Security Insights: Speeding Ticket Spear Phishing

Security Insights: Speeding Ticket Spear Phishing

Spear Phishing Alert – Wednesday, May 4, 2016fake-speeding-ticket-email

There is a new local email scam: fake speeding tickets. The spear phishing email appears to be a speeding ticket. Several people in Tredyffrin Township have received emails which appear to be from their local police department. The emails contained accurate driving information: date and time, speed, license number and street address. Even more shocking, the drivers were actually speeding on the dates and times listed in the emails, which demands payment through an attached link. There is no apparatus for payment, instead the link downloads malware onto the user’s computer.

Authorities suspect the accurate information is being obtained through a traffic app which tracks a smart phone’s GPS data. It is believed the hacker was able to exploit a security flaw but it is still unclear exactly how the app is able to access this data.

The Tredyffrin Police Department warns that “citations are never emailed or sent in the form of an email attachment.” Scam Alert Speeding Ticket Email Scam – Tredyffrin Police Department

Please contact ITDATA to discuss ways to help your team avoid downloading malware, ransomware or other malicious software that can negatively impact your technology.

Related Links

A New Scam Sends Fake Traffic Tickets to Speeding Drivers – Yahoo Finance

Tips from the Helpdesk – Reduce the attack surface of your computer through system hardening

Reduce the attack surface of your computer through system hardening

Internet security.Laptop and opening safe deposit box's door.

Computers are capable of performing a seeming infinite amount of tasks. They are made to be adaptable and capable to open and execute many different programs and applications. Unfortunately this is also the reason why your machine may be susceptible to a malicious attack. Every application that is installed on your machine is door to your data and the network it resides on. If these applications are not kept up to date with patches, hot fixes and new versions, then these doors may be wide open to anyone strolling along the internet. Keeping up with the bad guys is a constant process.

Ever wonder why Adobe needs to be updated so much? In most cases it is not because there are new features to the application, but because they are trying to fix vulnerabilities in their code so that hackers do not take advantage of an application that is installed in nearly every organization. On April 5, 2016 Adobe released a security advisory citing a critical vulnerability in their latest version of Flash Player 21.0.0.197 and any version previous to version 21.0.0.182.  If you have been ignoring an adobe update for the past few weeks, make sure to update it now. This is not a new issue for Adobe’s Flash player. If you do not use Adobe Flash, delete it from your system. Don’t just delete Adobe though, delete anything that you don’t use frequently.

A large part of system hardening is deciding what applications that you use and what you can delete. If your computer is for work purposes, this may already be done for you by your system admin. If not, you should go through your programs under “Control Panel\All Control Panel Items\Programs and Features” and uninstall anything you don’t use frequently. If you need to use the application you can always install the latest version which will be safer than falling behind on patches and updates. Watch out for add-ons when you install a new browser such as Adobe or Chrome. Often times you must remove the check mark on a box if you do not want a Yahoo toolbar or some other program installed along with what you were intending on installing. This is another good reason to skim through your installed programs, you never know what piggybacked onto your latest installed program that needs to be removed.

By removing unwanted programs, you are decreasing the “attack surface” of your machine. By removing these programs you are making it very difficult for a hacker to find a vulnerability in your system. System hardening and regular virus scans can help to ensure that your data and your company’s data stays secure.

For more information about our system hardening procedures and keeping your companies data secure, Contact ITDATA today.

Zachery Albeitawi
Help Desk Technician, ITDATA, Inc.

New Tech Support Scam

Social Engineering Alert – A Call Regarding Hacked Email Account, April 2016

Scam Computer Keys Showing Swindles And Fraud

The Federal Trade Commission’s Division of Consumer and Business Education is warning consumers of a new tech support scam. The FTC has received reports of individuals getting calls from someone claiming to be from Global Privacy Enforcement Network – a legitimate organization known to work with various governments. The caller informs you that your email account has been hacked and is sending fraudulent emails. They threaten to take legal action, unless you allow them remote access to your computer in order to fix the problem immediately.
If the caller raises questions, the scammers have been known to increase pressure and give FTC’s staff numbers for further authentication.

  • The FTC advises that you keep the following points in mind when receiving a tech support call:
  • Don’t give control of your computer to anyone who calls offering to “fix” your computer.
  • Never give out or confirm your financial or sensitive information to anyone who contacts you.
  • Getting pressure to act immediately? That’s a sure sign of a scam. Hang up.

If you have concerns, contact your security software company directly. Use contact information you know is right, not what the caller gives you.

For further details regarding tech support scams and government imposter scams please visit the Federal Trade Commission website or contact us Contact ITDATA today.

Tips from the Helpdesk – Increase system performance and security with Malwarebytes

Increase system performance and security with MalwarebytesUnderstanding-Computer-Security-Jobs

Do you remember the days when your computer operated more efficiently? Applications ran smoothly, emails opened quickly in Outlook and opening a web browser was not an event that required a bathroom break to perform. If you are someone reminiscing about the good old days, hold on to your office chairs because there is one program that can bring those good times back. “Malwarebytes” is a program that scans your system for malicious objects and gets rid of them. Malicious objects can not only bog down your processor speed by taking up essential resources, but can also be dangerous to your precious files.

The now infamous “cryptolocker” ransom-ware virus has wreaked havoc on many systems. In its first 100 days of being released in 2013, the virus netted 30 million dollars to the creators. A virus on your system can travel to the servers or other workstations, and bring all work to a standstill. Running a scan with Malwarebytes is easy, you can work while it runs in the background and when it is complete you will have the peace of mind that your system is not infected.

One important tip to keep in mind once the program is installed, is that the databases need to be kept up to date by running updates when prompted or about once a week. These databases tell the program which files to eliminate so keeping them updated is very important. Malwarebytes will let you know if the database is out of date with a sad face, if you are up to date and have performed weekly scans, a happy face will be displayed.

You can download a free version of Malwarebytes here https://www.malwarebytes.org/. There are some nice perks to having an enterprise version of Malwarebytes running on every system in the company.

If you would like an ITData technician to help you install Malwarebytes on your system, or would like to hear more about setting up the enterprise version on all of your workstations and servers, please Contact ITDATA today.

Zachery Albeitawi
Help Desk Technician, ITDATA, Inc.

Phishing Alert – March 2016

Phishing Scheme Concerning Payroll and HR Officials Involving W-2semail spoofing

Our security partner, Layer 8 Security, has an on-going relationship with local and federal law enforcement. They receive intelligence and bulletins from the FBI and other sources on a monthly basis. In some cases, dissemination is limited; however, in this case a wide dissemination is allowed. We are posting this phishing alert to keep you and your company safe.

The Internal Revenue Service issued a phishing alert to payroll and human resources professionals to be cautious of a coordinated phishing attack that imitates company executives and requests employees’ personal information. Thieves are seeking forms like the W-2 that contain social security numbers and other personal data. These thieves ‘spoof’ an executive’s name as the sender to make the email appear legitimate. Main Line Health recently suffered an attack like this.

If you suspect that you received a phishing email here are some steps to take:

  • Take note of the ‘reply-to’ field to make sure it is genuine
  • Contact the sender by phone or in-person to confirm that he or she actually sent the email
  • Be aware of the company’s chain of command
  • When in doubt, contact IT

The IRS has learned this scheme is part of the surge in phishing emails seen this year. It already has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information (PII) to cybercriminals posing as company executives.

“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data. Now the criminals are focusing their schemes on company payroll departments,” said IRS Commissioner John Koskinen. If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.

IRS Criminal Investigation already is reviewing several cases in which people have been tricked into sharing SSNs with what turned out to be cybercriminals. Criminals using personal information stolen elsewhere seek to monetize data, including by filing fraudulent tax returns for refunds.

This phishing variation is known as a “spoofing” email. It will contain, for example, the actual name of the company chief executive officer. In this variation, the “CEO” sends an email to a company payroll office employee and requests a list of employees and information including SSNs.

The following are some of the details contained in the e-mails:

  • “Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
  • “Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).”
  • “I want you to send me the list of W-2 copy of employees’ wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.”

The IRS recently renewed a wider consumer phishing alert for e-mail schemes after seeing an approximate 400 percent surge in phishing and malware incidents so far this tax season and other reports of scams targeting others in a wider tax community.

The emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.

https://www.irs.gov/uac/Newsroom/IRS-Alerts-Payroll-and-HR-Professionals-to-Phishing-Scheme-Involving-W2s

The IRS, state tax agencies and tax industry are engaged in a public awareness campaign – Taxes. Security. Together. – to encourage everyone to do more to protect personal, financial and tax data. See IRS.gov/taxessecuritytogether or Publication 4524 for additional steps you can take to protect yourself.

Please share this alert with your business colleagues that you think could be affected. If you are unsure of how this notification pertains to your company, feel free to contact us to receive more information.

Tips from the Helpdesk – Keeping up with changing passwords

keyboard_image

Forgetting a password can be a frustrating way to start your day at any job. After you have changed it multiple times, it becomes harder and harder to keep up with your new passwords. However, it is important that you are not tempted to come up with weak passwords! Last year weak passwords accounted for 70% of all system and internet breaches.

So how do you keep all of your passwords strong and still remember them all? The answer is not to write them down. What is the point of a complex password if someone can just open a desk drawer and find them all written down? We have even seen users write passwords on sticky notes and attach them to their monitors. If this is you, please take those down and shred them. What do you do before you shred all of the passwords you have written down? Type you passwords into a password keeper.

Password keepers are software that you can download to your computer, phone or tablet. You only have to remember one strong password to access all of your passwords, which are encrypted and very secure. There are many different programs available for download that will perform this function. The software that I prefer is called Keepass, and is totally free, you can download it here http://keepass.info/download.html.

Keepass has a lot of great features. It’s open-source which is generally better for security reasons, you can sync it through Dropbox which some may find useful and provides another layer of security. Keepass is also available for any operating system, Windows, Mac and Linux. Try and make your passwords at least 8 characters long including a capital letter, a symbol and a number. Once you have a password keeper installed, you can make your passwords very complex and never have to call the help-desk for a password reset again!

Contact ITDATA today if you are in need of higher level network security. We can help!

Zachery Albeitawi
Help Desk Technician, ITDATA, Inc.

ITDATA Ranked In Philadelphia 100

Proud to be ranked as a Philadelphia 100 business!Philadelphia 100 winner

Great news! ITDATA has ranked as one of 2015’s fastest-growing, privately-held businesses in the Philadelphia region by the Philadelphia 100®, the Wharton Small Business Development Center, the Entrepreneurs’ Forum of Greater Philadelphia, and the Philadelphia Business Journal.

Peter Blau, CEO of ITDATA, joined the Class of 2015 CEOs for the Philadelphia 100® CEO Breakfast on October 1, 2015 at the Union League of Philadelphia, and is looking forward to the Gala Awards Ceremony on Thursday, October 15 at the Annenberg Center for the Performing Arts on the University of Pennsylvania Campus.

ITDATA will also be featured in the October/November issue of the Philadelphia Business Journal, as well as in the Book of Lists and on the Philadelphia Business Journal, Philadelphia 100® and Wharton Small Business Development Center websites.

Congratulations to all of the Philadelphia 100 winners of 2015!

Happy 18th, ITDATA!

Happy-18th-BirthdayOn behalf of the entire ITDATA team, we are happy to share that today, September 17th, marks our 18th year of business, serving our clients in the tri-state area! Sending gratitude for the relationships we’ve developed over the years, while looking forward to our continued growth in the future.

Thank you!
ITDATA, Inc.

 

NextFab

NextFab Managed IT Services and Supportquotation bubble

ITData’s services efficiently round out NextFab’s internal IT team. Dinesh and Gokhan have helped us scale up our systems and manage our complex environment without excessive disruption to our customers.

Evan Malone, Ph.D.
President, NextFab

CISSP Designation Announcement

Certified Information Systems Security Professional LogoDaniel Costantino Achieves CISSP Designation

ITDATA is pleased to announce that Daniel Costantino, our Director of Security, has successfully accomplished the designation of Certified Information Systems Security Professional  (CISSP®). Backed by (ISC)², the globally recognized, not-for-profit organization dedicated to advancing the information security field, the CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024. Not only is the CISSP an objective measure of excellence, but also a globally recognized standard of achievement.

Daniel Costantino, Director of Information Security, joined ITData in February 2013. He has seven years of experience in the IT Security industry, including five years within the Department of Defense. He is an expert in risk management development and coordination; including compliance regulations, policy enhancement and incident response. Daniel has a strong background in computer networking and systems implementation, giving him the ability to uncover deeply rooted security flaws within an environment. He holds a Bachelor’s degree in Information Systems Security, along with several industry recognized certifications from Cisco, Tenable and CompTia. Daniel is a highly decorated Marine Corps Combat Veteran, where extremely rigorous and diligent risk management practice was required of him.

ITDATA stands out amongst Managed Services Providers (MSPs) and IT Consultants due to our ability to provide an extensive layer of security on top of our services. Our team’s expertise provides a quicker time to market for new technology deployments with a robust security plan to support it. Our security services also help our for-profit and non-profit customers alike to improve their organization’s security posture through guided risk management and incident response.

Congratulations, Dan!