Limbtec Limited > Blog > cybersecurity

New! A better way to find Chrome extensions

18th December 2023
New! A better way to find Chrome extensions

If you use Google Chrome, you’ll love this. Google has just rolled out a game-changing update that’s going to make your browser more powerful than ever.

It’s the revamped Chrome Web Store, featuring a fresh design and exciting new features.

Now, if you’re like me, you’ve probably spent more time than you’d care to admit sifting through the Chrome Web Store in search of the perfect extensions for your browser. Those days of endless scrolling and hunting for that elusive add-on are officially over.

First off, they’ve introduced new categories to help you quickly find what you need. Whether you’re shopping, looking for productivity tools, or are just in the mood for some entertainment, there’s a category for you. And the cherry on top? There’s now a dedicated section for AI-powered extensions.

AI Powered

These AI-powered extensions are not to be underestimated. Many of them integrate popular chatbots and even some of the best ChatGPT extensions available. Imagine having your own virtual assistant right in your browser, ready to answer questions, provide recommendations, and assist with various tasks.

And it doesn’t stop there. Google has also included a ‘suggested extensions’ section that tailors recommendations based on what you’ve previously downloaded.

There’s an ‘Editors’ spotlight’ section which promises to showcase up-and-coming extensions you might have otherwise missed.

Navigating the Chrome Web Store has become even more intuitive. The search bar has moved to the top-right corner of the screen, and Google has enhanced its capabilities. You can filter by all items or focus on featured extensions and themes, making it a breeze to find exactly what you want.

In the top-left corner, you’ll find the Extensions tab to dive deeper into add-ons for your browser. Fancy changing the look of Chrome? Simply navigate to the Themes tab. Customisation has never been this easy.

While this new Chrome Web Store update is undoubtedly exciting, let’s not forget about the importance of staying vigilant when it comes to browser security. Here are a few reminders:

  1. Monitor downloads to make sure they’re safe and relevant
  2. Never download extensions from third-party websites
  3. Make sure everyone in your business is aware of and follows the correct security measures.
  4. Regularly update Chrome and your extensions and educate your team about the importance of strong passwords and safe browsing practices.

If you’d like help finding even more productivity-boosting tools for your business, get in touch.

Read more

How to Organize Your Cybersecurity Strategy into Left and Right of Boom

15th December 2023

In the pulsating digital landscape, every click and keystroke echoes through cyberspace. The battle for data security rages on. Businesses stand as both guardians and targets. Unseen adversaries covet their digital assets.  

To navigate this treacherous terrain takes a two-pronged approach. Businesses must arm themselves with a sophisticated arsenal of cybersecurity strategies. On one side, the vigilant guards of prevention (Left of Boom). On the other, the resilient bulwarks of recovery (Right of Boom).

Together, these strategies form the linchpin of a comprehensive defense. They help ensure that businesses can repel attacks. And also rise stronger from the ashes if breached.

In this blog post, we’ll explain how to organize your cybersecurity approach into Left and Right of Boom.

What Do “Left of Boom” and “Right of Boom” Mean?

In the realm of cybersecurity, “Left of Boom” and “Right of Boom” are strategic terms. They delineate the proactive and reactive approaches to dealing with cyber threats.

“Left of Boom” refers to preemptive measures and preventative strategies. These are things implemented to safeguard against potential security breaches. It encompasses actions aimed at preventing cyber incidents before they occur.

“Right of Boom” pertains to the post-breach recovery strategies. Companies use these after a security incident has taken place. This phase involves activities like incident response planning and data backup.

Together, these terms form a comprehensive cybersecurity strategy. They cover both prevention and recovery aspects. The goal is to enhance an organization’s resilience against cyber threats.

Left of Boom: Prevention Strategies

User Education and Awareness

One of the foundational elements of Left of Boom is employee cybersecurity education. Regular training sessions can empower staff. They help them identify phishing emails. As well as recognize social engineering attempts and adopt secure online behaviors. An informed workforce becomes a strong line of defense against potential threats.

Employee training reduces the risk of falling for a phishing attack by 75%.

Robust Access Control and Authentication

Implementing strict access control measures reduces the risk of a breach. It helps ensure employees only have access to the tools necessary for their roles.

Access control tactics include:

  • Least privilege access
  • Multifactor authentication (MFA)
  • Contextual access
  • Single Sign-on (SSO) solutions

Regular Software Updates and Patch Management

Outdated software is a common vulnerability exploited by cybercriminals. Left of Boom strategies include ensuring all software is regularly updated. They should have the latest security patches. Automated patch management tools can streamline this process. They reduce the window of vulnerability.

Network Security and Firewalls

Firewalls act as the first line of defense against external threats. Install robust firewalls and intrusion detection/prevention systems. They can help track network traffic and identify suspicious activities. Additionally, they help block unauthorized access attempts. Secure network configurations are essential to prevent unauthorized access to sensitive data.

Regular Security Audits and Vulnerability Assessments

Conduct regular security audits and vulnerability assessments. This helps to identify potential weaknesses in your systems. By proactively addressing these vulnerabilities, organizations can reduce risk. They can reduce the chance of exploitation by cybercriminals.

Penetration testing can also simulate real-world cyber-attacks. This allows businesses to evaluate their security posture effectively.

Right of Boom: Recovery Strategies

Incident Response Plan

Having a well-defined incident response plan in place is crucial. This plan should outline the steps to take in the event of a security breach.

It should include things like:

  • Communication protocols
  • Containment procedures
  • Steps for recovery
  • IT contact numbers

Regularly test and update your incident response plan. This ensures it remains effective and relevant.

Data Backup and Disaster Recovery

Regularly backing up data is a vital component of Right of Boom. Another critical component is having a robust disaster recovery plan.

Automated backup systems can ensure that critical data is regularly backed up. As well as making sure it can be quickly restored in the event of a breach. A disaster recovery plan allows businesses to resume operations swiftly after an incident..

Forensic Analysis and Learning

After a security breach, conduct a thorough forensic analysis. It’s essential to understand the nature of the attack. As well as the extent of the damage, and the vulnerabilities exploited.

Learning from these incidents enables organizations to strengthen their security posture further. This makes it harder for similar attacks to succeed in the future.

Navigating the legal and regulatory landscape after a security breach is important. Organizations must follow data breach notification laws and regulations. Timely and transparent communication with affected parties is essential. It’s vital to maintaining trust and credibility.

Get Help with a Strong 2-pronged Cybersecurity Strategy

Using Left and Right of Boom strategies can improve your security stance. These terms help you consider both important aspects of a strong defense.  

If you’d like some help getting started, give us a call today to schedule a chat.

Article used with permission from The Technology Press.

Read more

7 Helpful Features Rolled Out in the Autumn Windows 11 Update

13th December 2023
Windows 11 Autumn update

In a world where technology constantly evolves, Microsoft stands at the forefront. It continues to pioneer innovations. Innovations that transform how we interact with our digital universe.

The fall Windows 11 update is a testament to Microsoft’s commitment to excellence. It’s more than just an upgrade. It’s a leap into the future of computing. Microsoft touts it as “The most personal Windows 11 experience.”

Let’s explore some of the great features that make this update so significant.

Microsoft Copilot: Your Intelligent Partner in Creativity

A standout feature of the fall Windows 11 update is Microsoft Copilot. This AI-driven marvel is like your personal PC assistant.

Need help summarizing a web page? Want to change to dark mode, but forgot how? Looking for a quick custom image for a social media post? Microsoft Copilot can do all that and more.

Windows Co Pilot

Image credit: Microsoft

Copilot is seamlessly integrated into Windows 11. It offers real-time suggestions and turns ideas into reality with remarkable ease. Ask it what you need, and the AI engine gets to work.

Updated Apps (Paint, Snipping Tool, Clipchamp & More)

Have you ever wished that Windows’ Snipping Tool could do more? This update grants that wish. The Snipping Tool is just one of many to get an AI upgrade.

Look for new capabilities in Paint, Clipchamp, and Photos. Get a unique image from inputting a text prompt and style. The Cocreator tool in Paint makes it easy to jumpstart your creativity. It will generate the image, then you can edit it in the same app.

Microsoft Clipchamp is one of the easiest video creator tools out there. You can now just drag in your assets and clips. Then, click to have the AI engine work its magic to create a video for you.

The new Clipchamp Auto Compose feature can:

  • Recommend scenes
  • Make edits
  • Create a narrative based on your inputs       

Easy Data Migration with Windows Backup

When you buy a new computer, moving data can be a pain. It can take hours to move your “pc life” between devices. And there’s always the risk you’ll miss something.

The new Windows Backup feature makes moving between computers easier. You can choose backup options and folders. When ready to move, it’s a simple process. You can restore the new PC from another backed-up PC.

Microsoft Edge: A Faster and More Secure Browsing Experience

Microsoft Edge received significant enhancements. These focus on speed, responsiveness, and security. The Edge Secure Network feature offers more gigabytes. Microsoft increased user storage from 1GB to 5GB. This function encrypts your internet connection to secure data.

Edge Secure Network has many features of a VPN. This is great for extra online security. It’s also helpful for companies trying to prevent breaches from clicks on phishing links

Save Energy & Battery Power

A feature called Adaptive Dimming is another enhancement of this update. Your screen slowly dims if you’re no longer paying attention. This has the dual benefit of saving energy and helping you refocus.

PC sensors power this feature as well as two others. So, it’s going to be more common with newer computers.

The other two features that use sensors are:

  • Wake on Approach
  • Lock on Leave

A More Personal Windows 11 Experience

Beyond the technical innovations, this update brings more. Including a more personal touch to the user experience. Tailored to individual preferences, Windows 11 becomes an extension of the user’s identity.

This includes things like:

  • Personalized themes
  • Custom widgets
  • Intelligent assistants

Every interaction feels curated and intuitive. It makes for a truly personalized operating system.

Other Cool Enhancements

There’s a lot of excitement packed into Windows 11. Here are a few more new features you can explore.

  • Copilot in Microsoft Shopping: Find what you need fast when shopping online. Bing will provide tailored recommendations based on your requests.
  • Content Credentials: Add an invisible digital watermark to your AI-generated images in Bing. Cryptographic methods help you tag your work.
  • Bing Chat Enterprise Updates: Boost work creativity and enjoy multimodal visual search. Find information using only images.
  • DALL.E 3 Model from Open AI: Use the Image Creator in Bing and you’ll likely be impressed. It’s had an upgrade and uses the DALL.E 3 model to render images from text prompts.

Harness the Power of Microsoft Products

Microsoft is definitely a leader in work productivity tools. And it has been for a long time. If you’re still working like it was 2020, let us help you upgrade. Employees can be more efficient than ever with the right apps.  

We’ve got your back with Microsoft 365, Windows 11, and other solutions. Our experts will guide you, so you can gain an edge on the competition.

Give us a call today to schedule a chat.Article used with permission from The Technology Press.

Read more

When Your Facebook Or Other Online Account Gets Hacked, Who’s Responsible For The Losses?

8th December 2023

Recently, the CEO of a very successful marketing firm had their Facebook account hacked. In just a weekend, the hackers were able to run over $250,000 worth of ads for their online gambling site via their account and removed the rightful owner as the admin, causing the firm’s entire Facebook account to be shut down.

Not only are they uninsured for this type of fraud, but they were shocked to discover that Facebook, as well as their bank and credit card company, was NOT responsible for replacing the funds. Facebook’s “resolution” was that there was no fraud committed on their account because the hacker used their legitimate login credentials, and Facebook is not responsible for ensuring you keep your own personal credentials safe and confidential. Further, they didn’t have the specific type of cybercrime or fraud insurance needed to cover the losses, so they’re eating 100% of the costs.

Not only are they out $250K, but they also have to start over building their audiences on Facebook again, which took years to build. This entire fiasco is going to easily cost them half a million dollars when it’s all totaled.

In another incident, another firm logged into their account to find all of their ads were paused. Initially, they thought it was a glitch on Facebook, until they realized someone had hacked into their account, paused all of their legitimate ads and set up 20 NEW ads to their weight-loss spam site with a budget of $143,000 per day, or $2.8 million total.

Due to their spending limits, the hackers wouldn’t have charged $2.8 million; however, due to the high budgets set, Facebook’s algorithms started running the ads fast and furious. As they were pausing campaigns, the hackers were enabling them again in real time. After a frantic “Whac-A-Mole” game, they discovered the account that was compromised and removed it.

The compromised account was a legitimate user of the account who had THEIR account hacked. Because of this, Facebook wouldn’t replace the lost funds, and their account got shut down, with all campaigns deleted. Fortunately, these guys caught the hack early and acted fast, limiting their damages to roughly $4,000, but their account was unable to run ads for 2 weeks, causing them to lose revenue. They estimate their total damages to be somewhere in the $40,000 to $50,000 range.

When many people hear these true stories (with the name of the companies withheld to protect their privacy), they adamantly believe someone besides them should step up and take responsibility, covering the losses. “It wasn’t OUR fault!” they say. However, the simple reality is this: if you allow your Facebook account – or any other online account – to be hacked due to weak or reused passwords, no multifactor authentication (MFA) turned on, improper e-mail security or malware infecting your devices due to inadequate cyber security, it is 100% YOUR FAULT when a hacker compromises your account.

Facebook is just one of the cloud applications many businesses use that can be hacked, but any business running any type of cloud application, including those that adamantly verify they are secure, CAN BE HACKED with the right credentials. Facebook’s security did not cause their account to be compromised – it was the failure of one employee.

The BEST way to handle this is to NOT get hacked in the first place. Here’s what you need to do to protect yourself:

  • Share this article to make sure your staff is aware of these types of scams. Cybercriminals’ #1 advantage is still hubris; businesses and most people in general insist that “nobody would want to hack me” and therefore aren’t extremely cautious with cyberprotections.

  • Make sure you create strong, unique passwords for EACH application you and your team log into. Use a good password management tool such as Keeper to manage this, but remember IT MUST BE USED IN ORDER TO WORK. For example, don’t allow employees to store passwords in Chrome and bypass the password management system.

  • Minimize the number of people logging into any account. If someone needs access, give them that access and then remove them as a user ASAP immediately after. The more users you have on a cloud application, the greater the chances are of a breach.

  • Make sure all devices that touch your network are secure. Keylogger malware can live on a device to steal all of your data and credentials.

If you want to ensure your organization is truly secure, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, you’re due.

It’s completely free and confidential, without obligation. Voice scams are just the latest in a tsunami of threats aimed at small business owners, with the most susceptible being the ones who never “check the locks” to ensure their current IT company is doing what they should. Claim your complimentary Risk Assessment today.

Read more

What Is the Most Secure Way to Share Passwords with Employees

6th December 2023

Breached or stolen passwords are the bane of any organization’s cybersecurity. Passwords cause over 80% of data breaches. Hackers get in using stolen, weak, or reused (and easily breached) passwords.

Secure ways to share passwords

But passwords are a part of life. Technologies like biometrics or passkeys haven’t yet replaced them. We use them for websites, apps, and more. So, companies need a secure way to share passwords with employees. As well as help them manage those passwords more effectively.

Cybersecurity threats are rampant and safeguarding sensitive information has never been more critical. Properly managing passwords securely is a top priority. At the same time, employees deal with more passwords than ever. LastPass estimates that people have an average of 191 work passwords.

Since you can’t get around passwords, how do you share them with employees safely? One solution that has gained popularity in recent years is using password managers.

Let’s explore the benefits of password managers next. We’ll also delve into why it’s one of the most secure ways to share passwords with employees.

Why Use a Business Password Management App?

Password managers give you a secure digital vault for safeguarding passwords. The business versions have setups for separating work and personal passwords. They also have special administrative functions so companies never lose a critical password.

Here are some of the reasons to consider getting a password manager for better data security.

Centralized Password Management

A primary advantage of password managers is their ability to centralize password management. They keep employees from using weak, repetitive passwords. And from storing them in vulnerable places. Instead, a password manager stores all passwords in an encrypted vault. This centralized enhances security. It also streamlines the process of sharing passwords securely within a team.

End-to-End Encryption

Leading password managers use robust encryption techniques to protect sensitive data. End-to-end encryption scrambles passwords. It turns them into unreadable text when stored and transmitted. This makes it nearly impossible for unauthorized users to access the information.

When sharing passwords with employees, encryption provides an extra layer of security. It helps ensure that the data remains confidential even during transmission.

Secure Password Sharing Features

Password managers often come with secure password-sharing features. They allow administrators to share passwords with team members. And to do this without revealing the actual password.

Instead, employees can access the required credentials without seeing the characters. This ensures that employees do not have direct access to sensitive information. This feature is particularly useful when onboarding new team members. As well as when collaborating on projects that require access to specific accounts.

Multi-Factor Authentication (MFA)

Many password managers support multi-factor authentication. This adds an extra and important layer of security. MFA requires two or more forms of verification before accessing an account.

MFA significantly reduces the risk of unauthorized access. According to Microsoft, it lowers the risk by 99.9%. This makes it an essential feature for businesses looking to enhance password security. Especially when sharing sensitive information with employees.

Password Generation and Complexity

Password managers often come with built-in password generators. They create strong, complex passwords that are difficult to crack. When sharing passwords with employees, employers can use these generated passwords. They ensure that employees are using strong, unique passwords for each account.

This eliminates the common practice of using weak passwords. As well as reusing passwords across many accounts. This feature mitigates the risk of security breaches.

Audit Trails and Activity Monitoring

Monitoring is a valuable feature offered by many password managers. It provides the ability to track user activity and access history. Admins can track who accessed which passwords and when. This provides transparency and accountability within the organization.

This audit trail helps in identifying any suspicious activities. It also allows companies to take prompt action. This ensures the security of the shared passwords.

Secure Sharing with Third Parties

Password managers offer secure methods for sharing credentials with third-party collaborators or contractors. Companies can grant these external parties limited access to specific passwords. They can do this without compromising security.

This functionality is particularly useful for businesses. Especially those working with external agencies or freelancers on various projects. It keeps control of the passwords within the organization.

You also never have to worry about losing a password when the only employee who knows it leaves.

Ready to Try a Password Manager at Your Office?

Password managers offer a secure and convenient way to share passwords with employees. They’re an indispensable tool for businesses aiming to enhance their cybersecurity posture.

By adopting password managers, businesses can protect their sensitive information. They also promote a culture of security awareness among employees. Investing in password management solutions is a proactive step toward safeguarding valuable data.

Need help securing a password manager? Give us a call today to schedule a chat.

Article used with permission from The Technology Press.

Read more

New And Urgent Bank Account Fraud Alert

1st December 2023
Xenomorph Android malware

The infamous Xenomorph Android malware, known for targeting 56 European banks in 2022, is back and in full force targeting US banks, financial institutions and cryptocurrency wallets.

The cyber security and fraud detection company ThreatFabric has called this one of the most advanced and dangerous Android malware variants they’ve seen.

This malware is being spread mostly by posing as a Chrome browser or Google Play Store update. When a user clicks on the “update,” it installs the malware designed to automate the process of accessing your online accounts and extracting and transferring funds.

Besides being alert to this scam (and you should let your spouse, partners and family know as well), you should be aware of a few ways to protect yourself:

  • Avoid links and attachments in any unsolicited e-mail. Simply previewing a document could infect your device, so never open or click on anything suspicious.
  • To update your browser, simply close it and reopen. You don’t have to download an application to update it. Furthermore, the Google Play Store app will not ask you for an update, so don’t fall for any website alert or text stating you need to download an update.

But remember, bank fraud can manifest itself in several forms, including:

  1. Phishing Scams: Cybercriminals send deceptive e-mails or messages, often impersonating trusted entities like banks or government agencies, to trick you or your employees into revealing sensitive information like login credentials. Sometimes these are facilitated by phone calls, so make sure your team is fully aware of this. The latest MGM hack happened when a hacker called the company’s IT department requesting a password reset.

  2. Check Fraud: Criminals may forge or alter your business’s checks to siphon funds from your account, making it essential for you to secure your checkbook and be careful about sharing or e-mailing your account information. You might consider going checkless to cut down on the chances of your account being hacked.

  3. Unauthorized Wire Transfers: Hackers may compromise your online banking credentials to initiate unauthorized transfers, diverting funds to their accounts.

  4. Account Takeover: Criminals may gain control of your business’s online banking accounts by exploiting weak passwords, reused passwords or security gaps, such as e-mailing your passwords to others or storing your bank password in your browser, allowing them to make unauthorized transactions.

  5. Employee Fraud: Sometimes, even employees may engage in fraudulent activities, such as embezzlement or manipulating financial records.

To protect yourself, use strong, unique passwords for your online banking accounts and never store them in your browser. Also, update your passwords monthly with significant changes to them, using uppercase and lowercase, symbols and numbers that are at least 14 to 16 characters.

Second, always turn on multifactor authentication (MFA) so you’re notified if anyone tries to log into your accounts without your knowledge.

Third, set up alerts for large withdrawals. You can ask your bank to require a physical signature for wire transfers to protect you from someone taking money from your account without your signature.

Fourth, get fraud insurance that specifically covers employee and online theft so you are protected in the event a cybercriminal steals money from your account.

And, as always, make sure you have strong cyberprotections in place for ANY device that logs into a bank account or critical application. Far too many businesses think that if their data is “in the cloud,” they are safe. Remember, your bank account is “in the cloud,” and the bank likely has a secure portal, but that doesn’t mean YOU can’t be hacked.

If you want to ensure your organization is truly secure, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, you’re due.

It’s completely free and confidential, without obligation. Voice scams are just the latest in a tsunami of threats aimed at small business owners, with the most susceptible being the ones who never “check the locks” to ensure their current IT company is doing what they should. Claim your complimentary Risk Assessment today.

Read more

This is the latest trend in phishing attacks

17th July 2023
Warning of a new trend in phishing attacks.

Have you heard the saying, “A picture is worth a thousand words”? It seems cyber criminals have too, and they’re using it to their advantage.

In a new twist on phishing campaigns, cyber criminals are luring victims to click on images rather than downloading malicious files or clicking suspicious links.

Let’s dive into the warning signs, so you can keep your business safe from these sneaky attacks.

First things first, what’s the big deal about clicking on an image? It might be promoting a killer deal or one time offer.

But when you click on the image, you don’t go to the real website. Instead it’s a fake site designed to steal your personal information.

Imagine being lured in by a cute cat photo only to find out that Mr. Whiskers was actually a wolf in sheep’s clothing! Not so cute anymore, right?

So, how can you tell if an image is part of a phishing campaign? Here are some warning signs to look out for:

  • Unexpected emails: Did you receive an email from someone you don’t know or weren’t expecting? Be cautious! It’s like accepting sweets from a stranger – you never know what you’re getting yourself into
  • Too good to be true: If an email promises you a free holiday or a million pounds just for clicking on an image, remember the golden rule: if it sounds too good to be true, it probably is.
  • Spelling and grammar mistakes: We all make typos, but if an email is riddled with errors, it could be a sign that something is going on.
  • Mismatched logos or branding: If an email claims to be from a reputable company but the logo or branding doesn’t match up, assume it’s a scam

Now that you know what to look for, let’s talk about how to protect your business from these image-based phishing attacks:

  1. Educate your employees: Knowledge is power! Make sure your team is aware of the latest phishing tactics and knows how to spot the warning signs.
  2. Keep software up-to-date: Just like you wouldn’t drive a car with bald tyres, don’t let your software become outdated. Regular updates help patch security vulnerabilities that cyber criminals might exploit.
  3. Use strong passwords: It might be tempting to use “password123” for all your accounts, but resist the urge! A strong, unique password for each account can help prevent unauthorised access. Using a password manager is even better.
  4. Enable multi-factor authentication (MFA): MFA adds an extra layer of security by requiring people to verify their identity through another method, such as a text message or fingerprint scan.
  5. Backup your data: In case disaster strikes, make sure you have a backup of all your files. That way, you won’t be left high and dry if your data is compromised.

Whilst cyber criminals are getting smarter and smarter with their tactics, there’s no need to panic. By being aware of the warning signs and taking proactive steps to protect your business, you can stay one step ahead of these digital tricksters.

Remember, not all that glitters is gold – or in this case, not every cute cat picture is just a cute cat picture. Stay vigilant, and don’t let the scammers win!

Read more

Criminals are exploiting AI to create more convincing scams

24th May 2023
Criminals are using AI to scam you

One of the many cool things about the new wave of Artificial Intelligence tools is their ability to sound convincingly human.

AI chatbots can be prompted to generate text that you’d never know was written by a robot. And they can keep producing it – quickly, and with minimal human intervention.

So it’s no surprise that cyber criminals have been using AI chatbots to try to make their own lives easier.

Police have identified the three main ways crooks have found to use the chatbot for malicious reasons.

  1. Better phishing emails

Until now, terrible spelling and grammar have made it easy to spot many phishing emails. These are intended to trick you into clicking a link to download malware or steal information. AI-written text is way harder to spot, simply because it isn’t riddled with mistakes.

Worse, criminals can make every phishing email they send unique, making it harder for spam filters to spot potentially dangerous content.

  • Spreading misinformation

“Write me ten social media posts that accuse the CEO of the Acme Corporation of having an affair. Mention the following news outlets”.  Spreading misinformation and disinformation may not seem like an immediate threat to you, but it could lead to your employees falling for scams, clicking malware links, or even damage the reputation of your business or members of your team.

  • Creating malicious code

AI can already write pretty good computer code and is getting better all the time. Criminals could use it to create malware.

It’s not the software’s fault – it’s just doing what it’s told – but until there’s a reliable way for the AI creators to safeguard against this, it remains a potential threat.

The creators of AI tools are not the ones responsible for criminals taking advantage of their powerful software. ChatGPT creator OpenAI, for example, is working to prevent its tools from being used maliciously.

What this does show is the need to stay one step ahead of the cyber crooks in everything we do. That’s why we work so hard with our clients to keep them protected from criminal threats, and informed about what’s coming next.

If you’re concerned about your people falling for increasingly sophisticated scams, be sure to keep them updated about how the scams work and what to look out for.

If you need help with that, get in touch.

Published with permission from Your Tech Updates.

Read more

3 essential security tools for every business

16th May 2023
3 essential security tools for every business

Your data is one of your most valuable business assets. Keeping it safe should be one of your main priorities. So if you don’t have much security in place, there’s a minimum standard you should be implementing, right now.

There are dozens of security solutions available that all perform different tasks – from preventing criminals gaining access, to recognising attacks in progress, and then limiting the damage that can be done. There’s no one-size-fits-all as every business has different priorities and different types of data to protect.

Here are three essentials that every business should put in place as a basic level of protection.

  1. A firewall

A firewall monitors the internet traffic coming into and leaving your IT network. It acts as a wall between your network and the outside world. It’s your first line of defence against an intruder breaking in to your network.

  •  A password manager for everyone in the business.

A password manager stores all your credentials securely, and can also generate nearly impossible-to-guess passwords for all your accounts and applications.

That’s useful against brute force attacks, where cyber criminals essentially try to force their way into your system by guessing the password. It also stops you writing down your passwords somewhere ‘safe’!

  • A VPN (Virtual Private Network)

A VPN is important for any remote or hybrid workers in your business.

It means your employees can access your network from wherever they’re working, without worrying that their online activity is being watched by a criminal.

VPNs make your browsing completely private, hiding your device and location details, and anything you download. If you or your employees regularly use public Wi-Fi – especially to access your network – a VPN is essential.

These are our absolute minimum recommendations.

The strongest security uses additional tools like Multi-Factor Authentication to prove the identity of all users, and antivirus software to deal with any intrusions.

These work together to create a multi-layered security shield to defend against threats on many fronts.

But it’s important you create a security plan that’s right for your specific business. It’s a good idea to seek some professional help.

Not everyone’s as excited about IT security as we are! But we definitely have a passion for it.

If we can help you, get in touch.

Published with permission from Your Tech Updates.

Read more

10 Common Tech Problems Plymouth Businesses Are Eliminating From Their Business Forever

9th May 2023

They say, “You get what you tolerate” and now more than ever, we’ve been conditioned to tolerate worse service at higher prices. Companies get a ‘free pass’ simply by saying phrases like “the labour shortage,” “because COVID,” or “inflation.”

But it doesn’t have to be that way.

While you may be able to still do business even with some less-than-stellar vendors in some areas, if all your computers were to suddenly stop working, your network go down, your files gone, chances are you’d be dead in the water.

Your business depends on technology, and you need to make sure everything is up and running RIGHT and you’re protected ALL the time.

Here’s a list of ten common problems, complaints and just downright failures in service we hear of all the time…and I’ll show you how to eliminate them in your business.

  1. When you call your IT company, your message goes to voicemail and you’re stuck waiting hours (or even days) for a call back so your problem gets resolved.
  2. You often must reach out multiple times to get a problem resolved and you need to check back to see what the status is and get a timeframe.
  3. Your IT company doesn’t proactively monitor, patch and update your computer network’s critical security settings daily (or at least weekly) leaving your entire business vulnerable to attacks.  
  4. Your IT company doesn’t offer proof that they are backing up ALL your data, laptops and devices.
  5. Your IT company doesn’t meet with you regularly (at least once a quarter) to report what they’ve been doing, review projects and offer new ways to improve your network’s performance instead of waiting until you have a problem to make recommendations.
  6. Your IT company doesn’t provide detailed invoices that clearly explain what you are paying for.
  7. Your IT company doesn’t explain what they are doing and answer your questions in terms that you can understand, NOT in “geek speak” and they don’t routinely ask if there’s anything else they can help with, no matter how small.
  8. Your IT company doesn’t proactively discuss cybersecurity with you or make recommendations for protecting your network from ransomware and offer employee training videos, so they don’t fall victim to a scam.
  9. Your IT company hasn’t provided you complete network documentation, and they hold the “keys to the kingdom” refusing to give you admin passwords so you’re totally helpless if something goes wrong and you can’t get a hold of them.
  10. Techs arrive late and dressed like they just got out of bed, and you cringe every time you need to make that call because they’ll make you feel dumb or like they are ‘doing you a favor’ even though you’re paying them!

If you’re tolerating any of these common problems, know that you don’t have to! You could be paying for substandard support and worse, not be keeping your company protected.

This could jeopardize your data and your network’s security and cost you thousands in lost productivity because you and your employees are spending time dealing with problems that shouldn’t exist.

If that’s the case, then it’s time you see what else is out there and make sure you’re getting what you pay for.

To schedule a free 10-minute discovery call to see how we can get rid of your tech issues, go to https://limbtec.com/book-a-call

Read more
Recent Comments