email

Article Dean Dorton

Are you one of 143 million people (the equivalent of approximately 1 in 2 Americans) who have potentially been impacted by the Equifax cyber breach? Equifax, one of three major credit reporting agencies, announced yesterday that personal information, including but not limited to social security numbers, driver’s license numbers, and credit card numbers, has potentially been compromised for up to 143 million people.

Was your personal information compromised? Click the button below to access Equifax’s website to determine if you are at risk:

Check Potential Risk

If you were potentially impacted, Equifax will enroll you in a one-year credit monitoring and identity theft protection plan. Be sure to read the legal disclaimer before completing the enrollment.

In the coming weeks and months, be extra skeptical of any emails you receive regarding this matter. Scammers will try to capitalize on this situation and launch many phishing attacks.

UPDATE, 9/11/17

We have received many follow-up questions and comments from concerned individuals. We have also continued to monitor critical news and updates. We want to provide our clients and contacts with some additional follow-up items.

  1. A number of people have raised concerns about using the Equifax free one-year monitoring service. Some indicate that the legal disclaimer states that you will be waiving your rights to any legal action. Others have expressed concerns about their ability to protect your information.
    • Equifax has clarified the concern about their standard legal language in their terms of use, indicating that those limitations do not apply to the cyber incident. However, if you are still concerned, you have the option of mailing in a letter with an opt-out notice for the arbitration clause.
    • If you are concerned about providing Equifax with your information for the free monitoring, you can consider using another trusted source for credit and identity theft monitoring service. There may be fees associated with these services.
  2. Many people have asked what else they can or should do. The Federal Trade Commission offers some additional steps to consider, such as:
    • Monitor your credit reports from all three service bureaus
    • Consider placing a credit freeze on your files
    • Monitor your banks accounts and credit cards closely
    • Consider placing a fraud alert on your files
    • File your taxes early
  3. Be VERY cautious and skeptical of any emails or phone calls you receive regarding this. Confirm that any communication is from a trusted source and review any links before clicking them to be sure they are routing you to the intended location and not rerouting you to a false site to steal more information.

For any questions or concerns related to cybersecurity and user awareness, please contact Jason Miller, Director of Business Consulting Services at jmiller@ddaftech.com or 859-425-7626.

Article Dean Dorton

The Internal Revenue Service warned people to avoid a new phishing scheme that impersonates the IRS and the FBI as part of a ransomware scam to take computer data hostage.

The IRS said: “The scam email uses the emblems of both the IRS and the Federal Bureau of Investigation. It tries to entice users to select a “here” link to download a fake FBI questionnaire. Instead, the link downloads a certain type of malware called ransomware that prevents users from accessing data stored on their device unless they pay money to the scammers.”

“This is a new twist on an old scheme. People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won’t get their first contact from the IRS with a threatening email or phone call.”

John Koskinen, IRS Commissioner

Article Dean Dorton

It’s no secret that scammers are continuously looking for new ways to reinvent common scams, especially when it comes to phishing emails. Phishing emails are meant to look real, but trick you into clicking a link, providing personal information, or downloading viruses or malware.

Recently the Better Business Bureau learned of a new version of this scam which is circulating quickly. While anyone may receive this email, scammers are specifically targeting small businesses.

According to the Better Business Bureau, here is how the scam works:

You receive an email with the subject line “QuickBooks Support: Change Request.” The message is “confirming” that you changed your business name with Intuit, QuickBook’s manufacturer. However, you never made such a request. It must be a mistake, but fortunately the email contains a link to cancel.

Hand click no [Converted]Pause before you click! Scammers know that you didn’t make this request, and the link to cancel is simply bait. It downloads malware to your device, which scammers use to capture passwords or hunt for sensitive information on your machine. This can open you up to identity theft.

How to Spot a Phishing Scam:

Always be wary of expected emails that contains links of attachments. Here are some other ways to spot phishing messages:

  • Check the reply email address. One easy way to spot an email scam is to look at the reply email. The address should be on a company domain, such as jsmith@company.com.
  • Check the destination of links. Hover over links to see where they lead. Be sure the link points to the correct domain (www.companyname.com) not a variation, such as companyname.othersite.com or almostcompanyname.com. Scammers can get creative, so look closely.
  • Consider how the organization normally contacts you. If an organization normally reaches you by mail, be suspicious if you suddenly start receiving emails or text messages without ever opting in to the new communications.
  • Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Be especially wary of messages you have not subscribed to or companies you have never done business with in the past.
  • Don’t believe what you see. Just because an email looks real, doesn’t mean it is. Scammers can fake anything from a company logo to the “Sent” email address.

Source: Better Business Bureau

When in doubt, if you have a questionable email, it is best to call the source of that email (person or company) to verify that they sent you something you need to open.

If you have concerns regarding your accounting systems or cybersecurity, please contact your Dean Dorton advisor.

Article Dean Dorton

Today your business relies on email and web more than ever. As the use of email and web increases, so does the number of advanced threats targeted at infecting users through these critical channels. An advanced email and web security strategy is critical to maintain business operations and protect your organization’s business-sensitive data.Watch this short video on Cisco email and web security solutions to learn about:

  • The current email and web threat landscape
  • Why traditional security solutions are falling short
  • What you need to protect your organization
  • How Cisco email and web security can help

Watch NowUpcoming Events

Join us this spring as we discuss comprehensive business network security topics including Cisco’s Advanced Malware Protection suite of products that provides a solution to secure your infrastructure before, during, and after a malware attack. We highly encourage company chief financial officers, chief operating officers, and chief information officers in the industry to attend this event.3:00 – 5:00 p.m.

Crank & Boom Craft Ice Cream
1210 Manchester Street
Lexington, KY 40504

Registration Closes April 193:00 – 5:00 p.m.

Against the Grain Brewery
401 East Main Street
Louisville, KY 40202Register NowContact Jason Miller at jmiller@ddaftech.com or David Rice at drice@ddaftech.com if you have any questions.View Jason Miller’s Bio

Article Dean Dorton

Less than a year after its predecessor, CryptoWall 3.0 (which inflicted an estimated $325 million in damages in the US alone), the most recent version of the world’s worst ransomware has surfaced, CryptoWall 4.0. While the end result for the attackers remains the same, to extort money from victims whose files have been encrypted and held for ransom, the malware itself has gotten a major facelift.

What’s new about CryptoWall 4.0

Like the previous version, this one is being transmitted through emails with a “resume.zip” extension but unlike the previous version, researchers note the encryption of filenames along with the encrypted files and data to be the biggest and most significant change in CryptoWall 4.0 (see image below).

CryptoWall 4.0 encrypted files

“This is a first,” according to Nathan Scott, an independent researcher who examined the code with Security Colleagues at Bleeping Computer. “I’m surprised more don’t do it; this makes it significantly harder to recover files except for paying the ransom. If you try to do a forensic data recovery, the files show up with these weird names and the user doesn’t know what file is what,” Scott said. “The only way to regain your data is a complete backup. If you don’t backup, the only way to get the data back is to pay the ransom.”

System Restore Points are also erased in this revamped version, taking away the option of returning to a previously saved state. Also, “CryptoWall 4.0 still includes advanced malware dropper mechanisms to avoid antivirus detection, but this new version possesses vastly improved communication capabilities,” according to Andra Zaharia of Denmark-based Heimdal Security. “It includes a modified protocol that enables it to avoid being detected, even by second generation enterprise firewall solutions. This lowers detection rates significantly compared to the already successful CryptoWall 3.0 attacks,” said Zaharia.

What should you do to mitigate your chance of a CryptoWall 4.0 infection?

There are many ways you can help to prevent a Cryptoware infection and proactive measures to put in place that will lessen the impact an attack can have.  Some of them are:

  • Back up your data constantly and frequently, ensuring that your backup systems are working properly and you have tested the restore functionality
  • Do not open spam emails or emails sent by unknown senders and do not download or open any attachments within those emails
  • Use products that can detect and block recent Cryptoware variants and ensure that your anti-virus and/or anti-malware applications are up to date
  • Keep your system up to date and always install the latest updates available

CryptoWall 4.0 Data Backup OpenDNS

Here at Dean Dorton Technology, we know that no solution is 100% guaranteed to prevent and block all ransomware from infecting your companies’ network.  For that reason, it is vitally important to ensure you have a complete backup and disaster recovery solution in place.  If you would like to learn more about the solutions we can provide, please contact John Miller at (859) 425-7701 or jomiller@ddaftech.com to set up a consultation today.

Article Dean Dorton

What controls does your business have in place to manage electronic fund transfers? How easy would it be for your Accounting Department to unknowingly participate in a fraudulent request to complete a wire transfer? Without adequate controls in place, your company could easily become the next victim of a common email phishing scheme. It is easy to think that your employees wouldn’t fall for something like this, but it happens more often than you think.

A local company recently lost over $85,000 because an employee in the Accounting Department received an email that appeared to come from one of the executives. Proper controls were not in place and funds were transferred. By the time anyone realized what had happened and the FBI could be contacted, the funds were gone and could not be recovered.

These types of scams have been around for a long time. However, the thieves are getting more sophisticated and actually put a great deal of effort into the process. It only takes a few vulnerable victims to make their effort pay off. There has been a large upswing in the number of attempts to defraud businesses – yes, even here in Kentucky!

Some attacks use a method called spoofing. Spoofing allows a sender to disguise their address and make it appear as though it came from someone else. For example, I could send an email and make it look like it came from your CEO. With the proper email security and SPAM filtering in place, most of these attempts do not make it through the filters. Properly managed email systems can recognize the spoof and block the message. More recent attempts involve the thieves actually registering a new domain name that is very similar to yours and setting up an email address that comes very close to that of your CEO or management. So close, it is very easy for your employees to not recognize the difference. Generally the email address is only one character off (e.g., jmiller@deanndorton.com instead of jmiller@deandorton.com.

The best defense against these attacks is to ensure there are strong controls around your electronic fund transfer processes that require more than an email request to process the transaction. For example, it is a good idea to require written sign-off. Note that an email does not equal written sign-off. If situations arise where you do need to use email, the recipient should always start a new email message to the requester (never reply to the request email). A text message to the requester would also add an additional layer of confirmation. However, completion of a company request form would be best. A strong control would require dual sign-off for transfers, especially those over a certain dollar amount and for new vendors (or new transfers). The key point here is having a two-step process to help minimize any opportunity for fraud.

Don’t put your business at risk by not having internal controls. For help evaluating and improving your information security and internal controls, please contact your Dean Dorton advisor or Jason Miller, Director of Business Consulting Services, at 859-425-7626 or jmiller@deandorton.com.


View Jason Miller’s Bio