Why Protecting Your Printers From Cybercrime Is A Must (And Eight Tips For Improving Printer Security)

Printing devices are often overlooked when it comes to security. But the reality is, cybercriminals can hack your printer to get confidential information. Your printer is probably the last piece of computer equipment you thought needed protection from cybercriminals. But the truth is very different.

Attackers actively try to locate the weakest links in security to gain access to and exploit valuable data. And among the weakest links is the printer.

Printers have access to your devices, network, and the Internet. This new open-access functionality makes them an ideal target for cyberattacks.

Unfortunately, many business owners overlook the importance of securing their printers and mainly focus on computers and mobile phones.

Most people still perceive printers as internal devices that serve basic functions. For this very reason, they are an easy target for cybercriminals.

Other than performing unauthorized print jobs, hackers can access confidential information as well as all connected computers and networks all through a printer.

You may also not be aware of the amount of valuable data your printer can store about you – tax files, bank details, financial records, employee information, personal information, etc. All a hacker needs to do is get into the operating system of your printer, and they can collect this sensitive data.

If you’ve just realized the importance of securing your printer, keep reading. This article shares eight tips to help you do just that.

Tip #1. Make Sure Your Printers Are Configured Correctly
Many things can make a printer vulnerable to cyber threats and security breaches. So, you want to get the basics right to ensure the attacks don’t happen to you. To start with, make sure to change the default password on your printer. Since anyone can access a printer remotely, a simple “123456” code won’t suffice.

Second, make sure you’re using your own router to print files remotely. Never connect to “Guest” networks.

Tip #2. Inspect Print Trays Regularly
This one is a no-brainer, but everyone could use it as a reminder. Make sure to check your print trays and get rid of unused pages carrying sensitive information. There’s no easier way to prevent data leaks than this.

Alternatively, you can get a shredder for your office and shred the papers you don’t want anyone to see.

Tip #3. Install Malware and Firmware Updates
Invest time and effort to ensure that your malware and firmware protection are up to date and can handle all types of hacks.

The good news is that many printers come with pre-built malware protection.

HP, for example, installs the HP “SureStart” software in their printers that monitors approaching targets when the printer is on. The software can shut down the device if an attack comes its way. This is a great way to prevent attacks from spreading further within the network.

Tip #4. Limit Access to the Network
Unprotected printers in a network are an extremely easy target for cybercriminals. Sure, businesses and offices require printers to access networks to perform remote prints. But if you can do the job by disabling the network access, make sure you do that.

If not, tweak the printer and network settings to only allow the device to take print jobs from the network you trust. This will help avoid outside interference and security breaches.

Tip #5. Update Your Printers
Updating a printer is equally as important as updating your phone to the latest software. Much in the way iOS developers look for bugs and fix them in a new update, printer manufacturers work toward known device vulnerabilities and update the software for added protection.

Look for printer updates so you can easily overcome known threats to the printer. Ideally, update your printers every quarter to get the most out of the security benefits.

Tip #6. Install a Firewall
If you run an office, chances are you already have a firewall. But in case you missed this requirement, now’s the time to do it.

Using a reliable firewall helps keep printers safe from cybercriminals. Your computers most likely come with pre-built firewalls, and all you need to do is keep them enabled. But there are also specialized firewalls for homes and offices that offer advanced security and make it virtually impossible for anyone to break in.

Tip #7. Encrypt Your Storage
Printers with shared networks can perform distance printing. And when a print job is in transit and travels from a computer to a printer, hackers can intercept the data and exploit it.

To keep this from happening, encrypt your print jobs. Also, make sure the sensitive data on your printer’s hard or internal drive is encrypted as well.

Keep in mind that when you print a document, that file is often stored as an image within the printer and makes it an easy target for hackers. It’s why you should use an encryption tool to protect your data. Luckily, many modern printers have this tool pre-built.

Tip #8. Educate Your Employees
If you work in an office, chances are you aren’t the only person using the printer. Everyone that has access to it needs to be aware of the responsibilities that come with its usage. Make sure to talk to your employees about ways to ensure both the physical and virtual safety of the printers.

Your staff should also be careful when using their mobile devices to print, as smartphones are easier to hack than standard computers. Explain to them what phishing scams are and how they can avoid being the victim.

Finally, make sure it’s clear to them how they can use confidential information in your company.

Whether you use printers in your office or at home, take a moment to see how you can enhance its security before your next printing job.

Which Type of Hacker Is Endangering Your Business Data?

Your data is pivotal to running a successful company. If you don’t have proper security measures in place, hackers can easily steal your data and take you out of business. Cybercriminals might be the biggest threat facing your company. Besides gaining access to your money and accounts, they can also take over critical software, preventing you from collaborating with clients.

Any organization can fall victim to hacking. However, small and medium businesses are particularly at risk. Why?

Too often, their owners don’t always address cybersecurity when launching their company. Sometimes, they even just hire the first IT service provider they see. They also don’t know how to shield themselves from online attackers, making them low-risk targets.

As a result, these organizations often go under due to the loss of sensitive data. It isn’t a risk you can take.

The 5 types of hackers to watch out for

Here’s a quick list of potential hackers, depending on what they’re after:

#1. Hackers Who Are After Personal Information. Many hackers are dying to get their hands on the personal information of your clients and employees. It includes birth dates, financial data, and social security numbers.

Social security numbers might be the most valuable asset they want to get ahold of since cybercriminals can use them for various purposes. For instance, they can perform tax fraud, open credit accounts, and make other significant identity breaches. In addition, financial data can be utilized for fraudulent activities and purchases, especially if it lacks robust digital security systems.

#2. Hackers Who Want to Get Into the Digital Infrastructure. Storage and data servers are expensive – and hackers know that.

In order for them to cut costs, hackers may aim to store their applications and data on your infrastructure instead. The better your infrastructure, the more likely cybercriminals are to target it. This can strain your network to the limits and have devastating effects on your business.

Unsurprisingly, tech companies are some of the most common victims of this type of hacking.

The common indicators that a hacker has tapped into your digital infrastructure include:

  • Running out of storage faster than usual
  • Your network suffers slowdowns
  • You may have unknown devices on your network.

#3. Hackers Who Are After Confidential Information. Few business aspects are as important as your intellectual property (IP). Your products and services enable you to stand out from the competition and strike a chord with the target audience.

A huge problem arises if hackers steal the design of your upcoming product before you launch it or submit your patent. A competitor may obtain the information, allowing them to hit the market first and undercut your sales.

#4. Hackers Who Want to Get Account Data. Sure, you and your IT service provider might have done enough so that hackers might not be able to obtain financial data. But are your employees’ accounts secure?

If hackers compromise them, they may let them run scams and gain information to disrupt your operations.

For example, losing CEO login credentials can be devastating. Besides granting hackers access to sensitive information, it also helps them impersonate the CEO. In return, they can solicit information from employees or clients and halt your operations. This data breach can lead to widespread confusion, tarnishing your reputation.

#5. Hackers Who Aim to Have Network Control. In some cases, hackers aren’t after data. Instead, they want to gain control of the entire network. And to make it happen, they launch ransomware attacks.

These activities enable them to lock you out of the system and make data inaccessible until you pay a ransom. They’re typically initiated through spam, phishing emails, and online ads.

The average ransom amount stands at approximately $30,000, but the loss caused by business disruption is much more significant.

Work-From-Home Precautions For Your Network

Mark Funchion is a network technician at Tech Experts.

As our world has shifted to a heavy work-from-home environment, it is important that you do what you can to make sure your business’s network is secure, whether your employees are working from home or in the office.

Working from home can pose many challenges. The first involves the device the employee uses. If they have a company-issued laptop and you implemented a VPN, then great, you’re fairly secure.

What do you do if they are using their own home PC? Do they have anti-virus? Are they accessing documents through a common cloud storage location, such as OneDrive or Dropbox?

If so, that can cause issues because that home PC may have other users who are not careful about what they download or what emails they open. If that PC is infected and your employee connects to shared storage, your business may become infected.

For these reasons, you should really consider only allowing access to your data over a VPN that your employees must log into. Do not share files through cloud storage unless you are sure the devices connecting are secure.

This means you may need to provide anti-virus to your users. Yes, it’s an expense, but it’s much cheaper than recovering from a ransomware attack because an employee’s 12-year-old downloaded a Fortnite “hack” to get more V-Bucks.

Next, push the use of two-factor authentication (2FA) and password managers. Having a simple password like “CompanyVPN1!” won’t cut it.

Force your users to use strong and varied passwords. Now, those can be difficult to remember, so it may be a good investment to look into a corporate password manager. This will securely store passwords and make it easier for employees to use stronger credentials.

In addition to better passwords, use 2FA. This security measure sends a verification code to your employee via email or text when they log into secure apps or websites. It’s another extra step, but again, the more precautions you take, the better off your security will be. Just because your employee logged in from home with a strong password doesn’t mean it’s actually your employee. That second authentication makes it much more difficult for the end user’s information to be gained by cybercriminals.

Educate your employees about using public Wi-Fi as well. It’s nice to sit in a comfy chair at Panera and enjoy a bagel and coffee while responding to emails, but who else is on that network? If they must do this, then using a VPN and 2FA are a must.

These are a lot of scary things, but don’t lose sleep. Be diligent in securing your network. If you allow work-from-home, be prepared to invest in setting up VPNs, 2FA, password managers, and anti-virus software for your employees. This time and due diligence will greatly help you prevent your data and network from becoming compromised.

Also, remember you are not in this alone: Tech Experts is here to help. If you want to secure your network for remote work, reach out to us at (734) 457-5000. We secured our own network so we can work remotely and have the expertise to help you do the same.

Using Public Wi-Fi? Consider A VPN

With more of us working remotely now, coffee shops are getting busier again as we look for somewhere other than home to work. But while it can be great for getting rid of distractions, it’s not so good for security.

That’s because public Wi-Fi is a hotspot for data theft. Any data sent over public Wi-Fi that doesn’t need a password to access is vulnerable to theft or manipulation from someone else using that network.

And it’s not just other Wi-Fi traffic you need to consider. There are also fake networks to be wary of. You think you’re connecting to the coffee shop’s Wi-Fi… but how do you know it isn’t a fake version with the same name?

As soon as you log on, they can suck up all of your credentials and any other personal data on your device.

If your team is using public Wi-Fi regularly, best practice is to use a VPN (Virtual Private Network) to keep your data safe. This acts as a private tunnel for your device to connect to a private network, keeping your info safe.

Three Steps To Improve Your Ransomware Resilience

This is a cold hard fact: Ransomware is on the rise.

What is ransomware?

It’s where hackers break into your network, encrypt your data so you can’t access it, and then charge you a large ransom fee to unlock it. It’s the most disruptive and costly kind of attack you can imagine. And very hard to undo.

Why is it a big deal?

Ransomware attacks are dramatically up thanks to the pandemic. All the urgent changes that businesses went through last year created a perfect storm with plenty of new opportunities for cyber criminals.

Is my business really at risk?

Thanks to automated tools used by hackers, all businesses are being targeted all the time. In fact, hackers prefer to target small businesses as they typically invest less time and money into preventive security measures compared to large companies. It’s estimated a business is infected with ransomware every 14 seconds.

How can my business get infected with ransomware?

42% of ransomware comes from phishing emails. This is where you get a legitimate-looking email asking you to take a specific action. You only need to click a bad link once to let attackers quietly into your system. And it doesn’t have to be you who clicks… it could be any member of your team.

Why is it so hard to undo?

A ransomware attack takes weeks for the hackers to set up. Once inside a network, they stay hidden and take their time to make lots of changes. Essentially, they’re making it virtually impossible for an IT security company such as ours to undo the damage and kick them out once the attack has started. If you haven’t thoroughly prepared for a ransomware attack before it happens, you are much more likely to have to pay the fee.

How much is the typical ransom?

The hackers aren’t stupid. They know trying to get $150,000 out of a small business simply won’t happen. But you might stump up $10,000 just to end the hell of a ransomware attack. They will change their ransom demand based on how much money they believe a business has.

Of course, the ransom isn’t the only cost associated with an attack. There are countless indirect costs. Such as being unable to access your data or systems for a week or longer. How horrendous would it be if no one could do any work on their computer for a week? How would your customers react to that?

What can I do now to protect my business?

This is the most important question to ask. It’s virtually impossible to stop a ransomware attack from happening. But you can do an enormous amount of preparation, so if an attack does happen, it’s an inconvenience, not a catastrophe.

Here are the three steps we recommend for maximizing your ransomware resilience.

Act as if there’s no software protecting you

Software is essential to keep your business safe from all the cyber security threats. But there’s a downside of using this software – it can make you and your team complacent.

Actually, humans are the first defense against cyber-attacks. For example, if your team doesn’t click on a bad link in a phishing email in the first place, then you’re not relying on software to detect an attack and try to stop it.

This means basic training for everyone in the business, and then keeping them up-to-date with the latest threats.

Invest in the best data backup and recovery you can

Automatic off-site data backup is a business basic. When you have a working backup in place, it can be tempting not to give it a second thought.

But it’s worth remembering that cyber criminals will take any means necessary to get you to pay their ransom. That means they’ll target your backup files too. Including cloud-based data.

It’s critical that you create and implement a comprehensive back-up and recovery approach to all of your business data. The National Institute of Standards and Technology sets out a cyber security framework which includes best practices such as:

• Constant backups: Separate from the computers and ideally in the cloud
• Immutable storage: This means once created, backups can’t be changed
• Firewalls: To restrict what data gets in and out

Create a plan for cyber-attacks

When a cyber-attack happens, every second is crucial. The earlier you act, the less damage is caused.

So, prepare a detailed plan of action and make sure everyone knows what’s in it, where to find it, and how to trigger it.

Test your plan regularly to make sure of its effectiveness and remove any risk of failure by keeping at least three copies of it in different places. One should be a printout kept at someone’s home… just in case you have zero access to data storage.

What’s Your Pocket-Sized Security Threat?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

You guessed it. I’m talking about phones.

How many people in your business have a company-issued phone, or use their own to access company data like emails, client information, or documents? It’s probably a high number, right?

And your phone is a big risk to your data security. Smishing attacks (that’s the text message equivalent of a phishing email) increased 328% in 2020 and will probably significantly rise again this year.

That’s because it’s a goldmine for cyber criminals. 98% of text messages are read and 45% are responded to. So a smishing text is likely to yield good results for criminals.

Once your phone is infected, malware can monitor your calls and messages, download and delete your data, and if a phone is connected to your business network, the infection might even spread. [Read more…]

Targeted Attacks On Small Businesses Are On The Rise

Mark Funchion is a network technician at Tech Experts.

Many of us have heard of ransomware. This is an attack where someone gains access to a system and encrypts all of the data until a ransom is paid. Once they get their money, they either unencrypt the data… or not. There is no guarantee that paying the ransom will actually work.

Most attacks in the past, both viruses and ransomware, were the “spray and pray” variety. Basically, the attackers would send out thousands (or hundreds of thousands) of emails and hope that a small percentage of them were successful. This procedure worked, but the success rate was low and the attackers had to have a large volume to make it successful.

The more profitable attacks that are on the rise are targeted attacks. These attacks rely on quality rather than quantity. Research goes into the attacks that then target a single or very few companies. These attackers will even go as far to check a company or institution’s financial information to see how much of a ransom they can expect to get.

In addition to demanding a ransom for the data to be decrypted, there is often a threat that the data will be released if the ransom is not paid. The threat of data being released can lead to the ransom being paid even if the target has a way to recover from the attack.

While many home users would hate to have their data released, it would not be completely devastating in most cases. If you are a financial, medical, or education institution, it could end your business or severely harm it. These institutions all contain sensitive information of their employees and clients.

For this reason, a recent spike has been seen in the UK involving their schools. Attackers are seeing schools as an easier target in today’s environment with the increase in remote learning. Banks and hospitals have been targeted numerous times before, and their main goal is to be as secure as possible, spending large amounts of money on it.

Schools and universities, on the other hand, are concerned with security, but they’re in a position today with COVID where they need to have fairly open access.

As colleges are pivoting to a distance learning model on a scale never envisioned, they have to allow more and more access in. This means more and more devices the schools have no direct control over, creating potential entry points into the network.

Although most of you reading this are not educational institutions, there is no industry or business (regardless of size) that is safe from a potential attack. Having a good network security system in place with effective backups is critical.

Don’t rely only on a day or a few days’ worth of backups either; some attacks will infect a system, then remain dormant for a while, hoping to outlive the backups you have available.

Having a technology partner who understands the dangers and how to recover is essential. You cannot just plug in a firewall and use an antivirus software and consider yourself protected.

Your business should have an incident response plan that includes backups and restore procedures, as well as testing. You also need to make sure you have a procedure to keep all of your systems up-to-date with the most current patches. Making sure any remote sessions are secure and using 2FA whenever possible is another area often overlooked too.

The list of vulnerabilities is endless, but we are here to assist. Let us provide you the security and comfort that your business is protecting not only your data, but your users from a potential breach.

Designing A Comprehensive Security Plan For Your Company

After years of being in the industry and watching the evolution of cyberattacks, we feel that there are 13 critical pieces to any cybersecurity plan that we, as your managed service provider, should implement. They are:

Two-factor/Multi-factor authentication

Two-factor authentication is probably the most widely misunderstood security solution, but a critical and effective part of every cybersecurity strategy.

Two-factor authentication is just how it sounds: two separate layers of security. The first is a typical username and password log-in with the addition of a secondary level that looks for something you know, something you have, or something on your body (e.g., fingerprint).

Here are some stats you should know that describe the critical need for two-factor authentication:

  • 90% of passwords can be cracked in less than six hours.
  • Two-thirds of people use the same password everywhere.
  • Sophisticated cyberattackers have the power to test billions of passwords every second.

This sobering reality is why we require two-factor or multi-factor authentication for all of our employees and users of our system, and we highly recommend that you do too.

Password management

The main reason people use the same password everywhere is because it’s impossible to keep track of hundreds of usernames and passwords across various devices and systems.

A secure password is a unique, hard-to-guess one, so it’s understandable why users resort to the use of the same password for each site. This is why we have a password management program built into our procedures. The password manager program generates unique, complex passwords for each site or program then securely stores them in the management program.

When one of our staff needs credentials, they use the master password to open their database of passwords and obtain the login information they need, making it easy to “remember” a complex password and significantly reduce the risk of a breach.

Security risk assessment

A security risk assessment involves reviewing your technology and how you use it, followed by the implementation of security improvements and preventive measures.

The assessment should be performed at a minimum of one time per year, if not more. A full security assessment includes the following pieces:

Identification – When performing a security risk assessment, we first need to take inventory of all of your critical information technology equipment, then determine what sensitive data is created, stored, or transmitted through these devices and create a risk profile for each.

Assessment – This step takes identification to the next level. To complete the assessment step, we need to identify the security risks to each critical asset and determine the most effective and efficient way to allocate time and resources to mitigation.

Mitigation – This is where we solve problems. We have specifically defined a mitigation approach for each potential risk in our network and what security controls will be initiated in case of a breach.

Prevention – We have specific tools and processes to minimize the risk of threats against us and our network in order to help keep you safe.

Information security plan

There is a significant need to safeguard any information that is collected, transmitted, used, and stored within information systems, so the development of an information security plan is crucial. We take this very seriously. We have taken steps to document a plan and designed systems to secure our and our clients’ sensitive business data.

A security program is essentially about risk management, including identifying, quantifying and mitigating risks to computers and data. There are some essential basic steps to risk management:

Identify the Assets – Beyond generating a list of all the hardware and software within the infrastructure, assets also include any data that is processed and stored on these devices.

Assign value – Every asset, including data, has a value and there are two approaches that can be taken to develop the value: qualitative and quantitative. “Quantitative” assigns a financial value to each asset and compares it to the cost of the counter-measure.  “Qualitative” places the threats and security measures of the assets and sets a rank by use of a scoring system.

Identify risks and threats to each asset – Threats to the system go beyond malicious actors attempting to access your data and extend to any event that has the potential to harm the asset. Events like lightning strikes, tornados, hurricanes, floods, human error, or terrorist attacks should also be examined as potential risks.

Estimate potential loss and frequency of attack of those assets – This step depends on the location of the asset. For those operating in the Midwest, the risk of a hurricane causing damage is extremely low while the risk of a tornado would be high.

Recommend countermeasures or other remedial activities – By the end of the above steps, the items that need improvement should become fairly obvious. At this point, you can develop security policies and procedures.

Policies and procedures (internal & external) – A crucial part of an effective cybersecurity plan is the policies and procedures, both for internal assets and external assets. You can’t have one without the other. A general description can be thought of as this: a policy is the “rule” and a procedure is the “how.” With this in mind, a policy would be to effectively secure corporate data with strong passwords. The procedure would be to use multi-factor authentication.

Cybersecurity insurance and data breach financial liability – CyberInsureOne defines cybersecurity insurance as “a product that is offered to individuals and businesses in order to protect them from the effects and consequences of online attacks.”

Cybersecurity insurance can help your business recover in the event of a cyberattack, providing such services as public relations support and funds to draw against to cover any financial losses. It’s something that your MSP should carry as well as your own business.

And just like business liability and auto liability insurance, it is paramount that your business (as well as your MSP) covers themselves with data breach financial liability insurance to cover any event that may be attributed to their activities causing a breach.

Data access management – Access management is determining who is and who isn’t allowed access to certain assets and information, such as administrative accounts.

This is critical for your business as it enables control over who has access to your corporate data, especially during times of employee turnover. Other benefits include increased regulatory compliance, reduced operating costs, and reduced information security risks.

Security awareness training (with phishing training) – Phishing is the number one attack vector today with over 90,000 new attacks launched every month. If your provider is not actively participating in security and phishing awareness training, they will be unable to keep you up on the latest trends in how these malicious actors are attempting to gain access to your businesses data.

Data encryption – At its basic level, data encryption translates data into a different form, making it readable only by the starting and ending points and only with the appropriate password. Encryption is currently considered one of the most effective security measures in use as it is nearly impossible for an outside force to crack.

Next Gen antivirus and firewall – Antivirus is software designed to detect and neutralize any infection that does attempt to access the device and should be on every endpoint.

Many providers are marketing their software as “next generation,” but true next generation antivirus includes features such as exploit techniques (blocking a process that is exploiting or using a typical method of bypassing a normal operation), application whitelisting (a process for validating and controlling everything a program is allowed to do), micro-virtualization (blocks direct execution of a process, essentially operating the program in its own virtual operating system), artificial intelligence (blocking or detecting viruses the same way as a human user could), and EDR/Forensics (using a large data set from endpoint logs, packets, and processes to find out what happened after the fact).

Next generation firewalls also include additional capabilities above the traditional firewall, including intrusion protection, deep packet inspection, SSL-Encrypted traffic termination, and sandboxing.

Business continuity plan – This is a process surrounding the development of a system to manage prevention and recovery from potential threats to a business. A solid business continuity plan includes the following:

  • Policy, purpose, and scope
  • Goals
  • Assumptions
  • Key roles responsibilities
  • A business impact analysis
  • Plans for risk mitigation
  • Data and storage requirements that are offsite
  • Business recovery strategies
  • Alternate operating plans
  • Evaluation of outside vendors’ readiness
  • Response and plan activation
  • Communication plan
  • Drills and practice sessions
  • Regular re-evaluation of the current plan

Your MSP should be able to provide you with a copy of what is included in their plan and how it will affect your business if they do encounter a business continuity event, as well as their backup plan to maintain your critical business infrastructure.

Email security layers – In short, layers limit risk. Email security layers include tactics such as two-factor authentication and spam filters at the basic level (which give your employees time to evaluate a potential threat by removing the words “urgent” or “do right now” from internal subject lines).

As your managed service provider, we are dedicated to helping you maintain effective cybersecurity through these advanced tactics, as well as through a consultative, trusted advisor relationship. You are more than just a number to us and we will do everything in our power to help keep your business safe and running smoothly.

The Five Broad Categories Of The Cybersecurity Framework

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

One of the key methods that the NIST recommends businesses do on a continual basis is focus on these five categories as you assess your cybersecurity framework. These should be done regularly, and proactively, in order to be the most effective.

The categories are broad and cover a wide array of tools that businesses can use to build a cybersecurity framework that best supports their business security needs. They are: identify, protect, detect, respond and recover.

The first step you should take is to identify who should and should not have access to your business’s privileged information, and then maintain strict physical access rules for those personnel who don’t need that access.

NIST recommends that you do not allow cleaning and maintenance staff unsupervised access to rooms that contain computers or other technology that stores sensitive information.

Further recommendations include performing extensive background checks on all prospective employees, setting systems to lock down after several minutes of inactivity and maintaining separate accounts for each user. [Read more…]

How To Protect Your Business From SHTML Phishing

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Data security is vital to any business. Learn how SHTML phishing works and how to minimize the risk of your data falling into the hands of attackers.

Email phishing has been in the playbook of hackers since, well, email. What’s alarming is the scope in which criminals can conduct these attacks, the amount of data potentially at risk, and how vulnerable many businesses are to phishing attempts.

Here’s what you need to know to spot the hook and protect your data from being reeled in.

How Does Email Phishing Work?
A phishing email typically contains an attachment in the form of a server-parsed HTML (SHTML) file.

When opened, these shady files redirect the user to a malicious website often disguised as a legitimate product or service provider. [Read more…]