Tag Archive for Social media

| January 6, 2016
Comments Off on Beat Stress & Boost Happiness

Beat Stress & Boost Happiness

Beat Stress & Boost HappinessJust in time to make a New Year Resolution, interactive game, and social media site Happify has created an infographic that teaches us about stress and how we can boost happiness.

Titled ‘How to beat stress & boost happiness’, this infographic gives valuable tips on how to beat stress in easy ways while avoiding any stress-induced illnesses.

How to beat stress & boost happiness

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Health care | Tags: , , , ,
| December 15, 2015
Comments Off on Giving Safely

Giving Safely

Giving SafelyIt is the holiday season and most people want to try to be a little nicer. During the giving season, you need to stay vigilant and protect those that are not so tech-savvy from fraudsters who want to rip you off during this season of goodwill. Cyber thieves can use social networking sites and mobile devices to solicit fake donations to take advantage of your charity. Experts recommend that no matter how they reach out to you, post-office, Facebook, email, phone, or text, avoid any charity or fundraiser that:

  • ake advantage of your charityRefuses to share detailed information about its identity, mission, costs, and how the donation will be used.
  • Won’t give proof that a contribution is tax-deductible.
  • Uses a name that closely resembles that of a better-known, reputable organization.
  • Thanks you for a pledge you don’t remember making.
  • Uses high-pressure tactics like trying to get you to donate immediately, without giving you time to think about it and do your research.
  • Asks for donations in cash or asks you to wire money.
  • Offers to send a courier or overnight delivery service to collect the donation immediately.
  • Guarantees sweepstakes winnings in exchange for a contribution. (By law, you never have to give a donation to be eligible to win a sweepstakes.)

To slow down the cyber-thieves, take the following precautions to make sure your donation helps the causes you want to help and not the scammers:

  • Ask for detailed information about the charity, including name, address, and telephone number.
  • Get the exact name of the organization and do some research.
  • Call the charity. Find out if the organization is aware of the solicitation and has authorized the use of its name.
  • Check if the charity is trustworthy by contacting the
  • Keep a record of your donations.
  • Make an annual donation plan. That way, you can decide which causes to support and which reputable charities should receive your donations.
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Holidays | Tags: , , , , , , ,
| August 4, 2015
Comments Off on You Can Stop Cyber Attacks

You Can Stop Cyber Attacks

You Can Stop Cyber AttacksSeems like every week another major cyber attack is reported. Cyber attacks expose the personal details of millions of users worldwide. Companies are spending over $70 billion to fight off cyber attacks. But even with the best systems in place, hackers can still easily breach the company’s defenses if staff aren’t also being security conscious.

TIntel Security Group (aka McAfee)he Business Insider spoke with Christopher Young, general manager of Intel‘s (INTC) Security Group (aka McAfee) about cybersecurity. He told BI that employees can prevent data theft. The Intel GM says there are two things that every employee should be doing to help keep their company safe from cybercriminals.

Think before you click. That is the number one thing that every average employee in an organization can do,” Intel’s Young said.  He cites a recent Intel survey of security professionals (PDF), which found that humans are still the weakest link when it comes to an organization’s security. According to the report, successful attacks against companies most often stem from three things:

  1. humans are still the weakest linkUser errors caused by lack of awareness,
  2. Unofficial use of online services, and
  3. Using social media sites at work.

Basically, employees are clicking links they shouldn’t be, which can give attackers a way in. One way attackers get in is through the inbox. Mr. Young told BI

Emails are the number one way that attackers are getting in … They [cyber criminals] are crafting emails and attaching malicious files to those emails and their entry points into these organizations is often through tricking the average user or click on an email attachment and launch a malicious file.

employees need to be vigilant and ask questionsI recently wrote how attackers have honed their spear-phishing skills, making dangerous emails less obvious. BI says employees need to be vigilant and ask questions about all the email they receive that raises even the slightest suspicion. Intel’s Young warns staff to question every email.

You should ask why am I getting the email? Why is there a file attached to it? Why am I being asked to click on it? And you should ask all of this before clicking.

The second big thing which Business Insider recommends that employees should do to help keep their company safe is to report any suspicious emails or attachments. And if someone does click on a link or download a file that raises eyebrows, report it as soon as possible so that the company’s security team can investigate quickly. Mr. Young explains that an early alert can help contain an attack. “So if the average employee smells something they should report it.”

rb-

report any suspicious emails or attachmentsThe IT industry needs to develop a mascot like Smokey the Bear who reminds everybody that “Only You Can Prevent Forest Fires.”

Maybe we could put Clippy back to work to pop a little reminder every time you click on an email to open it.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| June 30, 2015
Comments Off on How Social Engineering Works

How Social Engineering Works

From where I sit in my Bach Seat, it isHow Social Engineering Works clear that cyber-attackers will try anything to penetrate your online security. They will even exploit human nature to get access to a firm’s digital assets. In the human world, people who exploit human nature are often called politicians, con-men, or grifters. In the digital domain, we call it social engineering. Most online attackers use some sort of social engineering to get users to do something risky.

Social engineering psychological tricks

Here is a list of 6 psychological tricks that social engineers use to trick staff.

1- Reciprocation – When people are provided with something, they tend to feel obligated and then repay the favor.

2 – Scarcity – People tend to comply when they believe something is in short supply. As an example, consider a spoof email claiming to be from a bank asking the user to comply with a request or else have their account disabled within 24 hours.

3 – Consistency –  Once targets have promised to do something, they usually stick to their promises because people do not wish to appear untrustworthy or unreliable. For example, a hacker posing as a company’s IT team could have an employee agree to abide by all security processes, then ask them to do a suspicious task supposedly in line with security requirements.

4 – Liking – Targets are more likely to comply when the social engineer is someone they like. A hacker could use charm via the phone or online to win over an unsuspecting victim.

stick to their promises5 – Authority – People tend to comply when a request comes from a figure of authority. So a targeted email to the finance team that appears to come from the CEO or company president will likely prove effective.

6 – Social validation – People tend to comply when others are doing the same thing. For example, a phishing email might look as if it’s sent to a group of employees, which makes each employee believe the message must be valid if other colleagues also received it.

Conditioned to click

An article at Help Net Security Proofpoint argues that humans are psychologically conditioned (rb- Remember Pavlov’s dogs from Pysch 101?to click on links. Cyber-criminals leverage this conditioning by designing phishing emails most likely to trigger your automatic click response.

Proofpoint says that social engineering emails are so convincing and compelling that they fool 10% of recipients into clicking on the malicious link. To put that into context a legitimate marketing department typically expects a <2% click rate on their advertising campaigns.

Steps to protect against social engineering

They offer the following suggestions to protect against social engineering phishing emails:

  1. Understand that you are not being targeted specifically, you and your machine are just collateral damage.
  2. Upgrade your computer from Windows XP (as Microsoft is no longer providing security updates to the OS) or disconnect it from the internet – it’s that dangerous.
  3. Don’t use simple predictable passwords that are easy to crack.

Businesses need to:

  1. Put in place layered security to provide an in-depth defense against the latest attacks and malware.
  2. Run awareness campaigns with your staff telling them not to click on links within social networking emails such as LinkedIn invitations. They should instead open their browser or app, log in, and manage their invites/messages from there.
  3. Deploy new technologies that combine big data security analytics with advanced malware analysis. These technologies provide predictive and click-time defense, end-to-end attack campaign insight. They also offer automated incident containment capabilities through connectors to your existing security layers.
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| June 2, 2015
Comments Off on Millennials Riskiest With Your Data

Millennials Riskiest With Your Data

Around half of the workforce will be millennials by 2020, but today they represent a bigger threat to your data. A recent report by endpoint security and management products producer Absolute Software (ABT) concludes that millennials take the most risks with your data. The report says they pose a greater risk to corporate data security than other user demographics.

Boomer vs. millennialThe findings between generational mobile security behaviors are likely to be counter-intuitive to many who assume younger generations to be more knowledgeable and more aware of security threats in mobile tech use than older generations according to FierceBigDataStephen Midgley, VP of Global Marketing at Absolute Software said;

We conducted this survey with the intention of helping enterprises better understand the current attitudes that employees have towards data security and privacy.

The presser from Absolute Software says that:

  • 64% of millennials use their employer-owned device for personal use, as opposed to 37% of baby boomers
  • Shrug it off50% of respondents believe that security is not their responsibility
  • 35% of millennials change their default settings, compared to 8% of baby boomers
  • 27% of millennials access “Not Safe For Work content, compared with only 5% of baby boomers
  • 25% of millennials believe they compromise IT security, compared with only 5% of baby boomers

rb-

The author concludes that these findings underscore why data trumps instinct or gut feeling given its counter-intuitive results. Corporate hiring and training programs and policies often focus on wComing soon to your workplacehat companies think of different worker demographics rather than on how those workers actually work. Armed with useful data such as this, hiring and training practices can be better aligned with the realities.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
« Older Entries   Recent Entries »