Monday, February 5, 2018

Important! Scam of the Week: Wave of Payroll Direct Deposit Phishing Attacks

Scam of the Week: Wave of Payroll Direct Deposit Phishing Attacks
 
Email not displaying?
View Knowbe4 Blog

CyberheistNews Vol 8 #06   |   Feb. 5th., 2018
Scam of the Week: Wave of Payroll Direct Deposit Phishing Attacks 

Lexology had an excellent post from Ogletree Deakins by Rebecca J. Bennett and Danielle Vanderzanden, related to a crafty new phishing scam they warned about and that you should be aware of, because it has bad guys in real-time behind it, reinforcing the scam with quick answers via email.

These scams are affecting employers nationwide without regard to their payroll portals or payroll service providers:

"Employers beware: Companies are experiencing a wave of phishing scams that target employee paychecks. Here is the scenario:
  • An employee receives from a company email account e-mail that mimics a familiar and trusted company service or resource, such as an e-signature request or a request to complete a survey.
  • The e-mail asks the employee to click a link, access a website, or answer a few questions.
  • Then it directs the employee to “confirm” his or her identity by providing his or her complete log-in credentials. Skeptical employees who question the request via reply e-mail receive a prompt response purporting to verify that the employee should complete the steps contained in the link.
  • The threat actors then use the employee’s log-in credentials to access payroll portals, reroute direct deposits to other accounts, and wreak other havoc upon the employer’s network.
In some versions of the scam, hackers access employee e-mails to request a password change from the employer’s payroll service and then use the new log-in credentials to change direct deposit instructions."

Bennett and Vanderzanden have the following recommendations:

"The threat actors are doing substantial due diligence on the social engineering side of things, and these e-mails look real. In many circumstances, they are effectively spoofing the sender’s account, and employers are learning of the scam when employees begin reporting that they did not receive their direct deposits. By then, the damage has been done.

In addition to diverting funds, the scam creates a data breach for the employer and triggers notification obligations. Failure to take prompt action may result in penalties and liability to unsuspecting employers.

Employers may want to immediately take the following precautions to avoid security breaches as a result of these phishing scams:
  • Alert your workforce to this scam.
  • Direct employees to forward any suspicious requests to the information technology or human resources departments, rather than replying to the e-mail.
  • Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any e-mail.
  • Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.
  • Enforce (or, where necessary, establish) multifactor authentication requirements.
  • Review and update the physical, technical and personnel-related measures taken to protect your sensitive information and data."
This is a link to the original article:
https://www.lexology.com/library/detail.aspx?g=75685deb-06fc-4e47-a696-44843104f866

I suggest you send the following to your employees, friends, and family. You're welcome to copy, paste, and/or edit: 

 
There is a new Direct Deposit phishing attack you need to watch out for. It's a sophisticated scam that starts with an official-looking email that asks you to click a link and access a website. Next, they ask you to confirm the data with your real username and password. Last, they use your info to access payroll portals, and reroute your direct deposit amounts to bank accounts owned by the bad guys. The lesson here is to never give anyone your credentials in response to an email... Think Before You Click!
End of KnowBe4 newsletter clip.

Stay alert!  Stay Vigilant!

Best Regards,
Dane 

WatchGuard Training FREE eBook on Ransomware = Ransombear

Tuesday, August 22, 2017

DCS Wi-Fi Experts - 4 Wi-Fi Services that Add Business Value

Wi-Fi is changing and we can Help

At Dynamic Cloud Solutions (DCS Netlink) we have built our security foundation on WatchGuard Security Services, and WatchGuard Wi-Fi is part of that security foundation.

Today, every business and organization has to have security installed in every part of their network(s) and Wi-Fi is no different.  Almost every business today has some type of Wi-Fi in place in an effort to service their customers better.

However, most companies just put the Wi-Fi in and never give security a second thought.

At DCS we are experts at installing and managing Wi-Fi and Wi-Fi services that are secure, and simple.

And, guess what?  Wi-Fi isn't just for surfing anymore.

Retail businesses and other organizations can use Wi-Fi to push data, coupons, or ads out to their customers while they are on your network.


That allows the Wi-Fi owner to know and understand their customers better thus resulting in a better customer & Internet experience for everyone!  Sound cool?

To learn more about WatchGuard Wi-Fi Services read our WatchGuard July blog article below and connect with us at DCS to find out how we can help you add value and security to your Wi-Fi network.  Give us a call at 877-327-6385.

Monday, June 12, 2017

[FINALLY] Next Windows Version 10 Stops Ransomware Cold - article courtesy of KnowBe4

[FINALLY] Next Windows Version 10 Stops Ransomware Cold - by Stu Sjourman

OK, finally there is some good news in the fight against ransomware!

(In case you did not know, I was the Editor-in-Chief for WServerNews for 15 years, and I have been following the Win OS closely since 1995. Glad to be back on my old stomping grounds for a bit here!)

Microsoft has been closely watching the onslaught of this new ransomware epidemic and added a slew of new features to the second major update of Win10 which is called "Creators Update" — Win 10 CU for short — which has been rolling out for a few weeks, consumers first.

Presenting new anti-ransomware protection features added in Win 10 CU, Robert Lefferts, Director of Program Management, Windows Enterprise and Security, said that no Windows 10 customer was affected by the recent WannaCry ransomware outbreak that took place in mid-May and no currently known ransomware strain can infect Windows 10.

From a security perspective, CU is a massive improvement.

The new security features include the following list, apart from a host of non-security related additions like a 3D version of MS Paint. :-)
  • Click-to-run for Adobe Flash in Edge — which prevents ransomware and other malware from landing on Windows 10 PCs via exploits kits and drive-by downloads.

  • Instant cloud protection via Windows Defender — According to Microsoft, starting with CU, Windows Defender AV can suspend a suspicious file from running and sync with the cloud protection service to further inspect the file.

  • Fast remediation mechanism at detection — Microsoft says it has made great strides to "remediate ransomware infection and limit ransomware activity from minutes to seconds, reducing its damage from hundreds of encrypted files to a few." Microsoft credits this to Windows Defender AV’s behavioral engine, who can aggregate malware behavior across processes and stages.

  • Improved detection for script-based attacks — Microsoft says its Antimalware Scan Interface (AMSI) was modified to intervene during the strategic execution points of JS or VBS script runtimes, two infection vectors often used by ransomware.

  • Wow64 compatibility scanning — In CU, Windows Defender AV added a process-scanning feature that uses the Wow64 compatibility layer, enabling it to better inspect system interactions of 32-bit applications running on 64-bit operating systems.

  • Process tree visualizations — feature added to Windows Defender ATP, the commercial version of Windows Defender.

  • Artifact searching capabilities — feature added to Windows Defender ATP.

  • Machine isolation and quarantine — feature added to Windows Defender ATP.

  • Windows Edge browser — better protection against remote code execution attacks.
Overall, your average user will probably not notice the difference

Overall, it's a good update, but it stands out for its incremental tweaks and behind-the-scenes improvements to matters such as security, updates and privacy, rather than for spectacular new features.

Obviously, you will not be able to roll this out immediately in your organization, despite the CU security improvements. Implementing CU is likely not a priority if you have just started to deploy Win10, and you might jump straight to the next major update, codenamed Redstone 3 which is due later this year.

The update is available to MSDN/TechNet subscribers running the Enterprise, Education and IoT Core edition. Organizations that have Windows via the Volume License Service Center have been able to get the update since May 1.

These Goodies Only Come in the Latest Version

Microsoft has a very good 14-page PDF with all these features detailed and illustrated. You can download that at the blog. It is obvious that they are adding all these features only to the most recent version, giving you an incentive to accelerate your wall-to-wall upgrades to the latest rev of the OS, which in this case you should be looking at seriously.
https://blog.knowbe4.com/finally-next-windows-version-10-stops-ransomware-cold

The whitepaper contains excellent ammo for budget requests, but is too technical for average C-level execs since it talks about data science, machine learning, automation, behavioral analysis, and other exotic subjects like that. :-D

End of Article by Stu Sjourman (CEO KnowBe4)

More Information on KnowBe4 from DCS Netlink:

You can get a FREE Phishing test and a FREE email exposure check at KnowBe4.  Two FREE tools to tell you how you measure up again the bad guys.  Need more info on KnowBe4 check this out:  





Stay Safe!  Stay Secure!

Regards,
Dane

Monday, March 20, 2017

Ransomware stopped by WatchGuard

Ransomware Stopped by WatchGuard

As a Watchguard Certified Training Partner, many times we know about new features and capabilities with the WatchGuard firewall products before the general public knows about them.  Such was the case with a new module that WatchGuard released over the last couple of months in its Total Security Suite called Threat Detection and Response (TDR).

As you probably know, Ransomware is exponentially increasing in quantity and severity and has been very effective in doing its job by encrypting customer data and holding it hostage.  Here is a quick WatchGuard video explaining the threat and vulnerability of Ransomware:  https://www.youtube.com/watch?v=xZbTFrmr_0E





If you are not familiar with ransomware, here is a really good video explaining what it is in English...the video features"Ransombear" as a cartoon character.  This video is called "Ransombear is on the hunt":  https://www.youtube.com/watch?v=eEKAlupYgDc

Last week I saw a WatchGuard (WG) engineer demonstrate how extremely effective the WatchGuard firewall and TDR module were together in stopping Ransomware "dead in its tracks."

During this short demo, the WG engineer clicked on a real ransomware file and showed how the WG TDR not only stopped the ransomware but also showed information in a WG console which captured and explained what had just happened.  There was nothing for the user to do, and you could see nothing happening.  The WG TDR module simply just did its job and kept the ransomware from executing and encrypting files.  

To prove that the Ransomware file was real, the WG engineer then turned off the TDR services on his Windows machine and then double-clicked the same file....and whoa la!  Within a matter of a few seconds, a screen popped up letting us know that our files were now encrypted and showed us a ticking clock to let us know how much time we had remaining to pay the ransom.

Now, you can watch it too!  Just visit my YouTube channel at https://youtu.be/ORqaWDvF5nQ and you will get a chance to hear more about WatchGuard Threat Detection and Response, as well as watch the WG Sales Engineer, demonstrate how ransomware is stopped by the WatchGuard Threat Detection and Response Host Sensor.

Extremely effective!  Up until now, I have had to explain that firewalls and anti-virus do little to nothing in protecting you against Ransomware...and could not detect, let alone, prevent a Ransomware attack.  Now, we have WG Threat Detection and Response to detect and respond to threats like Ransomware.  The new TDR module is available for laptops and desktops and is available as part of your Total Security Suite.  TDR is very effective as endpoint protection and the best part is that TDR is effective even if you are operating on Windows or Linux and you are not physically behind a WG firewall!

If you own a WatchGuard firewall but don't know or understand how the TDR module works, give us a call at DCS Netlink -Toll-Free: 877-327-6385.  Our WatchGuard certified engineers will help you determine how you can protect yourself and your network against Ransomware with the new WG TDR module.

Watch for our on-line WatchGuard Certified Training Partner seminar on the new TDR module.... Coming Soon! 

Wednesday, February 8, 2017

The Customer is NOT always right - Partnership versus Customer Service!

I recently read a great article by Danny Iny.  In that article, he points out that the customer is not always right.  He also says there is a big difference between customer service and partnership.

Mt. Ararat - 17,000 ft mountain in Turkey
Mt. Ararat (Agridag)- 17,000 ft mountain in Turkey
Ⓒ Photo by Dane Deutsch

At Deutsch's Inc., we are in the "people business" and all of our businesses (i.e.- DCS Netlink, Deutsch's Gymnastics, and Leadership Management Development Center) focus on partnerships not pure customer service.  So, I totally agree with Danny Iny.

I am not a professional climber by any stretch of the imagination, but I had the privilege of climbing Mt. Ararat (17,000 ft dangerous climb - which in Turkish, Mt. Ararat is called Agridag, which means "mountain of pain") during the 5 years I lived in Turkey.  Having made that climb, I can tell you that what Danny says about the difference between customer service and partnerships is exactly right!  He says, "Think of it this way: If you were climbing Mt. Everest, customer service is your porter. Partnership is your Sherpa climbing guide."  Perfectly said!

In other words, your porter carries your supplies for a fee...strictly transactional.  However, your Sherpa climbing guide is your key to reaching your goal (i.e.- the mountain Peak) and getting back to base camp successfully and safely.  The relationship with the Sherpa is totally transformational and Trust is two way.  Big Difference!

At Deutsch's Inc. we are all about partnerships, NOT customer service as our primary goal.  Why?  Because as Danny says, "The goal of customer service is to make the customer happy. In contrast, the goal of a partnership is for the customer to achieve their goals. Buyer and seller are both focused on a goal that's bigger than the buyer. The customer's happiness is a by-product of achieving that goal."


Dane's climbing team successfully at the top of Mt Ararat with climbing Guides

Ⓒ Photo by Dane Deutsch

I want to encourage you to read Danny's full article here:  http://www.inc.com/danny-iny/the-biggest-customer-service-mistake-you-don-t-know-you-re-making.html?cid=email

I also encourage you to read Danny's book:  https://www.amazon.com/Teach-Grow-Rich-Knowledge-Freedom/dp/1541232518/ref=sr_1_1?ie=UTF8&qid=1486571501&sr=8-1&keywords=danny+iny

And as always, focus on leading with Character First!  To learn more about how to lead with character first, grow relationships, leadership and teamwork, you can pick up a copy of my new book called "The Tricycle Effect" on Amazon:  https://www.amazon.com/Tricycle-Effect-Significant-Productive-Successful-ebook/dp/B01N91PPL0/ref=as_sl_pc_tf_til?tag=coach0e1-20&linkCode=w00&linkId=46359a1675537eea4e7912907092a781&creativeASIN=B01N91PPL0  

or visit my website at:  www.thetricycleeffect.com

Thanks for letting me serve as your Sherpa during this short "blog."  Keep leading with Character First!  Trike On and Smile On!

Wednesday, January 25, 2017

Bad Guys are Getting Badder, Faster then the Good Guys are Getting Gooder!

“Nothing has happened to my network, computer, or email yet, so most likely nothing will happen!”  That phrase is one I hear people make all the time.  Is that something you might say?


If you said “Yes,” then I guess you might also live by “The Odds.”  Are you a gambler?  Would you gamble your business or livelihood away?


At DCS Netlink, we don’t live by “The Odds.”  We don’t gamble when it comes to computer, network or Internet security.  The reason:  the odds are not in any person’s favor when it comes to computer, network or Internet security.  There are lots of explanations on why that is true.  


Think about these it:
  1. You are most likely a smartphone or computer user.  You are not an IT expert or even less likely to know about IT security.  Do you agree?
  2. Like most people, we are HUMAN and we don’t like change.  So, you might ask, “Why do I need to add extra security when I haven’t needed it so far?  Fair question.  Do you agree?
  3. There are lots of explanations, but there is one more…...that is security stuff is TOO expensive!  So, what most people think is that adding security also adds costs, and you want to be responsible with your money, right?  WRONG!  Your reputation in business has more value than a dollar amount.  Once you become a victim, your reputation will suffer and most likely your business will suffer, and that may translate to dollars in the end.


So, what should you do about your computer, network and Internet Security?
  1. Change your  beliefs about the BAD guys!  You need to believe that they are working hard to take you down and many of those users around you.  If you don’t believe that, then you have already most likely lost the battle.  In this day and age of the Internet of Things, the risks, vulnerabilities, and threats are increasing at an ever alarming rate and with greater consequences!  Do you agree?
  2. Find a company that will look out for your best interests, and not give you answer or propose a solution with the least cost.  Getting the right solution is more important!
  3. Partner with a computer, network and Internet Security company that has done background investigations on each and all of their employees.  After all, these engineers and technicians will most likely see some of your most confidential information in the scope of carrying out their duties.
  4. Hire a company that has gone through at least some semblance of security training on firewalls, and Internet Security.  Most IT companies do not have any formal training and/or certifications as a testimonial to their legitimacy in carrying out their duties.

So, that is the nitty gritty of IT!  If you want to know more and would like a network assessment and/or a security assessment, give us a call.  We would be happy to help coach you to a stronger and more secure future….after all, your business and reputation depend on IT!  Visit us at www.dcsnetlink.com or call 877-327-6385.