Category: Uncategorized

The Health Insurance Portability and Accountability Act (HIPAA) is in place specifically to protect sensitive information in the healthcare operation. With a complex and diverse listing of standards regarding how information can be handled, how systems should function, and how things should be done within an organization, HIPPA does do a lot to protect patient information. While most organizations stick closely to these standards, there is no real way to certify you are actually compliant.

Sadly, the inability to check compliance and the lacking aspects of HIPPA compliance can lead to a cyber-attack or major data breach. Healthcare cyber-attacks cost as much as $1.4 million in recovery, so making sure compliance is where it needs to be and considering whether more needs to be done is important.

Reasons Why HIPPA Compliance Alone May Not Be Enough

Even though HIPPA policies and standards are generated to protect private and sensitive information in the healthcare industry, the truth of the matter is, HIPPA alone does not address every security concern. It is unfortunately not uncommon for a healthcare industry manager to foolheartedly put all of their faith in HIPPA compliance and completely miss that certain security defenses are missing.

In the most basic terms, HIPPA standards are designed to provide the most basic security setup in the healthcare industry. There is nothing stating that following these minimum standards will protect your healthcare business from every single threat there is where information security is concerned. Furthermore, cybersecurity threats evolve and develop so quickly that HIPPA doesn’t catch up fast enough to make much of a difference. Pair this with the fact that many healthcare organizations already struggle to keep up with newly developing security concerns associated with cloud data storage and the Internet of Things (IoT), and you have a lot of looming risk to speak of.

Rely On More Than Just HIPPA Compliance and Amp Up Security Efforts

Of course, HIPPA compliance is important, but it never hurts to up the efforts to make sure every aspect of the digital operation is secure and safe. There are multiple areas where security must be address in a healthcare organization’s digital infrastructure according to Health IT Outcomes, including:

• Controlling access to the system in a way that yields sensitive information only to those who would need to see it within the company
• Maintaining a stable protocol that dictates how risks are identified and handled on a daily basis
• Having an excellent security plan in place that acts as a go-to guideline for proper security practices
• Maintaining assets in a way that carefully documents the existing location of all assets, data, and other components of a system
• Implementing an information security incident management plan
• Controlling the physical hardware and keeping it secure at all times
• Organizing security plans that work for all aspects of the organization

Naturally, handling HIPPA compliance is also part of what is necessary, but as you can see by this detailed list, it is only one part of ensuring network security. It is not the only process to be considered for absolute security.

Final Thoughts On HIPAA Compliance and True Security

Even though HIPPA sets forth decent standards, the process of applying these standards to put them to work within a healthcare operation can vary considerably. Furthermore, some HIPPA compliance standards only cover the basic necessities of having a secure system. Unfortunately, these two facts can leave a healthcare facility with digital security concerns they have no idea exist. It is always a better idea to take things further than even HIPPA recommends to secure the system properly with the help of an IT managed services company and make sure all aspects are covered.

Don’t let your small or medium business fall victim to ransomware. Make sure your data, network, equipment, and employees are safe from ransomware attacks.  

Watch our video below to learn all about ransomware and please feel free to share with your staff and social media networks.

October is Cyber Security Awareness Month. You may have heard about ransomware attacks on school districts, hospitals, and government organizations. Over 20 U.S. cities were targeted by ransomware attacks between January and July 2019. The cost to the city of Baltimore alone was more than $18 million between lost city revenue and repairs to the city’s computer network. Ransomware attacks on cities, schools, and hospitals are serious, but 71 percent of ransomware attacks target small and medium businesses.

According to Beazley Breach Response Services, in 2018, ransomware crooks demanded an average of more than $116,000 from over 3,300 business computer security breaches they directly tracked. Cybersecurity firm Coveware reported that the average ransomware demand to individuals and small businesses grew from $6,733 at the end of 2018 to over $12,760 in the first quarter of 2019.

How does ransomware work?

In the past, ransomware usually came in the form of unsophisticated “spam” emails that most people could recognize as hacking attacks. Hackers sent out hundreds of thousands of emails hoping to trick a few unsuspecting people into revealing their passwords and other secure information. Once installed on a business or individual computer, ransomware encrypts data and stops access to programs. The program then demands a “ransom” in the form of cryptocurrency, usually bitcoin, to restore the data and access.

Ransomware attacks are getting more sophisticated. A 2018 ransomware program, Ryuk, was developed by a North Korean group of hackers. Ryuk has been aimed at large businesses that can’t afford any downtime. The program individually maps the networks of target businesses and steals credentials in order to install the program and encryption. One business targeted by Ryuk paid over $360,000 in bitcoin to retrieve its data.

Ransomware is getting better at getting around anti-virus programs and computer firewalls. Hackers are using known applications and programs that users think are safe to get around security precautions. Expert estimates report that ransomware could cost small and medium businesses as much as $11 billion in 2020.

What can we do to combat ransomware?

• First, make sure the operating systems for your network and connected devices are up to date. The 2017 WannaCry ransomware attack targeted computers running Windows 7. WannaCry was developed from U.S. National Security Agency tools that were leaked online. According to TechCrunch, up to a million computers are still vulnerable to WannaCry because they are running Windows 7 or earlier Windows versions. Microsoft also ends its support for Windows 7 in January 2020. Ransomware and other types of hacking attacks often target older operating systems that are no longer receiving regular security updates and patches.
• Second, make sure your security software is also up to date. Check it at least once a month. A managed services provider (MSP) can help in this process.
• Third, make sure you and your employees know how to recognize potential security threats. Practice good computer habits that prevent intrusions. For example, do not click on any links or images that come from an unknown source no matter how funny or appropriate the title of an email may look at first glance. Managed services providers can help to train you and your staff on good cybersecurity habits that can prevent ransomware and other attacks.
• And finally, make sure you have a good offsite backup. Businesses that have successfully overcome ransomware attacks have strong and redundant backups for their data and programs. You may lose time, but you won’t lose all of your business data. If you’re in a field that keeps confidential client or customer information, it’s essential for your business to have secure, safe backups of data in the cloud and/or separate physical data storage.

Managed services providers (MSPs) are responsible for keeping track of ransomware threats and understanding the tricks hackers can use to take control of your computers and demand a ransom. They can help your business to prevent a ransomware attack and protect your business data and programs in the event an attack occurs. Malicious hackers have been causing damage to computers for years, but ransomware is the first major way they’ve discovered to earn a lot of money from their criminal activities. Don’t let ransomware interfere with your business operations, profits, and growth. Take our recommended steps to fight back and win against ransomware criminals.

Is your business still using Windows 7? If so, it’s time to take serious action to upgrade to Windows 10 before the service cycle ends for this popular platform.  

Very early in 2020, there’s a situation occurring that has the potential to affect thousands of businesses across the US. No, it’s not a direct cybersecurity attack from a known threat vector. Instead, it’s the end of the functional lifecycle of one of business’s most beloved operating systems: Windows 7. While some businesses have been in denial that they needed to upgrade, it’s not unusual for small to mid-size businesses to still be running Windows 7 even with the deadline looming only a few months away. For the past 10 years, Windows 7 has provided a secure and stable OS for business, but regular patches and security upgrades will no longer be released for Windows 7 past January 2020 — leaving your computers open to the dangers of cyberattacks.

Don’t Put Your Business at RIsk

Hackers have been watching Windows 7 more closely as it nears the end of its lifecycle, looking for vulnerabilities that can be quickly exploited once maintenance has expired for the platform. While Windows upgrades are delivered every few years, they have a general window of a useful lifetime of 10 years. After that period, Microsoft eliminates free support and provides only very limited paid support options for your business. It’s not unusual for businesses to skip upgrading their operating systems and still be on a Windows 7 platform. As of 2019, there are still approximately 36% of computers accessing the internet from a device running Windows 7.

Steps You Can Take to Avoid the Impending January 2020 Deadline

Depending on the size of your business and how many computers are utilizing the Windows 7 operating system, there are a variety of options for upgrade. You can install updates on individual computers manually, and there are a few options for getting access to a free upgrade version of Windows 10. Unfortunately, you might find that your computers are not quite fast enough or new enough to handle an in-place upgrade and you might need to either purchase new machines or make adjustments to your current business machines to get them ready. Windows 10 has different operating system requirements than Windows 7 or even Windows 8, and might place too heavy of a load on older machines.

Don’t wait any longer to upgrade to the latest and most stable version of Windows operating system: Windows 10. With only a few months left before the end of the full maintenance cycle, Windows 7 is quickly becoming one of the most dangerous items in your technology landscape, a problem that can be quickly rectified by working with your local trusted technology solutions provider to create an upgrade schedule. If you aren’t comfortable upgrading directly in the few months that are left to your business, there are plenty of options for short-term maintenance that your proactive IT partner can help you explore.

An IBM Security study found that 60 percent of respondents opposed local governments paying ransomware. Read on to learn more about the implications.  

Ransomware attacks are on the rise, and U.S. taxpayers are divided on the issue of who should pay the hackers to recover the data. An IBM Security study surveyed 2,200 U.S. citizens on their understanding of and willingness to fund cybercrime recovery efforts. The respondents also gave their opinion on actions taken by the government to prevent and respond to cyberattacks.

The study found that:

• 75% of the respondents were concerned about having their personal data held for ransom.
• About 80% feared the impact of ransomware attacks on U.S. cities.
• About 60% of U.S. citizens surveyed opposed their local governments using tax dollars to pay the ransom.
• 60% of respondents preferred their city use tax dollars to fund recovery efforts rather than pay ransom.
• More than 30% of taxpayers surveyed opposed paying to help emergency services, police departments and schools hit by a cyberattack. In addition, many of those willing to pay would only do so if restoration costs were less than $50,000.
• About 40% of respondents specifically opposed to providing financial assistance to police departments and public schools.
• About 90% of taxpayers surveyed supported an increase in federal funding to help local governments improve cybersecurity. In addition, more than 75% of responding citizens supported federal reimbursement to help cities already hit by cyberattacks deal with ongoing recovery efforts.

Can We Stop Cyberattacks?

While there’s no way to eliminate cybercrime completely, preparedness can drastically reduce its incidence. That starts with a collaborative effort from cybersecurity providers, local governments, businesses, and individuals.

Organizations must implement a comprehensive cybersecurity plan that includes recognizing red flags and responding to an attack. The vast majority of cities and businesses hit by attacks failed to take precautions and had no response plan. Understanding how hackers operate and what steps to take to minimize risk is crucial. Helpful precautions include:

• Choosing strong passwords consisting of lower and uppercase letters, numbers, and symbols
• Doing research before installing third-party applications
• Backing up data on an external drive or through a cloud service
• Keeping operating systems and software up to date
• Recognizing malicious phishing emails
• Using multi-factor authentication to access personal accounts

Prevention is the Best Cure

There is a widespread misunderstanding that paying a ransom will restore stolen data. Hackers often take the money without honoring their promise, leaving the victims deeper in the hole. Paying ransoms only guarantees future cyberattacks with higher demands. Even if the hacker agrees to release the data, the victims must still spend time and effort to restore each compromised device and conduct security audits. The high price of ransomware coupled with the untrustworthiness of the hackers make prevention the much better option.

As cybercriminals continue to ramp up attacks on cities and small businesses, cybersecurity is a must. By taking the proper precautions and learning how to recognize signs of malicious activity, individuals and organizations can help thwart hackers and reduce their risk of having their data held for ransom.

Mobile Devices on Your Network? Use Endpoint Security Software

Mobile devices used for telecommuting can compromise your network. To keep your sensitive data safe, use a firewall, antivirus and endpoint security software.  

In today’s mobile environment, companies that offer employees the opportunity to telecommute often gain the upper hand. But allowing workers to access your network remotely — through any number of devices and platforms — can pose security risks.

As you add laptops, smartphones and other mobile devices to your network, you also add the need for endpoint security management. Using the right software, you can identify and manage access by all the users on your network — regardless of their geographic location. To manage endpoint security effectively, you’ll need a virtual private network, specific software packages, and a way to ensure that users’ devices comply with your organizational security policies.

What steps should you take to manage the mobile devices on your network effectively, and how will your company benefit from choosing the right software?

Managing Mobile Devices

Working with telecommuting employees requires a balance between security and flexibility. Offering your team the flexibility to work from anywhere can help you attract and retain exceptional employees. At the same time, allowing open access to your systems and networks can mean significant security challenges.

Requiring your team members to log on to your systems through a virtual private network constitutes the first step in ensuring endpoint security. In addition, employees should use only mobile devices that adhere to your corporate policies — including the brands and models of devices, as well as system requirements and allowable applications.

Devices not in compliance with your policy should log on through a virtual network with limited access to your systems and proprietary information. By encrypting data and prohibiting removable storage drives, you also may avoid compromising your proprietary data.

Choosing the Right Endpoint Security Software

A reliable firewall and antivirus package should form the foundation of your endpoint security strategy. Both serve as effective tools for protecting your users while they use your network. However, they may not provide complete security in every situation. For instance, an external drive directly connected to your network can spread malware.

In addition to these vital tools, consider using endpoint security software, which provides always-on monitoring of your network.

The right endpoint security software can provide your organization with a range of benefits, including:

• Heading off problems before they impact your operation. A malware infection can place significant demands on your network resources, resulting in downtime for your business. Instead of dealing with the problems on the back end, endpoint security software catches problems early, before they have a chance to take hold.
• Protecting workers. Your IT team likely has a full workload without dealing with an intrusion into your network. By strengthening your endpoint security practices, you free up your employees to attend to other technical issues. You also keep your non-technical staff members productive and serving customers.
• Saving money. A major breach of your system can annoy — or significantly harm — your customers, resulting in increased customer service requirements and even lost accounts. The damage to your reputation can last well beyond a breach incident.

Should You Buy a Copier or Lease It?

Trying to decide whether to lease a copier or buy a copier? Find out the pros and cons. See when buying or leasing may be the best option for your business.  

No single piece of equipment in the office takes more of a beating than the floor-standing copier.

Day in and day out it endures transitions between high heat and frigid office temps, paper jam tug-of-war, lid slamming and endless pieces of paper traveling at lightning speed across its rollers. All of this demanding work takes a toll on the device, giving it an average lifespan of just five years in a busy office.

Eventually, you’ll find yourself needing to find a replacement and the question arises: should you lease or buy a copier? There’s no one-size-fits-all answer to that question. These pros and cons will help you make the right choice for you and your business.

Why Buy a Copier?

When you’re playing the long game, buying a copier is usually the less expensive option–when it comes to the cost of the copier. You’ll avoid finance charges and other fees. You’ll also avoid a hard credit check, which may impact your credit score. If you’re a smaller or growing business, you like to keep your credit as clean as possible.

And even if you did have to put it on credit, the printer is yours after you finish paying for it. Some high-quality floor copiers can last up to 10 years, especially if you’re not a high-volume office. So that may be a very good deal.

Okay. So it sounds like buying is the way to go. But wait! There are some cons to consider.

When Buying a Copier Isn’t Your Best Option

Since the dawn of time, technology has never stood still. And the rate of change is only getting faster. A bought printer may have everything you need today. But no one really knows what businesses may need in 10 years. That could put you at a competitive disadvantage against newer companies in the future with the latest technology.

If you needed to resell that printer because you weren’t using it like you thought or needed to free up cash, you might recoup 50% if you sold it immediately, but in 5 years, it would probably cost more for someone to move it than they’d pay for the copier.

Not unlike a car, it’s not going to hold its value.

If your rainy day fund is tapped out and you’d have to put buying a copier on credit, interest charges may make the copier cost a lot more than you think you’re saving by buying over leasing a copier.

Finally, an aging printer will also begin to require more maintenance to keep it running smoothly. And you might find yourself feeling like you have to keep it past its prime to get your money’s worth. That may cost you in employee productivity and lost wages.

Why Lease a Copier?

Leasing a copier does make sense if you need to have clear terms from month-to-month. You know upfront how much you pay each month and for how long. That’s often easier on the budget. If cash flow is tight and you’d have to finance a bought printer anyway, leasing may actually end up saving you money.

When your term ends, you’re not stuck with a printer that may now be outdated or breaking down. You can upgrade when you renew your lease. Or, depending on the lease terms, you may be able to buy the copier at the end of the lease for a minimal cost if it’s still working for you.

A newer copier needs less maintenance and functions more efficiently, increasing workplace productivity and reducing worker frustration around inadequate technology. If the leased copier needs maintenance or stops working entirely, that’s likely the responsibility of the leasing company.

That’s not an emergency expense you have to worry about.

When Leasing a Copier Isn’t Your Best Option

You will pay more for the leased copier than you otherwise would. Those pros of leasing listed above come at a price. It’s important to realize that those are what you’re paying for, not just the copier. In a way leasing is another way to manage risk. Not unlike buying insurance, you’re paying the leasing company to take on what would otherwise be your risk.

Every business has a certain amount of risk they’re comfortable managing and planning for. Leasing a copier may not make sense for you if you’re in a position where you can effectively manage more risk. That copier may last you 15 years or five. You just don’t know because lifespan is so strongly affected by how your office uses it.

Ultimately, deciding whether to lease or buy a copier is a very company-specific decision. So weigh these pros and cons and you’ll make the right choice for your business.

FaceApp, the AI-powered photo editing app, went viral for quite a while until various experts expressed concerns about cybersecurity. In light of these concerns, we’ve put together a quick factsheet on mobile applications and cybersecurity.

Here are a few tried and true ways to protect yourself:

• Download applications from trusted sources only and do your research before hitting install.
• Keep your mobile phone’s operating system up-to-date at all times with the latest upgrades and patches.
• Take a look at the application’s permissions and privacy policy before you decide to download.
• Check out reviews online for each application you download to make sure there are no noted issues.
• Update applications you’re using on a regular basis and delete those you’re not using anymore.
• Look for warning signs, such as excessive permissions, pop-up ads, and in-app purchases.

As a last note for parents, make sure you’re checking what your children are downloading, or better yet, make sure they can’t download anything without your permission!

Automate Email Replies in Four Ways to Share Information Better

Learn how to use four powerful tools to automate Microsoft Outlook email responses, including Automatic Replies, Quick Parts, Signatures and Templates  

Managing email responses, especially if you are a busy executive looking to keep in touch with clients, colleagues, investors and partners.

Watch the video below or click here to view on YouTube.

 

With Microsoft Outlook, you have multiple opportunities to automate your email responses. Here’s a look at four of the most effective ways to automate your email responses.

How Can I Use Templates to Automate Email Responses?

Templates are a simple way to create automated messages.

You can start with templates by creating a new message or replying to one.

On the ribbon, click on the View Templates button. This will bring up a new window with a section called My Templates, with a few common responses listed.

You can edit or remove these templates or create your own. For each template, you can give it a title and in the text box enter in any standardized response you choose, including copying and pasting from other documents.

Once you have your templates selected, you can add them to a new email or response quickly and edit them within the body of the message. For frequent phrasing and responses, the templates option helps to accelerate your communication.

The advantage of templates is that they are very easy to use, edit, update and delete. The downside is that they are very basic and include no formatting options within the template itself.

How Can Signatures Be Automated?

Preset signatures can help create various messages for different situations. In most cases, a default signature will be applied to all your outgoing messages. These signatures typically contain the following:

• Full name
• Title
• Phone numbers
• Website
• Social media links

Often these signatures are standardized throughout an organization or division, and often contain specific marketing or legal language.

Signatures are highly formattable and can contain graphics or photos to convey further messages.

You can use signatures to be more productive and create messaging that varies based on the email recipient or whether the email is for business or personal reasons.

To create, modify or delete signatures, there are several ways to proceed. If you’re in a new message, go to the Message tab and click on the Signature button. This will bring up any existing signatures already in your account. To create a new one, click on the Signatures … selection at the bottom of the menu.

Another way to access the Signatures functionality is to use the File menu, clicking on Options, then Mail then Signatures.

No matter which option you choose, you’ll reach a new screen where you can select an existing signature to edit, rename or delete, or create a new signature. In the bottom box, you can:

• Add text and images
• Adjust the font and size
• Insert hyperlinks
• Set the signature’s alignment

Signatures are listed alphabetically, so naming conventions are important, especially for employees managing emails for other people or corporate accounts.

The top right section of the Signatures screen allows you to choose the email account to use and the default signature to use for new messages and replies or forwards.

Signatures have additional functionality. For messages that are sent repeatedly, the Signatures tool helps automate communication. The signature box can be used to include copy that is used for regular messages — a much faster option than saving text to a draft message or copying and pasting from a Word document. You can create multiple response signatures for typical inquiries.

What Are Quick Parts?

Quick Parts, formerly known as Building Blocks and Auto Text, helps you copy and save repeated boilerplate text blocks that can be inserted into an email. This is helpful for messages that include requests for information or other repetitive content.

To create a new Quick Part, reply to a message or create a new one. Type new text or highlight and copy existing text that you want to retain. Formatting will remain. In the ribbon, under the Text group, click on the Quick Parts button. This action brings up a list of existing Quick Parts, sorted by category, and allows you to create a new entry. A new window appears, where you can create a name, gallery category and description for the entry. (You can create new categories from this screen, too.)

Finally, you can determine in what email template you want the Quick Part available and some options for insertion.

Once saved, the Quick Part is now available for use. Create a new message, click on the Insert button and then the Quick Parts option to see a list of options for you to insert.

Quick Parts has several advantages. It allows for the inclusion of long entries with retained formatting for text and graphics. It also allows you to add multiple Quick Parts to the same message.

Right-clicking on any of the Quick Parts pops open options for where to insert the quick part, edit its properties or organize your available items. Quick Parts can also be inserted into Calendar entries or Tasks.

How Do Automatic Replies Work?

Automatic Replies are a standard staple in most offices. It’s an excellent time-management tool that quickly lets those within and outside your organization know your status.

To use Automatic Replies, you’ll need to be using an Outlook version that includes Microsoft Exchange server account or Exchange Online through Office 365. Standalone versions of Outlook do not support this feature.

Access Automatic Replies by going to the File tab and choosing Automatic Replies (Out of Office) from the Info tab. Select the Send automatic replies button and if you prefer, enter the dates and times you want the feature to be used in response to incoming messages.

The window defaults to the message you want sent inside your organization. You can add the text you need and apply basic formatting (font, size, effect, bullets or numeration, and indentation.

Remember to review the content so you don’t use an old message.

You can also opt to have a different message for those outside the organization. You can cut and paste between the two audience windows to create customized communications options.

The basic information to include in an Automatic Reply message is:

• The length of your absence
• When you will return
• Who to contact for urgent matters

The Automatic Reply message is also a great way to share other information, such as social media links, news or other high-value content.

You can also set rules regarding your messages, such as whether to alert or copy a coworker regarding messages from specific senders or to reply with a specific template.

Once turned on, you’ll see a message bar in yellow at the top of your Inbox reminding you that Automatic Replies are turned on, along with an option for turning them off.

Automation is a powerful way to save time, deliver important messages and improve communication in your email responses. Using the four featured solutions here, either independently or together, can keep projects moving and share information.

Watch Your Google Docs: Program Being Used to Disseminate TrickBot Malware

Beware of any Google Doc emails you receive. Cyber attackers are using the word processing program for a phishing scam that disseminates TrickBot malware.  

Take extra caution if you receive a Google Docs document sharing email in the near future — it may be a phishing email.

Cofense, a computer and network security company that specializes in phishing scams and data protection, has recently revealed a new cyberattack, which uses Google Docs as its “Trojan horse.”

The scam plays out like this:

1. A user receives a Google Docs document sharing email. The document looks legitimate, and indeed, it is legitimate. Google Docs generates such emails when one user wants to share a Google Docs file with another user.

The text in the email states:

“Have you already received documentation I’ve directed you recently? I am sending them over again.”

2. The email also receives a new button (added by the attackers), which says “Open in Docs.” This button, when clicked on, redirects the user to a new Google Docs landing page.

3. Once the user has arrived on the landing page, they’ll see an error message. This message is fake and says “404 error.”

The idea is to get the user to believe that there was an initial error with the document download and to have them click on a malicious download link — one created by the attackers.

4. The user will click on this link, which is actually the payload of the malware. It’s the malicious software, which will corrupt the computer once downloaded.

The download link appears to be legitimate. In fact, it looks like a PDF document and even has an extension of “.pdf” like a legitimate file. The attackers engineered this extension by taking advantage of the fact that known file type extensions are hidden in Windows (as a default measure). Furthermore, they use a PDF icon as the malware program’s icon, even though the program is not a PDF at all.

5. Once the file has been clicked on and downloaded, the malicious software will begin doing its dirty work on the target’s computer. In this case, the malware is called TrickBot, and it’s an extremely popular and dangerous banking Trojan.

As soon as its executed, TrickBot gets to work and continues being highly active at corrupting its host device. It will begin to copy itself repeatedly onto the device — once every 11 minutes for 414 days. If allowed to run, it will also begin launching an increasing number of Svchost processes.

What Is TrickBot?

TrickBot is a type of malicious software and also goes by the name of TheTrick, TrickLoader, and Trickster.

Discovered in October of 2016, TrickBot is ever-evolving. It has been updated and upgraded continually over the past several years and continues to be a menace used in phishing scams.

TrickBot was originally a type of banking Trojan, and it still is, but it now also has the ability to drop additional malware wherever it lands. As a type of banking Trojan, the main goal of TrickBot has been to obtain sensitive financial information from host devices.

Basically, anything sensitive would be sucked up by TrickBot and delivered back to the source who disseminated it. When TrickBot is on your devices, it can obtain things such as login information for the financial institutions you visit online and drop additional malware such as the equally popular Emotet.

TrickBot can even drop ransomware onto a device. If this occurs, sensitive data and system access may be locked up and/or blocked off. A message will be sent to the device user that their data and/or system access is being held for ransom. Unless the user pays a large sum of money, their data will be lost forever.

How Can You Avoid Falling Victim to This Google Docs Phishing Scam and Others?

Phishing scams remain the chief way that cyber attackers corrupt files, filch information, and steal finances. A phishing scam almost always comes in the form of an email (although such scams can also be operated over the phone).

The goal of a phishing email is to first get the recipient to believe it is legitimate. Therefore, it will be appear to be from a source such as Google Docs, a bank, the IRS, or even a co-worker. The next step is to get the recipient to click on a link, download an attachment, or take another such action, which will inevitably lead to the launch of malicious software.

The best way to protect yourself and your company from phishing scams is to have the appropriate security software and hardware measures in place. Additionally, all employees must be continually educated on how to avoid falling victim to a phishing scam and on trending phishing attacks.

What to Do Now That Support for Windows 7 Is Ending

In just a few short months, support for Windows 7 will come to an end. Is your business ready?

If your business is currently operating Windows 7, it’s time to switch to Windows 10. Microsoft will be ending technical support for Windows 7 in January 2020.

 

An enormous number of businesses throughout the United States use Windows operating systems to run their companies. In fact, Windows famously runs the majority of the world’s entire population of computers — including those used in business and personal computers (PCs).

Each of these Windows computers has its own version of Windows’ operating system (OS). Right now, the most popular operating systems are Windows 7 and Windows 10. Windows 7 was originally released ten years ago in 2009, and Windows 10 was released in 2015.

Now, Microsoft is phasing out its support for Windows 7. According to the company, this was always the plan:

“Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences.”

So, when will this change take place?

According to the company, “The specific end of support day for Windows 7 will be January 14, 2020.”

They go on to say: “Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.”

What Does the End of Windows 7 Support Mean for Your Business?

First off, it’s important to note that this change is definitely a big deal.

While the initial reaction of some companies and individuals may be that “end of support” doesn’t really matter, this assumption would be rather reckless. If you fail to update to Windows 10, Microsoft’s imminent cessation of support for Windows 7 has the possibility of causing your business huge problems. Specifically, the end of Windows 7 support means that Microsoft will no longer be providing any type of technical support and absolutely no software or security updates or fixes to this operating system.

As a result, if you run into a major technical problem with a computer running Windows 7 after the end-of-service date (January 14, 2020) or if your security is breached, you’ll get no assistance from Microsoft.

While this realization is shocking (and possibly rather annoying) for many, Microsoft has been warning users about the impending change for a long time. If you have Windows 7, you should have been receiving consistent advisories to this effect. Additionally, if you work with an IT service provider, they have likely been alerting you of the future change as well.

Security Issues With Microsoft 7 Moving Forward

One of the biggest reasons to update to Windows 10 is to ensure your company’s security in the face of possible cyberattacks.

When Microsoft says they’ll no longer be providing Windows 7 support, one of the things they’ll no longer be doing is providing security updates. Normally, Microsoft tracks security issues closely. When a specific cyberattack trend or weakness in their system becomes obvious, they release an update to fix the problem or better fend off would-be attackers.

On January 14, 2020, this will stop.

Unfortunately, cyber criminals are gleefully anticipating this date. They will take full advantage of the security gaps left in Windows 7 operating systems if they can. Those who fail to leave Windows 7 and move to Windows 10 will, of course, be the targets.

Have Questions About the Switch to Windows 10?

To be sure, Windows 10 promises to provide many useful updates and upgrades for Microsoft users. At the same time, the transition from Windows 7 to Windows 10 will certainly bring inevitable challenges. You and your employees will be forced to change some of your habits, and certain features you’re used to may become obsolete or have new properties.

If you haven’t already, now is the time to update your business’s software to Windows 10. Doing so sooner rather than later will allow for the fewest number of complications.

If you have questions or concerns about making a smoother transition from Windows 7 to Windows 10, speak to your IT service provider as soon as possible. There are steps you can take to make this transition less of a trial for yourself and your employees.