Returning Office Workers Targeted by Phishing Scam

A new phishing campaign has been discovered that targets remote workers who will soon be going back to their place of work. The campaign emails claims to include information on coronavirus training. The campaign is one of the most genuine-looking phishing scams seen in recent weeks, as it is plausible that before returning to the office after lockdown would involve some changes to workplace procedures to ensure workers are safe.

This campaign focuses on Microsoft Office 365 users and tries to steal users’ Office 365 credentials under the guise of a request to register for COVID-19 training.  The emails include the Office 365 logo and are rprecise and to the point.

They state: “COVID-19 Training for Employees: A Certificate For Healthy Workspaces (Register) to participate in Covid-19 Office Training for Employees.”

The message includes a button to use to register, and the emails claim to be “powered by Microsoft Office 365 health safety measures.”

Visiting the link will direct the user to a malicious website where they are asked to enter their Office 365 credentials.

This campaign, like many others to have been seen over the past few weeks, closely follow world events. At the start of the pandemic, when there was little data available about COVID-19, phishers were offering new information about COVID-19 and the Novel Coronavirus. As more countries were impacted and cases were increasing, incorporation was being offered about local cases in the area. Now that most countries have passed the peak of infections and lockdowns have helped to bring the virus under control, tactics have been amended once again.

Campaigns have been discovered in the United Kingdom related to the new Track and Trace system being used by the NHS to help control infections warning users that they need to buy a COVID-19 test. Another campaign targeted parents who are suffering from financial difficulties due to COVID-19, asking for bank account information to allow them to receive a support payment from the government. Messages have also been seen about Free school dinners over the summer, now that the UK government has said that it will be supplying support to parents.

There have been many campaigns that have taken advantage of the popularity of the Black Lives Matter movement in their aftermath of the death of George Floyd. This campaign asked recipients of the email to register their opinions about Black Lives Matter and submit a review, with the campaign used to deliver the TrickBot Trojan.

What these phishing campaigns clearly show is the fluid nature of phishing campaigns, that are regularly changed to reflect global events to maximize the chance of the emails being opened. They show that users must to remain on their guard and be alert to the threat from phishing and always take time to consider the legitimacy of any request and to conduct a series of checks to determine whether an email is what it claims to be. This can be tackled through security awareness training, which should be given to employees regularly.

Of course, the best defense is to make sure that these emails are blocked and do not reach inboxes, which is why it is crucial to have layered defenses in place. An advanced spam filtering solution such as SpamTitan is required that uses machine learning and other advanced detection measures to ispotnew phishing scams along with measures to prevdiscover unseen malware variants. As an extra layer of protection, you should consider implementing a web filtering solution such as WebTitan that supplies time-of-click protection to block the web-based component of phishing attacks and stop drive-by malware installations. In tandem with security awareness training, these solutions will help you to mount a strong defense against phishing attacks.

MVP GrowthFest: A Virtual MSP Event Featuring Magic Johnson and TitanHQ

The worldwide COVID-19 pandemic has forced businesses to make huge changes very quickly. Many managed service providers have shown resilience and met the challenge head on, showing that while we are now living in very uncertain times there are opportunities for expansion.

Efficient MSPs have not only adapted their business to ensure their survival, they have identified the opportunities and are gaining considerable growth momentum and have shown it is possible to prosper in spite of an very challenging economy.

At MVP GrowthFest on June 23, 2020 you will be able to discover how successful MSPs are turning adversity into growth and profit and will learn from an all-star line up of Channel experts in relation to the state of the Channel and what you must do to adapt to these challenging times. You will also be given guidance on the steps you can take now to ensure success and grow your business and prosper.

MVP GrowthFest is a 3-hour virtual event that will supply valuable insights and advice that can be used immediately to help you expand your business. The event is being headlined by a conversation with Earvin “Magic” Johnson Jr., the 3-time NBA MVP Award winner.

Matt Solomon, VP of Business Development at ID Agent, will be chatting to Magic Johnson, who will explain how he succeeded by overcoming obstacles during his lifetime, and how tenacity and commitment to the community were key to his success.

MVP GrowthFest will be celebrating the energy that powers growth and the drive to thrive during challenging times and, along with the interview, MSPs will hear from 15 Channel all-stars in four powerhouse panels.

TitanHQ is happy to announce that Sales Director Conor Madden will be leading the panel in the security session titled “Leading with Security through Education.” The key to selling products in your security stack is to inform your clients about the need for cybersecurity. Given the fact that cyber actors have been attacking companies with increased vigor during the pandemic, positioning your security stack front and central is the sensible step.

TitanHQ can provide web and email security solutions that will not only keep you and your clients safe, they can be efficiently set up in your security stack and can be easily packaged. Plus, a very competitive price point means they are affordable solutions for your clients and generous margins will help you improve your bottom line.

Also attending the security powerhouse are:

  • Jon Murchison – CEO, BlackPoint Cyber
  • Kevin Lancaster – CEO, ID Agent & GM Security, Kaseya
  • Jessvin Thomas – President & CTO, SKOUT

Attendees will also get to hear from Channel leaders in three additional Powerhouse sessions that will provide invaluable advice on how to grow your business and boost profits during the current crisis.

Managing Through Change

Featuring:

  • Dan Wensley – CEO, Warranty Master
  • Joe Alapat – CEO & Founder, Liongard
  • Ryan Walsh – Chief Channel Officer, Pax8

Establishing Trust in the New Normal

Featuring:

  • Dave Goldie – Vice President of Channel, Cytracom
  • Ted Roller – Channel Chief, ConnectBooster
  • Andra Hedden – CMO, Marketopia
  • Frank DeBenedetto – Founder, AudIT

Leading & Accelerating through the Recovery

Featuring:

  • Tim Conkle – Founder, The 20
  • Dennis O’Connell – Vice President, Taylor Business Group
  • Ted Roller – Channel Chief, Zomentum

Advance registration is mandatory.

 Click Here to Book Your Virtual Place at MVP GrowthFest

Remote Workers Should Enhance Cybersecurity Now

As remote-working employees are being targeted by hackers the time has never been better for the enhancement of home-working cybersecurity measures.

The threat faced by companies that have quickly moved to a largely at-home workforce should not be underestimated. When most people are working in an office, within the protection of the corporate firewall, IT departments could keep hackers at bay. Any staff that were authorized to work from home could be given a laptop that had security protections appropriate for the heightened level of risk.

Moving the complete workforce from the office to attics, basements, kitchens, and spare rooms in a very short space of time has meant shortcuts need to be implemented. Many SMBs have had to shift quickly and have not had enough time to provide additional training to their at-home workers. The laptop computers now being used by their employees have had to be supplied quickly and they lack the security measures are working. Some companies are even allowing personal computers to be used out of necessity. Hackers have been rubbing their hands with glee at the new targets and the ease at which they can attack companies.

Lockdowns are now being removed and people are being encouraged to go back to work, but additional increases in cases are likely as a result and with social distancing in the office problematic for many companies, many employees will still need to work from home. To minimize the risk of those employees falling for a phishing scam or inadvertently installing malware or ransomware, additional cybersecurity measures should be put in place.

You will more than likely have an email security solution to prevent the most common attack vector, but extra layers of security will greatly enhance your security posture, one of the most important of which is a web filtering solution. A web filter stops your staff from visiting malicious websites, such as those used for phishing or malware distribution. When an effort is made to view a malicious website – through a link in a phishing email, a web redirect, or general web browsing – instead of being allowed to view the website, employees will be directed to a local block page that explains the site cannot be viewed as it breached your internet usage policies.

A web filter can also be used to stop staff from using their work laptop for personal use by blocking websites by category, and as a measure to tackle shadow IT and stop unauthorized software downloads.

WebTitan Cloud will permit you to enhance cybersecurity for remote workers without requiring any software installations and can be set up and protecting your office staff and remote workers quickly.

Fake Supreme Court Summons to Obtain Office 365 Credentials Used in Phishing Campaign

A U.S. Supreme Court phishing campaign has been discovered that sends a fake subpoena to appear in court as a lure to obtain Office 365 details.

The emails are customized and are addressed to the victim and claim to be a writ issued by the Supreme Court demanding the recipient attend a hearing. This is a targeted campaign and not a scattergun approach that attempts to obtain the credentials of high value targets such as C-Suite users.

The emails have a link that the recipient is asked to visit to view the subpoena. Clicking the link in the email directs the user to a malicious website where they are asked to enter their Office 365 credentials to view the subpoena.

The domain used has not been seen before and, as such, it is not recognized as malicious by many security solutions, including the default anti-phishing measures of Office 365. The scammers have also deployed  multiple redirects to hide the destination URL in another attempt to thwart anti-phishing defenses.

Before the user being directed to the phishing page, they are shown a CAPTCHA page. CAPTCHA is used to prevent web visits by bots, but in this instance, it may be used to add legitimacy to the phish to make the request appear authentic. The CAPTCHA page is real, and the user must properly select the images in order to proceed. The page also includes the name of the user, further adding a more genuine feel to the scam. The CAPTCHA may also be a additional attempt to make it difficult for the destination URL to be reviewed by security solutions.

This phishing campaign is realistic and uses urgency to trick the user to take action quickly, rather than stopping to think about the request. There are indications that this is a scam, such as the domain name which clearly has nothing to do with the U.S. Supreme Court, and a few grammatical and spelling errors which would not be expected of any Supreme Court request.

However, the sender name in the email was spoofed to make it look like it was sent by the “Supreme Court”, the request is certain to trick some recipients into clicking the link, and the landing page is sufficiently realistic to fool busy employees into sharing their login credentials.

Exchange Online protection (EOP), which is supplied by Microsoft free of charge with all Office 365 accounts, often fails to spot these zero-day attacks.

To enhance protection against new phishing campaigns, an anti-spam solution is required that uses predictive techniques, threat intelligence feeds, and machine learning algorithms. SpamTitan leverages these and several other layers of protection to identify zero-day phishing, malware, and ransomware campaigns and email impersonation campaigns.

SpamTitan can be placed on top of Microsoft’s Exchange Online Protection to serve as an extra layer to your email security defenses to ensure that more malicious emails are prevented and never land in end users inboxes.

For additional information on SpamTitan and how the solution can keep your group’s inboxes free from phishing threats, give the TitanHQ team a call as soon as you can.

Benefits of a Third-Party Email Archiving Solution for Office 365

There are several reasons why a third-party email archiving solution for Office 365 is a wiser choice that using the email archiving function provided by Microsoft. Microsoft Office 365 is a superb productivity suite that combines many useful software programs into one convenient package, but one issue that is often raised is the email archiving options provided are somewhat basic. Email archiving is available, but the features and capabilities of that service fall well below third-party email archiving solutions.

Email archiving is a legal requirement and essential for modern businesses. Email is part of the corporate record and messages must be retained and produced during compliance audits, when there are legal disputes as part of eDiscovery requests, and to help resolve HR issues. The failure to provide emails can prove very costly. Regulatory fines have been issued in cases where important emails have not been retained and legal disputes can be easily lost if an accurate email record is not maintained.

Email archiving is not just a checkbox item than must be implemented for compliance. The email archive will need to be accessed and used, which is where the more comprehensive features of a third-party email archiving solution are required.

Searching for emails in an Office 365 email archive can be a pain. The search function is OK, but the search mechanism is nowhere near as efficient as third-party email archiving solutions such as ArcTitan. One of the main benefits of an email archive is the ability to rapidly search and retrieve emails, so search efficiency is important. The default search limit is 250 results with Office 365, which doesn’t lend itself to large scale searching.

Emails often do not contain the information you need in the message body or headers. Data is often stored in email attachments, and this is an area where Office 365 email archiving comes up short. The advanced search functionality of third-party solutions can greatly reduce the time and effort required to find the emails you need. If you need to find data in email attachments, Microsoft will only search in around 50 attachment types and there are many other types of attachments that may contain the data you need.

There are also issues with licensing. With Office 365, licenses are paid per mailbox so when a user leaves the company you need to maintain the mailbox and its associated archive, which is tied to the life of the mailbox. That means continuing to pay for that user and purchasing an additional license for the replacement employee. Over time, that means the cost of the solution can mount significantly, even if your total number of employees remains the same. If like many businesses you need to retain emails for 7 years, during that time a lot of staff may leave the company. Over time the cost of Office 365 archiving is likely to be far higher than you would pay with a third-party solution.

Importing legacy emails into Office 365 archives can be a pain and long-winded process and exporting files from the archive can also be problematic. Third-party solutions such as ArcTitan allow you to import legacy emails rapidly export email data in a wide variety of formats. If ever you decide to change email archiving provider, with ArcTitan this is simple.

ArcTitan supports comprehensive policy-based archiving, including message and attachment de-duplication for faster search and retrieval. You get customizable retention periods and policies for users, email content, and attachments, and lightening fast search and retrieval, with searches that can interrogate up to 30 million emails a second.

Office 365 is a great email solution, but there are disadvantages that are not found in solutions such as ArcTitan. It is a far better choice to opt for an archiving solution that has been developed by a company that specializes in email archiving, such as TitanHQ. You will get a much more comprehensive range of features that will save you time, effort, and money.

To find out more about ArcTitan, to discover how easy the solution is to configure and use and how much you can save over other solutions, give the TitanHQ team a call today. The team will be happy to schedule a product demonstration to show you the key benefits of the solution.

Benefits of an Email Archiving Service

In this post we will explain some of the important benefits of an email archiving service. If you are not currently archiving your email, we will explain how a small investment can actually save you a lot of money in the long run.

One of the most important reasons for setting up an email archive is to reduce the cost of long-term email storage. By sending a copy of your emails to an archive, you can significantly reduce mail server management costs. Businesses that use ArcTitan for email storage typically save up to 75% in email storage space, they eliminate the need for mailbox limits and significantly improve the performance of their mail servers. All emails sent and received by employees are automatically sent to the archive which means emails will never be lost or accidentally deleted.

All businesses need to comply with regulations concerning data storage and an email archive will helps to ensure compliance. Even if you are not in a regulated industry, it is still important to retain emails for legal purposes. An email archive is a tamperproof repository for all emails. In the event of a regulatory audit, eDiscovery request, or a customer dispute, you will be able to quickly find all relevant emails. It has been estimated that around 80% of U.S. companies are currently engaged in legal action. Email is part of the corporate record and emails must be produced in the event of legal action. You will also need to recover emails in any HR disputes. Email backups serve their purpose, but an email archive will ensure that all email can be recovered if disaster strikes, without any fear of data corruption.

One of the most important benefits of an email archiving service is fast message retrieval. If you need to recover emails from a backup, it could take days or even weeks to find the messages you need, as backups are not searchable. All emails sent to an archive are indexed, which means the archive can be searched and emails can be found and recovered in seconds, regardless of how many emails are in the archive and how long ago a message was sent.

With emails stored in a cloud archive, you will always have access to emails no matter where you are located. You can simply login to your archive using a web-based interface that can be accessed on any internet enabled device.

Creating an Email Archiving Policy

When you are creating your email archiving policy, there are two main approaches to take. The first is to set your policy for what types of emails need to be sent to the archive and then to leave it to your employees to follow that policy and archive all emails that need to be stored. The other option is to automate the process. While the first option will reduce the amount of storage space you need, it is a risky strategy. If an email that must be retained is not sent to the archive, the mistake could prove very costly if you are audited or receive an eDiscovery request and you cannot produce the email. The Financial Industry Regulatory Authority (FINRA) fined Scottrade $2.6 million in 2015 for failing to retain certain categories of outgoing emails.

The best approach to take is to set an email archiving policy and to automate the process. This will ensure that come what may, you will always be able to recover emails on demand. This option will require more storage space, but with ArcTitan, space is kept to a minimum. ArcTitan uses deduplication, which involves only storing one copy of a message. If you send an email to a distribution group internally, there is no need to store every copy of that message. ArcTitan will only store one copy of every unique message and all messages are compressed to further reduce storage space.

Whenever an email needs to be retrieved, ArcTitan performs lightning fast searches, and even allows you to quickly search inside common attachment types. Your employees can even access their archived emails through their mail client – Outlook for instance – which means they will not need to trouble your IT department when they accidentally delete an email from their inbox. A search can be performed, and the email can be retrieved instantly on demand.

Discover Why so Many Businesses are Using ArcTitan

TitanHQ has developed ArcTitan to make archiving emails an effortless process. ArcTitan works seamlessly with almost all corporate mail systems and ensures that all emails are stored securely in the cloud where they can be accessed on demand in seconds.

ArcTitan supports comprehensive policy-based archiving to ensure that you only store the emails that must be retained, and policies can be set to ensure that emails are securely deleted automatically at the end of the email retention period. ArcTitan gives you maximum flexibility and control, world class security, enterprise-grade resilience, and lightning fast retrieval of messages when you need them. Users benefit from an intuitive user interface and a significant range of features that are not present in the archiving offerings in Exchange and Office 365.

To find out more about ArcTitan call TitanHQ and to schedule a product demonstration, give the TitanHQ team a call today and find out the difference ArcTitan can make to your business.