When Phishing Strikes: The Tool Your Business Needs When Cyber Criminals Succeed

Email-delivered threats have increased drastically over the last few years. Even businesses with enterprise-level email services and employee training can fall victim to creative manipulation. To battle this, Anderson Technologies offers a solution that protects email when other systems fall short.

The Incident

Imagine turning on your work email to find a message from your biggest client. “If we get one more spam email from your accounts, we will stop doing business with you.”

How can this be? You pay for managed services, educate your employees on email security, and even recently upgraded your email services. How could something like this happen? Sure, your employees have received some suspicious-looking emails in the past, but there’s no way that could seep into your client interactions.

Except that’s exactly what happened to Intrante.*

According to Farica Chang, director at Anderson Technologies, the system administration team was able to trace the outgoing spam to a single “malicious phishing email that successfully executed code inside two employee Outlook applications.” The malware set up email rules that “hid its behavior from the users and began spamming everyone in their address books with email sent through their accounts.” Those emails not only went out to every internal company inbox but also to many clients and vendors.

Intrante couldn’t afford for this to happen again. Imagine this happened to you. What would you do?

The Response

Upon learning of the spam coming from Intrante’s accounts, senior systems administrator at Anderson Technologies, Luke Bragg, immediately took action. “The first thing we did was reset the passwords for the suspected accounts that were compromised,” he said, thus cutting off further access from cyber criminals. “From there we started digging into the accounts to see what other data or settings had been maliciously modified.”

Once the scope of the incident had been uncovered and repaired, Bragg and his team needed a stronger email spam filtering solution to implement to prevent a similar incident from occurring in the future.

He looked to the August 2017 study from SE Labs, which analyzed email threat protection services. This data made it clear—while many popular email services catch spam and phishing attempts, messages still slip through the cracks. Three email filtering services analyzed by SE Labs received their “AAA” rating: Mimecast, Forcepoint, and Proofpoint Essentials. While all three provided excellent coverage, only the last service achieved a 100% accuracy rating.

Proofpoint inspects both inbound and outbound emails.  According to the SE Labs study, not only does Proofpoint quarantine or send threats to junk mail, it stops or rejects threats before they reach the user. If URLs are present in an email, Proofpoint’s system opens every link inside a controlled sandbox environment. “This action and analysis allows it to determine if the link is legitimate and safe before it releases the email to the recipient,” said Chang.

In addition to its stellar record, Proofpoint’s four subscription tiers also offer features that many clients of Anderson Technologies request. An Essentials Business account gives access to most of Proofpoint’s features, but the Advanced and Pro levels include email encryption (and along with that, HIPAA and PCI compliance) and social media account protection. Pro also offers a tamper-proof, off-site, unlimited (10 year) email archive.

With this distinctive solution, Anderson Technologies’ managed services team brought their answer back to Intrante.

Why Email?

According to Bragg, “email threats are extremely common, and probably one of the most targeted systems.” Email is the perfect delivery system for malware, spam, and phishing campaigns, all of which saw an increase in 2017, according to Symantec’s Email Threat Report. Email can be utilized by bots, entities with malicious intent, and acts (unintentional or intentional) by authorized users to spread these threats.

Even educated employees can miss the subtle tricks of an effective spammer.

Phishing emails may look and feel like they come from a well-known company, like Amazon, Apple, PayPal, or UPS. Frequently, these attacks ask the reader to “click here to log in to your account,” providing login information to a wolf in sheep’s clothing. These attacks are easy to mass generate and make money for the perpetrators even if only 1 in 100 falls for the trap.

According to Symantec’s Email Threat Report, “one out of every nine email users encountered email malware in the first half of 2017!” These emails typically offer an attachment disguised as an invoice or other important document. These may appear to be sent from other employees and may even be routed through their real email addresses.

Malware-spreading emails typically urge the reader to act NOW, inhibiting the thought process through urgency.

Another vulnerability tied to email is information hacking.

Even comparably low-value targets can provide lucrative information to hackers—information like other user names, passwords, client information, industry secrets, or proprietary data. Email is as insecure as a postcard. As long as it is only read by the intended recipient, your message is moderately safe. Even so, never send passwords, financial credentials, Social Security numbers, etc., in a plain-text email.  Once in the wrong hands, unencrypted email is easy to read.

Don’t be fooled. “Even with additional layers of filtering and security,” says Chang, “there will always be malicious emails that get through. Teaching employees to be wary and practice caution is the best defense.” Take advantage of education services like free seminars, or Anderson Technologies’ free eBook on cyber security.

Email may be the perfect vehicle for bad actors to find their way into your network, but you and your business don’t have to be a victim. With spam monitoring and encryption services like those offered by Proofpoint, a mistake or foolhardy action doesn’t have to mean the destruction of your business.

Protect Today!

Anderson Technologies strives to ensure the IT products and tools it recommends are fully vetted and employed internally first. Principal Mark Anderson reports that after implementing Proofpoint Essentials, his junk email count has dropped by over 90%! According to Symantec’s Email Threat Report, an estimated $1,177.42 annual cost for the time one employee spends managing spam.

Bragg recommends a layered approach to email security.  The first layer being perimeter protection with a good hardware firewall that has additional malware and intrusion defense capabilities.  From there, Bragg notes the importance of enterprise-grade anti-virus software on all workstations and servers. It is important that this software be closely monitored and updated to truly be effective. The final layer is spam filtering, and for that, Anderson Technologies recommends Proofpoint.

Of course, there is also user training, which is “challenging,” according to Bragg, “but necessary.”  Even for businesses that are confident in their employees’ cyber security training regarding email, Proofpoint brings operations closer to a Zero Trust mindset, truly making your operations secure.

Are you interested in adding a spam filtering or encryption service to your business? Contact Anderson Technologies today! Email info@andersontech.com or call 314.394.3001.

*Names have been changed to protect the identity of the business and its executives.

Cloud Storage Service Provider Keeps Things Working Smoothly

Is Your Cloud Provider Working for You?

By now, most companies are working hand-in-hand with cloud providers. Cloud storage is unavoidable, incredibly useful, and becoming more relied upon every day, especially for companies moving toward a paperless office. Therefore, an important question to consider is: are your providers working for you, or do they end up being a hassle?

Cloud services should be seamlessly integrated into your network and IT system as a whole for best practice. Above all, cloud services should be reliable and secure. If they are affecting productivity or leaving you vulnerable to data breach, it’s time to start thinking about changing to a new cloud service provider!

Assess Your Needs

Every company has specific needs their cloud provider must meet. Usually, this includes security, reliability, speed, and regulation compliance related to their industry.  Companies in the medical industry need a provider that is HIPAA compliant, while organizations in the investment industry need one that’s SEC/FINRA 17a-4 compliant. Whatever your needs, it’s vital to ensure that your provider meets those standards.

Your company’s unique environment dictates different network and system requirements. For instance, a company that centers on remote access requires different security measures compared to a company that works solely from a single main office. Budget, granular permissions, and whether you need a dedicated server environment must be taken into consideration when assessing and choosing a cloud service provider.

Cloud Provider Warning Signs

There are several cloud provider warning signs to look out for.

Data loss and lack of flexibility or scalability are major red flags. Data loss should never happen. If you lose data due to a failure within the cloud provider, they are either not testing backups or not doing them—neither of which is acceptable. If there is an outage and you don’t get your data back, that alone is reason to switch.

Some cloud providers also fall short with granular file-based permissions and cloud applications that don’t allow companies the control they need over their files and don’t allow them to assign permissions for individual employees. The lack of cross-platform support and poor mobile apps is another reason companies switch providers. As your company grows, scalability becomes incredibly important. You should be able to double your cloud infrastructure in the same day. If the cloud provider isn’t prepared for an increase in infrastructure, it’s a problem. Flexibility is one of the driving forces of cloud computing, so don’t be dragged down by poor scalability.

How to Assess Your Cloud Provider

According to Joseph Baker, systems administrator at Anderson Technologies, companies should pay attention to four things when assessing their cloud providers:

  1. Uptime/Service Level Agreement (SLA)

The most important thing to look at is uptime/SLA.  Major companies such as Microsoft, Google, and Dropbox have very good guaranteed uptimes and SLAs.

  1. Data Ownership

Some cloud companies claim that if data is stored on their servers, it’s theirs. They are not going to use it to copy your business, but if you don’t pay your bill or if you decide to migrate, they could legally hold your data ransom.

  1. Data Center Locations

Partner with a cloud service that has data centers in the same part of the world as you to decrease latency. Many low-cost cloud vendors are located in China and India, but the latency will be noticeably higher than with a domestic choice.

  1. Multi-Tenant or Single-Tenant “Dedicated Server” Environments

Some businesses care about multi-tenant environments. This means your data is stored on a remote server along with someone else’s data, or even a few different clients’ data, depending on resources needed. This is generally safe and the data is segregated, but sometimes there are compliancy requirements, and there is a chance that if someone’s data is infected, it might affect the entire server. If you want the peace of mind and are willing to pay more, a single-tenant “dedicated server” is another option.

After checking these things, don’t forget to look at the front-end, too. Make sure you ask the following questions:

  • How do I access the cloud provider?
  • Is the provider antiquated and forcing me to use outdated Internet Explorer or can I use any browser?
  • Does the provider have a smartphone app?
  • Does the provider work with Mac, Linux, and Windows?
  • Will my legal compliance be met?

Compliance isn’t always ubiquitous, even among the bigger companies. If your company has a specific compliance requirement, request the specific certification for it from your cloud vendor.

Is Your Provider the Most Economical Option?

There are a wide variety of cloud service providers, and each with different options and services, depending on what you need and are able to afford.

If speed and reliability aren’t a priority for you, it may make sense to go with an overseas data center. There will be some latency, but the vendor will be cheaper.

For cloud storage, you want to purchase a plan that fits your needs. If you know that you need somewhere close to 500 GB, it is wise to purchase that right off the bat so you have it and won’t need to change plans. If your company is planning to grow, but you don’t know at what rate, a “pay as you grow” plan may be your best solution. You will pay for what you use on a per GB basis.

Some providers charge overages for unexpected traffic spikes. If you have a cloud-hosted website, this could mean outages or huge overage charges to keep your site online. Keeping your cloud services economical depends on what’s important to each individual company.

Speed, reliability, and ease of access should always be vetted before making a decision. On the most basic level, as long as your internet is decent, you should be able to upload something and walk across the office to another workstation and access the file.

Hybrid solutions are another option to consider. Many companies like having cloud storage in conjunction with physical storage, just in case something happens to either storage service. They also like knowing that what they have is theirs instead of being reliant on another company. Hybrid solutions can be cost efficient and simple to implement.

OneDrive Might Be the Solution for You

Anderson Technologies recommends using Microsoft’s Sharepoint OneDrive and Office 365 because they quickly, reliably, and seamlessly integrate with many common Microsoft applications. It’s one of the only cloud providers that can be combined with other apps—and still work! Not only does it work, but Office 365 is HIPAA, FISMA, and HITRUST compliant, which can be a big relief.

Baker says that once someone switches to OneDrive, they note that “their previous cloud application didn’t allow them the control they needed over their files,” nor did they have the ability to permission them out to employees. “OneDrive uses NTFS permissions which is the same thing as all the versions of Microsoft Windows, so a lot of people are used to setting that up, and it’s a little more intuitive.”

Contributor at Forbes and owner of Evans Strategic Communications LLC, Bob Evans says, “Microsoft remains an absolute lock at the top due to four factors: its deep involvement at all three layers of the cloud (IaaS, PaaS and SaaS); its unmatched commitment to developing and helping customers deploy AI, ML and Blockchain in innovative production environments.” Behind Microsoft, Evans ranks Amazon’s and IBM’s cloud services as the next best options.

Originally, consumers dismissed OneDrive because it wasn’t as feature rich as Dropbox, but with so many people moving to Office 365 and the improvements Microsoft has made to the system, it’s now a much more viable option. OneDrive is extremely reliable with an uptime of 99.9% for each of the last four quarters.

Are You Ready for a New Cloud Service Provider?

If you are paying for a service you aren’t getting, or if you have lost data because of unreliable services, talk to your IT provider about a more reliable and economical system.  Managed IT services can assist you in the migration process if you choose a new cloud service provider, and help with all IT needs.

Your time is valuable, and you want your cloud service to be working for you! Call Anderson Technologies at 314.394.3001 for a free consultation.

Human Behavior Impacts Cyber Security

“The Russians Have Hacked into Our Computer…” – Human Behavior and Cyber Security

Here at Anderson Technologies, we’ve reported on a wide variety of topics to help keep you and your business’s technology safe from harm: breaking news on security breaches like the Equifax hack and KRACK, password security tips, the importance of firewalls, and many more. But sometimes preventing trouble isn’t about the hardware or software you deploy—it’s about your people.

We all know someone who has fallen victim to a phone or email scam. Many of us have received a desperate call from a friend or family member trying to undo an unknowingly self-inflicted intrusion on their personal or financial information.

A member of the Anderson Technologies team recently received this harried voicemail from a family member:

“The Russians have hacked into our computer, and we’ve been on the phone for half an hour or so with India. The guy’s helped me reestablish my password but he thinks we should do some further work and maybe take the modem to the Apple store.”

From an objective perspective, this scam appears obvious. Why would the Russian government want to hack your personal home computer? How did these “tech support” guys get your information to call you and fix the problem? Thankfully, no permanent damage was done in this particular case, but you may find yourself wondering who could fall for such a transparent scheme.

Scammers target unsuspecting consumers and use data gathered from the web to build trust and elicit the missing pieces needed to access private account information. But how do these choreographed schemes apply to your business?

It’ll Never Happen to Me

Who do you picture when you hear the words “scam victim”? Several common stereotypes come to mind. The Better Business Bureau (BBB) released a comprehensive report that breaks down the perceptions we have about scam victims. Their 2016 survey shows that most people inaccurately predict scam victims to be older, retired, or less-educated blue-collar workers or women.

If you don’t fall into those categories, it’s still too soon to consider yourself safe! Thinking scammers won’t hound you because you are (at least in your own mind) an improbable target leaves you exposed and off guard.

For this we can blame optimism bias, or the tendency for individuals to believe they are less likely than others to be vulnerable to negative events. Even when the BBB or the Federal Trade Commission (FTC) releases accounts and warnings about the thousands of scams reported each day, in-the-know readers might react by thinking these threats don’t apply to them. Do you think you’re too smart to be fooled? What would you have that a hacker would want anyway? A quick skim of some unsuspecting person’s scam story, and you’re back to your usual technological habits.

“It stands to reason that individuals who believe they are not at risk will be less receptive to efforts to provide protective information,” says BBB’s marketplace scams report. “Media coverage, with victims shaped to fit squarely into these categories, risks being digested by the public simply as intriguing ‘real life drama’ affirming their beliefs.”

What the statistics show, however, is that all consumers are equally at risk. Some scams do target the “typical” grandmother or otherwise negligent prey (more on those tailored cons below), but the BBB research found that the groups at highest risk of losing money to a scam are college-educated individuals between the ages of 25 and 54. An estimated 90% of scam incidents go unreported, which goes to show how the inaccurate stigmas surrounding scam victims have infected our culture. No one wants to admit they were tricked.

But We Have a Firewall!

Personal consumer scams may not seem like they’re much of a threat to your business. Like any physical crime, cyber crime can’t gain access to your business unless there is an open door or a breach of some sort, such as when someone opens an email or picks up a phone. Who your employees share information with on their own time may not seem to be your concern as a business owner, but good personal practice translates into a stronger, safer business.

Cyber crime is changing. Phishing and spear-phishing campaigns are some of the most commonly-encountered scams by businesses, and they’re now more dangerous than ever. Hackers and scammers seek larger payouts now instead of quantitative scale. Rather than targeting individuals as they’ve done in the past, scammers are now narrowing their crosshairs to strike organizations. No business, large or small, is safe.

Hacking into your business’s hardware systems or networks is only one way to gain unauthorized information. Dedicated spear-phishing tactics use data mined from public accounts and web activity to target specific departments or employees. The only thing that separates personal consumer scams from business scams are the lies the criminal uses to try to break down your barriers.

Scammers often take advantage of brand familiarity and emotional response. Unexpected messages from a random email address or blocked phone number are much easier to ignore than a seemingly safe communication from the Yellow Pages or UPS.

One scam that aims directly at businesses is the “Directory Scam.” Employees receive a call from a well-known or non-existent agency requesting business information to update their directory. When your employee provides them with your business’s address and contact information, they send a fake invoice for the “service” and, if questioned, often fire back with edited audio from their previous call that “proves” your employee accepted the charges.

Another targeted hustle that’s gained steam over the last couple of years is known as the “Grandparent Scam.” In this case study, the victim receives a call from a scammer who claims to be his grandson needing bail money. This scam may seem ridiculous, but many have fallen victim to it because the caller knows the names of the grandparent and child as well as other personal information that would encourage one to believe they’re telling the truth. The scariest part about this scam is that the scammer called this victim at his place of work, further illustrating that public data on the web is available to anyone with the knowledge to find it.

What Steps Can I Take to Protect My Business?

BBB is one of many organizations to provide a checklist of actions to take against common scams. While most of the lists aren’t geared towards business owners, many of the habits suggested perform double-duty in both your professional and personal life. Anderson Technologies has a few tips for applying that knowledge specifically to your financial livelihood:

  • Keep an open dialogue with your employees and vendors about cyber security practices. Educating employees—Anderson Technologies has covered employee cyber security education in the past and takes it very seriously—protects their well-being as well as your business’s.
  • Educate yourself about what kinds of scams you or your business might encounter. BBB has compiled a thorough list here.
  • Be wary of email attachments. If you didn’t request it, you probably shouldn’t open it.
  • Use technology to your best advantage. Know how firewalls, anti-malware software, secure browsing, and network safety can benefit your business.
  • Develop a system for inspecting invoices. If you’re a larger company with many different clients and vendors, it’s easy for rip-offs to fall through the cracks.
  • Ask your IT provider about resources that can keep you safe. There are many programs that do some of the background work for you: NoMoRobo, LastPass, HTTPS Everywhere, Proofpoint, and so many more! Some of them are free, and others are not. Talk to a professional to determine the best investment for your business.
  • Question everything. Zero-trust practices can be employed over time, making universal authentication easier for everyone involved.

“The Russians have hacked into our computer” example at the top of this article is one of hundreds of similar scams permeating every demographic, consumer and business alike. In hindsight, it may be humorous to imagine someone getting so caught up in the urgency and persuasiveness of a slimy scam artist. However, when it’s happening, you or your employees may truly believe your business is at stake.

For more information on avoiding scams that target you or your business, download our free cyber security eBook or contact our team today.

How to report scams: