How to Avoid Email Attacks

Email attacks, such as phishing, ransomware, and spoofing, pose significant cybersecurity threats. To protect yourself and your organization from these attacks, it’s essential to implement proactive strategies and follow best practices:

Recognizing Email Attack Red Flags

Recognizing the red flags of email attacks is crucial to staying safe from cyber threats. Many email attacks rely on deception, and being vigilant can help you avoid falling victim to them. Here are common signs that an email may be part of an attack:

  • Generic Greetings: Legitimate organizations typically address you by your name in emails. Be cautious of emails that use generic greetings like “Dear Customer” or “Dear User.”
  • Urgent Language: Cybercriminals often use urgency to pressure recipients. If an email insists on immediate action, such as claiming your account will be suspended unless you act quickly, it’s a red flag.
  • Mismatched URLs: Hover your mouse pointer over any links in the email without clicking. If the URL doesn’t match the organization’s official website or looks suspicious, it’s likely a phishing attempt.

Phishing Awareness Training

Phishing awareness training is a critical component of email security. It involves educating individuals and employees about the risks associated with phishing attacks and providing them with the knowledge and tools to recognize and avoid falling victim to these scams. Here are key aspects of phishing awareness training:

  • Phishing Basics: Start by explaining what phishing is and how it works. Describe how cybercriminals use deceptive emails to trick individuals into revealing sensitive information, clicking on malicious links, or downloading malware.
  • Multi-Factor Authentication (MFA): Promote the use of multi-factor authentication (MFA) as an added layer of security for email accounts. Explain how MFA can thwart phishing attempts by requiring an additional verification step.
  • Phishing Reporting Tools: Provide employees with tools or software that allow them to easily report suspicious emails. These tools can help organizations collect data on phishing attempts and improve security measures.
  • Secure Password Practices: Incorporate training on secure password practices, as strong and unique passwords can prevent unauthorized access to accounts even if phishing attempts are made.

Spear phishing

Malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Spear phishing attempts are not typically initiated by random hackers, but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information.

  • Cybersecurity Training and Awareness: Spearhead cybersecurity training programs within your organization. Ensure that employees are educated about email attack risks, red flags, and safe email practices.
  • Multi-Layered Security Measures: Advocate for the implementation of multi-layered email security measures, including advanced threat detection, email filtering, and anti-phishing tools.
  • Vendor Due Diligence: Take a lead role in vetting and assessing email security vendors and services. Ensure that vendors meet the highest security standards.
  • Incident Response Planning: Spearhead the development of an incident response plan specific to email attacks. Ensure that your organization is prepared to respond effectively if an attack occurs.

Bad Email Links

Bad email links are a common vehicle for email attacks, including phishing and malware distribution. To protect yourself from these threats, here’s what you can do:

  • Hover Before You Click: Always hover your mouse pointer over a link in an email without clicking. This action reveals the actual URL destination in the status bar or as a tooltip. Verify that the displayed URL matches the expected destination. If it looks suspicious or unfamiliar, do not click.
  • Examine the URL Carefully: Scrutinize the entire URL, especially the domain name. Cybercriminals often use deceptive domain names or slight misspellings to mimic legitimate websites. Be cautious of URLs with extra characters or unusual extensions.
  • Avoid Clicking on Unsolicited Links: If you receive an unsolicited email with a link, especially if it’s from an unknown source, refrain from clicking. Delete the email or report it as spam.
  • Implement Security Software: Install and regularly update security software, including antivirus and anti-malware programs. These tools can detect and block malicious links.
  • Keep Software Updated: Ensure that your email client, web browser, and operating system are regularly updated. Updates often include security patches that protect against known vulnerabilities.

Internal Maintenance Schedule 

Dear Valued Client, 
 
 We would like to inform you that from June 28th to July 10th, Yottability will be undertaking a comprehensive process to enhance and update the services we offer to our esteemed customers. As a result, we will NOT be scheduling any appointments during this period. Additionally, please anticipate a potential increase in the response time for customer support tickets, which may take up to 4 hours, and ticket resolution time, which may require 24-48 hours. These delays are due to our dedicated technicians who will be actively facilitating the upgrade process. Our goal is to ensure that we can provide you with the latest upgrades and services, thereby delivering the best possible experience to our valued customers. 
 
Should you need to reach us during this time, we kindly request that you continue to communicate with our Support Team via email at support@yottability.com, as this remains the most efficient means of contacting our team. 
 

Furthermore, please be advised that our office will be closed on July 3rd and 4th in observance of the July 4th, Independence Day Holiday. During this period, service tickets will not be attended to unless you have a 24/7 support agreement with us. 
 
We sincerely apologize for any inconvenience caused by these temporary adjustments to our services. Thank you for your understanding and continued support. 
 
Please forward the Announcement to your appropriate Colleagues and/or Team Members so they are also aware of our upcoming schedule. As this Announcement is only being sent to the account holder and/or billing contact we have on file.
 
Best regards, 
Yottability Team

The Power of Microsoft’s Ecosystem Managed by Yottability

The Microsoft ecosystem

  • Microsoft 365 offers businesses seamless integration with other Microsoft products such as Outlook, SharePoint, and Teams.
  • The platform also boasts advanced security and compliance features like data loss prevention and multi-factor authentication.
  • Yottability’s Managed Microsoft 365 service leverages the power of Microsoft’s ecosystem to provide a comprehensive solution for businesses.
  • Microsoft’s ecosystem is a collection of products, services, and technologies, including popular products like Windows, Office, and Azure.
  • It is a cloud-based business applications platform that combines components of Customer Relationship Management (CRM), Enterprise Resource Planning (ERP), productivity applications, and Artificial Intelligence (AI).
  • This ecosystem comprises five distinct pillars within the Microsoft stack, providing a versatile foundation for businesses.

Industry Standard for Business

  • A Managed Microsoft 365 platform delivers deeper integration with other Microsoft products and services like Azure Active Directory, Power BI, and SharePoint.
  • This integration facilitates improved collaboration and data sharing across organizations. Microsoft 365 also has a strong focus on security and compliance, offering built-in tools and features such as multi-factor authentication, conditional access, and data loss prevention to help businesses meet regulatory requirements and protect sensitive data.

Azure Active Directory

  • Azure Active Directory (AD) is a cloud-based identity and access management service. It allows employees to access external resources, such as Microsoft 365, the Azure portal, and thousands of SaaS applications with a single account.
  • Azure AD enables Single Sign-On (SSO), Multi-Factor Authentication (MFA), and centralized Identity Management, simplifying access control and reducing the number of passwords users need to remember.

SharePoint and OneDrive

  • OneDrive and SharePoint are cloud-based file storage and collaboration platforms that are part of the Microsoft 365 suite of tools. Both platforms offer features such as file storage, collaboration, integration with other Microsoft 365 applications, robust security features, scalability, and accessibility from anywhere.
  • These benefits can help organizations increase productivity, improve communication, and streamline operations.

Microsoft Teams

  • Microsoft Teams is a collaboration and communication platform that is part of the Microsoft 365 suite of tools.
  •  It offers real-time collaboration through features like chat, video conferencing, and file sharing, accessible from any device with an internet connection.
  • Teams can be used by companies of any size, helping to increase productivity and improve communication among team members, regardless of their location.

Outlook

  • Outlook serves as a hub for effective communication at work, providing integration across email, calendar, and contacts.
  • It offers features like scheduling meeting rooms, sharing and delegating calendars, and offline access to email.
  • Outlook’s consistent user experience minimizes the need for training and allows users to focus on their tasks.

Disaster Recovery


Back up in the cloud – “Disaster recovery”

  • Disaster recovery involves a set of policies this ensures that the organization’s executives understand the need for written disaster recovery and business continuity plans.
  • Disaster recovery refers to the plan and processes for quickly reestablishing access to applications, data, and IT resources after an outage.
  • Backups are an essential part of any IT job. Why? Because when a backup is done correctly (and performed regularly), recovering from a disaster is less of a nightmare and more of an inconvenience.
  • Disaster can be avoided simply by adequately managing your backups.
  • There is no need for onsite hardware or capital expenses. Cloud services are well-suited to smaller companies that may outgrow onsite storage too quickly. Companies are not as dependent on uptime and instant recovery.

Cyber Security

  • The reality you must come to terms with is that your computer network is under attack right now. To make matters worse, regardless of what steps you have taken to block those attacks, at some point, an individual or individuals with malicious criminal intent will overcome your best efforts, breach your security, enter your network, and put your data at risk.
  • With the right level of security, you can stop hackers in their tracks. With each year, network and system security become more of a challenge.
  • Yottability uses common methods for ensuring cybersecurity, by utilizing “anti” products, applying patches and updates, and employing physical security methods.


VOIP Services

  • VoIP phones allow you to have your business line attached to your mobile phone and computer applications and create call flows for customers. This can be great if you are starting your business and do not have the workforce to speak to many customers at once.
  • This is also one of the most Powerful Virtual Phone Systems on the internet. It Reduces Costs, Improves Time Management, and Increases Productivity.
  • Savings with Remote Work: Switching to VoIP lets employees stay connected to the corporate phone system while working remotely. We have VoIP phone features like call waiting, auto-attendant, instant video calling, conference calling, and others not provided by traditional phones.
  • VoIP services convert your voice into a digital signal that travels over the Internet. If you are calling a regular phone number, the signal is converted to a regular telephone signal before it reaches the destination.

Manage Microsoft 365 Services

  • Microsoft 365 subscribers have built-in save protection called AutoSave. This feature automatically saves Excel, Word, and PowerPoint files every few seconds while you’re working.
  • Microsoft 365 saves a copy of your files to OneDrive by default. Although some users opt to turn OneDrive off, we encourage you to leave it on because it enables AutoSave and Version History. This blog will review several built-in features that will help you protect and recover files.
  • The purpose of the Microsoft 365 Recovery Policy is to define proper practices for using Microsoft 365 applications, sites, and services when accessing, connecting to, or interacting with organization systems, services, Teams sites, SharePoint portals, messaging, conferences, files, and data.
  • Microsoft Teams is the best messaging app for your business it’s a place where you can collaborate and communicate in real-time, hold meetings, share files and apps, and even send the odd emoji! Everything is centralized, visible, and open to all.
  • Microsoft SharePoint is a website creation tool used by businesses. It serves as a safe location where you may store, arrange, share, and access data from any device using a web browser, such as Microsoft Edge, Internet Explorer, Chrome, or Firefox.

Security Cameras

  • Security cameras allow you to monitor unusual behavior in and around your work environment.
  • Also, placing security cameras around your business helps prevent theft and intrusions. When installed in the right places, they deter people from breaking in.
  • Video cameras can also help you sell more products from your retail store. How? They make it easy to track customer traffic patterns throughout your business. This allows you to move inventory and adjust stocking to take full advantage of natural high-traffic areas.
  • Smaller organizations are more vulnerable to employee theft. This is because often, there are fewer safeguards in place and security cameras can reduced theft within the workplace.

Let’s define Augmented Reality and Virtual Reality

Augmented reality is an advanced version of reality that uses technology to provide digital information with an image of something. Virtual reality is a technology that creates a simulated environment with the aid of computer technology that offers a realistic user interface.


Augmented reality and Virtual reality

The terms augmented reality (AR) and virtual reality (VR) are commonplace in technology. If you work in the field, you probably already know the key differences between the two but for the everyday person, the differences aren’t so obvious.

Choosing whether AR or VR is better depends on the application. In some situations, AR is a much better choice. For others, VR is more appropriate. They both enhance or change reality in one way or another but with VR, these changes are a lot more drastic.

For example, Augmented Reality (AR) & Virtual Reality (VR) in the Healthcare industry for a Leading company is an intelligent process of gathering and analyzing the numerical data related to services and products. This Augmented Reality (AR) & Virtual Reality (VR) in Healthcare Research Give ideas to your targeted customer’s understanding, needs, and wants.
An example of AR may be an advanced operation that allows the doctor to see real life while overlaying tools and applications to make tasks and operations more accurate and efficient.
An example of VR may completely virtual environment where the surgeon can practice tasks or even techniques for future surgeries.


What are the use cases for augmented reality vs virtual reality?

  • Education Help students understand abstract concepts in the learning and teaching process it provides environments where students can share information within the group.
  • Retail Stores — Appliances, Furniture, & Other Tangible Products; customers click on a product and instantly see it overlaid wherever they point their mobile device. That means customers can see how appliances and furniture look in their homes.
  • Fashion – Simulates in-person shopping experiences online by allowing customers to see how a product might look on them. Some people call this virtual fitting room technology.

Virtual Reality

  • Automotive industry — Virtual reality technology can become a sales-boosting mechanism for car manufacturers and dealers. They have the opportunity to raise online sales via virtual showrooms, where potential customers will inspect 3D cars’ exterior and interior and have a test drive – all without leaving their homes.
  • Healthcare — is a powerful diagnostic tool, which helps doctors and physicians to carry out accurate diagnoses. This is done in combination with other methods, such as MRI/CT scans, and eliminates the need for any kind of invasive techniques, making it a pain-free experience for the patient.
  • Retail to show that they are open to customers and want them to feel their culture and identity. By using the technology, brands can interact with customers and allow them to visit the store’s virtual settings without stepping outside their apartment.

Email Safety and Best Practices

             
It’s important that your personal information remains secure and safe and that you aren’t open to viruses or hackers. Here are some safety tips when using email: Change your password regularly and keep it in a safe place. Don’t share your password with anyone. Don’t open attachments from anyone you don’t know.



Two-Factor authentication  

  1. Twofactor authentication (2FA) is a security system that requires two distinct forms of identification to access something.
  2. Two-Factor Authentication (2FA) works by adding a layer of security to your online accounts. It requires an additional log-in credential beyond just the username and password to gain account access and getting that second credential requires access to something that belongs to you.
  3. 2FA is implemented to better protect both a user’s credentials and the resources the user can access.
  4. Two-factor authentication provides a higher level of security than authentication methods that depend on single-factor authentication (SFA), in which the user provides only one factor typically, a password or passcode.


How to avoid phishing emails  

  1. Do not click on suggested links: It’s advised not to click on any link offered through an email or social media messaging, even if you think you know the sender. Some phishing attacks are sophisticated enough to make the destination URL look like a carbon copy of a genuine site to record keystrokes or steal login/credit card information. If you feel it may be a legitimate link, go to the site straight through a search engine as opposed to clicking on the link
  2. Scrutinize the sending email address: One of the easiest ways to detect a scam is to look closely at the email address sending the message.
  3. Educate yourself on what phishing scams look like: If you know the signs, it’s easier to catch fraudulent messages. Staying up to date with this information is especially important if you own a business. Ensure your employees know what to look for.
  4. Scams are increasingly on the rise and typically occur via email, masked phone calls, pop-ups, or social media messaging.

Change password regularly  

  1.  Do not follow a set pattern while setting your password.
  2. It is better to be safe than sorry. Change your password more often than you think necessary. We live in a technology-driven world, and we spend a substantial amount of time on the internet.
  3. Protecting your data starts with securing passwords. Make sure your Passwords should have at least 12 characters that utilize uppercase and lowercase letters, as well as numbers and special symbols.

Email etiquette on how to write a good email

  1.  Make your subject line brief but the clear, busy recipients may skip over an email with a generic subject line in favor of an email with a clear purpose stated in the subject line, or they may delete it as spam.
  2. Avoid being overly familiar. Being overly familiar demonstrates a lack of respect for the recipient, particularly if the email is regarding something professional.
  3. Briefly indicate who you are and how you know the recipient, don’t assume the recipient knows who you are if you’ve never met, or that they remember meeting you if your previous contact has been minimal.

Where’s my company’s data?

             
Companies often implement monitoring systems on work-related devices for security reasons, if your company deals with sensitive material, or especially if you are dealing with what can be named essential data (health records, financial data) you can likely bet your employer needs to know where the companies’ data is. 


Don’t use work-related devices for personal use or storage.  

  1. For the company, and yourself, it is essential for you to only use approved applications and avoid using public Wi-Fi for the company you work for, with a working account and viable password with it.
  2. The company in question has no clue where their data is, or where the customer’s data is.
  3. If a company uses one drive, and a new employee is using their personal dropbox to exchange important information, the company’s information is at high risk of cyber invasion and the loss of vital information.  
  4.  It’s likely that some of the personal applications they use may not be as stringent with their security requirements. 


Platforms like Google Docs, Slack, or similar. 

  1. Since it’s online and not software installed on our computers, it’s easy to think of G Suite, which includes services like Gmail, Google Docs, and Sheets, as private productivity software.
  2. Administrative users like on G Suite Enterprise can look up any phrase to find information on these platforms, just as you can in your own personal account.
  3. Employers can set up audits to be notified of suspicious behavior, with the option of creating custom scripts to retain data.
  4. Although it may be convenient, using the personal information on your work-provided device can put you and your company’s data in harm’s way. To prevent this from happening, it is up to each employee as an individual to only use approved methods of communication and to save information on secure Wi-Fi networks.  


What can be done to protect both you and your company’s data? 

  1. Only use company approved applications, with secure and approved usernames and passwords 
  2. Keep personal information off of your work device.  
  3. Don’t use online platforms such as Gmail, for private information, this can be accessed, even if only saved in drafts.
  4. Always assume your internet traffic is being monitored.
  5. Be careful with working in public with your issued device, use secure Wi-FI.

New Features in Windows 11

              Windows 11, Microsoft’s new operating system (OS), was officially released on October 5, 2021. The rollout of the OS will occur on a rolling basis. New computers with Windows 11 automatically installed are now available for sale. Existing PCs will receive the OS update between October 2021 and mid-2022. The new OS should feel noticeable faster than Windows 10 due to a variety of optimizations and performance improvements. In addition to backend improvements, Windows 11 includes many new features that will affect the interface and how you use your PC. Several of these key new features are described below.

Interface

  1. Snap Layouts – Windows 11 comes with several predefined layouts that will enable you to organize your screen to view and utilize multiple windows/applications at once. No longer will you need to drag and fit two side-by-side windows on your screen, Windows 11 simplifies the process.
  2. Multiple/Virtual Desktops – Microsoft’s new OS enables the use of multiple desktops to better organize your screen and applications. Users are now able to create a second desktop window, and to open up different applications and windows in the second desktop. This will assist in your organization when using many applications or while working on multiple projects.
  3. Design – Windows 11 includes significant updates and improvements to visual design, as compared to Windows 10. The visuals of the OS are more modern, with sharper colors, better spacing, and updated iconography.
  4. Secondary Displays/Monitors – Windows 11 better integrates with external monitors. The OS is able to remember how your windows are arranged between the PC and the monitor. When your computer is reconnected to the monitor, your windows will automatically arrange themselves in the same way they were when the monitor was disconnected.

Integrations

  1. Microsoft Teams – Teams is automatically integrated into Windows 11. The application is saved to the taskbar for easy access. Further, the Teams chat function is also integrated in the taskbar for easy replying without needing to open the app.
  2. Microsoft App Store – Windows 11 brings with it a new and improved Microsoft Store. Users are now able to more easily download applications, as well as media content and games.
  3. Android Apps – An upcoming feature that will be rolled out soon is the ability to use Android apps from the Amazon Appstore directly on your computer. More information is set to be released about this feature, but full integration is expected.

Productivity

  1. Windows 11 includes a variety of features that are designed to help your productivity. These features include (i) Focus Mode in which you are able to set task and timings for yourself, (ii) Improved widget offerings and integrations, and (iii) Increased clarity on battery and usage information.

New and Upcoming Changes from Microsoft

New Features in Microsoft Teams and Office

Microsoft is expanding its feature in Teams and Office to further accommodate workers that are working in a hybrid environment. These features will begin rolling out in September 2021 and will continue to be added through early 2022. A key new feature in Teams will allow for workers that are in the same room doing video conferencing to have individual video panes. In-person workers will no longer need to share a video with the entire conference room, and will instead be able to use their individual cameras in hybrid format teleconferences. An additional upcoming feature will enable presenters to show their videos/face directly on the slides of PowerPoints while presenting. Microsoft continues to add features to accommodate remote and hybrid workers, and more innovations will continue to be added.

Rollout of the New Windows 11 Operating System

Microsoft is set to release the new Windows 11 operating system on October 5, 2021. The rollout will be gradual, with eligible devices receiving the update throughout the remainder of 2021. Windows 11 will feature several new features and upgrades from Windows 10, which was first released 6 years ago. One of these key changes is to the overall look and desktop design. The overall desktop interface and will allow for increased customizable through widgets, virtual desktops, and snap grouping. Further new features include Microsoft Teams integration into the operating system, as well as additional integration with Android device and apps.

Shutting Off of old Outlook Clients from 365 Services

Microsoft has been pushing its customer to switch from its old license based model to a subscription based service for Office and Outlook called 365. On November 1, 2021, the Company will shut off customers using Outlook 2007 and 2010 from using their employer’s 365 services. This will render these older Outlook user’s account unusable without an upgrade. This move is a strong signal that Microsoft is committed to the Office 365 subscription model as the future of the Office platform.

Price Increase of Office/Microsoft 365 Subscriptions

For every remote meeting, establish an agenda so employees know what to expect. This also helps the meeting stay on track.

On March 1, 2022, Microsoft is set to raise the price of the subscription costs for several of its Office 365 plans. The magnitude of the increases depends on the specific plan, but range from 9% to 25% per month. Please find the scheduled increases on the plans below:

  • Microsoft 365 Business Basic, up $1 to $6 per month, per user.
  • Microsoft 365 Business Premium, up $2 to $22 per month, per user.
  • Office 365 E1, up $2 to $10 per month, per user.
  • Office 365 E3, up $3 to $23 per month, per user.
  • Office 365 E5, up $3 to $38 per month, per user.
  • Microsoft 365 E3, up $4 to $36 per month, per user.

Remote Working Tips

How to make the most out of working from home

Remote work is booming now more than ever as people practice social distancing. Here are some ways to improve your remote work experience.

Set up remote telephone access

Having remote access to your company telephones keeps you from having to use your own phone to make business calls. Remote access allows you to make and answer calls using your business’ phone number.

Schedule meetings far in advance

This gives people the time to clear a part of their schedule to attend the meeting and boost overall meeting attendance.

Establish an agenda for every meeting

For every remote meeting, establish an agenda so employees know what to expect. This also helps the meeting stay on track.

Create a “virtual water cooler”

To recreate the experience of being at a water cooler, set up a virtual location where employees can chat casually and de-stress. This can bring some normalcy back into your workflow.

Use Microsoft Teams

Teams, Microsoft’s virtual workspace, allows for video/audio communication, file sharing, screen sharing, and more. Yottability is offering calls through Teams for clients who have a PBX plan.

For more help on improving your remote working experience, contact your Yottability representative.