I always felt these guys would get more creative and go smaller. This is a story of Internet security issues affecting small business now and in the foreseeable future.
Now you know some of us small businesses are just getting by, with regulation, taxes, health care, legal, insurance along with the contracting of credit. Unable to afford a full time IT guy, the owner allows some computer smart employee to handle most if not all PC/Network issues.
We now have a major phishing scam specifically targeting small businesses. The perpitraitors are Eastern European in nature, but let’s not rule out Russian, Chinese, and Nigerians. They craft an email specifically targeting the bookkeeper, controller or treasurer. That email, "IF" opened, either sends you to a virus infected site or the site installs malware using key logger technology to steal passwords and bank account information from the unsuspected financial worker.
They recruit individuals in the US to setup bank accounts to wire funds back to Eastern Europe. Here is an excerpt from the Washington Post article By Krebs Washington Post Staff Writer
Many have begun to come forward to tell their tales. In July, a school district near Pittsburgh sued to recover $700,000 taken from it. In May, a Texas company was robbed of $1.2 million. An electronics testing firm in Baton Rouge, La., said it was bilked of nearly $100,000.
Article Link
Please watch closley for thsi distributed email linking malware. Plain and simple, think before you click. That has to be the number one security advice I can give anyone. Because no matter how much protection you have, this one email will come through, and believe me, you will get fooled and bang! You are owned. Companies that bank online are regulated under the Uniform Commercial Code, which holds that commercial banking customers have roughly two business days to spot and dispute unauthorized activity if they want to hold out any hope of recovering unauthorized transfers from their accounts.
Here are a few more tips for small business:
- Make sure your anti-virus/security software is running properly, that it’s turned on and not disabled.
- If your office has a dumb router, think really hard of replacing it with a Sonicwall Unified Threat Management Router. These things are cool. We sell 'em for a reason. The optional services (Gateway Anti-Virus - checks for viruses at the router even before they get in your network, Gateway Anti-Spam - same as the Anti-Virus, Content Filtering - Ahh those bad infected sites, and Intrusion Prevention) are a must. And Sonicwall's ores a great job of bundling all of the services for a cost effective price point.
- Keep your PC up to date with security patches and updates.
- Don’t have your kid play with your work PC!
- Lastly, the cost of getting owned, far outweighes the cost of a Sonicwall TZ100, TZ200 with the optional services turned on.
That’s a good start to keep you protected. Remember a PC is not something you buy and don’t maintain. That mindset just doesn’t fly in the era of brute malware. If you’re a business in the Central Jersey Shore, there’s no reason to call us for free network evaluation to show your weaknesses against these attacks. Then you can decide on whether you’d like to have our team manage your network for a low monthly fee.
Please, protect yourself and your business.
Nick Stango, Owner, Dataserv
No comments:
Post a Comment