Office 365 & Email Security

Spam email

As an IT Expert, I get client calls and emails asking me about various emails they receive and whether that particular email is fake or real – almost all time the emails are fake.

To help my clients and others in a similar situation I’ve put together a video that goes through some security tips on how to protect your self from hackers and phishing attempts. The video goes through:

  • First alerts of being attacked.
  • How scammers and hackers try to fool you.
  • How to tell if an email is fake or not.
  • The Do’s and Don’ts.
  • How to tell if you’ve been hacked.
  • What to look for after you have been hacked.
  • How to prevent and protect from hackers.
  • What is 2-step and MFA?
  • What to do after you’ve been hacked.
  • Screenshot examples of phishing emails.

Check out the video below and leave any comments in the fields below.

Six Quick Security Tips To Keep Your Business Safe

securityEvery employee shares one inescapable flaw that is putting businesses at risk – they are human.

Up to 59% of data breaches can be traced back to something an employee did or didn’t do, which helped create a security incident or cyber-attack.

To help prevent security issues build security awareness and respect into your company culture, so that maintaining digital security becomes as simple as making a cup of coffee.

Use complex passwords: Every employee, including management and owners, need to use an alphanumeric password that they haven’t used before. Password managers can assist with making sure they’re never forgotten.

Verify unknown identities: Not familiar with ‘Jenny from Accounting’ who has called to ask for sensitive information? Double check the callers identity and access permissions before releasing any information. Hackers love to play on our desire to help other people.

Encrypt by default: People regularly transfer data to a laptop, USB drive or smartphone so they can work offsite. Unfortunately this equipment can be easily stolen or lost. Set operating systems to encrypt data by default, so that it becomes useless in the wrong hands.

Protect portable devices: Laptops, mobile phones and other portable devices should always require a password and be set to auto-lock after a short period of time. Never leave them unattended in cars, buses, restrooms etc, and if travelling by plane take them on-board as carry-on luggage.

Set personal usage rules: Many businesses block productivity-vacuums such as Facebook and other websites but what are the rules regarding games, video streaming or shopping? Can users install their own software? When business devices are used for personal usage, security tends to slide which results in unintentional malware installation. Also don’t let the employees spouse or children use any company device.

Educate often: People often fall into the “it won’t happen to me” mindset. As security threats change regularly have a quick five minute discussion once a month to remind staff that you always need to be vigilant.

Some things to discuss with staff are:

  • Links in emails – Hackers often send emails that look like they are from your bank, phone company or similar. Be sure to check the link by hovering over it with your mouse. This method of attack is known as ‘phishing’.
  • Tech scam popups – Be on the lookout for popups advising that your computer is infected and you need to call a phone number or download software.
  • Email attachments – Never open an unknown attachment and even from people you know and trust. If you are not expeciting an attachment from the sender always contact them to confirm and scan for malware before opening.

If you need help implementing better security practices in your business, give us a call on 08 8326 4364 or via email at support@dpcomputing.com.au

Don’t Fall For Phishing Scams

PhishingWhat is a Phishing Attack

Phishing is an attempt to trick you in giving out personal information such as bank accounts, passwords and credit card numbers.

They work by someone contacting you pretending they are from a legitimate business. They then ask you to provide or confirm certain confidential information.This contact can come in a variety of formats such as email, social media, phone call or text message. The messages are designed to look genuine and often use copied logos and branding from the legitimate company.

Once the scammer has this information they can then use this to carry out fraudulent activities such as emptying your bank account or using your credit cards.

How to Avoid a Phishing Attack

Some tips to help you avoid a phishing attack are:

  • Don’t reply to any suspicious looking emails or messages that ask you to confirm or update any information about your account whether they are from a coworker, finance company, friend, bank etc.
  • Don’t click or visit any links contained in suspicious emails or messages. Even if the website looks legit it will most likely infect your computer or do something worse.
  • Legitimate businesses, organisations and government departments will never send you a message to ask for your login information or sensitive personal information. If in doubt ring the organisation in question but don’t ring any numbers listed in the suspicious message.
  • Ignore emails that try to convey a sense of urgency and / or are requesting you to “Verify your account” right away due to ‘security issues’, ‘suspicious activity’ or ‘failed login attempt’ or the like.
  • Do not copy website links from suspicious messages and paste them into your web browser.
  • Never open or save any documents or attachments that come from possible spam and / or virus mails.
  • Never send confidential information about any of your accounts in an email.
  • If you’re unsure or suspicious about an email from a ‘friend’ or ‘colleague, call them  (ie don’t respond to the suspicious email) to see if that really was a legitimate message.

Further information is provided at the Australian Government’s Scam Watch website – http://www.scamwatch.gov.au/