VIRUS ALERT – AGL Energy Bills Scam

Recently, AGL have been plagued by an email scam. The energy company have release a statement acknowledging the email scam advising that “the scam email presents as an e-account and asks readers to click on a link,” the statement said. It “contains malicious malware that has potential to access personal information. AGL advises it will never send an email asking for personal banking or financial details. Anyone receiving a suspicious email should delete it immediately or, if opened, not click on any links within the email.” The email scam has been reported to the Australian Federal Police, Scamwatch and the Australian Competition and Consumer Commission.

agl-scam-email

The email has been created to look identical to AGL Energy electronically sent bills which prompts the user to click to download a copy.

It then saves a .zip file including the malware “ransomware” which has been designed to block access to a computer system until a sum of money is paid.

Over 10,000 Australian’s are reported to be infected with the malware.

If you receive this email please do not open the attachments and delete the email immediately.

A few tips to help you stay protected:

  • When attempting to open it on your phone or MAC devices, it will give an error to use a Windows computer
  • The .zip file will be suspicious
  • The URLs will be in the form of “checkyourbills.com” or “electricitybill.com”
  • Ensure that your backups are working and you have a rotating set of drives or tapes
  • Ensure your Antivirus is up-to-date
  • Be aware of any emails that ask you to reply quickly or act fast
  • Alert users to new malware campaigns immediately.
  • If the email is from someone you do not know, do not open it
  • Implement effective email security tools and policies, such as blocking executable or zipped attachments from unknown senders, or setting email filtering rules.
  • Prevent downloading executable or zipped attachments via HTTP/HTTPS connections.
  • Microsoft Essentials, AVG, and other free AV products should not be used
  • Isolate infected endpoints from the network as soon as possible
  • Subscribe to alert services such as Australian Government’s Stay Smart Online, which updates on the latest trends in our region.

If you have received this email and have any urgent concerns regarding this issue, please contact Interlinked on 1300 302 207.

Related posts:

Email Clutter

Is your inbox Clutter-ed?

If the answer is yes, you will love this Microsoft feature!

Clutter is an email filtering option available to Office 365 users. Similar to an anti-spam filter, it moves low priority emails (determined based on your reading habits) into a ‘Clutter’ folder where they can be reviewed later or simply ignored.

The feature was enabled by Microsoft for all Office 365 accounts in June 2015.  Individuals can choose to disable it by logging into Outlook Web Access (OWA): Click on the Gear, Options, Automatic Processing, Clutter and select Don’t separate items identified as Clutter then click Save.

How to use Clutter

Users can drag messages they deem suitable to the Clutter folder to “train” the tool to spot similar email in the future. The tool gets smarter over time, learning from your prior actions with similar messages.

Once Clutter is enabled in OWA, it appears in other clients linked to that Exchange account, including Outlook on both Windows and OS X desktops and notebooks, and the iPhone and Android OWA apps.

Password Statistics

Statistics: How does your password compare? [Infographic]

When was the last time you changed your password?

According to a recent survey of 2,000 people, almost three-quarters use the same exact password for more than one account. About 40% of people have had an online account hacked, a password stolen, or their personal information compromised. Despite this, they’re still using weak, old or duplicated passwords that can be easily stolen or hacked.

How can you make sure your online accounts are safe? This infographic below from TeleSign tells us some compelling statistics about password safety, common password mistakes, and how to protect your online accounts with more than merely a password.

Passwords Infographic

For further tips and examples on choosing a secure password, see our post “Is your password asking to be hacked?”

Is your business cloud-ready

Is your business cloud-ready?

Thinking of moving your business to the cloud?

Migrating to cloud is a complex project that presents significant business risks, you must carefully analyse your business’ readiness before you begin. Here are five important areas to start your analysis with:

1. Workloads

Evaluate workloads or the group of applications that you want to move to cloud. Common examples of workloads are business applications, email servers, SaaS services, external/internal websites, FTP servers and many more.

Business application workloads (as opposed to infrastructure services) form the bulk of a company’s servers. Some of these workloads are independent while others are interlocked with add-on applications. It is essential to migrate all the add-on applications together, which are heavily dependent on the primary application.

You may want to migrate all interconnected workloads together, which sometimes constitutes 60 percent of the total servers. This requires more pragmatic and detailed analysis.

2. Prioritising

Test a non-critical application’s migration to cloud before committing to a total cloud transformation. If your company has multiple critical applications, prioritisation should be done in batches or waves. The first non-critical application moved to cloud should be important enough for you to make the strategic decision for the rest of the applications.

3. Timelines

You must decide the specific time slots for your migration. For example, during a certain part of the year, a business application’s performance may be key in driving the company’s revenue. Clearly, this would not be the ideal time for a migration. It is important to determine the best timeframe when migration can happen with minimal disruption to business activities.

4. Grouping or interface

Sometimes subcomponents of the same application are named differently. Over a period of a business application’s lifetime they are treated and funded separately, however when it comes to moving to cloud, these subcomponents are part of the same combined application. Correctly determining the existing business application and infrastructure footprint is essential.

You would also need to document all the interfaces, synchronous/asynchronous data, and file transfers. This enables best permutation/combination approach for the set of applications/server images to migrate to cloud. The number of servers going live in a particular timeframe may also limit the migration.

5. Migration strategy

Migration is considered a pure “lift and shift” of the software stack: operating system, applications, databases, interfaces and other components. In this approach, the customer expects similar functionality and features after the application is enabled in the cloud environment.

The second approach, “big bang”, is an accelerated approach where migration and an upgrade are combined together. For some customers, the big bang approach works better. It saves cost and manpower requirements by combining testing for the two changes. A single go-live also enables the company to achieve the same goal in shorter duration. The benefits will almost always outweigh the risk when using this approach.


What next?

If you are unsure of the steps you should take for your business cloud migration, speak to our friendly team on 1300 302 207 or send us a message online here. We’re always happy to help!

Public WiFi Security

3 questions you must ask about public WiFi security

In this day and age we are constantly digitally connected, whether it is for personal use or for work.

Mobile data usage can start to become costly if you are using it frequently for heavy downloads such as videos and images. With the increasing need for internet on-the-go, there is also a surge in the number of free public WiFi networks that we can connect to. It is all so easy that we often forget to perform the necessary security checks, or simply don’t bother to.

Are you aware of the security risks involved with public WiFi connections?

White hat hackers have proved that usernames, passwords, banking details, and contact lists can easily be accessed from public WiFi hotspots. For instance, in 2013, First Base Technologies conducted two tests with security firm Trend Micro, and they were able to get very personal details of people through a test public WiFi network, even after forcing these people to consent into allowing their data to be collected.

Using a 4G router for internet access, which was wired to a separate wireless access point and a laptop between the two to capture traffic via packet-capturing software, the white hat hackers were able to get personal data on the participants. None of the participants were aware of the ability to set up rogue wireless access points disguised as legitimate hotspots to steal information.

Are you or your employees at risk of compromising confidential information using public WiFi?

If you’re planning to use a computer, make sure your antivirus and antispyware software is always up-to-date. Avoid turning off your firewall – if you use Windows 7 or Windows 8, you are able to configure your firewall to block unsolicited attempts to connect to your computer while using a public network.

In addition, you should strive to choose the most secure connection available. Sometimes paying for access is necessary, but it’s worth the cost. A password protected connection is always better than one without.

When possible, save your financial transactions for a home connection. When using a public network, credit card numbers, passwords, and financial information in general are less secure. If you must make financial transactions using a public network, make sure there is a locked padlock icon in the URL address bar.

Does your organisation have a thorough understanding of security risks?

Every employee has a responsibility to make sure they’re educated about the risks of wireless computing on public WiFi, and it is important to involve all individuals with the maintenance of security controls.

Many internet users are not aware of the potential security risks involved with public WiFi. Speak to your IT Manager or Services Provider today and learn how you can better protect yourself while connecting to the internet publicly.

Interlinked - Business Disaster Ready

Is your business disaster-ready?

Disasters can strike at any time, whether they be caused by human error, malicious attacks or natural disasters such as fires and floods.

When unforeseen incidents occur, the organisation’s disaster recovery plan should instantly come into action to ensure that business continuity can be maintained with either no interruption or a minimal amount of it.

Business continuity involves thinking about the business at a higher level and asking: how quickly can I get my business operating again in case of system failure? Investment in business continuity is like buying insurance, and should be a vital part of any business plan since the best way to prevent downtime is to keep a step ahead of potential disaster.

Don’t be complacent

Most businesses think they are ready for business continuity, but once disasters actually strike the real problems occur. The issue is that consciousness slips as time goes on. What businesses must be able to do is to minimise the impact of unplanned downtime when something disruptive happens. With so many ways to connect with the world in today’s society, the reputational risk with a business not being able to function as it should is huge.

Downtime is real, and it’s costly. According to research by the Aberdeen Group, the cost of downtime by company size are: small companies approximately $8,581 per hour; medium companies $215,638 per hour; and large enterprises $686,250 for every hour of downtime.

The numbers speak for themselves: you need to plan for downtime. If you do not currently have a clear disaster recovery plan in place, start by speaking to your IT department or IT service provider to devise one that is suitable for your business.

Backup!

Traditionally, backing up is performed overnight when most users have logged off their organisation’s systems using a rotation of tapes. Despite being a technology that is more than four decades old, 61% of SMBs still ship backup tapes to a storage facility or another office. The processes for saving data to tape, removing it to a remote location, and retrieving it for disaster recovery are extremely cumbersome and time consuming, costing business hours of downtime that can otherwise be avoided.

Today as we expect 24×7 usage and the amount of data is rapidly expanding, it is increasingly important to employ updated solutions that can cater for such around the clock needs.

Consider backing up to the cloud – your backups are stored in data centres offsite to rule out the possibility of data loss due to physical damage to your business location, and recovery time is quick as it can all be done remotely. Automated backup methods can also be set up at a regular interval to ensure all your latest data are saved securely and can be quickly accessed should something go wrong.

Test, test and test

Anyone who has executed a plan before would know that things don’t always go as expected.

To ensure that a disaster recovery plan works, it has to be regularly tested. Backups need to be performed regularly with continuous availability, and testing will help to iron out any flaws in the process before disaster strikes.

Is your business disaster-ready?

How ready do you think your business is now? It always helps to discuss with professionals, so speak with your IT manager or service provider. The last thing you’d want for your business is to realise that you don’t have the necessary recovery methods – only after it’s too late.

Interlinked - 8 Apps to Train Your Mind

8 Free Apps to Train Your Mind

With the convenience of enterprise mobility and 24/7 access to work, we often forget to set time aside for something very important: our minds.

Following our successful mindfulness post, this time we want to share a list of 9 free apps with a slightly different function – training your mind.

Are you ready? Go!:

  1. Elevate
    A new type of cognitive training tool designed to build communication and analytical skills, members are provided with a personalized game-based training program that adjusts over time based on performance.
    The more you train with Elevate, the more you’ll improve critical cognitive skills that are proven to boost productivity, earning power, and self-confidence. Users who train at least 3 times per week have reported dramatic gains and increased confidence.
    Compatibility: iOS & Android
    Price: 
    Free
    Website: 
    elevateapp.com
  2. Lumosity
    This app was designed by neuroscientists to train memory, attention, and more. With foundations in the study of neuroplasticity, Lumosity creates a Personalized Training Program that challenges your brain through games.
    Compatibility: iOS & Android
    Price: Free
    Website: www.lumosity.com
  3. CogniFit Brain Fitness
    A scientifically validated brain fitness technology that assesses your cognitive abilities and recommends what skills to focus on based on your results. Play different brain games to challenge your mind and train your cognitive skills like never before!
    Compatibility: iOS
    Price: Free
    Website: www.cognifit.com
  4. Haste
    Borrowing elements from word games, Boggle and Scrabble, this app is a fast-paced word game that helps you to think quickly. Choose an opponent, and link the game with your Facebook account to play your friends to see who can identify the most words by drawing lines between letters.
    Be careful, Haste is so addictive we predict it could bring about workplace rivalries.
    Compatibility: iOS
    Price: Free
    Website: exose.com
  5. Fit Brains Trainer
    With over 360 games and puzzles, there’s no getting out of your training with Fit Brains.
    The app works out five major areas of your brain: concentration, logic, memory, language and visual skills.
    It also uses a learning system that automatically scales the level of each brain game to your appropriate level and lets you compare your results with other people in your age and gender demographics.
    Compatibility: iOS & Android
    Price: Free
    Website: www.fitbrains.com
  6. BoxPop
    In business you need to have your mind on the big picture. Get your brain used to plotting baby steps so you reach your overarching vision with this chess-inspired strategic puzzler.
    Compatibility: iOS & Android
    Price: Free
    Website: freshplanet.com/games/boxpop
  7. Learnist
    If you crave culture and knowledge, this is the app for you.
    Learnist is a crowd-sourced collection of information from academics spanning a gamut of subjects from food and health to sports. This app will help you explore varied interests. You also have the option to purchase advice from well-known experts for intense learning sessions.
    Compatibility: iOS & Android
    Price: Free
    Website: learni.st
  8. Happify
    If your mood is down from the challenges of life, here’s an app that will help you slow down and look at the big picture.
    Through quizzes, polls and a gratitude journal, Happify aims to teach life-changing habits so you can beat stress and achieve your goals.
    Compatibility: iOS & in beta for Android
    Price: Free
    Website: my.happify.com

A small change in your daily habits or ways of thinking can have large impacts on your life – both personally and professionally. With so many free tools readily available, there is no reason to not try them out – so get brain fit today!

Choose the right business phone system with Interlinked

Choosing the right phone system for your business

Are you looking to purchase a new business phone system?

It is important that you understand the types of phone systems you can choose from and decide on the product that is right for you and your team. Things for consideration include your budget, whether or not your growing business will require more extensive features in the near future, whether you have IT staff that is capable of running and maintaining any in-house hardware, and if you have access to a high-speed internet connection.

To assist with your decision, the Interlinked team has put together a quick summary for your comparison:

1. Landline (Standard PABX)

  • Analog / digital systems that run via the telephone company’s traditional copper wiring
  • To run landline service, you need on-premises PABX hardware. This is the hardware that is used to create multiple extensions and allow for phone system features, such as call transferring and call directories

Most suitable for: These systems are typically best for large organisations that have the budget to pay for it and an in-house IT staff to run and maintain it.

2. Hosted PABX

  • This is similar to standard PABX (see above), however instead of using on-premises hardware, your phone system is hosted and/or operated by your provider
  • Works with your existing telephone service or can completely replace it
  • Can be used with landlines, mobile phones, or VoIP service

Most suitable for: Businesses that want the functionalities and features of the standard PABX but do not have the budget or resources to run and maintain the hardware in-house.

3. VoIP phone systems

  • Rather than only using the traditional copper wires that landlines use, VoIP uses the same internet connection that a company is already using to get online
  • VoIP systems provide other unique features in addition to the standard features included in a PABX system, such as computer integration that allows voicemails to be sent to email inboxes and laptops or desktop computers to be turned into “virtual phones”
  • VoIP systems provide mobile options that give remote workers access to a business’s phone system via their smartphone
  • Choice between self-hosted or cloud-based options depending on the level of resources you have available to install and maintain hardware

Most suitable for: These systems are best for small businesses that want the functionality of a sophisticated phone system at a reasonable price and for businesses that want their remote employees to have access to the phone system.

4. Virtual phone system

  • Virtual phone systems work by connecting a business phone line to remote workers on their mobile phones or home phones
  • These types of systems work as an extensive call-forwarding solution, wherein calls are transferred to each employee’s designated phone – mobile or home – when a customer or client calls the main business number
  • These systems include a variety of features, such as automated receptionists, voicemail, call forwarding, call screening and online faxing

Most suitable for: Businesses that are comprised solely of remote workers or sole trader businesses.


Are you unsure of the most suitable product for your business?  Speak to our friendly team on 1300 302 207 or send us a message online here.

 

Virus Alert

VIRUS ALERT – beware of these spam emails

We have received a large influx of emails containing malicious attachments in the last 48 hours, with content relating to account balances, outstanding invoices, investments and pay cheques.

Virus Email Screenshot

 

Virus Email Screenshot

Virus Email Screenshot

Virus Email Screenshot

If you receive such emails please do not open the attachments and delete the email immediately.

A few tips to help you stay protected:

  • Ensure that your backups are working and you have a rotating set of drives or tapes
  • Ensure your Antivirus is up-to-date
  • Be aware of any emails that ask you to reply quickly or act fast
  • Alert users to new malware campaigns immediately.
  • If the email is from someone you do not know, do not open it
  • Implement effective email security tools and policies, such as blocking executable or zipped attachments from unknown senders, or setting email filtering rules.
  • Prevent downloading executable or zipped attachments via HTTP/HTTPS connections.
  • Microsoft Essentials, AVG, and other free AV products should not be used
  • Isolate infected endpoints from the network as soon as possible
  • Subscribe to alert services such as Australian Government’s Stay Smart Online, which updates on the latest trends in our region.

If you have received this email and have any urgent concerns regarding this issue, please contact Interlinked on 1300 302 207.

Related posts:

DDoS Attacks - Identification and Preparation

How to identify and prepare for DDoS attacks

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. The flood of incoming traffic to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.

These attacks are not new, however, the volume of attacks has surged over recent months, including the largest DDoS attack on a European network in February and continued DDoS attacks which shut down one of the world’s largest Bitcoin exchanges, MtGox.

The source of the traffic is usually a network of compromised “zombie” computers (also known as a botnet) that send the traffic. Hacker forums, blogs, and even YouTube share easily accessible information on how to set up a DDoS attack, making it possible for anyone with an internet connection can launch an attack.

Not only are DDoS attacks difficult to deal with – they can also have detrimental consequences for businesses.

How can you tell whether you’ve been the victim of a DDoS attack?

It can be challenging to determine if your website is down due to legitimate traffic, or because of an attack. The key to telling the difference lies in the length of time the service is down for. If slow or denied service continues for days rather than a short period during a spike in traffic, then it is time to start to look into the issue.

Unfortunately, you cannot simply check to see if all of the traffic is coming from the same IP address, as this is the exact purpose of a DDoS: to have traffic coming from multiple sources.

How can you prepare yourself?

You don’t want to wait until business has been compromised by an attack to protect yourself. Here are a number of steps to prevent you from becoming an easy target and keep your network clean of spammers and other criminals:

1. Be aware

Invest in technology that allows you to know your network’s normal behaviour and will make you aware of any abnormal incidents such as a DDoS.

2. Boost capacity

Make sure you provision enough server capacity and tune for best performance under high load. Build the biggest network you can with effective elements for advanced mitigation.

3. Practice your defence

Knowing how to use your defensive strategy is just as important as buying and installing it. Practice the drills over and over to get it committed to your staff’s minds.

4. Get help

If you don’t have the resources to deal with attacks in-house your best bet is to speak to a managed service provider who can monitor your network’s performance closely and react instantly when abnormal behaviour is detected.


Do you have questions or concerns about DDoS attacks and their effects on your business? Speak to our friendly team on 1300 302 207 or send us a message online here.