disaster recovery from ITVET

Let’s talk about the elephant in the room…

 

Ensuring you have a solid disaster recovery and business continuity plan in place should be of the highest priority for your business.

Disaster can strike from anywhere at any time, so being prepared is a must. Whether it be flood, fire, or worse, it is imperative you have a tested business continuity plan in place so you have minimal down time in the event of a disaster.

If your software and services are hosted, you can access them regardless of any hardware damage and you will be able to restore your services in very little time and maintain a sense of business continuity. Alongside this, without a backup system in place, you could lose all your data entirely. If you only have paper versions of your records and data, these will almost certainly not survive smoke, fire or water damage, which could potentially lead to you being held liable for loss of records.

Another thing to plan for is remote working. Ensuring your employees can continue working either from home or a temporary location in the event of a disaster is imperative, as if your employees are not able to work this could impact your business reputation and you also run the risk of losing your employees.

If disaster does strike your business, you will need to contact your employees to warn them of the disaster. Alongside this, your clients will still need to be able to contact you, so having a phone system that can be diverted to an alternative location means that in an emergency you will be able to contact your clients, suppliers and employees.

Ensuring business continuity is important, however the most crucial element of a disaster is ensuring no one is harmed, which is why a suitable evacuation plan and being able to track where your employees are on site is essential.

Contact the ITVET team today to discuss your options and ensure you are protected, should disaster strike.


Microsoft Office 2007 No Longer Supported From Oct 2017

 

As a part of a process to increase security and help users to keep up to date with the latest software editions, Microsoft have announced that on October 31st 2017, Office 365 users will no longer have support for the Microsoft Office 2007 application. If you currently use Office 2007, and more specifically Outlook 2007, then you will no longer be able to continue to use this software to access your email from this date.

Why is this happening?

Microsoft, as with all software vendors, are under increasing pressure to combat cyber security threats. As a result, Microsoft is keen to ensure users are working from the most up to date software. As software products reach 10 years old they are now retired from support and will no longer receive patches/updates and will become more vulnerable to security threats. The same process was recently undertaken with Windows XP and Server 2003.

What happens on this date?

Users with Office 2007 will no longer be able to use their Office 365 email accounts in Outlook 2007. Users may also suffer incompatibility and synchronisation issues if they use Microsoft SharePoint Online or Microsoft OneDrive with Office 365.

How can I get up to date and avoid this issue?

Please speak to us to look at the upgrade path available to you. There are a number of options available to upgrade to the latest Office platforms, via one-off purchase, recurring annual, or monthly licensing.

Read the full Microsoft’s full announcement here.

If you would like to discuss your IT, please contact us at [email protected] or call 01279 464 470. You can find out more about our IT solutions here


Business Email Crime scam is on the rise – 400 businesses hit every day

 

Imagine: You return from holiday to discover that your accounts team have wired hundreds of thousands of pounds of company funds to a stranger. What’s more shocking is that it was supposedly by your request. This email scam is trending – CEO fraud or Business Email Compromise (BEC). Over $3 billion have been lost over the past three years with over 22,000 victims across the globe.

How the scam works

Attackers spoof the email address of CEOs or directors. They then send messages to the company’s finance department posing as the CEO, tricking them into wiring money. The fraud usually begins with phishing emails to gain access to inboxes, and also to check whether an out of office reply is received. Scammers use Out of office replies and social media to determine whether their target is absent. Each attack is well-researched and targeted specifically to that company, so it is important to be aware that this scam is around and gaining momentum.

Who is targeted

Small and medium sized business are most targeted by scammers. However, while nearly 40% of victims identify as small to medium businesses, larger corporations have equally been affected. Earlier this year the CEO of an Austrian aerospace parts manufacturer was fired after the company lost 42 million euros to a BEC attack. The fraudsters posed as the CEO in order to transfer money to an account for a fake ‘acquisition’. Scammers often focus on companies that work with international suppliers where transferring or wiring money to international accounts is not out of the ordinary.

For many companies such a request may not seem unusual, which is one reason BEC scammers have had so much success. Likewise, throughout a busy workday an emailed request may be plausible enough to fly under the radar. Scammers follow a working day sending emails when you would expect to receive them – during business hours and avoiding lunch time. It is important to be wary, even in the daily commotion of the office where urgent tasks and distractions may cause security to be lax.

How to stay safe

Hackers cleverly disguise their scams so it is important to be aware of common signs of phishing emails. However, these are a few telling signs to look out for and advice on how to safeguard your company. You can also click here for our blog post with ITVET’s tips for spotting phishing emails.

BEC scam statistics

1. The subject line
‘Request’ is the most commonly used subject line or other single-words such as payment, urgent or transfer. These are hard to filter as the simple mundane subject lines do not arouse suspicion.

2. The email address
Occasionally, the scammer’s email address may on first glance appear to be from your director. On closer inspection you might notice that the domain may be off by one letter e.g. [email protected] Scammers are aware that during a busy day such small, sly changes could go unnoticed.

3. Education
Make sure your accounts team are aware of this thriving scam and to reinforce the importance of acting cautiously around financial transactions.

4. Communication
When it comes to protecting your company from a scam, communication is key. Cross-checking financial requests or two-factor authentication is important, ideally through multiple modes of communication. Verify significant transactions verbally or in person, especially if the request seems out of the ordinary.

To discuss your email security contact our team on 01279 464 470 or email [email protected]


6 Reasons To Outsource Your Company Website

website design with ITVET

6 Reasons To Outsource Your Company Website

Is your website outdated? Maybe it’s time for a refresh – but is it a good idea to take on this challenge alone? Here are six reasons why you should consider outsourcing the design and maintenance of your site:

cost efficient

COST EFFICIENT

Save yourself the salary of a web developer and designer plus the associated cost of recruiting new employees. Maybe you feel that you could build a website in-house, but building a website from scratch can be a difficult and time consuming task. It needs a lot more skill than people often think! Plus, once your new website has been launched the work doesn’t stop there, as it needs regular updates and patches to keep it fresh and secure. Outsourcing to an external team who spend all day writing code can save you the costs involved with learning web development yourself or the expense of hiring your own team. We offer a complete end to end package from initial concept and briefing, design and build, through to the hosting and on-going management. All for an inclusive monthly fee that may surprise you.

time efficient

TIME EFFICIENT

It isn’t just building a website that is time consuming – once set up, the maintenance and administration of updates is equally time consuming. Why burden one of your employees with the additional task of maintaining your site when you can outsource this to our team of web professionals? Our service includes all technical updates, management and includes two content updates each month too!

icon3

EXPERTISE 

As a web Development Company with years of experience, we are passionate about design and new technologies. Our team of web professionals are aware of emerging trends and have the know-how to build features to keep your website looking fresh and modern.

audience icon

REACH ALL YOUR CUSTOMERS

Is your website Mobile friendly? Does it look as good on today’s smartphones and tablets? Google now penalise websites that are not optimised for users with mobile devices, so it pays to make sure your website works on all devices and operating systems. Will it look good on the next generation of hardware? Take advantage of a web developers’ expertise in responsive design and their immersion in the technological world.

screwdriver icon

ENSURE YOUR WEBSITE ALWAYS WORKS

As part of our complete package we will monitor your website 24 hours a day, so that if your site stops working, one of our dedicated team of professionals will know immediately. All of our hosting packages are supported by the ITVET 24 hour, UK based service desk. You can be assured that in the unlikely event of an issue we will be on it straight away, ensuring this vital service continues to be available to your customers.

security icon

SECURITY

Don’t lose your website, or even worse your data! Online threats are increasing all of the time, and more and more websites are being hacked. Without regular updates your site is vulnerable to attacks and viruses. Outsourcing this task to a specialist saves you time and resource. Plus, it keeps your site and data protected. We utilise a whole host of tools and services to monitor and scan your website to ensure the highest level of protection possible.

ITVET website services
Building on our excellent reputation as a market leader in Managed IT & Communications and due to demand from our clients, ITVET are proud to announce the introduction of our new and comprehensive website service team. No matter what your requirement our team of professionals can help.

Website Design from £3,499
ITVET will build you a brand new responsive website, designed to your exact specification and including a content management system. This all-inclusive price represents excellent value, and includes everything from initial consultation and audit of your current website through to launch.

Hosting – from £30 per month
Our website hosting service starts from just £30.00 per month

Fully inclusive package – £150 per month
Host – Hosted on our fully redundant servers in Amazons secure data centre
Maintain – We update and patch your website to keep it secure and running efficiently
Administration – We provide a set number of changes per month to your website content and graphics

Special Offer – save £1,000 on website design when purchased with our full hosting package!

Please contact us today on 01279 464 470 or at [email protected] to explore your hosting & design requirements.

 


Trends You Need to Know About Fraudulent Emails

fraudulent emails

We are all aware of the potential for spam and phishing emails to hammer our inboxes on a daily basis. This is why it’s prudent to protect your network with a hosted email filtering service, such as Trend Micro. However, even with the best email filtering service in place, an amount of spurious emails will most likely still make it to your inbox. This is mainly because the criminals who send out such emails are employing ever more sneaky ways to fool their victims.

Although there are hundreds, if not thousands of different types of dodgy emails being sent round, there are two particular types which merit taking immediate action to protect your data and your bank balance. These two types of emails have taken things to the next level in terms of how far these crooks will go to part you or your company from your cash or data.

Urgent Request from the MD to make a bank transfer

text boxAn email arrives from your MD, or other senior person who can authorise payments. It instructs you to make an urgent payment to the company detailed in the email. The MD will usually be out of the country or away when this email arrives. The crooks know this as they have most likely sent a phishing email and received an out of office response with the recipient’s job title. They then do some research on your company and establish the hierarchy and who would deal with bank payments. The crooks edit the “From” field of the email so it does indeed look like the MD’s email address and usually use the signature: “sent from my mobile” or similar.

We are aware that globally this type of email con has managed to trick some pretty large companies out of some significant amounts of cash. In one instance a US company transferred a six figure sum to the fraudster’s bank account. This may seem incredible but remember these crooks have done their homework on their victim’s company. They probably know the turnover of the company and possibly some of their clients or suppliers. They have even been known to hack their way in to the company’s email system, and obtain their contact database. This means that when they send the request for payment, the name may even be that of one of the company’s clients or suppliers, just with a different account number and sort code.

So what can be done to try and prevent this type of targeted attack?

In terms of preventing this type of email arriving, it is actually quite hard as they look like genuine emails. However, there are a number of measures that can be taken to protect your company.

1. Make it the company policy to never make bank transfers based upon the receipt of one email, even if it is from the MD. Do not reply to the email. Use an alternative contact method such as a text or phone call to confirm the payment request. Admittedly this is more about the company’s internal payment methods than the email system but it is an effective way to prevent this type of fraud.

2. If your company has a hosted email filtering service, then implement a policy that will detect any email with the words “Sort Code” as this is pretty much a unique term which relates to banking. The email can be tagged in the header with a message of your choice such as “Warning potential phishing email”. The warning should alert the recipient to the potential risks. It is also possible to Quarantine emails with these trigger words although this may cause disruption to your accounts department. If there are a number of genuine emails received containing these phrases, these will need to released from the quarantine.

Crypto locker Ransomware in older Office documents (Word, Excel etc.)

This type of threat has been doing the round for some time but we are now seeing a huge increase in the frequency of them. These emails are worded with titles that are deliberately chosen to lure you into opening the attachments with subjects such as “Invoice for service” or “Your Order Receipt”.

Opening the attachment will usually run an application which will encrypt your data. Not just on your PC but on any network drive that you have access to. Once all of your data has been encrypted, a message from the hackers will appear on your screen advising you that your data has “been secured” for you. If you would like access to the data they will decrypt it for a sum of money that must be paid in Bit Coins. The amounts demanded vary around $500 but can be as much as $5000.

Unfortunately once your data has been encrypted there is no way to decrypt the data without the decryption key, which only the crooks know. You will have to restore your data from the most recent backup, which is not ideal to say the least.

So what can you do to protect yourself from this type of threat?

cryptolockerSo far these types of attacks only use old style Office documents, such as .doc/.xls. If you have a hosted email filtering service, then it would be very easy to quarantine all old style Office documents. However, with so many companies still using these old document formats, it means that there might be quite a lot of genuine emails caught in the spam filter that will need to be released.

Alternately, emails containing attachments with old document formats could be tagged in the message title with a warning to alert the recipient of the potential danger of opening the attachment.

The most obvious and easiest form of protection is not to open any attachment unless you are expecting it and it has been sent by the correct person/company. However, in the heat of the day in a busy office, it is so easy to accidentally open an attachment. In the event you believe you may have accidentally opened an infected attachment, speed is of the essence. Steps to follow:

1. Unplug the network lead from the back of your PC, or shutdown as soon as possible

2. Call the IT support provider

The above outlines just two of the many thousands of online threats, which are growing rapidly by the day. If you would like to discuss any of the above, or if you have any other questions, please contact us at [email protected] or call 01279 464 470.


5 Tips To Prepare Yourself For A Ransomware Attack

We are seeing an increasing number of cases of Ransomware attacks.

Paying ransoms to hackers does not guarantee the safe return of your files so it is best to take preventative actions you should take to protect your machine. The best defense against viruses such as Cryptolocker is to be aware of how your machine can become infected. Even if you are cautious with the websites you visit and the attachments you open, the disguises hackers use are often very deceptive and it is easier than you may think to be tricked into opening a malicious link. It is most important that you regularly back up your files to ensure that if you are caught out you won’t lose your most important documents. It is not just corporations and companies that are targeted – make sure you have copies of your photos saved to an alternative device, don’t lose your precious memories.

These are our top tips on how to stay safe from Ransomware and information on how you may become infected. If you would like any information on back up solutions or if you have any enquiries email us at [email protected] or call on 01279 464 470.

Ransomware draft two

 


Ransomware is one of the most unpleasant infections with no known cure

cryptolocker

Ransomware is one of the most unpleasant virus or malware infections, and with no known cure, it poses one of the most serious threats to company and personal data across the globe. In recent weeks there has been a sharp spike in the number of reported infections, so what can you do to protect your valuable data?[vc_separator style=”separator1″]

What is Ransomware?

Essentially, ransomware encrypts documents and images on a computer. Worse still, if the computer is attached to a corporate network, it will infect everything it can see, and will only notify the user once it has finished encrypting all of the data it can find. Usually a pop up window will appear informing the user that all of their data has been encrypted and the only way to decrypt or release the data is to pay a fee to the crooks who created the infection. The amount of ransom demanded seems to vary from a few hundred dollars to several thousand.

How does it infect my PC?

As with virtually all Viruses and Malware infections, Ransomware is usually delivered in an email attachment. There has been a recent trend in emails that claim to be invoices, or confirmations of an order. The emails are worded quite well, and are clearly very plausible, as the number of infections reported in the past few weeks have rocketed

So how do you remove it?

There are many types of infection, but the way Ransomware infects computer networks does not vary much. If you are lucky, you may try to open an infected file quite soon after your computer has been infected. We say lucky, because if you can catch the infection early you may be able to prevent all of your valuable data from being encrypted. Remember that if you are on a network, the Ransomware will infect all of the data it can access, which can take time – days in some cases. Only once it has finished delivering its payload of poison, will it notify its victims.
crypto

If you are on a network, the first thing to do is to unplug the network lead from the back of your computer. If the infection started from your computer, disconnecting it from the network will stop the infection from spreading. Then shut down your system and seek professional help. If you are on a corporate network, hopefully you will not have any data saved locally! If you have, then there is a good chance most or all of your data will be encrypted. The bad news is that there is no way to decrypt your precious data without paying a ransom to the crooks. The good news is that if you have a recent backup of your data, then you should be able to restore it without too much difficulty. Obviously you have to make sure that you have found and cleared the infection before you restore your data, otherwise you may find that your data is encrypted again. If you are on a network, then your administrator should be notified immediately so they can take appropriate action to protect and cleanse the network.

Should I pay the fine?

We would always say NO, as dealing with crooks is not a good idea. However, we are aware that some people are so desperate that they have paid to release their files.

How can you protect your system from this type of infection?

Let’s be very clear, there is no way to 100% guarantee your system will never be infected by viruses or malware. There are new types of infections being created every day, and the leading Anti-Virus and Anti-Malware companies are in a permanent state of “Catch Up” Unfortunately, until a virus is created there is no way to find a cure. Below are the main points of trying to keep your data safe:

1. Backup your data – Backup your data – Backup your data. Make sure that your backups are working. Don’t just check to see if it backed up last night, actually try a test restore to make sure that the backup is effective. ALWAYS keep a copy off-site at another location. Or better still, use a remote backup service. N.B. If you do get infected, make sure that you disable the backups whilst you are cleaning your system, otherwise you will back up the infected files

2. Anti-Virus/Malware protection – Purchase a decent brand, and make sure it is up to date.

3. Be very careful with ALL email attachments –If you have even the slightest doubt, do not open the attachment. Look at it this way, what’s the worst that can happen if you don’t open a genuine email? You might receive a reminder for an unpaid bill but compared to losing all of your data this is insignificant. Never open any attachment unless you are 100% certain of its authenticity.

4. Make sure you do point 1!

The above points are only basic precautions, naturally, there are many other ways to try and protect your data. If you are in any doubt seek advice from IT professionals. For any enquiries email us at [email protected] or call us on 01279 464470.


How To Spot Scam Emails, Five Top Tips

phishing

Recently at ITVET, we received an email stating that we are eligible for a refund on our tax disc and to follow a link to the direct gov website to fill in an application form to receive this refund. This is not genuine, if you have received a similar email do not click the link provided.

This particular email was quite convincing, so we have provided a few tell-tale signs that an email may be a scam. Scammers are constantly devising new ways to trick you into giving away valuable information and it is sometimes hard not to get caught out. It is not always easy to spot a phishing email but here a few tips of what to look for.

1. Always be suspicious if an email asks for personal information.
Even if an email appears official you should be wary if you are being asked for bank details, passwords or credit card information. In a recent scam email we received, we were asked to send our credit card details by fax – it is unlikely that your bank would ever ask you to send them your passwords or account number so always act with caution.

2. Check the spelling and grammar of the email.
If you glance over an email it may appear official with company logos and pictures, but on closer inspection you will often spot obvious spelling mistakes and questionable grammar.

3. Check any links included in the email.
Check the link carefully– the link may seem genuine or valid at first but often the link displayed does not match where you will be redirected to if you click on it. If you hover over a link in the email you will be able to see where the hyperlinked address will take you to. The tax disc email we received showed a link to direct.gov.uk but if you hover over this link is shows a website registered to South Africa. To be safe, do not click on any suspicious links and do not open any attachments that you are not expecting.

dvla-link1

4. Check the sender’s email address.
We recently received a batch of emails from a scammer posing as 123reg and they were sent from [email protected] Even if the email address does contain the name of a company or your bank there will often be something slightly shifty about it too such as including numbers.

5. Something just feels wrong
Often if something seems suspicious or not right then you can trust your instinct. For example, if you receive and email saying that you have won the lottery and you haven’t bought a ticket it is quite clear that someone is trying to trick you into giving away your bank information. These may be an extreme example but if you read through an email and you are uncertain whether the information is genuine, then it most likely isn’t.

For any enquiries please contact us at [email protected] or on 01279 464470.