phishing – Cooper Mann Consulting

January 15, 2025

Phishing, Cybersecurity and Your Small Business

Phishing can have a significant and often devastating impact on small businesses. Unlike larger organizations, small businesses typically have fewer resources to dedicate to cybersecurity, making them an attractive target for cybercriminals.

Small businesses can be impacted by phishing and other types of attacks in ways that might not have been considered before. Here are some of the more common ways that phishing attacks can impact the business:

Financial Loss
Phishing attacks often result in direct financial losses due to funds being stolen, fraudulent payments being made, and ransoms being paid. Cybercriminals often use phishing emails to trick employees into transferring money to fraudulent bank accounts, and attackers may impersonate legitimate vendors or clients to request fake payments. Worse, phishing emails can be used to deliver ransomware, locking up or encrypting critical systems or data until a ransom is paid.

For small businesses, even a single financial loss can be catastrophic.

Data Breaches
Phishing can lead to the compromise of sensitive business information or customer data, such as customer personal information or payment details, employee credentials or other private information of the employee, or business trade secrets and other proprietary business data. Data breaches can easily result in legal liabilities, fines, and damage to the business reputation.

Reputational Damage
When a phishing attack exposes sensitive customer information or disrupts services, it erodes customer trust. This can lead to clients taking their business elsewhere and makes attracting new customers harder. It could also impact vendor relationships, causing partners to view the business as a weak link in the supply chain.

Operational Disruption
Cyber-attacks, including phishing attacks, can disrupt business operations and cause numerous problems. Ransomware or malware delivered through phishing emails can render IT systems unusable, causing loss of productivity. If employees lose access to critical tools, files, or data, there will be delays in work and projects. Businesses also must divert time and resources to recover from attacks, taking away from regular business operations and revenue-generating activities.

Why Small Businesses Are Often Targeted
Small businesses are rich targets for cyber-attacks, especially phishing, because they often have weaker defenses compared to larger enterprises. Often made up of a few trusted employees, small businesses are attacked in ways that exploit trust and personal familiarity. Due to many small businesses having weaker cyber-defenses, attackers can find high payoffs in financial rewards or valuable data with a single successful phishing attack.

Noobeh Helps Businesses Protect Themselves
Every business should teach their employees how to recognize and report phishing emails, and MFA (multi-factor authentication) should protect all accounts, but human beings can only do so much, so it makes sense to implement tools that can put additional intelligence behind your services and defend your systems to help keep the problem from ever getting to your users.

Our team at Noobeh recommends and provisions Microsoft Defender for Office 365 to block phishing emails and messages with malicious links and content. Advanced email security helps reduce inbox spam and blocks messages from spoofed senders, which helps prevent users from interacting with bad emails and potentially exposing protected information.

Email protection is only part of the needed coverage. Noobeh also recommends having strong endpoint protection solutions to detect and prevent phishing-related malware and other attacks. Microsoft Defender for Endpoints does this, working seamlessly with our remote monitoring and management and your other Microsoft services to provide a higher level of protection for the business.

By understanding the risks and taking proactive measures, small businesses can minimize the impact of phishing attacks and protect their operations, reputation, and customers.

jm bunny feet Make Sense?

February 8, 2024

Prey or Empowered? Small Businesses and IT Security

Now more than ever, small businesses need to be vigilant with their information technology security. Small businesses may not be the big fish in the sea, but there are plenty of them out there to catch. Small businesses tend to make the best targets because they often fail to perform security audits, they may not be willing to invest in the resources needed to protect themselves, and they frequently don’t even carry the right insurance coverages. To hackers, small businesses are easy prey.

“Don’t think you are too small to be affected,” says Erik Knight, the founder and CEO of SimpleWAN. “Every place you have an employee or office is a potential entry point. Take it seriously; if you have something worth taking, a hacker will try to take it.”
https://www.forbes.com/…

There are a few things every business can do to improve the security and privacy of their data. It isn’t an option any longer; these are essential elements in an overall security strategy that can make the difference between staying in business and not.

Use strong passwords, not easy-to-guess words, phrases or sequences (1234 is not a strong password). Passwords should be unique, more than 8 characters in length, and have a mix of numbers, letters, and special characters.

Keep software updated. Whether it is the operating system on your computer or the software you use to write letters, having up-to-date software matters. Developers don’t just upgrade software to fix bugs or introduce new features; software often gets updated because of security issues or vulnerabilities.

Keep networks and connected devices secure to make sure that the computers and connections aren’t introducing weaknesses into your system. Not only are password controls and software updates needed, but firewall security and good anti-virus/anti-malware solutions are also a must. Keeping an eye on the server matters, but the connecting points and end points are where many vulnerabilities exist.

Set up two-factor or multi-factor authentication to further secure logins. 2FA and MFA is like having ID besides just your driver’s license to prove you are who you say you are. Your password, like your DL, is just one factor; you need one more thing to prove your identity for 2FA, like a code from your phone or maybe your fingerprint. The point is that there should be more than just a username and password to access important data.

Restrict use of personal email or social media on work devices. This gets a little trickier with smaller businesses, as many don’t or can’t support providing users with all company-owned devices. There are tradeoffs to allowing users to bring their own devices (byod) versus using company-owned devices. When mobile devices are part of the mix along with desktop and portable computers, it becomes even more complicated and the risk potential increases.

Use encryption for data in transit and data at rest. Encryption is like scrambling the data and then unscrambling it when you access it. In transit, data may be encrypted by a VPN so that it is protected over the wire (in motion) as it is sent and received on the network. RDP is also encrypted, but this remote access method’s main purpose is to keep the data from leaving the server in the first place. At rest, like when it is sitting on a hard drive or other storage location, data can also be encrypted. To open the file or file system, you need a key to decrypt it.

Keep all data backed up and create a way to rapidly recover your server and systems in the event of failure or compromise. Backups are great right up until you find they are as damaged or unrecoverable as your main system, so make sure to have a policy of testing your backups periodically. There are many ways to back up and protect your data, including external drives and cloud storage. If data gets lost or corrupted, you want to be able to restore it from a backup. Regularly audit your backup and data security practices to help identify weaknesses that make the business vulnerable.

Educating employees on the importance of cyber security is among the most important steps a business can take to protect itself. Keeping passwords secure and secret, knowing how to spot a phishing email and what to do and not do with it, not clicking on suspicious links in emails, not sharing personal or confidential information online, and what to do in the event of a breach are all things that should be regularly discussed with workers and supported by written policies.

Managed Azure cloud servers from Noobeh help you keep your business information more secure. Our services demand high levels of security and privacy, and we help our customers keep their data and systems safer and more secure by handling some of the requirements for them.

Strong password policies and MFA is our standard setup, and software updates and patching are part of the service.
Working on the cloud server keeps data on the server and not traversing the network or downloading to individual PCs, so information stays secure and separate from whatever a user runs on their local devices.
Data on the Azure virtual machines is encrypted at rest, and additional encryption is available to add more layers of protection. Data in motion is encrypted, but very little data actually traverses the wire.
Servers and data are backed up regularly with snapshots and file level backups, allowing for simple file restores as well as comprehensive system recovery.

For small businesses, Noobeh has the solution for creating a more secure and better protected IT environment where applications and data can be available to those who need them without compromising the investments already made in training and process development. Moving software and data to a private cloud server allows companies to continue using the software they rely on, just in a better way. Instead of being easy prey to hackers, our customers benefit from higher levels of IT administration, management and protection that empowers them to work the way they need to – any time, anywhere.

jm bunny feet Make Sense?

December 1, 2023December 1, 2023

ZERO TRUST – Every Email is Suspect

Electronic mail has become a standard for communications around the globe. Email can contain not just text, but can deliver documents, photos and videos and other media. Email allows people to contact others at any time and respond on their own schedule. Where previous methods of communicating with someone far away were expensive and time-consuming, email allows people to stay in touch no matter where they are as long as they can connect to the internet.

Yet email is not a fully secure communication medium, and a lot of people are just now figuring out just how vulnerable they may be. What was once considered a trusted means of communication has now become something to be suspicious of. For most users today, it is best to approach emails with a high degree of suspicion (zero trust), especially if they ask for personal information or contain links or attachments.

With email, someone could intercept the messages or even store messages without your knowledge or control. The smallest human error can have ripple effects that turn into waves of trouble because messages cannot usually be taken back. And then there are the threat actors, of which there are too many and they are far too clever.

Phishing has become a highly popular method of cyber-attack, probably because it works so well. It involves tricking people into giving away sensitive information like credit card numbers, social security numbers, and passwords. Phishing is fueling (phueling?) opportunities for malware infections and identity theft which can lead to financial loss, reputation damage and more. Any information an attacker can gain helps them get even more information and go deeper into the organization.

Protecting against phishing attacks requires vigilance and following best practices such as using strong and complex passwords, and two-factor or multi-factor authentication (MFA). Also, it is crucial that users avoid clicking on links in emails, and everyone should verify the email authenticity before responding, especially if sensitive information is involved.

To check the identity of the sender, mouse over (put your cursor over) the email address and it may show you the actual sender address. While the email may say the message came from somebody you know, you may find that the actual sender address is an obscure email address you don’t recognize.

Mouse over links in the email but don’t click on them. When you hover your cursor over the link, it may show you the actual url the link goes to. Like with email addresses, links can be named something other than the actual url. If it is a url or website name you recognize and trust, then type the url into your browser instead of clicking on the link, just in case.

Use multiple channels for communication. This means you should not just communicate with co-workers and others using email. It is always a good idea to have some other form of trusted means of communicating with someone, such as via telephone or a messaging application. When you receive an email requesting sensitive information or an email with file attachments, you should communicate with the sender on one of your other communication channels to verify the authenticity of the email or attachment.

Never ask the sender to verify their identity over the same channel as the original communication. If it is a hacker, you’ve just verified to them that they reached their target.

jm bunny feet Make Sense?

February 19, 2016February 19, 2016

Is this email legitimate? QuickBooks Payroll ACH ID Changes go live on the 22nd!

Trusted QuickBooks Advisors – here’s another thing for you to help your clients with

Intuit recently sent an e-mail to QuickBooks Online Payroll (QBOP) and QuickBooks Full Service Payroll (QBFSP) customers about an ACH ID change. It kind of looks like a phishing thing, but it is really a legitimate email from Intuit, and it is important to pay attention if your company uses the impacted services and a banking feature called “debit filtering”. There isn’t much time to act, either, because the changes go live in 3 days (February 22, 2016).

Impacted services are QuickBooks Online Payroll and QuickBooks Full Service Payroll, so it is pretty important to address. Nobody wants their business payroll processes interrupted, and this could easily do just that.

Intuit has added some new ACH ID numbers for use with direct deposit and other processes which work with the bank, so customers using a fraud-prevention method known as “debit filtering” will need to contact their banks to add the new IDs or their bank transactions will fail.

Debit filtering allows customers to tell their banks which ACH IDs are allowed to perform transactions with the bank account, like removing or depositing funds. It is an extra level of fraud security that protects the bank account from unauthorized access, but it is also something that can work against the business if it is not managed. In this case, contacting the bank to add the new IDs is critical to keeping things processing and flowing smoothly. It is also important that the old IDs not be removed yet, as they may be tied to historic transactions that must be tracked and reported on for tax and other purposes.

“Is this really from Intuit? It seems like Intuit would have a better way to make such changes than to ask millions of subscribers to contact their bank”

Source: Is this email legitimate? ACH ID Changes; – QuickBooks Learn & Support

QuickBooks users don’t have much time to reach their banks and supply the new IDs, so pull the email out of the SPAM folder and call the bank right away. Intuit won’t be sending notices to the banks, and they have no authority to add different IDs to your approved list, anyway… which is a good thing. If just anyone could add an approved ACH ID on your account, then just anyone could get to your funds. Better to make the phone call yourself.

jmbunnyfeet Make Sense?