Bryley Basics: Undo a sent email via Microsoft Exchange or Google Gmail

Google recently introduced a new feature, Undo Send, which permits the sender to retract a sent email; Microsoft has a similar, though somewhat limited, feature with the ability to recall or replace a sent email named Recall This Message.

Google’s Undo Send works for all emails, but it is time-constrained:  Google permits up to 30 seconds after an email is sent to Undo Send; however, any email-oriented activity other than Undo will end the countdown prematurely.

The Undo option is displayed along with View this Message after every sent Gmail-based email.  You must first access your Gmail account settings and enable Undo Send to make it work.

Bartie Scott of Inc. highlights Undo Send in her article How to Unsend an Email in Under 30 Seconds Flat.

Microsoft’s Recall This Message tries to stop delivery and, optionally, can replace a recalled email message.   Recall This Message requires an Exchange Server and stops email messages sent, but only email sent internally within your organization.  Also, the success of a recall depends on the recipient’s settings in Outlook:

  • If Automatically process requests… is enabled, recall will be successful
  • If disabled, the recipient will receive both the original email and the recall request; the original email is deleted only if the recipient opens the recall message first.

For more information, please view the Microsoft article Recall or replace an email message that you sent.

Given the short timeframe of Undo Send and the limitations of Recall This Message, your best option is to avoid recalling a message by:

  • Double-checking the To, Copy, and BCC recipients,
  • Ensuring that you have attached the desired file (if any), and
  • Giving yourself enough time to cool off before sending a heated email.

Bryley Systems acquires Managed IT Services clients from Baesis, Inc.

Baesis, Inc. is a growing, Northborough, MA-based company (since 2007) providing ERP solutions to organizations throughout the USA; they are one of the largest Sage Software, Inc. and JobOps partner-resellers in the country.

Bryley Systems Inc. is a growing, Hudson, MA-based company (since 1987) providing Managed IT Services to clients throughout central New England; they have been ranked in the top 500 Managed IT Service Providers (MSPs) worldwide for the second straight year.

Acquisition facts:

  • Baesis is focusing on its core practice of ERP deployments, which it is expanding nationwide with offices in Massachusetts, Connecticut, New York, and Kansas.
  • To facilitate this growth, Baesis divested its Managed IT Services practice and clients to Bryley Systems.
  • Bryley Systems acquired 24 Managed IT Services clients from Baesis in 2015.
  • Bryley Systems will support these 24 clients under its Managed IT programs.

 

Contact information:

Baesis, Inc.

Frank Leonard, President

FLeonard@Baesis.com

508.393.9960

Baesis.com

 

Bryley Systems Inc.

Gavin Livingstone, President

GLivingstone@Bryley.com

978.562.6077

Bryley.com

Recommended Practices:  Dealing with CryptoLocker

This is a multi-part series on recommended IT practices for organizations and their end-users.  Additional parts will be included in upcoming newsletters.

CryptoLocker surfaced in the fall of 2013; it is a ransomware trojan that, upon activation, encrypts all data files to which the infected end-user has read-write access, and then demands payment to decrypt.  It typically hides as an attachment within a phishing email and can even work over a home user’s VPN connection to encrypt data files on the organizations’ server(s).

cl-ex

The cyber-criminal’s intent is to receive untraceable payment via cyber-currency in exchange for a decryption key to unlock the data files, forming a one-to-one relationship between the cyber-criminal and the infected user:  The cyber-criminal knows the user is infected and awaits payment; if thwarted in his/her extortion attempt, that information is retained by the cyber-criminal, which could reduce future efforts to pursue your organization.

Of greater concern; if an individual or organization pays the ransom, that information is also known, recorded, and potentially shared for future attempts.  Basically, if you pay the ransom, you may be targeted for new efforts.

The cyber-criminal is likely acting within a crime syndicate; he/she might not even be technically savvy since CryptoLocker tools are readily available and easy to use.

We have recently seen a significant upswing in CryptoLocker attempts; the source emails spoof the email addresses of known parties while the attachment might carry a seemingly harmless “PDF” extension.  The message is compelling; an end-user unwittingly clicks the attachment and starts the process.

The first best step is prevention:

  • If feasible, use group policies or AppLocker to restrict software execution1
  • Limit access only to needed files; make them read-only where appropriate
  • Update security patches on all operating systems and end-user applications2
  • Deploy and continually update anti-malware apps on all end-user devices2
  • Deploy a robust, anti-spam solution that can block executables2
  • Consider blocking or quarantining all incoming attachments
  • Setup a backup routine that addresses data files frequently3

For more information, Jonathan Haskell of ComputerWorld reviews group policy restrictions in his article:  “CryptoLocker:  How to avoid getting infected and what to do if you are”.  Also, Third Tier and SMB Kitchen have jointly released a CryptoLocker Prevention Kit to assist in developing these group policies.

Education is also critical4:

  • Schedule regular training reviews with your end-users
  • Demonstrate to your end-users how to spot potential threats
  • Discuss the dangers of clicking attachments, even those from known sources

If you are infected by CryptoLocker5:

  • Identify the infected computer and remove it from the network
  • To be prudent, change online and system passwords
  • Create forensic images of infected computers
  • Preserve all firewall, Intrusion Prevention, and Active Directory logs for potential analysis by law-enforcement officials

Index of referenced articles:

1 See the January 2015 Bryley Tips and Information article: Recommended Practices:  Manage End Users via Active Directory and the February issue for the article: Recommended Practices – Part 7:  Resource Management via Active Directory.

2 See the June 2015 Bryley Tips and Information article:  Recommended Practices:  IT security cheat-sheet.

3 See the April issue of Bryley Tips and Information for Bryley Basics:  How ransomware (CryptoLocker) makes backups more critical.  Also, visit Bryley Systems’ Data Backup Guidelines – 2015.

4 See the May 2015 Bryley Tips and Information article: Recommended Practices: Basic IT training for end users

5 View detailed prevention and response techniques in CryptoLocker Prevention and Remediation Techniques, presented by fishnet security.