Whilst Social Media is a wonderful way to stay in touch with friends and family all around the world, it is important to be aware of how much of your private data is collected whenever each social media platform is used. It is also vital to bare in mind to maintain a level of security and privacy to monitor public access to your private information.
What is a digital footprint?
Your digital footprint is the traces of information that you post about yourself online, including but not limited to photographs, locations, statuses, text messages and whereabouts, as well as other personal information that could be used to identify you. Criminals can use this publicly available information to steal your identity or use it to make phishing messages more convincing.
Every day, whether you intend to or not, you are leaving behind a trail of data that pieces together a picture of who you are online, what you are doing, where you are going, and why you are doing all these things. This picture is likely more easily accessible than you may think, and if landed in the wrong hands, could be disruptive and even dangerous.
What do I need to be aware of?
- Think about what you’re posting, and who has access to it. Have you configured the privacy options so that it’s only accessible to the people you want to see it?
- Consider what your followers and friends need to know, and what detail is unnecessary (but could be useful for criminals).
- Have an idea about what your friends, colleagues or other contacts say about you online.
What can I do?
Be aware of the content of what you post online. Could this reflect badly on you, could it be used to hack your accounts, or could it damage your relationships? You can also set your social media accounts to private or otherwise adjust your settings to limit who has access to what you post.
As ever, if you are concerned about the privacy of your information, you can book a FREE safety consultation with the Kerbury professionals here.
This is a form of malicious software that attempts to encrypt your data and then extort a
ransom to release an unlock code. Most ransomware is delivered via malicious emails. They will attempt to blackmail you to receive a financial pay off.
Phishing attempts often come in the form of emails or texts posing as an organisation you trust, such as your bank or Paypal. They attempt to convince you to hand over your login details. Once they have acquired this they will take whatever they please. Check out our blog on how to spot phishing attempts.
Traditionally hackers have attempted to gain access to bank account information or credit card databases. However, intellectual property is another source of value. The use of social engineering, tricking staff into revealing user names and passwords, remains a threat. Protect yourself using network firewalls, data access security, and user awareness and training. You can find out more about our training courses here.
A data leak
The widespread use of tablets and mobile phones means that there can often be accidental and unintentional leakage of data. They can also be easy targets for data thieves, especially if they have no password and portable USBs are often utilised. Educating your team can go a long way to help secure your cybersecurity.
If you need further support with the management of your cybersecurity, don’t hesitate to give the Kerbury team a call. We can help you secure your business’ vulnerabilities, train your workforce to minimise risk, and leave you feeling that you’re prepared.
Cybersecurity is of the upmost importance, and we are going to be busting some myths surrounding the topic to try and help you get a little wiser to hackers’ attempts.
1- I have security software, so I can forget about staying alert.
WRONG! YHou have to make sure that you are always up to date with spoftware updates, which may fix bugs and vulnerabilities that were missed before. Do the same for all of your devices, including your laptop and phone!
2- I can forget about being aware of phishing scams because they are always so easy to spot!
Phishing scams prey on human error, relying on your false sense of security to lull you into their traps. Never let your guard down when it comes to phishing, Very realistic seeming scams imitate big recognizable companies into which you may feel safe entering your payment details or personal details,
3- I only use mainstream websites I don’t need to worry about my cybersecurity.
You sure do Social media apps sell your data to make money, and that increase in cookies means your steps are being traced, making it easier to build up a profile about who you are! Security software keeps y ou safe and protects your privacy!
4- I’m not a millionaire, hackers won’t bother with me.
UK small businesses are targeted with 65,000 cyberattacks per day, with one small business hacked every 19 seconds!
5-I would be able to tell if something happened to my computer.
Hacks work like assassins, prioritizing stealth as their main weapon. Trojan horses mean that someone could lurk on you right now! Get it checked out by Kerbury right away!
Please do contact the Kerbury team today if you have any concerns or questions!
What makes hardware-as-a-service so important? It’s not quite the same as renting something. Business owners are finding hardware services useful as they become more prevalent
What is hardware as a service?
Similar to renting hardware, it shares some of the same benefits. You are essentially borrowing the hardware to use short or long term, returning equipment at an arranged point. What sets it apart from a rental is that you are paying for a service to support the hardware. Think of it as paying for the utility. So what are the benefits?
Low Upfront Costs
You can get the latest hardware up and running faster and cheaper than if you were to specify it, buy it and set it up yourself. Kerbury experts will come to install your hardware for you and make sure everything is functioning properly. This monthly flat rate means that it is easy to budget for.
Responsibility For Maintenance Does Not Lie With You
No worries if your hardware falters, just call the Kerbury experts to come take a look at it! Periodical monitoring will keep things running smoothly. What’s more, you have reduced downtime thanks to the ability to swap out the malfunctioning unit, rather than waiting eons for repairs!
Stay Up To Date With Latest Technology
When a new version of a particular technology arrives, they’ll be in charge of updating it for you, when necessary, rather than you having to deal with it yourself. You won’t have to worry about investing in technology that might shortly become obsolete because your provider will want you to be running as quickly and efficiently as possible – they’re incentivized to make sure you’ve got the best equipment for your needs and budget.
Hardware-as-a-service includes things like cloud solutions or server storage that you rent from another company. You can pay to use their hardware rather than investing in your own infrastructure.
Hardware-as-a-Service allows you to operate to your full potential with minimal risk and investment. Luckily for most businesses, this is quickly becoming the norm and will certainly evolve into more productive and creative practices and services as time goes on.
As the UK begins to emerge from its lockdown following government advice about COVID19, many businesses are keen to get to work. As we tentatively step back into a post-lockdown scenario, we must maintain utmost caution towards our workplace safety, both physically and online. As we have seen hackers exploit the work from home lockdown situation, now too must we address this by asking the question: how can businesses avoid a cybersecurity crisis after lockdown?
Innovative technologies like VPN tools or cloud solutions have proven to be a double-edged sword. On one hand, they have helped to quickly create a remote workforce and keep at least some business processes moving. On the other hand, they have opened new routes into corporate networks that hackers can, and will, exploit.
“All it takes is one misdirected email, incorrectly stored data file, or weak password, before a business faces a severe data breach that results in the wrath of regulations and financial turmoil,” said Tim Sadler, CEO at Tessian.
Employees are more than likely bringing new devices such as phones and laptops back into the workplace. Some of these devices won’t be running the latest software and security patches, meaning they are vulnerable. Others may have already been compromised, giving cybercriminals a virtual golden ticket that fast tracks their access to corporate networks. It is therefore imperative that businesses bare this in mind when their employees return to the place of work, On top of properly segmenting their networks, organisations could also consider introducing a separate “decontamination zone” for devices returning to a local environment. Here, IT teams can vet each device before allowing it back onto the corporate network, while still giving it access to the most basic service in order to keep operations running smoothly. This approach goes hand-in-hand with the final pillar of an effective approach to cybersecurity for life after lockdown: network access control.
With cyberattacks and phishing scams increasing exponentially during this period, it is vital that any business returning to work environment bares in mind the cybersecurity implications as well as the physical health ones. Contact the Kerbury team today to get a full health check of your equipment to check for repairs and ensure that you aren’t encouraging a healthy breeding environment for cyber vulnerabilities.
Request a FREE consultation here or contact us for more information today!
Creating a solid password is a great start to protecting your cyber safety. Cybersecurity should always be a top priority for everybody, especially at the moment, and not just for businesses. Cybercrime is the single biggest threat that a company will ever have to face, and it is a possibility in any situation. Hackers exploit vulnerabilities to extract data, hold victims to ransom, sell information on the dark web, and more. Last year, Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. The best action you can take to protect yourself from cybercrime and hackers is to get in touch with Kerbury for a security consultation so we can give you a thorough evaluation of your security status. Whilst we take care of the rest, a very simple step you can take yourself in the meantime is to create a safe password.
What makes a safe password?
The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words. The more random and unique the password, the better.
-1 Passwords should be long in character numbers, complex, and varied. Use all the characters available – uppercase letters, lowercase letters, numbers, and special characters. The length and complexity can create a stronger password, and make it more difficult for hackers to break!
-2 Do not make it easy to guess – Do not use any word related to your family name, pet, street you live on etc. These can all be researched through your social media.
-3 Wherever you can, use two-factor authentication. When this is available, it will provide you with another shield of protection against hackers.
Try this: -Take a line from your a song “There will be blue birds over the white cliffs of Dover” Take a letter from each “twbbbotwcod” Add a capital letter “twbbbOtwcoD” swap up one letter for a number “twbb8OtwcoD” and add a special character “twbb8Ot%coD” then add something unique for each site, such as an extra B for banking, or Tw for twitter.
If you have any questions or would like to discuss anything concerning IT support services, remember to contact us for help and guidance!
Hackers are exploiting the cybersecurity vulnerabilities of work from home staff during the COVID19 pandemic to steal valuable information. Despicably, some scammers are already using the coronavirus as the perfect opportunity to trick people with Phishing scams. ENISA said it had already seen an increase in coronavirus-related phishing attacks. The agency recommends, as far as possible, that workers try to not mix work and leisure activities on the same device and be particularly careful with any Emails referencing the coronavirus. “Attackers are exploiting the situation, so look out for phishing emails and scams,” ENISA said.
Here are some basic recommendations that can help keep you secure whilst working from home during the COVID19 Pandemic:
- Ensure your Wi-Fi connection is secure. While most Wi-Fi is correctly secured, some older installations might not be, which means people in the near vicinity can snoop your traffic.
- Ensure anti-virus is in place and fully updated.
- Check all security software is up to date: Privacy tools, add-ons for browsers and other patches need to be checked regularly.
- Have a back-up strategy and remember to do it: All important files should be backed up regularly. In the worst case scenario, staff could fall foul of ransomware for instance. Then all is lost without a backup.
- Make sure you are using a secure connection to your work environment.
- Check if you have encryption tools installed.
- Get in touch with a professional cybersecurity team like Kerbury if you have any worries
There are also recommendations for employers to help ensure the cybersecurity of their staff during the COVID19 pandemic
Things employers can do:
- Provide initial and then regular feedback to staff on how to react in case of problems. Who to call, hours of service, emergency procedures and how they evolve.
- Give suitable priority to the support of remote access solutions.
- Define a clear procedure to follow in case of a security incident.
- Consider restricting access to sensitive systems where it makes sense.
- Seek guidance from cybersecurity professionals at Kerbury should you have any concerns
Your cybersecurity should be one of your top priorities to ensure your staff working from home are operating safely and efficiently. Should you need further support the Kerbury team will be happy to provide training as well as any IT support you may need during this difficult time. Get in touch today to find out more
Do you know what phishing is? Would you recognise a phishing scam if you came across one? We have put together some simple and easy tips you can keep in mind to keep yourself safe from falling victim to phishing scams. In 2019, nearly one-third of all data breaches in 2018 involved phishing. The two most popular brands phishers to pose as are Microsoft (42%) and Amazon (38%). Microsoft Office users are the most at risk because hackers often disguise their malware as Office file email attachments to trick them into clicking on them. Follow these tips and as ever, if you are in doubt, always get in touch with the experts here at Kerbury for all your cybersecurity and IT requirements.
Evaluate the situation carefully. Many open their emails as soon as they see them without even considering the possibility of a threat. This is human nature, but if you receive an email that you don’t recognise, take a moment to consider it before you speed through opening it.
Never click links from an unknown sender!
You don’t know who the email is from and you can’t trust what it is they are sending you
Enable mail server options.
This will explicitly label emails that come from outside the company.
Keep an eye out for strange requests.
Ask yourself what is the relevance of what the email is asking you to do. NEVER send bank details or personal details to an unknown sender.
Watch out for something that may seem “phishy.”
Spelling mistakes, grammatical errors, flashy click-bait content can all be red flags
Remember, Cyber-espionage actors frequently employ phishing attacks and there is a growing use of malicious files and HTTPS sites in phishing scams.
Beware!! Phishing attacks are made by cyber criminals to grab sensitive information (i.e. banking information, credit card information, stealing of customer data and passwords) to misuse them.
How does a phishing work?
Hackers spread their phishing net to catch different types of phish. Be it a small phish or a big whale!
Phishing attacks are carried out by cyber criminals who trick the victim by concealing their identity, by masking themselves as a trusted identity and luring them into opening deceptive emails in order to steal sensitive information. These attacks are successful because of a lack of security knowledge. In short a phishing attack is a disguised attack made by hacker in a very sophisticated way.
Phishing Scams can involve thousands of users being targeted at a time by cyber criminals. e.g. A fake Google Mail login page is created and emails are sent asking customers to check their accounts. Huge scams lead to huge losses, Surveys show a phishing increase of approximately 250% according to Microsoft.There are many types of Phishing Attacks and Phishing Scams carried out by hackers:
Many business owners are oblivious to the insecure email links. e.g. the victim gets an e-mail from the hacker to check some unknown transactions in their bank account, a fake link is attached to a site which looks legitimate. Without thinking the victim opens the fake link and enters the account details and passwords. That’s it. You have been attacked!
Spear phishing is an email attack is carried out by a perpetrator pretending to be your friend. To make their attack successful, these fraudsters invest a lot of time and effort to gather specific information about their victims; i.e. victim’s name, position in their company, contact information etc.
They later customise their emails, with the gathered information, thus tricking the victim to believe that the email is sent from a trustworthy source. Fake URL and email links are attached in the email asking for private information. Spear phishing emails are targeted towards individuals as well as companies to steal sensitive information.
The attacker forges the domain of the company, to impersonate them. The victim receives an email with the domain name of the company, they believe that it’s from a trusted source and open.
A few years ago there were only 2 types of phishing attacks. Email phishing and Domain spoofing. Either the email name was forged, or the domain name was forged to attack victims. But as time goes by cyber criminals come up with various types of attacks.
A Whaling attack or CEO fraud as the name suggests are targeted on high profile individuals like a CEO or senior executives of a company. The attack is almost like spear phishing; the only difference is that the targets are like whales in a sea and not fish. Hence the name “whaling” is given to these phishing attacks.
Fraudsters can take months to research their high level victims, also their contacts and their trusted sources to send fake emails in order to get sensitive information, later stealing important data and money, hampering the business. As they target senior management the business losses can be huge, which makes a whaling attack more dangerous.
VoIP (Voice) + Phishing = Vishing.
Until now phishing attacks were made by sending emails. But when attacks are done by targeting mobile numbers, it’s called Vishing or Voice Phishing.
In Vishing attacks, the fraudsters call on a mobile and ask for personal information posing as someone else e.g. a bank employee, they get bank account numbers, pin numbers or passwords and once you have handed that information over you have given these people access to your accounts and finances.
SMS + Phishing = SmiShing.
Just like Vishing, SmiShing attacks are also related to mobiles. This is when the attacker sends a text message to the target person asking them to open a link or an text alert. Once they open the fake message the virus or malware is instantly downloaded to the mobile. In this way, the attacker can get all the desired information stored on your mobile.
Clone means to duplicate giving this it’s name. Clone Phishing is when an email is cloned by the fraudster, to create another identical email to trap employees. As it’s a perfect replica of the original, fraudsters take advantage of its legitimate look to execute their malicious intentions.
Search engine phishing:
This is a new type of phishing whereby the fraudster makes a web site comprising of fake products, fake schemes or fake offers to attract customers. They can even couple up with fraudulent banks for fake interest schemes. They get their website indexed by search engines and wait for their victims. Once a customer visits their page and enters their personal information to purchase a product, their information is in the hands of fraudsters, who can cause them as they please.
Watering hole phishing:
In this type of phishing the attacker keeps a close watch on their targets. They observe the sites their targets usually visit and infect those sites with malware. It’s a wait and watch situation whereby the attacker waits for the target to re-visit the malicious site. Once the targeted person opens the site again the malware infects the victims computer which can then grab all the required personal details or customer information it can.
Although the cyber hackers are very clever, there are certain precautionary measures which can help prevent them succeeding:
- Check the URL before clicking unknown or suspicious links
- Do not open suspicious emails or links
- Change passwords frequently
- Educate and train your employees to identify phishing attacks
- Check for secured sites; i.e. HTTP sites
- Install the latest anti-virus software, anti-phishing software and anti-phishing toolbars
- Don’t install anything from unknown sources
- Always opt for 2-factor authentication
- Trust your instincts
- Update your systems with latest security measures
- Install web-filtering tools for malicious emails
- Use SSL security for encryption
- Contact Kerbury for advice
The main point of phishing emails is to trick users to click emails or links causing monetary loss to them. Ongoing cyber security training given to all employees from top to bottom will keep them alert against such attacks, preventing your business from financial damages. Contact us to see how we can help you! 01440708686 www.kerbury.co.uk
The impending end of life date for analogue ISDN telephony, set by BT for 2025, represents one of the most significant changes in telecoms history. Whilst millions of businesses have already turned away from ISDN in favour of more cost effective and functional alternatives, the 2025 switch off means that in order for companies to continue using their business telephone systems past 2025 they have no choice but to embrace modern, internet based digital telephony as using an ISDN system will no longer be possible.
Why is the switch off happening?
The move to digital is part of an international trend amongst telecoms providers preparing for analogue platforms like the PSTN to become obsolete (Openreach, 2018). Internet based telephony has already surpassed analogue throughout much of Europe simply because it costs less and offers more. The 2025 end of life date has been set not only for the UK to catch up with the latest technological breakthroughs being enjoyed by many of our European neighbours, but as is the case when any new technological breakthrough emerges, it is simply better than the outgoing tech – in this case ISDN.
As IP relies on an internet connection, the main stumbling block it has faced in the past has been concerns surrounding internet availability and quality. With fibre now in place throughout much of the UK, and most of the UK set to be fibre enabled by 2025, this stumbling block has been removed enabling businesses to operate without any of the previous concerns using fully IP telephone systems.
New buildings are in fact now being constructed with infrastructure in place offering only digital telephony options as the telecoms industry gears up to the total takeover by digital.
2025 is 5 years away, why should my business take action now?
IP telephony is being adopted as it offers significant cost savings and functional benefits compared to analogue systems. So whilst the 2025 deadline may seem like a long way off, you don’t have to wait until the deadline to start benefiting from VoIP telephone system – in other words, if you can save money and gain extra functionality whilst future proofing your business at the same time now, why wouldn’t you?
It is also important to note that whilst 2025 may seem like a lifetime away, the cease in supply deadline (the date set when ISDN related services and products will no longer be available to order) is actually set for 2020. If you’re in the market for a new phone system then opting for a VoIP system now makes the most sense
To find out more about the ISDN switch off, to discuss the benefits of VoIP or just to discuss your options in improving your telephony give us a call on 01444 708686