All posts in Notices

17 Sep 2015

Virus Alert: Ransomware Diligence

The purpose of this virus alert is to inform and educate you, as well as encourage you to remain vigilant against malware. We continue to experience isolated incidents of CryptoLocker and its variants, a type of virus known as “ransomware”.  To learn more about CryptoLocker and ransomware please reference our previous blog post here:

http://sisadmin.com/virus-alert-cryptolocker-how-to-protect-yourself/

As mentioned in the above-referenced blog post, here’s steps you can take to protect yourself:

  1. Never open email attachments from unknown senders. Keep in mind that the people who create these emails are crafty. They are often carefully constructed to appear as if they came from legitimate businesses or vendors.
  2. Don’t follow links received in SPAM emails from unknown senders.
  3. Back up your data.
  4. Keep your antivirus and antimalware software updated. We recommend Webroot and MalwareBytes as a solid deterrent. Please be aware that no preventative platform is foolproof.

How do you know if you’ve been infected?

  1. You are unable to open files and/or files appear to be corrupted. This may occur on your local hard drive or on network shares if the infection has spread beyond a local machine.
  2. File extensions are changing from what they should be (.doc, .pdf, .xls) to .encrypted, .cryptolocker, or .[random characters].
  3. A HELP_DECRYPT file has appeared in each folder where files have been encrypted.
  4. A ransom screen may appear informing you that your personal files have been encrypted.

What do you do if you suspect an infection?

  1. Immediately disconnect your computer from your wired and/or wireless network. This will prevent it from further encrypting any files.
  2. Call SisAdmin at 425-482-1919 to report the infection ASAP.
FacebookTwitterGoogle+LinkedInTumblrEmailShare
12 Jun 2015

Windows 10 Free Upgrade: Make the Leap?

Windows 10

Windows 10 is coming soon; July 29, 2015 to be exact. Microsoft has announced that all systems currently running Windows 7 SP1 or Windows 8.1 are eligible to upgrade to Windows 10 free of charge. Beginning June 1, 2015, Microsoft activated a notification that appears in your PC’s taskbar which states “Get Windows 10. Reserve your free upgrade.” If you opt into the upgrade, Windows 10 will download to your PC as soon as it’s available, and you will be able to install it at your convenience after July 29th. The download consumes approximately 3 GB of disk space.

The logical first question you are probably asking yourself is “Should I take advantage of this upgrade?” Well, there’s good news and bad news.

The good news is that all indications point towards Windows 10 being a worthy successor to Windows 7 and corrects many of the flaws of Windows 8 (the Start menu is back!). Faster overall speeds along with quicker startup and system resume have also been promised, along with a boast out of Redmond that Windows 10 is “the most secure platform ever.” Even more good news is that you have an entire year to upgrade your system for free.

The bad news is that Microsoft has a long and distinguished track record of unforeseen problems in the days, weeks and months following new operating system releases. Many IT professionals would advise that you wait until the first major service pack release prior to making the leap to a brand new Microsoft operating system.

SisAdmin’s recommendation is to wait a few months to see how everything shakes out before considering the upgrade. When the dust has settled and the kinks have been worked out, please reach out to us so that we can assist you with a smooth transition to Windows 10.

If you decide that you’d like to be on the bleeding edge of technology and just can’t wait to take the leap, Microsoft has outlined what you can expect here. If you’ve already opted in and have reserved your upgrade, don’t fret, you can postpone performing the actual upgrade to a time that’s convenient for you.

01 May 2015

Security Alert: Wire Transfer Scam

phishing-attacks

We are issuing this security notice to alert our customers to a fraudulent wire transfer technique that some of our customers have encountered this week.  The technique is called spear phishing and relies upon email messages posing as urgent communications from senior officers to lower level employees.  The messages demand that employees wire funds to destination accounts provide in the message.

These emails can be very convincing and are typically sent to corporate executives, corporate finance personnel, or others likely to have roles in authorizing or executing accounts payable operations.  We highly recommend making your employees aware of this threat and cautioning them against falling victim to these attacks.  Typical signs to look for beyond the obvious tone of the funds transfer demands are:

  • Suspicious emails sent to executives or received from executives
  • Check the sender’s email address closely for spoofed or impersonated domains
  • The body of the email instructs the target to pay all new or outstanding invoices via wire transfer to a new bank account
  • The body of the message often includes a fake, back-dated “original message” in an attempt to set the context of the transfer request
  • Attached to the email is a PDF document containing wire transfer instructions, including bank name, account number, etc.
  • Wire transfer destinations typically include banks in the US, UK, China and Taiwan

The technical details of how scammers accomplish this are as follows:

  1. Scammers register “typo squatting” domains that for all intents and purposes look like the target company’s domain, but are subtly different.  For example, the legitimate domain www.mybusiness.com would be registered as www.mybusiiness.com.
  2. Scammers then create email accounts at the fake domain that mirror legitimate executive email accounts.  For example Joe.CEO@mybusiness.com would be created as Joe.CEO@mybusiiness.com, and the common name that appears on the email account would be identical to the original account, such as Joe CEO.
  3. The attack often relies upon knowledge of key players within the company and emails that are highly convincing to the recipients are created.  They rely upon the fact that when the CEO asks you to do something, you do it!
  4. Emails are sent to lower level employees from executives that are brief and urgent, demanding the transfer of funds and the progress of the transfer, thus making the request appear more authentic.

Please let us know if you have any questions or need our assistance.

24 Apr 2015

Windows Server 2003 Support is Ending July 14, 2015

XP-Gravestone-banner

Amongst the geek speak you may have overheard recently, the term “End of Life” (EOL) may ring a bell.  This term refers to the product(s) supplied to customers that are at the end of their useful life and the vendor (more often than not Microsoft) intends to stop supporting it.  There are some key Microsoft products coming up on End of Life in the first half of 2015; the major one being Windows Server 2003 (all versions) which subsequently includes Small Business Server (SBS) 2003.   Specifically, support will end for these products on July 14, 2015.

So what does this mean to you and your business?  In a nut shell, continuing the use of these products becomes a liability and vulnerability as Microsoft will no longer issue security updates for any version of Windows Server 2003.  According to Microsoft “you need to take steps now to plan and execute a migration strategy to protect your infrastructure.  By migrating to Windows Server 2012 R2, Microsoft Azure or Office 365, you can achieve concreted benefits, including improved performance, reduced maintenance requirements, and increased agility and speed of response to the business.”

We’re here to aid you through this transition.  Contact SisAdmin if you have any questions or concerns about your technical infrastructure in light of these upcoming product retirements.

13 Feb 2015

Blog Coming Soon

Check back later!

REQUEST A
FREE QUOTE

Contact Form