Blog Categories

Geekheads News

Email Fraud Prevention

Save time by eliminating worry and the need for manual email fraud scanning, hello MailSentry Fraud Prevention.

Why MailSentry?

The MailSentry Fraud Prevention technology automatically flags down emails that contain something suspicious and lets you know what the problem with them is. All these cues that something could be wrong are then monitored in real time by a specialist fraud detection team. Whenever something needs to be investigated more closely, you will be alerted before the attackers can achieve their goal.

Why Hackers Are Attempting BEC Attacks More Often?

Cybercriminals are masters of evasion and disguise tactics and time has shown that attacks based on the human factor (social engineering attacks) are the most successful. Why exhaust all technical means of breaking barriers when you can simply fool the people on the inside to let you in? It’s a tactic as old as time.

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk

The COVID-19 pandemic has suddenly hastened the move toward remote work and the need to implement secure remote access.

Key Challenges

Secure remote access to on-premises and cloud applications requires identity and access management (IAM) controls that a VPN, virtual desktop infrastructure (VDI)/desktop as a service (DaaS), zero trust network access (ZTNA) or cloud access security broker (CASB) alone cannot provide.

Multifactor authentication (MFA) is an essential control to establish trust in a remote user’s identity and reduce account takeover (ATO) risks, but it is difficult to rapidly provision robust MFA options at scale.

Modern access management (AM) tools represent the future for remote worker access, but legacy applications represent a significant hurdle to the workforce of the future.

Recommendations

Security and risk management (SRM) leaders responsible for identity and access management should:

Liaise with other SRM and infrastructure and operations leaders to determine remote access requirements and to identify what remote access tools are and will be used.

Implement or expand use of MFA across all remote access use cases. Enable out of band (OOB) SMS as an interim solution only; migrate users to mobile push or hardware tokens, prioritizing by risk. If using OOB SMS is unavoidable, seek compensating controls.

Standardize on modern identity protocols — Security Assertion Markup Language (SAML), OpenID Connect (OIDC) and OAuth — for single sign-on (SSO) to securely provide access for remote workers to applications and data.

Categorise critical applications according to support for modern identity protocols, and enable legacy web apps with identity-aware proxies (properly secured) and agents.

Follow the “response, recovery, renewal” action plan to address MFA and AM requirements during the COVID-19 pandemic and subsequently.

Introduction

Occasional or permanent remote work is increasingly the norm for a large part of the workforce in many enterprises and can be supported via a range of technologies including VPN, ZTNA and CASB.

However, secure remote access to on-premises and cloud applications requires IAM controls that these tools cannot natively provide. Now, the COVID-19 pandemic has suddenly created a demand for remote work at unprecedented scale.

Thus, there is an urgent need to rapidly expand the use of MFA for any kind of remote access and, particularly for SaaS and other public cloud access, to enforce additional corporate controls using an AM tool.

What can SRM leaders responsible for IAM (“IAM leaders”) do to address these needs? This research offers IAM leaders technology and policy guidance for enhancing remote access security through MFA and AM (see photo in post).

Source: Gartner Report

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk

It’s estimated by 2023, 60% of businesses will phase out most of their remote access virtual private networks (VPNs) in favour of ZTNA.

Is the VPN Obsolete?

The virtual private network has been a vital enabler of remote work for decades. But the technology, invented in 1996, is getting a bit long in the tooth. A big disadvantage created by VPNs is that they actually offer users too much access. The idea of having “trusted” and “untrusted” network zones paints every user and device with a broad brush. It’s either dangerous or safe, a completely trusted friend or a dangerous enemy. When any remote user connects to the VPN, they’re almost certainly granted far more access than they actually need.

Thus, we’re brought to the fundamental flaw of relying upon VPNs to create zones of trust. Businesses that transition to a zero-trust security architecture find they have little use for their old virtual private networks.

Zero-Trust Model

Instead of placing all-or-nothing trust in devices based upon their network location, the zero-trust model begins with the assumption that nothing is trusted based solely upon its IP address and every action requires authorisation.

Indeed anyone who has studied cyber security knows about the least-privilege principle, which states users should be granted only the smallest set of permissions necessary to carry out their work. Similarly, the default-deny principle states that every action that is not explicitly allowed should be prohibited.

Identity and Access Management

Of course, that’s easier said than done. Least-privilege approaches haven’t been widely implemented because it is very difficult to do without a strong identity and access management solution. Fortunately, technology is advancing in this area, and most organisations have already moved from legacy IAM approaches to modern solutions that facilitate granular privilege management.

Multifactor authentication is also essential to the implementation of a zero-trust model. If an organisation is going to place a tremendous dependence on the identity of a user when making access decisions, we need to have tremendous confidence that users are who they claim to be.

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk

Private Internet Access keeps no VPN logs. You can use the service with complete confidence that your IP address and activity is not being monitored, stored, or linked back to you.

What is Private Internet Access?

Essentially a high-speed VPN service. It works by providing multi-layered security at the kernel level, which means all of your apps will be secured, not just your web browser.

What is kernel level?

It’s the heart of your devices operating system, running processes, managing hardware such as the hard disks.

Do I really need Private Internet Access ( PIA )?

The answer really depends on your internet habits and your security preferences. PIA claim to unlock any geographic restrictions such streaming Netflix while abroad while also boasting ‘largest network capacity across the globe to provide the highest speeds and most encryption’. These are big claims and we yet to test them fully here at Geekheads.

How much does Private Internet Access cost?

Pricing starts currently from £2.32 p/m but its worth checking out the different package options.

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk

While voice assistants like Alexa are remarkably helpful, you should keep in mind that like most modern technology, you leave a footprint wherever you go.

When does Alexa listen?

It’s important to differentiate between listening and recording. The microphones in these smart speakers are always listening, but, by default, they are only listening for the ‘wake word’ or the activation keyword.” Since the whole purpose behind the device is to instantly respond to users’ requests, it makes sense that Alexa is constantly scanning audio for its wake word, which can either be “Alexa,” “Computer,” or “Echo.” However, this does not mean that Alexa is always recording.

When does Alexa record?

Amazon’s list of frequently asked questions says that Alexa only begins recording your conversation upon hearing the device’s wake word. So, when you say ‘Hey, Alexa,’ all of the audio gets analyzed and is being listened to by the microphones on the device, and only if the keyword ‘Alexa’ is detected, then everything that you say after that gets recorded. After the device records, it uploads the audio to Amazon’s cloud, where they have algorithms in the server that analyze the speech pattern and try to detect and identify the words you are saying. While Alexa’s response may seem instantaneous, it actually has to work with Amazon’s cloud to comprehend varying accents, speech clarity, and vocabularies. This means that each time you wake up Alexa, the smart speaker is recording your conversations, creating an automated transcript of what you are saying, and using that to fulfill your request.

How can I delete my Alexa recordings?

Open up the Alexa app, and sign in using your Amazon account password if necessary. When you arrive at the home screen, look in the upper left-hand corner, and select the icon that looks like dashed lines, or the main Menu. Look down to the bottom of the menu, and select the option that says Settings. Select Alexa Account and at the bottom you should see an option that says Alexa Privacy. Select this to begin. Go to Review Voice History.

How can I stop Alexa sending my voice clips to strangers?

Go to Alexa Privacy and then select Manage Your Alexa Data. Amazon warns you that turning the setting off will mean new features may not work well but if you’d rather not be spied on then turn it off.

Do you have any questions?
Call
020 3637 6095
Or email support@geekheads.co.uk

A form of phishing, smishing is when someone tries to trick you into giving them your private information via a text or SMS message.

Put simply, smishing is any kind of phishing that involves a text message. Often times, this form of phishing involves a text message in an SMS or a phone number. Smishing is particularly scary because sometimes people tend to be more inclined to trust a text message than an email. Most people are aware of the security risks involved with clicking on links in emails. This is less true when it comes to text messages.

How to know if you’re being smished?

In general, you don’t want to reply to text messages from people you don’t know. That’s the best way to remain safe. This is especially true when the SMS comes from a phone number that doesn’t look like a phone number, such as “5000” phone number. This is a sign that the text message is actually just an email sent to a phone.

Exercise precautions when using your phone: Don’t click on links you get on your phone unless you know the person they’re coming from. Even if you get a text message with a link from a friend, consider verifying they meant to send the link before clicking on it. A full Internet security suite isn’t just for laptops and desktops. It also makes sense for your mobile phone.

A VPN is also an advisable option for your mobile devices. This will secure and encrypt any communication taking place between your mobile and the Internet on the other end.

Never install apps from text messages. Any apps you install on your device should come straight from the official app store. These programs have vigorous testing procedures to go through before they’re allowed in the marketplace.

Do you have any questions?
Call
020 3637 6095
Or email support@geekheads.co.uk

We’re in the middle of the Covid-19 outbreak in the UK and many of us are concerned about what will happen next. Coronavirus has created the perfect environment for fraudsters to thrive using a range of tactics.

How to spot and avoid Coronavirus Scams?

Things to watch out for in emails and other messages are:

Unsolicited emails and texts: be careful of anything you weren’t expecting that claims to be from an organisation such as a bank, BT, Sky, PayPal, Microsoft, the BBC and other large, trusted organisations. And at the moment, particularly watch out for unsolicited emails claiming to come from health bodies such as the NHS, the WHO and the CDC.

An urgent tone: phishing and smishing messages are designed to scare you into clicking on their links.

Grammar and spelling: the phishing email claiming to come from the WHO is clumsily written and has typos such no spaces after commas.

No name: Legitimate emails from services you have accounts with will always address you by name. Phishing emails and smishing texts usually start with ‘Dear Sir’ or ‘Dear Customer’.

Fake domains: Scammers often set up website addresses that look legitimate in order to trick you. Security researchers Digital Shadows says that more than 1,400 domains linked to the Covid-19 disease caused by the coronavirus have been registered in the past three months. While many of those may well be legitimate, others will almost certainly be used to trick anxious consumers into thinking they’re genuine.

The latest email and text phishing scams:

Fake lockdown fines: People have been warned not to fall for a bogus text message saying they have been fined for stepping outside during the coronavirus lockdown. The scam message claims to be from the Government, telling the recipient their movements have been monitored through their phone and they must pay a fine or face a more severe penalty.

HMRC goodwill payment: The MET police are warning of a fake message designed to steal your account details that says ‘As part of the NHS promise to battle the COV-19 virus, HMRC has issued a payment of £258 as a goodwill payment’.

Free school meals: The Department for Education has issued warnings about a scam email designed to steal your bank details saying: ‘As schools will be closing, if you’re entitled to free school meals, please send your bank details and we’ll make sure you’re supported.’

WhatsApp request to forward your code: A recent scam could grant hackers full access to your WhatsApp messages, photos and videos. Someone who knows your phone number could request to register your WhatsApp on a different device, and when a verification code is sent to you, the hacker will then message you to try and coax you into forwarding this on to them. They could then target your contacts with requests for money.

Source: Which?

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk

Want to work from home and don’t want to change the existing office network?

Keep your current office network

Add a router in your LAN to work as VPN server.

1. Connect Vigor Router’s WAN port to DMZ port on your company gateway router (or setup port forwarding for VPN to pass to Vigor Rotuer, e,g., port 443 for SSL VPN).

2. Download Smart VPN Client on your device. Select VPN type, and either add your office network to “more route” or enable Change Default Route.

3. Done, start working from home.

LAN-to-LAN VPN

Traffic arrives on the WAN interface, gets encrypted, and sent out through the same WAN interface. A solution is to add VPN compatibility to the network without replacing the Internet gateway.

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk