In the past week, we have seen increased occurrences of elaborated scam emails with attempts to collect Office 365 credentials, so we find important to share tips on how to spot these threats.
Always verify the sender is valid. Specially the domain suffix. If its not a .com or .us there is your red flag.
DO NOT click on attachments or links. If you are in doubt, forward the email to your IT department or MSP provider. On the above sample, links were pointing to a site that looked identical to the Office 365 login page, it did have a valid SSL Certificate so it was deemed as secure but it was designed to steal office 365 logons. As of 10-27-2017 the set had been taken down already.
Why would someone want to gain access to random email addresses you may ask. A few examples:
A few steps that help protecting your systems against this threats are:
For more information or if you would like to get a FREE network assessment for your company. Please contact iEple LLC at (630) 634-5700 or make an appointment at http://book.ieple.com
We appreciate comments and questions.
Phishing is the most effective way hackers have nowadays to seed viruses and malware to corporate networks for the following reasons:
Can we avoid phishing emails?
In theory yes; spam filters are constantly looking for signs of phishing at the binary and heuristic level, however a good percentage of messages can still go through.
Another risk is the ability for users to review their spam folder; then phishing messages that may look "legit" can lead us to think it was sent to spam by mistake.
So here are our quick 4 things you and your employees should be trained to watch on every single email that comes across:
1. ALWAYS check full details of the sender:
The example above shows "Paypal" on the list of senders; just click on the details of the sender to reveal the real email address. In the example you can see it's not coming from Paypal at all.
2. DONT CLICK ON LINKS before you verify them:
If you are prompted to click on a link to "Verify" or "login" STOP and check that link. Simply hover the mouse on the text or button to reveal where they are trying to take you. In the example above notice how the link would take you to "service-infos.com" which is completely unrelated to Paypal.
3. DO SOME READING
Spammers take advantage of our global inability to pay attention to detail; we unconsciously validate information when we look familiar logos.
Honor your junior high grammar teacher's dream and notice language that you wouldn't expect from a professional. See the example above and watch for simple mistakes that simple don't look good with the context.
4. MIND ATTACHMENTS, scan them first
We receive attachments every day and technology give us the comfort to open them right from our email client or webmail page. Before opening the attachment ask yourself:
The most common attachment extensions are
The most common file extensions used for malicious software sent by email are:
Whether is a common file and coming from a trusted sender, always download the file, rather than opening them; then right click on it and select the option to scan with your default antivirus.
Again, any company should have a solution in place for Spam filtering and threat detection. If you don't it is time to get one. Call us to find out how easy is to implement and the many benefits your company will gain.
Thanks for staying with us so far, we hope this information is valuable. If you'd like to learn more about security for your business computers, managed antivirus and other ways we can help to prevent threats on your network, please contact us and we'll be ready to assist and provide guidance.
After turning on your USG Pro 4 for the first time, you navigate into it's default LAN ip address https://192.168.1.1, and under "Setup my Unifi Gateway" you clicked on "set inform URL" then added the address http://[your server]:8080/inform and then clicked OK.
You looked into your controller server and your new USG Pro 4 is not showing up on your devices to be adpoted so you go back and refresh your USG Pro configuration site https://192.168.1.1 to realize your settings didn't take.
This is a bug that as of today, even the most updated version 126.96.36.19943895 of USG Pro has not fixed yet.
Solution is quite simple, DO NOT waste your time trying to upgrade/downgrade java or your controller. You will find plenty of forums advising that. Here is the real solution:
1. Install Putty (get it quickly from https://ninite.com/putty
2. Open Putty and establish an SSH connection to your USG at https://192.168.1.1 (default user/password is ubnt/ubnt)
3. At the command line, type: set-inform http://[your server]:8080/inform and then hit enter
4. Go to your Controller and Adopt the device, then wait until the adoption process is finished. You will see the device does not come back online after adoption because the bug makes it loose the inform url again even after the adoption process, therefore, continue the guide as follows:
5. Verify the device is back up by navigating to https://192.168.1.1
6. Go back to your Putty Session and run the same command again: set-inform http://[your server]:8080/inform
7. Check on your controller to see if the device comes back online.
We hope this bug gets fixed in future firmware releases, but in the meantime, keep this guide saved to your bookmarks, you will need it each time your power-cycle your USG.
Please leave your comments, let us know how this guide is working for you but most importantly call us if you need assistance or support with other networking needs.
Here are the most common WiFi problems on small business that rely on their Internet Provider modem as the center of their network:
1. Devices not getting an IP Address
2. WiFi Connected but no internet access
3. Internet connects but takes long time to load
4. Weak signal bars in certain areas of the office
5. WiFi disconnects very often:
As more and more business implement BYOD "Bring your own device" they come to realize that in lack of a solid network infrastructure, it feels more like BYID "bring your internet down". So why does this happen?
As said before, most small businesses rely only on the modem installed by the Internet Service Provider. Which could work for 1 or 2 employees but once you connect several devices (wired and wireless) the so called "business class" modem just can't handle it.
Each modem has a complex combination of different services that are normally handled by a server:
Now that we have identified the problem, let's talk about the solution: at iEple, we focus on providing small and medium business with solutions that are designed to sustain large corporations but keeping the pricing affordable.
At iEple Business Computer Services
Our standard network deployment for small and medium business includes:
Sounds like a lot of hardware but in reality some times it only requires two devices and believe it or not there are options that start in the lower $100's yet capable of fulfilling the job when professionally installed and configured.
Call us or reach out in any way you prefer and discover the benefits of having professionals with corporate and enterprise background setup your business with the latest technology at affordable prices.
This quick tutorial is dedicated to current clients that already have VNC Server running on the computer they want to connect to.
1.- Download VNC viewer for the appropriate system:
2.- On WINDOWS, we suggest to save the file to your desktop.
3.- Double click on the file to open it
4.- On VNC Server, type the IP Address or name of the computer you wish to connect to. And leave the Encryption as "Let VNC Server choose":
(keep on mind this guide assumes you already configured VNC server on that remote computer and you are in the same local network).
5.- Click Connect, and type the password that has been already configured.
Deploy dozens of computers in minutes with iEple's BioGreenPC
Enterprise I.T. Support for ALL