Page 2 of 5

August 2018 Email Data Loss Improvements

In June 2018 we announced that we have improved our filtering service to include Data Loss Prevention or DLP.

Over the months after releasing this new feature. We have stopped some information being leaked as well as putting a temporary holt to some emails while they are approved.

Now in August we have brought more improvements. These are to the existing detection rules and included more rules protecting even more data types!

The Current data we protect is: –

  • UK National Insurance Number
  • UK Driving License Number
  • UK Passport Number
  • Visa Card Number
  • Mastercard Card Number
  • Maestro Card Number
  • American Express Card Number
  • China UnionPay Card Number
  • Japan Credit Bureau (JCB) Card Number
  • Discover Card Number

If you have sensitive data that you feel should not be freely sent via email, be this in the message body or as an attachment please let us know. We are always looking to improve and protect!

August 2018 Website Security is Changing

Security history

Websites have always used the http:// prefix which tells a browser it’s a webpage. With the introduction of online payments https:// was introduced, this is a secure version of http://. This security was achieved with an SSL certificate to encrypt communication from you to the website.

This was a great move, but getting the standard web user to always check they are using https and not http was hard. So web browsers added a padlock which was green, this made things easy to spot.

 

Why change?

As time has gone on, scammers and hackers have improved their techniques. As a result, better information in a simply format is needed.

These changes as a web user will be to your advantage. But to a business with a website you might want to take action.

 

What is changing?

The first step in these changes came from Google back in 2014 when they stated websites with an SSL would be ranked better. This step has encouraged business to use SSL certificates on all websites and not just online shopping/banking.

Due to smaller businesses and the requirement for SSL being expanded, this has put more importance on the EV SSL certificates which was ratified by Melih Abdulhayoglu and the CA/Browser Forum in 2007.

This is all well and good, but the end user due to web browsers are not getting a clear message. So during August web browsers like Google Chrome will be changing what they display to help.

The below table shows you what you will expect to see any why.

No SSL CertificateWebsite with no SSLAs you can see from your address bar you will be informed that data sent between you and the site is not secure because no encryption is used.

You are not advised to enter any information on sites like this.

Basic SSL CertificateWebsite with Basic SSLBasic SSL’s provide encryption for communication between you and the website.

These certificates validate the sites address and data is secure.

Submitting information to a site with this is safe during transport, but you cannot be sure who the company is.

EV SSL Certificate

(Extended Validation SSL)

Website with EV SSLThe extended SSL not only provides you with the same protections as basic but also provides website owner information.

The information in the EV SSL has been verified as part of the validation process so you know the company is real.

With this new layout of information you should be able to make an informed decision where you enter usernames and passwords or personal information.

July 2018 Bitcoin Porn Scam with Passwords

What’s the scam?

The scam is a simple social engineering scam to scare you into paying someone in the form of Bitcoin.

This particular scam is stating people have been recorded watching porn on their computers. Some of the emails even suggest that they have also recorded you via your webcam watching it.

So, this might not sound too bad and you could just delete it. But to really scare you the scammers include your password! This password will more than likely be genuine too, increasing the scare factor.

 

Why do they want payment in Bitcoin?

Usually if you pay for something on the Internet, you use a credit or debit card. That card is connected to information about you, such as your name and billing address.

You can use bitcoin the same way, but unlike a credit card, the transactions you make using the currency are completely anonymous. They can’t be used to identify you personally. Instead, whenever you trade in bitcoin, you use a so-called private key associated with your wallet to generate a bit of code called an address. The address is then publicly associated with your transaction but with no personal identifying information.

 

How did they get my password?

The honest answer is “no one can say for sure”. What we can say is that the data is likely due to one of the many data breaches that happen throughout the years.

Hopefully the company that was breached have already informed you about the breach and advised you on what was taken. unfortunately, we know this does not always happen or the information was not clear enough.

You check if your data has been part of a breach, visit website https://haveibeenpwned.comThe library found here allows you to check your email address and passwords to see if they have been “pwned” or not. If you find any of your data on haveibeenpwned it is important take any required steps to protect yourself.

 

What should I do about it?

We have broken down the different parts of the scam so you focus with ease on what to do.

Email

With the email, never reply to it!

If this is your work email address, and you have email filtering and protection from Strobe IT please raise a support ticket where we will advise you on what to do including the deletion of it.

If this is a personal email account or a non Strobe IT protected platform, please report this as spam to them if possible and delete as necessary.

Password

Depending if the password is still used by a service, website or other system will determine what you need to do here. Passwords that are no longer used can be ignored, but if the password is used anywhere change it immediately!

Additional Steps

Below is a list of additional steps and items to do, making sure you are safe.

  • DO NOT pay the scammer.
  • Change the password as described on all platforms it was used on.
  • DO NOT use this password EVER again.
  • Make sure your anti-virus is up-to-date. [Done by Strobe IT for all maintenance clients]
  • Make sure your operating system (eg, Microsoft Windows) is up-to-date. [Done by Strobe IT for all maintenance clients]
  • If you can enable and use Two-Factor Authentication (2FA).
  • If you wish you can report this phising attempt to Action Fraud.

 

What if I have paid?

If you have received one of these email and paid the fine, report it to your local police force. Once reported, if you are a maintenance client please raise a support ticket with Strobe IT so we are aware and can aid the police where needed.

July 2018 Cyber Essentials

Certified and ready for business!

What is Cyber Essentials?

Cyber Essentials is a government-backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all organisations in all sectors. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

 

What are Strobe IT’s details?

Cyber Essentials Please visit our online certificate to view our details.

 

What does this mean?

This certification shows that we have taken the time to prove the systems we use to store your data and provide our services mean the UK Governments guidelines or better for security.

July 2018 Email Secuity Enhancements

Security improvements via spam filtering (SpamSnake)

What is this about?

As technology improves, we like to improve our systems and setups too. We do this has we look to provide the best services possible, but to also beat the bad guys.

The improvements we have coming throughout July are all email based, and for customers who have our spam filtering service.

 

What improvements are being made?

DKIM

Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing. It allows the receiver to check that an email claimed to have come from a specific domain was indeed sent by the owner of that domain. It is intended to prevent forged sender addresses in emails, a technique often used in phishing and email spam. In technical terms, DKIM lets a domain associate its name with an email message by affixing a digital signature to it.

Throughout July we will be adding these signatures to outgoing emails, and as part of that we might ask you to contact your web hosting provider (if not us) to update the DNS records for this.

Once done recipients of your emails will be able to validate your messages using their filtering systems improving email protection.

Unfortunately if the recipient does not use any email filtering/protection this will not help you.

 

DMARC

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.

Once again  if the recipient does not use any email filtering/protection this will not help you.

 

Routing Rules and Security

To improve security between our spam filtering platform (SpamSnake) and your email servers, we will be introducing rules to lock down transport between both systems.

 

Spam Reporting

To aid in reporting spam emails, or even ham emails (wanted but incorrectly caught). We have been working on an add-in for Microsoft Outlook for simple buttons to report it to us for analysis.

We will use the samples of these supplied emails via the buttons to improve the detection of spam, in turn creating a safer & cleaner inbox.

June 2018 Email Data Loss Prevention

Data Loss/Leak Prevention

What is Data Loss Prevention (DLP)?

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network.

 

How can we stop data loss?

To start with, identifying the type of data you have  using GDPR guidelines is a good start. Once you have identified the data, we need to look at the ways the data could be lost or leaked from the business.

This blog is all about losing the data via email. This could be an employee sending the data or a virus transmitting it over email for instance.

To stop such data loss via email get in touch with one of our team to get your emails protected now.

How do Strobe IT protection emails again data loss?

As of the 28/06/2018, we have upgraded our spam filtering offering called “SpamSnake”. This system now has a DLP module in it to scan outgoing emails.

The system works on rules and patterns we create, and using these rules emails are then stopped and quarantined if they match. Once an email is quarantined we will be alerted to the issue so we can approach you about it.

Currently we have rules that cover the following types of data: –

  • Credit card number
  • Driving license
  • National insurance
  • Passport
  • etc…

We shall be adding to these all the time, but if you have a data requirement contact us letting us know so we can look at adding these for you too.

June 2018 GDPR IT Helpsheet

What do you need from IT for GDPR

For a long time now people have been going on and on about GDPR. Well people could not decide what GDPR meant leaving lots confused and not complying after 25/05/2018.

To help we have put together a very quick summary and tick sheet allowing you to assess your status. This PDF is provided free of charge with no guarantee of legal standing as we are not a law firm, and all policies, procedures and questions should be directed to such a company.

This is purely our interpretation of your IT requirements to allow you to work towards being compliant.

GDRP Help Sheet

June 2018 Helpdesk Changes

Helpdesk and Monitoring Changes

As with all services, changes happen. Sometimes these changes are too often or maybe they seem to be a backwards step. We hope the changes we have introduced are an improvement and the way forwards.

 

Monitoring Agent Branding

As part of our maintenance service agreement, we install an agent on your devices called Comodo ITSM Agent.  This agent allows us to monitor your devices for errors, run corrective processes, update software packages and more.

One thing we have found is that client question what this is, especially when it is asking to reboot your computer. To make this seem more acceptable and self explanatory we have re-branded this to Strobe IT ITSM Agent.

 

Helpdesk Emails

We have for a long time tried to cram a lot of information into a ticket update email, but we have been finding that these are not friendly and do not work on mobiles. To combat this we have re-designed our email templates to remove things like our logo and silly catch phases. We have also taken the useful information like ticket number and topic, and placed them at the top before any update messages so it’s clear what we are talking about.

19th March 2018 – Snow Status

The weather has hit us again, this time no beasts involved.

Unfortunately, for safety reasons we will not be performing site visits today as reports of road closures, accidents and more, show that it is un-safe to do so.

All services are as per normal except for site visits, so if you are able to get in and need help. Give us a call on 01884 664004 or email us on helpdesk@strobe-it.co.uk

1st March 2018 – Snow Status

Whats all this about?

As you all might be aware, the UK has been experiencing especially cold weather. This has now unfortunately hit the South West.

This morning at 06:15 GMT in Tiverton at the office there was nothing to greet us for the start of the day. Unfortunately, by 06:30 this changed bringing in a nice layer of snow.

This weather according too the news is going to get worse as we have store Emma approaching which is set to bring in more snow.

 

How does this effect us?

Well weather like this does not normally effect us, but due to the current conditions we have some alterations.

During the current weather our engineers are still contactable on 01884 6640004 and helpdesk@strobe-it.co.uk , but we shall not to performing any site visits today and until further notice.

We are sorry if this causes issues to your business, but we believe being safe is the best.

Please rest assured our monitoring and remote support is not affected.

 

Service Status

ServiceStatus
Remote SupportService as Normal
On-Site SupportCurrently Unavailable
Internet ConnectionsService as Normal
Office 365Service as Normal
Spam FilteringService as Normal

 

« Older posts Newer posts »