Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Capstone Works Blog

Capstone Works, Inc. has been serving the Cedar Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tips to Avoid Getting Scammed at Home, School and Work

Tips to Avoid Getting Scammed at Home, School and Work

Let’s cut to the chase: scams are everywhere out there today, which makes it important that you are aware of how to avoid them. Let’s run through a few basic tips we always recommend.

Don’t Click on Links or Open Attachments You Didn’t Expect

If you receive a link or an attachment that you weren’t aware was coming—regardless of whether it comes in through an email, an instant message, or a text message—you should always reach out to the apparent sender through a different means of communication to verify that the link or attachment is legitimate. This is something you should do even if you expected this information, or at least proceed with great caution.

If your bank (or literally any other account or entity) sends you an emergency message about your account, don’t tap the link. Instead, log into your account like you normally would and look for the issue from there. It never hurts to change your password either.

Use Strong, Unique Passwords All the Time

According to NordPass, “123456” was the most-used password in Belgium. And in Chile. And in Estonia. And in Lithuania. And in the Philippines. And in Taiwan. And in the rest of the world.

I think you see the point I’m getting at…certain passwords are both horribly insecure in how often they are used, and relatedly, in how easy they are for a cybercriminal to therefore guess. That password, 123456, was found 103,170,552 times, and would presumably take less than a second to crack.

This is what makes it so important that you come up with sufficiently secure passwords—ideally, passphrases (random words chained together with some characters added in and switched, like c0un+rys!de+++func+!0n+++asser+!ve), to protect the various accounts you have.

Relatedly, Don’t Ever Use the Same Password on Two Accounts

Before you go and change every password you have to that new, clever, secure password you just came up with. It is also important to consider what would happen if one of your accounts was involved in a data leak. If you used the same username and password for all of your accounts, that means that all of your accounts are now undermined.

One way to fix this is to use a different password (or passphrase) for each account you have—and before you even have a chance to argue that it’s way too much to remember, that’s what a dedicated password manager is for, as a piece of software that securely stores your passwords and provides them as you need them.

Always Use Two-Factor or Multifactor Authentication

Unfortunately, passwords aren’t as effective as we might hope they are, which makes it prudent to rely more on the alternative identity authentication in addition to the password alone. Two-factor or multi-factor authentication (2FA or MFA) are effective means of this, as it requires another proof—like a biometric signature or randomly-generated, time-sensitive code—before access is granted to an account.

Learn to Spot a Phishing Attack

Phishing attacks are meant to fool you. Fortunately, there are many warning signs that you can look out for to counteract their attempts.

  • Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from PayPal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com. If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. a. paypal.com - Safe
    2. b. paypal.com/activatecard - Safe
    3. c. business.paypal.com - Safe
    4. d. business.paypal.com/retail - Safe
    5. e. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after PayPal’s domain name)
    6. f. paypal.com.activatecard.net/secure - Suspicious!
    7. g. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!

Remember, these tricks are designed to be subtle and easy to miss! Pay close attention to what you are clicking on!

  • Check the email in the header. An email from PayPal wouldn’t come in as [email protected]. Do a quick Google search for the email address to see if it is legitimate.
  • Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious. If the email shows up out of the blue with an attachment, even if it is from a sender you trust, it doesn’t hurt to ask them if it is legitimate.
  • Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious. 
  • Spread phishing awareness! There is no shame in being overly cautious! If you show those that you work with that you are mindful of these threats, they may adopt similar practices. In the long run, it makes email much safer for everybody!

Businesses Need to Restrict Access

Let me ask you something—would you allow everyone in your business to have free access to all of your business’ documents, including the financial records and HR files? No? Then why would you keep your network and all the data on it open for all of the business to see?

It’s really the same thing. Plus, reducing the number of people who have access to different directories reduces the number of people who might be scammed into giving it up.

Keep PCs, Laptops, Servers, and Networked Devices Updated

Software updates are largely intended to fill security gaps and holes previously left in the programming. Thereby, with fewer devices left unattended to or updates neglected on your network to serve as security holes, your network and everything on it is left more secure.

This includes running Windows updates, sever updates, keeping the software and firmware on your network devices up to date, and any other applications you have installed should be checked and updated regularly.

Businesses Should Have Their Network Audited Regularly

We can help businesses do just that. Reach out to us for a network audit and consultation, along with assistance in ensuring your operations are secure. Give us a call at (512) 343-8891 to learn more.

Now’s the Time for Austin Businesses to Start Thin...
We Chucked the Auto Attendant a Long Time Ago, and...
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 21, 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

high-threat environment Best Practices Social Media Gadgets 365 features AI Business continuity Business Cybersecurity Remote Workers Computer HIPAA Delightful smart devices UPS Privacy Internet Cloud Communications Apple Malware Cloud Computing Current Events Users File Folder BDR Saving money Managed Service best practices New Year Data Recovery application employees download Network Workplace Strategies Tech Support media accounts Cloud services right time Productivity Password User Tips Engineering VoIP Data Cyberattack spam Microsoft Teams Software phishing Business Continuity Mobile Office COVID-19 Data Privacy Day cloud business continuity Efficiency Managed Services cybersecurity Broadband Remote Work hackers business owners Saving Money Content Filtering 2FA Two-Factor Authentication Hosted Solutions managed IT sports teams Passwords Hardware AutoCAD Cloud computing Break/fit Managed IT surge protection Disaster Planning cybersecurity tools Quick Tips EMR Network Security IT Support IT Services Recovery Compliance Backup Shadow Workplace Tips IoT comprehensive IT password protection devices Microsoft Office Clutch Common password content Email SCAMS Tip of the Week Disaster Recovery business Co-managed IT Ransomware Microsoft Office 365 January 28 web application Vendor Server Technology accounts need Workplace Strategy Communication employees Small Business Remote Architect IT Marketing Security Servers Outsourced IT Passwords today AWS IT support Innovation Health Windows Microsoft

Latest News & Events

Capstone Works is proud to announce the launch of our new website at https://www.capstoneworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Capstone Works can do for your business.

Call Us Today
Call us today
(512) 343-8891

715 Discovery Blvd
Suite 511

Cedar Park, Texas 78613