Smells Phishy to us

Phish-1-850x476.jpg

So far in 2018 - the most common support request was if a Scam email was legitimate or not.   We needed to create an email template in response to this in order to both calm and instruct our users.   We tried to educate the end users - but in the end just told everyone to be vigilant and send us the email to review.

A major problem for small businesses is recognizing phishing emails. Oftentimes, hackers trick employees into clicking malware infected zip files and malicious links in emails that redirect to fake landing pages. This type of cybercrime involving sending fraudulent emails that appear to come from a reputable company with the aim to steal financial and confidential information is known as phishing — and it’s a real threat.

Phishing Email Threats

According to a 2018 Data Breach Investigations Report by Verizon, almost half of malware (49 percent) is installed via email. This is because a large percent of people in the workplace cannot identify a phishing email. Since people cannot identify phishing emails, simple errors generate a significant percentage of data breaches, reports Verizon.

“Ignore the stereotype of sophisticated cybercriminals targeting billion-dollar businesses,” Verizon writes in its report. “Most attacks are opportunistic and target not the wealthy or famous, but the unprepared.”

 

If you and your employees don’t know how to identify a phishing email, your business is at risk. Everyone needs to know how to spot a phishing email and play their part in avoiding the threat.

How to Spot a Phishing Email

Some of the most common ways to spot a phishing email include:

 

  1. Fake email addresses: Phishing emails use fake email addresses that imitate a known brand, such as PeyPal@info.com or ApplePaySupport@fasteb.com.
  2. Impersonal messages: Phishing emails don’t address you by your name. Instead, they use general addresses like “Dear Apple User.”
  3. Fear tactics: Phishing emails use scare tactics like threats to close accounts to create a sense of urgency and cause you to make hasty or impulsive decisions that can prove disastrous.

If you click on a link in an email (or on a website) taking you to a landing page, inspect the page to see if it is a genuine landing page or a fake one.

How to Spot a Fake Landing Page

Some of the things to look out for to determine if a landing page is fake include:

 

  1. Incorrect website address: Fake landing pages attempt to mimic the web address of a legitimate company, but errors such as misspellings and unsecure connections denote a phishing scam.
  2. Missing navigation and footer: Fake landing pages are often bare-bones, sometimes missing both the header and footer in the web page.
  3. Information collection: Fake landing pages will almost always include some type of information collection form that deviates slightly from the company’s legitimate landing page.

If you are not sure a landing page or email belongs to a legitimate company, don’t click links, confirm your personal data or download file attachments from it.

More Tips to Recognize Phishing Scams – Infographic

Check out the infographic created below for more ways to identify a phishing email and things to look out for in a fake landing page:

 

how-to-spot-a-phishing-email-850x2890 (1).png

Bester Best Practices

Best Practices - Accepted guideline for efficient systems, or backstop excuse for the incompetent?

On-ramping a new Architecture Firm - Agile liaised with the previous IT firm for an information exchange.  Fortunately, we've acquired 5 clients from the same firm - so we now know the faults in their approach.

The following is analogous to having a 1000 sq ft apartment - and making 4 bedrooms all 7'x7' instead of 1 one or two roomier ones.


clipboard-image.png

Look Familiar?

Agile: And why did you slice up the data volume into such small pieces?

Other IT Firm: Best Practices.......

Agile: Not really, The OS partition seems a bit small - and we could have made one large 8 Terabyte drive - or even two 4 Terabyte volumes and the client wouldn’t be running out of space.

Other IT Firm: It’s Best Practices

Agile: In 2004 maybe - but things have changed. Tech evolves.

Other IT Firm: It’s Best Practices.

Agile: OK - we’re done. We have what we need to know.

Resolution:

Since we've gone down this road numerous times - we've created a Best Practice of our own to counter this issue.   It takes time - but is now part of our on-ramping.  

  • Create a Virtual Server image of the affected system
  • Transfer all systems roles to secondary server if possible
  • Regenerate the server
  • Create the Volumes correctly
  • Attach the Virtual server to the new system
  • Move the data to the newly created and correctly partitioned system

We're lucky that we work with systems and not building like our clients - and can reboot, revert or rebuild improper systems without starting from scratch. 

So these systems that Agile has rebuilt is just the canary in the coal mine.  Once we see the server volumes like this - we know that we're in for a number of other improper items with the backups and software setups.

Fortunately - we have the Bester Best Practices.

 

70 staff, 7 days without internet - then 1 phone call

Agile's latest transition of a 70 person Architecture was a piece of cake.  The people are wonderful, they invest in the right hardware and software, they understood our support process right off the bat (including our intra-triage system of shifting priorities as needed).  We couldn't have asked for a better experience with a new client.  As for the IT firm that we were replacing - that's another story.

caveman_6.gif

While Agile was busy cataloging systems info, gaining admin control and preparing the staff for the cut-over - disaster struck, the internet went down.  Well - it mostly went down.  See - they had a backup line that was very slow at 5 megs that was only used for their phone traffic, and that was handling the entire traffic for the firm now - just nobody knew this.

The previous firm spent the next week sending technicians to review the issue, appliances were rebooted, the ISP was called and then there were the meetings, the endless meetings.  Over the course of the next week, with the internet still limping along, this IT firm requested no less than 8 meetings to review the situation.  In their last meeting, with the business owner, account reps and various technicians on the line - they finally conceded to providing Agile with the firewall credentials, said "YOU FIGURE IT OUT" and cut us from the call.

Now day 7 of the outage - after 1 hour of being able to dig around the firewall and then 1 phone call to the ISP, the line was up and folks could work again.  

Over the next 90 days - Agile transformed this clients IT process from one of meetings and support queues, to that of a seamless IT partnership process. We're way past break/fix - we're creating efficiency beasts.

efficiency.jpg

Book a one on one chat today - (30 minute Tech talk)

 

LinkedIn Premium vs. Girl Scout Cookies

The InterWebs are full of Top 10 this and thats, Celebrity Click Bait and countless manner of material that croon for all the eyes on screens. Last month there were 2 clear winners that were successful in separating funds from our wallet. The two could not be much more different in product — so how can we have any quantitatively or statistically relevant study. Well it couldn’t be simpler — we’re just going to have some fun with this.

There will be ground rules though — Agile will spend the same amount of time utilizing each product. This doesn’t mean that we’ll eat all the Girl Scout Cookies while making sales calls — but that should fall under fair game, and to the pleasure of our team. Instead we set aside 10 hours per week to each tactic — and we’ll review the results.

 

 

Both approaches will also be linked (as it were) to another campaign that we have been waiting to explore. Both LinkedIn Premium and Girl Scout Cookies are simply a foot in the door at best, so we have our Trojan Horse campaign ready. There should be enough data on this A|B test to show a clear winner.

 

Benefits breakdown

LinkedIn-Changing-TOS_edited.jpg

ranging from $29.99 to $47.99 per month for job seekers, $64.99 per month for sales professionals, and $99.95 per month for recruiters.

Agile has chosen the LinkedIn Premium’s Sales Navigator Professional version which gives a lead-builder tool, lead recommendations and real-time insights on existing accounts and leads, as well as 20 InMail messages for $80 per month. It can be purchased for $64.99 per month as a one-time annual payment. Sales Navigator Professional also comes in a multi-seat version, Sales Navigator Team, which includes Out-of-Network profile unlocks, PointDrive presentations and more for $99.99 per month.

 

 

gs-cookies-4.jpg

Girl Scout Cookies are offered in 12 tiers of tasty.

Though most of them sell for $4 per box — the upstart S’mores think themselves Premium as well and sell for $5 — but we believe the box is 25% larger thus the increase.

Some of the benefits of Girl Scout Cookies is having coworkers sidle up to yor desk — sometimes even strangers will make multiple passes by you desk working up the courage to ask for a Thin Mint (or 5). Girl Scout Cookies do cause intra-brand loyalties that borders on cult-like followings (Somoas vs Caramel Delights).

The real killer part of Girl Scout cookies though is that if you have the willpower — you can stick them in the freezer an get the benefits for months and stretch the $4 box well into August.


In Early June we’ll post our results and stories that go along with each avenue of contact.