Search only MirroredStorage.comSearch only MirroredStorage

Testimonials

We love our clients, and our clients love us!

Category: Cyber Security

New And Urgent Bank Account Fraud Alert

Posted on by admin

Malware Strikes Again

The infamous Xenomorph Android malware, known for targeting 56 European banks in 2022, is back and in full force targeting US banks, financial institutions and cryptocurrency wallets.

The cyber security and fraud detection company ThreatFabric has called this one of the most advanced and dangerous Android malware variants they’ve seen.

This malware is being spread mostly by posing as a Chrome browser or Google Play Store update. When a user clicks on the “update,” it installs the malware designed to automate the process of accessing your online accounts and extracting and transferring funds.

Besides being alert to this scam (and you should let your spouse, partners and family know as well), you should be aware of a few ways to protect yourself:

  • Avoid links and attachments in any unsolicited e-mail. Simply previewing a document could infect your device, so never open or click on anything suspicious.
  • To update your browser, simply close it and reopen. You don’t have to download an application to update it. Furthermore, the Google Play Store app will not ask you for an update, so don’t fall for any website alert or text stating you need to download an update.

But remember, bank fraud can manifest itself in several forms, including:

  1. Phishing Scams: Cybercriminals send deceptive e-mails or messages, often impersonating trusted entities like banks or government agencies, to trick you or your employees into revealing sensitive information like login credentials. Sometimes these are facilitated by phone calls, so make sure your team is fully aware of this. The latest MGM hack happened when a hacker called the company’s IT department requesting a password reset.
  2. Check Fraud: Criminals may forge or alter your business’s checks to siphon funds from your account, making it essential for you to secure your checkbook and be careful about sharing or e-mailing your account information. You might consider going checkless to cut down on the chances of your account being hacked.
  3. Unauthorized Wire Transfers: Hackers may compromise your online banking credentials to initiate unauthorized transfers, diverting funds to their accounts.
  4. Account Takeover: Criminals may gain control of your business’s online banking accounts by exploiting weak passwords, reused passwords or security gaps, such as e-mailing your passwords to others or storing your bank password in your browser, allowing them to make unauthorized transactions.
  5. Employee Fraud: Sometimes, even employees may engage in fraudulent activities, such as embezzlement or manipulating financial records.

To protect yourself, use strong, unique passwords for your online banking accounts and never store them in your browser. Also, update your passwords monthly with significant changes to them, using uppercase and lowercase, symbols and numbers that are at least 14 to 16 characters.

Second, always turn on multifactor authentication (MFA) so you’re notified if anyone tries to log into your accounts without your knowledge.

Third, set up alerts for large withdrawals. You can ask your bank to require a physical signature for wire transfers to protect you from someone taking money from your account without your signature.

Fourth, get fraud insurance that specifically covers employee and online theft so you are protected in the event a cybercriminal steals money from your account.

And, as always, make sure you have strong cyberprotections in place for ANY device that logs into a bank account or critical application. Far too many businesses think that if their data is “in the cloud,” they are safe. Remember, your bank account is “in the cloud,” and the bank likely has a secure portal, but that doesn’t mean YOU can’t be hacked.

If you want to ensure your organization is truly secure, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, you’re due.

It’s completely free and confidential, without obligation. Voice scams are just the latest in a tsunami of threats aimed at small business owners, with the most susceptible being the ones who never “check the locks” to ensure their current IT company is doing what they should. Claim your complimentary Risk Assessment today.

Posted in Cyber SecurityLeave a Comment on New And Urgent Bank Account Fraud Alert

What to look for an email security solution

Posted on by Mirror Storage

What to look for an email security solution

An important aspect to email security is, of course, deploying a good email security solution. But, with so many available in the market, what should you be looking for when opting for an email security tool? Here are some key features you would want in your email security solution.

  • Encryption: Let’s start with the worst-case scenario. Your corporate email server is hacked. By opting for an email security solution that offers data encryption, you can ensure that the thieves are never able to read the data they stole. Data encryption is basically coding of data in a different format when it is sent and decoding it once it reaches the recipient. Without decryption keys, no one in the middle will be able to make sense of the data they access.

  • Ditch the server-based email system: In server based email systems–the kind supported by most older versions of email software (Outlook, Thunderbird, etc), the emails are stored on servers and transmitted every time the email software establishes connection with them.The newer, web-based systems offer additional security.

  • Strong filters: Make sure your email security tool has strong filtering capabilities to keep spam and malicious emails out of your inbox. Training employees to identify spam and fraudulent emails is good, but getting an email security software that keeps most of them away is even better!

  • Intelligence: When looking for an email security software, consider its artificial intelligence. According to Biztech, a leading business technology news magazine, newer anti-malware rely less on signatures of known malicious content and instead uses threat intelligence, reputation services and other near-real-time sources to pinpoint the location of threats — domains and IP and email addresses, for example to alert IT teams. Cybercriminals are getting smarter by the day, and always innovating, looking for ways to get around the anti-malwares existing in the market. You need an email security solution that can keep up with them.

The critical role played by email in your business environment and its vulnerability make it imperative that you deploy strong security solutions for your email. Reach out to a credible MSP to learn more about how you can keep your email system clean and safe.

Posted in Cyber SecurityLeave a Comment on What to look for an email security solution

Email safety: Firewalls and antivirus are great

Posted on by Mirror Storage

Email safety: Firewalls and antivirus are great, but what about your employees

The Verizon Data Breach Investigations report states that emails are the primary source of two-thirds of malware. Email is an easy target simply because there is more human touch involved in the case of emails. There’s always a stray chance that someone will end up clicking on a phishing link or downloading the wrong attachment or simply including sensitive, confidential information in an unencrypted email. The first step to securing your email systems is training your employees. Train your employees to identify harmful email messages and to be aware of your firm’s IT protocols and rules. There are 4 major ways in which your employees may end up compromising your email security. These are

    • Falling for phishing scams: These emails will appear to have come from an authentic source and urge the reader to take an action. Usually the action involves clicking on a link and/or sharing sensitive information via an online form that looks authentic. The phishing links and the webpage clone the original site so well that it is easy to mistake them for their authentic counterparts. For example- an email that looks as if it is from the IRS, asking for sensitive financial data, or an email that seems to be from the bank asking you to log into your account, etc.
    • Mistaking hacked emails to be authentic ones: These emails are actually from an authentic sender account, but their account may have been hacked. One of the ways to spot such email messages is if ‘something feels amiss’. For example, an email that’s ridden with typos, spelling and grammar errors, or if the writing style is different, or includes an unexplained instruction to download an attachment, fill a form or install a patch.
    • Not following strict password hygiene: There are 2 angles to this. First is password sharing. Sharing passwords indiscriminately puts your email systems at risk. Often, people trust their coworkers and end up sharing system or email passwords without realizing the possible consequences. Sometimes, it is just so much easier to share the password than follow the protocol. For example, Bob from sales is too busy to prepare his commission report. So, he gives his password to Lisa from accounting so she can calculate his commission for the month and Lisa shares with her team so they can work on the reports. See…before you know it 3 other people apart from Bob have access to his system including his emails!The second issue in password hygiene pertains to ignoring password basics. For example, having passwords that are too simple or obvious such as dictionary words, names, etc. or not changing passwords as recommended or having the same password for multiple accounts.
  • Exposing their own devices to safety threats and then using them for work purposes due to the BYOD environment: This is a threat brought into the picture due to the flexibility-oriented culture of the modern workplace. Businesses allow their employees to work from anywhere, using their own devices. For example, someone could be accessing and replying to an email from work, using their phone or iPad, connected to the open wifi at the mall’s food court. The risk such open networks bring to the table is unimaginable.

As discussed in the beginning of this blog, emails are a soft target because of the human element. You can organize classroom training sessions to educate your employees about your IT usage policies related to password management, use of personal devices, data sharing and internet access. You can also conduct IT drills and workshops to help your employees identify possible IT security threats and steer clear of those. If you don’t have the resources to do this, check with a MSP in your area. They might be able to help.

Posted in Cyber SecurityLeave a Comment on Email safety: Firewalls and antivirus are great

Risk assessment: A Value model

Posted on by Mirror Storage


Risk assessment means looking at all the conditions, situations and threats that exist that could damage or bring down your business. Risk assessment is all about identifying the external and internal threats that exist and measuring the likely consequences if that threat becomes reality. A data security risk assessment would identify what data you have, how you use it, how confidential it may be, how it is affected by regulations and the ways it could be compromised. A major focus of a data security assessment is cybercrime.

In terms of developing an IT staff, the alternative approach to building out a team is to determine your IT staffing needs in terms of risk assessment. That means evaluating risk and directing staffing resources to those areas where the risk is greatest and the consequences most severe. Basically, it is an evaluation on the ROI of your IT staffing in light of identified risk. In particular, what is the return on your risk management investment? The goal is to evaluate risk in light of business and operational consequences. Put simply, which point of failure leads to the most destructive consequences. Once that is determined your limited IT resources can be directed at those most critical areas.

In the short term, you can try to find the specific applicants that have what you need to plug the holes. Is that workable given the challenges to hiring? The market is very competitive.

The alternative is an MSP. Using a Managed Service provider for at least some of your most critical needs can be a very effective way of targeting your IT resources to where you are most vulnerable.

You have more freedom to move resources to where they are most needed.

Opting for an in-house IT team limits you in terms of scalability. You cannot just add or reduce the strength of your IT team anytime. Choosing a managed services provider, however, provides the flexibility to scale up or scale down your IT investment to suit your business needs.

You are better prepared for IT emergencies

Having a service contract with an MSP helps you tackle IT emergencies better because you get access to top-level IT expertise. An MSP’s core business is IT so they are naturally more knowledgeable and up-to-date when it comes to the latest IT challenges, including cybercrime. Plus, an MSP can deploy more resources if need be to solve your IT emergency, helping your business get back on its feet sooner.

You will be ahead of the curve

The IT industry is constantly evolving. The in-house IT team may find it challenging to keep up with the latest trends and norms of the IT industry as they will be caught up in managing the day-to-day IT activities at your office. Also, IT is a very broad field, and only a diverse IT team has the depth to cover all of the different areas. With an MSP, you don’t have to worry about how technology is changing. A good MSP will not only be up-to-date with the latest in tech but also advise you on what tech changes you need to make to stay ahead of the curv

The lesson for hiring IT is that you should focus resources, be they in-house or external, on the areas where your business is at highest risk from a single point of failure or a cyber attack. Not all IT needs are equal, and traditional models don’t always recognize this. A Managed Service Provider can also assist you in determining a hierarchy of your IT needs.

Posted in Cyber SecurityTagged , , , Leave a Comment on Risk assessment: A Value model

twitter feed

Stay tuned for the latest news from our twitter feed.

connect via social media

Don't forget to follow us & get in touch.

about us

Mirrored Storage was founded in 2008 and has grown from a File-based backup company to a Single Source for all of your IT needs.  We service small and medium sized businesses. Whether you are a small operation with only a few computers or a company with hundreds of employees we are ready to talk to you.

Our solutions include:

- Data Protection
- Cloud Services
- Technology Services

 We offer industry compliant solutions  Check out our SERVICES and COMPLIANCE pages.

VIDEOS

contact us

  • Location5700 Tennyson Parkway
    Suite 300
    Plano, TX 75024
  • Phone+(214) 550-0550
  • Email Contact Us