Your IT Solutions Expert

Your IT Solutions Expert

DataBits News

Securing Your Passwords and Physical Devices

Part of securing your passwords is understanding how they become compromised. Two of the most frequent ways passwords are compromised is through Brute-Force attacks and data breeches. In a Brute-Force attack, hackers are using a systematic plan to check all possibilities until the correct one is found. If a hacker knows that the site requires a minimum of 8 characters and requires the use of both alphabetical and numeric characters they will start with those parameters. This is not done by hand. They write programs to do the dirty work.

So how do you defeat attacks like this? 

Read more

New Business Location? What You Need to Know!

It's simultaneously very exciting and stressful to be leasing or purchasing a new business.  So many items to check of the list once the paperwork is signed.  Do you have all the office furniture you'll need?  Computers and printers?  Get the Internet service ordered, the power and water in your name if necessary.  Decide on what kind of phone service you want and get that ordered; get your existing phone number ported.  Which alarm company should you go with?  But here's the one item almost no remembers to check - once your desks are in place and the computers are setup is the existing network going to be ready for your office to up and running?  Are there a network connections in the locations you’ve put the desks?  Or in the hallway by the shared printer?  No!!! 

But wait, the lessor said it would be ready to setup an office?  

Read more

Bitcoin Extortion Email

Starting in July a Sextortion email scam has been inundating peoples' inboxes.  Some reports show individual email boxes receiving the threatening email 2 - 3 times per day in the last couple of weeks.  For those who have visited adult websites and have a webcam either on their laptop or setup nearby, the scam feels pretty scary.  However, a critical look at the email shows it for what it is, a scam.

Read more

Microsoft Office365 Scam Email

Stealing credentials (your logins and passwords) is an ever growing industry.  Those stealing your information are usually selling it off to other criminals who will then work to profit from it.  Imagine what someone could do, connecting your password to your email address and then attempting to access bank accounts and credit cards.  All they need is control of your email to reset passwords and setup email rules so you'll never even see those emails come through.  Even worse is when they initiate bank transfers to offshore accounts.  You never see it happen because they're in your bank account creating the transfer and in your email forwarding any messages that show what's happening while it's being authorized and sent.

That is what makes this new scam particularly dangerous.  How many of your have employees who would click on what appears to be an email order for product and thereby compromise the entire company?

Read more

Tech Support Scams - Don't Be A Victim

“Hello we have been notified your computer is infected. I’m a Microsoft Tech calling to fix it for you.”

Sound familiar? I hope not, but it’s a scam that’s spreading and many people are being drawn in and taken every day. So much so that this kind of tech support scam has grown into a million dollar industry.

Tech support scams were first reported in 2008 and sadly, 10 years later, every day victims are being tricked into spending hundreds of dollars on non-existent computer problems.

There are two versions of this scam, the first is a call to you from a fake “Microsoft” technician. The second involves the victim calling in for “premium” tech support or product registration / activation from a dishonest company or from a pop-up that says their computer is infected.

Read more

Federal Rules of Evidence Have Changed Simplifying the Authentication of Electronic Evidence

In December 2017 an amendment was made to Rule 902 Federal Rules of Evidence, specifically relating to the process for authenticating Electronically Stored Information (ESI).  Until this amendment was passed, now included as subsections 13 and 14, litigants had to have any electronic evidence authenticated through trial testimony.  This was an expensive process.  While our company has taken on quite a bit of eDiscovery work, being asked to testify as an expert witness was rare due to the time and cost involved for litigants.

The new Subsection 14 reads:

Read more

What is the Online World Really Like for Your Kids?

As a parent you'd naturally be upset if a stranger were following your child around the mall or your neighborhood, so why aren't parents upset that their kids are being followed around in online games?

When "anismuncher1" is asking all players in a game geared toward children, "where do you live?" do you get the chills or do you have a sense of insulation because it's just on the Internet?  When a Roblox player is following the girl characters around saying "you're pretty" do you see an imminent threat, a predator hunting for vulnerable children, or a weirdo looking for attention?

Read more

Malware Being Delivered Through Ask Toolbar

The Ask Toolbar is possibly one of the most insidious software addons in existence. Most people find they have the Ask Toolbar and aren’t even really sure how it happened.

Now that Ask has been exploited it’s even more important to get rid of it. Most people acquire the Ask Toolbar as an addon to something they intended to download, but didn’t read the fine print and remove the check next to “Add the Search App by Ask.”

Read more

Beware This Google Drive Phishing Scam Is Making Another Round

We originally published this blog on our DataBits News site in early 2014, but as it appears to be making the rounds again we want to make sure everyone has been forewarned. 

With sharing of documents becoming more and more common this phishing scam is trying to scam people on a platform many people are comfortable using and sharing information through on a daily basis.

Like most phishing scams this one arrives via email with the subject of “Documents” "Invoice" or "Tracking Information". Naturally once you look at the body of the email it tells you to click on what looks like a Google Drive link to an important document.

This is where it gets particularly scary, if you click on this link you are taken to a login page that looks exactly like every other Google login page you’ve ever seen. This “fake page is actually hosted on Google’s servers and is served over SSL, making the page even more convincing,” Nick Johnston of Symantec wrote in his blog.  Johnston continued, “The scammers have simply created a folder inside a Google Drive account, marked it as public, loaded a file there, and then used Google Drive’s preview feature to get a publicly-accessible URL to include in their messages.”

So it has a URL, and it looks like a Google login.  Unfortunately many people are likely to enter their login credentials without a second thought – and just like that their credentials will be compromised.

What can you do to protect yourself?  First is to stay alert.  If an email comes to you with the subject of “Documents” or "Invoice" but you don’t know the sender there is no reason to click that link.  If an email comes to you with the subject of “Documents” or "Invoice" and you do know the sender think before opening it, would this person be sending me a document like this, even if they do send me docs do they ever just call them “documents” or "invoice"?

Second you may notice that something is slightly off with how a login is happening, for instance in this case when you click the link it asks you to sign in to a Google account.  Most Google users right now could type in or and it won’t ask for your credentials.  Certain parts of Google, like the merchant login, always ask for you to re-enter your password, but most won’t.  This is a very subtle hint that not all is right with this link, but it is one you might pick up on.

Johnston went on to say, “Google accounts are a valuable target for phishers, as they can be used to access many services…”  Not only will they now have access to your Gmail, Google Drive, and Google Merchant accounts, they will have access to what is becoming more and more important in the land of cyber crime and phishing scams – access to the contact list associated with your email address!

Why is that connection so important and valuable?  It’s simple, people are getting more wary of emails with links and attachments that come from Jane Smith, but if that email is from an old college friend or a neighbor down the block, you're more likely to click on the link or attachment it contains.  Compromised contact lists are becoming a hot commodity to really increase the effectiveness of phishing scams, generally referred to as spear phishing as they are now aiming for a specific person or group of people connected to the compromised account.

What can you do to make sure your account stays secure.  Be careful with any link or attachment that arrives via email.  Don’t feel embarrassed about contacting a sender to make sure the email you’ve received is legitimate, it’s always better to ask than have your information stolen.  And make sure you have taken steps to secure your password and that it’s not “password”.  If that seems too obvious keep in mind in 2013 when Facebook accounts were hacked the most common password exposed was “password”.

To learn more about securing your password read here.

Read more

Log in