A phishing email is the general term for an email that requests for you to click a link, open a document, or provide person/corporate information. The results o fa successful phishing attack could mean stolen identities or credit card information, compromised passwords, malware infection (including ransomware), and various other problems.
How Do You Avoid Becoming a Phishing Victim?
INSI offers many useful tools to help protect your company from phishing, such as spam filters, antivirus software, firewalls, and data backups. All of these tools are critical in the defense against phishing. However, thees resources alone cannot prevent all attempts from reaching users. Ultimately, everyone must be educated and vigilant!
What to Look for in an Email?
Your end users must be trained and tested on how to identify phishing emails. Following are the most common clues:
Make sure you know the sender. Also ensure that the sender’s name matches their email address.
Be wary when the subject is not clear. Usually phishing emails are known to have oddities in the subject lines.
Check to see who the greeting is directed toward. A generic greeting is a sign of phishing.
One of the single biggest red flags is if the email insists on urgent action. Cyber-criminals know that panicked users will be more likely to click on a dangerous link.
Never click on a link that claims it will redirect you to the company website as these links can actually send you to a fake website and trick you into giving your username and password.
Most professional companies will review their emails so that they will not often contain spelling or grammatical mistakes. Take another look if you see many simple errors.
If you know the sender, ask yourself if the language used sounds like the person you know. Look for a writing sytle inconsistent with how that person usually communicates.
Ensure all attachments are clearly named. Many phishing emails use obscure or generic names to pique curiosity and encourage the recipient to open the attachment.
Now Let’s Take a Look at Some Real Examples!
Don’t Be Afraid to Ask the Sender!
When I am unsure if it is a phishing email, I call the person directly and ask them if they sent it to me. Sometimes I reply to the email with the same question. I have found people do not get offended and they are more than happy to answer this simple question.
INSI Security Package
INSI’s Security Package includes a phishing email to all your employees. We track who clicks on the email to determine who needs addition training on cyber security. This package also includes security audit, network security vulnerability assessment, semi-annual security check, biannual penetration test, quarterly security checks, staff training, antivirus monitoring, web content filtering, web protection, spam protection, and 24X7X365 monitoring and response.
We have multiple other managed security options available to meet all your needs.
When In Doubt – Let Us Know
This post is part of the INSI Awareness Campaign that is designed to keep our clients protected and informed. If you are concerned about a phishing email, please do not hesitate to contact our helpdesk at 770-387-2424 before opening it. Our engineers are more than happy to check it out and make sure it is safe. After all, we are here to serve you!
In 2020 Microsoft Windows 7, Windows 8.1, Office 10, and certain versions of Windows 10 will reach the Microsoft end of life. Likewise, in 2019 60% of all hacks were a result of unapplied patches according to ServiceNow. As a result, this combination greatly increases SMBs risk of being hacked. For instance, there will be no new:
free or paid assisted support options
online technical content.
Accordingly, Microsoft end of life products create an open playground for hackers. I expect them to exploit these vulnerabilities and we will see a huge increase in security breaches in 2020. For this reason, it is most dangerous for SMB because they are notorious for holding on to Microsoft end of life products.
Microsoft End of Life Financial Cost
Security threats have been on the rise over the past five years. Add to that unsupported Microsoft end of life products, and you have absolute chaos. As a result, once a hacker finds a vulnerability, they quickly embed themselves in the system. First, they establish a foothold in the system. Second, they analyze the environment. Third, the install malware.
Finally, once the hacker downloads malware on your system, they can easily collect information, intercept traffic, and scan devices. Most concerning, the average breach goes undetected for 276 days. That is nine months during which a hacker is peaking around and stealing your valuable information without your knowledge. Subsequently, you should ask yourself what type of information on your system they can exploit. Is it intellectual property? HR information? Banking information? Client information? In the end, all these things have monetary value. For instance, they can keep you from accessing your own information. Moreover, they can seize your information and sell it. Both can cause a serious financial crisis.
Steps to Protect Yourself
There are many reasons why a company will hold off on updating their software and reach Microsoft end of life. However, there is a solution for each one. First, some hold off due to cost. Second, is the pain associated with change. Third, is compatibility issues with legacy software.
Cost – Cost can be a major factor in upgrading system software. Today, you have more options than ever before. For example, if you provider has the right connections, Office 365 can be billed out monthly. You can also lease the software and labor installation to spread out the cost over several years.
Change – Downtime can be a major detriment to operations. A mature IT organization knows how to plan for this. Most updates can be done at night or over the weekend. In addition, a quality MSP will have an engineer readily available on the go live date.
Custom Legacy Software Compatibility Issues – Your custom software may not work with new operating systems or office products. However, there are many affordable programs available in the market today. Start looking at your options today.
At the end of the day, upgrading your Microsoft end of life software does not have to be hard. If it is done right, your MSP will know the proper steps to make the transition smooth for both you and your end users.
In conclusion, if you have Microsoft Windows 7, and Windows 8.1, Office 10, and Windows 10, it’s time to upgrade or risk being the next cyber security target. INSI can help. In fact, we can help you plan in advance so you will never find yourself in this situation again. Moreover, we will help prepare for the inevitable by planning for warranty expiration and end of life software products. If you want to take control of your technology expenses, call INSI today at 770-387-2424. A seasoned consultant will help you through the process. Call now.
Register here to gain access to the webinar and watch at your own convenience.
Deborah Frazier covers the 6th chapter of her book, IT Outsourcing Secrets. This packed 30-minute presentation shows how IT support providers trap their clients. First, they make it too costly to leave. Second, they make it to difficult to cancel. Most importantly, she helps the viewer stay in control with alternate solutions.
IT Outsourcing SecretsChapter 1 – How to Determine the IT Maturity Level of the IT Support Organization
Oh, the games IT support companies will play. In my nearly 20 years of selling IT support services in Atlanta, I think I have seen it all. I have seen wonderful service where I felt proud to be in this industry. On other days, I truly ached for business owners held captive by their IT support provider.
So how do you keep from becoming the next victim? It is my intent to equip you with the right knowledge so you can make informed decisions.
If you are reading this book, it is likely because you have fallen victim to one of the traps listed herein, and you are looking for a new IT support company. In fact, you may have already gone through countless IT support companies who either failed in service, or the invoicing was not what you expected. Whatever the reason, you will be glad you picked up this book.
I often use the illustration of the elephant and the rope as an example of how people view IT support models. I explain that when the elephant is a young calf, the trainer will tie them to a stick in the ground by a rope to keep them from wondering off. As hard as the calf tries, he cannot get free. Over time, the young calf learns to accept that he cannot get away. Even as he grows up to be a big strong elephant, he never questions the strength of the rope – so he doesn’t even try to get free. As an SMB you may have fallen into the same trap. You know the IT support options as:
Independent contractor (ad hoc)
Hybrid – Internal and outsource
Blocks of hours
Use it or lose it
Flat rate (per device or per seat)
Yet, I am going to help you view IT support from a brand new angle. I am going to have you question everything you have been taught and expose the truth about these models and practices so you can make informed decisions. I will even give you an RFP tool to compare companies at the end.
Putting the IT Support industry to the test
Recently I conducted a survey with some industry leaders in various fields. They came from healthcare, retail, manufacturing, finance, and construction. They held titles of CFO, CIO, IT Director, IT Analyst, Controller, and Operations Director. They are the decision makers for IT support in their companies, ranging in size from 200 to 11,000 users. These are highly successful individuals who started off in SMBs and rose up through the ranks due to their accomplishments. I admire them as they really know their business and have a lot of insight from small business to enterprise companies. So, when the time came, I was really excited to put my solution to the test. (Note: They are not my clients.)
I gave each of them a scenario in which they were a small business decision maker looking for a new IT support company. They were required to gather three quotes. They received one referral, but they still needed to find two more IT companies on the web. I asked them to tell me which websites intrigued them, which ones stood out over the others, and which ones they would choose to call.
I am really blessed, because each one of the participants took this task very seriously and spent hours on this survey. Maybe it is because we have years of experience networking together, but it still really impressed me. I asked each one to be brutally honest with me and find the good qualities in each competitor. They googled “IT Support,” “IT Atlanta,” “MSP,” and “Managed Services.”
The results of the competing websites were disappointing and brought about a lot of feelings of frustration. They just couldn’t narrow them down with any confidence. Why? The competitor’s websites ALL (I can’t stress “all” enough) stated in one way or another that they were “the best,” they were “responsive,” and they “listened” – as though their competitors didn’t. Yet, they all claimed the same thing. They showed their service offerings (which were mostly the same), and some showed the industries they served. Some had scare tactics, while others mentioned pain points, but they all had very much the same message – “we are the best, we listen, and we are highly responsive.” So, how does one choose from that? Even if it was all referrals, they all look alike and talk alike.
I then asked them to look at my company’s website section “MSP Industry Secrets”, which shares a hint of the information found in this book. It truly resonated with what the participants have experienced in the past. They shared countless stories with me of bad service and unpredictable invoices. As they shared their experiences, I could easily identify what plan they were on, why they had those particular issues, and what could have been done to prevent it. Hence the motivation for this book.
Yes, the people that took the IT survey had been through it all over the years. So, this made me think, if it is so hard to compare online, how does a company choose whom to call? Is it just a roulette game? Do you ever know if you actually picked the right company to meet with off of the Internet? What if the last five IT support companies you worked with were referrals, can you ever trust anyone’s recommendation again?
It is my belief that you will never be disappointed if you know exactly what you are getting into. Every IT support plan does have its place, and each plan has its pros and cons. It is up to you, the client, to decide what you are willing to tolerate and what you are not. So, what you really need is a way to make sense of it all, to set your own expectations, and not rely on what the salesperson claims, but on what you see under the covers. After all, I have seen several salespeople and engineers outright lie to save a deal. Let’s get you armed so this doesn’t happen to you!
You are different, and your solution should be too.
I have consulted with over a thousand SMB prospects throughout the nearly 20 years I have been in this business. I know that each one of them is different. They each have their own systems, devices, network infrastructure, applications, workflow, goals, internal resources, culture, and the list goes on and on. It would be unusual for any two companies to be the exact same in all respects. So, the last thing I want to do is assume that you are just like XYZ company we worked with down the street who was in the same industry with multiple locations. Or, that the solution is going to be the exact same for you. Further, I have never met a business owner, or leader of any size company, who claimed they were just like anyone else. They all realized their individual talent or product. So, I personally find it insulting when a sales “consultant” makes assumptions rather than listens.
No. Information technology (IT) is complicated. Consulting businesses on how to use their technology should be unique to their own goals and so should their IT support program. Assuming everyone is the same and needs the same support is idiotic. So, my goal was to ask as many questions as possible and find the right solution for them.
So, what do you need? You need someone who will wrap a solution around your needs and internal IT strengths. “One size fits all” is not going to work. A “one size fits all” package will deliver services you don’t need, you will overpay for what you actually want, AND (most importantly) you will overpay for the skillset you are actually using. (You will learn more about this in Chapter 2.)
It is what you don’t know about IT Support companies that is keeping you from making the right decision.
You need to learn how to look under the covers and understand if they have the capabilities to deliver the services you need, and they claim to have. Where do we start? Let’s look at the basics first. As we mentioned earlier, everyone will claim they are the best. So how do you differentiate them? You need to understand where they are in their IT maturity.
Determine the IT support company’s IT maturity level
Is the IT maturity level measured in years, processes, experience, or a combination? My company, INSI, has been in business for over 24 years (1995). My previous company was in business for 21 years (1998) and grew to be one of the largest SMB IT support providers in the United States – before they sold and started focusing on the Fortune 500. I know of a competitor that has been in business for 27 years, and they can’t get over the hump – they grow to 45 people and drop back down to 16 – over and over again because of shady practices. I have also seen newcomers pop up out of nowhere and take the IT support industry by storm in a very short period of time. Why? Because they had the processes and IT maturity level to make it work.
Let’s face it, in this industry there are so many “fly by night” companies. We have so many bright and intelligent engineers that do not know the first thing about business. They are sooooooo good at what they do, and if they have the right tools, resources, and processes to support them, they would do quite well. But I must tell you that starting an IT support company is expensive, and it takes years before they make a profit. The engineers know the right concepts, but without the tools they can’t measure up. So, when they start their own business, they try to get by on a shoestring budget believing they are so smart that their clients will put up with it. They find the cheapest tools to manage, monitor, and support their clients, but in the end, the client gets cheap results. So, if you are wondering why your service levels are not consistent – this is likely one of the root causes!
Measuring the maturity level of an IT support organization
There are several models to help determine how far along an organization is in their IT capabilities. Recently, Gartner developed a self-assessment tool for organizations to measure their level of maturity with regard to infrastructure & operations.
The levels include the following:
As you can see, the more mature the organization is, the better the service you will receive. Level 3 is just the beginning of a mature organization. It is imperative to understand what stage the provider is at in the IT maturity model. I have outlined some key indicators that will allow you to look under the covers and understand where they are in the maturity model. It all boils down to three pillars of success and how they transfer them into a mechanism for continuous improvement.
Know the three pillars of a successful MSP – technology, people, and processes.
I have many friends in the industry who believe the MSP days are numbered as everything moves to the cloud. Yet, there will always be mischievous people who spread computer viruses, hackers, glitches in updates and patches, connectivity issues, and technology-impaired end users among a plethora of other issues. Hosting can take care of a lot of this, but for the immediate future it is not self-sustaining.
Yes, for the immediate future you will need people to support your technology, and they will need the right tools, resources, and processes to be successful. Let’s discuss the technology aspect first.
Buy the book to see the rest of this chapter.
IT Outsourcing Secrets will be available in bookstores in 3-6 weeks. The book will be available in print or e-book through multiple channels including Amazon and Barnes & Noble. If you would like to be put on the waiting list, please contact Deborah Frazier at email@example.com.