/coronavirus.

Joint_CISA_UK_Tip-COVID-19_Cyber_Threat_Exploitation_S508C_Page_1.jpg
Joint_CISA_UK_Tip-COVID-19_Cyber_Threat_Exploitation_S508C_Page_2.jpg
Read More
I.T. Deidre Frith I.T. Deidre Frith

COVID-19 Relief Check Risk

The rollout of COVID-19 relief checks in the US has created a new open door for cybercriminals. An estimated 4,300 malicious web domains related to COVID-19 relief have popped up in the last month, and Google reports that they’re stopping 18 million suspicious COVID-19 related emails per day.

CoronaVirus REALTIME IT.jpg

COVID-19 AND RELIEF CHECK SCAMS

The rollout of COVID-19 relief checks in the US has created a new open door for cybercriminals. 

An estimated 4,300 malicious web domains related to COVID-19 relief have popped up in the last month, and Google reports that they’re stopping 18 million suspicious COVID-19 related emails per day.

-IDAGENT

With “Where’s my stimulus check?” a top query on Google, many of these domains are being used to snare unsuspecting users into giving away their personal information. There’s a huge onslaught of phishing attacks that aim to capture personal information or deliver malware using COVID-19 money as a hook.

With most working remotely, warn your staffers to be on the lookout and be very wary of downloading any type of guide that helps them claim their stimulus check or other items of that nature. If a staffer checks their personal email on their work computer and downloads a guide that is malware, it’s now a business problem.

STAY AWARE AND SKEPTICAL WITH EVERY EMAIL THAT ARRIVES, BUSINESS OR PERSONAL.

Read More
I.T. Deidre Frith I.T. Deidre Frith

DNS Records Another Big Target for Hackers

Today’s phishing attack happened last week to one of the world’s largest domain name registrars, GoDaddy.com. One of their customer service employees fell victim to a social engineering attack which led to the infiltration of GoDaddy.com’s clients, instead of just GoDaddy itself.

Most of us understand what a phishing attempt is and how to protect yourself. The basics of protecting yourself from a phishing attack is not to open any emails you don’t recognize and specifically, don’t click on suspect links. 

PHISHING TRENDS

Today’s phishing attack happened last week to one of the world’s largest domain name registrars, GoDaddy.com. One of their customer service employees fell victim to a social engineering attack which led to the infiltration of GoDaddy.com’s clients, instead of just GoDaddy itself. 

Image from Escrow.com homepage where hackers left a crude message behind on on Monday, April 6, 2020.

Image from Escrow.com homepage where hackers left a crude message behind on on Monday, April 6, 2020.

The hackers used their infiltration to grab DNS records from one of GoDaddy’s clients, Escrow.com. Escrow.com, an online broker of sorts, was one of five clients that were comprised during this phishing attack. On Monday evening, Escrow.com’s website had its homepage hijacked with a profanity-laced message left by the hackers. Although no systems seemed to be compromised or customer data, the DNS records were redirected to a third-party web server in Malaysia.  

FUTURE TRENDS

The trend is that hackers are targeting more and more companies that are responsible for DNS records. Just last December 2019, another popular domain registrar based in The Netherlands, OpenProvider, was also attacked and, ultimately through a series of complicated acts, thieved another domain e-hawk.net whose service is to help websites detect and block fraud! An Iranian group successfully attacked major companies via DNS-based attacks where they stole countless passwords and VPN credentials leading to the coining of the term DNSpionage. 

 PROTECT YOUR DNS RECORDS

One way to protect your DNS records are to acquire a registrar lock. This service requires the registrar to confirm any requested changes with the domain owner through manual contact. It can help ensure that .com, .net, .tv, .cc and .name domain names do not get hijacked. Shockingly, a miniscule 22 percent of domain names tracked in Forbes’ list of the World’s Largest Public Companies have secured registry locks! Some services include Verisign, Nameshield and others. 


Source

https://krebsonsecurity.com/2020/03/phish-of-godaddy-employee-jeopardized-escrow-com-among-others/?web_view=true

 

 

 

 

Read More
I.T., Blog Deidre Frith I.T., Blog Deidre Frith

Free Zoom Backgrounds

How many of us are using Zoom now that we are working from home? Here is a list of some of our favorite Zoom backgrounds. Take a look and update your next Zoom meeting with one of your favorite backgrounds.

Zoom from your own private pool party! [Designed by West Elm Palm Springs: A Palm Springs Pool Party]

Zoom from your own private pool party! [Designed by West Elm Palm Springs: A Palm Springs Pool Party]

ZOOM MEETINGS

Let’s face-it. We’re all on Zoom for our meetings and why not make our meetings a little more interesting. Most devices can use a different background with a simple click of the button. Visit Zoom for more information on how to use Zoom Backgrounds or to see if your device is compatible.

The virtual background feature on Zoom allows you to display an image or video as your background during a Zoom Meeting. Here is a few our favorite free Zoom backgrounds. Just right click and save on the following images. Or visit the hyperlinks listed below for more images.


FREE ZOOM BACKGROUNDS

Fox Backgrounds

What would be better than working in your favorite animated show? Fox created several Zoom backgrounds featuring our favorite shows including the Simpsons living room and a fan favorite from Bob's Burgers. You can also find some from Family Guy and other favorites here.

Fox - The Simpsons

Fox - The Simpsons

Fox - Bob’s Burgers

Fox - Bob’s Burgers

DC COMICS

DC Comics assembled a collection of virtual backgrounds representing some of your favorite places within the DC Universe. From the gates of Arkham Asylum to the jungles of Gorilla City to the iconic globe of the Daily Planet, your home is about to seem a whole lot bigger! (At least to the people on the other end of your call.) Visit their site for even more DC Comics magic now.

DC Comics, Halls of Justice

DC Comics, Halls of Justice

DC Comics, Gotham City

DC Comics, Gotham City

Walt Disney Studios

How about your favorite Pixar locations? Who doesn’t love Finding Nemo or Up? Find more of your favorites here…

Up, Pixar Locations from the Walt Disney Studios

Up, Pixar Locations from the Walt Disney Studios

Finding Nemo, Pixar Locations from the Walt Disney Studios

Finding Nemo, Pixar Locations from the Walt Disney Studios

POP CULTURE

Whether it’s a meme or a favorite Netflix series, here are several that are sure to entice you to update your background.

Tiger King on Netflix featuring Joe Exotic

Tiger King on Netflix featuring Joe Exotic

@FERALCREACHRE, The infamous distracted boyfriend meme is sure to pull a few laughs on your next video call.

@FERALCREACHRE, The infamous distracted boyfriend meme is sure to pull a few laughs on your next video call.

CLASSY HOME BACKGROUNDS

Home about just giving your home an upgrade? These chic backgrounds are from West Elm and can make it look like you’re working in an Industrial-Glam Loft to working in your Chic-Modern Kitchen. See? You didn’t have to move to NYC after all. Find more pads for your Zoom background here…

West Elm Oakbrook: Want an Industrial-Glam Loft Space?

West Elm Oakbrook: Want an Industrial-Glam Loft Space?

Olivia Rink & John Philip Thompson’s apartment: NYC Waterfront Views with a Big Ol’ Bird of Paradise

Olivia Rink & John Philip Thompson’s apartment: NYC Waterfront Views with a Big Ol’ Bird of Paradise

Read More
I.T. Deidre Frith I.T. Deidre Frith

Cyber Hygiene at Home

Many workers in the U.S. are calling home their office for the next several weeks as the Coronavirus spreads. If working from home is part of your company’s plan, the time is now to think about protecting devices you or your staff will use in their home.

Many workers in the U.S. are calling home their office for the next several weeks as the Coronavirus spreads. If working from home is part of your company’s plan, the time is now to think about protecting devices you or your staff will use in their home.

Enter cyber hygiene.

We recommend arming your employees with the basics of work-from-home security. These include:

Cyber-Hygiene-RealTime IT.png
  • Remote workers should have access to a virtual private network (VPN)

  • Two-factor or multi-factor authentication should be enabled for all devices and accounts

  • Advise employees to secure their at-home Internet connection and turn off and unplug work devices when not in use

  • Alert employees to possible email scams and never click on links, especially those related to COVID-19 they may receive unsolicted

  • Remain up-to-date on all security patches

  • Don’t mix work and personal devices

COVID-19 PHISHING

It’s very important during this time to stress to your team not to overlook the importance of watching what emails are opened and what links are clicked. Be very wary of opening emails with information regarding COVID-19 as attackers are using this as an easy-in since it’s such a hot topic. Go one step further and encourage staff to only get their news from trusted sources such as the television, radio or legitimate news websites. There is no reason to read an email or click on a link regarding this topic no matter how tempting it may seem. There is an excess of information available elsewhere.

The last thing you need during a pandemic is backlash over a data breach or worse, ransomware.

Read More