Cloud Services

Recent Scams Targeting ASIC Customers

rawpixel-com-369789.jpg

It has come to our attention that scammers pretending to be from ASIC have been contacting registry customers asking them to pay fees and give personal information to renew their business or company name.

These emails most often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link.

Warning signs the email is not from ASIC

An email is probably a scam and is not from ASIC if it asks you:

  • to make a payment over the phone
  • to make a payment to receive a refund
  • for your credit card or bank details directly by email or phone

Here is an example of a scam email from 5 December

scamemail20171205_498x375.jpg

If the email you received contains the above information, it is not from ASIC. 

How do I protect myself from email scams?

To help protect yourself:

  • keep your anti-virus software up to date
  • be wary of emails that don't address you by name or misspell your details and have unknown attachments
  • don't click any links on a suspicious email

It is also highly advised to check your registration renewal date; ASIC will only issue a renewal notice 30 days before your renewal date. Be sure to search your business name on the ASIC register - if it's outside of your usual renewal time frame it's most likely a scam.

How do I notify ASIC of a potential scam?

If you would like to notify ASIC of a potential scam email, you can forward the entire email to ReportASICEmailFraud@asic.gov.au

To ensure your systems are well protected, get it touch with the Advance team today. We're always looking out for you!

Is Your Disaster Recovery Up To Date?

yosh-ginsu-146166-1.jpg

What should I do with my old hardware?

An all too common trend in the IT industry is to give ex-production hardware a new lease of life running the disaster recovery site. Tight budgets often restrict capital expenditure to areas where real value is visible, and the impacts and results are noticed throughout the organisation. 

These initial savings can be quickly forgotten when an unplanned incident forces the switch over to your disaster recover site. Previous testing may have been successful on the DR equipment during your routine maintenance and test restores, but when a major incident occurs, are you confident that your DR is up to the task?

These are the questions you should ask yourself:

Will the dated hardware run our complete production workload?

How big is the impact on our users?

How long can we operate utilising the DR site before losing business?

How big is the impact on our customers?

It is not unusual for companies to consider that having high-end hardware offsite, doing nothing 98% of the time to be a waste of resources…

The key is to justify the initial expense, leveraging the DR site to provide an additional return on investment. An effective strategy is to live boot a complete clone of the production environment on a separate virtual segment, presenting a fast and accurate test development system.

Utilising Veeam combined with HPE Nimble Secondary Flash Array technology and your favourite hypervisor, you achieve a fast, production ready DR solution. Accompanied with the additional benefit of a fully functional test or development system at your fingertips that can be spun up in minutes.

If you want to learn more about disaster recovery solutions, please contact the team at Advance today.

Minimising a Ransomware Attack

markus-spiske-153537.jpg

What is Ransomware?

Ransomware is a piece of software that has been installed or downloaded to a computer, that once activated it will block access to that computer system until a sum of money has been paid. Typically, the sum of money demanded is not a large amount compared to the cost of time and effort it might take to restore or otherwise resurrect the files.

For example, your work computer containing important documents has been held ‘hostage’ and you are required to pay USD$500 to regain access to your files – when calculating the time and effort required to restore the computer back to the original state, even with good backups, you are likely to exceed that figure.

Two well-known ransomware threats that have received considerable press coverage recently for their widespread nature are the WannaCry and Petya attacks. These aren’t the only Ransomware threats out there, there are hundreds and they won’t stop circulating.

How do I minimise my risk of getting ransomware or having to pay for my files to be decrypted?

This is truly a case of being vigilant and taking precautions so as not to be caught out and taken advantage of by a Ransomware attacker.

On your computer

Make sure important data is not only stored on the computer! Backing up important files to an external hard drive (not attached permanently to the computer) is a good idea. It is important to note that cloud backups with an automatic sync (such as DropBox, Google Drive, OneDrive etc) may also be infected due to the infected files syncing. It poses the question; do you always need to have these turned on by default?

imgix-391808.jpg

Ensure that your operating system and antivirus is up to date (including latest security updates and virus definitions) and that you use some form of ad-block to avoid the threat of malicious ads. To go even further, refrain from using an administrative account on your computer and disable macros in Office products by default.

Keep your browsers updated and remove outdated plugins and add-ons from your browsers. Remove Adobe Flash, Adobe Reader, Java and Silverlight from your browser plugins - if they are needed then set the browser to prompt for activation when these plugins are required to run.

General Behaviour

Learn the typical signs of a spam message and don’t open any suspected spam message from an unknown sender.

Be very cautious of any attachment within an email that you are not expecting. Sometimes a contact could be caught out and a virus distributed from their email account, which may look totally innocent. If in doubt you can ask the user whether they intentionally sent the attachment to you, over the phone or IM.

Be extra cautious of all links in emails, as links can be made to look valid but take you to malicious sites instead.

Conclusion

The best form of protection against a virus or ransomware is prevention. By changing your mindset around emails, links, attachments and computer updates you can drastically increase your chances of avoiding these threats. Stay vigilant!

For more information on minimising a ransomware attack in your business, speak to a member of the Advance team today!

Security Considerations When Employees Leave

jonathan-velasquez-3840182028129.jpg

With an increase in the use of external websites which store data, personal mobile devices being used for work and the rising trend of employees performing their duties outside the traditional workplace model – you need to ask yourself, are you doing enough to ensure the security and confidentiality of yours and your customer’s information?

jason-blackeye-198848.jpg

When an employee leaves a business, it is imperative that a process is followed to de-provision access to systems they may have used. Here a problem arises – it is likely that the Company has not kept sufficient records of what information the now ex-employee could access, and as such will likely miss one or more areas that the employee can access.

As an example, have a look at some access rights that an employee may begin with and gain over their tenure with your business:


  • Internet Access
  • Internal WiFi Access
  • Domain Access
  • Security/Alarm access codes
  • Website Passwords
  • Social Media Passwords
  • Credit Card Details
  • Car Keys
  • WiFi access
  • Stored login information on personal devices
  • Cloud Account login information
  • USB backups held offsite by that employee
  • VPN Details to connect to the internal server
  • Knowledge of other employee’s usernames and passwords


More information given in confidence to an employee results in more work that needs to be done to remove that employee, leaving the whole termination process liable to human error. It is vital to ensure that employee access to systems and data is de-provisioned completely and on-time to protect your business.

Simple Steps: Begin with provisioning and recording

Once a decision has been made to hire an employee for a certain role; access rights, hardware requirements and external access should be determined prior to their start date. This information needs to be recorded consistently, and an approval process needs to be in place for any security related process or device.

Using a hardware or software solution, you should enable enough security to prevent users from using their own file sync solutions (e.g DropBox, Box etc). The same applies with USB devices, implement hardware or software restrictions to ensure that USB’s can only be used with the right approval.

If users have private work information or data on a mobile phone, implement a device management system that supports the remote wiping of data on mobile devices – this includes tablets. An extra measure would be to encrypt laptops and hard drives to ensure that no sensitive information is lost when a device is lost or misplaced.

Simple Steps: Employee leaving

Once an end-date has been determined for an employee, they should be put into a process to have their rights and access removed – starting with a review of your documentation on their current access. Once their end date is reached, the removal should begin almost as soon as they are out the door.

Retrieve any hardware and mobile devices that belong to the business, change passwords for accounts that didn’t have unique logins for each user (e.g social media), remove the users security access to the building (change the pin code if necessary) and if the office WiFi uses a single password, have this changed. If the employee had a credit card, ensure it is cancelled completely and they are removed from the account.

Simple Steps full stop

To reduce the impact of an employee’s departure, it is beneficial to implement policies and access methods that reduce the need for hands-on changes which can affect other staff (password reset’s, access code changes, etc)

Our tips:

  • Ensure that each user has their own personal login where possible, including domain access, systems that are used and websites.
  • Ensure that important financial information is never given out to employees. If they do have a credit card, it should be on the business account but under their details, with its own limit.
  • Limit access to USB ports and other ports that can transfer information, ensuring that employees do not have installation rights.
  • All employees to understand the importance of not sharing usernames and passwords
  • Rather than using a WiFi password to authenticate wireless users, this should be done by MAC address with approval, keeping record of who devices belong to.
  • Do not give any employee access to social media sites. This should be controlled by one person only and when that person leaves then all passwords should be changed immediately.

rawpixel-com-310778 (1).jpg

What can’t be helped

Even with the best security and processes in place, there will always be ways that your security could be compromised. However, with effective internal processes, good documentation, follow ups and reviews of your procedures you can drastically minimise the effect of an employee leaving.

Why not start looking at your systems now?

For more information on strengthening your IT security please contact us.