ICU IT

Everything You Need to Know About Phishing

admin — Mon, 18 Mar 2024 10:25:11 +0000

Phishing is a term that you hear a lot these days and that’s because it’s a new and efficient way for scammers to get our personal information and sensitive data. Gone are the days where you receive dodgy-looking letters through the post claiming that you’ve won a sum of money, instead, you’ll get an email or a phone call claiming the same thing. But seeing as it’s still a new term, we’ll be explaining everything you need to know about phishing, including what it is, how it works and how to spot a phishing scam.

What is phishing?

Phishing is a term given to online scams. Usually, phishing is carried out over email, but there are other correspondence that you could receive that are highly-suspicious. Other ways in which scammers could get in touch with you, aside from emailing you, would be: phone calls, text messages.

Social media messaging or through online applications. The aim of phishing is to gather as much personal data on you as possible, with the sole goal being to steal either your money or your identity, or both. They will prey on both domestic and commercial internet users, but spotting a phishing scam is straightforward in both capacities, something we’ll discuss later on in this article.

Why is it called ‘phishing’?

The term ‘phishing’ is a derivative of ‘fishing’, simply because when one goes out fishing, they’re hoping that a fish will take the bait at the end of their hook. They need to make that bait look as tasty and as interesting as possible in order for the fish to bite. This is essentially what the scammers are doing through their emails, text messages, phone calls and more. Most people will ignore scam correspondence, but it only takes a few people to take the bait for a scammer to come away with a considerable amount of money that has been, effectively, stolen.

How does a phishing attack work?

As we’ve already discussed the origin of the name ‘phishing’, let’s now discuss how it works. Much like when catching fish, you need some bait to get a bite. This is what scammers are doing, digitally, to recipients of scam emails, texts and other correspondence, including physical letters, although these are less common in this day and age.

A scammer needs to have a hook in which for you to grab hold of. This usually comes in the form of something that is too good to be true, such as winning the lottery, or to scare you, such as claiming that you’ll be sent to prison if you do not pay the tax you owe. They prey on those who will fall for these scams by taking advantage of their emotions in the moment.

Once you have taken the bait, in order to claim your lottery winnings or to pay the tax you owe so that you don’t go to prison, you’ll be asked to part with a range of personal information. It could include all of the following things or a few things on the list below. Either way, when armed with your sensitive data, they’ll be able to hack your online accounts, including your bank account. That sensitive data could include some or all of the following:

Your name
Your date of birth
Your address
You account username
The password to your account
Your bank details
Your debit or credit card information

What are the consequences of phishing attacks?

It’s difficult to know absolutely the true cost of phishing scams in the UK. There are likely to be hundreds, if not thousands, of people across the country who have lost money to phishing scams who have not come forward and reported their experience. Whether this is down to embarrassment or lack of motivation, it makes it hard to put an exact figure on the amount that Brits have lost to online scams.

However, according to IT Governance, 6 in 10 mid-sized organisations across the country have fallen for phishing scams, resulting in an average loss of around £245,000 in 2023 so far alone. Venari Security states that, in 2023, organisations across Britain lose around £150 for every piece of information stolen through a phishing scam.

More worryingly, IT Governance claims that the average wire transfer attempt made in BEC attacks was around £76,000 on average in 2023, which is a considerable sum of money that is ending up in the pockets of criminals. This significant financial loss can have detrimental effects on the running of their business, the lives of their employees and their reputation as a whole.

Phishing attacks: the signs to look for

It’s important that everyone knows what to look for in order to spot a phishing scam. This will reduce the amount of people who, unfortunately, fall victim to phishing scams. We’ve already touched upon the consequences of phishing scams and emails, so protect yourself and others around you by looking out for the following signs and share them with other people so that they know what to look out for as well:

Poor spelling & grammar

Phishing emails and other scam content will have been written quickly or through the use of AI writing software. This often leads to basic errors being made in both spelling and grammar. Even the most convincing phishing emails will contain mistakes, such as sending content to a British recipient that is full of Americanisms, such as spelling ‘organisation’ with a ‘z’, to become ‘organization’, to name just one of the errors that could be made. Look out for improper or sloppy spelling and grammar mistakes and this should point towards whether or not an email is a scam or a legitimate correspondence.

A strange URL

Whether you’ve been sent an email with a link in it to another website or if you’ve clicked on a website that looks legitimate but isn’t, something you can do to make doubly sure that it’s a legitimate website is to check the URL. If it looks strange or unusual in any way, then it’s likely a bogus site and you shouldn’t use it.

This is because scam websites have the sole aim of tricking users into parting with their personal information or as a way of infecting their devices with malicious software or malware. According to Go Banking Rates, there are websites out there claiming to be the real deal, but their URLs are different and strange if you look at the official URL.

For example, the URL for Tiffany & Co is www.tiffany.co.uk, but on the list outlined by Go Banking Rates, there is a site out there claiming to be them, although the fake URL is TiffanyCoShop.com. The Australian Broadcasting Corporation claims that fake websites are vastly becoming the latest tool to steal personal information.

A sender address that seems unusual

Email addresses or telephone numbers that look unusual are often suspected right away as being a phishing scam. Email addresses that contain a series of random numbers, special characters or capital letters will, most likely, be a fake account, used to hoodwink email receivers. These days, scam emails can look identical to the real thing, so it’s becoming increasingly more difficult to identify a fake email.

Checking the email address is often one of the most effective ways of pointing out scam emails. Most recently, according to the Wrexham Council News, there have been over 3,400 reports of fake emails being sent under the guise of TV Licensing. Recipients are being told that their TV licence is about to expire or that there’s been an issue with their direct debit payment.

The links supplied will take the recipient to a website that is not legitimate but that looks wholly genuine. This only makes for recipients who are now more than willing to part with their sensitive information, because it looks legitimate. TV Licensing have been notified and they have since published literature on how you can spot fake TV Licensing emails and other correspondence.

A message that seems too good to be true

As we’ve already touched upon, the whole point of a phishing email is to “get a bite”, so to speak. They’re not going to entice many people in by offering something mundane. They want to shock the sender.

Whether they send an email claiming you’ve won £100,000 and you need to give your bank details to them so they can wire the money or if they say that your bank account has been hacked and you need to send sensitive information to recover it, they want to jar you enough to take action.

Regardless of whether the message is too good to be true or if it seems suspicious in any way (because a bank will never text or email you asking for your personal information), you should never hand over any information to them. Instead, it should be seen as a sign that you’re the target of a phishing scam and it should be reported here.

ICU IT are pleased to offer clients throughout Derby and beyond sterling IT management services, cloud hosting services, IT support and business continuity, to name just a few of the specialist IT services we have available. If you would like further information about how we can protect your business from phishing scams, get in touch with a member of our dedicated, professional team today – we’re always pleased to hear from you.

The post Everything You Need to Know About Phishing appeared first on ICU IT.

6 Tips for Making a Secure Password

admin — Mon, 04 Mar 2024 13:13:28 +0000

In an age where we live our lives, mostly, digitally, it’s become commonplace to have online accounts and sign up to apps, but those require you to set up a password to keep your account secure. According to Gov.uk, throughout 2023 so far there have been approximately 2.39 million instances of cyber-related crime.

The same source also claims that most cyber crimes are unsophisticated, but prey on things like: password insecurities, penetrable network firewalls and failing to update or renew security software. Where these are problems that mostly affect the commercial sector, domestic internet users are also falling victim to cyber crime.

My London states that cyber criminals hacked around 2 million people to steal their personal data and to, subsequently, gain access to their online bank accounts. In April 2023 alone, according to the same source, police arrested 31 people in connection with cyber crime incidents. Part of gaining access to various accounts, no matter what they might be for, is password hacking.

The best thing you can do to protect yourself online is to ensure you have a solid and secure password that you can remember without writing it down. With this problem still prevalent in today’s society, we’ve shared some of our top tips for making a robust password that will have the most devious of hackers scratching their heads

1. Ensure your password is as long as possible

Short passwords are something you should steer clear of if you’re wanting to make sure that it won’t be guessed or quickly deciphered. The idea is to make your password as difficult to find out as possible, and part of that is choosing a word or phrase that is relatively long. Don’t make it too long, because some accounts will only let you put in so many characters, but if there’s no limit on character length, then make sure you choose something that is random, long and nonsensical.

2. Make it a nonsense word or phrase

According to the Huffington Post, the most commonly-used passwords are something simple, like ‘1234’ and ‘password’. This is not considered to be a safe or secure password. Anything that is easy to guess or the use of common words in your passwords would be easily deciphered and subsequently used to exploit your online account.

The general rule when choosing a password that cannot be guessed would be to choose random words and phrases, something that means nothing to you or correlates to your life in any way. But we’ll touch on including personal information or data in your passwords later on in this article.

3. Include numbers, symbols & uppercase letters

Part of making sure you’re choosing a password that makes no sense includes throwing some special characters, uppercase letters and a few numbers into the mix. Make sure the numbers don’t mean anything to you, like a birthday, and add the capital letters randomly throughout the password.

You can do the same for special characters, scattering them along the words or phrases as you go. Often, people will use ‘$’ instead of an ‘s’, an @ instead of an ‘a’ or a ‘!’ instead of an ‘i’. Make the password as confusing as possible, but make sure it’s something that you will be able to remember without writing it down.

4. Don’t include any personal information

We’ve already touched on making sure that you do not include any personal information or data, such as a birthday or the year you got married. This is because this sort of thing is in the public domain. People will be able to find out those things about you through social media or even your CV if it’s visible online. Choose numbers that have no correlation to you or your family.

You should also refrain from using the place name where you live or have lived because, again, this is something that someone will be able to find out about you online, especially seeing as Facebook will display this information, if you wish. This goes back to the point of creating a password that is completely nonsensical. Also, don’t forget to make sure that your password is also relatively lengthy, along with ensuring it makes little sense to anyone else.

5. Refrain from reusing your passwords

SecureAuth claims that 92% of people asked will use the same password for multiple different accounts. Where this might be useful in terms of remembering your passwords, and ensuring that you can always access your accounts, you should never reuse your passwords. You should always choose a different password for every account you have, even if it’s for your online food shop or an online newspaper subscription. While it’s a convenient option for many, it’s definitely not worth the risk.

If someone hacks your online shopping account and lifts the password from there, which just happens to be the same password you use for your online banking, then you’ll be inadvertently opening a can of worms and the hackers will have a field day. Always make sure that you use individual passwords that are difficult to guess for every account you have that exists in the digital world. This will help to project your online presence even more.

6. Change your passwords regularly

Don’t keep the same password for the same account for very long. According to McAfee, you need to be changing your password every three months. This is to make sure you keep the hackers guessing. You should never write them down and don’t come back and reuse old passwords either. Ensure they’re brand new every time and do this for all of your online accounts to be absolutely sure. This gives you peace of mind that your accounts will be protected whilst leaving the hackers running in circles.

ICU IT are computing specialists who are able to offer our clients, both domestic and commercial, the best possible advice and expert guidance with regards to protecting your accounts online. With round-the-clock IT maintenance services together with IT support and cloud hosting services, to name just a few of the IT services we have available, you can rest assured that you’ll be in safe hands when choosing ICU IT to manage your IT systems. For further information about how we can help you today, get in touch with a member of our friendly, professional team – we’re always pleased to hear from you.

The post 6 Tips for Making a Secure Password appeared first on ICU IT.

5 Benefits of Managed IT Support Services

admin — Thu, 15 Feb 2024 09:22:28 +0000

IT support services are an essential part of ensuring the smooth running of any business, no matter the industry you work in. It helps to take the stress and pressure off of you, the company owner, allowing you more time to focus on what it is you do best.

An in-house IT support service can be costly as you’ll need to take on additional staff and, possibly, train them as well. If you outsource this service, you’ll have total peace of mind that your IT will be managed and supported around the clock, without you having to lift a finger. So what do our IT support services involve and how can it benefit your business?

What are IT support services?

Most businesses these days rely heavily on technology, with IT being at the forefront. However, even with the advancements of today, technology still needs supporting and managing to ensure it’s running as efficiently as possible.

Even the most tentative of business owners will end up forgetting passwords, so you need someone on hand who can retrieve your accounts no matter what. The experts here at ICU IT will be able to manage your IT round the clock for your peace of mind. The right IT support will allow you to focus on other aspects of your business, meaning you’ll have even more time to grow and develop your company.

5 benefits of managed IT support services

There are several benefits of having managed IT support services carried out by a third party. This is because there are several different types of IT support available depending on the type and size of your business as well as your individual requirements. We are pleased to offer bespoke IT support, so no one client will be the same. Some of the benefits associated with IT support services are as follows:

1. Helps to optimise your operations

Having a third-party manage your IT support will afford you more time to focus on how you’re going to grow and develop your business, without having to worry about every aspect of your IT – something you heavily rely upon on a daily basis to get the job done.

Your individual departments will then be able to focus purely on their own roles without having to retrain or be given additional responsibilities on top of their existing ones, which could cause them to become stressed. Businesses can be optimised efficiently to ensure businesses are running as smoothly as possible with the implementation of third-party IT support services.

2. It’s more cost-effective for your business

IT support services are available with a wide range of payment plans available. Many clients pay for their third-party IT support services on a monthly basis for complete peace of mind that they’ll be receiving ongoing support.

Not only would this be more cost-effective than re-training existing staff, but it would also be far more affordable when compared to bringing in an entire new workforce and incorporating another department just for the purpose of IT support, which you can get from a third party for a reasonable price.

3. It can be both flexible & supportive, simultaneously

IT support services are flexible in every aspect. This doesn’t just stop at IT support services that are provided and tailored specifically towards your business. No matter the size of your company or the industry you’re in, you’ll be able to count on our IT support services. From a variety of payment plans available to a service that will be bespoke to your business needs, IT support services are incredibly flexible and can be amended to adapt as your business changes.

4. Disaster recovery will just be a click away

It’s imperative that businesses have a disaster recovery plan in place should the worst happen. No company wants to experience any length of downtime, so why let it happen? IT support services allow us to manage your IT around the clock, but that also includes disaster recovery.

If a virus or another type of malware hits your IT systems, then you’ll be compromising any data you’ll have saved. If documents and such things are lost, or if you’ve simply forgotten your passwords, then IT support services will be able to mitigate this entirely.

5. Future-proofing is made far easier with up-to-date software

You can rest assured that you’ll be provided with the most modern, state-of-the-art IT support services, meaning we’ll use some of the latest systems available to be able to make this possible. You won’t have to rely on out of date software or security IT systems if you choose ICU IT for continued IT support services.

ICU IT is proud to provide customers in various locations across the country with specialist IT support services. No matter how small your business might be and no matter the industry you work in, you can rest assured that we’ll be able to help you. For more information about the IT support services we’re pleased to offer, get in touch with a member of our expert, professional team today – we’re always happy to hear from you.

The post 5 Benefits of Managed IT Support Services appeared first on ICU IT.

What Are the Different Types of Cyber Crime?

admin — Sun, 19 Nov 2023 10:48:32 +0000

Cyber crime is something that has long been discussed, particularly since the advancement of technology and the capabilities of the internet. Something that might not be known to most people is that there are actually three different categories of cyber crime. Let’s delve deeper into those categories:

Property – similar to possessing bank card information and bank account details of another individual. Information is stolen to access money, make online purchases or run phishing scams to encourage people to wire whole sums of money
Individual – involves one criminal operating alone who is sharing illegal or malicious information online. This could include anything from cyberstalking to trafficking
Government – the least common cyber crime category, this is a cyber crime that’s committed against the government and includes hacking their websites, hacking military websites or distributing propaganda

Now that we’re aware of the different categories of cyber crime, there are many different types of cyber crime out there that someone could fall victim to, whether you’re a domestic or commercial internet user. Not every type of cyber crime has the goal of stealing money, so let’s take a closer look at some of the cyber crimes that could be committed:

DDoS attacks

These are used to ensure an online service is unavailable. It does this by taking the network down by flooding it with site traffic from a number of different sources. They will then create entire networks of infected devices, known as botnets, to deposit malware on the user’s computer or another device they’re using. Once the network is down, the hacker will then hack into the system, rendering it useless and unsafe to outside users.

Identity theft

Cyber crime can also take the form of identity theft. In order for someone to steal your identity, they will need to acquire a range of personal information about you, including your name, your address, your date of birth and even a phone number. They will commit identity theft for a number of reasons, including:

To steal funds from you
To access confidential information
To access online accounts
To participate in tax fraud
To participate in insurance fraud
Open an online account in your name
Plan criminal activity in your name
Claim government benefits in your name

Cyberstalking

Cyberstalking is effectively the same thing as real world stalking, but this happens online. It’s considered to be online harassment as it often involves the victim being bombarded with a considerable and consistent amount of messages, phone calls and emails. Hackers can use social media, websites and search engines to instil fear or to intimidate the victim, bending them to their will. In most cases, the cyber stalker will know the victim, thus giving them more ammunition to use against them as they will know what scares them and what doesn’t.

Social engineering

These cyber criminals will make contact with you directly either using a telephone, a text message or an email. The idea of social engineering scams is that they’re used to gain your confidence and trust, making you believe that they’re legitimate by posing as a customer service agent.

They’ll learn a range of information surrounding the service they’re pretending to offer. Most often, they pose as companies who are selling mobile phone contracts. In order to set you up with an account or, just in case you already are a customer with the business they’re pretending to be, they’ll ask you for a series of personal information, including:

Your name
Your phone number
Your address
Your date of birth
Your bank account information
Your credit and/or debit card details

They will then take the information you’ve given them, no matter how detailed or vague you might have been, and they’ll find everything they can about you on the internet and will attempt to add you as a friend or follow you on your social media accounts. Once they have access, they’ll sell all of your information or they’ll take steps to secure any accounts you have in your name.

Phishing

Phishing is an online scam that is used by hackers to encourage recipients to hand over their personal information and sensitive data. They do this by offering big prizes or by scaremongering recipients, using emotive tactics to get them to submit, usually, bank account information. The name ‘phishing’ comes from the word ‘fishing’ because someone who catches fish uses bait to ensure the fish bites. This is what phishing scammers are doing in a digital, virtual capacity.

Creating and/or sharing illegal or prohibited content

Cyber criminals don’t always operate in a scamming or hacking capacity. There are crimes that are carried out over the internet that include sharing or creating illegal content. This could be anything from pornography to advertising illegal firearms, for example. Often, cyber crimes are carried out on the dark web. You can read about the dark web in one of our latest articles.

ICU IT are pleased to offer clients throughout Derby and the surrounding areas sterling IT support services. From IT maintenance and cloud hosting to round-the-clock monitoring when it comes to your IT security, you’ll always be able to count on us to support, maintain and manage your commercial IT systems. For further information about how we can help you today, get in touch with a member of our dedicated, professional team – we’re always pleased to hear from you.

The post What Are the Different Types of Cyber Crime? appeared first on ICU IT.

What’s the Difference Between the Deep Web & the Dark Web?

admin — Mon, 23 Oct 2023 12:46:40 +0000

You might have heard of the dark web before, but what about the deep web? Most people will have a basic knowledge of what the dark web entails, but if you’re unsure about how this differs from the deep web, then you’ve come to the right place. In this article, we’ll be talking about what the deep and dark web is, together with how they differ. In addition, we’ll also touch, briefly, on the surface web, as well as how you can protect your employees from the darkest realms of the online world.

What is the deep web?

The deep web is website content that doesn’t make up any part of the surface internet, which we’ll get onto in a moment. It’s something that is hidden from everyday internet users. It displays content that isn’t indexed by your average website crawlers or search engines, and so people have to delve deeper into the online realm in order to access things on the deep web. For instance, you’ll need to know the exact URL of the page or website you’re searching for in order to access the deep web. In addition to that, the deep web could also include mainstream websites, like Netflix or Amazon.

What is the dark web?

The dark web forms part of the deep web, and it’s intentionally hidden from surface web users, for good reason. All of the data within it is encrypted and you’ll need specific configurations, software and authorisations in order to gain access to it. It’s not uncommon for government forces, such as the police or MI5 to access the dark web for the purposes of legal investigations.

This is because there will be disturbing, inappropriate or triggering content on there that is, mostly, illegal. The average internet user should not be accessing the dark web for any reason, as there will be extreme consequences for viewing, downloading or interacting with any of the content that’s displayed on there.

Essentially, do not attempt to access the dark web. The good news is that there are IT systems available that can help to protect internet users from the realms of the dark web, although stumbling across it by accident is highly unlikely.

What is the difference between the deep web & the dark web?

Something that’s important to point out is that the deep web and the dark web are not one in the same thing. Where the dark web is part of the deep web, the deep web doesn’t form part of the dark web. The deep web can contain hidden content, but it’s not necessarily illegal one hundred percent of the time. The dark web, on the other hand, is as the name would suggest, dark. In order to pinpoint the differences between the two, let’s look first at the deep web in summary:

Part of the internet that is hidden from conventional search engines
A password, encryption ot specialist software will be needed to access it
It’s considered to be larger than the surface web
It’s often used for legitimate reasons, as opposed to being, mostly, illegal
It will include all unindexed website pages
It can be accessed with a VPN

In summary, here’s how the dark web differs from the deep web:

It’s intentionally hidden and forms part of the deep web
It’s far more difficult to access
Its size is unmeasurable, in comparison to the surface web
It can be used for illegal activities
Precautions are needed to access the dark web
It’s often used by the authorities to catch criminals

What about the surface web?

The surface web, which is also referred to as the visible web, is essentially the internet that we browse every single day. The surface web is used for day-to-day activities and enquiries, and is what most of us consider the internet to be, unlike its darker, deeper counterparts. Despite it being commonplace in our everyday internet searches, it’s not exempt from scammers and hackers.

In addition to some of the most talked about scams being carried out online, some scammers might trick curious users into exploring the ‘shadow web’, which is simply a rumour that exists among the online world.

It’s often used as a way for scammers to get internet users to part with cash or bitcoins, back when that was a popular virtual currency. Don’t be fooled by these online scams and stick solely to the surface web. Although, you should make sure you have all of the anti-virus software required to protect yourself and your computer system.

How can I protect my employees from both the deep & dark web?

As already touched upon, you can make sure that your employees are supplied with the most state-of-the-art anti-viral software and protections available. Some software and programmes can be purchased that will automatically block any visits to the dark or deep web, as well as any other sensitive, triggering or inappropriate content.

You can also trust your IT systems in the hands of someone in the know, like us here at ICU IT. We have a team of dedicated IT professionals who will always be on hand to offer round-the-clock IT maintenance services, for example. Invest in unparalleled IT protection from us here at ICU IT and you’ll have complete peace of mind going forward.

ICU IT has over two decades of experience in the IT industry, providing customers throughout the country with unrivalled, sterling IT services, including cloud hosting, IT support, IT maintenance services and more. Regardless of the industry you work in, we’ll be able to provide you with a commercial IT service that will meet your needs and exceed your expectations. For further information, get in touch with a member of our professional team – we’re always pleased to hear from you.

The post What’s the Difference Between the Deep Web & the Dark Web? appeared first on ICU IT.

5 Reasons To Make Cyber Security a Top Priority

admin — Sun, 10 Sep 2023 10:38:35 +0000

Cyber security is something that has become increasingly more prevalent and commonplace as the digital world becomes more advanced. It’s not just important at home, in a domestic setting, but it’s also imperative in the workplace, no matter the industry you work in.

Regardless of what you do, most businesses will be reliant on technology, such as a computer, and so it’s paramount that you’re doing everything in your power to protect your computer systems. Let’s discuss why you need to start making cyber security a priority in the workplace.

1. It makes your business operations more productive

With cyber security at the forefront of your operations, you’ll soon notice an increase in employee productivity. This is because your workers will no longer experience slow computer systems, for example. It also means that they’ll be able to access programmes and software in quick time, without worrying about whether they’ve been hacked, for instance.

People who are looking to breach your cyber security measures will be looking for information that they can use, but it can also mean that your computer becomes infected with viruses, which can be detrimental to the user experience. There are several reasons as to why you should make cyber security in your business a priority, but productivity in the workplace is one of the most favoured and effective outcomes.

2. Cyber security breaches are almost commonplace

It’s inevitable that your business will experience cyber security breaches at some point or another, and so you’ll need to make sure that you’re prepared and protected for when it eventually does happen. It’s never been more important for you to get ahead of the game as this will help to mitigate any issues with your computer systems.

Not only could it prevent a slow user experience, but it also has the potential to save you money, as you’ll be far less likely to fall victim to scammers. Something else that will help is making sure that your staff are trained in cyber security measures and mitigation.

3. It would be far more cost-effective

The cost of implementing a secure and safe cyber security measure should be considered more of an investment rather than just another expense for your business. As already touched upon, cyber security breaches could make you incredibly vulnerable to scammers. It’s widely reported that scams, and the people who are behind them, are on the rise, both domestically and commercially.

According to UK Finance, over £1.2 billion was stolen in 2022 as a result of fraud cases, but it’s a crime that’s not showing any signs of slowing down. In May 2023, a man was charged over cyber-crime theft after stealing more than £200,000 from a woman who resided in Aberdeen. If a cyber-scammer can manage to steal that amount of cash from one person, think about how much they would be able to trick a business into handing over. Save yourself a considerable amount of money in the long run by implementing cyber security measures now.

4. It protects your employees from cyber crime

By having cyber security measures in place, you’ll not only be protecting your business as a whole, but you’ll also be protecting your employees. With the right training, they’ll be able to identify instances of phishing and other suspicious cyber activity that they haven’t authorised, for example. Armed with this knowledge, your workers will be able to keep their own, personal information private, together with also keeping company information private.

Not only this, but they’ll be able to apply the same knowledge to their own at-home computers and devices. Despite the fact that your employees will be operating under your new cyber security system, which they won’t have access to at home, they’ll still be far more aware of the risks of cyber crime.

5. It could put your business’ reputation at risk

If your business is hacked, it could end up putting your business’ reputation at risk. You’re probably wondering how. The first thing that could happen is that your entire system is hacked, which is then reported. Through word-of-mouth, an increasing amount of people will start to find out about the breach you’ve suffered, which could then cause them to gossip.

People might start to think how a company of that calibre could be so vulnerable and open to attack. This will then have a knock-on effect on your customers, both existing and prospective. Your existing customers will worry about whether or not their personal information and data has been taken by criminals, whereas potential customers will now no longer consider giving you their custom for fear of you being hacked again.

Not only could this put your business’ reputation at risk, but it could even damage it beyond repair, leading to a down in success. Something else that could hinder your reputation is if cyber hackers manage to breach your website or social media pages and either delete everything you have on there, or start to post things that are damaging to you, like spam or inappropriate content. The best way to avoid risking your reputation is to implement cyber security measures with us here at ICU IT today.

ICU IT has over two decades of experience in the transformation of IT systems for businesses across the UK. With a free consultation period and a dedicated point of contact for you to take advantage of, you’ll always be able to look to us for commercial IT services. Working with small and large companies alike, you’ll be able to choose from a variety of specialist IT services, including hosting cloud services, business continuity, managed IT services and IT maintenance services, to name a few. For further information, get in touch with a member of our professional team today – we’re always pleased to hear from you.

The post 5 Reasons To Make Cyber Security a Top Priority appeared first on ICU IT.

How to Spot a Fake Website

admin — Tue, 15 Aug 2023 08:25:41 +0000

It’s important that you spot the signs of a fake website as soon as possible, especially if you’re looking to make a purchase through it. However, even if you aren’t wanting to carry out a transaction there, it would still be easy enough for the owners of that site to collect your information without your consent, resulting in identity theft or financial fraud.

The best thing you can do in order to protect yourself, your family and your employees, if you run your own business, is to make sure that everyone knows the signs to look for if they suspect a website is fake. Here’s how to spot a bogus site:

Look closely at the domain name

One of the easiest and most common ways of checking whether or not a website is fake is to look at the domain name. There are some other details about the domain that you should check as well, but we’ll get onto that later in this article. But that doesn’t mean to say that you can’t pick out crucial information from the name alone.

If the domain name doesn’t match the official website name or company, then it’s likely fake. Scammers will often use names that are similar to an official URL, or they might include some of the legitimate domain name within the bogus one to give it more authenticity. Don’t let that fool you.

For example, VANS could become victim to scammers in the sense that they’ll create a fake site that reads www.vanns.com instead of www.vans.co.uk. Although only a subtle difference, it’s not always something that internet users look closely enough at in order for them to notice.

Always look at the domain name for dodgy spellings, hyphens, punctuation and other aspects that don’t appear genuine. You should always check the domain name, making sure that you’re on the legitimate site, especially before entering any personal information, including data such as:

Your name
Your address
Telephone numbers
Bank details
Billing information
Date of birth

Check for a padlock symbol

This is a common piece of advice that is given to internet users throughout the globe, and it’s often a great way to verify whether or not a website is fake. If it doesn’t contain a padlock in the browser, then it’s more likely that the website is fake, but it could also simply mean that it’s not a secure site for you to be entering your personal details into.

Look at it as something to be cautious about and think twice before giving your data away. The padlock symbol should be viewed as a sign that a website is safe to use, but don’t use it as the sole means of verification. You must use this tip in conjunction with other steps on this list to make doubly sure that a website is official and secure for you to input details into, if needed.

Use a website checker & only use safe browsing tools

Website checkers are a great way of helping you to verify a secure or bogus website. A website checker will be able to tell you things like: if the site uses encryption to protect your data and the site’s level of verification certificate.

Website checkers are a great place to start if you aren’t sure about whether a site is a spoof or not, but it’s also important for you to know that scammers are finding ways to get around those checkers in order to evade detection. In addition to this, you will also need to follow the other steps outlined here, just to be sure.

Keep an eye out for poor spelling, grammar & design issues

Scammers who have developed bogus websites will often not take the time out to make sure that the copy is immaculately-worded and that the grammar is spot on. Even if they ran it through a spell-checker, it’s unlikely to detect every single mistake that’s made, especially if it’s in American English. This is something else you’ll need to look out for. If you’re looking at, what should be, a British website and it contains American spellings and words, then it’s likely not a legitimate website.

The same goes for poor spelling and grammar in general. A real website owner would have taken the time and invested money in the writing of the copy and the design of their site in order for it to look as good and as safe as possible. If the website isn’t up to scratch, then it’s likely to have been designed and developed by scammers. You should also look out for red flags in the design of the site in addition to the text.

Find the age of the domain & how long the site has been active for

Another great way of finding out if a website is fake or not is by checking the age of the domain and/or how long the site has been active for. If it’s a relatively new site, then you should be suspicious, especially if it’s coupled with a few other warning signs on our list.

There are plenty of ways in which you’ll be able to check the age of a domain, notably the Wayback Machine will be able to help you to determine its age. Simply type the URL into the search bar and it will provide you with all of the information you’ll need to know about the age of the website.

If details are too good to be true, they probably are

If the website claims that if you sign up to their newsletter, providing them with your name, date of birth, email address and a telephone number, you’ll be in with a chance of winning £1 million, then it’s probably too good to be true, especially if it’s a company you’ve never heard of or if their site is only a few months old. If something sounds too good to be true, it probably is, and there’s likely a reason why they’re trying to entice you in – for your personal details.

Research user reviews

Before purchasing goods or committing to a service that’s supplied by that company, make sure you first look at customer reviews. There are plenty of places online where those reviews will be publicly available, such as Trustpilot, Google, Facebook and more. These are often raw reviews put on by real customers and so you’ll know once and for all whether or not a site is legitimate.

It can also help you to determine whether they’re charging people good money for inferior quality goods or counterfeit products. It might be that they’re providing you with a product, but it’s not what you thought it would be. Look at customer reviews online before deciding to make purchases through a site that looks to be bogus.

Run a virus scan for peace of mind

For absolute peace of mind, people often choose to run virus software after clicking on a site that they think is illegitimate. Even so, it would be a good idea to run one after you’ve finished browsing the net, because you can never be sure. This is a great way of ensuring your computer stays virus-free, even if you have clicked on something that appears to be dodgy. Cover your back and give yourself peace of mind by running anti-virus software after each surf of the web.

ICU IT is a dedicated IT specialist firm, dedicated to providing companies and businesses alike with sterling IT services, including hosting cloud services, IT consultancy, IT maintenance services and more. For further information about how we can help you today, get in touch with a member of our friendly, professional team – we’re always pleased to hear from you.

The post How to Spot a Fake Website appeared first on ICU IT.

Key Information on the End-of-Life Deadline for Windows Server 2012

admin — Wed, 26 Jul 2023 07:57:25 +0000

Microsoft will be discontinuing support for Windows Server 2012 and Windows Server R2 on 10th October 2023. This article outlines the available options and emphasises the importance of upgrading before the deadline. Ensure a seamless transition and stay ahead with the necessary updates.

Why is it happening?

Microsoft Windows Server 2012, the fifth version of the operating system, was launched in September 2012. It was succeeded by Windows Server 2012 R2 in October 2013. Explore the features and benefits of this powerful server platform. Upgrade your system for enhanced performance and productivity.

Microsoft products and packages adhere to a structured lifecycle policy. Upon reaching the end of life, Microsoft discontinues support and security updates for their products. These predetermined dates establish clear expectations from the initial launch, ensuring transparency throughout. Stay informed about Microsoft’s product lifecycle and make informed decisions for your business’s technology needs.

End of support refers to the discontinuation of Microsoft’s assistance for older versions of its server operating systems. While these outdated systems may continue to function, they will no longer receive security updates or patches after the specified cut-off date. This poses a significant risk to security and compliance standards and may also lead to data loss and performance issues. It is highly recommended to upgrade to newer versions to ensure optimal system performance, security, and compliance.

There are multiple options available to enhance your system, such as upgrading to a modern operating system or migrating your data to the Cloud. To assist you with identifying and preparing for these changes, we’ll be hosting a webinar in the upcoming weeks. Keep an eye out for further details from your Account Manager.

Fortunately, Microsoft has already unveiled Windows Server 2022 as a successor to Windows Server 2012. This latest version brings about cost savings, streamlined remote work capabilities, enhanced analytics, and heightened security for modern businesses. Upgrade to Windows Server 2022 for improved performance and efficiency in your enterprise.

Naturally, numerous businesses have relied on Windows Server 2012 for an extended period. The prospect of migrating to a significantly different IT environment can be daunting. However, with careful planning and execution, this transition can be managed smoothly and efficiently, ensuring improved performance and enhanced security for your business. Upgrade to a modern IT infrastructure that aligns with your evolving needs and stay ahead of the curve.

Here are some tips to ease your migration to Windows Server 2022

Prioritise your business

It’s vital to remember that using an outdated operating system puts your business at a high risk of hacking or breaching. This is because the manufacturer no longer provides security patches, software updates, or technical support. By upgrading to a modern operating system like Windows Server 2022, you can take advantage of the latest updates, enhanced security, and advanced features. Stay protected and up-to-date with a contemporary operating system for your business.

Upgrade to the latest versions of Microsoft software for enhanced security, performance, and innovation.

Please ensure that your current hardware is compatible with the new operating system

When it comes to operating systems, newer versions often require additional memory and processing power to ensure optimal functionality. This can present challenges for older servers that may require assistance in keeping up with the latest technological advancements.

It is imperative to evaluate the capacity of your hardware prior to the installation of a new operating system. Failing to consider your existing resources may lead to software and server failures, data loss, and hinder your team’s ability to perform their duties. It is crucial to approach this process with a professional mindset to ensure seamless operations.

Are your existing packages and software compatible?

To efficiently carry out their operations, the majority of businesses depend on a range of third-party software packages, such as accounting, customer relationship management, and design software. These packages are specifically tailored to function seamlessly with the operating systems that were available at the time of their release. However, upgrading your operating system can occasionally lead to compatibility issues with these third-party packages.

To mitigate any adverse effects on your business, it is imperative to conduct a comprehensive evaluation of your software packages prior to implementing any upgrades. Neglecting this crucial step could result in employees being unable to utilise essential software applications, thus causing significant disruptions to daily operations.

Examine the existing and emerging market options

The realm of technology is constantly evolving, presenting a wide range of server replacement options that depend on your unique needs and software packages. These alternatives encompass cloud, onsite, or hybrid servers. To ensure the optimal selection of a server that aligns with your requirements, we highly recommend consulting our team for a comprehensive assessment.

Consider your budget

When upgrading to new server hardware or operating systems, it is essential to consider the budget. The project cost will vary depending on the required upgrade. By carefully planning and identifying necessary upgrades, you can allocate the budget accordingly, whether for immediate implementation or future considerations.

ICU IT places a strong emphasis on transparency and will furnish a comprehensive breakdown of costs after conducting an audit and consulting your requirements.

What are the implications of continuing to use Windows Server 2012 R2 beyond 10th October 2023?

It can be tempting to continue operating your business on outdated operating systems. After all, they may still be functional, right? However, it is crucial to acknowledge that these systems present substantial security and compliance risks and do not meet the requirements of modern businesses.

If you continue to utilise Windows Server 2012 R2 after 10th October 2023, the operating system will remain functional. However, please note that Microsoft will no longer provide support in case of any potential issues.

This can potentially expose your server and network to security threats and vulnerabilities, as well as create compatibility issues with newer software and hardware.

It is crucial to bear in mind that the longer one employs an outdated operating system, the higher the probability of encountering problems. Hence, it is imperative to take appropriate measures and initiate the transition to Windows Server 2022 at the earliest opportunity.

ICU IT can assist in ensuring a seamless process by offering a range of services, such as assessment, audit, service contract management, and training. Additionally, we collaborate with your IT team to identify any compatibility issues, ensuring a smooth upgrade without any unwelcome surprises.

Don’t leave it till the last minute

October 2023 is approaching, but please be aware that upgrading an operating system or migrating to a new server can be a time-consuming and labour-intensive project. We encourage you to get in touch or reach out to your Account Manager today for further assistance.

Conclusion

Seize the opportunity to upgrade your systems and secure your business now. Don’t wait until the looming deadline puts you in a bind. If you want to ensure smooth operations, bolster security, and boost productivity, reach out to ICU IT today. Our team of experts is ready to guide you every step of the way, from initial assessment to successful implementation of Windows Server 2022. Contact us now to start your migration journey. Act now and stay ahead of the curve.

The post Key Information on the End-of-Life Deadline for Windows Server 2012 appeared first on ICU IT.

The Basics of Ransomware Attacks

Simon Lewsley — Wed, 08 Mar 2023 13:47:03 +0000

Security firms are this week warning about a sudden “huge” surge in junk email messages containing ransomware.

What Is Ransomware?

Ransomware is a type of malware that takes your computer for ransom and will deny you any entry or access to your computer. Perhaps the most frustrating part for the owner of the computer is that not only can they not access their computer files, but they have to pay a ransom for the restriction to be removed. A good (or bad) example of ransom malware is the Trojan horse malware named cryptoLocker. This will encrypt your files and folders hold them hostage until you pay a ransom. Once paid, the criminals remove the malware from your system and it runs as usual. This type of attack is extremely infuriating, but it has been described by many as ‘The Perfect Crime’, because it starts with a simple email.

How Does My Computer Become Infected With Ransomware?

Like other computer viruses, it can find its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it; most commonly it arrives in the form of a phishing email, or spam, or a fake software update – and the recipient clicks a link or opens an attachment. Trouble will begin the moment you click on a malicious mail attachment from a new or suspicious source. In some cases, the trouble might be a link that comes within the mail. The virus then sets to work encrypting the user’s files; it’s a malicious virus that locks the user out of their computer and demands a fee to return their files. Security experts have warned that ransomware is the fastest growing form of computer virus. Ransomware typically propagates as a trojan, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program then runs a payload, which typically takes the form of a scareware program. Payloads may display a fake warning purportedly by an entity such as a law enforcement agency, falsely claiming that the system has been used for illegal activities, contains content such as pornography and “pirated” media, or runs a non-genuine version of Microsoft Windows. It is also easy for you to spot this kind of malware. They all have recognisable features, so they can be easily spotted, often there will be a type of ‘call to action’ within the text. This could surface as ‘READ THIS’ or ‘REPLY STRAIGHT AWAY’, if you read the email and it has a sense of urgency about it, it is best to just delete it, you never know – it could be a Trojan horse waiting to be let in. These types of viruses also hang out around funny websites, and social networks – so you must be on your guard at all times.

What Can I Do to Avoid Ransomware?

Regular users should be educated on the rise of cybercrime
Antivirus software should be updated on a regular basis and enabled at all times so that protection runs 24/7.
Make it possible for the system to receive automatic updates from Sophos Update Manager
Do not be reckless when opening any mail, if it looks dodgy it probably is..
Watch out for warning signs
Firewalls should always be enabled
Don’t click on suspicious links

What Do I Do If Ransomware Has Locked Me Out My Computer

Due to the nature of this malware it is always best to seek professional help. IT professionals are your best hope in successfully removing the malware from the computer. Sometimes Anti-Virus software isn’t enough to protect yourself and your computer from external threats. This type of malware cannot be flushed out the system simply by conducting a full system scan. At this point it is likely that files will have been encrypted. Many companies like Sophos have created decryption tools which can help; but ultimately you should seek support and advice from an IT professional immediately.

Conclusion

It doesn’t matter if you are just a computer owner, a small business or a large business – nobody is going to want their computer to be taken hostage. If your computer is fully secure and protected at all times then there should be no reason for you to part with any money whatsoever. The bad news about this is that you can’t stop cybercrime like this, and Ransomware is just one type of cybercrime, but by keeping it protected you will be able to keep the cyber-criminals at bay. To avoid falling victim, companies should ensure that their security protection is up to date and should regularly back up their data so it can be restored in the event a machine does get infected. If you have any questions or concerns over your current security and or backup systems, please contact us for advice or to discuss any of our IT support services.

The post The Basics of Ransomware Attacks appeared first on ICU IT.

6 IT Security Tips for Remote Workers

admin — Wed, 01 Mar 2023 11:32:49 +0000

IT security has always been an important aspect of any job, whether working remotely or in the office. But when you’re working from home, the security of your computer systems falls into your list of responsibilities .With so many issues that could occur that may well compromise the security of your IT, here are some tips for those who work at home, whether it be full or part time.

1. Use antivirus software

One of the first things you need to do is install antivirus software. This will help to stop malware from infecting your computer and compromising your data. There are lots of different antivirus systems available that claim to protect your information and the integrity of your computer, but it’s worth investing in a good one for added peace of mind. The right antivirus software will be able to protect your computer from the following things:

Ransomware attacks
DDoS attacks
Malware
Spyware
Other types of breaches

2. Make sure your wi-fi network is secure

Whether you’re using the computer system your employer gave you or are using your own laptop, it’s important that your wi-fi network is safe and secure. This includes ensuring it’s protected with a strong password that’s extremely difficult, if not impossible, for others to decipher. If you cannot add a password to your wi-fi network, then you’ll need to find the IP address (which is usually written somewhere on the router) and then type that into your website browser. It will then ask you to sign in so that you can either set up or change your default password.

3. Ensure you’re using strong passwords

As already touched upon, it’s imperative that your passwords, no matter what they might be for, are strong. This means using a combination of capital letters, numbers and special characters. It would also be better to refrain from using whole words, instead using acronyms, to make them easier to remember. Also, make sure you’re using a different password for each log in and never write them down. Often, you’ll be encouraged to change them on a regular basis. Sometimes, this might be made compulsory by your employer, so check your contract.

4. Use a VPN

If you’re working remotely, then make sure you use a VPN. This will help to secure your connection and, in turn, encrypt your data. This will help to make sure that website traffic cannot be accessed by unauthorised people. It will also help to secure your wi-fi network even further. It’s important to note also that VPN security can be enhanced using a robust authentication method. If your VPN has a username and password, you might want to make it more secure by using smart cards.

5. Try not to over-share your screen

Be careful when sharing your screen with a group of people during online video meetings. Don’t leave any windows open that you do not want to share with others. It’s also important that you do not let others in the home look at your information if it’s confidential or if you’ve signed an NDA (non disclosure agreement).

Make sure to remind your colleagues of this, giving them some pointers about how to keep their screen safe from prying eyes. It might be that you’re having a meeting with another department who shouldn’t be seeing something that you’re working on, for example. So it’s paramount that you ensure other employees understand the importance of privacy in the workplace.

6. Be aware of any phishing scams & emails

Phishing scams are relentless these days, more so with the advancements in technology and the prevalence of email messaging. Phishing scams have the sole purpose of stealing personal information and other sensitive details, hence why they’re dubbed to be “phishing”. If you receive any emails that contain suspicious links and/or attachments, then do not open them and do not click on anything. If your email system has a way of reporting suspicious emails, then you must report them as soon as they’re received. Emails are a valuable form of communication between colleagues, so make sure you keep the practice safe and protected.

ICU IT has a team of fully-trained, highly-qualified IT specialists at the helm of everything we do. No matter what you need, from security and maintenance to cloud hosting and business continuity, you’ll be able to rely on us to provide unrivalled IT services for your business, whether your employees are working in the office or at home. For more information, get in touch with a member of our expert team today – we’re always pleased to help.

The post 6 IT Security Tips for Remote Workers appeared first on ICU IT.