Telesys Voice and Data Blog

Social media has been an emerging technology in recent years, and has produced many threats. Hackers have learned that they can take advantage of these communication mediums to launch dangerous new attacks on unsuspecting users. With enough ingenuity on a hacker’s part, they can potentially steal the identity of a social media user. Here are some of the best ways that your organization can combat identity theft through social media.

First, it helps to understand why social media is such an attractive vector of attack for identity thieves. For one, the anonymity provided by the Internet has long been a staple reason why it’s been commonly used by hackers to steal sensitive information from organizations. This was (and still is) done through spam and scam emails, but nowadays, strategies have changed enough where individuals have to be more cognizant of their personally identifiable information, because by using social media constructs like Facebook, Instagram, Twitter, and the like, they are much more exposed. Enterprise-level spam filters are readily available to all kinds of organizations, prompting hackers to step up their game and create nefarious new ways of stealing information.

Spear phishing tactics were the result of these efforts. Intending to bypass the likes of spam blockers and content filters through seemingly legitimate sources, phishing tactics come in a variety of forms, with the most successful of these coming from sources that hide the true intentions of the one making the attack. The Internet can mask the true identity of hackers so that they can seem to be someone else, either in an email scam, social media attack, or otherwise. This is known as spoofing, and has been a infiltration tactic for decades.

In particular, social media can provide attackers with a lot of information without them working too hard. Think about the kind of information that you might have on your personal Facebook or Twitter feed. Do you have a phone number? What about an email address or physical address? Do you have any information about the musicians you listen to, or the books that you enjoy? All of this information (and more) can be used to help a potential scammer steal your identity and use it for various ill offenses - the gravest of which could be stealing your identity and using it to attack those you hold dear.

Imagine what could happen if someone were to steal the credentials to your social media pages and use them to impersonate you. They could fool all of your closest friends and family into giving up whatever information they are looking for. For example, they might be able to coax your parents or loved ones into parting with personally identifiable information such as your Social Security number or credit card number, which could be used to open new lines of credit or make fraudulent purchases. Regardless, the threat posed by identity theft through social media is considerable, and you must take precautions to ensure that you don’t fall for these traps in the future. Here are some ways that you can make sure this doesn’t happen.

• Be on the lookout for suspicious activity on your accounts: If you suspect for even a second that your accounts have been compromised, be sure to change your passwords so that they can’t be used to hurt those closest to you.
• Look out for dangerous messages sent to you: If you suddenly receive messages from those who you haven’t heard from in a long time, and their behavior is suspicious, perhaps it’s best to ignore these messages or alert those who you think may be affected.
• Limit the information you share on social media accounts: Information can’t be stolen if you don’t choose to share it. Consider implementing more powerful privacy settings for your accounts.

Businesses are just as vulnerable to spear phishing attacks as individuals, if not more so. If you are like billions of others, social media has become an important part of your life, and quite possibly, your business. To ensure that you are doing what you can to protect yourself and your organization from the threats that social media and other innovative communications technologies enable, consider reaching out to the IT professionals at Telesys Voice and Data.

Ransomware is a growing problem for businesses, being one of the most difficult threats to remove from an infrastructure. Not only is it easy to spread, but difficult to avoid as a whole. How can your organization prepare for this threat? It starts by being mindful of how ransomware is spread and how your employees react to it, both now and in the future.

Ransomware locks down files on your business’ infrastructure. Through ransomware, it’s easy to cripple a business by limiting access to important information or files located on an infrastructure. If the user fails to pay the ransom, they risk losing their data for good. Even if they do pay the ransom, there’s no guarantee that the hacker will give up the encryption key. The user is presented with a conundrum; pay up for a potential to get your data back or ignore the request and hope for the best.

Ransomware was primarily spread through the use of spam when it was first introduced to the online environment. Hackers would create ransomware campaigns to spread it to as many users as possible, hoping that any number of them would choose to pay up rather than lose access to their precious files. As time went on, however, ransomware became used in a more targeted fashion. Rather than claim as many targets as possible, hackers instead chose to go after only those who were most likely to pay up with spear phishing tactics designed to fool even the most stalwart and mindful user. In many cases, these targeted attempts were made against businesses, whom value data more than the average end user might.

These spear phishing attempts are incredibly difficult to identify for the untrained eye, and the amount of damage they could inflict on your company is untold. Your employees need to be able to identify potential ransomware threats. Even the cautious approach might not be enough, however, as the future of ransomware could potentially hold even more dangerous threats. Already, hackers are taking advantage of threats that can be purchased on the online black market, including ransomware threats, vulnerabilities, and even lists of targets. How can a small business protect themselves from such a prominent threat?

It all starts by remaining as mindful of security best practices as often as possible. By this, we mean trusting no suspicious message in your inbox without first double-checking any information found in it. If you receive an unsolicited message with an attachment claiming to be a resume, bank statement, shipping information, or anything else that seems out of place, think twice before downloading them. The same can be said for any links that cannot be verified as secured.

Is your business prepared to handle the next generation of ransomware? While we don’t know what the future holds, we know that you can confidently face it with security services from Telesys Voice and Data. To learn more, reach out to us at (800) 588-4430.

The holidays are a time filled with good food, visits from dear friends and family, and exchanging gifts with those you care about. However, to keep the season bright and merry, you need to be a little cautious during your next gift exchange, as many gifts can present some unexpected risks to your recipient’s security. Be mindful if you see the following items on someone’s wish list.

Business security is a common issue for many small organizations with limited budgets, but it doesn’t have to be an issue. We’re here to help you master the seemingly endless threats and security problems that major vulnerabilities present to the small business environment, and it all starts out by understanding how even basic security solutions protect your organization.

You’re lucky to go a month without seeing news of some devastating data breach. With more businesses gearing up for the worst, what are you doing to protect your organization’s intellectual property and sensitive data? You can start by implementing a new type of authentication system that’s much more secure than your current security strategy--two-factor authentication.

Physical security is more or less what it sounds like: security intended to protect the physical infrastructure that houses your business and your critical data. Many of the pieces of physical security will seem very familiar, even if you didn’t know the right terms for them.

You might be surprised by how many of your organization’s security issues originate from within. A major contributor is user error, which can lead to some pretty severe problems reaching from your data security, to your workflow, all the way to the continuation of your business itself.

Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.

The holidays are a time filled with good food, visits from dear friends and family, and exchanging gifts with those you care about. However, to keep the season bright and merry, you need to be a little cautious during your next gift exchange, as many gifts can present some unexpected risks to your recipient’s security. Be mindful if you see the following items on someone’s wish list.

If you run a small business, you might consider yourself a small target of hacking attacks. It might make sense to think of it in this way, but this actually is not advisable to think of it in this way. According to a recent survey by CNBC and SurveyMonkey, only two percent of small businesses see cyber attacks as anything worth worrying about. This leads us to the next question… are you one of them?

Data security, always an important topic, has been made even more urgent by the Equifax data breach and the fact that 143 million users had their personal information stolen after entrusting it (or not) to Equifax. You need to consider what would happen if your business were on the receiving end of a data breach, and prepare to handle this truly unpleasant circumstance.

Dealing with disasters are a part of doing business. You know how difficult it is to recover from a devastating flood or storm. While businesses tend to suffer from these situations, countless individuals suffer every time a natural disaster hits. Just take a look at the United States in recent weeks. Even though you may want to donate to people suffering from hurricanes, there are illegitimate charities out there that want to make a quick buck off of your generosity.

About two and a half years ago, Lenovo was brought under fire for manufacturing products that had adware preinstalled on them. This malware, a variant called Superfish, was installed on up to 750,000 Lenovo devices, and the company--eager to put this incident behind them--still refuses to admit fault, despite paying reparations and other fees as a result. Superfish allowed access to sensitive information and a root certificate, which could be used to access encrypted data on the same network. All in all, it was a rather embarrassing and dangerous scenario for Lenovo, and it comes with its fair share of consequences.

When it comes to Internet threats, ransomware is the one that causes the most fear, especially for small and medium-sized businesses, as it should. According to the Cisco 2017 Annual Cybersecurity Report, ransomware is growing at a yearly rate of 350%. It’s time to make sure that you’re doing what you can to stop your business from becoming another ransomware statistic. Here’s five very good tips that will help you avoid becoming a victim of the next big ransomware attack!

Network security is an important part of keeping both your business and your staff away from online threats, but it’s not enough to implement the best, most comprehensive solutions on the market. There are a surprising number of facets to network security, and in order to optimize protection against online threats, you’ll need to know all of them. Thankfully, you don’t have to do this alone.

Security best practices demand that a workstation should never be left unlocked. However, it can be really tempting to leave it unlocked if you only plan on stepping away for a moment--but unfortunately, that moment can easily turn into many if you are distracted from your task. Fortunately, there is now a fix that relies on the one device most of us are never without: our phones.

Everyone has a right to privacy. However, with the popularity of social networks, the Internet is a very hard place to remain a private individual. Digital communication is everywhere. Cybercrime has become a fairly regular event. This week’s tip of the week takes a glance at three websites that you can use to help enforce your right to privacy.

It doesn’t matter if you’re a small business, a large enterprise, or if you're in a rural town, or a larger city. You still have to worry about the security of your data and the integrity of your infrastructure. Thankfully, there are services out there that allow even small businesses to leverage powerful, enterprise-level tools for maximum network security. The most valuable of all is perhaps the Unified Threat Management (UTM) tool.

Putting together your workforce is something that requires painstaking attention to detail. You found workers who are willing to work as hard as possible to further your organization’s goals. Yet, you have to remember that even the most perfect employees are still human, and that they can make mistakes and can put the organization’s data at risk. User error is a common problem, and it is one of the most important things to keep in mind while you set up your information systems.

Phishing attacks have been around for decades, first being recorded in 1995 where scammers would pose as AOL employees and request a user’s billing information through instant messages. Nowadays, email phishing attempts have tricked users into handing over personal information of all kinds. There are many methods of identifying a phishing attempt, but today we’ll focus on one.