Core Information Technologies Ltd.

Managed IT Services

Core IT’s Blog

A “Free” Covid Vaccine can give you a virus (and infect your IT network)

· ·

A “Free” Covid Vaccine can give you a virus (and infect your IT network)

With the pandemic still raging in most parts of the world, cybercriminals have come up with yet another novel technique to lure unsuspecting victims and steal their data–the free Covid-19Vaccine scam. This is how it typically works.

You get an email or a text message that says you are eligible to receive the vaccine for Covid-19 free of cost. The message will have a link which will take you to a form, where you may be asked for your personal information. Once you fill that in and hit submit, cybercriminals have access to your PII (Personally identifiable information) and can virtually wreck havoc now.

There have been some variations of this message, one being a rebate offer, where you are asked to “book” or “preorder” your vaccine by paying for it online, with a promise of credit/rebate/refund in a week. Not only will your card be charged for the “cost of the vaccine”, your card details may also be stolen using secret key loggers, and the damage to your credit may be much more than the amount you were actually billed for.

Why should you be wary of this, as a business?

So, if the scam seems to target individuals, why is it important for businesses to be aware of this? Well, for the simple reason that you need to alert your employees to this. With the pandemic having almost completely changed the typical office set up and more and more people working remotely, using their own devices for work purposes, there’s a chance that an employee who falls for the vaccine scam may end up compromising your company’s data unknowingly. If a cybercriminal gets access to their device, chances are high that they will most likely have a gateway to your IT network and subsequently, your data.

What can you do?

Data safety is not just about getting the best antivirus software, it is also about people who have access to your data. Apart from installing anti-malware software programs and firewalls, educate your employees about the COVID-19 vaccine scams that are in play. Help them identify phishing scams and conduct mock drills and tests to assess their understanding of the concept.

No time to do all this by yourself? Core IT is an experienced Managed service provider with extensive experience in cybersecurity. We can help you keep your data safe by deploying the latest technology and also by training your employees to identify hacking and phishing attempts BEFORE they become a victim.

Are your data security measures strong enough?

· ·

Are your data security measures strong enough?

Let me start this blog by asking you a question. How did your business respond to the security threats brought on by the COVID-19 pandemic? The reason we are discussing this is because a recent survey conducted by Password Keeper and Ponemon Institute revealed that during the 2020 Coronavirus pandemic, the effectiveness of organizations’ IT posture in terms of cybersecurity dipped by almost 30%.

One of the main reasons for the compromise in IT security was the hurried transition of so many businesses to the remote work model. Working from home often meant the staff were using their personal computers to access work data, sometimes, even on shared WiFi networks without the latest software updates, security patches and firewalls–all invitations to cybercriminals. But, the research also pointed out that almost 50% of the respondents were also concerned about the physical safety of their data. When employees work from home, business data is stored on their personal devices. This includes personal laptops, desktops, thumb drives, external hard disks and sometimes, even smartphones and tablets. Ensuring the data stored in such a manner is not lost, stolen or inadvertently made public is a huge challenge. The cloud can help resolve this challenge to some extent. By migrating your data to the cloud you get a range of benefits such as

  • It is easily accessible-from anywhere, anytime using an internet enabled tablet, computer or even a smartphone
  • The cloud service provider offers multiple layers of security to keep your data safe from prying eyes
  • There is no chance of losing data due to misplaced thumb drives or computer hard disk crashes

An MSP offering cloud services will be able to assist you in making the transition from physical data storage to the cloud smoothly. They can also address cybersecurity concerns and offer solutions. However, migrating to the cloud alone is not the solution to all data security issues. You will still need to train your staff on how to identify and avoid malware attacks, phishing scams and to practice basic password hygiene and data security best practices.

A “Free” Covid Vaccine can give you a virus (and infect your IT network)

· ·

A “Free” Covid Vaccine can give you a virus (and infect your IT network)

With the pandemic still raging in most parts of the world, cybercriminals have come up with yet another novel technique to lure unsuspecting victims and steal their data–the free Covid-19Vaccine scam. This is how it typically works.

You get an email or a text message that says you are eligible to receive the vaccine for Covid-19 free of cost. The message will have a link which will take you to a form, where you may be asked for your personal information. Once you fill that in and hit submit, cybercriminals have access to your PII (Personally identifiable information) and can virtually wreck havoc now.

There have been some variations of this message, one being a rebate offer, where you are asked to “book” or “preorder” your vaccine by paying for it online, with a promise of credit/rebate/refund in a week. Not only will your card be charged for the “cost of the vaccine”, your card details may also be stolen using secret key loggers, and the damage to your credit may be much more than the amount you were actually billed for.

Why should you be wary of this, as a business?

So, if the scam seems to target individuals, why is it important for businesses to be aware of this? Well, for the simple reason that you need to alert your employees to this. With the pandemic having almost completely changed the typical office set up and more and more people working remotely, using their own devices for work purposes, there’s a chance that an employee who falls for the vaccine scam may end up compromising your company’s data unknowingly. If a cybercriminal gets access to their device, chances are high that they will most likely have a gateway to your IT network and subsequently, your data.

What can you do?

Data safety is not just about getting the best antivirus software, it is also about people who have access to your data. Apart from installing anti-malware software programs and firewalls, educate your employees about the COVID-19 vaccine scams that are in play. Help them identify phishing scams and conduct mock drills and tests to assess their understanding of the concept.

No time to do all this by yourself? Core IT is an experienced Managed service provider with extensive experience in cybersecurity. We can help you keep your data safe by deploying the latest technology and also by training your employees to identify hacking and phishing attempts BEFORE they become a victim.

Are your data security measures strong enough?

· ·

Are your data security measures strong enough?

Let me start this blog by asking you a question. How did your business respond to the security threats brought on by the COVID-19 pandemic? The reason we are discussing this is because a recent survey conducted by Password Keeper and Ponemon Institute revealed that during the 2020 Coronavirus pandemic, the effectiveness of organizations’ IT posture in terms of cybersecurity dipped by almost 30%.

One of the main reasons for the compromise in IT security was the hurried transition of so many businesses to the remote work model. Working from home often meant the staff were using their personal computers to access work data, sometimes, even on shared WiFi networks without the latest software updates, security patches and firewalls–all invitations to cybercriminals. But, the research also pointed out that almost 50% of the respondents were also concerned about the physical safety of their data. When employees work from home, business data is stored on their personal devices. This includes personal laptops, desktops, thumb drives, external hard disks and sometimes, even smartphones and tablets. Ensuring the data stored in such a manner is not lost, stolen or inadvertently made public is a huge challenge. The cloud can help resolve this challenge to some extent. By migrating your data to the cloud you get a range of benefits such as

  • It is easily accessible-from anywhere, anytime using an internet enabled tablet, computer or even a smartphone
  • The cloud service provider offers multiple layers of security to keep your data safe from prying eyes
  • There is no chance of losing data due to misplaced thumb drives or computer hard disk crashes

An MSP offering cloud services will be able to assist you in making the transition from physical data storage to the cloud smoothly. They can also address cybersecurity concerns and offer solutions. However, migrating to the cloud alone is not the solution to all data security issues. You will still need to train your staff on how to identify and avoid malware attacks, phishing scams and to practice basic password hygiene and data security best practices.

Cyber Security training basics: Password best practices

· ·

Cyber Security training basics: Password best practices & phishing identification

As a business you know the importance of ensuring that your data is safe from the prying eyes of cyber criminals. While anti malware software programs and firewalls are essential to doing this, another important element is, training your employees to identify the traps laid by cyber criminals. This blog offers a list of what you should cover in cybersecurity awareness training.

Password best practices

This should be number one on your list. The easiest way to steal your data is by stealing your password. Hence you should educate your employees on password best practices. They should know

  • Not to share passwords
  • How to share passwords safely (if at all it has to be done)
  • How to set strong passwords
  • The importance of changing passwords often
  • Your organization’s rules regarding passwords, i.e. your password policy and associated penalties/actions that will be taken if they fail to adhere to it

You could also invest in a password tool as it will help you enforce your password policy better.

Phishing

Train your employees to identify phishing attempts. Phishing is when cyber criminals pose as someone trustworthy and attempt to steal data. Studies show that the number one reason businesses become victims of cybercrime is because their employees fail to recognize a phishing attempt. For example an email may be disguised to look as though it came from a coworker or vendor, or even a government agency such as the IRS, and may contain a request for sensitive information. Some may have attachments that the receiver may open unknowingly and end up infecting the whole network with malware. Though anti-malware software programs generally identify such communication and either mark them as spam or issue warnings when the receiver tries to open them or download the attachment, training your employees to recognize phishing attempts is very important, because even a single email that slips through the crack can result in a huge disaster.

Remember this is not a one-time thing. Cybercriminals are always at work devising new strategies to steal your data. You need to train new employees as they join your organization and update your existing employees with any new cybercrime modus operandi. You can offload this task to an experienced managed service provider who specializes in cyber security. Being a part of the industry, they would generally be up-to-date with the latest risks and advise you and your team accordingly.