Chilliwack IT Professionals

What is Spear Phishing and How To Avoid It | Fraser Valley IT Consultants

anonymous-4165613_1920.jpg

You have probably already heard of phishing – after all, it is everywhere, these days - from the good old-fashioned Nigerian prince email all the way through to the CRA phone scam (also known as voice-phishing or vishing). The scammers cast a huge, wide, net as far as they can, and wait to see if anyone bites. However, there is another, more-complex level of phishing, that you may not have heard of, called Spear Phishing.

media-998990_1920.jpg

Spear phishing is different in that they target a specific person – usually someone in a large company with access to valuable data or finances. Before they are contacted, the scammer will take the time to do some research on their intended victim, mostly online through social media accounts etc.

Using the personal information that they have gathered, they will then contact this intended victim, making their email as personal and legit looking as they can. It may be as an application to a job that they know they are recruiting for, or a faked email from a friend claiming to have a link to a new menu from a favourite restaurant. Of course, this link or document will contain a malware-infected link or document.  Once clicked, the hacker either gains access to company data, or can plant a crypto-locker virus for ransoming.

silhouettes-81830_1920.jpg

Most spear phishing is aimed at mid-tier employees. However, there are a few brave spear-phishers who will sometimes target someone at the top of the company tree, like a CEO, CFO or senior manager. When this happens, it is called whaling.

So, how can you prevent this kind of phishing?

  • Education is a key one here. Making employees aware that this can happen will go a long way! Advise them to keep their social media content as private as possible (after all, that is as much for their own personal benefit as yours!).

  • Make sure all employees know what to look for in fake emails (such as poor spelling and grammar, or checking link addresses before clicking them by hovering the mouse pointer to see a pop-up box of the address. If you get a link claiming to be from a certain bank or company, open a browser window and go to the bank/company website directly and compare their actual address to the one you see on the email.

  • Limit data to the people who need it. If you keep data on shared drives, make sure sensitive data is housed on separate drives (eg a drive for Accounting only, a drive for customer lists only etc) and only give people access to the areas/drives they need to work.

  • Keep all software, anti-virus programs and firewalls up-to-date.

  • Back-up, back-up, back-up!! Back-up your data well and back-up often!!

If you are worried about your company’s potential vulnerabilities, give our team a call at 778-771-0184 or email info@wildfrogsystems.com, and talk to us about scheduling a Tech Health Check-Up.

Top 5 Reasons Why You Need a Disaster Recovery Plan | Fraser Valley Business IT Consultants

Running a business is already a lot of work on a day-to-day basis, so it’s not surprising when we come across businesses who have not had chance to put together a disaster plan. Most have probably thought about it at some point, but the hustle and bustle of getting things going, or keeping the money rolling in, has taken precious time from turning those thoughts into an actual plan.

So, how important is a disaster plan? The answer is VITAL! If your business does not have a plan for these top 5 scenarios, stop now and start getting one sorted before it is too late and very costly.

blaze-bonfire-burn-672636.jpg

1. Natural disaster

We may not be directly on an earthquake Fault-line, (we are kinda close, though) or in the shadow of an active Hawaiian volcano, but there are still plenty of potential natural disasters that could cripple a business either short or long term. It can range from temporary power failure from a wind/ice storm, all the way through to permanent loss from fire. (A particular concern, locally, with our summers yielding increasingly-worse forest fire seasons.) So, from an I.T. perspective, things to consider here definitely include off-site back-ups, as well as power and office-space alternatives.

2. Virus/Crypto-attacks

You hear about them all the time – and you probably see a heap of Spam attempts in your inbox everyday. The internet is a disease-infested stew of malicious pirates on a mission to plunder your ship of its spoils. Attacks are daily (in fact, businesses are targeted approximately every 14 seconds, resulting in a new ransomware victim every 40 seconds!) and is estimated to cost companies somewhere in the region of $11 billion, this year alone. If any of your technology is somehow connected to the world outside your office, you need protection AND data back-ups!

3. Malicious Employees

So, you may work hard to protect against those external attacks, but what about internal ones? It just takes one disgruntled (probably soon-to-be-ex) employee to do all sorts of damage. That damage can be anything, from simply downloading software for personal use (and compromising your legal license agreements) to a full-on data breach with intent to sell to a competitor. Do you have the steps in place to protect your company finances and data? It may be time to look at access policies and your exit procedures for leaving employees.

aroma-black-coffee-caffeine-327120.jpg

4. Accidental Employee Damage

As much as a person may really love their job, and really work hard, they are still human. Humans make mistakes. It could be a spilled coffee, a cleaner unplugging a server, or an innocent click on an emailed resume (coincidentally sent during a recruitment drive) that turned out to actually be a ransomware Trojan virus. The magic words here are back-up, back-up, back-up… oh and good education!

5. Equipment Failure

No matter how good your I.T. crew is, there will come a time when a piece of equipment dies. It can be a tiny little component that wasn’t quite fitted right during the manufacturing process, or something as common and simple as an old-age issue. Regular maintenance and monitoring will help, but back-ups are key, as well as understanding the expected lifespan of your equipment and budgeting for replacements before you reach those dates.

Hopefully, you will never need your disaster plan. But, like home insurance, it is very wise to have it, just in case. If you do not have a good (up-to-date!) IT Disaster Plan in place and would like help, you can give our team of tech experts a call at 778-771-0184 or email help@wildfrogsystems.com. We will happily send one of our knowledgeable tech support consultants to give your business a disaster health check-up, and advise you on the best options to have a water-tight plan in place.

What are Password Managers and Why You Need One! | Fraser Valley Tech Consultants

login screen mockup-3.JPG

Passwords, passwords, passwords. They are everywhere! With more and more software and platforms transferring to the ease and expanse of the cloud, the number of passwords we need on a daily basis has increased exponentially in the last few years.

Now, if you are following the golden rules of passwords (as you should be!), you should..

  • Never use the same password twice.

  • Use a password at least 8-12 characters long.

  • Use a mix of letters, numbers, uppercase/lowercase and symbols.

  • Do not store the password in your browsers or somewhere obvious like a sticky note.

This is where the average (busy!) human brain can run into some trouble. Bearing in mind that virtually everything we do requires a password – banking, office suite, social media, email, online shopping and so on - AND with the need for every single password to be unique, unpredictable and complicated, keeping track of them can be a bind for even the best memorising geniuses.

This is where having a password manager can be a lifesaver. Then you only need to remember 1 complicated password!

1 password to keep them all? That doesn’t sound safe!

Well, these programs are all about security, so they have to be! They employ techniques like multifactor authentication (meaning you need a password and a random code that it sends to a device of yours when logging in), and all data is encrypted at a local level.

So, what are your options?

There are a number of password managers out there, and you need to pick the one that best suits your needs and budget, but here are a few to get you going…

LASTPASS

LastPass is a great manager and has a number of package options for both business and personal clients, starting with a free version. It works on multiple devices, multiple browsers and has a variety of features such as strong password generators, digital file storage and auto form completing for online shopping.

KEEPER

Keeper is another leading password storage solution. Offers a wide variety of tailored package & feature options for personal (starting at $2.50/mo), family, business (starting at $2.50 per user/mo) or enterprise use. Again, works on multiple browsers and platforms.

DASHLANE

Dashlane also offers a free (but limited) version, as well as more feature-laden packages for business or personal use. This manager also comes with VPN protection and alerts you when a site’s security has been reported as compromised.

1PASSWORD

Popular manager, 1Password, has been protecting passwords for 13 years. No free version, but multiple options again, starting at $2.99/mo for personal or $3.99/mo for teams. Offers applications and extensions across a broad range of platforms and devices, with the usual menu of features on offer, plus a “watchtower” which keeps track of breaches and security issues.

Photo by  bruce mars  from  Pexels

Photo by bruce mars from Pexels

There are more password managers out there, but this is a list of the most popular to start you shopping around. With companies and websites reporting data breaches every single day, the important thing is to get your passwords protected as soon as you can, as best you can… and this step will take you a long way towards a better night’s sleep!

How to Change the Name of your Facebook Business Page! | Chilliwack IT Support & Services

WFS_logo_style-B FAVICON.png

So, as you may (or may not) have heard, we recently had a little makeover and got ourselves a shiny new logo and name. It sounds like a simple thing to do (and it WAS very exciting!), but the reality is that changing a business name can take a lot of work.

So, when our grand launch day finally arrived, we were more than ready to share our hard work with the world. All our ducks were in a row, paperwork finished, and the new artwork prepped and ready to go. First job of the day (for me!) was to head to our social media channels to do the announcement and the “big switch”. This was where I found things to get a bit interesting…

Changing things on most of our social media went very easily and smoothly. Instagram was a breeze, as were Twitter and Google. However, (surprisingly) Facebook was more of a challenge than we had anticipated.

facebook post - about screen.png

Facebook Procedures

On the surface, it looks easy. You just go to the About section of your business page and click “edit” next to your page name. However, this is where you must stop and think.

Facebook’s algorithms will not approve your name change if it looks too different to the previous one. We ran into this problem because our new name looks nothing like our old name… and Facebook refused to approve the change! (Even more surprisingly, though, they had no issue with us changing the username, which gives you your vanity URL!)

facebook post - message appeal screen.png

In the Page Support Inbox, next to the message telling us of our new name failure, there is an option to appeal their decision. However, our experience (and further research!) showed us that this will do absolutely nothing to help your plight.

So, we found a work around… and it was a success! Being the helpful folks we are, we thought we would share our process…

2-Tier Process

For the easiest success, it is best to do the change in 2 phases.

PHASE 1: First, you change it to a temporary name that incorporates both your new name AND old name. (So, for example, if you are changing your business from something like “Joe Bloggs Plumbing” to “Easy Run Waterworks”, you would make the new FB page name something like “Easy Run Waterworks – Joe Bloggs Plumbing”.) You need to leave it like that for at least 7 days (as per Facebook rules).

PHASE 2: Once your 7 days is up, go back to the name edit option, and repeat the process, but this time change it the name you ultimately want. (i.e. dropping the old name part). Done!

facebook post - approved message.png

I totally understand the logic behind it. Facebook works on a lot of automation but still wants to protect the everyday user from scams and confusion. You also want your customers/audience to understand that you are the same company with just a new name, and this 2 step process does reinforce that. It is just a tiny bit annoying when you just want to get things done and move on!

Office 365 Tips - Dictate Function | Fraser Valley Tech Support

With the introduction of Office 365 and moving functionality to the cloud, our Office programs are now getting all sorts of regular tweaks and updates to help make working smarter easier. We know you are far too busy running your awesome company to keep up to date with these changes, so we’ll keep track for you, and add some of the most useful to our blog!

Photo by  bruce mars  from  Pexels

Photo by bruce mars from Pexels

So… it’s Thursday afternoon (I know… I am writing this on a Friday, but I’m trying to paint a picture!). You are tired… your eyes hurt… your fingers ache. It’s just one more day until the weekend, but you have to get those meeting notes typed up before 5pm today, or maybe you have an awesome idea and you want to get it recorded before you forget it. Well, the bods at Office HQ have now added a Dictate function to Word, Powerpoint and Outlook!

To find this handy tool, simply click Home tab in your top menu (Or Message in Outlook), and it should appear in your tool options above, called Dictate

dictate.png

Click the Dictate button, and you should see a red dot. This means it is now recording. As you talk, the text will appear on the screen! To insert punctuation, say the name of the punctuation mark you want to add. Here is a list of what it recognizes…

  • Period

  • Comma

  • Question mark

  • Exclamation point

  • Exclamation mark

  • New line

  • New paragraph

  • Semicolon

  • Colon

  • Open quote / Close quote

  • Open quotes / Close quotes

When finished, click the Dictate icon again to stop recording. If you happen to make a mistake while dictating, simply move your cursor to the mistake and fix it with your keyboard. (No need to turn the microphone off… or just wait until you are done and go back to make your changes!)

That’s it! You just need to have Office 365 and a microphone, and away you go!

Is AI as scary as it sounds? | Fraser Valley IT Consultants

AI (or artificial intelligence) is such a big buzz word/phrase, right now, as more and more new products are claiming to use the technology, with plenty more predicted to come. AI is everywhere… from transportation to healthcare. This year’s CES even featured a few products claiming to be AI-infused, although how many of these products are actually AI? Should we be worried about the rise of the machines? Well, it really depends on what your definition of AI is.

franck-v-517860-unsplash-225x300.jpg

To many of us, you say AI and you immediately conjure up scary images from movies like Terminator or iRobot, with a real fear that one day machines will eclipse mankind and relegate us to some form of servitude or post-apocalyptic society. In reality, the version of AI that we are now seeing is actually a subcategory called machine learning. It is really a form of coding that is allowing a machine to finish its programming by learning from various patterns and behaviours that it observes. It really doesn’t have an awareness of self or independent thought beyond the given task. (Big sigh of relief there!)

So, looking at real world examples, take the self-driving car. It uses the data, rules and parameters that it was given (highway code laws, maps, your chosen route, collision avoidance rules) to navigate roads it hasn’t travelled on before and get you to a destination. It may use AI to make an instant decision to avoid a collision or choose a better route in a heavy traffic situation, but it doesn’t actually think spontaneously for itself and only seeks an outcome to arrive at a predetermined destination in one piece. No sudden distracted diversions because of its personal opinion that it thought the little red hatchback was cute and wanted to see where it was going! (On the very rare occasions when these cars have been involved in an accident, reports have shown that 94% of those cases were, in fact, as a result of human error, not the technology).

ai-artificial-intelligence-code-34676-1024x683.jpg

It really does have some great benefits, as a computer’s black or white “thinking process” can see patterns that the human brain can miss, leading to better results. The learning process also means far less initial programming, as you are not giving it every single scenario or piece of data to work out its results – it is figuring that out on its own. Used right, machine learning can make more accurate predictions, so companies can make business decisions based on that data-driven outcome.

Machine learning technology can save lives –medical tech that requires action when it knows body chemistry isn’t correct (eg an insulin pump that uses data to know when to deliver a dose). It can save time and money – predicting a product’s performance success & making design adjustments in the early development stage, rather than having to spend more time finding those flaws at the prototype stage. The benefit list goes on.

Of course, research and development into AI is still very much ongoing, and its definition (& role in our society) will definitely change over the next 10, 20 or 50 years. It may replace the jobs of some, but it will create jobs in other areas. For now, though, it is very much at the forefront of current technology development trends and is something to embrace rather than fear.

Massive New Data Breach Found! | Chilliwack IT Support Professionals

Troy Hunt, the man behind the popular data breach website, Have I Been Pwned, has recently reported a huge new collection of user data has been found on one of the hacking forums. Now, when I say huge, I mean massive… enormous… gigantic… colossus… well, I think you are probably getting the picture. So, exactly how big was it? This data breach contained 2.7 BILLION records, from over 770 MILLION compromised accounts!

IMG_0625-300x197.jpg

The breach is the largest single one ever to have been loaded onto the Have I Been Pwned website and contains a staggering 21+ million unique stolen passwords. The exact origins of where the data was taken from is a little harder to pinpoint, but experts believe that most are from a collection of older websites and breaches. So, if you are the smart sort of person, who regularly updates their passwords and uses lots of different ones, you shouldn’t be too concerned. However, it will still be a good idea to head to the Have I Been Pwned website and enter your email address. If it tells you that your address has been found in any data breach, it will list them for you. (So, you can then go to these sites, if you do still use them, and change your details.) This huge breach, mentioned above, will be named Collection #1.

Of course, as long as there are hackers, data breaches will continue to happen. The best way to protect yourself is follow these tips:

random-password-generator-300x230.png
  1. Use unobvious complicated passwords. The best ones are the ones made by random password generators. (Even some browsers like Chrome have these built in). Make them at least 8-12 characters, with a mix of letters, numbers and symbols.

  2. Use a different password for every place you need one! Sounds scary for anyone who can’t remember what they had for breakfast… but tip #3 will come to your rescue on this one.

  3. Keep your passwords somewhere safe like a digital password manager (LastPass, Sticky Password, Dashlane, 1Password etc). If you are “old school”, even a notebook works! (Hey, if your house or office ever gets broken, chances are that they will be skipping out with your TV or laptop and won’t give a scrappy notebook a second glance!)

  4. Update your passwords regularly. They say passwords are like underwear… keep them out of sight and change them often!