NRC Newsletter - July 2022

Beware of the Facebook Messenger Scam

Many technology professionals have reported on a phishing scam that has duped millions of Facebook users for months. According to the article published on threatpost.com, the phishing campaign is still active and convinces users to hand over their account credentials in a fake Facebook login page. Care to read the full article? Do so at this link Facebook Messenger Scam Duped Millions. Remember to remain vigilante and exercise caution when clicking on links in emails and such.


Let’s SLAM Phishing

illustration of a shark with a fishing pole catching a username/password credentials box

Most cyber-attacks are initiated at the human/employee level. Whether from phishing, spear phishing, misuse or stolen company credentials, weak or redundant passwords, most cyber breaches are actually started when an employee makes an error. New employees who haven’t been trained, as well as those who’ve recently terminated are higher risks and employers and HR need to conduct better strategies to defend against potential breaches. One excellent protocol to pass along to staff who sit behind a computer all day is SLAM.

What Does the SLAM Acronym Stand For?

The SLAM acronym can be used as a reminder of what to look for to identify possible phishing emails. The SLAM acronym stands for sender, links, attachments, message.

Sender: when hackers send phishing emails, they often mimic a trusted sender’s email address to trick recipients into opening the email. Therefore it is important to analyze a sender’s email address before opening an unsolicited email. To check an email address for validity, recipients should hover their mouse over the sender name to reveal where the email came from prior to opening it.

Links: phishing emails generally contain links that enable hackers to steal a recipient’s login credentials and infiltrate their network. Just like with the sender’s email address, links contained in an email should be hovered over to check the legitimacy of the link. Is the URL actually directing you to the page it says it will? Are there misspellings in the link address? It is also best practices to, rather than clicking on a link in the email itself, to go to the company website directly.

Attachments: you should never open an email attachment from any sender that you do not know. However, even when you do know the sender, you should not open unsolicited email attachments. Hackers often send malicious email attachments using a compromised email address’ contact list to infiltrate the recipient’s system.

Message: while phishing emails have become more sophisticated over the years, the content of the message itself can often be a dead giveaway. Phishing emails often contain generic greetings, misspellings, grammatical errors, or strange wording. Emails that contain any of these issues should not be trusted.

What to Do When You Recognize a Phishing Email

While you can use the SLAM method to help you identify phishing emails, it is also important to know what to do when you recognize one.

  1. Mark the email as spam
  2. Report the phishing attempt to management so that they can alert other employees
  3. Report the email to your IT department or MSP so that they can blacklist the sender’s domain address
  4. Do not forward the email to anyone

Focusing on Security

Abstract cybersecurity image featuring lock and shield emblems and server racks

During 2021 New River Computing (NRC) focused on ramping up its internal security systems, evaluated clients’ systems, and developed security packages appropriate for varying clients’ needs.

We offer Fortress One, Fortress Two, and Guardian Fortress, NRC’s most advanced security packages. These security products are our latest multi-layered set of protections and countermeasures designed to defend small and medium sized businesses against cyber criminals from around the world.


Other NRC News

Welcome Russell and Joshua

New River Computing has also added to its ranks. We are happy to welcome Russell Johnson, Solutions Manager, and Joshua Howard, IT Engineer. Russell is busy offering cybersecurity and other managed IT solutions to new businesses, while Joshua is the newest member of the NRC Technical Team. Welcome aboard!

Russell Johnson
Russell Johnson
Joshua Howard
Joshua Howard

Birthdays and Work Anniversaries

Happy birthday text with blue and green balloons

Birthdays

April – Karen Loferski

May – Scott Daley, Wes Wilson, April Richardson

June - Joshua Howard

July - Mark Phillips

Happy work anniversary sign with purple text

Work Anniversaries

May - Hansen Ball (16), Celeste (5)

June - Wes Wilson (4)

July - Mark Phillips (11), Scott Daley (11), Alex Zammit (7)

Revamped Website

NRC website screenshot

Finally, we are proud to announce the revamped New River Computing website. If you haven’t had an opportunity to browse the updated website give it a look. We are continuing to grow and improve so that we can be the best IT Services Provider for our clients.

Get a quote!

Your request has been successfully submitted.

Thank you for contacting New River Computing. We will respond to you as soon as possible.