When Your Facebook Or Other Online Account Gets Hacked, Who’s Responsible For The Losses?

by Link Computer Corporation | Dec 4, 2023 | Managed Services

When Your Facebook and Other Social Media Accounts Get Compromised

Recently, the CEO of a very successful marketing firm had their Facebook account hacked. In just a weekend, the hackers were able to run over $250,000 worth of ads for their online gambling site via their account and removed the rightful owner as the admin, causing the firm’s entire Facebook account to be shut down.

Not only are they uninsured for this type of fraud, but they were shocked to discover that Facebook, as well as their bank and credit card company, was NOT responsible for replacing the funds. Facebook’s “resolution” was that there was no fraud committed on their account because the hacker used their legitimate login credentials, and Facebook is not responsible for ensuring you keep your own personal credentials safe and confidential. Further, they didn’t have the specific type of cybercrime or fraud insurance needed to cover the losses, so they’re eating 100% of the costs.

Not only are they out $250K, but they also have to start over building their audiences on Facebook again, which took years to build. This entire fiasco is going to easily cost them half a million dollars when it’s all totaled.

In another incident, another firm logged into their account to find all of their ads were paused. Initially, they thought it was a glitch on Facebook, until they realized someone had hacked into their account, paused all of their legitimate ads and set up 20 NEW ads to their weight-loss spam site with a budget of $143,000 per day, or $2.8 million total.

Due to their spending limits, the hackers wouldn’t have charged $2.8 million; however, due to the high budgets set, Facebook’s algorithms started running the ads fast and furious. As they were pausing campaigns, the hackers were enabling them again in real time. After a frantic “Whac-A-Mole” game, they discovered the account that was compromised and removed it.

The compromised account was a legitimate user of the account who had THEIR account hacked. Because of this, Facebook wouldn’t replace the lost funds, and their account got shut down, with all campaigns deleted. Fortunately, these guys caught the hack early and acted fast, limiting their damages to roughly $4,000, but their account was unable to run ads for 2 weeks, causing them to lose revenue. They estimate their total damages to be somewhere in the $40,000 to $50,000 range.

When many people hear these true stories (with the name of the companies withheld to protect their privacy), they adamantly believe someone besides them should step up and take responsibility, covering the losses. “It wasn’t OUR fault!” they say. However, the simple reality is this: if you allow your Facebook account – or any other online account – to be hacked due to weak or reused passwords, no multifactor authentication (MFA) turned on, improper e-mail security or malware infecting your devices due to inadequate cyber security, it is 100% YOUR FAULT when a hacker compromises your account.

Facebook is just one of the cloud applications many businesses use that can be hacked, but any business running any type of cloud application, including those that adamantly verify they are secure, CAN BE HACKED with the right credentials. Facebook’s security did not cause their account to be compromised – it was the failure of one employee.

The BEST way to handle this is to NOT get hacked in the first place. Here’s what you need to do to protect yourself:

Share this article to make sure your staff is aware of these types of scams. Cybercriminals’ #1 advantage is still hubris; businesses and most people in general insist that “nobody would want to hack me” and therefore aren’t extremely cautious with cyberprotections.
Make sure you create strong, unique passwords for EACH application you and your team log into. Use a good password management tool to manage this, but remember IT MUST BE USED IN ORDER TO WORK. For example, don’t allow employees to store passwords in Chrome and bypass the password management system.
Minimize the number of people logging into any account. If someone needs access, give them that access and then remove them as a user ASAP immediately after. The more users you have on a cloud application, the greater the chances are of a breach.
Make sure all devices that touch your network are secure. Keylogger malware can live on a device to steal all of your data and credentials.

If you want to ensure your organization is truly secure, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, you’re due.

It’s completely free and confidential, without obligation. Voice scams are just the latest in a tsunami of threats aimed at small business owners, with the most susceptible being the ones who never “check the locks” to ensure their current IT company is doing what they should. Claim your complimentary Risk Assessment today.

New And Urgent Bank Account Fraud Alert

by Link Computer Corporation | Dec 4, 2023 | Managed Services

New And Urgent Bank Account Fraud Alert

The infamous Xenomorph Android malware, known for targeting 56 European banks in 2022, is back and in full force targeting US banks, financial institutions and cryptocurrency wallets.

The cyber security and fraud detection company ThreatFabric has called this one of the most advanced and dangerous Android malware variants they’ve seen.

This malware is being spread mostly by posing as a Chrome browser or Google Play Store update. When a user clicks on the “update,” it installs the malware designed to automate the process of accessing your online accounts and extracting and transferring funds.

Besides being alert to this scam (and you should let your spouse, partners and family know as well), you should be aware of a few ways to protect yourself:

Avoid links and attachments in any unsolicited e-mail. Simply previewing a document could infect your device, so never open or click on anything suspicious.
To update your browser, simply close it and reopen. You don’t have to download an application to update it. Furthermore, the Google Play Store app will not ask you for an update, so don’t fall for any website alert or text stating you need to download an update.

But remember, bank fraud can manifest itself in several forms, including:

Phishing Scams: Cybercriminals send deceptive e-mails or messages, often impersonating trusted entities like banks or government agencies, to trick you or your employees into revealing sensitive information like login credentials. Sometimes these are facilitated by phone calls, so make sure your team is fully aware of this. The latest MGM hack happened when a hacker called the company’s IT department requesting a password reset.
Check Fraud: Criminals may forge or alter your business’s checks to siphon funds from your account, making it essential for you to secure your checkbook and be careful about sharing or e-mailing your account information. You might consider going checkless to cut down on the chances of your account being hacked.
Unauthorized Wire Transfers: Hackers may compromise your online banking credentials to initiate unauthorized transfers, diverting funds to their accounts.
Account Takeover: Criminals may gain control of your business’s online banking accounts by exploiting weak passwords, reused passwords or security gaps, such as e-mailing your passwords to others or storing your bank password in your browser, allowing them to make unauthorized transactions.
Employee Fraud: Sometimes, even employees may engage in fraudulent activities, such as embezzlement or manipulating financial records.

To protect yourself, use strong, unique passwords for your online banking accounts and never store them in your browser. Also, update your passwords monthly with significant changes to them, using uppercase and lowercase, symbols and numbers that are at least 14 to 16 characters.

Second, always turn on multifactor authentication (MFA) so you’re notified if anyone tries to log into your accounts without your knowledge.

Third, set up alerts for large withdrawals. You can ask your bank to require a physical signature for wire transfers to protect you from someone taking money from your account without your signature.

Fourth, get fraud insurance that specifically covers employee and online theft so you are protected in the event a cybercriminal steals money from your account.

And, as always, make sure you have strong cyberprotections in place for ANY device that logs into a bank account or critical application. Far too many businesses think that if their data is “in the cloud,” they are safe. Remember, your bank account is “in the cloud,” and the bank likely has a secure portal, but that doesn’t mean YOU can’t be hacked.

The Danger Of Holiday Phishing Scams

by Link Computer Corporation | Nov 15, 2023 | Managed Services, Business Disaster Recovery

The Danger Of Holiday Phishing Scams: How To Recognize And Avoid Them To Stay Safe This Holiday Season

The holiday season is in full swing, which means so are the cybercriminals! While you’re making holiday gift lists, they’re plotting and scheming new ways to take advantage of unsuspecting online shoppers. Holiday phishing scams have become an all-too-common threat, targeting customers to steal personal information, financial data and even identities.

To help reduce the chances that a cybercriminal will ruin your much-deserved holiday fun, we’ve outlined a few of the most common and dangerous scams that you should be on the lookout for, how they work and tips to help you avoid becoming their next victim.

Understanding Holiday Phishing Scams:

Phishing is a deceptive technique cybercriminals use to trick individuals into sharing sensitive information such as passwords, credit card details or Social Security numbers. During the holiday season, these scams often take on a festive disguise, tricking victims with holiday-themed e-mails, messages and websites. Whether you’re ordering gifts for clients or friends and family, here are some common tactics used by holiday phishing scammers to be aware of:

Holiday-Themed E-mails: Scammers send e-mails that appear to be from trusted sources like your favorite retailers or even beloved charities. These e-mails look legit and usually offer fake exclusive holiday deals, order confirmations or requests for donations. Inside the e-mail, there is usually a link that leads to a fake website designed to steal your information or your money, or even install dangerous malware on your computer.
Fake Promotions: Cybercriminals create fake holiday promotions and discounts that seem too good to be true. Unsuspecting victims see a great deal from a spoof e-mail account and are enticed to click on links or download attachments that can contain malware or lead to phishing websites.Sometimes cybercriminals aren’t looking to install malware but instead hoping to steal your money. They’ll duplicate popular retailer websites or set up their own, so when you make a purchase, they’ll collect the money, but you’ll never receive your order. These sites are often difficult to track, making it hard to get your money back.
Delivery Notifications: With the increase in online shopping during the holidays, scammers send fake delivery notifications, claiming that a package is on its way or that there’s a problem with an order. These e-mails may prompt recipients to click on links or download attachments containing malicious software.
Social Engineering: Scammers may impersonate friends or family members via e-mail or social media, asking for money or personal information under the guise of a holiday emergency or gift exchange. This is a common scam against seniors – who might not realize that the profile requesting money from them that was made “three days ago” isn’t actually their granddaughter – and young teenagers who don’t know fake profiles are an issue.

Recognizing and Avoiding Holiday Phishing Scams:

Now that we understand how holiday phishing scams operate, it’s essential to know how to recognize and avoid falling victim to them.

Verify The Sender: Always check the sender’s e-mail address or domain. Be cautious of misspelled or suspicious e-mail addresses. Legitimate companies and organizations use official domains for their communication.

Don’t Click On Suspicious Links: Hover your mouse over links to see the actual URL they lead to. Be wary of shortened links or URLs that don’t match the sender’s domain. If in doubt, visit the website directly by typing the URL into your browser.

Beware Of Urgency And Pressure: Scammers often create a sense of urgency, claiming limited-time offers or imminent problems. Take your time to verify the authenticity of any claims before taking action.

Double-Check Websites: Before entering personal or financial information on a website, ensure it’s secure. Look for “https://” in the URL, a padlock icon in the address bar and a valid SSL certificate.

Use Two-Factor Authentication (2FA): Enable 2FA wherever possible, especially for online shopping and banking accounts. This provides an extra layer of security, even if your password is compromised.

Educate Yourself And Others: Stay informed about current phishing tactics and share this knowledge with friends and family. The more people are aware, the harder it becomes for scammers to succeed.

Protect Personal Information: Avoid sharing sensitive information via e-mail or text messages, even if the request seems legitimate. Use secure channels for such communication.

While the holiday season is a time for celebration and togetherness, it’s crucial to remain vigilant against holiday phishing scams. Cybercriminals prey on the festive spirit and increased online activity during this time. By recognizing the signs of phishing attempts and following best practices for online security, you can protect yourself and ensure a safe and joyous holiday season for you and your loved ones.

Business owners: If your staff will be ordering gifts online for clients, make sure they know how to spot a phishing attack and that your network is properly secured in case something slips through the cracks. You don’t want your organization to be negatively impacted by extending holiday goodwill. If you aren’t sure if you’re protected, please give us a call or schedule a 10-minute discovery session with our team. We can help give you peace of mind this holiday season. Click here to book now, and happy holidays!

AI Voice Scams – May A Force Field Be With You

by Link Computer Corporation | Nov 15, 2023 | Managed Services

AI Voice Scams and Deep Fakes For Business Owners

“That won’t happen to me” is something many business owners say when discussing cyber-scams and the need for adequate protections for their business, but these days it’s getting to be a really, really stupid statement that you definitely don’t want your clients, employees and banker to hear.

Generative AI (artificial intelligence) tools are allowing scammers to produce deep fakes to defraud their targets. Earlier this year, Clive Kabatznik, an investor in Florida, called his local Bank of America representative to discuss a big money transfer he was planning to make.

Immediately after this legitimate call, a scammer called the bank back using an AI-generated deepfake voice of “Clive” to convince the banker to transfer the money to another account. Fortunately, the banker was suspicious enough that no money was transferred, but not everyone is as lucky.

According to a report titled The Artificial Imposter by McAfee, a well-established cyber security firm, 77% of AI voice scams were successful in securing money from their target. Even scarier, AI tools can clone a voice from just three seconds of audio.

A UK-based energy firm’s CEO was the victim of a voice scam when he thought he was talking to his boss, the CEO of the parent company based in Germany. The voice on the other end of the line instructed him to send the equivalent of $233,000 to a Hungarian supplier. The voice was so convincing, down to the slight German accent, that the CEO complied without hesitation. By the time they realized what had happened, the money had already been transferred to Mexico and distributed to other locations that weren’t traceable.

But big businesses aren’t the only ones targeted

Jennifer DeStefano, a mother of a 15-year-old daughter, recounted during a US Senate hearing her terrifying encounter with an AI scammer who used the voice of her daughter to attempt to convince her that the girl had been kidnapped. Fortunately, her daughter was in her bed sleeping at the time, and Jennifer was able to realize it was a scam. Many others aren’t as lucky as Jennifer and are getting scammed by AI voices of grandchildren, children and other loved ones who “urgently need money.”

This approach is still so new that there’s no comprehensive accounting of how often it’s happening, but the CEO of Pindrop, a security company that monitors audio traffic for many of the largest US banks, said he had seen a jump in its prevalence this year – and in the sophistication of scammers’ voice-fraud attempts. Another large voice-authentication vendor, Nuance, saw its first successful deepfake attack on a financial services client late last year.

With the rapid advancement of AI technology and its wider availability as costs come down, coupled with the broad availability of recordings of people’s voices on TikTok, Facebook, Instagram and YouTube, the perfect conditions have been created for voice-related AI scams.

What do you need to do to protect yourself?

For starters, share this article to make sure your staff is aware of these types of scams. Next, instruct them to ALWAYS check with you via a text message or other means BEFORE transferring money. If you’re not a business owner, you can do the same with your family, using a code word or other means of verifying the caller’s legitimacy.

Also, check the caller ID. If it’s something you don’t recognize, or it’s a blocked number, that’s a BIG red flag that it’s a scam. Even if it sounds like them on the other end of the line, hang up and call their phone direct or the place they’re supposed to be (school, office, etc.).

If the person calling has on-fire urgency and wants money wire-transferred or a Bitcoin payment, that’s another huge red flag. Real emergencies don’t come with highly skeptical payment demands.

In business, you’ve clawed and climbed your way to the top, dodging all sorts of pitfalls and predators that have tried to make you their meal. Such threats are everywhere, and the higher you climb, the more you’ll find hiding behind every tree, every rock and every step. No matter how small and insignificant you might think you are, you ARE a target for someone, and being casual about cyber security and the threats they pose is an absolute surefire way to be robbed.

If you don’t want this to happen to you, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, you’re due.

Why Business Owners Demand Managed Services

by Link Computer Corporation | Oct 26, 2023 | Managed Services

Why Business Owners Demand Managed Services

Research finds that the drivers for leveraging managed services can range from the desire to reduce costs to the belief that an outside party can provide top-notch security, uptime and general peace of mind. So, why do businesses seek managed service providers or MSP’s?

Improved security
Proactive approach to IT problems
Better uptime
Gain access to newer technologies
Cost savings over in-house IT
Peace of mind
Free internal staff for strategic work
Tap into cloud solutions
Lack of internal IT
Handle remote office IT

Let’s take a deeper look into the top five drivers:

1. Enhanced Security

Laptops, desktops, smartphones, applications, tablets, servers, operating systems, browsers, wearable technology and the like all store and transmit data and thus require the strictest security measures. Businesses are looking to managed service providers out of fear of becoming the next headline in a high-profile data breach or data loss incident.

Along these lines, compliance is becoming even more of an outsourced IT adoption driver for business owners, especially with regard to PCI security standards, FTC guidelines, and cyber insurance requirements.

2. Proactive Approach to IT Problems

This is a benefit of managed IT services that we discuss a lot because it is so important. Businesses don’t want to have to worry about their daily IT operations. They don’t want to have to second-guess the reliability and speediness of their network connection. Similarly, they don’t want to have to worry about what the state their IT environment will be when they commute in to work each morning. They choose to work with MSP’s because the MSP can provide 24x7x365 coverage. Services like RMM and the security suite MSP’s offers detect potential disturbances and vulnerabilities, enabling them to resolve these problems before they develop into more critical threats. With fully managed IT support, MSP’s can often troubleshoot and remediate glitches or bugs before they impact business. A CEO just doesn’t have the time to verify that the backups his company has taken actually worked! We already know that data management is a top IT challenge for businesses. So, in working with the right MSP, key executives can take advantage of proactive solutions that mitigate risk and offer business resilience.

3. Maximizing Uptime

Today, every business needs to be completely prepared for emergencies such as power failures, security breaches, data loss or other disasters that could damage their accounts and credibility. There’s a definite need for constant uptime and business continuity, and by including Backup/Disaster Recovery (BDR) as part of their services the MSP acts as a turnkey solution to ensure the safety of their clients’ precious data in any disaster situation. As a trusted MSP, it’s their role to help businesses identify and prevent the kind of damaging impact a downtime event could have on their business. To avoid long-term downtime, Businesses can leverage a MSP that will keep their IT systems running smoothly and efficiently, so they can focus on their core business operations. By outsourcing basic IT functions, Businesses will be able to maximize uptime and allocate their internal staff resources to focus on strategic projects and business activities that will help grow their business.

4. Access to Newer Technologies

Often, the businesses seeking MSP’s have over-burdened IT staff with employees who may lack the skills and training for certain tasks or can’t handle the whole of the company’s network on their own. In response, these companies recognize the value of working with an outside technical support team. Not only does IT outsourcing help with having an extra team of IT experts able to troubleshoot and remediate issues that arise, clients benefit from having access to the latest technology and business-grade solutions that maintain uptime and profitability, such as remote monitoring and management (RMM), backup and disaster recovery (BDR) and cloud computing. Investing in these tools increases the reliability of organizations’ IT infrastructure. Investing in the managed services business model tackles existing labor constraints and prevents internal IT departments from always having to play catch-up. By working with an MSP, business can also receive a virtual CIO (vCIO) in addition to the business-grade technology for their IT infrastructure. A vCIO is able to understand and manage the evolving technology landscape – allowing businesses to better plan for the long term and scale their business.

5. ROI/Cost Savings

One of the biggest business values of managed services is greater cost savings. IT budgets consist of many items: hardware costs, software and network infrastructure costs and maintenance costs, to name a few. Not to mention, the cost of labor is significant for any business. Businesses often have a need to reduce the size of its IT department because the cost of paying their current staff is far too high. It could also be the case that the business has no dedicated IT team and employees are forced to compensate by performing technical tasks that are outside of their core area of expertise, slowing productivity and preventing the business from being able to grow. With MSP’s, businesses are able to free up staff time to devote to higher value tasks and more easily predict their IT costs.

« Older Entries

New And Urgent Bank Account Fraud Alert

New And Urgent Bank Account Fraud Alert

But remember, bank fraud can manifest itself in several forms, including:

The Danger Of Holiday Phishing Scams

The Danger Of Holiday Phishing Scams: How To Recognize And Avoid Them To Stay Safe This Holiday Season

Understanding Holiday Phishing Scams:

Recognizing and Avoiding Holiday Phishing Scams:

AI Voice Scams – May A Force Field Be With You

AI Voice Scams and Deep Fakes For Business Owners

But big businesses aren’t the only ones targeted

What do you need to do to protect yourself?

Why Business Owners Demand Managed Services

Why Business Owners Demand Managed Services

Let’s take a deeper look into the top five drivers:

1. Enhanced Security

2. Proactive Approach to IT Problems

3. Maximizing Uptime

4. Access to Newer Technologies

5. ROI/Cost Savings

Blog Categories

Blog Tags

Related Blogs