Limbtec Limited > Blog > cybersecurity

Outdated backup systems could leave your business vulnerable

24th March 2025
Outdated backup systems could leave your business vulnerable

Imagine this: Your business grinds to a halt because your critical files are locked away by scammers. And they’re demanding a ransom for their release.

This is called a ransomware attack, and it’s a growing threat to businesses all around the world.

Ransomware is a type of cyber attack where criminals break into your systems and encrypt your data, making it unusable. They’ll then demand payment (often in cryptocurrency) for the key to unlock it.

Even if you pay the ransom, there’s no guarantee you’ll get your data back. This is why a strong backup system is one of the best safety nets you can have.

Backups are copies of your important files and systems, stored separately from your main network. If something goes wrong (like a ransomware attack or even accidental deletion) you can use your backup tools to restore your data and keep your business running.

Backups are essential for businesses of all sizes. But here’s the catch: Not all backup systems are created equal. Recent research shows that many businesses are using outdated backup technology, leaving them exposed to risks even if they think they’re protected.

Older backup systems weren’t designed to handle today’s sophisticated ransomware attacks. And they leave businesses vulnerable in three main ways:

1. Backup data is a target

Ransomware attackers are getting smarter. They know that backups are your last line of defence, so they target them directly. If your backup system isn’t designed to protect against these attacks, your safety net could be cut away when you need it most.

2. Lack of encryption

Encryption is a way of scrambling your data so only authorised people can access it. Without encryption, scammers can tamper with your backup data – yet nearly a third of businesses report that their backup data isn’t encrypted.

3. Failed backups

It can be difficult to restore lost data with older systems, and this is the point where they often fail. Imagine finding out that your backup didn’t work just as your business is trying to recover from an attack. It can mean long downtimes and expensive repair efforts, which many businesses simply can’t afford.

So, how can you fight back against ransomware threats?

Rethink your approach to backups. Modern solutions like immutable storage are designed to offer the strongest protection against ransomware attacks. Immutable storage makes sure your backup data can’t be altered or deleted, no matter what. 

This technology is built on something called Zero Trust, a security model that assumes nobody and nothing can be trusted. Every access request is validated, and permissions are strictly limited, ensuring your important business data stays safe even if an attacker breaches your system. 

Ransomware attacks are not going away. If anything, they’re getting smarter and even more common. Now is the time to make sure your backup system is solid.

Not sure where to start? This is what we do. Get in touch.

Read more

Beware that corrupted email attachment: It could be a scam

10th March 2025
Beware that corrupted email attachment: It could be a scam

You’re scanning your inbox and spot an important email with a Word document attached. Maybe it’s an invoice, a message from a supplier, or even a request from a colleague. You open it without thinking twice… and just like that, you’ve been scammed.

This scenario is exactly what cyber criminals are counting on. Now they’ve come up with another new way to get past even the most advanced email security filters – this time, using corrupted Microsoft Word files.

It’s a clever and dangerous tactic.

Phishing (pronounced “fishing”) is where scammers try to trick you into giving away sensitive information, like passwords or bank details. They “bait” you with an email that looks legitimate, maybe from your bank, a co-worker, or a company you trust.

These emails often include attachments or links. When you open the attachment or click the link, you could be downloading malicious software (malware) or visiting a fake website designed to steal your details.

Phishing attacks are constantly evolving, and they’re now one of the most common ways scammers break into businesses. Email security filters are usually pretty good at scanning attachments. But since corrupted files can’t be analysed properly, the Word file is able to sneak into your inbox.

When you open one of these corrupted files, Microsoft Word will “repair” it and show you what looks like a normal attachment. But the document will contain a malicious QR code or link that sends you to a phishing site (often a fake Microsoft 365 login page). If you enter your details, scammers could have access to your account – and potentially your entire business. 

Stealing just one employee’s login details can be enough. With access to your cloud systems, scammers could get hold of sensitive customer data, lock your team out of essential files, or even send phishing emails from your account to trick your contacts.

If this happens to you, it could be catastrophic. Your business could face financial losses, legal consequences, and a damaged reputation that could take a long time to rebuild.

Cyber attacks are getting more complicated. But you don’t need a degree in cyber security to help keep your business safe.

The best protection is awareness and caution.

Here are some steps you can take:

  • Slow down and think twice before opening attachments or clicking on links
  • If an email seems urgent, beware – scammers like to rush you, so you’ll act without thinking
  • If you’re not sure an email is legit, check with the person or company that the email seems to be from
  • Never trust an attachment or link just because it looks professional

Most importantly, make sure you educate yourself and your team about what phishing is, why it’s dangerous, and how to recognise the warning signs.

We help businesses like yours with this every day. If you’d like us to help you too, get in touch.

Read more

Are your employees your security’s weakest link?

3rd March 2025
Are your employees your security’s weakest link?

Let me ask you something: Do you lock your front door when you leave the house?

Of course you do.

But what if you get home and find that someone left a window open? You may as well have left the door unlocked, right?

Now think about your business.

You’ve probably invested in good cyber security to protect it, using strong passwords, firewalls, and the latest software updates. But if your employees accidentally leave the “windows” open, all that security goes to waste.

It’s not about blame – it’s about awareness. The truth is that your employees might be your biggest security risk, without them even realising it.

More people are working remotely, and research shows that four out of five employees use their personal phones, tablets, or laptops for work. It makes sense. Why not use the devices they already own?

Here’s the problem: Your employees’ personal devices probably aren’t set up with the same security measures you’d use in the office. Their phones and laptops might use weak passwords, outdated software, or even be connected to unprotected Wi-Fi networks. All of this is a dream scenario for hackers. 

And here’s where it gets scary…

Two out of five employees admit to downloading customer data onto their own devices. That’s sensitive data leaving the safety of your business, now at risk of falling into the wrong hands.

If that’s not enough to worry you, here’s another shocker: More than 65% of employees admit they only follow cyber security rules “sometimes” or even “never”. This includes forwarding work emails to their personal accounts, using their phones as Wi-Fi hotspots, or ignoring guidelines about handling data when using AI tools.

Passwords are another issue, with nearly half of employees using the same passwords across different work accounts. Even worse, over a third of employees use the same passwords for both their work AND personal accounts.

Imagine a hacker getting into your employee’s social media account and using the same password to get into your business systems? It’s a disaster waiting to happen.

So, what can you do?

The key is education. 

Start by helping your team understand why cyber security is so important. Most people don’t break the rules on purpose – they just don’t realise the risks. Explain that those little habits that seem harmless (like reusing passwords or doing work on public Wi-Fi) can cause serious damage.

Create security rules that are clear, simple, and easy to follow. For example, you can tell your team to: 

  • Use a password manager to create a strong, random and unique password for each of their work accounts
  • Only access work systems on secure, approved devices
  • Never forward work emails to their personal accounts

Also, make sure your employees are getting regular training sessions to keep cyber security at the front of their minds, and don’t forget to celebrate good habits. If someone flags a suspicious email or comes up with a clever way to keep sensitive data safe, be sure to let everyone else on your team know.

Cyber security is everyone’s responsibility.

By giving your employees the right tools and training, you can turn them into your first line of defence instead of your weakest link.  If you’d like help keeping your team up to date on the latest security threats, get in touch.

Read more

Windows Hello gets a new look and improved security

13th January 2025
Windows Hello gets a new look and improved security

Do you dream of never having to remember another password ever again?

That’s what Windows Hello, Microsoft’s biometric sign-in tool is all about. It helps you log in to your Windows 11 devices quickly and securely – with just a glance or a touch.

Now, Windows Hello is getting a makeover, bringing not only a new look but also enhanced security features that are perfect for busy business owners.

If you’re not familiar with Windows Hello, it lets you skip traditional passwords and sign in using:

  • Facial recognition
  • Your fingerprint
  • Or a simple PIN

This means faster access, better security, and a lot less frustration.

Windows Hello is invaluable for businesses, allowing employees to securely access their apps and devices without the risks associated with weak or reused passwords.

The refresh will improve the design of Windows Hello, so it fits right in with the sleek, modern look of Windows 11. The whole experience will feel smoother and easier, whether you’re logging in to your computer or accessing the Microsoft Store.

Microsoft have also made it easier to use passkeys – another secure, password-free login method. With Windows Hello’s new passkey experience, you can choose your preferred sign-in method and switch effortlessly between devices.

These updates are currently in testing, but we should see a rollout soon.

Want to give Windows Hello a go? We can help, get in touch.

Read more

Beware that “support call” – it could be a ransomware scam

30th December 2024
Beware that "support call" – it could be a ransomware scam

If you get a call claiming to be from Microsoft Teams support, think twice before doing what they ask.

There’s a new trend for scammers to pose as “help desk” staff, with the aim of tricking employees into letting them take over their devices.

This is part of a larger ransomware attack, where you’ll be denied access to your business data unless you make a hefty payment to get it back.

Recently, a notorious cyber crime group has taken this scam to a new level.

What happens?

First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.

They may ask your employee to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.

Be warned – they don’t only reach out over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.

They do this by choosing usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then they send one-to-one messages to employees, saying they need access to their device.

Ransomware attacks are serious business. Along with locking you out of your data, they can also shut down your operations, disrupt customer service, and potentially leak confidential information.

Recovering from a ransomware attack can be expensive, both in terms of paying the ransom and dealing with the aftermath. It can cause loss of revenue, damage your reputation, and it could even have legal consequences.

Make your team aware of this scam and encourage everyone to be cautious with any unsolicited support calls or Teams chats. And make sure everyone knows to check with your actual IT department first, if someone is asking to install software or gain access.

Also, if you use Microsoft Teams in your business, make sure it’s set up securely. Only allow external chats from trusted domains, and make sure chat logging is enabled.

If you want extra help safeguarding your setup, we can do that. Get in touch.

Read more

New phishing scam is smarter than ever… here’s how to protect your business

25th November 2024
New phishing scam is smarter than ever… here's how to protect your business

Microsoft is warning business owners about a new type of phishing scam (where cyber criminals pose as a trusted source to trick you into giving away login info), which uses popular cloud services like SharePoint and OneDrive.

Although these platforms are usually safe, scammers have figured out how to trick privacy settings to get past security checks.

The scammers hack your cloud storage by stealing your login details or buying them on the black market.

Once they get inside, they upload a file that is designed to look authentic – like a fake Microsoft 365 login page. They set the file to “view-only” or limit access to specific people, such as you and your team.

Opening these files or following any links inside the emails could cause serious damage to your business. Scammers can use your information to access your systems, or they can install malware (malicious software) that lets them cause disruption and steal information.

Recovering from these kinds of attacks can be expensive and time-consuming – not to mention the damage it could do to your business’s reputation.

Make sure your employees are aware of this new threat and know to be cautious when opening emails, even if they appear to come from a trusted service.

Before opening any shared files, double-check the sender’s identity. If something feels off, contact the sender directly to verify it.

Make sure you use multi-factor authentication (MFA) across all your team’s devices. This adds an extra layer of security by requiring a second piece of information (like a code sent to your phone) along with your password.

Also, keep your security software up to date so that it’s always ready to block the latest types of attack.

Would you like our help protecting your business with added security, training, and monitoring? Get in touch.

Read more

Beware this malware: It “annoys” you into handing over login details

4th November 2024
Beware this malware: It "annoys" you into handing over login details

How cautious are you and your team with online security? You know about phishing scams, dodgy downloads, and not clicking suspicious links, right?

But an even sneakier new malware (that’s malicious software) wants to frustrate you into giving up your Google login details.

The malware doesn’t have a catchy name yet, but it’s part of a larger threat known as “Amadey”, and it’s been on the rise since August.

It forces your PC into something called “kiosk mode” (a setting often used on public computers that only lets you access one window). This allows it to lock your browser in full screen mode, hiding all your usual navigation buttons like the address bar and menus. Then you get sent to a fake Google password reset page.

Normally, you’d just hit the Esc or F11 keys to get out of full screen mode, right? Well, not this time. It won’t work if the malware has infected your PC. It wants to confuse you into thinking you must enter your password to solve the problem.

The password reset page will look like a real Google page. But the second you type in your details, they’ll be stolen by a second piece of malware hiding in the background. Falling right into the hands of cyber criminals.

Pretty scary stuff.

But here’s the good news: You can break free without giving up your details.

If your browser gets stuck in full screen mode, try hitting ALT+TAB to switch tasks, or ALT+F4 to force the window to close. Otherwise, try closing it through your task manager (CTRL+ALT+DELETE).

If all else fails, just restart your PC by holding down the power button or unplugging it, then get an expert (like us) to look at the malware.

Prevention is always the best approach, though. Be wary if your computer starts behaving strangely, especially if your browser suddenly goes into full screen mode and won’t let you navigate away.

Avoid clicking on suspicious links or downloading attachments you aren’t sure about. And as tempting as it might be to get past an annoying screen, never enter your password unless you’re 100% sure the website is legit.

If you’d like us to teach your team how to avoid the latest scams, we can help. Get in touch.

Read more

A third of all data loss is caused by problems with backups

21st October 2024
A third of all data loss is caused by problems with backups

Losing access to your business’s data – even temporarily – is a nightmare worthy of a horror movie.

Data backup tools create copies of your data and store them in a safe place. If something goes wrong, recovery tools will use these copies to restore your lost files.

So, if your business already uses backup and recovery tools, you’d think your data is safe… but this isn’t necessarily true.

A new report shows that some backup tools aren’t always as reliable as they should be. In fact, a third of all data losses are caused by backup-related issues. When people try to recover data, they discover it’s been lost or corrupted.

It’s not just corrupted backups that you should be aware of.

One of the biggest threats to businesses right now is ransomware. This is a type of malicious software (or “malware”) that locks you out of your files unless you pay a ransom to regain access.

The report found that half of businesses using backup tools still ended up paying ransoms to retrieve their files, because it was faster than trying to use their own recovery tools. Even worse? Only a small number of businesses that paid ransoms were able to fully recover their data.

Backup tools are supposed to keep your data safe, so why are they unreliable for so many businesses?

Often, it’s because they haven’t been set up properly. And even when they are, they still need to be verified regularly to make sure they are still backing up your files.

Also, older backup and recovery tools can’t always keep up with today’s sophisticated cyber attacks.

Setting up and maintaining a reliable backup system can be complicated. IT experts (like us) can make sure your tools are running correctly every day.

We can also put in place extra safeguards such as continuous data protection (CDP). This constantly saves changes to your files, allowing you to go back in time and restore your data as it was just before an attack or loss. This is something we do for businesses like yours every day. If you’d like us to help you too, get in touch.

Read more

You’re ready for the upgrade… what’s holding you back?

23rd September 2024

With the end of support for Windows 10 just over a year away, many business owners are starting to wonder why they haven’t upgraded to Windows 11 yet. Are you one of them?

Research shows that most businesses could make the switch, but a surprising number are still holding back. This despite the upgrade being free and easy.

A recent survey of more than 750,000 Windows 10 systems found that 88% are on hardware that’s fully capable of moving to Windows 11.

Yet, 82% of businesses haven’t taken the plunge.

This is worrying, especially with the clock ticking down to the deadline in October 2025. After then, Windows 10 won’t get any more free updates, including all-important security patches. That could leave your business exposed to risks.

So, what’s the hold-up? For many, it’s the fear of disrupting business operations. Upgrading an entire business’s operating system might sound like a hassle, with concerns about downtime or technical headaches.

But the truth is, upgrading to Windows 11 can be a lot easier than you think, especially with expert assistance (contact us if we can help you with this).

And there’s more to it than just avoiding the risks of sticking with an outdated system. Windows 11 comes with so many benefits:

  • Better security to keep your business safe from modern threats
  • Improved performance to boost productivity
  • And a sleek, intuitive interface that makes work easier for your team

Plus, if you are using newer hardware, Windows 11 will let you make the most of it.

The upgrade from Windows 10 to 11 is free if your devices meet the requirements.

With so many advantages and the deadline fast approaching, there’s no reason to wait.

We help make all upgrades as easy as possible. Let’s jump on a call and we’ll tell you about our extensive preparation, when we schedule upgrades, how we train your team – and answer all your questions.

Our goal is to get you up and running on Windows 11 without disrupting your daily operations. Let’s talk.

Read more

Heads up: You need to update Windows 11 by this deadline

19th August 2024
Heads up: You need to update Windows 11 by this deadline

Microsoft has issued an important update: If you’re using Windows 11, you need to upgrade to version 23H2 before 8th October 2024. After this, older versions will no longer receive essential security updates, putting your systems at risk.

Why is this important?

Because Microsoft will stop supporting older Windows 11 versions for business accounts. This includes stopping security updates, which are vital for protecting your systems against the latest cyber threats.

The latest version includes advanced security features to protect against new threats, making sure your business data remains safe. But updating to Windows 11 version 23H2 brings other benefits beyond security. 

You’ll also notice performance improvements, making your systems run faster and more efficiently, which is great for productivity. Plus, new tools and features are continually added, helping streamline your workflows and improve overall efficiency. Staying updated ensures compatibility with new software and technologies, maintaining smooth business operations.

Delaying the update could leave your business vulnerable to cyber attacks. Without security updates, your systems will be exposed to potential exploits, risking data breaches and financial loss.

Microsoft typically enforces updates post-deadline to keep people safe, especially for business devices not managed by IT departments. While this is helpful, it’s better to update proactively on your own schedule.

Updating to version 23H2 is straightforward.

  • First, check your current version by going to Settings, then System, and selecting About.
  • Before updating, make sure to back up all your important files to prevent data loss.
  • Navigate to Settings, then Update & Security, and select Windows Update.
  • Click on “Check for updates” and follow the prompts to install version 23H2.
  • Once the update is complete, restart your computer and verify the new version in Settings, System, and About again.

Making sure your systems are up to date will keep your business secure and running efficiently. Don’t wait until the last minute… upgrade to Windows 11 version 23H2 now. Keeping businesses protected and productive is our top priority. So, if you need any help with that, get in touch.

Read more
Recent Comments