How to Spot and AVOID Phishing Emails

/in , , , , /by

Phishing emails are malicious emails sent by criminals attempting to compromise your personal information. They often appear to be legitimate, so beware.

Most phishing emails are disguised as messages from an authoritative entity asking you to visit a website and enter personal information. These websites are set up to gather personal details, which they can then use to hack into your accounts and commit fraud. Some links and attachments in these emails contain malicious software, known as malware, which will install itself on your computer. Malware then collects data such as usernames and passwords. If you recognize these emails, delete them immediately.

Being informed about Phishing techniques and the current news relating to it is very important because new phishing scams are being developed all the time. Without staying on top of these new phishing techniques, you could inadvertently fall prey to one. Keep your eyes peeled for news about new phishing scams. By finding out about them as early as possible, you will be at much lower risk of getting lured in by one.

Being able to recognize these emails will lessen your chances of being compromised. Here are some tips:

  1. Email Address. This is the first thing you should look at. Criminals use two tricks when crafting email addresses. First, they’ll put a real company’s name before the “@“sign to make it look credible. Second, they’ll use a web address similar to the genuine one. Scammers will craft phishing email addresses almost (but not exactly) identical to the real addresses. Check these emails carefully to make sure they are exactly the same as the real web address.
  2. Generic Greetings. Being cautious of emails with generic greetings such as “Dear Valued Customer” or “Dear Valued Employee”. Look for poor spelling, punctuation or grammar. Scammers will go to great lengths to make their phishing emails look authentic. They’ll use an actual company logo and even the names of people who are employed at the company.
  3. Links. If a link appears within the email, hover your cursor over the link to view the underlying address. Check to see where it would take you if you were to click on the link.
  4. Sense of Urgency. Phishing emails may use phrases such as “act quickly” to create a sense of urgency in order to lure their targets in. These scammers may make you feel as if you’re missing out on something. They want to pique your curiosity or exploit your fear to push you into an instant response.
  5. Name. Look to see whose name is at the end of the email. If it’s from a person, is their name in the email address and does the email address appear valid?
  6. Keep Your Browser Up-to-Date. Security patches are released for popular browsers all the time. They are released in response to the security loopholes that phishers and other hackers inevitably discover and exploit. Don’t ignore messages about updating your browsers – when an update is available, download and install it.
  7. Use a Firewall. High-quality firewalls act as buffers between you, your computer and outside intruders. You should use two different kinds: a desktop firewall and a network firewall. The first option is a type of software, and the second option is a type of hardware. When used together, they drastically reduce the odds of hackers and phishers infiltrating your computer or your network.
  8. Add Antivirus. There are a number of antivirus options available to both home users and business owners. There are special signatures that are included with antivirus software which will protect you against known technology workarounds and loopholes. Remember to keep your software up-to-date since new definitions are added all the time due to scams being developed consistently. Antivirus software will scan files which pass through the Internet to your computer and prevent damage to your PC.These types of emails are just generic emails which are sent out to large groups of people, knowing that it only takes a few people to click to make the effort worthwhile to the scammers.

Hold on, there’s more…

Spear Phishing. Criminals who target specific individuals use what is called “spear phishing.” Spear Phishing emails are even more sophisticated than your run-of-the-mill phishing emails, often using personal information obtained from social media pages to make the emails appear credible. These cyber criminals might use your name or tailor the email to reflect your hobbies, interests, where you live or events that are happening locally. They may even make the email look as if it came from the organization you work for. People are sometimes targeted because of their position within the company or because they have access to sensitive data.

As a general rule, you should never share personal or financially sensitive information over the Internet. When in doubt, go visit the main website of the company in question, get their number and give them a call. Most of the phishing emails will direct you to pages where entries for financial or personal information are required. An Internet user should never make confidential entries through the links provided in the emails. Never send an email with sensitive information to anyone. Make it a habit to check the address of the website. A secure website always starts with “https”.

When in doubt, don’t click! Contact your IT administrator. And remember, legitimate organizations will never ask you to disclose personal data via email.

You can also report the scam to the FBI’s Internet Fraud Complaint Center at www.ic3.gov.

Bryley Systems specializes in protecting you from malware. Contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here for you.

Read this case study about a particularly vicious attack that Bryley remediated.

 

Additional Resources:

https://www.sec.gov/oit/announcement/notice-regarding-phishing-scam-targeting-edgar-filers.html
https://www.usatoday.com/tech/
https://apwg.org

Bryley’s Prestigious Channel Partners 360 Award Travels the U.S.

/in , /by

After being honored as one of 25 recipients worldwide, our prestigious award is traveling the U.S. in celebration – being one of the most sought-after in the industry of technology solutions.

About Bryce Canyon. Bryce Canyon National Park in Southwestern Utah is famous for the largest collection of hoodoos—the distinctive rock formations at Bryce—in the world. Pillars of red, white, and orange cut through bluest skies, forming some of the world’s most famous breathtaking views. Bryce Canyon first became a tourist destination in 1916 with Union Pacific. It was then declared a National Monument in 1923, and officially established as a National Park in 1928.

 “Bryley Systems works toward continuous improvement; we strive to manage, optimize, and secure our client’s information technology, which brings substantial business benefit and value to their organizations. Our team-focused, best-practices-oriented approach, coupled with high-value/low-risk service options, enables us to provide our clients with Dependable IT at a Predictable Cost™. We thank Channel Partners for this prestigious Channel Partners 360° award!”                

    – Gavin and Cathy Livingstone, Co-Owners, Bryley Systems, Hudson, MA

Bryley Systems named to Top IT Service Providers by the Worcester Business Journal

/in , , /by

Each year, the Worcester Business Journal (WBJ) compiles and publishes a list of IT Service Providers throughout Central Massachusetts. The list, published on June 12, 2017, ranked Bryley Systems among the top 15 organizations surveyed. Rankings are determined based on survey results, federal filings and Web sites.

Bryley Systems named in Top 501 Managed IT Service Providers (MSPs) Worldwide for the Fourth Consecutive Year!

/in , , /by

Bryley Systems, for the fourth-straight year, ranks among the world’s most progressive 501 Managed Service Providers (MSPs), according to MSPmentor’s 10th-annual MSP 501 Worldwide Company Rankings. The top MSP 501 companies ranked this year include organizations from around the world and from diverse technology and business backgrounds. Collectively, they amassed $14.48 billion in total revenue (based on 2016 results), up more than 15 percent from a year earlier. (The complete 2017 MSP 501 list is available at MSPmentor.net.)

“We are honored to be named to the MSP 501 for the fourth consecutive year.” said Gavin Livingstone, President of Bryley Systems.  “It is a great honor and demonstrates our dedication to remain one of the top providers of managed IT services worldwide.  We look forward to continuing to provide excellent service to our clients.”

“On behalf of MSPmentor, I would like to congratulate Bryley Systems for its recognition as an MSP 501 honoree,” said Aldrin Brown, Editor in Chief, MSPmentor. “The managed service provider market is evolving at a rapid pace and the companies showcased on the 2017 MSP 501 list represent the most agile, flexible and innovative organizations in the industry.”

The 2017 MSP 501 list is based on data collected by MSPmentor and its partner, Clarity Channel Advisors. Data was collected online from Feb. 16 through May 15, 2017. The MSP 501 list recognizes top managed service providers based on metrics including recurring revenue, growth and other factors.

Bryley Basics: How to Handle Phishing SPAM

/in , , , /by

With an uptick in cyberattacks and phishing scams, we thought it prudent to provide some tips to avoid becoming a victim:

  1. NEVER open or click on links in email unless it is a known source and you are expecting the message that contains the links (Nice work Bill).
  2. NEVER respond to an email emphasizing the need to “Act NOW!”  This urges you to not think about what you are doing and is certainly the road to perdition.
  3. The bad guys are out there trying to lure you in.  They are up to no good 24/7 and constantly seeking out new and improved ways to dislodge your sensibilities and compel you to CLICK before you think.
  4. Remember that the bad guys are very clever, intelligent, and determined.  What they do represents potential cash flow to them.  They are motivated and have resources available to them.  Tired, rushed, frustrated, angry users are a potential bumper crop for them.
  5. Putting SPAM email on Block Lists is futile.  Today they change constantly and move around geographically.  Just delete them.  Your SPAM protection will eventually catch *most* variants and block them.
  6. You WILL get SPAM.  As the good guys thwart the efforts of the bad guys (SPAMMERS) they figure out ways to get around the walls of protection.  It is a running gun fight.  Thankfully there are good guys out there fighting on the front lines of this war.  They too are clever, intelligent, and determined.  We can help by being cautious and aware of the danger.  The moment we let our guard down, is the moment they gain an advantage.
  7. Being ever vigilant and careful about what is put in front of you as you use your computer is the best defense against becoming a victim.
  8. Emphasize these basic practices to your users.  The best way to avoid most mail delivered scams and many internet-based scams is to pause and examine the links contained in the email or on the web page.  Willy-nilly clicking links at any time will ultimately make you either appreciate your backup strategy or wish you had one.
  9. See #7 above.

A periodic review of Business Security practices with users is recommended.  Keep your business best practices along with computer security best practices in the forefront of your employees’ minds.  Emphasis on how to handle emails that “look” like they could be legitimate will pay big dividends in terms of time and money.

Sending people email about what to do to keep your company secure will not be nearly as effective as taking the time to gather in a room for ½ an hour face-to-face to demonstrate the seriousness of the situation.

Bryley Systems specializes in protecting you from malware. Contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here for you.

As they always said in the TV series “Hill Street Blues” at the end of the morning briefing, “Let’s be careful out there…”

Bryley Employees Enjoy a Summer Outing!

/in /by

Bryley Employees took some time to gather together and celebrate all that we have accomplished this year.  We ventured out to Puzzlescape in Hudson, to see if we had what it took to get out!  We are happy to announce that everyone safely escaped their respective rooms!  Here are some photos from our adventure.

 

 Trudging through the pouring rain. We did it! Making our own Ice Cream Sundaes!

Bryley Basics: Protecting your Online Reputation

/in , , /by

It seems nearly everyone we know today has some sort of Social Media account. It keeps us connected with loved ones near and far, enables the sharing of personal and professional milestones, and provides information about current events. This is great as long as certain precautions are taken. Safety and security must be considered when doing anything online.

One must also remember that anything done online can be seen by anyone no matter how “private” the group may be. The rule to remember is “once it’s on the Internet, it’s there for all to see forever.” A group of incoming Harvard freshmen learned that lesson the hard way. Roughly 10 incoming freshmen saw their offers rescinded after it was discovered that they posted explicit memes and messages targeting minorities in a private Facebook group chat.1 These students learned a valuable, albeit costly, lesson, there is no such thing as private groups or messages when it comes to the Internet.

There are several steps that can be taken to protect your online reputation:

  • Google yourself. Your reputation is largely decided by what people can see not just what you put forth. You can’t track what you don’t know about! The best way to manage this may be to setup a Google alert for your name so you can track new content.
  • Don’t post anything you’d be ashamed of later on. Many individuals will ask themselves a few questions prior to posting. A common question to ask yourself is Would I be comfortable sharing this with someone I highly admire? If the answer is No, don’t post! There are some individuals that will take a more conservative approach and if they even have to ask the question, will not submit the post for all to see.
  • Adjust your settings. Sometimes friends may add you to inappropriate posts without your knowledge and you may not find out until it’s too late and the damage is done. To prevent this, adjust your settings in your social media platforms so that you have to approve anything where you are tagged. Also, speak with your friends and let them know what you are and are not comfortable with them posting.2
  • Buy a Domain Name. For roughly $12 a year using sites such as GoDaddy, buying a domain name is added insurance to protect against others maliciously using your name. By creating a short bio, a CV, articles and other information, you can improve upon your image while boosting your ranking in search results.3

As much time as you take to curate your reputation in person, a similar amount of time, if not more, should be taken to manage your online reputation. In this day and age, perception is reality. Make sure you are the individual molding your digital persona.

 

1 Natanson, Hannah. The Harvard Crimson. “Harvard Rescinds Acceptances for At Least Ten Students for Obscene Memes.” 5 June 2017.
2 Facebook privacy Settings. https://www.facebook.com/about/basics/usr1
3 Erskine, Ryan. Entrepreneur. “How to Protect Your Online Reputation in 2017.” 23 Jan 2017.
4 O’Loughlin, Erin. Security Intelligence by IBM. “Identity theft and Social Media: How Are They Related?” 5 August 2016.

Why a Healthy Relationship with your MSP is Key to your Organization’s Ongoing Success.

/in , , , /by

The benefit of outsourcing part or all of your IT infrastructure’s needs is to remove those tasks and worries so that your organization can focus on your clients.  The cornerstone of maximizing the business benefit of your Managed Service Provider (MSP) is to ensure that the relationship between your organization and your service provider is consciously designed, proactively supported, and jointly managed.

Here are a few pointers for building and maintaining a great relationship with your current or prospective MSP partner:

Organizations should spend time with their MSP.  Organizations must involve their MSP in discussions and give them access to as much information as possible, without violating any commercial, data, or security issues.  It is important to designate a person (or two) to be the key point-of-contact for a variety of reasons:  open/create tickets, make phone calls/communicate needs or requests to your MSP, and oversee the relationship in general.

Having regularly scheduled meetings with key people from your MSP is always a good idea.  During these meetings, it is important to involve your MSP in your organization’s business plans and to get their input on strategic decisions related to IT.  With this level of insight, all parties can better understand the bigger picture and contribute to shared, long-term goals of your organization.  A discussion of your organization’s business and technology needs can establish a roadmap for future projects. The creation of that roadmap can, in turn, flow into a conversation around budget planning.

An effective MSP will understand the demands, business cycles, and priorities of your organization.  Essentially, MSPs want to do a good job but they aren’t always engaged by their client in a way that allows for that.  Only when an MSP has that level of information, and is engaged in that way, can everyone work together effectively, and the MSP can meet your goals and timetables.

Create a robust, quality communication system that clearly defines decision rights and proactively address issues, challenges and concerns. To be successful, the environment should enable collaborative working and open communication.  By appointing the key client and service provider leaders that drive the relationship process and communicate to stakeholders, the relationship will be in support of your long-term business mission and objectives.

In an effective relationship the key is to manage by FACT rather than perception, as the latter leads to mistrust and ongoing conflict.  Service reporting should be considered an ongoing process focusing on the ability to “slice and dice” information for decision making purposes. Your reporting should also be linked to the management information system that supports the relationship and should take a “balanced scorecard” approach.

Relationships inevitably encounter issues, obstacles and challenges as well as opportunities. Establish robust governance processes and forums early on to increase and maintain the level of trust between organizations.

Trust is vital. Treat your MSP like you would your IT manager.  ”Many times the value of the MSP service can be hindered by technology that doesn’t work the way it is meant to, or a technology provider that is unable to customize for your organizations’ needs. That is why it’s important to trust in your MSP and consult them with any goals or concerns you may have. Your MSP has a wealth of experience in dealing with a range of vendors and products, so they are in the best position to provide you with an integrated solution, tailored to your needs.”1 Give them general direction, and then let them do what they do best – manage IT.

Entrusting your IT to an MSP can be a difficult decision, but as long as your MSP is reliable and secure, it may very well be one of the best business decisions you’ve ever made.

By considering these elements, organizations have the foundation for a genuine partnership that, with the right access, ongoing conversations, and collaboration, can make a positive difference to the success of their organization.  Agreeing together on the definition of ‘a successful partnership’ must be one of the first steps for a long-term, genuine partnership.

1 http://www.interlinked.com.au/tips-for-a-long-lasting-relationship-with-your-msp/ – Interlinked

Bryley’s Prestigious Channel Partners 360° Award Travels the U.S.

/in , /by

 

After being honored as one of 25 recipients worldwide, our prestigious award is traveling the U.S. in celebration – being one of the most sought-after in the industry of technology solutions.

 

Kaibab National Forest. Kaibab National Forest covers 1.6 million acres and borders the Grand Canyon to the North and south. The Forest was first removed from public domain in 1893 to be included in the Grand Canyon Forest Reserve, and in 1906 was named the Grand Canyon Game Preserve to protect the many species of wildlife. The Kaibab National Forest earned its current name in 1919.

 

“Bryley Systems works toward continuous improvement; we strive to manage, optimize, and secure our client’s information technology, which brings substantial business benefit and value to their organizations. Our team-focused, best-practices-oriented approach, coupled with high-value/low-risk service options, enables us to provide our clients with Dependable IT at a Predictable Cost™. We thank Channel Partners for this prestigious Channel Partners 360° award!”

– Gavin and Cathy Livingstone, Co-Owners, Bryley Systems, Hudson, MA

Cloud Computing – A Green Solution

/in , , , /by

Moving to the cloud has benefits like simplicity, efficiency, easier management, etc. Cloud Computing has become the next wave of computing infrastructure and for many, the added benefit of having a “green” IT environment may be that extra incentive to move to the next generation of cloud computing and IT management.

The huge data centers that house the data require an abundance of electricity to run properly, which generates heat emissions. These emissions do add to the carbon footprint, but with the help of renewable energy, data centers are able to lower them, doing their best for both clients and the environment. While there is still a carbon footprint, the cloud has been proven to be more environmentally friendly.

Virtualization. With traditional computing, depending on the size of the organization, they can manage anywhere from a few servers to upwards of hundreds. This is inefficient as it leads to both wasted energy and physical equip­ment. Energy use is not customized to the needs of the organization, and the hardware used needs to be constantly replaced or updated, leaving behind a trail of physical excess. The cloud is a major improvement on traditional computing as it has redesigned the way busi­nesses operate. With the cloud, information is virtualized, eliminating the need for wasteful, in-house equipment. Busi­nesses can operate through this virtual location, drastically reducing energy usage and the need for excessive physical equipment.

The Option to Pay as You Go. Your monthly prices depend on your monthly usage. It’s a simple model and allows organizations to remain in control of their spending.

Multitenancy. Multitenancy allows many different organizations (public cloud), or many different units within the same organization (private cloud) to benefit from a common cloud-based infrastructure. When used in conjunction with automation software, multi-tenancy ensures fewer machines are required for operations.

“Automation Software. Cloud based infrastructure relies on automation to maximize energy and resources efficiency. Through automation software it is possible to provide and scale workload within shared data centers. IT specialists are able to push the limits of traditional utilization and consolidation limits. The higher the ratios the less physical hardware is required and this directly contributes to energy efficiency and resource optimization.”1

“Organizations Allow Telecommuting. Companies using internal, on-premises solutions have a hard time offering their staff remote working options because of the security risks that can arise when trying to connect to the enterprise network from an outside location. The cloud offers businesses the ability to secure their networks while still increasing accessibility and improving collaboration and productivity.”2

Cloud computing can be an important facet of an organization’s push to be greener and meeting critical IT operational goals.

Reduce cost. Consolidation means fewer servers, which in turn means lower cooling and space requirements, ultimately producing lower energy costs.

Comply with regulation. By tapping more efficient and therefore lower-emitting resources, cloud computing customers can reduce their carbon emissions and be better-positioned to meet regulatory standards.

Improve resiliency. Consolidation and improved utilization create more space, more power, and more cooling capacity within the same facility envelope. And tapping into public cloud providers offloads management of those resources from the customer to the service provider.

A cloud environment is one that is often created and always managed by a Managed Cloud Services Provider (MCSP) like Bryley Systems. MCSPs typically construct and then manage the overall infrastructure based on best practices and available resources; their overall cost tends to be less since they employ a variety of experts skilled in computer networks, cloud infrastructures, and cyber-security.

To inquire about Bryley’s full array of Managed Cloud Services and Managed IT Services, please contact us by phone at 844.449.8770 or by email at ITExperts@Bryley.com. We’re here for you.

 

References and Sources:

  1. https://www.etechcomputing.com/why-cloud-computing-is-green-computing/
  2. https://www.isgtech.com/4-green-benefits-of-cloud-computing/ (ISG Tech)

https://hbr.org/2011/03/cloud-computing-is-greener (Harvard Business Review)

http://mspmentor.net/infocenter-cloud-based-file-sharing/031814/going-green-eco-friendly-aspect-cloud-computing (MSPmentor)

http://www.itproportal.com/2014/04/10/how-the-cloud-supports-green-it-computing/ (IT ProPortal)

https://go.forrester.com/ (Forrester Research)