Articles

Don’t fall for distributed spam distraction

One of the most frustrating things about using email is seeing dozens of spam messages every day. Fortunately, they’re just minor annoyances that are easy to remove from your inbox. However, hackers have developed a way to make spam much more insidious. Here’s what you need to know about modern spam attacks.

Understanding DSD
Distributed Spam Distraction (DSD) is designed to inundate your inbox with thousands of nonsense emails. There are no dangerous links, ads, or attachments involved, just random excerpts of text stolen from books and websites. What’s more, the email and IP addresses used are all different so victims can’t simply block a specific sender.

These attacks last anywhere from 12 to 24 hours and can flood inboxes with as many as 60,000 messages. While they may seem like harmless annoyances, the true purpose of DSD is to draw victims’ attention away from what hackers are doing behind the scenes.

And what they’re doing is exploiting your personally identifiable information (PII) to make unauthorized purchases or pilfer cash directly from your accounts. The DSD acts as a sort of smokescreen to hide payment confirmation messages behind a deluge of spam messages.

New tactics
Over the years, hackers have developed new tactics involving DSD. Several reports have shown that, instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that have been designed to weed out malicious code and gibberish text used by traditional DSD attacks.

What’s even more worrying is that any ill-intentioned individual can go to the dark web and pay for DSD services. They just have to provide a hacker with their target’s name, email address, and credit card numbers -- all of which can also be purchased in the dark web -- and pay as little as $40 to send 20,000 spam messages.

How to stop it
DSD is a clear sign that one of your accounts has been hijacked, so whenever you receive dozens of emails in quick succession, contact your financial institutions to cancel any unfamiliar transactions and change your login credentials as soon as possible. It’s also important to update your anti-spam software (or get one if you don’t have one already) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected. This means you should regularly change your passwords and pins, enable multi-factor authentication, set up text alerts for whenever online purchases are made in your name, and be careful about sharing personal information.

For more tips on how to deal with DSDs or other cyberattacks, call us today. We offer powerful tools and expert advice that will ensure your business’s safety.

Groups, Yammer, and Teams defined

While most Office 365 apps serve a unique purpose, tools like Outlook Groups, Yammer, and Microsoft Teams can all be used to communicate and collaborate with coworkers. However, there are subtle differences in the way they can be used, and today we’ll break it down for you.

Outlook Groups
With Outlook Groups, every member gets a shared inbox, calendar, project planner, notebook, and document library. You also get the ability to connect to third-party apps -- like Twitter, Trello, and Mailchimp -- so notifications are sent directly to your shared inbox.

This means all relevant messages and information are contained in one place, so if a majority of your conversations occur via email then, Outlook Groups is the perfect choice. What’s more, HR and Sales departments that communicate with external parties will also find plenty of uses for its email features.

One drawback with Outlook Groups, however, is email overload. Because all messages and notifications are sent to one inbox, users may be overwhelmed by the number of emails they have to sort through every day.

Microsoft Teams
Then there’s Microsoft Teams, a chat-based collaboration platform similar to Slack. It works with Skype for Business so you can text, call, video chat, and share files with colleagues. And thanks to its seamless integrations with other Office 365 programs, you can even work on shared files without having to leave the app.

Unlike Groups, Microsoft Teams is designed for high-velocity collaboration, making it the best of the three for completing projects with tight deadlines or other tasks where employees need immediate feedback.

Yammer
Much like Groups and Teams, Yammer works well with other Office 365 tools like Outlook and OneDrive. But the big difference is Yammer is a social media app designed to foster open communication and break down barriers between teams.

With Yammer, important files and announcements can be shared with the entire company like an office bulletin board. What’s more, users can see the most popular post on their feeds, follow it, and even provide their input by leaving a comment.

Yammer also takes design elements and features from popular social media apps like Facebook, making it a popular choice for companies with a significant number of millennials in their workforce.

Although we’ve discussed the fundamental differences between Groups, Teams, and Yammer, we’ve barely scratched the surface of what each app can do. To figure out which apps you need, you must understand how your employees work, how they prefer to collaborate, and what you want to achieve.

But there’s another way to find the right app for your business. Contact us today for an IT assessment!

Enlist IT help when installing CPU updates

When it comes to security updates, time is usually of the essence. The longer you wait to install a fix from a vendor, the higher the risk of being compromised. But in the cases of the Meltdown and Spectre flaws, you might be better off waiting until a more reliable patch is released. Let’s review what’s going on and what the best course of action currently is.

Unsecured data storage

Spectre and Meltdown are the names given to two hardware flaws that allow hackers to see any piece of information stored on your computer. Although slightly different in execution, both take advantage of a hardware feature that computer chips use to access and store private information. For the last 20 years, security experts believed this information could not be stolen or spied on by malicious software, but that assumption was proven false on January 3, 2018.

Now that the Spectre and Meltdown vulnerabilities are public information, hackers can use them to create programs that steal passwords, social security numbers, credit card numbers, and anything else you type into your computer.

Because these problems are hardware-based, none of the updates will be able to secure the vulnerable storage; they’ll simply prevent your computer from storing anything in it. Currently, there are patches for:

  • Operating systems (Windows, macOS, and Linux)
  • Web browsers (Chrome, Firefox, Safari, Edge, and IE)
  • Chip firmware (low-level programs installed on the processor itself)

If you’re using an Apple computer, these updates are relatively easy to install. If you’re using a Windows or Linux-based computer, these patches may cause your machine to freeze, reboot unexpectedly, or significantly slow down.

Why should I wait to install the updates?

Intel, one of the chipmakers responsible for the Spectre and Meltdown flaws, has provided contradictory recommendations on more than one occasion. As recently as January 18, Intel recommended waiting for an updated patch, but in the same announcement also recommended “consumers to keep systems up-to-date.”

Experts believe detecting an attack that is based on one of these flaws will be relatively easy and represent an alternative to installing updates that could render your computer unusable.

What should I do?

IT support experts will be able to quickly and easily assess what is the best option for your computers. For example, our team can determine whether or not your hardware will conflict with the current patches, and either install them or set up a detection strategy that will help you mitigate the risks without ruining your computer.

If you need expert IT support for quick responses and ironclad security -- give us a call today.

CONTACT INFO

1233 The Plaza, Box# 189048
Charlotte, NC 28205

☎ 866.807.6624

LATEST POST

Featured
Steps to protect your business from cyberattacks
Steps to protect your business from cyberattacks