Date:

Author

Category: Business, IT News, IT Security, IT Support.

I wanted to share an incident with you that we came across recently, as it could happen to any business and be very costly.

You’ve probably heard of phishing emails – it’s when criminals send bogus emails to individuals to get them to reveal usernames, passwords, and credit card details usually by simply clicking on a link.  And while many scam emails are easy to spot, some can look very convincing.  Even if it looks like it’s from a credible source such as one of the big banks or a large corporation like Microsoft, it could just as easily be from a cybercriminal.

What business owners don’t often realise is how many of these emails come into their businesses every day and how easy it is for people to respond with devastating consequences.

A prospect called us to work out how an email had seemingly been sent from them to all their clients requesting payment into a specific account “without delay to avoid the loss of service”. The answer was that hackers had used a phishing email to trick them into providing the login details to their email system. The hackers then logged in and sent this email out as if it really was from this business owner.

Not only did one client pay – into the hackers account, but can you imagine the effect of such an abrupt and demanding email on the client relationship?! What was worse was that their only recourse was to tell their clients that they had been hacked, which made their business appear even more disorganised and vulnerable.

So, what can you do to ensure this doesn’t happen to your business?

Well, your best defences are education and motivation.  Share the problem with your people.  Build a team of committed defenders against cybercriminals.  Help them to spot the dangers – the do’s and don’ts and the need for caution and vigilance. Talk to them about the consequences of damaging their livelihoods and your business.  It could honestly be the most valuable investment you ever make.  Make no mistake, phishing could kill your business.

And of course, here at The PC Support Group, we can help you build defences against cybercriminals and provide advice and guidance to make sure your business is safe and secure.  It’s what we do! Call our team today for an informal and confidential chat on 03300 88 6116 or email them on  [email protected].

Phil Bird

Managing Director, The PC Support Group

 

 

 

 

Date:

Author

Category: Business, Data Backup, IT News, IT Security, IT Support.

I’ve read several interesting articles recently about data backup and how being unable to access data and systems is the nightmare scenario for all businesses. However, one thing that rarely seems to be mentioned is the act of data recovery. Hopefully, most companies by now realise the importance of having their data backed up but few appear to think about how long it might take to recover the data onto a live system should disaster strike.

Did you know that 90% of companies experience some form of downtime whether it’s a disk or other critical hardware failure, a flooded office or the latest cyber attack?  We’ve all experienced something.  Interestingly, a lot of our prospects when they first contact us have no idea how quickly they could recover.  Unfortunately, some businesses never recover which is not surprising when the average cost of one hour of downtime is £6,500 for a small business and £64,000 for a mid-sized one2.   Very sad when you consider that 93% of data loss issues are avoidable1.

Even IT businesses like us are not immune, the difference being we have robust business continuity measures in places preventing any issue becoming a major disaster.   In fact, only a few weeks’ ago we suffered a power outage for nearly half a day at our offices in Speke, but our services remained operational and none of our clients were left without support.

How did we do this?  We use a six-step disaster recovery plan that helps assess risks, identify weaknesses and put proactive measures in place.  Once you have this plan, recovery is much easier and quicker and therefore less costly for you and your business.  For instance, businesses without a plan experience greater downtime – on average 18.5 hours to get back up and running2.  Time and money that no business can afford.   So, by planning for the worst you can make your business stronger and more resilient today.

To get you thinking, here are a few questions for you to consider:

1: What is your business-critical data is and where it is held?  Is it backed up?

2: Is your backed-up data kept separate from your computer system, in a secure place with restricted access?

3: How regularly is your data backed-up – daily, weekly, monthly?

4: Is the backup process automated and regularly monitored?

5 How quickly could you access your backed-up data?  Within hours or weeks?

6: How long could your business survive without access to its data?

Answering these questions is just the start of protecting your business. Here at The PC Support Group we can help you with further practical advice and guidance.  Our rolling monthly contracts will ensure your recovery is easy and efficient because we’re good at what we do! Call our team on 03300 88 6116 for a chat about how we can help you or email them on [email protected]

Phil Bird

Managing Director, The PC Support Group

1 The Online Trust Alliance’s analysis of security breaches 2017

2 Backbone Connect, an UK IT infrastructure firm, 2018

 

 

 

Date:

Author

Category: Business, IT Security.

I’m always struck by how serious the after effects of cybercrime can be, for businesses and individuals alike. Just one successful phishing attack, or an innocent-sounding conversation with a conman, and the result of years of hard work and sacrifice can all be undone in a few minutes.
When I hear these stories, I reflect on what the consequences could be for my business, my family, my colleagues and our clients too. Data theft is growing rapidly in volume and sophistication, with hackers increasingly adept at creating believable phishing emails and impersonating trusted organisations like banks (called social engineering), to trick people into revealing email addresses, usernames and passwords. And with the growth in cloud-based applications, once criminals have these electronic keys, they can access systems and cause havoc at will, from anywhere in the world.
But by taking some simple, extra precautions, we can all make it harder for the villains and easier to keep the things and people we value safe. There’s one defence that I strongly recommend you apply as widely as possible – Multi-Factor Authentication (MFA).  You’re probably using MFA already. When you log in to your online bank, enter your email or username and password, you’re then asked for another code – that’s MFA. It adds an extra security layer, or ‘factor’, on top of usernames and passwords (which, as we know, are often not strong enough), before any access to data is allowed.

Also known as Two-Factor Authentication (2FA), MFA provides a unique, time-limited code via a hand-held device, such as PINsentry from Barclays, SMS or app, that is almost impossible for hackers to intercept. Even if the criminal has a stolen email address, username and password, MFA keeps the data safe.

This is a bit of a personal crusade for me. Every day I speak to SME owner/managers who, just like me and my colleagues, have worked their socks off to make a success of their businesses – and it’s satisfying to play a small part in helping to protect their hard-earned achievements.  Here’s a quick checklist to get you started on MFA:

  • Make a list of everything you and your business access using an email address, username and password
  • In particular, identify those systems or services that are cloud or web-based – as they are the ones most at risk of being hacked
  • Check with the providers of these systems (or ask your IT support company) to see if MFA can be applied and then do so immediately

If your current provider hasn’t mentioned MFA to you yet, then I would be a bit worried about that! We regard this kind of advice and guidance as part and parcel of our proactive support service that keeps our clients’ businesses as safe as possible, and delivers reliable, smoothly-running IT.

Phil Bird
Managing Director, The PC Support Group

 

 

 

 

Date:

Author

Category: IT Security, IT Support.

If you think getting scammed is difficult and your business is immune, think again! Here is how easy it is…

 

1. Create a fake invoice as if you’re a local company and specify the bank details for payment as being that of your murky, nasty little criminal bank account. See an example below.

 

 

2. Get the name and email address of the business owner who is to be your victim

 

3. Get the name and email address of the person who pays the bills in the same business

 

4. Spoof an email so the person who pays the bills thinks the business owner is sending it, it only takes a few minutes to do (click here for instructions) – yes it’s that easy! You can spot fake email addresses like the below, check your previous emails from people and companies to see if they have emailed you before. Your email spam WONT always work.

 

 

5. Type the following:

Hi <name>

Can you pay this invoice for me via BACS ASAP

Thanks

<business owner’s firstname>

 

6. Await payment so you can spend it on your murky, nasty, little criminal low-grade life

 

However, if you’re a criminal reading this you’ll already know how to thieve from people and you’re a disgrace; and if you’re reading this and are a decent hard-working person the motto is that you shouldn’t trust emails unless you can be sure they’re from the person you think they’re from; no matter how real they seem.

The most simple fight against this tactic is to have a solid, well-understood internal business process for making payments that ensure nothing is paid without suitable checks and balances.

 

 

 

Date:

Author

Category: IT News, IT Security, Uncategorised.

Heard of ransomware?  It’s important that you know about it, so read on…

worm
Ransomware is the term given to a type of virus that enters your computer(s) and encrypts all your data in such a way that you can no longer access any of it.  Until you pay a substantial fee (a ransom) to get it back.

There’s a new ransomware virus to be aware of; it’s called Power Worm but unfortunately no amount of ransom can get your data back for you.  Unfortunately, the not-so-clever hackers have made a big coding mistake this time and one variant of their virus destroys keys that could help recover the data it has scrambled – leaving you high and dry even if you are prepared to pay a ransom.

Power Worm infects Microsoft Word and Excel files in the main,  but the latest version goes after many more types of files it finds on your machine.

Malware Researcher Lawrence Abrams makes it clear that anyone hit by Power Worm should not pay the 2 bitcoin (about £500) ransom it asks for because they will not get any data back.  He said “There is unfortunately nothing that can be done for victims of this infection, If you have been affected by this ransomware, your only option is to restore from a back-up.”

The reality is that even when the hackers do have the key they are unlikely to release it even if you pay the ransom so regular reliable backups is the only realistic way to protect your data and your business from these attacks.

Did you know:

  • 34% of companies fail to test their backups, and of those that do, 77% have found back-up failures (Source: Home Office Computing Magazine)
  • 93% of companies that lost their data centre for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster. (Source: National Archives & Records Administration)

It’s worth noting that even if you avoid catching a computer virus, ALL disk drives eventually fail, regardless of brand or type and so backups are arguably the most essential aspect of any IT system.

Backup solutions can vary enormously and it is important to be aware of the consequences of choosing one solution over another. While all of our services provide excellent protection, some cover just data while others cover entire systems. Some enable faster recovery of your systems in the event of a major problem, while others ensure that your systems are safe from physical risks such as fires, floods or theft. We recognise that each business has unique requirements and so we talk to customers to diagnose their potential risks and vulnerabilities, understand what’s important to them and then design a specific BusinessCARE Backup system tailored for their situation.

Call The PC Support Group before it’s too late! You can reach us now on 03300 886116.

Date:

Author

Category: Computer Maintenance, IT Security, IT Support.

Office StressDoes any of this sound familiar?

  • You have one or more slow computers, frustrating you and your staff; affecting your productivity and therefore your profitability?
  • You want to make your computer(s) run faster?
  • You’re looking for a quick, simple, cheap or free tip?

The main issues with slow computers usually lie not with the hardware but with changes that occur to the PC’s software. The two most common causes of slowdown are:

  • Every time you or a member of staff loads a program, file, or webpage, the PC’s software registry is updated with new instructions needed to operate that item. However, when the item is removed, these instructions usually remain on the PC. The result: A significantly slower computer.
  • Spyware and viruses are software programs that are loaded on your computer without your knowledge or permission.

You probably already know that the simple rule of thumb to follow is to never download programs like screensavers, emoticons, films, etc from unknown sources. In addition, you should never open any attachments to an email unless you are 100 percent certain you know and trust the sender.

Unfortunately – this also applies to software sold online that purports to “Clean Up” your PC in seconds. You will see these on offer, making claims such as “literally only takes 5 minutes to work”, “Your computer will instantly be restored and you can schedule automatic system clean-ups to keep it running like new.”

The advertisements may also go as far as to claim: “…also protect you against viruses and attack from malicious files, ensuring it runs smoothly all of the time”.

Let’s take a look what SafeBro.com say, for example, about one such TYPICAL download …

“… a nasty rogue infection that works as a double agent. On one hand, it pretends to be a powerful system optimization and antivirus software that would fix your computer, but on other hand (in reality) it brings viruses to your computer and steals your money. Actually this virus is associated with cyber crooks who create fake programs to trick users. Once this software has been installed, it alerts you of several viruses detected on your machine (even if there is no virus in your computer). After a while, it will force you to buy the full/professional version in order to remove the viruses from your computer. That is the actual target of this nasty program. We recommend you to uninstall the software as soon as possible and do not purchase it on any condition. Please note: Manual removal may cause damages to your system if you do any mistake. Use this method only if you understand what you are about to do”.

 

If your PC is infected by this kind of application virus it may do the following…

  • Enter into your computer without your knowledge
  • Scan your computer without your request and claim it has found viruses
  • Display a lot of warnings and alerts popping up on the screen
  • Provoke you to buy its full version or activation code (which may not even work)
  • Collect Personal user information which may include sensitive financial data such as logins, usernames, accounts
  • It may bring further infections are direct the user to infectious sites
  • Make the computer run slow, uses a big part of system resources

That’s not a great picture is it?

It may cost a little more to ensure you use the right software to protect your systems and use qualified, knowledgeable engineers to resolve problems but ultimately it could save you thousands or even save your business.

At The PC Support Group, every computer we look after is subject to a remote weekly health check that includes:

  • Spyware protection and Anti-Virus check
  • Check for early warning signs of problems
  • Removal of unnecessary temporary files that can choke your system
  • Organisation of your disk drives to prevent your computers from slowing down over time

Call us on 03300 886116 if you want your business critical IT System to be in SAFE hands! We’re here to help!

Date:

Author

Category: Data Backup, IT News, IT Security, IT Support.

World-Backup-Day-Logo

What would you do if you lost everything?

That’s the question being posed on World Backup Day 2015; a global movement to emphasise the importance of keeping a second copy of all your important files.

For our customers, every day is World Backup Day – as you would expect when your IT is in the safe hands of an award-winning official Microsoft SME Cloud Partner.

But for those who don’t have this contingency strategy in place, this is a great opportunity to evaluate:

  • Which files are crucial to the successful continuity (and let’s face it – profitability) of your service provision?
  • What are you already doing about backing them up now, and
  • What should you be doing to minimise the irreversible damage that occurs when your hard drive fails?

If your data isn’t backed up, once it’s gone it’s gone, and losing your files is way more common than you’d think. One small accident or failure could destroy all the important information your business and livelihood depends on.

In fact, research has shown that 60% of companies that lose their data will shut down within six months of the disaster whilst 93% of companies that lost their data for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster. (Source: National Archives & Records Administration).

The good news is backing up is straight-forward once you’ve set up the backup process. There are a number of different methods – depending on how you want to backup your data and how safe you want to keep it. It’s just a matter of taking the first step of recognising the value of your data.

For more information download our free leaflet on backup advice or fill in the contact form to find out how we can help you manage your backups.

Date:

Author

Category: Cloud Computing, IT Security, IT Support.

Computer-Virus-2

93% of companies who lose data for more than 10 days file for bankruptcy less than a year later.*

This could be the sobering reality you face if you don’t take responsible, proactive steps in order to defend your livelihood against hacking and other forms of cyber-crime.

Beyond putting the right technology in the right place, let’s look at how you can mitigate against…

Phishing Emails

Promising special offers or making false claims about bank statements or tax records, phishing emails typically tempt between 60 and 90% of employees to ‘click here’, which can have catastrophic consequences for your business.

Action you can take:

  • Teach your employees to be vigilant for bogus emails and not to click anything they do not fully trust – banks do not send emails asking people to verify login details!
  • Carry out regular phishing assessments or “cyber-attack drills” by regularly exposing your staff to various realistic attacks but in a controlled environment.
  • Have in place a process to report phishing emails and who to notify in case they’re clicked purposely or by error; ideally to be carried out within 15 minutes.

Data Thieves

Encrypting your data ensures that if someone were to get their hands on your computer, they wouldn’t be able to easily access your files or get hold of your personal data.

Action you can take:

  • On certain versions of Windows encryption is a pretty simple process and on other systems there is software available to enable this.
  • Ensure all of your files including documents, photos, music, bookmarks and anything else you may need are backed up and readily available in case you become “locked-out” and are no longer able to access them on your computer.

Password Hackers

Last year ‘123456’ headed up a list of the 25 most common passwords. Choosing a password like this is the IT equivalent of putting out a welcome mat and leaving your key in the front door. Strong passwords are at least 8 characters long (longer is better!) and contain a combination of numbers, symbols and letters.

Actions you can take:

  • Don’t use the company name or even the name of the program you are using (e.g. Photoshop123).
  • Don’t keep your carefully-chosen words the same for all accounts. Think of something memorable but with different variations for each, and store them away from your PC.

Network Infiltrators

Free Wi-Fi or other kinds of wireless or shared networks in places like coffee shops, hotels, conference rooms and on public transport can be used by anyone – making them the perfect hunting ground for hackers.

Actions you can take:

  • Read the Terms and Conditions of wireless networks before logging on.
  • Think ‘safety first’ and turn on all the security protection open to you.
  • Don’t login to sensitive sites (such as your online banking) when using a public wireless network

Virus Spreaders

‘Code Red’, ‘Slammer’, ‘MyDoom’… Viruses so infamous they’re classed as the most destructive of all time. Specific viruses come and go but the key to surviving them all is the same – be vigilant. Protect yourself and your assets.

Actions you can take:

  • Keep your internet security software up-to-date and switched on at all times.
  • Apply the latest Microsoft updates to your Windows operating system as soon as possible
  • Install and apply the latest manufacturers’ updates for all your software programs.
  • Trust your gut. If an attachment, email or website doesn’t feel safe, it most likely isn’t.

The PC Support Group provides expert advice on all matters relating to cybersecurity. Contact us on 03300 886 116 to discuss your IT strategy, and how we can bring our world-class managed service provider benefits to your organisation.

*Source: National Archives & Records Administration in Washington

 

Spam Detection in Emails

Date:

Author

Category: Business, IT Processes, IT Purchasing, IT Security, IT Training.

If you’re in the habit of checking the news online you will have noticed that almost daily now there are reports of data breaches by attackers. Cyber security headlines are all too frequent and alert us to the skill and persistence of hackers.

Many organisations still rely on traditional security controls in the form of technology such as anti-virus software and firewalls, etc. to protect their critical assets but it is now clear that this is not enough. The increasing importance of employee security awareness is often overlooked with companies providing little or no basic awareness training.

Personnel and processes are often disregarded when it comes to improving security, partly because the security risk they pose to an organisation is difficult to measure and track.

These days, this a crucial issue with cyber security, but businesses that (very sensibly) put in place IT software security often struggle to get senior management to address a risk that they haven’t been able to quantify, or even prove exists.

The problem is that as the technical, on-line security of organisations increases, attackers are looking instead to a much weaker area: employees.

Read more »

Spam Emails

Date:

Author

Category: Data Backup, IT News, IT Security.

New research suggests that cyber-crime costs small businesses around £800 million a year.

Not only that, but you have a responsibility to put adequate measures in place – if not, you could face fines of as much as £500,000 for cyber breach and data loss under current legislation. Other threats include: social media misuse, hacking, and loss of company devices.

As many as 60 per cent of small firms reported security issues last year, with major breaches costing a small firm on average between £65,000 and £115,000.

Here, we’ve created a useful checklist to help you assess whether you are helping reduce the chances of the worst happening to your business.

How many of the following questions can you answer “YES” to?

Read more »