by Machelle | Jul 2, 2018 | Cybersecurity, General
As advances increase with the internet, so are people progressing cybercrime tactics on the internet.
Phishing is a cybercrime in which the perpetrators persuade its victims to release sensitive personal data. Financial details, passwords after contacting them via emails, text messages under the false pretext of being a legitimate organization are some examples. The moment information releases it results in identity theft, access to personal accounts, and substantial financial losses.
Common types of phishing
1. Spear Phishing
In spear phishing, the cybercriminals take time to gather information about you and use it in the email to appear legitimate. They go as far as mentioning your name, your phone number and where you work which they usually obtain from social media sites. After which they request for sensitive information, which they use to defraud their victims. Both spear and deceptive phishing, share common features which are the manner they reach out to people and the sense of urgency in their tone of their emails, sometimes they make you believe that if you don’t comply something terrible may happen.
2. Deceptive Phishing
Phishing of this type occurs when the scammer sends an email from a company that you always patronize their services. The scammers act as though they are employees of the company and request for your details in the email they send, placing deadlines on your compliance. The email usually contains fraudulent URL links that will have forms where personal information will be filled in. Protect your yourself from this kind of phishing attack by being more observant, with regards to URL sites before clicking to be sure you are about to visit a legitimate domain.
3. CEO Fraud
Here, the target is usually a top executive in a company, these scammers hack into their emails and send messages to junior employees most times requesting that money transfers to another account. They exploit the organogram of an organization as they know that most low ranking won’t ask questions and readily obey instructions from their superiors.
4. Search Engines, Dropbox and Google Docs Phishing
Some phishing scams involve search engines or favorite sites like Dropbox and Docs, where the users are always uploading and downloading as well as sharing files. They pose as Dropbox or Google Docs and request personal information just as in spear phishing.
Also, these scammers could hoist fake websites presenting low-cost products or offering loans with a low-interest rate. They defraud their victims when as they enter credit card details to patronize them.
5. Pharming
Also known as web delivery or ‘man-in-the-middle,’ here, scammers take over a website, lock out the webmasters redirecting the users of the websites to their fraudulent sites. It is considered the scariest type of phishing because if users of these websites are not careful enough, they give their details to the wrong persons. Also, the scammers may hack into the communication link between the users and the websites and pick vital information about the users without them knowing about it, hence the name ‘man in the middle.’
IDENTIFYING PHISHING THREATS
The following features are ‘red flags,’ warning signals you should look out for to protect yourself or your organizations from phishing scams.
Hyperlinks:
Clicking all links shouldn’t be done. Before clicking look at the link. If the link has spelling errors, avoiding it would be wise. These scammers usually use popular websites but deliberately misspell the address which vulnerable individuals will overlook.
Unbelievable offers:
Be careful about emails that have too-good-to-be or unbelieving offers. Offers like this are designed to catch attention and lure its victims into fraud. Whenever you see such emails, stay away from them.
Unknown Sender:
Any email that comes from unknown persons should be known as a phishing scam threat. There is no need to open it, delete it!
Attachments:
Once you see emails with attachments that you weren’t expecting, it is best you don’t download the websites. Phishing scams perpetrate in this manner and attachments of this sort could contain malware or viruses that would seriously harm you.
Emails with deadlines:
Never forget that financial institutions will not rush you to provide your financial details via the internet. Institutions usually give lots of time for you to comply. Therefore, disregard any emails, requiring your data with a high sense of urgency, this is a typical style of scammers. Contact your banks or any other institutions and verify appropriately before filing financial detail online.
PHISHING PREVENTION TIPS
In recent times, these scammers are becoming more innovative. Scammers intensify the menace of cybercrime. Against this backdrop, the following are tips to help you stay away from phishing attacks:
Change your browser settings
Adjust your browser’s settings to permit only verified sites to open. As a user, there is a need to explore the browser feature which gives an alert when a fake website is opening. Such warning signs should be adhered to strictly.
Use spam filters
What these filters do is to trace the source of the message, determine the software used to send the message, the appearance of the message and then blocks it. Sometimes the spam filters may even prevent your emails to keep you protected.
Always change passwords or use multiple factor authentications
An excellent way to avoid phishing attacks is to change passwords on a regular basis, avoid using the same password across accounts on the internet. Webmasters should adopt the multiple factor authentication or the CAPTCHA systems to prevent security breaches on their websites.
Cross check every URL
Before clicking, it is essential to take a second look, at the URL. Safe websites will always start with “https”; this is a proof that it has a valid Secure Socket Layer certificate.
Finally, to avoid severe losses of money and credibility, organizations and even individuals should invest in getting the right and updated information for the cyber attacks and cybersecurity. When applying regularly, you and the organization has protection from any form of cyber attack.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource:
Image Resource: https://pxhere.com/en/photo/714530; https://pxhere.com/en/photo/989227; https://pixabay.com/en/phishing-fraud-cyber-security-3390518/
by Machelle | Jun 25, 2018 | Cybersecurity, General
The signing of the Modernizing Government Technology Act (MGT) was in December 2017. Federal security operations for several years have been using hardware and software that are needing to be more modern. Obsolete technology has posed challenges in protecting the nation cyberspace and vital national data from cyber-attacks.
Making Room for New Technology
What is the Modernizing Government Technology Act
The government spends about 75% allocation to information technology. This spending is maintaining and ensuring that these outdated information technology systems remain operational. The risks these systems pose are a result of their inability to utilize current security practices. It includes multifactor authentication and data encryption. They are also expensive and always fail to fulfill the mission requirement and vulnerable to malicious software.
Against the backdrop, in a bid to address these issues, the Modernizing Government Technology (MGT) Act was passed by the legislatures. Through this
means, the government can empower federal agencies to effectively discharge their duties with regards to cybersecurity and information technology services.
The primary purposes of the Modernizing Government Technology (MGT) Act are to:
Curtail current and operational risk of the information technology systems of federal agencies by ensuring that they are compliant with recent security technology.
Assist the federal government in cutting cost with regards to information technology via modernization
Hasten the acquisition and application of modernized information technology practices such as cloud computing, data encryption and lots more through the provision of stable funding and transparent acquisition procedures.
Benefits of the Modernizing Government Technology (MGT) Act
Federal IT experts in some quarters are of the opinion that the MGT Act is long overdue. Nevertheless, the law has lots of benefits with regards to operational ease, data security, and investment opportunities. The following are the significant benefits:
Access to capital funds that will boost the modernization of IT systems:
MGT Act gives room for heads of different agencies to access working capital funds. These funds can be used to update or replace existing IT systems with modern state-of-the-art information technology systems. Also to adopt and train their staff on new risk–inclined cybersecurity measures.
The Funds
The funds can be utilized by agencies to ensure a smooth transition from legacy IT systems to cloud. Or, a shared service to boost security and effectiveness in the discharge of their duties serving the American people.
This gesture will empower these agencies to reprogram or transfer funds. This includes those earmarked for the maintenance of obsolete IT systems for other variety of projects or investments which are within its mandate as a federal agency.
However, monitoring the utilization of these funds are required to submit comprehensive reports regarding the expenditures and balances every six months. These reports are made public for the sake of accountability.
Migration to cloud systems:
The MGT Act will hasten up the movement to a Cloud system. This migration is more cost-effective and has access to another realm of innovation that associated with cloud systems. It also offers a more secure means to handle data.
Expect that these agencies will, for the sake of providing better services, jettison the legacy system for more efficient digital technology. A good example is the network modernization that allows Chief Information Officers (CIO) to know what exactly happens in their operations.
Although there are critics of the MGT Act, who say that the Act is a misguided venture, the benefits will improve the lives of the American people.
Resources: https://www.fedscoop.com/trump-signs-mgt-act-law/; https://www.whitehouse.gov/about-the-white-house/the-legislative-branch/; https://www.investopedia.com/terms/c/capital-funding.asp; https://www.techopedia.com/definition/635/legacy-system
Images by: Business Technology – Cyber Security [www.bluecoat.com/; https://www.flickr.com/photos/111692634@N04/]; US Capital https://pxhere.com/en/photo/738025
by Machelle | Jun 18, 2018 | Business, General, Information Technology
Website design is one of the most dynamic concepts in the digital world. As the year progresses, there is an increase in the technical challenges web designers face.
Made in Canva by Machelle L.
The Art of Web Designing
However, these challenges have been better with the advent of more creativity into the art of web designing. This creativity has given rise to more innovative websites. Creating a more user-friendly interface, compatible with any digital device, high aesthetics and still compliant with corporate needs.
2017 witnessed lots of innovation about web designing and anticipates that more creativity will trend in the year 2018. Some of them have already begun manifesting the websites that have fantastic mobile functionalities. Some others are still in the process. The following are remarkable trends to grace the web designing landscape in the year 2018:
Animation, Motion graphics
In the year 2018, this will be one of the significant changes that we will experience. An animation is believed to make a lasting impression just as the famous quote says, ’a picture is worth a thousand words.’
Animations in web pages include particle backgrounds, animated thumbnails images, as well as virtual or augmented realities. These motion graphics are of a JavaScript design to move naturally in the web background without delay while loading. Some of them are used in the social media for different purposes already.
Web schemes with superb colors
Due to the advent of computer monitors and device screens with improved picture quality, web designers are becoming bolder in their color selections. Being bolder has led to websites with supersaturated colors, dominant shades, contrasting colors yet producing beautiful blends. These varieties ensure that web pages are looking good. This sort of improvement is to attract visitors’ attention and sell the brand or the idea on the websites. Web designers will go beyond the conventional, really think out of the box for high colors in 2018.
Asymmetric or Broken Layouts
Made in Canva by Machelle L.
Asymmetric Layouts were first introduced in 2017 but will attract more attention in the web designing space in 2018. It is a shift from the conventional grid-based web layouts. Its attracting factor is that it provides a unique aesthetic experience for a web page visitor. Many brands may still want to stick to the conventional layouts because they consider this asymmetry a luxury. Others, especially more prominent companies, may find it a perfect means to sell their brand to the public.
Flexible fonts
The fonts of a web page are more than just a visual tool. It also plays a huge role in creating a lasting impression and provoking an emotional response. Also, fonts serve as a medium of communication on any website. In 2018 there will be devices with outstanding resolutions and screen characters that get sharper. There will also be a concomitant rise in different fonts used in web pages. This trend aims at creating a better user experience, ensuring that web users aren’t bored being on your websites.
Active gradients
In more recent times, developers are gradually adopting gradients for their web designs. An active gradient is already a trend that has come to stay as they are progressively replacing the flat designs. They are often used to make images on a web page more captivating with colors of various dimensions. Most web designers used this gradient as an alternative when there are a few images. These alternatives are usually conspicuous and rich in color.
Priority of mobile devices
Websites designed in the year 2018 will have mobile devices that will have the utmost priority. Expect that Google will rank websites on mobile compatibility and user-friendly interface. Since almost everyone has a smartphone, the prioritization of mobile devices by web designers will be a priority. These devices will also trigger other mobile-friendly initiatives tools and apps shifting from desktops in 2018.
The concept of web designing is an ever-changing one that necessitates severe changes in our web designing approach. These trends trigger the need for new skills, newer ideas, and a different approach.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource: https://www.usability.gov/what-and-why/user-interface-design.html; https://www.phrases.org.uk/meanings/a-picture-is-worth-a-thousand-words.html; https://www.canva.com/learn/website-color-schemes/; https://www.webdesignerdepot.com/2011/10/asymmetrical-balance-in-web-design/; https://creativemarket.com/blog/types-of-fonts-for-professionals; https://www.awwwards.com/gradients-in-web-design-elements.html
Image Resource: Canva creation by Machelle L.; https://pxhere.com/en/photo/750606
by Machelle | Jun 11, 2018 | Business, Cybersecurity, General, Information Technology
In recent times, online thievery has become so rampant cutting across every facet of human endeavors where data systems are in use.
The frequency of hacking has become very high that’s it is believed to occur every minute. This particular development has raised concern in several quarters on how exactly to be free from hacks, how can we stop the activities of hackers.
The following are trusted tips to prevent hackers from intruding into your files.
-
Keep your security software updated
Being safe entails being watchful. Safety could mean making sure all routes viruses could take into your system is blocked and steadily watched over. All you need is to install capable anti-spy wares or antivirus and ensure they are always updated. To ensure your system has protection, you can also connect to a network firewall. Firewalls help scrutinize data going in and out of your system, identifying threats and neutralizing them as well.
-
Always change your passwords
Before now, all that would occur was changing the default passwords to words that we can easily remember. However, things have changed. Customizing passwords are no longer enough to protect you from hacking. Your passwords must be strong. It should be a mixture of different numbers, characters of both upper and lower cases alongside symbols.
The understanding that the only portal hackers have into your business systems is via your username and passwords. This info should encourage you to continuously change your username as well as passwords on a widespread basis. Though this approach may be stressful, it is a small price to pay to be secure online. Nevertheless, as these changes continue, care must be taken that the new passwords are secure from unlawful persons.
-
Restrict access to needless sites
Limiting visits to specific sites might be one of those giant strides you make to be safe online. Some sites, like pornographic web pages, can be harbors of different forms of malware or viruses. Viruses could render the entire business operating system vulnerable. Against this backdrop, it becomes vital to take serious measure to block sites of this sort.
-
Carefully chose your Internet Service Provider (ISP)
Different firms now provide internet services, not all of them can keep you protected. There is, one primary criterion to be considered while choosing an ISP, before cost and speed. It is built in security features. A perfect ISP should have all these features and save you worry while using the internet.
-
Invest in cybersecurity education
Continuous training in cybersecurity trends is vital for any organization that is serious about keeping its data way from hackers. Training can be carried out via workshops, videos, employee drills or any other method. This is vital to ensuring that they are not ignorant of matters that pertain to cybersecurity.
Knowing these tips and acting on them is another. However, the reality is that we live in a time where cyberattack is on the rampage threatening the very existence of a business. To efficiently stop these hackers is to be security conscious while using the internet and consistent implementation of these tips.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resources: https://dynagrace.com/cybercrime-invisible-crime/ ; https://passwordsgenerator.net/ ; https://www.sans.org/cybersecurity/
Image Resources: https://pxhere.com/en/photo/1331118; https://pxhere.com/en/photo/867306; https://pxhere.com/en/photo/1366057
by Machelle | Jun 4, 2018 | Business, Cybersecurity, General, Information Technology
Ransomware is a kind of malware that blocks computer users from their systems. It does this either by locking some folders or locking the system’s screen until a ransom pays.
The history of this malicious software dates back to 1980. In 1980, the first ransomware identified to be PC Cyborg also known as AIDS began. This malware could encode files in the C: Directory after forcing the computer system to reboot up to 90 times. Its victims were forced to pay $189 ransom via mail. This ransomware was easy to decrypt by people who understand computer systems and therefore posed only a little threat
Pop-ups Everywhere
Image by DynaGrace Enterprises
Real ransomware graced the scene in 2004 known as Gpcode. Gpcode also used an RSA encryption that encrypts files until paying a certain amount. The year 2007 had WinLock trending as ransomware. It displayed pornographic images, limiting users’ access to their screen and demanded payment via SMS. The next generation of ransomware are called the law enforcement ransomware, or Reveton was born in 2012. This malware was designed to show the logo or symbols of crime-fighting agencies like Interpol, FBI or local PDs. It accuses its victims of indulgence in different crimes ranging from child pornography to computer hacking.
Other vices include a download of classified files demanding ransom up to $300. As the years go by, ransomware is becoming more dangerous and ruthless, especially with the advent of CryptoLocker. CryptoLocker uses encryptions of military standards to WannaCry and Petya of May and June 2017 respectively. This ransomware with their complex encodings stifles business as well as limit cyber freedom all around the globe.
Types of Ransomware
Different types of ransomware exist based on the extent of their severity. The major ones are as follows.
Screen lockers
Screen lockers lock you out of your computer entirely by taking hold of your computer screen. Shutting down the system does you no good as it is starting. An FBI logo or that of the Justice Department appears claiming that illegal activity has been carried out on this system and they need to pay a fine. Victims often forget that these law enforcement agencies don’t collect penalties for unlawful activity forcefully via the computer. Agencies follow appropriate and legitimate routes.
Encrypting ransomware
These types of ransomware collect your files, encode them and then asks for a ransom before its release can take place. This ransomware is the most dangerous of all ransomware as your encrypted files may not be inaccessible until paying the money. Sometimes after paying the ransom, the data are still not returned by the cybercriminals, and this is the most painful part.
Scareware
Scareware involves tech support or rogue security scams. They tend to send a different kind of pop-up messages claiming malware has infected your system. They go further to explain that the only way to eradicate it is to pay a certain amount. This trend continues and sometimes becomes an online disturbance especially if you ignore these messages. Interestingly, most times these are mere scare tactics as the name implies, as your files may be safe.
Protecting yourself from ransomware
Though there are different types of ransomware, the mode of entry into their victims’ cyberspace is not much different. Also, the best way of protecting your cyberspace from ransomware is by understanding how this malware can infect your computer system.
Recently, one of the most popular ways computer systems become infected by malware is via malicious advertising also called mail advertising. Mail advertising uses the platform of online adverts to disburse ransomware with minimal user interactions. They appear as pop-ups even on legitimate sites which are often not clicked and redirects users to criminal servers. This malware is linked to these servers to gather the victim’s system’ details and take advantage of them. All these happen without the knowledge of the victims.
Malicious spam
Malicious spam is another way systems get infected; they are unsolicited mail used to distribute malware. These emails contain attachments, word documents or even links to unsafe websites creating an access point for the ransomware.
If the mode of entrance of ransomware into the system is well understood and blocked, the following are steps to taken to ensure you are safe from ransomware;
- Invest in cybersecurity. Get cyber software that can protect your computer from powerful ransomware attacks. Plus they should have features that shield vulnerable programs in your system
- Always create secure backups for your systems files and data daily. The use of external storage devices that can be detached immediately after data backup is a good start. However most recommended is the use of cloud storage that utilizes powerful encryptions. As well as multiple factor authentication for security purposes.
- Your system needs updating. Though it is not still easy to be up to date in a fast-changing tech world, recommending activating automatic updating.
Finally, be informed. Be abreast of the latest facts as regards cybersecurity. Avoid suspicious links and website. Be purposeful, exercise some discipline, discreetness and avoid wandering as you browse the internet.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource: https://en.wikipedia.org/wiki/AIDS_(Trojan_horse); https://en.wikipedia.org/wiki/PGPCoder; https://www.us-cert.gov/ncas/alerts/TA13-309A; https://en.wikipedia.org/wiki/WannaCry_ransomware_attack; https://www.symantec.com/blogs/threat-intelligence/petya-ransomware-wiper
Image Resource: DynaGrace Enterprises; http://www.dodlive.mil/2013/10/05/national-cyber-security-awareness-month/; https://pxhere.com/en/photo/540556
by Machelle | May 28, 2018 | Business, General, Information Technology
In recent time, any business that is serious about growth finds a way to establish an online presence. A presence has led to an increase in the demand for websites and also the proliferation of web hosting service providers. However, there is a need to apply caution while selecting a web hosting service provider. Also to note the necessary parameters to look out for before hosting a website. These tips help save you a lot of hassle and stress.
Below are some of the problems associated with hosting a site
1. Slow response from Web Hosting Service providers
Like any other venture on earth, web hosting has its challenges. However, it becomes a source of worry when you face issues while hosting your sites. Sometimes it is taking ages to get a response from a provider. As well, it is even trying to find a contact platform on their websites. Therefore it becomes necessary before subscribing to any web hosting service, to check the quality of the support they provide. Some provide around-the-clock support service. Others give out manuals and others direct you to their FAQ platforms. Deciding on the platform that best suits your company helps the web hosting process.
2. The inability of the Web Hosting Company to provide adequate security
Security is another severe issue of web hosting. Many web hosting companies cannot prevent your websites from being hacked, giving a false sense of security. This facade leaves the business very vulnerable to cyber-attacks. A cyber-attack punctures the confidence of the clients in a brand and negates the of the actual reason for hosting websites.
It becomes necessary for Web Hosting Company to assure the customers as well as develop the capacity to guarantee safety. Assurance is also a factor to consider when selecting a web hosting provider.
3. Expensive Web Hosting Plans
Be aware when signing up for a web hosting plan, be careful to scrutinize the details to avoid being cut into a trap. Being cautious is because some companies offer real service for your money while others provide free web service. Then without your knowledge charge you more as your site succeeds. Also, be smart enough to check if the plan you are with has the right bandwidth that you require. Check if it’s flexible to permit an upgrade to a better program in the future.
4. Server limitations
Some clients are ignorant of the capacity of the servers of web hosting companies. Ignorance leads to consistent bounces especially when your site starts to generate massive traffic. The primary cause of this is the reluctance of most web hosting service providers to reveal their real limits to their customers to minimize costs. However, it is essential to have a good grasp on the capacity of the server. Such as the bandwidth and disk place to ensure you are not stretching this limits to your detriment.
5. Slow web servers
A manifestation of a slow server is delaying while a webpage is loading. Although the number of scripts, size of graphics files and connections in the database might play a role in the delay. When this occurs frequently, it could also be as a result of poor internet network. However, it is advised to check other websites supported by different servers.
A slow loading web page frustrates a visitor and reduces the chances of generating traffic; numbers will decrease. Also, this will lower the ranking of the website, placing it very low on the search result list. The solution to a slow server is to use web hosting companies whose data centers are closer to your web users.
Finally, to ensure you avoid these problems and have an excellent web hosting experience you have to choose a web hosting companies carefully. You can contact friends and colleagues who have organized their sites and get their experiences. Consulting reviews and reading about web hosting trends will be of help in finding the suitable web hosting company that will make the entire experience worthwhile.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource: http://www.itarticle.net/moving-beyond-the-marketing-hype-what-does-unlimited-web-hosting-really-mean/; https://technet.microsoft.com/en-us/library/cc181325.aspx
Image Resource: https://pxhere.com/en/photo/989227; https://pxhere.com/en/photo/1003060; Featured Image by DynaGrace Enterprises
