Profile cover photo
Profile photo
Computer Service Corporation
1 follower
1 follower
About
Posts

Yet another reminder of how important it is to have good protection on your systems and be careful with any emails that look at all suspicious:

DocuSign Suffers Data Breach, Email Addresses Used in Phishing Attack
No other customer data was accessed in the breach
May 16, 2017 07:40 GMT · By Gabriela Vatu · Share:
DocuSign, the company behind eSignature, one of the most popular digital signature services in the world, admitted that they suffered a data breach that exposed customer emails. These emails were later used in a phishing campaign that kicked off last week.
"Last week and again this morning, DocuSign detected an increase in phishing emails sent to some of our customers and users – and we posted alerts here on the DocuSign Trust Site and in social media. The emails “spoofed” the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, installs malicious software. As part of our process in response to phishing incidents, we confirmed that DocuSign’s core eSignature service, envelopes and customer documents remain secure," the company notes in the alert it issued earlier.
According to DocuSign, a malicious party had gained temporary access to a separate, non-core system that allows the communication of service-related announcements to users via email. Thankfully, during the data breach, only email addresses were accessed. This means that people's names, physical addresses, passwords, social security numbers, credit card data and any other account-related data are safe and have not been accessed. Nor have any content or customer documents sent through DocuSign's eSignature system.
The company took action to prohibit the unauthorized access to the system and put further security controls in place.
"Beware of phishing mails"
Sadly, people are still being targeted by phishing emails. Therefore, the company is asking customers to delete any emails with the subject line "Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature" and "Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature" as they are not from DocuSign. Instead, they contain a link to malware spam.
Any other suspicious emails related to DocuSign are to be forwarded to spam@docusign.com and deleted from the computer immediately thereafter.
The company also advises users to have their anti-virus software Bitdefender enabled and up to date to block any possible infections.
Add a comment...

Post has attachment
Have you ever had a message box pop up on your web browser you cannot get rid of? Or a web page tell you you have a virus and you need to call some number? Often these attempts to scare someone into calling a number or threatening with legal action are just a hackers attempt to get someone to call the number they are given and give up some personal information or a credit card number. See the image attached to this post for an example of what this can look like.

Often these are not the fault of the web site you were just visiting, instead they get on it via an ad or other external link that was compromised. So, if you get a message like this, or even a phone call from someone pretending to be Microsoft or your IT provider or department (you all know who your IT folks really are, right?), be suspicious.

If you get the web page pop-up, like in the image, it is actually pretty simple to get rid of it without getting any infections yourself. You have two options, one is to just turn off your computer or hard power it down and reboot it and things will be back to normal. The other does not even require a restart. Here's the process:
1) Press Ctrl + Alt + Del
2) Click on Task Manager
3) Find the browser you were using in the list of programs
(chrome, iexplore, firefox, etc)
5) Click on it, then click the End Task button
6) The browser should close, if not look for other instances of it and end them too
7) Once it is gone, re-launch your browser and do not let it restore the last session
8) Resume surfing and enjoy being smarter than the hacker

On a related note, if someone calls you and says you are infected, spreading viruses or something similar, you probably are not. I recommend you hang up on the caller. They may call back several times trying to be persistent and to get you to give them something, just keep hanging up on them, they'll get the message you are too smart for them soon enough. Then, if you are concerned there may actually be an issue, call your IT provider or department, or call us. That way you are talking to someone you know is legit and actually trying to help you.
Photo
Add a comment...

Post has attachment
We have encountered an interesting new twist in the e-mail virus saga. One of our customers received an email from one of her regular contacts that said it was signed docs, and the attachment was a PDF, so it looked legit. The spam and virus filters saw nothing as there was no virus in the message or PDF file. And being a PDF, instead of a zip, Word or Excel document, it looks legit as well. Instead, this particular PDF pretends to have a link to a secure Google Drive document (see picture). If you were to click on the Download PDF link, then it redirects you to the page that downloads the virus.

Just another reminder to all that you need to be really cautious with what you open or download from an email attachment or the Internet.
Photo
Add a comment...

Backups are an area most people think about for a moment with a new system then forget about. In truth, this is one of the most critical things you can do to safeguard yourself or your business from loosing something critical.

I want to talk today about how to protect your personal data against a drive failure, virus or other disaster. There are several free things you may already have and not be using that you can use to make sure that you don't loose those precious family photos, schoolwork or other important data. The easiest to use free online storage solutions are Google Drive, Microsoft's One Drive and Apples iCloud.

Google Drive gives you 15 GB of online storage, and a convenient app you can download to access your online folders easily from within Windows, Apple or Android devices. If you have a gmail account you already have access to Google drive, if not just sign up for a free Google account and you're ready to get started.

OneDrive comes integrated with the newer version of Windows automatically and includes 5 GB of online storage for free. You can access it easily as well from the OneDrive folder already in your Windows file explorer.

ICloud also gives you 5 GB of online storage for free. Like OneDrive is part of Windows systems, iCloud is integrated with Apple systems and can be easily accessed from the file explorer.

With all of these systems, if you need more storage, you can easily purchase it for a relatively inexpensive monthly or yearly fee. There are also many other systems out there that work in similar ways, like DropBox, and also online backup systems that you can use to set up automatic backups of your systems, like iDrive.

So, how can you use these free programs to protect your data? Some people simply move all of their documents and pictures over to the cloud. Other people copy only certain things over to a could storage folder, and update it manually. Either way, whatever you have on the cloud system is protected if your device fails.

If you have a huge amount of data or want to back up a server, it can get a bit more complicated. Give us a call and we can help you design a backup system that will keep you protected.
Add a comment...

There are a lot of viruses going around right now that say they are a resume, invoice, bill, packing list or whatever. We have found that most of them are coming in as email attachments that are Word documents or Excel spreadsheets.

As a result of this, I have a rule of thumb I'd like to share with you all that is a simple way to help keep yourself safe. If it is not from someone you know, and you are expecting it, don't open it unless it is a PDF file. PDF is the standard for sending invoices, bills and etc. via email. They are generally secure and designed not to be editable, which is a bonus in these kind of communications.

If you do open an attachment and it asks you to 'enable' something or change some setting to view it properly, odds are it is a virus and will cause you headaches if you do.

So be smart! And if you do open something and it looks bad or like you may have been infected, best bet is to immediately power off your computer by holding down the power button until the system turns off. Then call your IT provider, or call us, and let the professionals make sure you are safe.

If you want to try to tackle the removal yourself, there is a post on our page below that offers some useful tools you can use to help you with this.
Add a comment...

We have recently noticed a huge uptick in people having issues with malicious emails and viruses. There are a number of e-mails going around now that claim to be an invoice, or a copy of an invoice that was sent and needs review (not to mention the FedEx or UPS package could not be delivered e-mails). These have a Word document attached that if opened will trigger a virus to try to infect your computer. These viruses run the gamut from basic to horrific. They can even cause you to loose all your data by encrypting it and asking for a ransom. Even if you pay they will often not decrypt the data. The general rule of thumb is that if there is a Word document attachment, just don't open it unless you are sure it is legit. Most companies send invoices and other attachments as PDF's since they are generally safer.

Another common tactic is someone calling and telling you that your computer is infected or is reporting to them that it has an issue. They will ask you to download something to let them remote in and help you fix the problem. Unless you are paying for a service that does this and the call is from that company it is a scam and they are simply trying to scare you into buying something you do not need or infect your computer with a virus.

Sadly, this is the world we live in now. Security and protecting your critical data is more important than ever. So, what can you do to make sure you are protecting your system? The approach to security can be complex, but a few simple things will make a world of difference. First, make sure you have a good antivirus solution, not a basic free one as they just can't keep up with what is the virus makers are doing to subvert antivirus programs. I like Vipre Antivirus, but almost all of them are great options. Also make sure you have a good firewall on your network, preferably one that will scan all traffic for viruses and undesired content before it ever gets to your network. Take a look at SonicWALL and PFSense for a couple of great options. Lastly is a good email filter. There a a ton of these out there that can help with the threat of email based attacks.

I like to think of security like an onion, with layers protecting other layers so that to get through you have to peel back all the layers. Hopefully this will give you an idea to help educate yourself and your colleagues to what today's threats look like and what you can do about them. If you would like any further advise about any of this please let us know, we are happy to help.
Add a comment...

Have trouble with spam? Had someone download a virus from an e-mail attachment?  CSC is always working hard to stay ahead of these issues and in keeping with that goal we are moving to a much more capable spam filtering platform.  If you have your own e-mail system, even if it is hosted by someone else, you need some kind of spam filtering to protect your users and your security.  We are proud to announce that we are moving all of our email spam and virus filtering to the MSP Mail Filter from MSPPortal.net.  This change will help us keep systems secure and running smoothly, without getting bogged down by large amounts of spam or attacked by viruses.

As an added bonus, the new service includes Mail Continuity, which allows the ability to access e-mail, and even send new messages, in the event of a mail server failure or crash. This is a spectacular feature and is great insurance if there is ever an outage with a mail server.
Add a comment...

Over the holidays, we all know to keep an eye on our personal finances as it is prime time for thieves to try to steal credit card and other personal information.  But what about your business?  This is also a great time to take a hard look at your computer security and other systems to make sure you are protected and have a disaster plan in place.  Some common things to look at are:

• Antivirus – Is it on all workstations and servers and up to date?  And when does the subscription expire?
• Firewalls – Do they have the most current firmware?  Are they set to inspect inbound and outbound traffic? Do they provide Antivirus and other intrusion prevention services, and if not should you upgrade to one that does?
• Backups – Is the server being backed up?  Are the workstations?  When was the last time a backup was tested? Do you have an off-site backup? How about phones and laptops that may not be in the office?
• Wireless – Is wireless password protected? Is it set to the current security standards? When was the last time the password was changed?
• Disaster planning – Do you have a copy of all critical data in the event of a disaster that destroys the office, like a fire or flood? Do you have insurance adequate to cover your systems, and other business assets?
• Compliance – Many businesses have compliance issues from PCI to HIPAA to ITAR. When was the last time you looked at the current standards for compliance with these rules? Have the requirements changed since the last review?

These are just a few questions to help make sure that you can take on anything that comes next year without it becoming an issue.  The same things are good to look at for your home systems as well.  I recently have seen in increase in virus attacks that encrypt the data on a computer, and if you don’t have a current backup, it can be a big issue.

So, have a great holiday season, but make sure you also take a moment to reflect on what you have in place to protect and secure your information and business.  A little effort and planning now can save you a ton of headache in the future.

Happy holidays from all of us at CSC!
Add a comment...

Post has attachment
As a result of this weeks storm, we wanted to take a moment to talk about how important it is to protect your computers in the event of a power spike or power failure.  An Uninterruptable Power Supply, or UPS, is an inexpensive way to protect your computers and servers from this threat.  As a side note, we also recommend you put them on your flat-screen TV's to increase their life and protect them as well.  
A UPS will not only keep the computer on long enough to save your work and properly shut down in the event of a power failure, but is also conditions the power so brown-outs, power blinks and power spikes do not make it to the protected computer.  This can greatly increase the life of the power supply in areas where there is 'dirty' power.  After this weeks wind storm we saw several computers and even a server that were damaged by power spikes and blackpouts.  None of the damaged systems were protected by a UPS, and all of the systems that had UPS's on them were uneffected.  As another side note, when running on a small generator most electronic devices will not operate properly since hte power a generator provides is not stable enough for them.  Adding a UPS to the generator can allow computers and flat screen TV's to operate normally and safely on generator power.
For more information on UPS's give us a call or check out CyberPower (www.cyberpowersystems.com) and APC's (www.apc.com) web sites.  These are the two brands of UPS we typically recommend.
Add a comment...

Post has attachment
We have been informed that Microsoft Update KB3097877 may have some issues causing Outlook to crash after it is installed. If you have already installed this update and everything is working you should be fine, but if you have not we'd recommend holding off until a new revision of it is released.
More information: There are claims it has been fixed, but we still are hearing reports of issues. For more information you can see:
http://www.winbeta.org/news/microsofts-recent-buggy-security-patch-kb3097877-fixed and http://www.infoworld.com/article/3004441/microsoft-windows/microsoft-surreptitiously-reissues-botched-patch-kb-3097877-for-windows-7.html
Add a comment...
Wait while more posts are being loaded