andy borjaSocial Media

College-Age Kids Are A Prime Target For Cybercriminals – Make Sure Your Students Are Safe At School 

College has changed since many of us were students. Years ago, we’d be shuffling from class to class, holding a single notebook and a pencil for scribbling down notes. There wasn’t as big a risk of photos or data being stolen online. 

That’s no longer the case. Students today have at least one – usually two or three – devices readily available. The scary part is, most college-age students think of themselves as tech-savvy “digital natives”; however, a study by Atlas VPN showed that Gen-Zers and millennials are the age groups most likely to fall for phishing scams. 

In fact, according to the National Cybersecurity Alliance, 20% of Gen-Zers have had their identity stolen at least once. 

Here are just a few of the terrifying ways cybercriminals attack this young crowd: 

  • Unpaid tuition notifications – scammers will send fake e-mails to students claiming they owe a certain amount of money or it’ll affect their enrollment.
     
  • Fake financial aid, grant or scholarship websites that, when clicked, either steal their information or install malware on their computer.
     
  • Fake Wi-Fi accounts set up by hackers in public places to steal passwords and private data when their device connects.
     
  • Social media scams used to gather private information to either hack accounts or set up new ones.
  • Hacking phones or social media accounts to steal photos and blackmail students into payment so they don’t release them publicly. 

Sadly, the list goes on and on! 

How can kids raised on technology fall for so many scams? Here are just a few of the big reasons why: 

  • Hackers know most students aren’t properly educated on cyberthreats because they’ve always worked on computers that were secured by the school or their parents
  • They grew up using social media and feel comfortable divulging private information about themselves (that thieves can harvest and later use to initiate an attack).
  • This is a big one – they have no or very little credit, giving cyberscammers a smoother path to opening accounts in their name.
  • They have multiple connected devices like phones, laptops, tablets and watches that give criminals more avenues to attack. 
  • College kids are distracted. They’re focused on school and making friends, and NOT cyber security, making it easy to let a cybercriminal slip by undetected until it’s too late. 

  

What can you do? 

We have robust cyber security solutions and 24-hour monitoring to protect the businesses that we work with and can even recommend at-home security software, but what about when your kids go off to school, away from your watchful eye? 

You certainly can’t pack up and camp out at college to make sure they’re following cyber security best practices. But you can make sure they know what to look out for and give them the tools and resources to stay as safe as possible. 

Here are 14 actions your child can take to prevent being a victim of cybercrime when they’re off at college: 

  1. Invest in strong, trusted virus and spyware protection and run scans once a week.
  2. Never click “Remind Me Tomorrow” when a phone or computer wants to update. Turn on automatic updates when possible.
  3. Keep all browsers, extensions and operating systems updated.
  4. Back up the computer to the cloud regularly to avoid losing data if there is an attack.
  5. Do not visit or enter credit card information on websites that aren’t secure (HTTPS:// only!).
  6. Don’t connect to public Wi-Fi. Use a personal hotspot or VPN when on the go.
  7. Beware of phishing scams. Do not click links or open attachments in e-mails, especially from unknown senders. Google websites and search instead of clicking links.
  8. Use strong, unique passwords and use a password manager.
  9. Regularly delete cookies. These can create “loopholes” for hackers to get into a network.
  10. Only install software and apps from trusted sources.
  11. Use multifactor authentication.
  12. Lock all devices and don’t share passwords, even with your new best friend.
  13. Cover all webcams – there are stickers for purchase online, but tape and paper will work.
  14. Register devices with the school in the event they are stolen. 

Run through this list with your children! When students leave for college, cyber security is not a priority for them, but unfortunately, if they’re targeted it could negatively impact their lives at a time when they’re just getting started. 

Cyber security takes just a few minutes of conscious effort but is a critical lesson to learn in this age when nearly everything we do involves technology. The risks of cybercrime will only continue to grow. 

If your organization could benefit from cyber security training similar to this but more in-depth for employees, so they know the risks and best practices of cyber security, we can help. Start with a completely FREE Cybersecurity Risk Assessment by clicking here.

andy borjaSocial Media

Scammers Are Using These 10 Popular Brands To Trick You Into Revealing Your Private Data 

Cybercriminals know the easiest way to sneak under your radar is to pretend to be a brand you know and trust. These large companies have spent years on marketing, customer service, branding and consistency to build a trustworthy reputation, and hackers leverage this to go after you. 

 The most common method is to use phishing attacks. These thieves set up URLs that look scarily similar to the real company’s website. To slip by your watchful eye, here are some of the simple switches hackers make that can go unnoticed: 

  1. Switching out a zero for the letter “O” or a capital “i” for a lowercase “L.” If you’re quickly reading an e-mail, it might look legit.
  2. Adding in a word that seems like it could be a subdomain of the real company, like “info@googleservice.com.”
  3. Using a different domain extension, like “info@google.io.” 

Some criminals will take it a step further and set up a web page that looks identical to that of the real website. When you click the link – via e-mail, SMS or even through social media – several dangerous results can occur. 

The first is that malware can be installed on your computer. Clicking a bad link can set off an automatic malware download that contains malicious files with the ability to collect personally identifiable information from your device, like usernames, credit card or bank account numbers and more. 

The second is the fake website will have a form to harvest your information. This could be login credentials, passwords and, in some cases, your credit or bank information. 

The third most common issue is an open redirect. The link might look legit, but when you click on it, you’re redirected to a malicious website where the intent is to steal your information. 

What brand impersonations do you need to look out for? Well, all of them, but according to Check Point’s latest Brand Phishing Report, there are 10 companies that top the chart in overall appearance in brand phishing attempts. 

Here Are The Top 10 Most Frequently Impersonated Brands In Phishing Attempts In Q2 Of 2023: 

  1. Microsoft (29%) 
  2. Google (19.5%) 
  3. Apple (5.2%) 
  4. Wells Fargo (4.2%) 
  5. Amazon (4%) 
  6. Walmart (3.9%) 
  7. Roblox (3.8%) 
  8. LinkedIn (3%) 
  9. Home Depot (2.5%) 
  10. Facebook (2.1%) 

Take a minute and ask yourself how many of the companies on this list send you regular e-mail communications. Even just one puts you at risk. 

Cybercriminals go the full mile with these scams. They know what types of messages work best for each company to get your attention. 

Here are three common phishing attacks cybercriminals have used under these brands’ good names to gain access to your private information. 

  1. Unusual Activity – These types of e-mails will suggest that someone gained access to your account and you need to change your password quickly. They leverage fear so people will click without thinking, hurrying to change their password before they’re a victim of the attack.They usually have buttons that say, “Review Recent Activity” or “Click Here To Change Your Password.”

    These e-mails can go as far as to show fake login information detailing the region, IP address, time of sign-in and more, like real messages from the companies do to convince you to click.
      

  2. Fake Gift Cards – These e-mails suggest that someone sent you an e-gift card. When you open the e-mail, they either redirect you to a website to “claim your gift card” or have a button to “redeem now.”
     
  3. Account Verification Required – These e-mails suggest that your account has been disconnected, and they need you to verify your information. As soon as you enter your login credentials, the hacker has access.

These scams are happening every single day. You’re a target, but so are the unsuspecting employees in your company. Without proper training, they might not know what to look for, panic and try to resolve these “issues” under the radar, ultimately causing the problem. 

There are multiple steps to making sure your network is secure. One would be getting e-mail monitoring to help reduce the likelihood of these phishing e-mails ending up in your inbox. It’s also important to make sure employees know what to look for so that if an e-mail does get by the phishing detection system, they can still keep your company safe. 

The best thing to do is to start here with your FREE Cybersecurity Risk Assessment. We’ll evaluate your network and provide a full report on areas where you are vulnerable and what to do to fix them. There’s no obligation, but you should know where you’re at risk. Click here to schedule your assessment now. 

Were you notified about this?
andy borjaSocial Media

This HUGE And Recent Data Breach Practically Guarantees YOUR Personal Information Was Stolen 

Back in May, the company MOVEit, a file transfer platform made by Progress Software, was compromised by a Russian ransomware operation called Cl0p. They used a vulnerability in Progress’s software that was unknown to exist at the time. Shortly after the attack was noticed, a patch was issued. However, some users continued to be attacked because they didn’t install it.  

The software is used by thousands of governments and financial institutions and hundreds of other public and private companies from around the world, and it’s been estimated that at least 455 organizations and over 23 MILLION individuals who were customers of MOVEit have had their information stolen. 

Some of the organizations compromised include: 

  • The US Department of Energy 
  • New York City Department of Education 
  • UCLA 
  • Shell 
  • Ernst & Young 
  • Northwest Mutual 
  • Pacific Premier Bank 
  • TransAmerica Life Insurance  
  • Honeywell 
  • Bristol Myers Squibb 
  • Gen/Norton LifeLock 
  • Radisson Hotel 
  • BBC 
  • British Airways 

The majority of those organizations (73%) are based in the US, while the rest are international, with the most heavily impacted sectors being finance, professional services and educational institutions. 

Cl0p is a type of ransomware that has been used in cyber-attacks since 2019. Data stolen is published to a site on the dark web – a section of the worldwide web where cybercriminals sell and trade information without having to reveal themselves. The ransomware and website have been linked to FIN11, a financially motivated cybercrime operation that has been connected to both Russia and Ukraine and is believed to be part of a larger umbrella operation known as TA505. 

What makes this attack so terrible is that many of the organizations compromised provide services to many other companies and government entities, which means it’s very likely their customers, patients, taxpayers and students were compromised by association. And yes, you’re probably one of them.  

The big question is, were you notified? 

For some reason, this breach didn’t make mainstream headlines, but when a company is compromised, they are obligated to tell you if your data was stolen. This can come in the form of an e-mail or snail mail letter. However, due to spam filters, e-mail delivery is clearly not a reliable way to ensure an important message is received, and organizing a letter for over 36 million people can take time. 

If you use the software, you need to ensure that all your passwords and PINs are changed ASAP and you must be on the lookout for any strange activity. Don’t use the same passwords and make sure they are at least 12 characters long, using uppercase and lowercase letters, as well as special characters and numbers.  

You should also ensure that MFA, or multi-factor authentication, is turned on for all critical software applications and websites you use, such as Microsoft Office, QuickBooks, banking and payroll software, your credit card processor, etc. 

Want to know if your company’s information is on the dark web? Click here to request a free Dark Web Vulnerability Scan for your organization (sorry, we don’t offer this for individuals). Simply let us know your domain name and we’ll conduct the search for free and contact you to discuss what was found via a confidential review (NOT via e-mail). Questions? Call us local at 480-464-0202 or toll-free 1-800 984-5204.

7 Quick Fixes For Slow Home Wifi
andy borjaUncategorized

7 Quick Fixes To Fix SLOW Home Wi-Fi 

Nothing is more aggravating than attempting to watch a video or use your PC when the Internet is operating slower than molasses flowing uphill in winter.  

For our clients, we have many solutions to make your Internet connection faster, more reliable and secure. But what about at your home? Spotty, unreliable Wi-Fi is almost certain to happen at the most inconvenient time, like when you’re about to watch a great movie on a Friday night. 

Here are our top 7 fixes for slow home WiFi signals. 

Step 1: Make sure your Internet Service Provider (ISP) isn’t having issues. Most ISPs will have outages published on their website using your phone’s mobile network instead of your home Wi-Fi. If there are no outages or known problems, you can move on to the next steps. 

Side Note: If you haven’t talked to your ISP in over a year, you should call and see if they have new plans that will give you more bandwidth for less money. You might also shop other providers to see if they have recently upgraded their network and can offer better, faster service than your current ISP. 

Step 2: Update your router, especially if you haven’t done so in the last 2 to 3 months. This will not only reset your router with the latest (and fastest) connection speeds but also ensure you’re up-to-date with security patches and other preventative programs. You might just reboot it as well, powering it off and on again. Sometimes that’s enough to fix the problem.  

I would also suggest you get a new router if yours is over 3 years old. Aim for one with Wi-Fi 6 and dual or triple band capabilities, which allows your router to connect with multiple devices without sacrificing any speed or bandwidth.  

Step 3: Change the channel. Download the app Network Analyzer to help find the most appropriate channel for your connection. If you’re using the 2.4 GHz frequency, change to another less “noisy” channel. How you do this depends on the brand and model of your router, so refer to your router’s manufacturer for details.  

Step 4: Upgrade to a mesh Wi-Fi router. When too many devices connect, Internet speeds decline. One option is to get a mesh router like Google Mesh routers, NETGEAR’s Nighthawk Mesh, or eero Mesh from Amazon.  Unlike a traditional router which broadcasts it’s signal from a single device, a mesh router emits a signal from multiple units strategically placed around your home.  In smaller homes, upgrading to a single, more expensive router like a Nighthawk could help.  

Step 5: Turn on QoS, or Quality of Service. This is a router feature that lets you prioritize traffic and apps, such as Zoom or gaming programs. Essentially, your router will prioritize certain uses over others. Of course, how this is done varies by router, so you’ll have to check your router’s manual for details.  

Step 6: Check that you haven’t been compromised. If your Wi-Fi network is open without security or is using WEP, WPA or WPA2, change your settings immediately. Go with WPA3 encryption (which is the most secure) and disable any remote management options on your router. Viruses and hacks can suck up resources and may be the reason for your network grinding to a halt.  

Step 7: Change your router’s location. The basement might not be the best place to store your router. Try placing it up high and as close to the center of your home as possible, free from obstructions and appliances, mirrors, concrete walls and metal materials that can cause signals to bounce or be blocked. If you put your router on a wall of your house, your signal is only impacting half of your home. If you have a large house, you will probably need to invest in Wi-Fi extenders around the house to boost the signal. 

If your business Wi-Fi is slow, spotty and problematic, click here to request a free diagnostic of your office Internet connection to see what’s causing the problems you’re experiencing. Obviously, business Wi-Fi is more important than home Wi-Fi and can cost you in untold frustration and low productivity if not fixed. Contact us today!