ItGurl computer services inc

01/26/2022

11/25/2021

More great examples to learn from - thanks Tom!

Do you have a Netflix account? Is your payment information up to date? What if you received an email saying you had to update your payment information because they've suspended your account??

OH NO... PANIC... Netflix is suspended I better click the "Restart your membership" link and update my payment information!

No... 😉

Look for the signs - notice the the title of the email in my inbox ("Netflix Support" on the left) that is the "from name" in the email - that can be anything the sender wants.

But look at the actual from email address in the top middle... "support@" but it's not "[.]com"! It's from a random email address.

Then there's the link they want you to click on: Do the "hover" check and you can see it's taking you to a site that is not "netflix[.]com"! but something that ends in .BIZ!

Lastly, the most important thing to take away from today's phishing email test... DON'T trust email!

If you get an alert, and you're concerned about it, DON'T click in the email but go to Netflix in your browser, manually, and check your subscription there.

Also - I don't have a Netflix subscription linked to this email address so that's another thing to be aware of! Which email is your Netflix ACTUALLY registered to and which email address did you get the "phishing" or legit email at?

Remember to be cautious of all emails and think before you click!

11/23/2021

10/19/2021

October is Cyber Security Awareness Month. Are your passwords strong? The common misconception about password strength is that is has to be hard to remember... that isn't true. This is illustrated perfectly here:

01/28/2021

Protect your personal information - and don't answer questions like this on social media! Posts like the one pictured here always raise flags for me -- answering this type of question on a public post can put a c***k in your account security as this is a potential security question that could be used to protect an online account for you... I get that it's fun to think about and compare experiences - but this post had 26,000 comments that link back to individuals and each person that answered the question has potentially become part of a database of information that could help someone access their banking, or Apple account or CRA account or some other account that has been set up with secret questions. Plus - lots of the commenters added information like dates and ages and locations which only adds to the collection of information that could be mined. Please don't overshare on public posts --anything you say on a public post becomes public information regardless of how locked down your own Facebook account is.

06/04/2020

01/15/2020

12/18/2019

Hi Everyone!

It's the time of year where people are buying gifts to give to their loved ones. And also the time of year that people try to take advantage of that.

I've given you lots of examples, some more obvious than others, of phishing emails. Time for one that is "season" appropriate!

Who's waiting for holiday packages to arrive? And what would you do if you received an email saying your package had been delivered but you didn't see it on your door or sign for it?

Have a look at the attached screen shot. I showed it to one of my colleagues and his response what "What package was delivered?" Then I pointed out the "obvious" - because he had only looked at the email "content" not who it was from.

This is how the attackers get you! You're busy. They're counting on you to not pay close attention, and make THEIR Christmas more special for them.

This is actually a VERY well done email body. It looks like it's copied verbatim from a FedEx email (I don't have one to compare to currently). There are no spelling mistakes that I could see (doesn't mean there aren't any) and looked convincing enough to have one of our "tech people" ask which shipment we received...

Upon closer inspection, sure enough: the from email address is not FedEx, and the hyper links take you to sites that are not FedEx.com. And they go to different sites depending on which link you're "hovering" your mouse over.

All the tell tale signs of a phishing email, wrapped up in a nice, "easy to fool" package for people expecting shipments and busy with work or life.

Don't be fooled! Take your time inspect any email for legitimacy BEFORE you click!!

Merry Christmas, Happy Holidays, and Happy New Year Everyone!

The Team at TCSI Consulting

09/17/2019

Social engineering is by far the biggest factor in malicious hacking campaigns, warn researchers – so how can it be stopped?

06/20/2019

Have your credentials been exposed?

Check your email address to see if it has been exposed on site that might have been hacked (like Adobe or Dropbox)... https://haveibeenpwned.com/ If you haven't changed your passwords in a while - or if you tend to use the same password in multiple places... I recommend updating/changing them...

You can also check to see if a specific password that you use has been discovered on a hackers list. That should trigger you to immediately stop using it - anywhere.

Check out tools like LastPass and 1Password to help keep your passwords secure and unique.

Have I Been Pwned allows you to search across multiple data breaches to see if your email address has been compromised.