How to Prevent CEO Phishing

Posted on October 10, 2016September 30, 2017 by boss

Phishing Scams and Attacks. How to Prevent CEO Phishing

Spear phishing has been on the rise as cyber criminals have been exploiting it in many ways and on many levels nowadays, especially by utilizing social engineering. It’s been estimated the number of victims of CEO phishing scams has gone up 270% since the beginning of 2015, totaling over $2.3 billion in losses to 17,000+ organizations. Pretty staggering, huh?

How does CEO phishing work? Unlike regular phishing emails, which are sent out in great numbers to potential victims who have no relationship to each other, CEO spear phishing emails are highly targeted and sent to only a few select victims at a specific organization. E.g., a CFO working at company X gets an urgent email from the president from company X requesting to transfer money or a CEO imposter asks an employee to provide sensitive financial information leading up to eventual monetary losses. Since these requests seem to come from the C-level executives the employees tend to act quickly to please their superiors.

CEO Phishing Detrimental Results

Source: knowbe4.com

A real life example. One of our customers has almost fallen for this phishing trick a few years back. One morning the company’s controller received an email from the company’s CEO requesting to wire 10K to an account. The CEO tends to communicate with staff mostly via email and she’s usually on the go, out of town type of boss, so it seemed OK at first glance. However, the controller called her boss to confirm the legitimacy of the request and – lo and behold – it turned out to be fake.
Then the investigation by the CEO started and IT was first on the grill: “Why did we get this email into our system in the first place? We have spam and content protection system after all?!?!?” Yes, it turned out to be a spoofed email that it should have been intercepted by spam filter, but their definitions were not up to date and it was left through and delivered to user’s mailbox. What’s more interesting and worth noting here is that we discovered then that the company had posted contact info of their key staff (including all VPs) along with their titles, direct phone numbers and individual email addresses on their website! It doesn’t take much to plot such a scam attack. Although it was a good lesson learned for our client, they still chose to keep all the individual contact details on their website…
[…]

FortiClient VPN Connection getting stuck at Status: 98% (Solved)

Posted on September 24, 2016June 14, 2017 by boss

FortiClient VPN Connection getting stuck at Status: 98% (Solved)

Problem

When connecting to VPN network using FortiClient users occasionally are unable to make the connection as the VPN client seems to be malfunctioning. The connection gets stuck at Status: 98% and they get disconnected. This problem appears to be affecting FortiClient version 5.3.xxx as well 5.4.1.0840 running on Windows 8 and 10 that we are aware of.

It’s s been determined that there is a problem with the Windows operating system WAN miniport driver and not specifically with a Forticlient issue.

[…]

CrashPlan crashing (itself) and the host machines

Posted on August 11, 2016November 28, 2016 by boss

CrashPlan crashing (itself) and the host machines

We run CrashPlan for Business (PRO) on several Windows servers and wanted share some of the observations about the local app and the service itself.

The good

Pricing
Pricing is straight forward: it is a flat rate for unlimited data backup. $10/m per machine is dirt cheap. Additionally, the CP client app allows you to back up your data to the CrashPlan cloud but also to the other computer or folders (at no additional free).

Encryption
CP uses Blowfish for encrypting your backed data and it’s a client-side encryption. There’s an ability to reset the encryption password through a security question.

Versioning
CrashPlan, support versioning and it’s enabled by default.

Efficiency
Crashplan utilizes a sophisticated delta-update algorithm along with automatic compression. Which means that CP splits your files into small data chunks. Then each chunk is compressed and encrypted accordingly to your settings. It also supports de-duplication, which means that duplicated files are only uploaded to the backup server only once. This also means that of you move / rename files CP does not need to upload it all over again.

The bad & the ugly

Crashing
On numerous occasions throughout the 2016 Crash Plan updates seemed to have failed crippling the CP instance on many servers. Just last in July we had a situation with two instances of the CP PRO installed and running on the Windows 2012 R2 server. After having removed on from Programs and Features it ran for a few week and it had crashed completely.
Attempting to start the CP service failed so we resorted to “the usual” (recommended by very scarce tech support): download the most recent version,reinstall it and reboot…

Strangely we’ve found that some machines were running two instances of Crash Plan; apparently one 64-bit and the other 32-bit version.
[…]

Gmail, Google Mail Telephone Support/Help Scam

Posted on June 20, 2016March 15, 2017 by boss

Gmail, Google Mail Telephone Support, Help Desk Scam

Ever ran into a problem with your Gmail or Gmail Business email account and wondered if Google offers free or paid tech support for its customers?

Chances are you googled “Gmail phone support” or “Gmail customer service” and the search rendered a handful of hits with toll free numbers like (855) 227-3084 or (800) 941-5251.

If you call the aforesaid numbers you’re going to get a life ‘semi-pro’ support that will want to get paid up-front for an incident. We’d get different quotes per incident depending on the person you get to talk to. We were quoted $150 and the technician claimed that our Google Business account was accessed in Germany, it got infected and it’d take an hour to have it cleaned up. They would completely ignore the original reason for our call and said the account would have to be cleaned before they’d attempt any other options…
On a consecutive call attempt we’d get another person that would quote us a $99 per incident with fee with 3-month guarantee. Great deal, eh? They would totally ignore the $150 quote from the previous person. We had received quite a few follow-up calls as the staff seemed to be pretty motivated and tenacious to close the sale.

Here’s an example of their voicemail messages. Sounds totally legit to me. What say you?

We’ve seen folks getting quotes as high as $300 per incident with some ridiculous explanation that it would take 14-15 days to unlock compromised Gmail account. What a sham!!!
[…]

Penn Asian Senior Services

13:23 25 Jul 19

Penn Asian Senior Services (PASSi) has worked with Kontech on numerous occasions, and what we've consistently observed is service that combines top-notch knowledge with care & attention to detail. We are a nonprofit that provides services throughout the Greater Philadelphia area from our home base in East Oak Lane -- as may be the case with many nonprofits of a similar size, we come across a wide variety of IT needs within the office, many of which we try to handle in-house. However, there are times where we really do need the guidance/assistance of professional IT consulting. And, whenever we have this need, Kontech is our go-to solution -- we highly recommend the company, which we find to be trustworthy with fairly-priced services. - PASSi

Anita Rodriguez Morrison

18:05 02 May 19

Greetings from Michigan! Our company contacted KonTech IT Services to take care of a UPS battery install for our customer with an office in Philadelphia. KonTech did an awesome job with the installation and documentation. WE will definitely use them again when business takes us back to PA!

Keith Dewey

19:04 12 Feb 19

Working in a demanding field like the hospitality business we are in constant need of upgrades and installations to better our IT systems. Kontech IT services is a solid company that helps us with all our IT needs in a timely and professional manner. Their techs are very knowledgeable and great at making recommendations for your systems as well. I recommend Kontech anyday!!

Haley Klinghoffer

11:34 17 Aug 18

Very responsive and reliable! They have been able to solve all of our technological nightmares. Highly recommend!!

Sambath Phea

01:32 19 May 18

Highly recommend Kontech IT Services for your electrical needs. We had them install a video door bell with 3 indoor monitors and 3 surveillance cameras. Till this day, any questions or troubleshooting we need help with, Kontech IT Services are just a phone call or an email away.

Technolo Sales

19:34 01 Mar 18

We use Kontech IT Services for all our cabling needs in the Philly area. We love the quality of work and their range of expertise. We would highly recommend these guys.

Adam Schran

16:56 21 Feb 18

Konrad visited us and was able to solve a tricky network cabling issue that others were not able to fix. Plus, he explained why it happened and what else we could do to optimize our network equipment and cabling. Friendly, super intelligent guy we would welcome back to our premises any time for additional work as needed. Highly recommended.

brian seyller

12:53 29 Sep 17

Kontech has gone above and beyond to help me with our customers. I would highly recommend using them!