Scott Spiro Blog

Are you sure your employees are not visiting risky sites? Do they know how to identify phishing e-mails and websites? Educate them and keep your business safe from harm.

Folks, it can happen to anyone. About a year ago I received an e-mail that appeared to be sent from e-bay. It requested that I reset my password due to a security breach. I was reviewing tons of e-mail and at first glance it looked legit to me. I clicked on the link provided, updated my info and went back to work. A few minutes later I realized: that wasn’t ebay! Why would they want me to change my password? And if they did, why did they need my screen name as well?

Most people have a handful of websites they visit regularly and don’t think twice about clicking on e-mails from those select companies. Beware! Some of these sites may be compromised and phishing e-mails can lead to disaster.

Double check the web address for the site you would like to visit and avoid infection or phishing scams.  Simply place the cursor over the ink you wish to check, right-click to open the white menu box and choose “Properties”. A box will open containing the information about that link. If you remmber the web-site address or have it saved in your favorites, double check that address against the one shown to ensure it is not a scam.

Don’t click on links provided in e-mails,  unless you are sure they are safe. Use your “favories” menu as a place to strt from. Then search the site for the particular promotion or offer you had seen in the e-mail.

Phisher’s are getting smarter and they now have the ability to provide phishing pages that can steal your information but still log you into the website you intended to visit. Without proper Web Defense systems in place, your employees are effectively unprotected. For example, say you want to log on to your bank’s website and you click on a link provided in an e-mail in order to open the site. If the e-mail is a fraud, the link provided can divert you to a phish page to login. This is a web page created with the intent to gather your user or other information in order to steal personal data. When you enter your login details they can be automatically stored for the phisher to use again, but you may not even notice a problem. Phishers can now provide a seamless link from the initial login on a the fake page to the intended website. CSG’s Web Defense service works at the network perimeter blocks the Phisher’s ability to bring your users back to the the dangerous webs site.

Nothing looked out of place… Phishers can duplicate a wide variety of websites today and some new phishing pages take the login information gathered and log you in for real so you never know the difference. Take the initiative, check links provided in e-mails or just avoid them like the plague. There may be no break in usual login procedures or indication that you have been phished until it’s too late. If you have any questions, we welcome your comments.

Scott Spiro speaks at the panel podium

On September 23rd, 2008 I had the opportunity to speak at a joint event sponsored by the Los Angeles Chamber of Commerce, Adobe, Premiere Global Services,and UCLA Extension. The event was held at the UCLA Faculty Center on campus.  Focusing on new web 2.0 technologies, the panel featured representatives from Adobe, IBM, UCLA Extension, CSG and Sapient. The event was well received with over 200 attendees. It was very interesting to see how these folks were leveraging Web 2.0 technologies to enhance the on-line user experience in a variety of ways. Adobe’s focus was on their Adobe Connect Pro product line. IBM discussed how Web 2.0 technologies were utilized by their internal HR department to provide a portal for internal company use. I spoke about CSG’s upcoming initiatives to deliver a customer portal allowing our customers to manage their support tickets in real time and participate in current projects CSG is working on for their companies.

Event Attendees

After the event, a mixer was organized and both Mark Fitzpatrick and myself had the opportunity to meet many of the attendees that stopped by our booth. Thank you to Gary Patten at Premiere Global Services and everyone that made this event a success and we look forward to the next one.

October is the start of the darkest time of the year and a perfect time to prepare for winter months. It’s not uncommon for a severe storm to hit without warning in the fall. That’s why protecting your computer and printer with a surge suppressor or uninterruptible power supply (UPS) is more than just a good idea- it’s an absolute must.

While a home circuit breaker can protect some of your appliances, it was not built to protect the sensitive electronic equipment in a computer. If an electrical surge hits your computer, it could fry your motherboard and CPU in seconds causing you to lose data AND the use of your computer.

The biggest mistakes most office administrators and users make is thinking that their power strip will protect them, when in reality it won’t. To adequately protect your sensitive electronic investments, you need a quality surge suppressor or UPS designed to handle the job.

Invest in a UPS battery backup for your computer. Your computer is continuously powered by the battery and the utility power recharges the battery. When the power goes out, surges, or drops, those problems affect only the battery charger, never your computer. The added benefit of a UPS is when the power goes out completely, you have anywhere from 5 to 20 minutes of power remaining to gracefully power down your computer without losing what you were doing. A surge suppressor will absorb power surges when they occur, but has no built-in battery to provide power should the electricity go out entirely.

A quality UPS can be purchased for $40.00 to $85.00, depending on the length of time you ned the battery to last. The larger the capacity, the higher the cost. In most cases you would want to shut down the computer immediately upon a power failure, so as long as you have 5-10 minutes you could save all of your work and shut down your computer properly.

Brands to look for are APC and Belkin. A great feature to look for in a UPS and a surge suppressor is a failure indicator light. This light will come on (or go out) when the device is compromised and no longer protecting your computer. Most devices have this but make sure to double check. A good surge suppressor can be purchased for $15 to $25. For superior protection… consider a surge station. These are larger surge protectors that fit under your computer or on the floor under your desk. Most have an input for a phone line that will protect your modem from power surges too. Many of these stations come equipped with built-in circuit breakers and can be purchased for as little as $40.00. Of course, there are also more advanced models with all the bells and whistles for upwards of $100.00. Finally, unplug your computer and all computer equipment, telephone, and modem lines during a lightning storm. This is the ultimate protection against sudden and devastating power surges. Most UPS devices have a cable to connect to your computer. This is so when the UPS is running on the battery it can notify the computer to begin shutting down on its own if you aren’t there.

Remember to backup regularly. We cannot stress this enough- always backup your important information. A remote backup solution or internet vaulting solution would always be recommended to ensure data is backed up off-site in case of emergency.