Stay Alert to COVID-19 Phishing Scams

Phishing scams globally related to COVID-19 are on the rise. Whilst we work from home, juggling work and home priorities is stressful and hackers are taking advantage of our increase level of anxiety.

We’re looking for information and reassurance and are falling foul of phishing messages about PPE or even treatments and cures, or even pretending to be from health agencies and offering the latest statistics and safety measures.

Phishing is when scammers try to trick you into opening a malicious attachment, or clicking on a link in an email with intention of infecting your device or stealing your data.

  • 93% of phishing emails involve ransomware
  • 91% of cyberattacks start with phishing

So, if you receive a message you were not expecting, maybe with an incredible offer:

  1. Pause
  2. Think
  3. DO NOT CLICK

In addition, remember the following rules:

  • Never give away personal or financial information in any form or website unless YOU have initiated the request.
  • For up-to-date COVID-19 information use only reputable sources, such as gov.uk or local government websites, HMRC or the NHS. Bookmark useful websites to ensure you are always visiting the correct sites and subscribe to their newsletters.

Uncertainty makes us more vulnerable to scams, so Stay Alert. Yes – follow health and social distancing advice but also:

  • Protect your computers
  • Protect your data
  • Stay Alert to phishing

Make sure you and your staff are aware of the increased risk of phishing during COVID-19.

David Hewett
Managing Director
iTeam Solutions Ltd

(Source of data – IBM Cyber Security Intelligence, Microsoft and Verizon)

Covid-19 Briefing 5.10.20 and Cyber Security

What the Foreign Secretary’s Covid-19 Briefing Said About Cyber Security 

If you are as obsessed as I am about the daily Covid-19 briefings from Number 10, you’d have heard the Foreign Secretary, Dominic Raab, make specific reference to cyber security on Tuesday 5th May. As this is something in the briefings that I actually understand (for once!) I thought I would take the opportunity to discuss it. 

If you would like to read the transcript of what he said in its entirety, you can find it on the government website by searching for “Foreign Secretary’s statement on coronavirus (COVID-19): 5 May 2020”. 

Mr Raab confirmed that the government is aware that cyber criminals are targeting individuals, businesses, and other organisations by deploying Covid-19 related scams and phishing emails. He referred to ‘advanced persistent threats. These are networks of hackers using sophisticated techniques who are not specifically looking for short term gain, but instead infiltrating computer networks slowly over a long period of time. Social engineering is used in most APT attacks, a term given to when people are conned into giving out important and private information such as passwords and bank details. 

Though it is unlikely that a small business will be an initial target of a world-renowned APT, the same methods are often used by all hackers to steal passwords, data or money from individuals, businesses and organisations of all sizes and it is important to know their methods and be aware that you could be at risk. As Mr Raab went on to say, making sure people are aware of cyber threats, the steps necessary to protect themselves or mitigate the harm that could be brought against them are the most important measures that can be taken against any cyber threat.  

He announced that the UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency have published a joint warning about APTs to potential targets, specifically a warning to healthcare organisations to ensure that everyone is using a secure password, and this makes reference to ‘password spraying’ attacks where access to a large number of accounts is tried using commonly used passwords. 

It is acknowledged that cyber criminals are seeking to exploit the Covid-19 pandemic through malicious cyber activity, targeting healthcare bodies, pharmaceutical companies, research organisations, and local government and whatever the objective this activity will continue and evolve over the next few months. Although Mr Raab said that the current attacks are ‘designed to steal bulk personal data’ and are often linked with other state actorsthis does not mean that only the NHS or the government are at risk or that individuals or smaller organisations are immune. 

Mr Raab recommended that everyone takes a look at the National Cyber Security Centre (NCSC) website for practical advice to safeguard against cyber-attacks – for example the use of passwords and guidance on trusted sources of online information relating to Covid-19. There is a very good section specifically for small businesses that he didn’t mention that I would highly recommend. 

He concluded that the UK will ‘counter those who conduct cyber-attacks, work with international partners on response to cyber threats and ‘deter the gangs and the arms of state who lie behind them. Hopefully he and GCHQ will continue to do that very much behind the scenes, and we’ll never know what really goes on in that regard. 

In conclusion, the Foreign Secretary’s briefing was probably aimed at reassuring the public that major healthcare organisations and government agencies were being given special attention during the current upturn in Covid-19 related cyber attacks, but individuals and smaller business should also take note as much of the advice is relevant to them as well. 

David Hewett
Managing Director
iTeam Solutions Ltd. 

Insider Tip – logging a helpdesk ticket

Insider Tip – logging a helpdesk ticket

We are probably all doing things differently at the moment. From how we shop to how we work life has been, as we in the IT industry would say, updated! That is to say things are different and in some ways better but in some ways not.

Over the last few weeks one of the things that iTeam and other companies who provide services related to working remotely have found is a massive increase in the number of problems being logged with our helpdesk. This is to be expected, people are being asked to do things they have not done before and they need assistance in getting going with this change.

Now, logging a ticket can be a daunting thing to some people and I’d like to share a few tips on how when you log a ticket you can improve the whole experience of having your problem fixed.

Before you log the problem with someone take a few minutes to answer a couple of questions

  1. What is the desired outcome?

It might seem obvious but stop and think what it is that you actually want to happen. Once you are clear on this you can articulate this to the people that are going to help you resolve the problem. If you are clear of what you want then you will know when your problem is fixed.

  1. What is the problem?

Now you know what the goal is what is it that is stopping you getting there? Are you getting an error message, has it happened before and if so when, what is it you cannot do? Take a moment to detail these for yourself before you log the ticket so that when you need to tell someone else what the problem is you can without it causing you undue stress. As my Managing Director David Hewett is oft heard saying. “If you find out what the problem actually is you have solved it.”

OK, so now you know what you need to happen and what is stopping that, we are ready to raise this with someone that can help.

So how should we do this? There are two main options that we will find for raising a problem with the people that can fix it but which one is the right one?

  1. Phone call – this might be the obvious first choice but is it the right one? Think about your problem, is there quite a bit of information that you need to tell the person going to help you? Is it going to be easy to convey what you want to say over the phone or will it result in a lot of data entry on behalf of the person that is taking the details down? Are you sure they are going to take down the information that you have carefully put together for them when you thought through what you needed to happen and what your problem is?
  2. Email or online form – in the IT world this is where we live. Raise the problem online first by email or going to the right support portal. It lets us put in all the information we have in the way we want to present it and also it means that we have a reference of exactly what we have said rather than what the person we spoke to believes we have told them!

But, I hear you say, my problem is really really urgent and I need it fixed now. So, here is the insiders tip:

  1. Log your ticket online – in almost all circumstances you will get a ticket reference.
  2. Give it a minute or so – then pick up the phone and call in armed with your ticket number.
  3. Provide this number and you are one step ahead of the game!

I hope this helps and please let me know if you have any questions or would like to hear more little tips like this from me.

James Reed
Technical Director
iTeam Solutions Ltd

Office365 Product Name Changes

I know there’s a lot going on at the moment but just an extra thing to add into the mix of things to get your head around, Microsoft announced 3 weeks ago that they are changing the names of some of the Office 365 products – and the change is happening automatically as from 21st April 2020.

These are changes only to the names of the products and there is no change to the features or prices.

They are doing this because they have had two offerings – Office 365 and Microsoft 365 – and they are now calling some of the Office 365 products Microsoft 365.

  • Office 365 Business Essentials will become Microsoft 365 Business Basic
  • Office 365 Business Premium will become Microsoft 365 Business Standard
  • Microsoft 365 Business will become Microsoft 365 Business Premium
  • Office 365 Business will become Microsoft 365 App for Business
  • Office 365 ProPlus will become Microsoft 365 Apps for Enterprise

There is no action anyone needs to take other than to be aware that the familiar product names for these services will change.

Oddly, the E1, E2 and E3 products are not changing.

If you have any questions about Office365 please feel free to get in touch.

David Hewett
Managing Director
iTeam Solutions Ltd

Zoom Security Concerns

Zoom is a video conferencing platform that has seen a huge increase in use during the Working From Home pandemic that has swept the globe for some reason over the last few weeks. The main reason it is so popular is that it is extremely easy to use and it ‘just works’.

Zoom has its HQ in USA but was, and still is, developed in China.

You may have seen in the media articles claiming that Zoom is not secure. Security experts have concerns that the encryption built-in to Zoom is not as strong as the company claims and that there are privacy problems.

A report published on Friday 3rd April by Canadian security experts Citizen Lab goes into some detail about the problems. It’s not all about Zoombombing (more on that later) but that the security of the platform doesn’t conform to the current standards in that it is not designed using security best practices and Zoom’s own claims of how secure it is are exaggerated.

You can read the report here – https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/

The conclusion of the experts at Citizen Lab is that they would discourage the use of Zoom for the following:

  • Governments worried about espionage
  • Businesses concerned about cybercrime and industrial espionage
  • Healthcare providers handling sensitive patient information
  • Activists, lawyers, and journalists working on sensitive topics

I would agree that if you fall into any of the above categories, do not use Zoom.

If you need an alternative use Teams which is designed specifically for business use and developed and owned wholly by US company Microsoft. Most people who use Office365 already have Teams included in their subscription.

Zoom does have some features you can use to improve security and the company has promised to work on it further. You may have heard of Zoombombing. This is where someone simply guesses the meeting code and joins your meeting by chance. You can stop this by requiring a password to join (set this up when you create the meeting – people joining with a link will not need to enter the password but those joining by typing the meeting ID in manually (or guessing it) will be prompted for a password), or by locking the meeting once it is underway to stop anyone else joining (the host can go to the participants list > More > Lock meeting).

For straightforward ease of use and for (the new) normal day-to-day conversations Zoom is good enough and you can consider the claims about lack of security to apply only to those of you working as spies.

David Hewett – Managing Director – iTeam Solutions Ltd

Furloughed? Access to Work Computers.

We’ve been asked several times what companies should do when they furlough staff who have company-owned phones and laptops at home? Should they be made to switch them off for the entire time?

No, I do not agree that business devices in the possession of staff who are furloughed should be switched off for the entire time. I think that the employer has a duty to tell them that the terms of the furloughing are that they are not allowed to work. You are not going to want to have people doing helpdesk jobs, or paying the wages for instance, but they might want to occasionally check emails to keep in touch or do something in order to ensure that their job and the business stays viable and nobody in the world is going to tell them they can’t or that this is a bad idea. They might want to forward sales enquiries to someone who isn’t furloughed or take the opportunity to do some online training, research, writing – it might be something to do with the company but not their actual job. Using company assets to do this might help them perform better when they return, help with boredom and/or improve their mental health whilst they are stuck in isolation at home.

I expect each employer will take a different stance, but as long as they tell their furloughed staff that they cannot work then they have met their obligations.

It is not for us to lay down the law on what people can and cannot do, it might not even be a law but just a guideline and we do not want to be accused of what is in essence taking it all a bit too seriously when a huge dose of common sense is what is required. I firmly believe that now is not a time for pendantry

If the government tell employers that they must take every possibly step to ensure that furloughed staff cannot work or have any access to work resources or contact anyone in relation to work whatsoever my advice would be different .. but then we would be in a police state and world will already have gone to hell in a handcart.

David Hewett – Managing Director – iTeam Solutions Ltd