“I Didn’t Send That!” Domain Impersonation and You

How many of you were affected by the #Ransomware attack on the UVM Medical Center’s IT network last week? Whether it was a delayed or cancelled appointment, an issue with work orders and partnerships, or just dropped communication, this type of attack is a tragically real example of the importance of network security.

One of the biggest vulnerabilities that malicious actors tend to exploit in order to gain access to a network is through #emailsecurity. There are numerous methods for using email as an attack vector, a big one being what is known as #DomainImpersonation.

image says "you've been hacked!"

Domain Impersonation is when someone purchases domain names very similar to the appropriate domain that they are impersonating, and then send emails from that domain with malicious links, attachments, etc, to infect unwitting recipients’ machines and networks.

Consider this example: You’ve been going back and forth with a vendor (say, sales@panurgyvt.com) in emails about purchasing a product for an upcoming project. Suddenly, you receive an email that appears to be coming from that vendor with an invoice and a request for payment through a link in the email. Whether or not you were expecting this email, take a close look at the domain (what comes after the @ symbol). If you notice the typo (maybe something like sales@panrugyvt.com), you’ll easily identify the email as suspicious and know to delete it.

But how many of us actually look at the email address that every single email is sent from? Chances are, you’re busy and overloaded, you’re distracted, or you’re just the type of person who does not handle their email inbox with suspicion. Under these circumstances, you get the email, remember you’ve been communicating with this person already, and just assume that this is related to that communication. You click the link, or open the attachment, and boom, malware has infected your PC and potentially your entire network. Bad news.

No alt text provided for this image

Thankfully, there are solutions out there to monitor and protect from these potentialities before the email even hits your inbox. Through the use of artificial intelligence and intelligent monitoring, advanced email security systems today can take record of the domains of emails recently delivered to your inbox, and if an email comes in with a similar but false domain, it gets blocked even before it hits your email server.

There are also increasing amounts of opportunities for end user training on how to identify suspicious emails. As nearly all email attacks rely on carelessness, ignorance or manipulation to get people to click on malicious links and attachments, the biggest vulnerability point is, in fact, the end users themselves. Implementing regular training and reminders for your workforce surrounding the importance of email security is a top priority for securing modern networks.

If your business could benefit from a more robust email security plan, contact us today! We offer flexible options tailored to your company’s needs that include both server-side monitoring as well as end user training. Reach out today to start the conversation on how Vermont Panurgy can help your business stay protected in today’s modern work environment.

The Human Element of IT Security

Firewalls. Backups. Anti-Virus. Device Management. There are many tools in the IT professional’s toolbox for protecting technology from the threats of the internet. Unfortunately, even the most protected devices are only as secure as the humans that use them. No amount of software is going to prevent a user from clicking on a link in an email, and the inherent flaws of the human condition make the easiest target for an internet attack the end user. Because humans are the leading cause of IT security incidents, it is imperative for business owners and security professionals to integrate the Human Layer into their IT Security framework.

When considering the methods for implementing a security plan for the humans working in your business, the nature of human vulnerability becomes quickly clear: humans are subjective, distracted and easily influenced. Thus, the most effective method of attack comes through what is known in the IT Security world as Social Engineering, or the use of deception to manipulate individuals into divulging confidential or personal information to be used for fraudulent purposes. Hit people where they’re psychologically weak, and they are easy targets for manipulation.

puppet master controlling puppet

Examples of social engineering are everywhere. As one example in just the past week, a blast of emails recently made it through a client’s email security system informing several senior staff members that their Anti-Virus license had expired and required renewal. Several folks who received that email had no knowledge of the status of the Anti-Virus software on their systems, let alone its license’s expiration date. Thanks to overworked and underslept mental states, red alarms started going off, but for the wrong reasons. Emails quickly came in asking not if the email was legitimate, but why their Anti-Virus software had expired and whether their computers were at risk. Thankfully, they reached out to us before anyone clicked on the link in the email, but one errant finger could have placed the company and everyone who worked in it at serious risk.

Here’s a hypothetical example, uncovering another, even more urgent layer of the human element. In adjusting to a work-from-home workforce placed abruptly on us by the pandemic, members of your organization have migrated to relying heavily on Microsoft Teams for internal communication. Being based in the cloud, this means your server and all of your employees’ workstations are connecting to Microsoft servers regularly. Sniffers pick this scent up and suddenly you start seeing emails coming in offering all sorts of add-ons, freebies, enhancements, support, training, anything that might get you to click on the link in the email. They now know that you’re using Microsoft products for cloud communication, just from the act of you using it. They also know you’re new to it, which makes you more vulnerable. They use everything they can find out about you, in that very moment, to target you with content that strikes at your most vulnerable spots, and they are always adapting.

No alt text provided for this image

This shifting field of attack vectors causes us to realize that the implementation of IT security for the human layer must be an ongoing process, with regular reviews, trainings, updates and simulations. They didn’t make us do fire drills in school just to test the bells. Conditioning and repetition are vital parts of training humans in how to recognize and respond to threats.

Let’s next consider the impact of technology on how we form and maintain relationships, especially within the context of social distancing. Different types of people may have different opinions on the effectiveness and authenticity of virtual relationships, but even before government mandates brought compulsory hurdles to physical connection between people, many, especially in the younger generations, had already accepted virtual reality as their primary platform for connecting with others. Now, we’re all finding ourselves there, like it or not.

Just think of all the social engineering vulnerabilities this new paradigm poses. Thanks to the popular MTV show, the term “catfish” comes to mind, or people who subsume a fake identity online in order to connect with others behind a mask. The subject of the TV show, however, developing romantic relationships over the internet, is child’s play when compared to the sophistication with which similar tactics are used in spear-phishing and other social engineering attacks on businesses and their employees.

Consider the portions of your Facebook profile that are set to be visible to the public. Maybe you don’t think showing people that you live in Vermont and love cats is particularly concerning for the whole world to know. But what about that one Monday morning at work after a long weekend hiking and camping, sleep-deprived and sore, an email comes in marked important that appears to be coming from someone you work with about how they really need your help taking care of their cat? Do you stop and think if this person has ever told you they have a cat before? Do you check the email address the message is coming from, rather than just trusting the displayed name? Or do your instincts kick in and tell you “cat in trouble, must respond”?

Just like getting arrested, anything you say and do on the internet can be used against you in the court of social engineering. The simplest solution, just not doing anything on the internet, is not feasible in today’s business environment. So we are left to implement as comprehensive a strategy to protect ourselves, our business, and our employees, from these threats we will inevitably face.

Vermont Panurgy has been at the forefront of IT security and support for over 30 years. We would love to start a conversation with you about how we can implement a thorough, effective and ongoing strategy for your business to protect the Human Layer of IT security. Contact us today!

Technical Support for COVID-impacted Businesses – Funds Available!

Vermont Panurgy has been selected as an Approved Vendor in the Restart Vermont Technical Assistance (#ReVTA) program! Vermont Panurgy is able to offer services for Technology & Software Assistance (including, but not limited to: remote work setups; system design; installation; support of computers, network infrastructure and equipment, network security; 24×7 monitoring; remediation, anti-virus protections; and backup solutions). Technical Assistance also includes our Training services with live instructor-led remote and in-person technical (PC applications) and Professional Development/Soft Skill classes.

Any for-profit or non-profit Vermont entity conducting activities in Vermont that has been impacted by the COVID-19 pandemic and has a path to recovery that can be advanced with professional technical assistance, is eligible to receive these Technical Assistance funds. Approved businesses under the ReVTA program that use Registered Vendors and receive Technical Assistance services can have them paid for under the program. Any work done under this program must be completed by December 4, 2020, so act fast!

Go to vermonteconomicdevelopment.com for more information.  We look forward to helping your business!

#covidrecovery#smb#technicalsupport#approved

Presenting Your Best Virtual Self – A Free, 45-minute Webinar [Video]

Join us for this free 45 minute seminar covering tips and tricks for presenting your best virtual self. You will learn ways to improve your communication effectiveness and online presence. Participants will gain an awareness of their physical environment, body language and non-verbal cues, as well as gaining helpful tips to engage your audience when presenting through an online platform such as #Skype, #Zoom or #MicrosoftTeams.

Recorded on August 19, 2020.

3 Ways to Respond to Difficult Behavior

Why do we argue? Why can’t everyone agree? Why are some people just… difficult? Challenging interactions have been with us since the dawn of humanity, they are a part of the fabric of the Human Experience. But boy are they hard! There is one pivotal concept that must be accepted before any one of us is going to be able to respond to these situations positively: We are faced not with difficult people, but with difficult behavior.

Ask yourself this: how does it feel to be labeled “difficult?” There is a great Seinfeld episode exploring this feeling, when Elaine receives much societal rejection for having this word written on her doctor’s reports. Doesn’t feel very good, does it? That’s because, as we all know, humans are capable of great things, and nothing is permanent. Labels help us identify things and their uses, purposes and intents. When we apply labels to people though, it dehumanizes them and implies permanence. Not good.

Behaviors, on the other hand, are actions occurring in moments of time. They need not be tied to the person committing such behavior’s identity, unless they choose to do so. Thus, applying labels to behaviors is a much more constructive means to approach the situation at hand.

From a very-wide-lens, we can identify all reactions and responses to difficult behavior under three primary categories:

No alt text provided for this image

1.  Do Nothing

The easiest thing to do when faced with difficult behavior is to just ignore the problems you perceive and hope they go away. Remember that bully in middle school who wouldn’t leave you alone? Everyone told me to just ignore him, don’t give him what he wants. How did that work out? For me, as I would imagine for most of you as well, this tactic backfired spectacularly. It seemed to goad the bully on, and he just kept on messing with me.

Ignoring difficult behavior does nothing to make the person causing it to be aware of how you are perceiving it, how it is affecting you. It’s a non-starter, and many times the person may even consider your lack of response to be tacit approval. Yikes.

No alt text provided for this image

2.  Change The Person

How many of you read this one and immediately thought “no, I would never want to CHANGE someone!” Well, this is a tricky one, because intention is very important. I lived in housing Co-ops in college, where a house of at least 20 people shared chores, meals and maintenance in a hyper-intense level of immediate proximity hard to imagine for most people. As you can imagine, difficult interactions were an everyday experience.

I remember one summer I was managing a Work Holiday where we all banded together to get some more major projects done. One member was being very lazy, disappearing to his room for hours at a time, much to the chagrin of those with whom he was assigned to work. In my naiveite, I thought I could go up there and motivate him to get to work, somehow giving him the energy I felt to make him want to go join in the collective experience.

But what was I really doing? As good intentioned as I felt I was, I was actually trying to change this person’s identity, make them into something they were not. I didn’t even consider what was going on with them, I just wanted them to buck up and conform. You can imagine how that worked out. Ultimately, my failures in communication as a leader that year led, in part, to a complete membership turnover. I had learned a very important lesson.

An individual’s personality is a result of that person’s unique life experience. Each person’s perception of reality is uniquely their own. Because of this, any change in their personality requires conscious effort by that very individual. When it comes to people, we can only change ourselves. Trying to force someone else to change their own personality is incredibly difficult, and when you think about it, incredibly selfish, too.

No alt text provided for this image

3.  Modify Your Style For That Person

When realizing the failures of the above two methods of response, one of the most challenging relationships where difficult behaviors occur is in that of superior to subordinate. As a manager, you have a responsibility to the people you manage to make sure difficult behavior is not detrimental to co-workers or the organization. The style that you use to manage people may have to vary in order to meet the different challenges that different people present. To each their own.

This is the greatest challenge of all, but ultimately it is the only way that works. And it works because it takes the other person into account. You’re not just managing your way, you’re managing in a way that works for both of you, and not only does this make the interaction more comfortable, it empowers the other person and can even inspire them to change.

I know you’re all thinking, “Oh, great, more lofty platitudes about big-picture concepts. How does that help me today? How do I apply this to my own situation?” Well, the good news is, Vermont Panurgy has got you covered! We regularly host a plethora of virtual career development classes, several of which focus specifically on these types of interactions. Our virtual classrooms are small, highly personalized and live-led by one of our cohort of fabulous instructors. Our classes typically run for at least one full day, giving students and instructors plenty of time to dive into the topics and answer all questions. Our next class on this topic is called Managing Difficult People, and will occur from 9:00 am to 4:00 pm on Thursday, August 27th. If you are interested in attending, or if you want to learn more about our offerings, contact us today!

Office 365 and Backups, DON’T Lose Your Data!

Microsoft 365 is a great platform for connecting a team across wide distances. However, Microsoft only commits to providing you access to your data, they do not provide guarantees that it is backed up. What if you accidentally delete a file from OneDrive? What if an employee quits and you lose access to their Outlook Mailbox? Watch this video and contact us today to learn more about how protect your Office 365 data!

For those using Office 365 or are considering implementing Office 365 email, please read the following:

There are known attacks against Office 365 that can compromise associated email accounts. Basically, hackers take over someone else’s email account through Office 365.  Hackers may send out spam to directly to attack an individual or company. Another common attack is to contact a company’s customers while impersonating high-level employees to get the customer to reroute financial transactions or to confirm/send sensitive data to the hackers.

One of the main symptoms of a compromised email account in Office 365 may include server side rules that redirect email into a Deleted Items folder or other folders like the Junk folder or the Really Simple Syndication (RSS) Feed folder. These emails often go unseen by the actual email account user and permit the hackers access to information in the incoming emails.

  

Fortunately, there are some preventative steps that can be taken to reduce the ability of hackers to compromise via Office 365. The main security implementation that we highly recommend is to enable Multi-Factor Authentication (MFA) for all Office 365 accounts. There are additional settings and configurations Vermont Panurgy can assist you with to log and audit account usage, which will better enable us to track any attempted hacks.

  

If you use Office 365, please contact us to make sure you are protected again such attacks. We are here to answer any questions or concerns you may have.

 

 

Leadership Institute Class – Update

If your organization is like most, you promote from within.  Often employees are promoted to supervisory roles because they are good at their job, with little to no training.  Vermont Panurgy’s 3 day Leadership Institute was developed to address this need.

Our next sessions will be running on March 18-20 (only 1 seat available) and April 24-26.  Below are quotes from two of the participants from our Leadership Institute class in January:

  • “Lauri is a very dynamic teacher and I thoroughly enjoyed her class.  This is the 1st class in a long time that has kept me engaged where I have felt safe.
  • “This class really re-energized me and provided a breadth of knowledge and inspiration to take back and lead my team.”