Every day countless phishing emails are sent to unsuspecting victims. While some of these messages are obviously fraudulent, others can be a bit more convincing.

typing email

So, how do you tell the difference between a phishing email and a legitimate one?

Unfortunately, there is no one single technique that works in every situation, but here are some of the most common you can look for to help stay safe.

5 common things you can look for to keep yourself safe from phishing frauds:

1. Mismatched URLs

The first thing we recommend checking in a suspicious email is the integrity of any embedded URLs. Often the URL in a phishing email will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address. If the hyperlinked address is different from the address that is displayed, it’s very likely that the message is fraudulent.

2. URLs contain a misleading domain name

People who launch phishing scams often rely on their victims not knowing how the DNS naming structure for domains work. So, how does it work? You need to look at the domain itself, for example, info.o2mobile.com, is a child domain of o2mobile.com because o2mobile.com appears at the end of the full domain name (on the right-hand side). Conversely, o2mobile.information.com would clearly not have originated from o2mobile.com because the reference to o2mobile.com is on the left side of the domain name.

3. The message contains poor spelling and grammar

Whenever a large company sends out an email, the email is usually reviewed for spelling, grammar, and legality, among other things. Therefore, if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation’s legal or marketing department.

4. The message appears to be from a government organization

Any email that is claiming to have come from a government organization, such as the IRS, that promises a rebate or makes threats about a penalty, should sound alarm bells. All government organizations have protocols, and usually, those protocols don’t include sending emails out of the blue offering you refunds or demanding payments.

5. The offer seems too good to be true

The saying ‘it’s too good to be true’ holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, the message is probably a scam.

Phishing emails are becoming more and more sophisticated as technology becomes smarter, so the scammers will always be trying new tactics. We can help you and your employees to ‘spot the phish’ and stay safe online.
Contact us to stay guarded against every facet of social-engineering threats via continuous simulation and training.

Read more

April COVID 19 Update

First and foremost, we hope that this update finds you and your friends and family safe, healthy and secure.

At the one month mark of our decision to join thousands of companies statewide and shelter-in-place, we are still working primarily from our homes and assisting with client networks remotely. We’ve been incredibly excited to see how seamless and relatively painless our current remote access technologies have made the transition from on-site to teleworking for both ourselves and for our customers.

We are continuing to closely monitor the CDC recommendations and are staying committed to keeping our customers and employees as safe as possible, while continuing our efforts to keep critical systems running as normally as possible.

During this challenging time, it has been very heartwarming to see the outpouring of support, camaraderie and selflessness of our amazing North Valley communities, and we feel honored to be an active part of it.

If you or your company are still looking for teleworking or general network solutions during the shelter-in-place, we would love to share some of our success stories and implementations with you.

Mother and Daughter in masks
Keep safe.
We will all get through this, together

Read more

SECURITY ALERT – RD Session Drive Mapping

Security Alert

We have experienced a very unique situation where using a Remote Desktop session to connect to a remote system that’s been infected with crypto malware can potentially encrypt files on the originators network.

We recommend that you have the “drives” option disabled on ALL RD session connections.

Without this setting disabled, the remote system can gain access to your mapped redirected drives, and will begin to encrypt the files on them. TURN OFF DRIVE MAPPING as a default setting for all RDC connections.

It’s simple to do, just follow these steps

From the “Local Resources” tab in your RD Connection window, click the “more” button.

Be sure to UNCHECK the “drives” option in the “Local Drives and Resources” window.

Make this change on all existing RDP connections, or save it to a file and use as your default RDC session connection.

Read more