Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt USD379209014 ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Cyber Threats are Real – Prepare Yourself
Global Tensions Present Cyber Threats Across The Internet
The White House has recently released a statement warning US citizens of the threat of ‘malicious cyber activity’ in response the the war in Ukraine. Many of the recommendations are consistent with SPARKS!’ messaging over the years:
- Protect your accounts with secure passwords and multi-factor authentication. We recommend using a password manager for security and ease of use.
- Avoid phishing and do not open any suspicious emails! Here are a few email safety tips.
- Update your anti-virus, anti-malware and security software as well as your operating system, apps and other systems. View a list of known exploits at CISA.gov
- Backup, backup, backup! Take advantage of offsite options and cloud providers such as Dropbox and Microsoft OneDrive.
You can view the view the entire White House Fact Sheet online.
Social Media Hacks Escalating
Email isn’t the only platform vulnerable to hacking. The security platform Malwarebytes reports an increase in phishing attempts targeting Facebook and other social media users. Remember, don’t open any suspicious email links and go to the actual website to login and verify any communications or changes.
Stay safe out there…please!
What is SMiShing?
If you’ve never heard of SMS phishing, or SMiShing, you’re not alone. Most people aren’t aware of how at risk they are of becoming a victim of the criminal activity, but it’s becoming increasingly prevalent in this day and age.
What is SMiShing?
A type of phishing, SMiShing occurs when someone is tricked into giving out private information through a text or SMS message. This is especially dangerous because while most people know not to open suspicious links in emails, many are still trusting of texts regardless of how unfamiliar the number is. In today’s ever-changing online world, it can be hard to know how to effectively guard against it.
Someone looking to steal your information, or a “SMSiSher”, could be looking to gain access to anything from your online passwords, your Social Security Number, or your credit card information. The scammers use a variety of tactics to manipulate the victim and get the information they want, such as warning the recipient of the message that they’ll be charged if they don’t click on a link and provide their personal information.
How do you know you’re being SMiShed?
Typically, you should be cautious when you receive a text message from someone that you don’t know. If the text isn’t from a saved number, or if it doesn’t look like a phone number at all, proceed with caution. For instance, if the text comes from a phone number like “5000”, it’s almost definitely fraudulent. If someone sends you a link, take a minute to make sure it’s legitimate and not a scam.
Usually, texts that urge you to take action on something extremely urgent right away are a sign that it’s not to be trusted and could be someone trying to SMiSh you.
Protecting yourself against SMiShing
Adding a VPN to your phone is a great way to stay staff and secure your text message conversations. Don’t download any apps from anywhere other than the app store. Never store your credit card or banking information anywhere on your smart phone. If someone does try to SMiSh you, report it so that it doesn’t happen to you or others in the future.
The most effective way to guard against SMiShing is to simply not respond to the text message. As long as you’re cautious and use common sense, you’ll be able to keep your information safe.
Want to learn more?
The digital world is always changing, and SPARKS! is here to help. Contact us today or give us a call at 410-244-5111 and let us help you with all of your website needs.
The Importance of Data Privacy
January 28th is Data Privacy Day! Data privacy is an issue that impacts just about everyone, whether you’re the CEO of a large company or simply someone who uses their phone and the internet like the average person.
We all want to protect our data, but it’s easy to become a victim of the dark web even when you think you’re doing everything right. Here are some tips on how to ensure no one is using your data for their own personal gain.
Use Strong Passwords
Those same two passwords that you’ve been using for the last 10 years aren’t going to cut it. You need to create truly unique passwords that will be difficult for a hacker to figure out and exploit. Tools like Lastpass are an efficient and secure way to store all your passwords in one place. That way, you can create complicated and hard to figure out passwords for all of your accounts and not have to worry about writing them down somewhere to remember them.
Update Your Social Media Settings
We’re all guilty of oversharing on social media. Sites like Facebook and Instagram have a lot of information about us, and there are a lot of people who would love to get their hands on that data. Check the privacy settings on all of your social media accounts and make sure you aren’t sharing information with anyone that you don’t want to.
Avoid Being Tracked
Simply going to a website provides potential hackers with information about you and your web history. Using incognito mode isn’t going to do much to keep your web history private, so it’s important to use tools that can actually protect your privacy. A VPN connection is one way that you could prevent websites from tracking your location. Learn more about anti-tracking tools for your web browser here.
Backup Your Data
Have you ever been in a situation where you lose your phone or your laptop and you forgot to back it up so you lose tons of valuable information? Backing up your devices can also help you if one of them is stolen or compromised. 68% of small businesses don’t have a disaster recovery plan. No one wants to imagine their business is vulnerable to something like this, but it’s better to plan ahead and be ready.
Utilize Anti-Malware Protection
It’s essential for you or your business to utilize anti-malware protection. No matter how diligent you are about protecting your data, your device is likely to be infected at some point. A strong anti-virus protection program will go a long way towards avoiding a potential disaster.
Use Encrypted Email
A few email programs, like Gmail and Outlook, use encrypted email. But most others don’t. If you’re sending a confidential email that contains sensitive information, make sure you send it using an email provider that will keep your data secure and protected you from any unauthorized users.
Lock Down Your Data
The new decade is sure to make users even more vulnerable to potential data hacks, which is why it’s more important than ever to stay ahead of the curve. SPARKS! is here to help with all of your website needs. Contact us today or give us a call at 410-244-5111.
Prevent Hacking and Frustration with a Password Manager
Chances are you have more logins and accounts to keep track of than ever, and with that comes the inevitable irritation of not being able to remember a password you swore you’d remember.
Or worse, you’re still using the same password you used in middle school, leaving yourself or your business vulnerable to getting hacked. That’s where password managers come in.
Password managers store all of your login information so you don’t have to keep track of them. That way, you can make the passwords as complicated and difficult to hack as possible without worrying about whether or not you’ll be able to remember them. As we continue to live more and more of our lives online, they’re becoming an essential part of the daily routine.
So, which one should you use?
There are a ton of password managers available, so it can be difficult to narrow your choices down and make the best decision. The premium version of LastPass is available for just $3 a month and is a simple and secure way to store all of your login information, especially if you’re running a business and your goal is to keep you and your employees on the same page. It also generates strong passwords for you, so you don’t have to worry about thinking them up yourself. Once you save a password through LastPass, it’s available on all of your devices, so you can take it everywhere you go.
That’s far from the only option, though. 1Password, Enpass, and Dashlane are just a few of the trusted password managers currently available. Research your options and find the one that you think will work the best for you.
Are they always safe?
Unfortunately, as is the case with all technology, password managers aren’t perfect and do come with their security flaws. Research has found that they can be vulnerable to targeted malware attacks, and there’s reason to be concerned about the idea of putting all of your passwords in the same space.
This past February, Independent Security Evaluators did an audit of five of the top password managers and found that the Windows 10 apps for those programs left some passwords exposed in the computer’s memory when the apps were in “locked” mode. Some master passwords, used to unlock all the passwords, were even left exposed. The response of the companies differed, but LastPass performed an update that will help prevent exposed passwords going forward.
Let Us Handle the Passwords
Still feeling overwhelmed by all the options? Give us a call at 866-500-8088 and let us handle all of your digital marketing needs.
The Battle for User Privacy
People are more cynical than ever about how their privacy is being protected when they’re online these days, and with good reason.
It’s impossible not to leave a digital footprint in 2019, and search engines can end up mining your data even when you use features like incognito browsing. Keeping your browsing history private has never been more important, so here are a few tools you can utilize to make sure your information stays truly hidden.
DuckDuckGo
DuckDuckGo is a browser extension that protects your data and then gives you information on what they’re blocking. It’s also extremely easy to use. All you have to do is install the extension and you’re ready to go. As they would tell you, it’s privacy, simplified. By enforcing encrypted HTTPS connections, DuckDuckGo can give the page you visit a grade based on how badly they want to steal your data. Then, they block tracing cookies from being able to identify you and rank the privacy polices of all the sites that you visit.
Use a VPN
A VPN cloaks and encrypts your signal, thus making your search history and online activity untraceable. It also makes it appear as though your IP address is coming from a different device, location, or country. Using a VPN is particularly helpful when you’re logging onto public wi-fi or an unsecured network. This will hide your data from anyone looking to snatch it up and mine it for themselves. So, the next time you’re at a coffee shop and want to browse freely, you won’t have to worry about a thing!
Safari Safety
Apple continues to take steps to make browsing on Safari a safe and private experience. Recently, they announced new software that will alert you to a website trying to access your cookies or other data and give you the option of deciding whether or not you want to allow it. The company also plans to make the Mac devices people use to browse the web indistinguishable from one another by muting the fingerprint effect.
Firefox
If you’re a regular Firefox user, third-party cookies are blocked by default. The browser also gives you detailed information on the trackers and cookies that the sites you’re visiting have attempted to leave. If you’re looking for tracker and ad blocking protection that takes things a step further, Firefox Focus is available for iOS and Android. It’s not quite as detailed as the full Firefox, but it’s worth a try if you’re looking for a simple experience that prioritizes privacy.
Go Incognito
As mentioned above, using “Incognito Mode” when you’re on Google Chrome is always an option. This allows you to browse the web privately while still being able to bookmark sites and download files.
Keeping your browser history private is just the first step in making sure that you’re secure online. Check back soon for our blog on how password managers can keep you safe from hackers. Until then, get in touch with us if you want to discuss anything in the wide world of web, media, or marketing!
WordPress Requiring PHP Upgrade
If your WordPress platform is used to manage and maintain your website, it may be time for a PHP upgrade. Don’t know what PHP is? You’ve come to the right place.
PHP (Hypertext Preprocessor) is a popular open source general-purpose scripting language that is easily embedded into HTML and used for web development. When a page contains PHP, the code is executed on the server, creating HTML that gets sent to the client. The results of that script get sent to the client, but they never know what the underlying code is. It’s entirely possible to set up your server so that all of your HTML files are processed with PHP.
PHP is simple, but still contains a lot of features that are enticing to a more advanced programmer.
Need to Upgrade?
Now that you have some information on what PHP does for your site, it may be time for an upgrade. When a new version of PHP gets released, it’s fully supported for two years. After the two years of active support have ended, it’s supported for an additional year, but only critical security issues are fixed. After three years, that version of PHP has reached the end of its shelf life and is no longer supported. That could be the case for the PHP running on your site right now.
Unless your site is currently using PHP version 7.1 or higher, it’s no longer supported and you need to upgrade. Active support for version 7.1 ended 5 months ago, but security support will still exist for another 6 months. You’re even better off if you currently have versions 7.2 or 7.3. Active support for version 7.2 continues for another 5 months, while version 7.3 will still have active support until 18 months from now.
What About My Site?
If your website has been developed within the past two years or so – or if it is built on a WordPress theme that has been recently updated by the designer to accommodate the latest PHP – chances are your site should run fine on the latest version. However, if you’re site is older or the theme is outdated, it may be time for a website refresh. Older themes may have other issues as well including mobile-friendliness and compatibility with some of the more recent plugins and integrations. Think five years isn’t a long time? The iPhone 6 was released in 2014 so imagine how displays and technology has changed!
Why is it Important?
Maybe you’re thinking that upgrading your PHP isn’t all that important and that you can continue running an unsupported version on your site without anything bad happening. After all, PHP is used by over 78% of all websites, and some of those sites have to be running on unsupported versions of PHP, right? Instead of falling behind and coming face to face with your very own PHP horror story, remember these important reasons to stay ahead of the curve.
- Security: Ensure that you’re running on a version of PHP that is fully supported and regularly checked for security vulnerabilities.
- Performance: PHP versions 7.2 and 7.3 perform much better than older versions and will help your website to run smoother and more efficiently.
- New Features: Some of the new features for the most recent versions of PHP include combined comparison operator, new type hinting, and anonymous classes.
Have questions about PHP, WordPress, or your website? SPARKS! Marketing Communications is here to help. Give us a call at 866-500-8088 or CLICK HERE to request a Free Website Review.
Fighting Back Against Domain Hijacking
Has your company gotten a letter in the mail recently informing you that your domain name is expiring and asking you to switch to the domain name service that they’re providing? If so, you’re likely the target of an attempted domain hijacking.
This is serious business, so it’s important that you be able to successfully identify the characteristics of a hijacking and take the proper steps to avoid falling for their trap.
Be on the Lookout
“Domain hijacking” is basically a fancy way of saying that someone stole your domain registration, which is never good. If an unauthorized source has the rights to your domain name, that means they have access to your domain registrar account details and can alter the personal, technical, and administrative details of your domain.
One of the worst offenders of this practice is iDNS, or Internet Domain Name Services. If you receive a letter from them asking you to renew your registrar with them, you’re the target of a scam and should act accordingly. Throw the letter away and move on.
Hijackers have several ways of snatching your domain name from you. Phishing pages, data breaches, calls to you claiming to be your domain registrar, and local keyloggers installed in your computer all present hijacking threats.
What Should You Do?
If someone is able to infiltrate your domain, the next step you should take is to immediately contact your domain registrar, or the company you registered your domain with. Let them know that your domain has been stolen out from under you, and if you’re able to prove that the transfer was fraudulent, your domain can be transferred back to its original registrar. If your domain found its way to a new registrar after getting hijacked, that registrar will work with your previous one to return the domain to you.
Hacking Prevention
Of course, you should avoid letting your domain get hijacked at all if possible. Make sure the domain you registrar with is trustworthy. SPARKS! can help with that. If you don’t fully trust the registrar that you’re with right now, transfer it as soon as possible. Ensure that your passwords and login information are air tight and not easy for anyone to hack, and be diligent about not letting your domain registration expire, which would result in a hacker not even needing to hijack the site.
Some domain registers are now providing domain locking services that prevent domain transfer without heightened security checks and authentication.
Searching for a company that you can trust your domain with? SPARKS! Marketing Communications has you covered. For more details about how we can keep your website safe and secure, please contact us at 866-500-8088 or visit https://www.onsparks.com/.
Privacy Changes Coming to Facebook
Are you one of the 1 in 4 Americans who have deleted the Facebook app from your phone? Are privacy concerns the reason you pulled the trigger? If so, the social media platform is taking steps to try and win you back.
Facebook CEO Mark Zuckerberg announced plans to make the most popular social media site in the world more appealing to users who are concerned about the cavalier attitude the company has had when it comes to sharing users data and personal information. Recently, Facebook has been at the center of multiple scandals involving user privacy and breaches.
Zuckerberg’s goal is to give users more ways to communicate privately, encrypting sensitive data in a way that can’t be read by Facebook. In a post, Zuckerberg acknowledged that “people increasingly also want to connect privately in the digital equivalent of the living room”. Details are sparse, however, when it comes to laying out what changes the company actually plans to make.
“I understand that many people don’t think Facebook can or would even want to build this kind of privacy-focused platform,” wrote Zuckerberg, “But we’ve repeatedly shown that we can evolve to build the services that people really want, including in private messaging and stories.”
Despite the proclamation, most users remain skeptical of the platform’s intentions. “This does nothing to address the ad targeting and information collection about individuals,” Jen King, director of consumer privacy at Sanford Law School’s Center for Internet and Society, was quoted as saying. “It’s great for your relationship with other people. It doesn’t do anything for your relationship with Facebook itself.”
Some advertisers are even dropping the platform all together, citing the company’s “despicable business model”. Mozilla, Basecamp, LegalAdvice.com, and Approyo are among the companies that have stopped advertising on Facebook. Despite the withdrawal of advertisers, Facebook’s earnings continue to increase and have not been impacted.
This isn’t the first time that Facebook has made a promise that they haven’t been able to keep, and only time will tell if this go around is any different. Until Zuckerberg and company announce more concrete steps, the public can only speculate on what this will do for user privacy going forward.
Email Safety Tips for Your Business
Simply changing your passwords every six months or using unique passwords for each login isn’t enough. You need to go the extra mile to ensure email safety and that your data is protected.
Any business owner will tell you that one of their primary concerns is email security, but not all of them are doing everything they can to ensure that their company’s most sensitive information doesn’t get stolen or exposed. Here are five tips to follow so that you and your employees can do just that.
1) Protect yourself from Spammers and other “bad guys”
It’s never been easier for spammers to wreak havoc on your business. Make sure that you’re not opening emails from addresses looking to steal your information and use it for disruptive purposes. Some tell-tale signs of spam mail include duplicate emails to different email addresses, indentation of the first letter of the sender’s name, or no sender name at all. Make sure that your junk email settings are configured to catch fishy emails and block any addresses that you know have sent you spam in the past.
2) Educate your employees
It’s up to your employees to follow best practices and do their part to keep their email free from harm. Provide them with the tools they need to understand what qualifies as unsafe when they’re checking their mail, and implement company rules so everyone knows what’s expected. Some companies are even testing employees by sending them spam and phishing emails to see if they know how to deal with them.
3) Keep vulnerable information to a minimum
More than ever before, we live our lives online. There’s no way to prevent the existence of sensitive information on the internet, but it’s important to avoid sending that information to anyone over email if at all possible. Once you press send on a message, you lose the ability to control what’s done with it. Responding to a phishing email with important information could lead to that information being sold online or used by the phisher.
4) Disregard emails from companies and people you don’t know
That email from the guy you’ve never heard of who misspelled two words in the subject line? Delete it. The attachment that you weren’t expecting from the company that doesn’t sound real? Don’t open it. When in doubt, play it safe and stick to opening emails and attachments that you know have business with your company.
5) Implement an email retention policy
Emails employees receive that don’t directly impact company business should be deleted. In fact, some companies are introducing a practice in which emails are automatically archived or permanently deleted after 60-90 days.
Plan Ahead
No matter how many steps you take to ensure that your email doesn’t get taken advantage of, things happen that you can’t prepare for. Human error is to be expected, so make sure that you have a plan in place to deal with the situation as best you can. Spam filters, anti-virus software, remembering to log out, and setting up two-factor authentication can also help keep you free from harm. Don’t wait around for your company’s information to be compromised, act now.