What’s New
OpenDNS Umbrella. Provides security beyond the firewall. Predict attacks before they happen.
OpenDNS Umbrella creates a new layer of cloud-delivered protection in network security, both on and off the company network. Umbrella prevents malware and phishing over any port or protocol.
Call me at (214) 329-1349 to learn more about this valuable new security service.
Who Wants To Win A $75 Gift Card?
Here is last month’s Trivia Challenge Quiz: Amazon was not the name Jeff Bezos originally selected for his Internet start-up company in 1995. What name was his first pick? a) Kagera b) Bookmeister c) Juggernaut d) Cadabra. The correct answer was d) Cadabra.
Now, here’s this month’s trivia question. The winner will be entered in our next quarterly drawing with a chance to win a $75 gift card.
Which of the following worldwide computer viruses caused an estimated $5 billion worth of damage?
a) Code Red
c) Melissa
b) ILOVEYOU
d) Cryptolocker
Call us right now with your answer!
214-329-1349.
5 Ways To Spot A Social Engineering Attack
“I’m not going to make payroll – we’re going to close our doors as a result of the fraud.”
Unfortunately, that statement is becoming more common among smaller businesses, according to Mitchell Thompson, head of an FBI financial cybercrimes task force in New York.
The FBI reports that since October 2013 more than 12,000 businesses worldwide have been targeted by social engineering–type cyberscams, netting criminals well over $2 billion. And those are just the reported cases. Often, due to customer relationships, PR or other concerns, incidents go unreported.
These unfortunate events were triggered by a particularly nasty form of cyberattack known as “social engineering.”
Social engineering is a method cyber con artists use to lure well-meaning individuals into breaking normal security procedures. They appeal to vanity, authority or greed to exploit their victims. Even a simple willingness to help can be used to extract sensitive data. An attacker might pose as a coworker with an urgent problem that requires otherwise off-limits network resources, for example.
They can be devastatingly effective, and outrageously difficult to defend against.
The key to shielding your network from this threat is a keen, ongoing awareness throughout your organization. To nip one of these scams in the bud, every member of your team must remain alert to these five telltale tactics:
- Baiting – In baiting, the attacker dangles something enticing to move his victim to action. It could be a movie or music download. Or something like a USB flash drive with company logo, labeled “Executive Salary Summary 2016 Q1,” left where a victim can easily find it. Once these files are downloaded, or the USB drive is plugged in, the person’s or company’s computer is infected, providing a point of access for the criminal.
- Phishing – Phishing employs a fake e-mail, chat or website that appears legit. It may convey a message from a bank or other well-known entity asking to “verify” login information. Another ploy is a hacker conveying a well-disguised message claiming you are the “winner” of some prize, along with a request for banking information. Others even appear to be a plea from some charity following a natural disaster. And, unfortunately for the naive, these schemes can be insidiously effective.
- Pretexting – Pretexting is the human version of phishing, where someone impersonates a trusted individual or authority figure to gain access to login details. It could be a fake IT support person supposedly needing to do maintenance…or an investigator performing a company audit. Other trusted roles might include police officer, tax authority or even custodial personnel, faking an identity to break into your network.
- Quid Pro Quo – A con artist may offer to swap some nifty little goody for information… It could be a t-shirt, or access to an online game or service in exchange for login credentials. Or it could be a researcher asking for your password as part of an experiment with a $100 reward for completion. If it seems fishy, or just a little too good to be true, proceed with extreme caution, or just exit out.
- Tailgating – When somebody follows you into a restricted area, physical or online, you may be dealing with a tailgater. For instance, a legit-looking person may ask you to hold open the door behind you because they forgot their company RFID card. Or someone asks to borrow your laptop or computer to perform a simple task, when in reality they are installing malware.
“The problem with social engineering attacks is you can’t easily protect your network against them.”
The problem with social engineering attacks is you can’t easily protect your network against them with a simple software or hardware fix. Your whole organization needs to be trained, alert and vigilant against this kind of incursion.
For more on social engineering as well as other similar cyberthreats you need to protect your network from, get our latest special report on this crucial topic:
Don’t let your organization be caught like a sitting duck! You’ve worked way too hard to get where you are today to risk it all due to some little cyberhack you didn’t know about. Call us at 214-329-1349, or e-mail me directly at info@rangersolutions.com, and find out more on how to prevent your company – before your company becomes yet another social engineering statistic.
VIRUS OF THE MONTH: GozNym
A virus called “GozNym” is targeting banks and online banking customers
with “a new level of sophistication,” CNBC reports.
This malicious software, or malware, has already been used against banks in the U.S., Canada and Europe and has helped steal at least $4 million, Etay Maor, an executive adviser with IBM Security, tells CNBC....
The malware is especially dangerous because it’s:
- A combination of two pieces of malware. The first infects a computer. The second waits silently until a computer user visits a financial institution’s website. Then, the malware captures the user’s log-in information.
- Harder for researchers to analyze. With this malware, hackers doubled the encryption, Maor says: “We’ve never seen this before.”
- Harder for anti-virus software to detect. That means your computer could become infected without you knowing.
While GozNym might be more concerning or dangerous than most malware, many of the standard rules for protecting yourself still apply. CNBC’s tips for avoiding GozNym include:
- Do not use the same password for multiple accounts. If hackers steal that password, they could access all of those accounts instead of just one. ...
- Establish a second way to check your financial account balances in addition to online banking — paper statements, ATM receipts or a mobile app, for example. CNBC reports that the criminals behind GozNym are so sophisticated they can change online banking websites to show full balances even after they have transferred funds out of an account.
- Do not use the same password for multiple accounts. If hackers steal that password, they could access all of those accounts instead of just one. ...
- Establish a second way to check your financial account balances in addition to online banking — paper statements, ATM receipts or a mobile app, for example. CNBC reports that the criminals behind GozNym are so sophisticated they can change online banking websites to show full balances even after they have transferred funds out of an account.
http://www.moneytalksnews.com/goznym-malware-successfully-targetingbanks-online-bank-accounts/
Your Crystal Ball For Hiring
I don’t know if what I’m about to share with you is impressive or pathetic...
First, a brief history, to earn your trust. I studied in graduate school 20 years ago with the Father of Management, Peter Drucker. He estimated that managers make hiring mistakes 50% of the time.
This topic of hiring talented teams always intrigued me. My father was an industrial psychologist, so I had been around this topic for my whole life. In 1998 I finished my PhD dissertation on this topic of evaluating various methods for hiring. I had read about 50 years’ worth of research and noted some interesting findings, like “Don’t ask hypothetical questions.” As it turns out, candidates give you hypothetical answers. Yet today, so many leaders pose hypothetical questions to their candidates – “How would you do this? How might you do that?”
During my PhD dissertation study, I found that, consistent with the field of research, there were a few key things that really worked in interviewing: 1) to have a specific set of criteria in mind (scorecard), 2) to collect not a little, but a lot – hundreds of data points – on a candidate’s accomplishments and failures from their actual past experiences, and 3) then scoring candidates on a consistent set of criteria (apples to apples).
These “past-oriented interviews,” as I called them in my PhD dissertation, were the most valid and reliable predictor of a candidate’s future performance on the job (as opposed to “future-oriented” or hypothetical interview formats). I wanted to share this important insight with the world. To give leaders a crystal ball.
An interview process, if done right, gives you a crystal ball.
For the last 20 years, my colleagues and I have used this approach to evaluate over 15,000 candidates for leadership jobs in all industries. We have taught thousands of people how to use this method for hiring – business leaders, entrepreneurs, as well as government leaders, including three sitting US governors, and top brass in the military. It works. Clients who follow our methods achieve a 90% hiring success rate. And you can too. (Come to my SMARTfest event and I’ll teach you how!)
And this approach follows a very simple structure of collecting highs and lows from a candidate’s education years, then asking five questions about every job: What were they hired to do? What did they accomplish that they were proud of? What were mistakes in that job? Who did they work with and how were they viewed? And why did they leave that job?
This is straight out of our book Who, which has been – since its publication in 2008 – the #1 top-selling and mostacclaimed book on this topic in the world. And this topic, hiring talented teams, has become the #1 topic in business, if you look at any recent survey of what’s on the minds of CEOs and investors.
We want you to apply this concept to improve your hiring success rate from 50% to 90%. That’s why we’re giving you free access to the Who Interview Template at GeoffSmart.com/smartthoughts.
Geoff is Chairman & Founder of ghSMART. Geoff is co-author, with his colleague Randy Street, of the New York Times bestselling book Who: The A Method for Hiring and the author of the #1 Wall Street Journal bestseller Leadocracy: Hiring More Great Leaders (Like You) into Government. Geoff co-created the Topgrading brand of talent management. Geoff is the Founder of two 501c3 not-for-profit organizations. SMARTKids Leadership Program™ provides 10 years of leadership tutoring and The Leaders Initiative™ seeks to deploy society’s greatest leaders into government. Geoff earned a B.A. in Economics with Honors from Northwestern University, an M.A., and a Ph.D. in Psychology from Claremont Graduate University.
Shiny New Gadget Of The Month:
Finally: An Easy Way To Control The Family Net
Got kids aged six to 16?
Circle With Disney is a new device that helps make Internet struggles at home a thing of the past. Imagine: no more negotiating with kids to get off the web and come to dinner (or get their homework done).
This 3½-inch white cube with rounded corners (it’s not exactly a circle…) lets you control Internet usage around your house with a tap on your iPhone. (Android compatibility coming soon.)
With presets by age group, or custom controls, Circle helps you restrict who in your family surfs what, and when. It also tallies how much time each person spends on any site. You might even want to monitor your own Facebook or Pinterest time (or maybe not…).
Circle also lets you put your whole home network on pause, sets up in about five minutes and works with your router.
Just $99 at MeetCircle.com may be all you need to win your family back from the web – at least for a few minutes a day.
Quick Tips
Want to know your Lyft or Uber passenger rating?
Ratings are a two-way street with both Uber and Lyft. Of course, as a passenger you can rate your driver. Yet passengers are rated too, by their drivers. To find your average Uber passenger rating, open your Uber app and tap the menu bar in the top left corner. Then follow this path: Help > Account > “I’d like to know my rating.” Tap “Submit” on the explanation page and your rating should then appear. Lyft has no such system, however their support team may send your average passenger score to you if you request it. Want to improve your score? Be nice to your driver and show up at your pickup location on time.
-Glitterless.com
Forget apps…here comes the voice-controlled future.
Soon, we won’t be fumbling around with a gazillion different apps, trying to figure out which one turns off the sprinklers in the front yard… Apple Siri, Amazon Echo and now Google Home all point to the future of digital living. When it comes to voice plus smart machines vs. finger taps on a phone, voice wins, hands down. You don’t want to use a weather app, you just want the forecast. Your customers won’t go to your website and download an app; they’ll interact with your business in some way by voice. That future will arrive in the next five to 10 years. Will your business be ready?
-Inc.com
Skip the airport – just hop in your e-jet and fly!
By 2018, owning your own batterypowered VTOL (Vertical Takeoff and Landing) two-seater could be one step closer to reality. That’s the plan for the Lilium Jet, being developed in Germany under the auspices of the European Space Agency. This Jetsons-looking aircraft sports “fly-by-wire” joystick controls, retractable landing gear and gull-wing doors. Its developers claim it will have a top speed of 250 miles per hour and could be available to the public as soon as 2018. Designed for daytime recreational flying, it’s quieter – and safer – than a helicopter, thanks to its battery-powered ducted fan motors and intelligent, computercontrolled takeoffs and landings. And pricing, according to its developers, will be far less than similar-sized aircraft.
-GizMag
Is your mobile website stressing people out?
Of course, page-load times can affect conversion and brand perception. But did you know they also affect user heart rate and stress levels? According to a 2016 study on mobility by Ericsson, page-loading delays lead to an average 38% jump in heart rate. Remember the last time you watched a horror movie? It's about that stressful… Not how you want your visitors to feel. To keep your page loads painless and your visitors happy, make sure your website is mobile-friendly. It needs to be quick and easy to navigate and engage with. You have a lot at stake in your website – and making it stress-free for visitors could make a big difference.
-HubSpot Blog