A phony crisis in London

Today I had the pleasure of meeting Dr Randi Lou Franklin. She is the owner of Inter-Lingua a firm that provides translation and interpretation services for many languages and specializes in medical, technical and engineering. I lost track of how many languages she speaks, oh and she’s a lawyer too. Smart woman. She’s got a bunch of employees with experience in various fields.

She also writes a blog on dBusiness.com and related a story for me about the day she was hacked. She blogged it too. It’s called A Phony Crisis in London and recounts the day malware sent a message to every email address it discovered in her computer telling everyone she knew that she was in London, her wallet and ID stolen and needed them to wire her some money to the hotel so she could get home. Guess what? In her line of business this is a plausible story! The bad guys had set up an account to collect money from her concerned friends and business associates. You can read the whole blog here: http://www.dbusiness.com/Blogs/Annual-2010/A-Phony-Crisis-in-ldquoLondon-rdquo/

This is a prime example of how hacking works these days. They aren’t after the vast wealth and International secrets contained in your business. They are after your money. This is why we’re such pests when it comes to anti-virus software, good firewalls, Internet use monitoring and protecting inbound access to your network. These guys are smart, very smart.

So what could Randi Lou have done? First off she uses aol.com for e-mail (has for years and doesn’t want to change). But the fact that this is public email is a problem. If she used a business email client, then we could restrict outbound e-mail. We could scan it for suspicious content, malware and virus. We could make sure it is only delivered from her office to our filtering service and no where else, where it would have been caught. Of course nothing is 100% but we can get close and that will keep your business from a similar embarrassment.

Thank you Randi Lou for being so honest and providing your experiences in writing for everyone to learn from. A person that can learn from their mistake is the most intelligent kind.

The future is revealed

I spent last week representing Harbor Computer Services at the world-wide partner conference where we were honored with the Small Business Specialist of the Year Award. We beat out 3,000 eligible companies world wide. I want to thank all of our customers for making our job challenging and for being such amazing business owners. While my peers had up to 50% of their clients go belly up in the recession, because of your amazing business skills we didn’t lose a single one. In fact a loss of clients was so common that the very next question out of everyone's mouth after the obligatory handshake was “what percentage of clients did you lose last year?” Seriously, I was shocked. I believe that if we are all doing our jobs working toward the common goal of making your business the best it can be that we will not only survive but thrive. In 2008 we started our program of offering you free meetings so that we can play our role better in helping you make good decisions and make sure that we are all reaching for the same goal. Since that time I’ve spent a good deal of my days in meetings. I’ve decided that we’re going to keep doing that. Free meetings are now a permanent part of our contracts.

At the WPC Microsoft trots out its vision of the future and tries to convince partners to go along with it. Some are resistant to the major shift in technology that is upon us and to that Steve Ballmer, CEO of Microsoft (Bill Gates replacement) literally said “blah, blah, blah” during his keynote. The interpretation of blah, blah, blah, is get over it, quit complaining, the tech world is changing. He angered a bunch of people. Honestly because of our close relationship with the small business server development team and others within Microsoft nothing was said that surprised me. We’re very fortunate to know what the future holds before it gets here.

The tech world is indeed changing. Pretty much all software is now being designed to run “in the cloud”. Which is to say on someone else's server, sitting who knows where and managed by who knows whom. There are two things I am certain of when it comes to cloud based software:

1. Software hosting companies have not cornered the market on great IT people.
2. Not all clouds are the same.

Because of this we know that mistakes will be made by these software hosting companies, servers will go down, personal information will be hacked and data will be lost. The trick is going to be chose your cloud carefully and remain in control of your data. We are offering some cloud based software now and we will offer more in the future. As always our concern will be for your business, your data, and your security. The cloud is an opportunity, not an answer and the secret to opportunity is to grab it and make it work for you. What we all know is we can’t fight change. To those that do, we’re with Mr Ballmer, blah, blah, blah. We will make change work for you.

Exchange Defender has New Features

If you are using our Exchange Defender service you should be aware of the standard feature set. However new features have been added that you may not have heard about yet and you may have forgotten about some of very useful things it can do now.

Old Features Reminder

• Live Archive: Live Archive is your ability to access your email live at anytime from anywhere when your server is down, your office has no power or no Internet. Just go home, or over to Panera and login into the service.
• Flexible Spam Reports: Set the time of day you want to receive your spam quarantine report, or have it delivered multiple times each day.
• Spam quarantine Outlook integration: Install a toolbar in Outlook, click it to view your spam quarantine anytime on demand.
• Pop-up spam alert: Get an instant alert pop-up in your system tray that a message has been quarantined, click it to view. Note, use cautiously this can be very annoying.
• Unlimited email aliases at no cost: If you receive email to dave, david, accounting and taxes, you still only pay for one anti-spam account.
• Anti-Virus and Anti-Phishing: Incoming and outgoing email are scanned for both virus and phishing attempts before delivery.
• Attachment Scanning: Attachments are scanned before delivery and identified for alien content.
• Disclaimer: A disclaimer can be stamped to the bottom of every outgoing message. No need to configure Outlook or depend on signatures.

Lots of New Features

• Web Filtering: Central management of web filters by category. Agent based so even roaming laptops remain protected and their users productive.
• File Transfer: Need to send a file to someone that is too big for their email system? Consider it done. Simple, no FTP server required. Data transfer is encrypted too. Have a standard document that you often need to send? Save it to your file library for easy access.
• Policy Based Email Encryption: Policies can be set so that email sent to particular addresses will always be sent as encrypted email. Required for certain compliance.
• On-Demand Email Encryption: You can send an encrypted email to anyone right now. Just specify it in the subject line and the mail will be securely delivered to them. Required for certain compliance.
• Spam Quarantine Report Improvements: Hover over an email in the spam report and see a snap shot of what is in that email without requesting delivery. Is it what you think it is? Do you need it delivered? Find out before releasing it.

Our staff can show you how to use these features. They are all very simple. The policy based features we will configure for you after determining your needs. I will be doing a webinar soon to demonstrate each feature.

How to Detect a Phishing Email

Our anti-spam filters do a pretty good job of keeping junk out of your email box. But filtering is a cat and mouse game. The scammers and spammers want to get their message to you and work night and day to figure out how to get around filters. The good guys want to keep them out and work night and day to block the latest clever way to thwart their filters. This means that every once and while something is going to get through. This week a few phishing messages got through.

These guys works really hard to make sure that their scam mail looks as close as possible to the real thing. So there will be elements that are correct. I have highlighted those in yellow. There are areas that are wrong too, I have circled those in red.

 

What’s Wrong?

A Friend has sent you a Hallmark E-Card: This should read, Amy Babinchak has sent you a Hallmark E-Card. It should not be generic. It should list the full name of the person or organization sending you the card.

The second item is more insidious and it is where the poison pill is located. Look at what happens when I move my cursor over the URL.

URL’s highlighted in blue are not really web links even though they look like them. They are just blue underlined text to indicate that you can click here and they themselves are linked to an underlying URL. The underlying URL is exposed in Outlook by moving your mouse cursor over it (just don’t click) and a little message box will appear. The message box will show you what will really happen if you click. In this case, if I click a web server in Russia (.ru) will download and run a program on my computer (.exe). This would infect my computer with an application that will scan my computer for credit card numbers and social security numbers. It might even uninstall itself after it is done. They are getting smarter all the time.

As always be careful out there and keep a sharp eye out for phishing scams. If you are using our partner Exchange Defender and you get a phishing email send it to spam@ownwebnow.com so they can analyze how it got through. You won’t get a response but you will help it from getting through again.