by Sameer Sule

Most of you might have heard the recent news about Google that hundreds of Gmail accounts were compromised in a “spear-phishing” assault — targeted attacks that duped victims into revealing their Gmail passwords through e-mails that pose as people or companies known to end user. Attackers secretly reset settings to copy and forward all e-mails.

http://edition.cnn.com/2011/BUSINESS/06/02/google.gmail.phishing/index.html

“The goal of this effort seems to have been to monitor the contents of these users’ emails,” wrote Eric Grosse, engineering director of Google’s security team, on the company blog. In the latest Gmail attack, users were given a link to click that connects to what appears to be Gmail logon page — but instead is a dummy site that appears identical. Once the victim clicks in their password, the thieves can use it themselves. Google has advised Gmail users to improve their e-mail security settings by using a two-step authentication procedure — a password, plus a rotating six-digit code. “One of the things Google is now recommending is industrial strength security measures for ordinary users,” said Andrew Lih, professor at University of Southern California and author of “The Wikipedia Revolution

Hotmail and YahooMail have been the target of recent attacks as well.

(http://mcpmag.com/articles/2011/06/06/hackers-targeting-email.aspx)

“Adobe announced that a recently patched vulnerability in its flash player on Sunday is still — despite an out-of-band rollout on Sunday — being used to hack into the accounts of Gmail users.
Trend Micro identified issues with Microsoft’s Hotmail accounts in this report. In the Hotmail situation, hackers are apparently using embedded scripts to get usernames and passwords. In this sense, a cross-site scripting vulnerability similar to that exploited in the Gmail incursions is employed to break into Hotmail accounts.

As far back as March, Yahoo! Mail was also an apparent target of attackers who, instead of using cross-site scripting tactics, use an infected spreadsheet file. The corrupt attachment is specially crafted to turn the popular Microsoft Excel program into a weapon against Yahoo! Mail users unfortunate enough to open the document — which exposes their system to risks such as the threat of personal identifiable information ending up in the hands of hackers.

What this trend suggests is that hackers are hitting up popular e-mail accounts usually accessed in a Web browser session. These e-mail accounts, as opposed to a Microsoft Outlook or secure client-side e-mail account like Outlook, can be accessed from any computer, anywhere and are thus vulnerable as any other destination on the Web.”

Security experts are discovering that SMBs tend to have less or inferior security protocols in place to counter cyber-attacks. Many SMBs are particularly vulnerable, as they do not feel the need to or cannot afford to deploy business class firewalls or use email systems that offer encryption/anti-spam protection. It is very tempting for a small business to use free email services to keep costs down. Google, Hotmail, YahooMail, and other personal mail services do not offer the same protection against spoofing and malware as do enterprise systems. Additionally, many workers tend to take their work home with them and are in the habit of sending emails from their business accounts to their personal accounts so they can read it at home. Now if the personal email is hacked, your sensitive company data is potentially available to the hacker. Imagine if a hacker/competitor got hold of your business contacts, proposals and other sensitive documents and used it to damage your business. For a SMB, the loss of critical business data can be catastrophic and may even result in business shutdown.

As a business, it is critically important to be aware of the vulnerabilities of your IT systems. Conducting a Network Audit or a Security Assessment is crucial in identifying the potential points for a cyber attack. Additionally creating best usage practices for email, data and internet usage, training employees on proper usage and strictly enforcing the best IT practices will go a long way in keeping critical business information safe and your business operations stable. Domitek helps SMBs use technology to be more successful and efficient. We also provide affordable, hosted email services including anti-spam, email security, Live Archive and encryption for compliance with Massachusetts state privacy laws, federal privacy and data protection regulations such as HIPAA, GLB, FINRA, SOX. If you have any questions regarding your network security or email systems please gives us a call at 508-755-6503.

Author: Sameer Sule is the VP of Business Development, for Domitek LLC. He focuses on business opportunities in the Managed Services and Cloud Computing arena and helping his clients use technology to be more successful and efficient.

In our April newsletter, we introduced you to Domitek’s easy, affordable Daily Server Safety Check service that monitors your server and checks to see if the Backup has successfully completed and that the Anti Virus software is up-to-date.  As you know, we take a completely different approach to IT support than other support companies in this city. Rather than waiting for you to discover problems and call us, we’re proactive and find small problems before they become big calamities saving you hours of downtime and frustration. This month we would like to inform you about our Daily Server Health Check Service that checks your systems every single morning before you start work. This way we are able to nip problems in the bud before – not after – they disrupt your business.

Your Server is where all of your business data is stored, so it’s vitally important its health is maintained. Dealing with IT at small and medium sized businesses for over 15 years, we have found that most business owners didn’t know whether their company server is running properly. e.g. email is running smoothly, disk space ok, critical services which underpin the network are running, all network devices; firewall, printers, photocopiers, routers etcetera are connected and in good working order and there isn’t anyone trying to hack their systems.

Can you imagine your company depending on the server and network to be running properly and nobody’s even checking it daily? What would you do if you couldn’t send or receive emails for a day? Your server stores all of your critical data so your staff can access it. What would you do if your staff couldn’t get access to their files for a day and you need to meet a deadline?
The Daily Server Health Check monitors the most important aspects of your system each and every morning, ensuring everything is working correctly and alerting you when it’s not.

For just $1 a day, we’ll run a daily check of:

We send you a short report via email each day – in plain language and before you arrive at the office – and it shows if your server has any problems. You can choose to fix any issues yourselves or can have us do it for a fee. It’s completely your choice. The Daily Server Health Check costs just $29.95 per month and you’re not locked in to any longterm contracts.

Try before you buy:
You can start your 30-day free trial of our remote monitoring services today. It takes just ten minutes to set up, and there’s no obligation.

Start Your FREE Trial Today!

Please email us at info@domitek.net, or call us at 508.755.6503 and we would be happy to start your free trial as soon as possible.  You also visit our website at www.domitek.net for more information about our services and solutions.

Zenith Mortgage Advisors, a long time client of ours experienced one of the “email not working” scenarios recently. They are a mortgage company with 1 server and 12 workstations. Their business, as is the case with most business nowadays, is heavily dependent on email as their primary mode of communication. They use it extensively to send documents to their clients and banking institutions. Their Microsoft Small Business Server running Exchange handles the workload. The emails need to be encrypted and the document files contain a lot of personal information about their clients. Hence sending unencrypted emails is not an option. Their server not functioning properly can lead to a great loss of productivity and revenue for the company. Therefore they depend on Domitek’s Preventive Maintenance Plan (PMP) Services to alert us of any server or workstation issues. Our system instantly alerted us about a possible issue with the server or any services interruption. As part of the PMP this client is using Domitek Smart System. All their emails are automatically archived. This system allowed their employees to stay productive and continue to send and receive email messages even though the email server was down. As soon as we were notified that the server was not able to send or receive emails as a result of network issue, we called the client and instructed them to use their LiveArchive email system, which provides the same level of encryption and data security. This is what Zenith had to say:
“I’m very happy with this solution, because during this network and email outage we did not suffer any loss in productivity and revenue; Domitek technicians were able to address the email problem effectively even as we continued on with business” Bob Prevelige, CMPS Zenith Mortgage Advisors 508.634.3422 ph www.zenithadvisors.com
Zenith also subscribed to our Managed IT services-Preventive Maintenance Plan, so are eligible for lower service rates for break fixes and also for service level agreements with predetermined service response times from Domitek.