The Fort of Cyber Security – What is Ransomware?

The Fort of Cyber Security – What is Ransomware?

How to protect your business against Ransomware

What exactly is Ransomware?

Ransomware is a form of malicious software. Which locks and encrypts your computer or device data, then demands a ransom to restore your access.

The cyber criminal uses your own information against you, the files are still on your computer, however they’re all encrypted and completely out of your control. They give you a set period of time and threaten to wipe the system if you don’t pay, causing many businesses to pay the ransom almost immediately.

Nevertheless, they’re not as kind as you may think… if you pay up and demand access back to your system, it doesn’t mean they will. You’re then out of pocket, still without all your data. Worst-case, if you pay up and they do return your files, they now know you’re able to pay up, don’t be surprised if they lock you out of your data again.

What are the different types of Ransomware?

Coming in all different shapes and sizes, with a variety of forms, some types are much more harmful than others:

Crypto Malware – The most harmful form of ransomware, the ability to encrypt everything on your system, once it’s started, you no longer have any control over your files, until you pay the ransom of course.

Screen Lockers – Infects your operating system to completely lock you out of your computer or device, making it impossible to access any of your files.

Scareware – As its name states, it’s used to scare you. Fake software claiming to be antivirus and demands money for ‘finding issues with your computer’.  Some types lock you out but others mostly flood your screen with pop ups and persistent alerts.

Doxware – Otherwise known has leakware, hackers will gain access to and will threaten to leak all your private documents, pictures and information, most victims will pay once their files have been hijacked.

How do you prevent being targeted by Ransomware attacks?

Ransomware is a popular money making market for hackers and can be hard to stop. Prevention is the most important aspect of securing your sensitive data. To block cybercriminals and help safeguard yourself from a ransomware attack, keep these points in mind:

  • Use security software with Advanced Threat Protection; Install trusted security suites to protect your data, you need more than just anti-virus.
  • Keep your Security software as well as your Operating System up to date, on the latest version at all times.
  • Never open email attachments or embedded links without analysing them first, you never know what it might be. similar to Phishing, you can be easily caught out into installing malicious content without you even knowing.
  • Be cautious of emails with attachments that require you to enable macros to view its content, once you enable macros, the malware inside is activated and will enter your system.
  • Use cloud services, they’re fantastic for mitigating ransomware infections
  • Don’t pay the ransom, yes you have a time limit and they’re threatening you with your won files, but a cybercriminal can ask you to pay over and over again and still never release you files, they locked you out, they won’t be kind and let you back in.

 

 For more info get your free pinpoint guide on Ransomware below

 

 

** Discover the top 15 recommendations for your Cyber Security **

We’re Urban Network, we can help save your Business.

We specialise in managed IT & technology services to help businesses across London & the wider-South East, from our base in Wapping, East London.

Urban Network has a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

Among our range of skills, we have a specialism in securing your data. Ensuring we aid our clients with employing the best & most appropriate practices, procedures and tools to increase security in the workplace.

If you have any concerns or challenges with your technology generally, we would like to hear from you. Please contact the team today.

 

The Fort of Cyber Security – What is a good Data Backup?

The Fort of Cyber Security – What is a good Data Backup?

Having a Data Backup is one thing, but a good one…

What exactly is a good Data Backup?

In this day and age, it’s essential to have backups of your entire IT system & infrastructure. With endless possibilities just around the corner, it’s only a matter of time before you lose everything.

The key to backing up your data is simple, just follow the 3-2-1 backup rule.

In other words, just make sure you’ve got more than 3 copies all in unique, separate locations.

You really want to make backing up data a part of your daily life cycle. If you happen to lose your data due to a hardware defect or ransomware attack, having a backup could save your business.

Where do you even start with a Data Backup?

There are lots of ways to back up your data. Each way has its own procedure. Still, here are some general guidelines when it comes to making a good backup:

Storage is cheap, so it makes the most sense to just back up everything.

Cloud storage offers some advantages over local storage.

The more places your data is backed up, the better.

Don’t underestimate the value of having physical copies of things

Identify what you need to back up.

Backing up isn’t an all-or-nothing proposition.

Never underestimate the importance of securing your data, having multiple, unique versions of your infrastructure or lastly, losing all your data to a malicious hacker.

What options of backup are available?

There are plenty of options to back up your data. It’s smart to understand the types of backup and get one that suits your requirements:

External Hard Drives

– Cloud Backup

– Flash Drives

– Online Backup Services

A lot depends on the kind of data you’re protecting. Cybercriminals can use seemingly unimportant data and patch it together to commit identity theft. A strong backup strategy can make a big difference in your digital life and give you peace of mind.

 

For more info get your free pinpoint guide on Data backup below

 

 

** Discover the top 15 recommendations for your Cyber Security **

We’re Urban Network, we can help save your Business.

We specialise in managed IT & technology services to help businesses across London & the wider-South East, from our base in Wapping, East London.

Urban Network has a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

Among our range of skills, we have a specialism in securing your data. Ensuring we aid our clients with employing the best & most appropriate practices, procedures and tools to increase security in the workplace.

If you have any concerns or challenges with your technology generally, we would like to hear from you. Please contact the team today.

 

Cybercriminals Leverage Microsoft Sway in a Phishing Attack

Cybercriminals Leverage Microsoft Sway in a Phishing Attack

  • The phishing attack also affects those organizations that do not use the software.
  • The attack is triggered by sending potential victims a malicious Sway phishing page through email with notification for voicemail or fax.

A new report has revealed that attackers are exploiting Microsoft Sway to send phishing emails to unsuspecting users. Microsoft Sway is an app that is available on the Web and Windows 10. The app lets the user create presentations, newsletters, and documents complete with photos, videos, and other media.

What is the matter?

According to Avanan, the phishing attack also affects those organizations that do not use the software.

By creating and posting a Sway page on sway[.]office[.]com, criminals can devise landing pages that look legitimate but actually carry malicious content. Since the pages are hosted are on Microsoft’s own Sway domain, it becomes quite easy for the phishing pages and their links to be automatically trusted by URL filters. In this way, the users are fooled into thinking that the phishing pages and URLs are valid.

How does the attack start?

  • The attack is triggered by sending potential victims a malicious Sway phishing page through email with notification for voicemail or fax. This email includes words like ‘Urgent’ or ‘Important’ in order to create a sense of urgency among the recipients.
  • Once the recipient logs into a Sway site with an Office account, the malicious page appears to be legitimate with Office 365 styling and menus.
  • A malicious Sway page can include trusted brand names affiliated with Microsoft such as a SharePoint logo. Such a page typically displays a tempting URL that invites the victim to click on it. This would cause the download of malware or trigger a spoofed login page.

Bottom line

This is not the first time Sway has been identified as a tool for conducting phishing attacks. In 2018, Forcepoint Security Labs had reported a similar phishing attack leveraging Microsoft Sway. The attackers were using the novel method for distributing malicious links hosted through the legitimate ‘sway.office.com’.

     

    We’re Urban Network, we can help save your Business.

    We specialise in managed IT & technology services to help businesses across London & the wider-South East, from our base in Wapping, East London.

    Urban Network has a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

    Among our range of skills, we have a specialism in boosting productivity. Ensuring we aid our clients with employing the best & most appropriate practices, procedures and tools to increase efficiency in the workplace.

    If you have any concerns or challenges with your technology generally, we would like to hear from you. Please contact the team today.

     

    News Source: https://cyware.com/news/cybercriminals-leverage-microsoft-sway-in-a-phishing-attack-f4427945

     

    The Fort of Cyber Security – What is Smishing

    The Fort of Cyber Security – What is Smishing

    Pull up the drawbridge and protect your business from Smishing

    But what exactly is Smishing?

    The word ‘Smishing’ originates from both ‘SMS’ and ‘phishing’ combined. Phishing is the trickery of using imitation to get you to reveal personal, sensitive, or private information.

    However, instead of using email, normal phone calls, hoax websites or VoIP, Smishing is carried out through text or SMS messages. 

    In similarity to both Phishing & Vishing, Smishing also uses a vast selection of scare tactics and emotional manipulation to trick you into giving up your information. The goal of is simple and exactly the same: To steal your money, your identity, or both.

    Why is Smishing so perilous to my business?

    Your private information needs to stay private, with a simple text message, that could all go up in flames.

    Build a moat around your data and learn how to protect it, here’s a few key tactics of Smishing:

     The use of Social engineering – Leveraging your trust in order to obtain your private information

    The threatening approach – “If you ignore this message you will be charged daily until you accept the terms”

    Links & attachments (malicious) – Simple but effective, send 1000 texts with a single link, someone’s bound to click it

    Along with various amounts of siege tools available, cybercriminals have an endless amount of tricks to get your information.

    How do you prevent Smishing attacks?

    Everyone receives texts on a daily basis, most of the time they are from your friends, family or a legitimate source. But, every once in a while, you’ll be targeted by an anonymous number. To help you remain vigilant, below are some specific steps to prevent Smishing:

    – Never reply to unknown numbers unless you are 100% confident it’s trustworthy

    – Don’t reply to text messages riddled with errors & mistakes.

    – Don’t click on any links or attachments within a text message.

    – Never install applications that come through a text message, verify things first but always stick to the app store.

    – If the preview looks dodgy, don’t even open it, just delete it.

    Also, in order to maximise security for your mobile phone, we recommend a VPN. A Virtual Private Network will secure and encrypt any communication taking place between your mobile and the Internet on the other end. Therefore giving you an extra layer of protection.

     

    For more info get your free pinpoint guide on Smishing below

     

     

    ** Discover the top 15 recommendations for your Cyber Security **

    We’re Urban Network, we can help save your Business.

    We specialise in managed IT & technology services to help businesses across London & the wider-South East, from our base in Wapping, East London.

    Urban Network has a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

    Among our range of skills, we have a specialism in securing your data. Ensuring we aid our clients with employing the best & most appropriate practices, procedures and tools to increase security in the workplace.

    If you have any concerns or challenges with your technology generally, we would like to hear from you. Please contact the team today.

     

    The Fort of Cyber Security – What is Vishing?

    The Fort of Cyber Security – What is Vishing?

    Protect your business from the realms of Vishing

    But what exactly is Vishing?

    The word ‘Vishing’ is a mixture of ‘voice’ and ‘phishing.’ In which Phishing is the method of using imitation to get you to reveal personal, sensitive, or private information.

    However, instead of using email, normal phone calls, or hoax websites, Vishers use an internet telephone service (VoIP). 

    Using a vast selection of scare tactics and emotional manipulation, the aim is to trick you into giving up your information. These Vishers even create fake Caller ID profiles which makes the phone numbers seem trustworthy & legit. The goal of Vishing is simple: steal your money, your identity, or both.

    Why do I need to know about Vishing?

    Alike anyone else, your identity is everything. Vishing can come in a variety of forms, you need to be ready to catch out what’s real & trustworthy, compared to what’s fraud and will steal everything from you.

    The most common form arrives in the voice of your Bank or your Credit card company.

    “Your personal account has been breached. Please call this number to reset your account.”

    The method of approach here is to inflict anxiety and panic, the fear of losing everything you’ve worked so hard for.

    You might also see Vishing in the form of excitement and freebies.

    “Congratulations! You’ve just won our grand prize of a 2 week holiday to the Maldives.”

    From this point of view that seems fantastic, however you’ll soon be asked to pay a ‘returnable fee’ to claim the prize, you won’t get that back.

    As you can tell, there are hundreds of different methods to trick you into paying money or sharing your details.

    How do you prevent Vishing attacks?

    Everyone receives phone calls on a daily basis, 100% of the time they are completely legitimate, however you’ll always get an unknown number pop up when you least expect it. To help you remain vigilant, below are some specific steps to prevent Vishing:

    – Be aware

    – Don’t give into pressure

    – Ignore phone calls from unknown numbers (If they’re important they’ll leave a message that’ll give you an idea if they’re trustworthy)

    Stay calm, if you’re unsure just hang up

    Always be cautious, certain people can be very convincing

     

    For more info get your free pinpoint guide on Vishing below

     

     

    ** Discover the top 15 recommendations for your Cyber Security **

    We’re Urban Network, we can help save your Business.

    We specialise in managed IT & technology services to help businesses across London & the wider-South East, from our base in Wapping, East London.

    Urban Network has a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

    Among our range of skills, we have a specialism in securing your data. Ensuring we aid our clients with employing the best & most appropriate practices, procedures and tools to increase security in the workplace.

    If you have any concerns or challenges with your technology generally, we would like to hear from you. Please contact the team today.