The Cybersecurity & Infrastructure Security Agency (CISA) released an alert last week, May 11, advising MSPs “of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and [we] expect this trend to continue.” They also released guidance for MSPs and their customers to reduce the risk of falling victim […]
Tag: spear-phishing
April Fool’s Phishing
With April Fool’s fast approaching, it seems like a good time to review some phishing email tips so the joke isn’t on you. Email is still the number one communication method, which makes it the perfect avenue for scammers and other malicious actors looking to get the highest return on their activities. One of the […]
Why You Should Implement Security Awareness Training
Security awareness training, usually done on a recurring basis, helps users understand different threats they might be exposed to during their personal and work lives, typically focusing on the digital realm. The goal of the training is to elevate users’ awareness of these threats so they can recognize them before falling victim to them. So […]
April Fool’s Phishing: the joke’s not on you
With April Fool’s fast approaching, it seems like a good time to review some phishing email tips so the joke isn’t on you. Email is still the number one communication method, which makes it the perfect avenue for scammers and other malicious actors looking to get the highest return on their activities. One of the […]
Why Should We Implement Security Awareness Training?
First, what is security awareness training? This is training, usually done on a recurring basis, that helps users understand different threats they might be exposed to during their personal and work lives, typically focusing on the digital realm. The goal of the training is to elevate users’ awareness of these threats so they can recognize […]
Tips to identify phishing emails
A phishing email is an email scam designed to trick the recipient in to clicking a link, opening an attachment, or giving valuable information to a hacker. Have you ever received invoices claiming money owed, unsolicited UPS or FedEx shipping notifications, or emails claiming your online bank password needs to be reset? These are phishing […]
How to avoid tax-time scams
It’s everyone’s favorite time of year again: Tax Time! And along with all the fun gathering of documents, numbers, and other records, comes the usual spike in malicious email and phone calls. Each year, the IRS keeps a list of the top 12 tax scams that it calls the “Dirty Dozen”. Here is 2018’s list: […]
Be wary of that email!
Let’s face it: we spend far too much time each day dealing with email, especially in a business. It is then no surprise that the most prolific attack vector against a person or company is via email. So why don’t we have ways to stop this completely? The simple answer is: human nature. Remember the […]
MFA is a necessity today.
Why do I have to get a txt message to sign into systems/services? What happened to just entering my username and password? Answer, Multi-Factor Authentication (MFA). If your systems aren’t using MFA, then you should enable them and start using it. Why? Email is still the number one way hackers are gaining access to sensitive […]
Account Takeover and Prevention
Over the past few months we’ve seen a new security attack gain popularity: Account Takeover (ATO). Account Takeover is when an attacker steals a user’s username and password for their email account, most often an Office 365 account. The attacker tricks a user in to giving up their username and password, usually via a file […]