Blog

Trust on the internet is broken. Everyone wants to be private and careful yet- so much of our exact identity and personal information is ON the internet.

Click Click Click…Next Next Next.

People love to push buttons and have immediate results.

Here is a scary, but very real story: A company had an employee receive an email from their HR/Accounting department asking the individual to update their direct deposit information, or so the person thought was their colleague.

The employee went on and replied to this email including their bank account information to the “HR/Accounting department”. The individual then followed up (days or weeks later) with their HR/Accounting department when they did not receive a paycheck!

The email, in fact, was not from the person’s employer, but indeed from a cyber-attacker.

If you haven’t heard, Microsoft decided to join the software subscription craze and launched their Office version, Microsoft Office 365. Office 365 works the same as the previous version of Office, but it offers users real-time software updates as well as a few other perks.

Technology is expensive. From annual investments in new hardware, to enhanced software that improves your business, and fast friendly IT support; technology can become an expensive line item in your annual budget.

Let's review some key areas where you can potentially save THOUSANDS in your annual technology budget.

This email is from someone outside my organization and it's not related to my job responsibilities.

I was cc'd on an email sent to one or more people, but I don't personally know the other people it was sent to.

Is the email message a reply to something I never sent or requested?

Do I have an uncomfortable gut feeling about the sender's request to open and attachment or click a link?

I hover my mouse over a link that's displayed in the email message, but the link-to address is for a different website.

Let's walkthrough a very typical Office 365 phishing campaign and then review the ramifications.You receive an email like the above, notice the misspelled email address in the FROM: field.  Also, see the inconsistencies in the capitalization.IF you click the link you end up at similar looking but "hacked" SharePoint page with another weird link.

If you (ever) click an email link like the one above and logged in with your password – you’ve given your entire mailbox to hackers. With access to your credentials via these “phishing emails”, they can then take over your inbox, DELETE all your email, steal any client or CONFIDENTIAL data, they then email malicious content to ALL of your contacts, and it can get worse.