Dangers Of LinkedIn: 4 Security Features To Use TODAY

A recent report from Check Point Research revealed a shocking statistic – the Microsoft-owned business platform LinkedIn is impersonated in nearly half of all phishing attacks globally.

One of the ways scammers leverage LinkedIn to deploy their phishing attack is when they zero in on anyone seeking a new job or career change. While e-mails like “You have 1 new invitation” or “Your profile has been viewed by 63 people” can be authentic, it’s critical to verify the e-mail address it’s sent from to ensure that it’s genuinely from LinkedIn. These impersonators will send e-mails that look identical to the real ones, with links to fake LinkedIn pages that will rip off your information as soon as you enter it.

Another way cybercriminals leverage LinkedIn is by creating fake profiles and messaging people about job opportunities. Once you’re on the hook, they’ll either ask for a small payment upfront to process your application (that you’ll never see again) or send you a link to a form you must fill out that’s actually a phishing link in disguise.

LinkedIn is aware of the problem and is working on developing advanced security features to protect its users. Here are three of the current security features it has already deployed:

1. Suspicious Message Warnings – LinkedIn’s technology can detect messages from people who are attempting to take you off the platform or are saying something potentially inappropriate, and will send you a warning notification.

2. Profile Verification – This feature allows you to verify your page’s authenticity. By submitting an additional form of ID, you can get a verification badge on your profile, so anyone who looks at it knows you are who you say you are. This is a valuable feature since scammers are always looking for fresh targets and have pages that get shut down quickly, so they don’t often bother keeping information up-to-date.

3. Profile Information – This feature allows you to see the details of a person’s profile to help you determine whether or not to respond to a message, accept a connection request, trust an offer, etc. Under your profile, if you click “More” and select “About this profile” from the drop-down menu, you’ll see information like:

● When the profile was created.
● When the profile was last updated.
● Whether the member has verified a phone number.
● Whether the member has a work e-mail associated with their account.

4. AI-Generated Profile Picture Detection – Scammers will use AI to generate realistic profile pictures of fake people to create fake profiles used to scam users. Scarily, LinkedIn’s research showed that users were generally unable to visually distinguish real faces from these synthetically generated ones. As a result, LinkedIn partnered with Academia to develop and deploy advanced detection features that allow LinkedIn to detect AI-generated profile pictures and shut down their profiles before they cause problems.

Do you use LinkedIn to find jobs, employees or clients? It’s a great resource for business, but it’s important to stay secure. However, LinkedIn’s features are just the first line of defense. If someone in your organization were to fall for a scam and click a bad link, would your internal security solutions be enough to protect your network?

We can help you find out. We’ll do a FREE Security Risk Assessment to help you determine if your network is vulnerable to any type of attack. To book yours, call us at 480-464-0202

Travel Smart: Essential Cybersecurity Practices For A Hack-Free Vacation 

Summer is a popular time for business owners and employees to step out of the office and take a well-deserved vacation. Even if their “out of office” e-mail responder is active, many people will periodically check in on work at least once while traveling. Unfortunately, studies show that working outside of the office – whether it’s a few simple check-ins on vacation, connecting to the Internet at a local coffee shop or even business travelers out on work trips – can lead to major cybersecurity issues. If you or your employees will be answering urgent e-mails from the airport or accessing network documents in the hotel lobby, it’s essential to maintain strong cybersecurity best practices to avoid exposing the company’s network to hackers preying nearby. 

In this blog post, we’ll cover what cybersecurity best practices are necessary for you to take before and during any trip to keep your network secure from hackers.  

 

Why Cybersecurity Matters While Traveling 

Cybersecurity might not be at the top of your vacation checklist, but ignoring it can turn your dream getaway into a horrible nightmare. Cybercriminals know summer is a prime time to attack because people are more likely to let their guard down while on vacation. For most vacationers, the focus is on enjoying time out of the office instead of ensuring they’re following cybersecurity best practices, making them an easy target for hackers. 

To minimize the risk of a cyberattack while traveling, here are a few best practices to cover with anyone on your team who might connect to the Internet while on vacation. 

 

Before you go: 

  1. Back up your data – If your device gets lost or ruined, you’ll want a copy of your data available to be restored. 
  2. Update your software Make sure your operating system software, web browsers and apps have all been updated to the latest version. Outdated software can impact your device’s ability to defend against malware. 
  3. Protect your devices You should always lock your device using a PIN, passcode, fingerprint or facial recognition feature, but if you don’t already, set this up before traveling. If you leave your device unattended and someone attempts to access it, they will have full access to your private information if it’s not locked. 
  4. Enable “Find My Phone” This feature will allow you to locate your device if you lose it, but it also gives you the power to remotely wipe data or disable the device if it falls into the wrong hands.
     

While traveling: 

  1. Use a Virtual Private Network (VPN) – A VPN encrypts your Internet connection, ensuring your data is secure even when you use public WiFi networks. Before you leave, set up a VPN on your devices and use it whenever you access the Internet.
  2. Don’t connect to public WiFi – While public WiFi offers convenience, these networks can be a hotspot for cybercriminal activity. Avoid unprotected networks whenever possible. (Yes, that means no checking your e-mail on the beach unless you have a VPN!)
  3. Manage location services – Location tools are useful for navigating new places but can also expose your location to criminals. Turn off location services when you’re not actively using that feature, and consider limiting how you share your location on social media.
  4. Enable Multifactor Authentication (MFA) – MFA adds an extra layer of security to your accounts by requiring a second verification form, such as a text message code, authenticator code or fingerprint scan. This feature should be enabled for all accounts containing sensitive information before leaving your house.
  5. Disable auto-connect features – Some devices automatically seek and connect to available wireless networks. These features can give cybercriminals access to your devices if you connect to the wrong network. Disable this option so you only connect to wireless and Bluetooth networks you know and trust. 

You should be able to relax on vacation. Taking these simple precautions can help you keep your device secure so you can enjoy your time off and don’t have to worry about dealing with cyber issues when you get back to work.  

However, it’s important to know that these steps aren’t fail-proof. To truly ensure that your company’s cybersecurity measures are up to standard, it’s important to work with a professional IT team that can monitor your network 24/7, patch any vulnerabilities that pop up (which happens regularly) and alert you if something seems suspicious. 

To help you prepare for your vacation and have peace of mind knowing your business is secure while you or your employees are working remotely, call us at 480-464-0202 or click here to schedule a FREE IT Security Risk Assessment with our cybersecurity experts today. We’ll evaluate your current cybersecurity solutions, identify potential vulnerabilities and help you implement a strategic security plan to keep your company safe. 

Massive Layoffs In 2024 Create A Serious Threat To Your Cybersecurity

The massive wave of layoffs in 2024 brings a cybersecurity threat that most business owners aren’t focusing on – offboarding employees. Even big-time brands that you would expect to have top-of-the-line cybersecurity systems, processes and procedures in place fail to adequately protect themselves from insider threats. This August marks a year since two disgruntled Tesla employees went rogue after being let go and exposed the personal information – including names, addresses, phone numbers and even the Social Security numbers – of over 75,000 people, including employees.

And, of course, the issue is expected to get worse. According to NerdWallet, as of May 24, 2024, 298 US-based tech companies have laid off 84,600 workers and counting. This includes major layoffs at big companies like Amazon, Google and Microsoft, as well as smaller tech start-ups. In total, around 257,254 jobs were eliminated in the first quarter of 2024 alone.

Whether or not you’ll need to downsize your team this year, having a proper offboarding process in place is essential to every business, big or small, because it’s more than a routine administrative task – it’s a critical security precaution. Failing to revoke access for former employees can lead to serious business and legal implications later.
Some of those issues include:

● Theft Of Intellectual Property – Employees can sneak away with YOUR company’s files, client data and confidential information stored on personal devices, as well as retain access to cloud-based applications like social media sites and file-sharing sites (Dropbox or OneDrive, for example) that your IT department doesn’t know about or forgets to change the password to.

A study by Osterman Research revealed that 69% of businesses experience data loss due to employee turnover, and 87% of employees who leave take data with them. Most often, the information you worked hard to gather is sold to competitors, used by them when they’re hired by the competition or used by the former employee to BECOME a competitor. Any way you cut it, it screws YOU.

Compliance Violations – Failing to revoke access privileges and remove employees from authorized user lists can register you as noncompliant in heavily regulated industries. This simple mistake can result in large fines, hefty penalties and, in some cases, legal consequences.

They DELETE Everything – If an employee feels unfairly laid-off and retains access to their accounts, they could easily delete ALL of their e-mails and any critical files they can get their hands on. If that data isn’t backed up, you will lose it ALL.

And for those thinking, “I’ll sue them!” Rightfully so, but even if you do sue them and win, the hard reality is that the legal costs, time wasted on the lawsuit and recovering the data, plus the aggravation and distraction of dealing with it all, are greater costs than what you might get awarded if you win the lawsuit and might collect in damages.

Data Breach – This could be the most terrifying of all. Unhappy employees who feel they have been wronged can make you the star of the next devastating data breach headline and incur a costly lawsuit to go with it. It could be as simple as making one click and downloading, exposing or modifying your clients’ or employees’ private information, financial records or even trade secrets.

Do you have an airtight offboarding process to curb these risks? Chances are you don’t. A 2024 study by Wing revealed that one out of five organizations has indications that some of their former users were not properly offboarded, and those are the people who were astute enough to detect it.
How DO you properly offboard an employee?

● Implement The Principle Of Least Privilege – Successful offboarding starts with proper onboarding. New employees should ONLY be given access to the files and programs they need to do their jobs. This should be meticulously documented to make offboarding easier.

● Leverage Automation – Your IT team can help use automation to streamline revoking access to multiple software applications simultaneously, saving time and resources while reducing the likelihood of manual errors.

● Implement Continuous Monitoring – You can implement software that tracks who is doing what and where on the company network. This can help you identify suspicious behavior by an unauthorized user and help you determine if a former employee retains access to private accounts.

These are only a few ways your IT team can help improve your offboarding process to make it more efficient and secure.

Insider threats can be devastating, and if you think this can’t happen to you, think again. You have to be proactive in protecting your organization.

To find out if any gaps in your offboarding process expose you to theft or a data breach, our team will do a free, in-depth risk assessment to help you resolve it. Call us at 480-464-0202

Frustrated With BAD Tech Support? You’re Not Alone

A recent stream of Reddit comments emerged detailing a series of poor customer service experiences with tech support. While I typically try to stay clear of Reddit and its gang of chronic whiny-pants commenters, I scrolled through a few, you know, for research purposes since I’m in the industry. A few of the complaints sounded so outlandish – like the lady who claimed the technician took a bathroom break in her attic – that it almost seemed impossible they could be true. However, other more common issues on the thread I’ve experienced myself, and to be candid with you, they sucked!

When you are experiencing a tech emergency – be it a broken printer, hardware malfunctions, Internet connectivity issues, login troubles or something similar – poor tech support only worsens the irritation. It leaves you with frustrated employees who can’t efficiently get their jobs done because they’re troubleshooting their tech and on hold with an IT company that is “looking into it” and irritated customers who just want a smooth process when dealing with your organization.

This can result in losing customers and A-player employees to your competitors that don’t have these same daily issues. At first, it might seem dramatic that a few unresolved “tech issues” could cause such a stir, but as these problems continue to repeat themselves, with no solution in sight, resentment grows and will eventually result in these people seeking organizations that don’t have to deal with such headaches.

What can you do to get ahead of the problem? Start by polling your employees. Ask them questions that will help you “grade” your current IT company to see if they’re dealing with your team as fast and efficiently as they should. Here are a few questions to ask:

1. Do you experience any recurring technical problems that haven’t been fully resolved? If so, what are they?
2. How would you rate the response time of the IT support team when you encounter a technical issue?
3. Have you found the IT support team to be knowledgeable and helpful in resolving your issues?
4. Do you feel that the IT company communicates effectively and keeps you informed about the status of your requests?
5. How would you describe your overall satisfaction with the support provided by our IT company?

These questions take only a few minutes to answer and can help you gain valuable insight into whether or not your current IT team is properly handling issues or if there is trouble brewing within your organization that you weren’t aware of.

If you would like to see what good IT support actually looks like, we’ll do TWO FREE hours of support for your organization.

Here are SOME of the ways you could use your time with us:

● Diagnose any computer network problem you are experiencing.
● Check your network’s security against hacker attacks and viruses.
● Scan and review spyware.
● Check your network backup system to make sure it is working properly.
● Diagnose slow, unstable PCs.
● Have us conduct our proprietary 57-point IT Systems Security And Performance Assessment.
● Discuss a project or upgrade you are considering, or even get a second opinion on a quote you received.

To get started, give our team a call at 480-464-0202.