IT consulting and tech support blog

Feeling Phishy: How to Be Safer in the Digital Ocean

Published November 06, 2023

In today's digitally connected world, communication has never been easier, but alongside the convenience comes a pervasive threat—phishing emails. These deceptive messages lurk in our inboxes, masquerading as legitimate correspondence while aiming to deceive recipients. From individuals to large corporations, everyone is a potential target in the expansive net of cybercrime. Understanding the insidious nature of phishing emails and learning how to identify and combat them is crucial to staying safe in the virtual realm.

What is a Phishing Email?

Phishing emails are fraudulent deceptive messages sent by bad actors with the intent to manipulate individuals into revealing sensitive information such as passwords, credit card numbers, or personal details. The emails often appear to come from reputable sources like banks, government institutions, or familiar brands. The fraudulent messages typically contain urgent requests, warnings of account suspension, or enticing offers to prompt recipients into taking immediate action.

These emails use various tactics to appear legitimate:

  1. Spoofing Identities: Cybercriminals impersonate trusted entities by mimicking their logos, email addresses, and language, making it difficult to discern their fraudulent nature.
  2. Urgency or Fear Tactics: Messages often create a sense of urgency or fear, pressuring recipients to act quickly without thinking, appealing to their emotions.
  3. Hyperlinks and Attachments: Phishing emails contain links or attachments that, once clicked or downloaded, can lead to the installation of malware or direct users to fake websites where personal information is solicited.

How to Recognize and Defend against Phishing Attacks?

SLAM infographic with a hooded hacker and text explaining the SLAM method against phishing.

To protect oneself and others from falling victim to these fraudulent schemes, it's crucial to employ various defensive strategies. We recommend using the SLAM method:

  1. SENDER: Don’t trust display names. Scrutinize the sender’s email address. Check for minor misspellings or alterations that might indicate a fraudulent account. Authentic companies or institutions usually have domain-specific email addresses.
  2. LINKS: Use caution before clicking on a link. Hover the cursor over any links in the email without clicking on them. This action reveals the actual URL, allowing you to verify if it matches the intended destination.
  3. ATTACHMENTS: Avoid downloading or opening attachments from unknown or unexpected sources. When in doubt, reach out directly to the supposed sender through verified channels to confirm the legitimacy of the email and attachment.
  4. MESSAGING: Look for uncommon phrasing, spelling, or odd requests. A sense of urgency may also exist in the message. 

Conclusion

Phishing emails continue to evolve, becoming more sophisticated and harder to detect. However, armed with knowledge and caution, individuals can thwart these attempts to protect their sensitive information. Vigilance, education, and the use of technological safeguards are pivotal in guarding against the insidious nature of phishing emails.

Remember, when in doubt, it's always safer to verify the authenticity of an email through official channels rather than risk falling prey to these deceitful tactics. In the vast virtual ocean, staying alert and informed is the key to navigating the deceptive web of phishing emails and ensuring a safer online experience.


Where do cyberattacks start?

Published September 07, 2023

An abstract cyberattack image.

Have you ever wondered, "Where do cyberattacks start?" Well let me tell you, cyberattacks can happen on any device at any given time. Now you are probably wondering which devices should I protect and how. So, to understand this, it will help to understand where these attacks come from.

In the past, most attacks came from outside sources, or, in other words, via the internet. IT Companies and cybersecurity specialists combatted these attacks by putting up firewalls, IDS, and IPS systems to thwart incoming attacks. Utilizing anti-virus software was also an important part of combating incoming threats, however, these methods are outdated. Nowadays, attacks take place just about anywhere.

Bad actors use malware now that is encrypted making them essentially invisible to firewalls and IDS systems. Historically, edge devices acted as the first line of defense, protecting the network from outside threats, unfortunately this is no longer the case. Hackers are no longer concerned with the devices they need to penetrate before they could make a serious breach.

Much like advancements in military tactics and weapons, the methods of cyber threats have also improved. Cyberattackers have developed multiple ways to bypass edge protection and gain direct access from inside the network. These methods include email phishing, accidentally entering an incorrect site, and even allowing your kids to play games on unsecured websites.

While networks are still organized from edge devices to wireless access points, and then to servers and personal devices, these advanced malware attacks ignore the line of defense that once proved competent. Companies do not realize that attacks can take place from within their own network. In fact, many companies still rely on firewalls and anti-virus software. This is not enough. Rather than simple edge protection, companies need cybersecurity solutions that give them full coverage.

With solutions from a reliable cybersecurity company, when an attack is made — no matter where it is coming from — the company is notified immediately, and the attack can be isolated before it begins to spread. This combination gives companies a centralized security system with all the assistance they need.

If your clients are simply using edge protection and anti-virus software, or if you are having any problems with your cybersecurity products, contact us to learn more about how we can help you.


Sips and Cyber - security and liability panel discussion

Published July 21, 2023

On July 11, 2023, New River Computing hosted a panel discussion on security and cyber liability.

Jeff Wynn and Suzanne Y. Pierce discuss cybersecurity and liability.
Jeff Wynn of New River Computing and Suzanne Y. Pierce of Cowan Perry PC.

The discussion featured the following panelists:

The panel was moderated by Jeff Nosenzo - Vice President of Brown Insurance.

Natalie Suarez and Jeff Nosenzo discuss cybersecurity and liability.
Natalie Suarez of Connectwise and Jeff Nosenzo of Brown Insurace.

If you missed out on the panel or want to revisit it, you can check it out in the video above!


Digital spring cleaning

Published May 12, 2023

Digital spring cleaning graphic depicting a squeegee wiping dirt off random text in binary.

Early May is mid-spring, and many are beginning the tradition of spring cleaning. You know that time of year you deep clean and declutter your home. Spring cleaning is a way to refresh and renew one’s living space. This year, we are encouraging you to perform a Digital Spring Cleaning. Digital spring cleaning is the process of organizing, decluttering, and optimizing your digital devices, files, and online presence. It involves cleaning up your computer files, email inbox, social media accounts, and other digital spaces to get rid of unnecessary and outdated data and to improve your digital security and privacy.

Here are a few digital spring cleaning tips.

Online accounts

Much like your homes, your online accounts can collect clutter and occasionally need a few minutes of care. Start by reviewing what accounts you have. Those can include email, social networks, clubs or organizations, shopping websites, and cloud storage accounts you have for both work and home. Think about these things:

  • Do you need them all?
  • Is there information in those accounts that isn’t needed anymore, such as credit cards saved in your accounts with shops and old documents on cloud storage accounts?
  • Are there accounts that you don’t use anymore and can close, like that old email account you never check?
  • Are you using the same password across any of these accounts that you could easily make unique and more secure?

Email accounts

Many email providers limit mailbox sizes and you should keep an eye on how many messages are in your inbox. Also, for security reasons, it is always smart to limit what is available in your email account. Consider these questions and actions:

  • How many emails are in your inbox – are there any you can file into folders or delete?
  • Is there information in your accounts that you can archive or delete?
  • When was the last time you cleared out your deleted items or trash folder?
  • Can you set a rule that will automatically empty your deleted items or trash folder on a regular basis?
  • Unsubscribe to recurring emails that no longer interest you.

Social media

Review your social media accounts by taking a few minutes to review your security settings, friends and connections as well as posts to make sure you’re still comfortable with them.

  • Is the information on your social networking and job websites – including Facebook, Twitter, Instagram, and LinkedIn – current?
  • Do your security settings ensure that only the authorized individuals can view what you post?
  • Do you still use or need all of the social media sites registered to you?

Web-browser settings

Did you know that web browsers can store your passwords and other personal data? Web-browsers can be gateways to your data for bad actors.

  • Take a few minutes to check your browser settings, clear out old data and ensure your browser’s security settings are still keeping you safe.
  • Make sure that autofill doesn’t contain sensitive information and that you don’t store your passwords in your browser.
  • Do you need all of the browsers on your system?

Backup files

Spring cleaning is a good opportunity to make sure you have a complete backup of important files. We recommend a cloud storage backup, but use something you feel comfortable with. Also, it important to make sure you’re saving the right files and that you can restore everything from your backup, since a backup that you can’t restore from isn’t useful at all.

Take out the trash

Do you have old devices in your house or office that should be recycled? If so, check with your local municipality, they may support e-Cycling initiatives and will help you dispose of them properly. Be certain to remove and shred or destroy hard drives and other components that might contain personal sensitive data.

These are just a few digital spring cleaning suggestions that may help you free up space on your devices, improve your digital security, and create a more streamlined and organized digital life. If your digital world needs a deep cleaning, New River Computing can help!


Microsoft Bookings – A Good Meeting Scheduling Tool

Published April 14, 2023

Have you ever tried to schedule a meeting between more than two individuals? It’s difficult with just 2 people and becomes exponentially harder with each additional person. At times, it seems like more time is spent trying to find a common meeting time than in the actual meeting. But the time spent scheduling meetings — the back and forth between people trying to figure out the best day and time @mdash; can be avoided using meeting scheduling tools. Microsoft Bookings is one such tool and makes scheduling/managing appointments easier.

If you have a Microsoft 365 subscription, then you should consider using Microsoft Bookings. Bookings has a web-based appointment calendar and integrates with Microsoft Outlook allowing customers and clients the flexibility to book a time that works best for them. Email and SMS text notifications that are a part of the Bookings app can reduce missed meetings and improve customer satisfaction. Just think of the time that can be saved with a reduction in repetitive scheduling tasks. An added bonus is that Bookings has a built-in ability to be customized to meet multiple needs of any organization.

Bookings also has features included to allow virtual meetings to be scheduled. Appointments booked as online meetings have unique meeting links included so attendees can join via Teams app, phone dial-in, or web browser. Bookings works effortlessly with Teams which allows users to create Bookings calendars, assign staff and schedule both new and manage existing appointments without ever leaving Teams.

Bookings is made up of these key features:

  • A booking page where your customers and clients can schedule appointments with the staff member who should provide the service or run the appointment. This web-based scheduling page can be shared via a direct link, your Facebook page, and even through link embedding within your website.
  • A web app that contains a set of web-based, business-facing pages where Bookings calendar owners and administrators within an organization can define appointment types and details, manage staff schedules and availability, set business hours, and customize how appointments are scheduled. These pages allow for versatility and the ability to customize a Bookings calendar to fit the diverse needs of the person or organization.

If you haven't already, check out the short introduction video from Microsoft above.


Get a quote!

Your request has been successfully submitted.

Thank you for contacting New River Computing. We will respond to you as soon as possible.