Tag: download safety

  • Be careful what you download, malware has made it to Google Adwords

    Be careful what you download, malware has made it to Google Adwords

    Downloading applications from trustworthy sources is something that has been drilled into most of us as internet safety 101, and many of us would consider the top link on Google to be a trustworthy source.

    However, hackers are now taking advantage of that and pushing ads that contain their malware disguised as legitimate applications.

    Initially reported on by cybersecurity firm Cyble last month, their report found that a malware called “Rhadamanthys Stealer” is being spread through Google Ads that allegedly lead the user to download Zoom, Notepad++, AnyDesk and more.

    This malware is also being spread the typical way through email when attached to a PDF. It makes it clear that there is no one way to spread malware and that users need to be vigilante when downloading anything – whether that be a typical .exe or email file attachment.

    The goal is usually financial, with the hacker either “ransoming” the users device or merely spying in the background as they collect data they can sell or use to steal financial credentials. The attempts at stealing data may even be multifaceted and include all three.

    So how can you protect yourself? The first is in knowing how it works, Google ads has requirements for posting so these bad actors are placing ads for legitimate looking “front page” sites that mimic what you were looking for, which then immediately redirects you to the one containing malware.

    So one clue would be if the URL drastically changes during your browsing (and paying attention to the URL and knowing the URL you were trying to reach would squash this attempt altogether). In many cases you can confirm a sites true URL through Wikipedia and it’s a good idea to save it if it’s a site you visit regularly.

    Another way to block these is exceedingly simple, just utilize an ad block on your browser. Ad blocks block Google advertisements as well, so your research will be more likely to contain legitimate results. Many ad block extensions will also block popups too.

    Google has also offered their own advice on blocking “malvertising” and have included a way to report illegitimate websites. It goes without saying these sites are in violation of Googles advertising rules, which include rules against auto-redirects.

    As it becomes increasingly harder to avoid malware infections, many offices are scrambling with how to best protect office devices from being unintentionally used as a threat vector. Employee training is still your best protection but as this article illustrates, even tech savvy employees may have a difficult time avoiding all threats.

    That’s where a Valley Techlogic service plan comes in, we offer proactive cybersecurity protection in the following ways:

    Proactive Cybersecurity through Valley Techlogic

    If you would like to learn more, schedule a consult with us today and we’ll go over how we can help your business increase your cyberthreat awareness and protection capabilities.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • 5 of the Most Important Cybersecurity Training Topics to Cover with Your Employees

    5 of the Most Important Cybersecurity Training Topics to Cover with Your Employees

    We’ve discussed cybersecurity training before and its importance in preventing the number 1 cause of cybersecurity disasters – human error.

    We offer cybersecurity training as a core feature in our tech care plans, but many topics you can (and should) cover yourself with your employees. There couple be rules that specifically apply to your business sector; like HIPAA for healthcare or CMMC for Department of Defense contractors.

    Maybe you’ve experienced a cybersecurity attack before and after the dust settled you came up with a game plan specifically to prevent it from happening again. If it hasn’t happened to you yet, it’s a mistake to assume it never will. In 2021 42% of businesses experienced a cyberattack. It’s a numbers game most won’t win without preventions in place.

    To start, we want to offer these posters we’ve created on two common cybersecurity threat topics, email and malicious attachments. These posters are free for you to print and brand to use in your office or send as a reminder, and these are two excellent places to start when you’re looking to beef up your office security.

    Click to grab the full size version.
    Click to grab the full size version.

    Here are five more training topics all workplaces should also cover:

    1. Like our posters above, email security and having strict guidelines for attachments and downloads is one key thing to focus on in your cybersecurity training efforts.
    2. It’s also important to provide guidance for internet usage while at work. Many employers try to digitally lock this down, but these efforts are usually met with annoyance and disdain from employees and are often in vain. Instead of arbitrarily trying to block everything with software we suggest having guidance about what’s appropriate for work devices (and what Isn’t). We also suggest noting that even if a website looks legitimate it may not be, so they should be wary of sites that ask you to download something or enter private credentials.
    3. This comes to the next topic which is practicing good safety hygiene with work devices. Three easy steps are: Locking your computer when you walk away, only downloading software from work authorized sites, and keeping your device up to date with patching and software updates. They may need assistance with the third step so it’s a good idea to have your IT provider manage workstations if you’re able to (this is something Valley Techlogic providers for all clients).
    4. The fourth step is protecting company data. If you’re employees have to interact with documents that are confidential in nature you should have rules for the sharing of those documents, as well as a comprehensive plan for backing them up safety.
    5. Finally, you should provide guidance on passwords and multi-factor authentication. Having a rule in your workplace that for work accounts they must have multi-factor enabled (or have your IT team enable it across the board) will drastically improve your office’s online safety. We have guidance for this topic here.

    It can feel overwhelming to have all of these topics to cover with your employees, but we cannot overstate how important it is to cover these topics with your employees, even if you think they’re things they should already “know”.

    At Valley Techlogic we have partnered with a platform that not only provides cybersecurity training resources, but it also allows you the ability to create your own training modules. You can even cover topics that fall outside the cybersecurity spectrum. We can also work with your business to assist you in the creation of these training modules, if you would like to learn more schedule a consultation with our sales manager Annette today!

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.