Hacked. Now What?

First, what are a few ways hackers find their way into a device or accounts?

Unfortunately, there are lots of ways for hackers to find their way into our computers and our accounts. The software and apps we use are in a constant state of change. Sometimes, as developers work to maintain interoperability, opportunities arise for a hacker to exploit a change and access your computer.

Other times it’s a result of something users do themselves. We talked about this previously about opening emails that aren’t legit. Some of those emails may contain a payload that, once opened, deploys malware on your system. And, of course, hackers can always buy your password online. If you’re not diligent about password security, you could easily be hacked.

What should I be most concerned about a hacker gaining access to?

I think most people would say they’re concerned about a hacker gaining access to anything at all. But the biggest threat to an organization would be losing security of their customer’s private or financial information. As a consumer, I’d say the biggest concern would be your own financial information, but we’ve seen plenty of people lose private photos and videos that can be used to extort or embarrass.

What should be done immediately after learning the device or account is hacked?

If you have a hacked device, you need to take it offline as quickly as possible. If the device can’t transmit your personal information, you’ve got a compromised device but your information may not have been compromised yet.

Then it’s a matter of calling in an IT professional to help. Some viruses and malware can be very hard to completely remove from a system. It’s best to be sure.

If you have an account that’s hacked, you need to make an immediate list of any other accounts that use the same username and passwords. We’ve talked before about password security, about not using the same password for multiple accounts, and about using randomly generated passwords. If you have a separate password for each account you hold, your exposure to a single cracked or obtained password only affects the one account.

What additional security measures should be added to prevent repeat attacks?

It depends a little. If we’re talking about your workplace, you need a plan for cybersecurity. That will involve a policy for computer updates, access controls, antivirus requirements, and social engineering/phishing training for your employees. There’s a lot that needs to be done and recognized by each member of your organization to maintain security.

As a home user, you need to be taking steps to make sure you’re not using the same password for multiple accounts. Make sure your antivirus is up to date, make sure you’re not browsing to unreputable websites, and make sure you’re not opening suspicious emails.

That’s why 702 Communications offers managed services and computer repair support. We’ve got a team of IT professionals that can help you design your infrastructure to minimize risk. We can make sure your devices are automatically updating to prevent access via exploits, and we can set you up with a backup plan for your data if you’re the target of a ransomware attack. Whether you’re looking to prevent an attack or recover from one, 702 Communications is here to help.

Improving Connectivity in Your Home

Modern Wi-Fi routers generally do a great job of extending the signal to all rooms and all corners of your home. But sometimes there’s room for improvement. We’re going to talk today about two options for extending internet connectivity inside your home.

Mesh Wi-Fi Systems

The first option to really get great Wi-Fi coverage throughout your home is a mesh Wi-Fi system. In it, you have multiple access points that relay the Wi-Fi signal to and through each other to the base station that’s wired to your main Internet connection. Unlike Wi-Fi repeaters, these devices connect to each other with a different type of wireless signal and provide the full throughput of your connection. They’re generally really easy to set up and some don’t cost much (if any) more than a new wireless router.

CNET likes the Nest Wi-Fi best at $269, but does give other options depending on what’s important to you.

PC Mag does the same, giving you a list of mesh systems to look at depending on your needs.

But there’s another option for devices that need to be wired in.

Powerline Ethernet

If you’ve got an older home, chances are you don’t have Ethernet running everywhere you want connectivity. And, while it’s possible to retroactively wire up your home, there is an easier option that I’ve personally found to be pretty effective: Powerline Ethernet.

Powerline Ethernet takes adapters and uses your home’s wiring to transmit Ethernet in the house. You just plug one box into an outlet near your router (not a power strip) and then plug Ethernet into that device. Providing you’re on a single phase of power in your home, you can then plug subsequent powerline boxes into any other outlet in your home, pair them to the base station, and have Ethernet delivered via your home’s powerline. There are several brands out there, but I use a TP-Link system. For $40, you can deliver Ethernet into any other room in your home.

I hope this information will help get you better connected!

Brian Crommett
CEO
702 Communications

Identifying Suspicious Emails

Phishing is a social engineering attempt to deceive the target into providing personal or financial information or to possibly get them to install a piece of software on a computer that will enable the cybercriminal access to the target’s information.

Phishing attempts are nothing new, but as time’s gone on, some of them have become a bit more sophisticated and, in this work-from-home environment, easier to fall for.

By now everyone’s on the lookout for emails from Nigerian princes who claim to want to provide you with fabulous wealth, for just a small investment of your own, but you might not be as cautious if you see an email from “Facebook” that claims someone just tried to log into your account, or from “Amazon” who’s emailing to tell you they’ve detected fraud on your account.

It is important to protect your online identify. It is important to make sure your social media accounts aren’t compromised and your online merchant accounts are secure. But before you click a button in a panic to respond to one of these alerts, make sure you take the time to really look at it and see if it’s not a trap.

Here are examples of both the “Facebook” and “Amazon” alerts for your reference.

I have a Gmail account for personal emails. The other day while perusing my Spam inbox I found the following:

At first glance, someone might think, “I don’t know Rosina Taylor, I’m not going to click on that. Someone tried to log into my Facebook account? I better check it out!”

If you’re careful, you know this isn’t from Facebook. For one thing, it’s in my Spam folder, so even Google thought it was suspicious. But sometimes they’re wrong. Sometimes totally legitimate items show up in there. That’s why I check it. But if you look twice at the sender, you see it’s not actually Facebook that’s sending the message, but Facebook. They’re missing an o in their identity field.

Here again, to Google’s credit, there’s a big gray banner telling you it’s in your spam folder because it’s similar to items that have been identified as spam in the past. But if that’s not enough for you, take a good look at the sender’s email address: UPRBKFIQ…@tsvbxnpmsiwafloechcuwsmeesfeen.us. A legitimate email from Facebook or from any other reputable company isn’t going to come from a randomized account like this one. It doesn’t matter what else might be in the body of that message or the footer of that message. There is no doubt that this is a phishing attempt and any further action on your part to engage this message may end in your computer being compromised by a cybercriminal trying to otherwise steal your personal or financial information.

Here’s the “Amazon” example:

But say you missed that and you clicked on the message. I did to show you. This is what comes up next:

Knowing what you do now, you can see that this is also an email that doesn’t require any further action. Amazon is never going to send you a notice from alertsupport4376-recentfailedsigninappf8qtwwl7fn2c0i3z10@mail-important0562.com. Here again, you can delete the message and move on.

Both of those emails were easy to identify as phishing attempts if you just take a moment to really look. But sometimes it can be a little trickier to see. That’s why it’s really important for you to be vigilant when reading and replying to emails. If you get something from a professional contact or from a company with whom you do business that’s at all out of character or at all suspicious, look carefully at it before taking further action. If you’re still not sure, ask a trusted IT advisor.

Recently an email came into a staff email box at 702 from:

Jim Walter was the CEO at 702 for our first 20 years. Everyone here (except our newest hires) knows Jim by name, so it’s possible that he’d be emailing an employee even in retirement. There’s a little bit of legitimacy there. The email address is funky, but who knows? Maybe Jim decided he wanted to start his own email domain of “chiefe-mail.com” and send emails from it. It’s not hard to set something like that up. It’s not in character for Jim, but it’s not impossible. Let’s look at the body of the message:

Are you available, i need you to handle something for me asap, i can’t talk on phone now, just reply me here. Stay Safe

That isn’t Jim’s speech pattern. “reply me here” is a dead giveaway that this is a phishing attempt.

Our employee identified this as suspicious, reached out to our system admin regarding the email, and the phishing attempt was shut down. It does take a level of vigilance from each member in your organization to keep company information safe.

Be on the lookout in your own environment. Do your part. Stay safe out there!

Brian Crommett
CEO
702 Communications

PhoneSoap

If you’re not familiar with PhoneSoap as a product, you may be conjuring images of dish detergent or window cleaner. The truth is that PhoneSoap is a creative way to sanitize your cellphone and any other small personal items that may need cleaning.

PhoneSoap, at least the basic model that I’ve got, is a white clamshell with ultraviolet bulbs in both the top and bottom of the device.

phone soap closed

phone soap open

These bulbs are what’s responsible for sanitizing any items placed within it.

PhoneSoap uses UV-C radiation to sanitize your phone. We’re all familiar with UV radiation. We’ve heard, for years, about the necessity of using sunscreen to prevent sunburn and possible skin cancer.

What you might not know, though, is that the World Health Organization has, for years, recommended the use of sunlight (UV radiation) to purify drinking water if no other purification means are available.

How does sunlight purify or sanitize anything? It’s all about the radiation.

Our sun generates three types of UV radiation: UV-A, UV-B, and UV-C. Our ozone layer stops all of the UV-C and most of the UV-B radiation. UV-A and B radiation cause us to tan or burn when exposed, and the damage from UV-B radiation also causes our bodies to create vitamin D.

None of those changes occur, though, without some catalyst. And that catalyst is radiation damage.

UV-C is the most dangerous of the UV radiation because it has the shortest wavelength. It’s so short, in fact, that it can inactivate microorganisms like bacteria and viruses. That’s why you may be hearing more in the news now about cities and countries using UV light to sterilize hospital equipment, mass transit equipment and the like. UV-C gets right into the RNA and DNA of germs to prevent them from infecting or reproducing.

Our phones go everywhere with us and there’s probably little you touch or hold more than your phone. It stands to reason that our phones need regular sanitizing. And while you can wipe down your phone with a bleach wipe, something like PhoneSoap gets your phone truly clean and doesn’t leave any residue when it does.

Using PhoneSoap is easy! Just place your phone in the case, close the lid, then the light on the top of the case will come on. Ten minutes later, the light will turn off, and your phone is clean (well, sterile anyway).

I’ve found the case to be big enough for my key, wallet and eyeglasses, but not much more than that.

phone soap with keys inside

But those are my daily carry items, the things that I’m holding or touching most often, so it stands to reason that if I can keep them clean, and my hands clean, I can do a pretty good job of making sure I’m not bringing all sorts of germs back home.

PhoneSoap Basic is available for about $50 and should be good for tens of thousands of uses.

Stay safe out there.
Brian Crommett
CEO
702 Communications

Hosting Live Events Remotely

Large gatherings as we knew them are a thing of the past. 50% capacity or cancellations are the only solutions for some, but what about virtual live events? In the following clip, I discuss the logistics behind live streaming tech needed to bring your event to the masses safely on your own devices.

 

 

Thinking about putting on a live streaming event? Here are some pieces of technology to consider.

Eventlive.pro
Wireless Mic
Patch Cable

Call us with questions on connectivity!

Brian Crommett
CEO
702 Communications

Staying Connected

We’re coming up on four months of quarantine now and, for many, that’s meant four months of mental health struggles.

Consider the run on toilet paper we had at the beginning of it all. People’s anxiety over the unknown triggered that hoarding behavior. But having enough toilet paper (or way too much in many people’s cases) only satisfied a superficial risk. The underlying anxiety remained.

We are social creatures. Most of us want to be around people. Human contact, emotional and physical, is important. I’m a performer. I need feedback to be fulfilled. I’m also a hugger. I want that physical affirmation from the people I love and trust. I’m fortunate to be quarantined with my family right now. They can tell if I’m up or down. My oldest son, who’s out of the house, will check in with me on Tuesdays because those days are often (for whatever reason) my most stressful day of the week.

 

 

Knowing how important it is to me to have that interaction, I’ve made it a point to try to reach out to friends and family during the pandemic. Some of that contact may have been via a text message or instant message of some sort. Messaging is great. It’s quick, it lets someone know I’m thinking of them, but it does have a downside, too. It’s easy to lie in a text message. If I were to ask how you were doing/how you were feeling and you replied, “I’m good!” would I have a reason not to believe you? Even if you replied, “Oh, not bad, getting along pretty well I guess,” would that trigger a sense of unease?

Messaging keeps us in touch, but I’d argue it doesn’t really keep us connected.

A phone call gets us closer. If we can hear each other’s voices, we can hear the subtle inflection that helps tell the real story of how we feel. And, be honest, is there a much better feeling in the world than sharing a hearty laugh with a loved one? Speaking of laughs, I’m also fortunate to have a group of friends that I unwind with via PlayStation in the evenings. The ridiculous jokes, occasional curses and honest laughs are a welcome release during all of this.

Maybe the best way to get in touch with someone though, if you can’t see them in person, is on a videoconference. Whether it’s Skype or Zoom or Facetime or Facebook Messenger or Google Hangouts or whatever else you may have access to, actually seeing the faces of your friends and family is important. Then you really know they’re okay. If you haven’t done it yet, give it a shot. Video call someone you haven’t seen lately. You’ll make sure you see how they’re doing and they’ll be able to see how much you care.

I wish you all health.

Brian Crommett
CEO
702 Communications

Remote Team Tips for Success

Follow-Up to KVLY’s Point of View with Chris Berg Appearance on April 10, 2020

Last Friday, Chris Berg was kind enough to have me on his show to talk about the current tech climate and trends in technology now that most of us are working from home. Specifically, he asked me to discuss the main issues businesses need to tackle in this remote work reality. If you missed it, you can catch the segment here.

 

 

Here are five topics to pay closer attention to:

1. Bandwidth assessments

Do your remote workers have the bandwidth it takes to work from home? Speedtest.net will show the available bandwidth. From there, you or a team member will have a better idea of how successful you can be hosting or attending a video conference and how long it might take to upload and download files from a centralized location.

Factor in the number of people in the household trying to work or learn remotely. Remember, you’re all sharing whatever bandwidth you have coming into the home.

2. Security concerns

If you’ve got an IT staff, they’re working all the time to make sure the PCs you’re using are updated to avoid compromised software. In today’s environment, we may be connecting directly via VPN into an office environment.

If your employees are using a home PC, ask them:

  • Have they been diligent with software updates?
  • Do they have antivirus software? Is it up to date?

3. Communication platforms

Do you have a collaboration platform set up? Microsoft Teams, Google Hangouts, and Slack are all great examples of tools you can use to chat, videoconference, share files, screen share, and collaborate in real time.

4. File sharing

Are you going to have everyone connect to and upload files to a server in your office for collaboration? Are you going to utilize Microsoft OneDrive, Google Drive, Dropbox, or some other cloud-based location?

5. Communication

Whatever your plan is, you need to make sure you’ve conveyed expectations to your employees. Now’s the time to communicate where everything’s being kept and how to use the tools in front of them.

Working from home isn’t going away anytime soon. While we’ve all done a great job getting our workforce remote in a hurry and we’re doing business pretty well, there is always room for improvement – especially if we’re going to see ourselves in this situation much longer.

If you have questions on these topics, your best bet is to talk to a trusted IT professional like 702’s Managed Services division. They can help assess your work environment and make recommendations so that we can all stay home and work well.

Brian Crommett
CEO
702 Communications