Buying a Fur Lined Bathtub?

SPAM! Most of the time we don’t really fall for it, but sometimes an email looks interesting enough to open and read.  This morning I received this email that said it could deliver 5 phone system quotes to me in CORVALLIS  - OR, which is where our main office is located. So, my curiosity peaks and I check it out. (See the Note)

It’s probably not an email that interests you, unless you are looking for a new phone system. What you may not know is the same organization that collects your request for a phone system quote in “CORVALLIS - OR” will call me later this month and offer to sell me a list of businesses that want phone systems in “CORVALLIS - OR”

The same thing happens for other products. An email arrives that says they have a great price on something you have been looking to buy, it gets your attention and you think “Sure, I’d like to get 5 quotes for fur lining my bathtub” and you respond with the affirmative to the sender.  Who then calls a local bathtub fur liner and offers to sell your contact info along with “hundreds more.”  It’s a reasonably legitimate business model in that the spammer has offered you something, “5 quotes” and us something, “contact requested a quote,” but in reality, they have been deceitful on both ends.  They are building a list of contacts but can't really quote you a new phone system and then they are selling that list of contacts to companies under false pretense.  

As a note: 10D Tech does not buy these lists.

We feel your pain

Unsolicited emails, also called Spam, works because of the high volume the spammers send results in a tiny amount of success There are different kinds of spam, but in every case, sending spam is so cheap that it doesn’t take much for a spammer to pronounce that a spam campaign a big success.

For example, say a spammer sends 15 million emails pushing a knock-off of the latest wonder gizmo. If only a tiny percent, perhaps even just one person out of fifteen million, purchases the gizmo through him, the spammer has made a profit. It doesn’t matter if it’s fake purses, body-part enhancement aids, knock-off watches or discounted computer software. If even the tiniest percentage of spam emails produce a sale, then that spam was successful, they will continue.

Tired of Spam? Tired of sifting through a hundred emails a day that has nothing to do with your work? Call us and we can help 10D Tech 541.243.4103

Buying local?

When you buy local, your money stays local, and it strengthens the local economy in two ways. First, buying local fuels new employment and job opportunities for people within the community. Studies show, locally owned businesses employ more people per unit of sales, and retain more employees. Further, the expansion and growth of local businesses helps create a more stable, recession-resistant local economy and community alike.

Second, buying local keeps money circulating within the local economy. Cash flow is vital for prosperity and local businesses recirculate a greater share of every dollar, as they create locally owned supply chains and invest in their employees. An additional study found that local retailers return a total of 52 percent of their revenue to the local economy, compared to just 14 percent for the national chain retailers. Money circulating through the local economy benefits everyone who receives a transaction. 

We are disappointed our local city and county decided to buy from a chain that have no local employees or presence other than the phone systems they have installed.

City of Corvallis and Benton County buy new phone system.

#1 of 7 CyberSecurity Tips

We all now rely on technology. Our businesses rely on technology, big or small. Our clients find us online and use the 10D Tech website. We store confidential information and communicate via email. We download documents and research and file forms online. We manage other businesses networks.

10D Tech IS a target for bad guys. WE know IT and how to protect ourselves so that we can help our clients protect themselves. 

Numerous reports reveal that more than half of all small businesses are hit with a security breach. The financial consequences can be significant and for many, devastating. Right out of the gate, you’ll have to pay to have the systems recovered, get the data back, loss of reputation and potentially loss of your clients. 

Every organization needs to take responsibility and enable security measures to protect their business as part of the monthly reoccurring costs, like phone bills and rent. You can’t just set it up and forget it because the attack protocols change daily.  The Hollywood version of fending off a hacker attack, with streams of data scrolling across the screen is unrealistic. The image of a computer genius pounding away on a keyboard like they are replying to a political Facebook post is just comical. Most hackers are in a business network for 68 days before being discovered. They sneak in through emails, phishing links and EBKAC (Error Between Keyboard And Chair)  The bad guys are good, really good, BUT beatable with the right tools, properly configured firewalls and staff training.

Here is the first of 7 important cyber security tips.

#1. Create a clear set of security protocols.

How will you protect your business? Take some time and write it out with your IT team (10D Tech). You know your business, the IT team knows theirs. They’ll help you with the details for protecting your network, hardware and client information.   Don’t skimp here because the cost of a security failure can close your doors.

Evaluation items you should regularly ask your IT Team:

• How often do you run system updates, patches and network scans?
• Do we need to protect and back up all of our data?
• Does the staff have access to all of our sensitive data?
• What software and applications are critical, and which are optional?
• Where does the buck stop? The one throat to choke or the one back to pat?

Review the security plan every 6 months, and remember to include employee training in the security equation.  Your cybersecurity plan only protects the business if everyone knows it and follows it.

Next Tip: #2 Business Email Compromise (BEC) protection

540,000,000 - The news has become noise

Security Alert: April 3, 2019: 540 Million (540,000,000) FaceBook profiles exposed! It has become to common to keep track of them all.  

Security Advice: Stop using Facebook to log into websites & apps. Using a password manager is the single most effective tool to guarding your privacy online. Facebook is just the vehicle criminals use to loot your information. We use LastPass because it is simple.

We wonder how many Facebook profiles have NOT been exposed.  

https://www.extremetech.com/internet/288907-540-million-facebook-profiles-exposed-by-2-insecure-databases

Sextortion Scams

SEXTORTION SCAM

Have you ever received one of those emails that didn't really make sense but still made the hair stand up on the back of your neck? One of those could start with a message like:  “Send bitcoin right away or else I am sending compromising photos or information to your friends and family.”

This is a new variation of an old scam. A little fear-inciting jolt that has you unsure of the nature of what the scammer is talking about… your mind races … How would they have anything I would not want to be exposed? What item or video could they have that I would want to hide? Then you think about the privacy in your own home? What device did they hack? Even if you know the claim is impossible and untrue, it is still very unsettling and a bit frightening. This new version of an old scam is called Sextortion and it preys on your fear of the unknown.

How does this scam work?

The bad guy tells you they have hacked your device/computer and they will release embarrassing information. They don’t tell you what they have, only that they have something from your personal device. It could be photos, emails or text messages. Most of the time the bad guy vaguely threatens to release the information they have stolen to your employer, your friends and your family. Sometimes the bad guys describe details of what they allegedly have on you.

What is it that they want? They’ll tell you that to avoid having your personal items exposed to everybody you have to pay them immediately using bitcoin.

Here’s the catch:

What would make you believe their claims are right when you know it can’t be right. The scammer provides just enough information from one of your hacked accounts. Equifax, Target, Facebook, Marriott, MANY more! Mine was my old MySpace account. There are too many breached companies to list them all, but in all likelihood, some of your information has been stolen. They give you just enough information, that adds credibility to their claim, to make you believe they may have something of yours that you want back. They’ll show an exposed password and/or your user name which they purchased on the dark web. By matching your email address with passwords, they have enough information to make you a little frightened. The scammers assume a small percentage of their chosen victims will react and pay the extortion fee. It’s in the numbers, 1 million emails sent, 50,000 people get nervous, 5,000 pay the $1,000 ransom and they have a $5,000,000 payday. 
That's only .5%  response on the 1,000,000 emails sent for a HUGE payday.

The 50,000 nervous people have a jump in their fear level start a Google search for how to purchase Bitcoin or think about what could they have.  OK DEEP BREATH, if you are like 99.5% of us you know you're being scammed but let us give you some advice in case you're still nervous. Don’t fall for it and don’t pay the ransom.

As proof, they may provide you with a legitimate username and password, most likely from an old account because those are the cheapest to obtain. Regardless if it is old or new, stop using the password they provided, change it immediately, especially if it is one of the 3 passwords you use. Using the same password will eventually lead the bad guys to an account that does have items you want to keep safe and private. If you use your password manager, it will assist you in changing that password as well as do a security search of your accounts for the same password. Change those as well. Rest assured, if the password they show you has been used to secure some of your other accounts, all of those accounts are also compromised. That is where the hair on the back of your neck should raise up.

If you really want to be secure and keep information private, use the two-factor authentication on your password manager. Consider the advice below by covering your camera lens with a piece of tape, post-it note or slide cover.

What should you do if you get a Sextortion email?

Even though there is no real bit behind this scam doesn’t mean you should not take some sort of action. Use the extortion scam as a cue to protect yourself online. The Federal Bureau of Investigation aka FBI advises:

• Do not pay
• Do not respond to the email
• When opening unexpected attachments from people you know, use caution because their email addresses may have been spoofed
• Change your passwords often
• See if your other email addresses and passwords have been pawned or stolen
• Stop using the password immediately (and while you’re at it, update any old passwords — using a password manager, like LastPass, is fastest)
• Never ever send compromising photos of yourself to anyone unless you want everybody to see them.
• Don’t open attachments from strangers
• Turn off your computer’s camera or put a piece of tape over it when you’re not using it

I'll reiterate, DON’T reply to the email. The more you reply, the more likely you are to expose other items or information that they will use to manipulate against you.

Why you need a Battery

Call 10D Tech at 541-243-4103 for local advice and assistance in Salem, Keizer, Corvallis, Albany, Lebanon, and Eugene. We provide Avaya Business Phones, Managed IT, Internet Services and Cyber Security through out Oregon.

The following article is copied and pasted from the Tech Advisory - June, 2017 blog. They could not have said it better.

https://www.techadvisory.org/2017/06/why-businesses-need-a-ups/

"Why businesses need a UPS

By EDITOR | Published: JUNE 21, 2017

Power outages caused by utility failure, accidents, and natural disasters such as storms, flooding, or earthquakes are inevitable. There’s very little you can do to prevent any of these from happening, but you can avoid the consequences to your business by using an Uninterruptible Power Supply (UPS).

What is an uninterruptible power supply?

An uninterruptible power supply is an essential piece of hardware that protects both your computer and your data. It provides a backup power source in case of main power failures caused by electrical current problems such as blackouts, brownouts, and power spikes.

Smaller UPS units can protect individual computers while larger models can power multiple devices or an entire office. Small businesses can opt for individual UPS units, which should be enough to back up critical computers and other devices that are key to business continuity.

Benefits of having UPS

It’s a known fact that power outages can damage or completely destroy electronic equipment, especially computers. Unexpected computer shutdown can cause great damage to your computer hardware and make you lose unsaved data. A UPS ensures you never experience such a scenario.

Here are other ways that a UPS benefits your systems:

• Uninterrupted power flow during power surges

When you have UPS, the voltage that passes from the main electrical lines to your devices is consistently stabilized. This protects your computers from power surges, which happen when the voltage in other equipment suddenly rises.

• Refined and filtered power supply

It normalizes power levels so that your computers are protected against dips and spikes caused by lightning or an abnormal power supply that usually comes from restored power after a blackout.

• Instant power during brownouts

An uninterruptible power supply guarantees your operations’ continuity. In the event of short-term interruptions, it gives you enough time to switch to a larger, more stable power supply such as a generator. But unlike a generator, it provides instant power to your equipment at the exact moment the power goes out.

Does your business need a UPS?

If you’re purchasing new computers for your small business, a UPS is an invaluable add-on. Businesses that require constant power to function such as hospitals, banks, academic institutions, manufacturing companies, and any business for which storing and processing data are critical tasks can benefit from uninterrupted power.

Determining the type of UPS for your business as well as installing and maintaining it may require the expertise of professionals. We have experts who could provide you with information on properly operating a UPS, replacing its battery, identifying devices that should never be connected to it, and other safety tips. Call us today for advice."

Simplify your life

#1 Priority: Passwords!  

Password Manager: This is the most important of all priorities in securing your network. When we do security talks to groups, nearly everybody raises their hand when asked if they use the same password or a similar password for more than 1 account or website. By using a password manager, you only need to remember a single Master password. We can show you how to make a password that is very difficult to break but easy to remember. A password manager remembers and encrypts the other 587 passwords to your accounts, websites and portals and inputs them securely when you log in. We use LastPass www.lastpass.com  

We don’t sell it but we use #LastPass because it works and it does simplify our lives.  If you are already using a password manager, Thank you. The basic #LastPass version is free, but you can upgrade to Premium #LastPass for a couple dollars a month. The free versions work great, we have upgraded to premium for some convenience features.

Reminder: Never use the same password for multiple sites.

From #Sophos here is a 30 second smile, who can relate?

It's hard to think up passwords that you can remember.