How to avoid tax-time scams

It’s everyone’s favorite time of year again: Tax Time! And along with all the fun gathering of documents, numbers, and other records, comes the usual spike in malicious email and phone calls. Each year, the IRS keeps a list of the top 12 tax scams that it calls the “Dirty Dozen”. Here is 2018’s list: http://bit.ly/2syA1nY.

Being a technology company, we’re going to focus on the technology-based scams, specifically email and phone. The usual email/phone advice applies: if you don’t recognize the sender/caller and they initiated the conversation, delete it/hang up. Now on to some of the scams that made the 2018 Dirty Dozen!

Phishing Schemes:

Phishing is nothing new (especially if you’ve been following/reading our blog). However, there was a new twist in 2018 that saw scammers using information stolen from tax professionals to file fraudulent tax returns and direct deposit refunds in to the real taxpayer’s bank account. The scammers then pose as a collection agency or IRS agent to trick the taxpayer in to sending them the money, thinking they are returning the fraudulent refund. You can read more on the IRS’s website here: http://bit.ly/2Fy3W8r.

Fake Charities:

No one wants to say to no to someone in need, and tax time offers the added advantage of being able to help someone in need and get a little help in return. Of course, scammers like to take advantage of our benevolent nature, so the IRS put together a website where you can check to make sure a charity is legitimate and qualified: https://www.irs.gov/charities-non-profits/tax-exempt-organization-search. If you receive an email or call from a charity soliciting a donation, feel free to look it up before taking any action. You can read more about this specific scam on the IRS’s website: http://bit.ly/2W2yHHo.

Remember, the IRS will never (taken from their website: http://bit.ly/2AQf8cF)

  • Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail a bill to any taxpayer who owes taxes.
  • Threaten to immediately bring in local police or other law-enforcement groups to have the taxpayer arrested for not paying.
  • Demand that taxes be paid without giving taxpayers the opportunity to question or appeal the amount owed.
  • Ask for credit or debit card numbers over the phone.
  • Call you about an unexpected refund.

Insert Excel Data in a Word Document

Sometimes you may want to display an Excel data table in a Word document. Did you know you can create/format the table in Excel and then insert it into Word? Here’s how:

  1. On the Insert tab, in the Text group, click Object.
  2. In the Object dialog box, on the Create from file tab, choose Browse, and locate the file you want to insert in the Word document.
  3. Choose one of the following: To add the file as a linked object, select the Link to file check box, and then click OK.

Now that you have the table in Word, how do you make it fit on one page you ask? Follow these steps:

  1. Click somewhere inside the table so that the Table Tools tab appears at the top of the window.
  2. Click the Layout tab under Table Tools.
  3. Click the AutoFit button in the Cell Size section of the ribbon at the top of the window, then click the AutoFit Contents

Now what if you want to have any changes made to the table be updated in the Word document? Here’s what you’ll need to do:

  1. Open the Word document where the spreadsheet will display.
  2. Open the Excel worksheet that contains the data you want to link to the Word document.
  3. In Excel, select and copy the range of cells you want to include. If you plan to insert more columns or rows into the worksheet, select the entire worksheet.
  4. In the Word document, position the cursor where you want to insert the linked table.
  5. On the Edit menu, select Link & Use Destination Styles or Link & Keep Source Formatting. Destination Styles uses the default Word table formatting, which usually results in a better-looking table. Keep Source Formatting uses the formatting from the Excel workbook.

For more tips like these, sign up for our Timely Tech Tips: http://bit.ly/2nZ3JTl.

Basic Security Tips for Home

Our company focus is on business computers but we often get asked about home computers. It’s just as important to protect your home computers as it is to protect your business computers. Here are a few tips to help secure your home computers.

  • Don’t use the same passwords for multiple websites or logins. This way any password that may get stolen cannot be used to hack other services. It also means changing a stolen password one time at the affected service instead of having to do it for every service.
  • Always install all available Microsoft (or Apple, if you have a MAC) updates. This ensures that any known security holes in Windows or OS X are fixed on your computer.
  • Make sure your wireless network is secured with a strong passphrase. Here are some tips for how to setup and manage your wireless router: http://bit.ly/2RwxLwt
  • Use a security suite to protect your computer – here is a good comparison of several different products: http://bit.ly/2RZWKbb

For more tips like these, sign up for our Timely Tech Tips: http://bit.ly/2nZ3JTl

Be wary of that email!

Let’s face it: we spend far too much time each day dealing with email, especially in a business. It is then no surprise that the most prolific attack vector against a person or company is via email. So why don’t we have ways to stop this completely?

The simple answer is: human nature. Remember the old saying “curiosity killed the cat”? We’re curious by nature, so it’s understandable that we want to open that email with the subject line “Re: Invoice 3584” to see what they’re talking about. It’s also understandable that we would want to open that attachment claiming to be the invoice to see if it’s one of ours. There are tools available that try to weed out those emails before they ever reach us, but no tool is perfect. And the stricter a tool is at trying to weed out those emails, the more likely it is to block legitimate email as well. So that brings us to trying to change human nature.

How can we change human nature though? We can attempt it through education. We have all heard the common rules of thumb:

  • don’t open an email from someone you don’t know
  • don’t open attachments
  • don’t click on links
  • don’t answer requests for money

If we’ve all heard these, why is email still the most popular way to get hacked? The attackers are getting smarter. They’re skilled at making emails seem trustworthy, and they’re now finding ways to compromise the email accounts of people we trust so that they can send us emails that we wouldn’t think twice about answering. Tools can still help in trying to identify and block these, but education is still necessary to help us recognize these new, trickier emails.

To get started, visit our website here to download the Top Phishing Messages Q3 2018 infographic and the 5 Tips Awareness Sheet. Then read this story about two executives who fell victim to a type of email attack called CEO fraud. Finally, contact us here to learn how a combination of tools and user security awareness training can help combat the email-borne threat.

MFA is a necessity today.

Why do I have to get a txt message to sign into systems/services? What happened to just entering my username and password?

Answer, Multi-Factor Authentication (MFA). If your systems aren’t using MFA, then you should enable them and start using it. Why? Email is still the number one way hackers are gaining access to sensitive data and using that data to cause other damages. If an attacker gains access to an email account they can perform the following:

  • Send out emails from this account to other users, customers, vendors, etc to gain access to other sensitive information.
  • Send emails to internal financial employees to perform wire transfers to the attacker’s bank account. Since the email is coming from an internal user the request for wire transfer looks legit and is usually performed.
  • Send email to internal security personnel requesting alarm codes.

MFA protects against these types of attacks by requiring the person signing into the system/service to provide a second, or even in some cases a third, piece of information that only the authorized user has access to or possession of. If your email system doesn’t have MFA capabilities, then it’s time to switch!

CBTech Support helps its clients implement MFA, and other security layers, to keep their data secure. This ensures that only authorized users are signing into their email, and other systems, which protects against the myriad of compromises that can develop from the breach. Contact us to learn more http://bit.ly/2pPj4C8

The power of Excel

Are you getting the most out of Excel? Excel is a powerful tool that most people use for displaying data nicely. You can display data in tables, format data using color/size, and organize data to display it in a readable way. However, did you know that Excel can be used to filter, sort, and display data to help you get the most out of data analytics?

Here are some useful things you can use Excel for:

Filtering data

  1. Highlight all cells, and click Data > Filter to enable the Filter function.
  2. Then click at the filter icon on the column you want to filter on, and select Text Filters > Contains.
  3. In the Custom AutoFilter dialog, you can specify the text you want to filter based on.
  4. Click OK. Then only the rows which contain the text string you specified are displayed.

Sorting data

  1. Select one cell in the column you want to sort.
  2. On the Excel Ribbon, click the Data tab.
  3. Click Sort A to Z (smallest to largest) or Sort Z to A (largest to smallest)
  4. Before you do anything else, check the data, to ensure that the rows have sorted correctly.

Delete Text Before Or After Character By Formula In Excel

  1. To remove text before a comma with the data contained in cell A1, select cell A2 and type this formula =RIGHT(A1,LEN(A1)-FIND(“,”,A1)) into it, and press Enter key
  2. To remove text after a comma with the data contained in cell A1, select cell A2 and type this formula =LEFT(A1,FIND(“,”,A1)-1).
  3. To apply the same filter to the remaining data in column A, click and hold the Fill Handle (small black box) on cell A2 and drag down to the range where your data stops.

These are just some of the most underutilized functions in Excel that provide powerful data manipulation. CBTech Support has years of knowledge in supporting user applications. Our clients have this knowledge at their disposal via a phone call away as we offer unlimited remote helpdesk support. Contact us to learn how you can have an IT department, with this and many other benefits, available to your company http://bit.ly/2pPj4C8

Account Takeover and Prevention

Over the past few months we’ve seen a new security attack gain popularity: Account Takeover (ATO). Account Takeover is when an attacker steals a user’s username and password for their email account, most often an Office 365 account. The attacker tricks a user in to giving up their username and password, usually via a file sharing email with a link that takes the user to a page which asks them to log in to their account to see the file. The log in page provides the user’s credentials to the attacker. The attacker then uses those credentials to gain access to the user’s account and take further action. These actions can include:

– Forwarding all the users’s email to an account the attacker controls, while still delivering email to the user’s mailbox. This allows the attacker to not only read all the email, but also to determine a) who the user communicates with on a regular basis, b) what other user’s might be susceptible to an attack, and c) what users might be susceptible to a money wiring request

– Sending attacks via email to more users. Since the account is a “trusted” account, the attack emails are more likely to pass through spam filters without being caught.

– Sending wire requests to members of the finance team at the compromised user’s company. Since the email is coming from a member of the company, it is more likely to be trusted.

There are layers of security that can help minimize Account Takeover attacks, but the number one defense against something like this is user education. Helping users to understand what to look for when reading an email is the first step to preventing Account Takeover attacks. There are several ways to help educate users, from simple checklists all the way to fully managed educational programs. If you are interested in learning more, contact us today.

Is your computer running slow?

You buy a new computer and it’s lightning fast. You’re so excited and your productivity on the computer is allowing you to get things done fast. Over time your computer slows down. You are no longer as productive and you seem to need to wait for your computer to catch up to you. The slowness could be a result of age, additional applications installed, or a technical issue.

  • Age: the computer you bought years ago has reached its lifecycle. It worked great at the time but now new things require more from your computer that was built back when you bought it.
  • Additional Applications: as you install more and more applications, there are additional processes and services that run taking up more resources.
  • Technical issues: there are many technical issues that can happen to cause a computer’s performance to degrade, from corrupt files to failing hardware.

If your computer has reached the end of its lifecycle then it’s simply time to bite the bullet and buy a new computer and get back to being productive and excited about working on your computer. Make sure you are buying a computer with a solid state hard drive in it as it makes a world of difference in computer performance.

If you’ve installed tons of applications, then check your start up items and disable them so that they don’t start automatically. They’ll work fine when you open them as you need them but they won’t affect computer performance while you don’t need them. Review the list of startup applications and disable any you don’t need to start automatically. Here’s how:

  • Windows 10/8: hitting CRTL+ALT+ESC on your keyboard and clicking the Startup tab
  • Windows 7: click the start button then type msconfig then hit enter. Click the start up tab

Computer slowness issues resulting from technical issues require skilled professionals to review and determine the root cause. CBTech Support proactively monitors its client’s computers and servers for any technical issues which would cause performance degradation.

If you’d like to learn more about a specific topic visit our website and let us know http://bit.ly/2sdZFNA.

Malware Targets Consumer Devices

Last month, a strain of malware was found to be infecting the devices that provide people with internet service, known as routers. It targeted mostly consumer devices made by companies like Cisco Linksys, Netgear, and TP-Link. Researchers found that it had the ability to spy on data passing through these devices, as well as the ability to render the device useless (known as “bricking”). Unfortunately, these devices usually don’t have any protection such as an anti-virus program and are not updated frequently, if at all. Additionally, most devices are left with the default usernames and passwords, so exploitation of the device is simple. There was a big push last month to have users reboot these devices to try to counter this malware, but that did not completely clear it out. Researchers now say that the only way to clear a device of the malware is to reset it to its factory defaults. This article by Cisco’s Talos security team describes in detail the malware and its potential effects: http://bit.ly/2K6mCLc.

This type of security incident, which is still ongoing, highlights the lack of security focus on the part of consumer device manufacturers. Security features are typically low on the list of priorities for these devices, and updates to fix flaws are few and far between. Most devices are preconfigured to be plug and play out of the box, with little to no customization on the consumer’s part; this means that default settings are left in place and, since the manufacturers are often international companies, are well known worldwide. PCMag recently posted an article listing the devices affected, along with instructions on how to update them: http://bit.ly/2tgUHSo.