Cybersecurity Tips | Managed Cybersecurity Services

Cybersecurity Tips | Managed Cybersecurity Services

Contact Us for a Free Cybersecurity Audit:

Contact CrafTech Computer Solutions if you are unsure about clicking on any emails or texts. See our cybersecurity tips below, and read more about our cybersecurity services here.

Turn On Multifactor Authentication

February 28, 2023

Different ways to say MFA:

  • Multifactor Authentication
  • Two Step Authentication
  • 2-Step Verification
  • Two Factor Authentication
  • 2FA

They all mean the same thing: opting-into an extra step when trusted websites and applications ask you to confirm you’re really who you say you are.

Your bank, your social media network, your school, your workplace… they want to make sure you’re the one accessing your information.

So, the industry is taking a step to double check. Instead of asking you for a password – which can be reused, more easily cracked, or stolen.

MFA is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like e-mail), you must provide a combination of two or more authenticators to verify your identity before the service grants you access. Using MFA protects your account more than just using a username and password.

Users who enable MFA are significantly less likely to get hacked. Why? Because even if a malicious cyber actor compromises one factor (like your password), they will be unable to meet the second authentication requirement, which ultimately stops them from gaining access to your accounts.

Now that you know what it is, you’ll see prompts for multifactor authentication all over. So whenever available, be sure to opt in.

Start by looking at the security settings on your most-used accounts. You may see options to enable MFA listed as “Two Factor Authentication”, “Multifactor Authentication”, or “Two Step Factor Authentication”. There are many ways you may be asked to provide a second form of authentication.

Popular forms of MFA include:

  • Text message (SMS) or voice message
  • Application-based MFA
  • Phishing-Resistant MFA
  • Fingerprint authentication or face scan

“Implementing MFA can make you 99% less likely to get hacked, according to Microsoft”

Read more HERE

Mobile Malware Attacks Increase by 500% This Year

March 22, 2022

According to Proofpoint, mobile malware attempts are up by 500%.

And, Proofpoint has observed that mobile phishing attacks continue to rise.

Mobile attacks are often successful because the interface hides red flags that a computer would detect. Users can’t investigate much like they can on their desktop, such as hovering over a link to check it.

URL padding is a method used to disguise malicious URLs on mobile. For example, a long link pretending to be Amazon that clearly looks like malware could appear only as amazon.com in a phone’s smaller address bar.

Types of Mobile Attacks:

SMS Phishing (Smishing): SMS phishing baits users to click links and enter personal information.

Call/Voicemail Phishing (Vishing): Scammers call or leave voicemails attempting to gain personal information.

App Phishing: Hackers lure users into installing apps that appear very real but contain malware.

What’s the Worst That Could Happen?

Stealing Your Money: Hackers can change legitimate payments to deposit to their accounts instead. Additionally, hackers can impersonate a user and request money from their friends and family just with email or phone access.

Accessing Your Email: One wrong click could give a hacker access to your email. Most users have their work email on their phones, and from there, hackers can access sensitive business data.

Stealing Your Password and Accessing Other Accounts: Many users have the same password for multiple accounts. So if a hacker gets your password by prompting you with a fake login, they can try that information on other accounts.

Avoiding Mobile Malware:

It’s best practice not to click on links texted or emailed to you if you can avoid it.

  • Instead, if you are familiar with the website, type in their homepage and navigate to the needed page manually, instead of clicking the quick link.
  • Never enter personal information through a texted link.
  • Call CrafTech to review suspicious content before clicking.

Threat Intelligence: Uptick in Phishing

February 28, 2022

A message from our CEO:

You all heard the news from Russia, and with that come new threats. The landscape is already changing as Russian forces close in on Kyiv. We are already seeing over a 300% uptick in SUCCESSFUL phishing activity. It could be a coincidence, or maybe not?

Are you prepared for new Russia-Based Cyber Threats? No one can be prepared for ZERO Day vulnerabilities, so reaction time is critical if something does happen.

Having the proper security in place is a good start, awareness is your best defense! ZERO Day or backdoor, it becomes reaction time.

The FBI, CISA, NSA and others have sounded the alarms of pending attacks – and mainstream media is starting to focus on the worst-case scenarios. Our antennas are up, are yours up?

Think before you click!

See something, say something! We are here to help.

Would Your Employees Click A Phishing Link?

January 21, 2022

95% of breaches are due to human error. For businesses of any industry or size, employees pose a huge risk to cybersecurity. That’s why it’s important to provide cybersecurity training to improve employee awareness.

In our experience, there are always employees who need the training. Someone will click the phishing email, and it’s better to address the problem in a controlled environment before it happens for real. It’s one aspect of a cybersecurity strategy that addresses potential threats, tightens loopholes, and manages attempted cyberattacks.

The bottom line is that if you take cybersecurity seriously and employ proactive measures, your company will better manage any threats that come your way.

Curious if your employees would click a phishing link? Contact us to learn more.

Holiday Warning

December 21, 2021

Here’s a not-so-fun fact: Did you know that about 20% of employees are likely to click on phishing email links?

With the holidays approaching, it’s important to remind employees to stay aware. Studies show that email phishing attacks usually increase in November and December. Because many of us are shopping online more during these months, it’s easy for those fake Amazon emails to seem real.

Remember to double-check any shipping confirmation links you receive (whether through text or email) before clicking. Verify that the link contains the real domain (like “Amazon.com,”) and the sender’s email address. Even better, don’t click on these emails at all. Instead, go directly to amazon.com to check the order status.

Stay vigilant, and when in doubt, just ask us!

GoDaddy Breach Exposes Credentials for 1.2 Million WordPress Accounts

November 23, 2021

GoDaddy reported a security incident affecting managed WordPress websites.

If you have or had a website hosted by GoDaddy, this means the email address and admin password were exposed. This is true for active and inactive sites.

GoDaddy changed those passwords. However, we know that the same password is sometimes used for multiple sites. I would advise you to think about where it was used and change all those passwords.

If your website is hosted by CrafTech, no problem. We don’t host with GoDaddy!

You can read more about the details of this incident here.

Fake App Scam

October 28, 2021

Do you or your family and friends use social media on an Android device? If so, you need to read this.

This new scam preys on social media users.

Here’s how it works: Threat actors post advertisements on popular social media platforms, promoting downloads of an application. These apps are malicious. These ads and apps are well-made, so they are not easy to catch. The app will prompt the user to sign up by entering a phone number. Once the threat actors have the phone number, the app subscribes the user to a “premium SMS service which sends texts to a short-coded number — each text results in a charge for the user.” The threat actor will then max out on premium SMS charges. Some carriers will alert users of these charges, but this could go unnoticed for months.

Here’s how to protect yourself: When downloading a new app, check the reviews first. Many of these fake apps had reviews warning users, but not many people check reviews before downloading. Also, it is possible to disable premium SMS through your wireless carrier – a major way to avoid this issue.

Warn others: This scam targets children, who are most likely to click on catchy ads and download fake apps. If you let children use your device, you may be able to set up parental controls so that you have to approve new app installations, depending on your device. Please share this post with your friends and family to keep them aware of this issue.

Apple Spyware & Other Security Updates

September 15, 2021

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware. Please update your software or check with your provider if you have any questions. Zero-Day vulnerabilities are not the ones to take a chance with. You can read all about it here.

On the Windows side, we are fighting with another Remote Code Execution vulnerability MSHTML affecting Office Documents. We have a script workaround that we already pushed to all of our clients’ computers.

The PrintNightmare continues; now with 4 patches from Microsoft and still no resolution. We still have our workaround in place!

In other news, we hear about the big guys that get hacked like Pacific City Bank, Career Group, Inc., Howard University, and more getting hit with Ransomware. However, you never hear about the small mom-and-pop shops or small businesses that are hit with Ransomware. But, it is happening out there every single day! If you think “It’s never going to happen to me, we are too small,” think again! Hackers don’t typically pick and choose who they attack; big or small. For them, they only have one thing in mind: “Bitcoin.”

Don’t want to worry about cybersecurity? Fill out our form to the left to see what your business can do for protection.

Copyright Images Phishing Scam

August 10, 2021

This scam attacks business owners through their websites.

Here’s how it works. A bot gets email addresses from a business website or fills out its contact form. Then, they send an email to the business owner claiming that the website is illegally using photos they own, and threaten to take legal action. In the middle of this intimidating email, the scammer says “Here’s a link to my original photo that you need to remove from your website.” This link is malware! The scammer takes advantage of this fear-based tactic, hoping the user clicks the link without thinking.

If you see any suspicious emails, please report them to CrafTech! Never click any links from unknown senders.

Microsoft Potential PetitPotam Vulnerability

July 29, 2021

Microsoft reported a potential PetitPotam or NTLM Relay attack vulnerability that could be used to steal administrator and user account credentials on July 28, 2021.

At this time, Microsoft notes this attack has not been exploited in the wild and has no assessment about the exploit severity. Attackers must gain access to the local network to exploit this vulnerability and mitigation steps must be tested as disabling NTLM block logon to legacy applications and server operating systems.

Network security Restrict NTLM in this domain (Windows 10) – Windows security | Microsoft Docs

We are in the process of verifying and confirming no malicious activity in security logs on supported customer networks.

We implemented this mitigation internally so we can test and see what systems will be affected.

Legacy Windows Server 2008 must be removed or added to mitigation exclusions for clients to accept potential risk.

Software vendors should also be publishing whether their application is at risk and must be excluded.

Support will coordinate with clients over the next month to mitigate each unique environment.

This only applies to clients that have a server with a domain controller. If you are not sure you have a domain controller please send an email to our support for clarification.

Consent Phishing

July 22, 2021

Consent phishing is an emerging hacker technique that can bypass 2FA (2-Factor Authentication, such as logging into a website on your desktop and verifying it’s you with a code from your phone.) These phishing emails are appearing in businesses both large and small, so everyone needs to be on the lookout.

Most people think that 2FA guarantees their online safety. Unfortunately, this is not the case. Over a year ago, the FBI published some new methods used to bypass 2FA, and now it’s becoming more and more possible to do so.

These days, not having 2FA is an invitation for hackers to steal your information or hack your email. With 2FA, this is much harder, so hackers are looking into methods to bypass it.

This hacking method is a simple mistake to make where one wrong click can grant them access to your account. At CrafTech, we always tell our clients that awareness is the best defense. Well, here’s one more to watch for.

You can read all about it, how it works, and what to watch for here.

Need to share files with your clients and vendors? Ask us about a Sharepoint Extranet site so you can safely share content.

Safe browsing!

Wegmans Data Breach

July 2, 2021

Recently, Wegmans revealed that two of their databases were publicly accessible on the Internet because of a configuration issue.

“We recently became aware that, due to a previously undiscovered configuration issue, two of our cloud databases, which are used for business purposes and are meant to be kept internal to Wegmans, were inadvertently left open to potential outside access,” Wegmans stated.

“This data breach exposed customer information such as names, addresses, phone numbers, birth dates, Shoppers Club numbers, and Wegmans.com account e-mail addresses and passwords.” (Wegmans statement.)

However, Wegmans states that the database passwords were both hashed and salted, and that the true passwords were not stored. Additionally, no customer payment/banking information was exposed, since Wegmans does not keep it in the database.

To resolve the issue, Wegmans is forcing a password reset for all future logins, and the company recommends not using the same login information for any other websites.

Venmo Scams: Friend Impersonations & Phishing Emails

July 1, 2021

Watch out for these Venmo scams!

Scam: Scammers look through Venmo users’ profiles and find friends that they frequently send money to. Then, the scammer makes a fake account, copying that friend’s name and photo. They use this fake account to request money. Often, it’s believable descriptions on the payment requests, like “You forgot to pay me back last time,” or “I forgot my wallet, I’ll pay you back when I get home.” Sometimes, scammers are smart enough to request reasonable amounts of money, and users don’t think twice before sending it. Then, the scammer can go to all of that user’s friends and repeat the scam.

Solution: The best way to avoid this scam is to check the user’s full Venmo profile before sending money. Additionally, if you were not expecting a request from someone, check with them before sending money.

Scam: Another common Venmo scam: Users receive a text or email from Venmo stating there has been a suspicious transaction on the account. The text/email provides a link for more information.

Solution: Don’t click the link. If you are ever unsure about a notification like this, go directly to the Venmo app or website for support, instead of clicking any links in the email.

Hackers Use Samsung’s Pre-Installed Apps to Access Private Information:

June 12, 2021

Multiple security weaknesses in Samsung’s pre-installed Android apps have been discovered that could potentially give an attacker access to personal data without the users’ knowledge. Hackers also had the opportunity to take control of the device.

Attackers could see contacts, calls, text messages, install apps, and change device settings.

Patches have been issued for these security flaws, and Samsung advises users to keep their devices updated in order to avoid possible security risks.

Source: The Hacker News.

Company Gift Card Scams:

June 10, 2021

This scam has been around for a while, but we are seeing it circulating again. This scam doesn’t only attack large corporations. Recently, it’s small businesses with one or two locations.

How the scam works: Most business emails are listed directly on company websites. This isn’t necessarily a bad thing, but more security protections are necessary when that information is public knowledge. A scammer can easily find the boss’s email at most companies. They create an email address almost identical to the boss’s email or hack into their account. Then, they target newer or less-experienced employees. They use the boss’s identity to ask employees to buy gift cards as a present to clients/customers. Often using a rushed tone so that the employee doesn’t have more time to think about the message, the scammer urges employees to buy gift cards as soon as possible (with their own money) and to send pictures of the numbers on them.

What to do: If you see this scam in your inbox, don’t reply to it or click on any links. First, check the sending address closely to see if it’s correct. Often, scammers will use an email address that is one letter off from the original. Or, they use a completely incorrect email address and hope that no one checks it. Still unsure if it’s real or fake? The best thing to do is to call the person to check. Most people fall for this scam because they are hesitant to question their boss, and rush to complete the task in time.

Amazon Email Scams – How To Identify Phishing Emails:

May 27, 2021

Lately, we have seen more and more emails impersonating large companies. Most people receive emails regularly from websites like Amazon, Facebook, or PayPal, so it can be difficult to tell if these emails are real or fake. Using the example image below, here are the top three ways to identify phishing emails:

1. Check the sending address; don’t just look at the name of the sender. The email below looks like it was sent from Amazon, but the address says “info@amazndelivery-hub52.co.” A real email from Amazon ends with “@amazon.com.” Large business email addresses do not contain any extra letters or numbers, and would never come from Gmail, Yahoo, or any other public email domains. Identifying these small mistakes is the key to telling the difference between a real or fake email.

2. Notice weird spacing, capitalization, and punctuation throughout the email. A professional corporation’s emails are checked many times for proper grammar and spelling before being sent out. Note how Amazon is slightly misspelled in the sending address.

3. The email creates a sense of panic/urgency, pushing you to call a number, click a link, or open an attachment. Check the information before clicking by opening a new tab, going directly to the company’s website, and checking the contact information listed to see if it matches the information in the email. Contact the company’s customer support directly to check if they really sent that email. Do not follow any links in the email to get to the company website.

Still unsure? Call us before clicking any suspicious links: (610) 566-0980.

amazon-phishing-email-scam

Adobe Zero Day Vulnerability:

May 13, 2021

Another round of hacks, ransomware attacks, pipelines down, MedNetoRX: Medical information Processing hacked with Ransomware and the list goes on.

What brings me here again today? Adobe ZERO Day Vulnerability.

Adobe has released a patch with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that’s actively exploited in the wild. You may read more about it here.

We have a script we are pushing to everyone this morning to install this patch. The install should run in the background, but in case we need to interrupt your day or you get prompted for this update, please understand this must be done.

CrafTech is actively threat hunting within our client environments for any indicators of compromise.

Phishing Emails:

April 22, 2021

Here at CrafTech, we keep busy staying on top of CyberStuff so I thought it was time to give you another warning to put you all back in the defense line!

Email threats and email phishing are at the highest we’ve ever seen and it’s not going to get any better any time soon.

There are very sophisticated emails getting into people’s inboxes that can pretty much bypass every filter out there. All it takes is a simple click and they got you.

Best defense still is user education and awareness. See something suspicious, say something, think 3 times before clicking on it. Forward it to our team for confirmation, or call us and have someone look into it.

Don’t have 2FA implemented yet? Soon there won’t be a choice of not having 2FA implemented, according to Microsoft.

Now, you still have the option of getting hacked!

Facebook Data Breach:

April 7, 2021

Recently, 533 million Facebook data records were leaked.

If you have a Facebook account, it’s very likely that your phone number was leaked, as Facebook requires this information to sign up for an account.

Check if your data has been breached using this website.

LinkedIn Phishing Scam:

February 23, 2021

A new phishing campaign on LinkedIn uses compromised accounts to send messages through LinkedIn’s direct messaging system. This is an effort to get users to click on a “LinkedIn Private Shared Document.” A “LinkedIn Private Shared Document” does not exist as a LinkedIn feature, so this is a major indication of a phishing message.

If a user clicks on one of these phishing links, a fake LinkedIn login page will appear and attempt to collect their login information. If the login information is obtained, the user’s account may begin sending messages to their connections in an effort to get further account logins from other users. Attackers may then attempt to use this login information to log into other platforms.

Source: Nuspire

Job Scams:

February 10, 2021

Due to the pandemic, many of us have experienced job losses. Unfortunately, people are taking advantage of remote interviews becoming more common. Hackers/scammers are posting fake job ads to gain personal information on popular job-posting websites such as LinkedIn and Indeed. Beware of job ads and applications that:

  • Ask for financial information such as banking details or social security numbers. Only submit this information on official government documents upon hire.
  • Ask for money for job-related supplies like a uniform or technical equipment.
  • Jobs that complete the full interviewing and hiring process too quickly, such as within one day.
  • Job ads that have vague information.
  • Interviewers that contact you from a Gmail or Yahoo email address, instead of an address ending in the business name.

When applying to jobs online, be sure that the company has a credible website and credible contact information. Because some scammers copy real job ads and impersonate real businesspeople, don’t be afraid to reach out to the company for confirmation. Never click on an email offering job information from an unfamiliar person. Lastly, never write a personal address on a resume; write a city name if a location is necessary. Scammers scan for this information to sell.

Apple Security Update:

February 3, 2021

Apple has recently announced that three security issues “may have been actively exploited.” The security issues allowed hackers to take over iPhones and iPads remotely. Hackers could read texts and emails, access the camera roll, and possibly even access the microphone and camera. Apple released a software update to protect these devices; it fixes two issues in the WebKit engine (which is used by Safari and other browsers) and another in Kernel (an Apple developer framework.) Apple has decided not to give any further details until their investigation is complete.

Be sure to update your iPhone or iPad to the newest software update to avoid this security risk.

Text Message Phishing:

January 26, 2021

Hackers are always coming up with new ways to gain personal information. A text message scam is going around, claiming that users need to update the payment information on their Netflix account. Although some brands communicate with their users through text, Netflix does not (except for sending login verification codes.) Never submit payment or login information through a link, even if it looks legitimate. Go directly to the main website instead. See the phishing message below:

Another variation of this scam is a USPS notification text, inviting the user to click a link for package updates. This is a tricky situation because USPS actually does send package updates through text. See the phishing message below:

Since it has become common for brands to communicate updates through text, it’s easy to fall for this. Here are examples of legitimate text updates from each mail service:

To tell if a package-related text is real, check for a tracking number, a specific date/time, and be sure that the link includes the real mail service website. Fake texts will include a link that doesn’t have the company’s name, or the text won’t any specific details about the shipment. Beware of suspicious text messages, as there are always new scams on the rise.

Amazon Alexa:

January 4, 2021

As companies try to restructure their security offers, hackers keep on hacking to keep them busy. Awareness, still your best defense!

If you have any Alexa enabled devices, you should turn this off. Seems like Amazon is trying to make things more connected to sell a product, but I’m sure hackers will start looking at this as another opportunity.

Go to your Alexa App -> Tap More -> Tap Settings -> Account Settings -> Amazon Sidewalk and turn it off.

Read more about it with a quick video here.