Every day I have a quick read of the Infosecurity magazine and various other publications. From headlines, to whole articles to white papers. AND every day without fail there is a new emerging threat. Are you prepared in some way, all ways or NO way????

You shop online, it's now par for the course. There are very few people out there that do not take advantage in some way of the "benefits" of online shopping. We enter our card details, home address and sometimes our place of work. It makes sense to have your lovely new shoes delivered to work as you won't be at home take them in. So lets say it's not your computer or place of work that is a target of the online fraudster but the company you have just shopped with, you are exposed they know where you work that you won't be at home and your card details!!!

My problem but not my problem is that what we are thinking... Who has to take responsibility for this occurrence? Large companies do the right thing and apologise advise you to change your password and so on and we accept this, moan a bit accept an early upgrade or somesuch, and then  forget all about it.

So a few months down the line your card details have been cloned or you get burgled do we link this back?

We all need to start taking responsibility for our own devices and protecting them, individuals, S.M.E's and large corporate companies. We are all responsible. @harlequincdis can help you. Contact us for a chat in exchange for a decent coffe and we are here to help guide you through.

So, you are a small business, with perhaps 1-15 P.C users. How does cyber-hygiene in the workplace apply to you?  Is it something you have ever considered, or perhaps you feel it does not apply to you.

Think again. 2015 was referred to as the year of the data breach. And sadly statistics are on the increase. Figures from the N.C.A (National Crime Agency) state that Cybercrime is responsible for 53% of all U.K reported crime....53% with figures likely to increase! Now that is scary stuff.

A lot of S.M.E'S see themselves as too small to be affected.  Allow me to ask you this question. Your house is Insured right? Would you conversationally say my house is too small to need Insurance?

Naturally, without question most of us are sensible and have Insurance 'just in case'. So why is your business any different. Your business needs protecting.

Theives, and they are thieves will target anyone that is vulnerable. If your business does not have the appropriate measures in place you are a target.

Now lets move on from this and say you have been targeted. You have now suffered a data breach. What do you do? How do you go about recovering your data? What are the costs to your business, for the recovery and mopping up that needs to be done following on from the data breach? You now have to contact all of your clients, and all of your staff to inform them of this breach and advise them how to proceed.  Your reputation is now damaged, can your business sustain the financial losses .

Another statistic for you.... 80% of S.M.E'S go out of business within six months of suffering a data breach. So let me ask you again DO YOU HAVE CYBERCRIME prevention within your workplace? For all I.T concerns we are available to advise you and guide you through your journey. We offer a bespoke service and are happy to provide a free no obligation site survey in exchange for a decent cup of coffee.  

Follow us on twitter @harlequincdis or @joannefrais and our official website www.harlequincdis.com

So... You have car insurance? You, as standard have home insurance? And I'm guessing you possibly have life insurance. With all of these Insurances do you ever expect to make as claim? No, quite the opposite you hope never to have to make a claim but have these "safeguards" in place. Peace of mind if you like. 

So as a business owner ask yourself this; Is your business suitably protected against a data breach do you have an "Insurance" policy in place? Possibly not.

WHY???? Cost highly likely or possibly you've not even considered the fact that your business needs it. Data breaches are sadly now common place. Every business that holds personnal data is at risk of being hacked.

I hear you think not my business, why would they want to hack my business, or even my business is too small..... If a hacker can gain entry into your business within 15 minutes and obtain data that they can sell on, that could be national insurance numbers, home addresses, bank details and the list goes on- My question is simple why would they spend six months hacking a bank? Well they do both quite simply. While working on the big time they are targeting the quick bucks too.  The bread and butter if you like.

If you were to suffer a DATA breach not only do you face a fine of up to £500,000 but the damage to your reputation is priceless. 80% of small businesses sadly shut the doors within six months of suffering a data breach, they just do not have the money to support the blow...

All businesses need protecting and not only do you get Insurance you actually get a SERVICE imagine that, an Insurance that actually gives you something. Because quite honestly we pay for Insurance and whilst it provides peace of mind what do you actually get in return....NOTHING!!!!!

Harlequin CDIS offer our clients managed services which provides day to day back up and peace of mind- all of our services ( "INSURANCE")  are bespoke so you only pay for the services you wish to take advantage of.

Contact Jo-Anne Frais at either j.frais@harlequincdis.com or via www.harlequincdis.com

The UEFA EURO 2016 opening ceremony is literally around the corner, the City of London Police is launching a new campaign called #RedCardtoCrime. This campaign has been launched to stop online ticketing fraud and the sale of counterfeit goods. The City og London Police is the national policing lead for fraud. Working together with Action Fraud, they are warning memebers of the public about the risks of buying last minute and discount tickets, as they are likely to be fraudulent. Action Fraud has already recieved around 35 reports of ticket fraud realting to the UEFA EURO 2016.

For full information on how to protect yourself from buying fraudulent tickets online. Harlequin CDIS recommend visiting Get Safe Online.

https://www.getsafeonline.org/shopping-banking/buying-tickets/

Typosquatting is a form of cybersquatting (sitting on sites under someone else’s brand) , this is also known as URL hijacking. Typo squatting targets users who incorrectly type or miss-spells a website address into their web browser. Users may be led to an alternative website owned my cyber criminals, created for malicious purposes.

In a 2008 study by ScamBusters.org, “Beware of Typosquatting and new Identity Theft Warnings,” identified 80,000 typosquatting sites covering 2,000 frequently used websites.Paul Ducklin, a computer security expert with the company, Sophos, recently investigated the scale and risk of the typosquatting industry and reported his findings in “Typosquatting — what happens when you mistype a website name?” on the Sophos Naked Security website. 
Ducklin applied “every possible one-character typo” of six popular domain names: Facebook, Google, Twitter, Microsoft, Apple and Sophos. He collected http data and browser screenshots from 1,502 websites and 14,495 URLs. He found the most typosquatting activities on these sites:  

• Advertising and popups: 15%
• IT and hosting: 12%
• Search: 6%
• Cybercrime: 3%
• Adult and dating sites: 2%

Protect yourself from typosquatting! Spend more time spelling website addresses, Use a safe search tool and security solution, and be cautious when clicking on external links.

41% of Malware infections, are Banking Malware. But what is Banking Malware? Banking Malware is a type of software that is used by fraudsters and cyber criminals to target online bank accounts. This allows them to obtain personal and finacial data. Sufficient Anti-Virus protection is a must to try and minimise the risks of becoming infected. However, if a computer or mobile device becomes infected, cyber criminals can take control of the internal functions of the device remotely, This is how they are able to obtain personal data, access online bank accounts, encrypting files and re-distributing malware to others.

There is normally a finacial cost involved in all of this, either having to buy anti-virus software to protect the device or paying a randsom.

How can you unintentionally download malware?

• Clicking on an infected attahcement in emails.
• Clicking on an infected website links.
• Clicking on an infected link whilst on a social media site. Ie Watching Videos etc.
• Inserting an infected removal drive into the device.
• Downloading an infected file attachment, text or via a mobile application.

Most Banking Malwareat Information by following four different methods: Cookie Grabbers, Virtual Network Computing (VNC), Spy Modules and Drive Scanner. Ramnit is a type of Banking Malware that is most popularly used by cyber criminals. According to Symantec more than 3.2 million computers were infected globally over a five year period (2010-2015) by this type of malware. In February 2015 law enforcement and industry conducted an operation which led to a number of seizures of servers controlled by the Ramnit criminal group. However it is thought that it is starting to remerge and poses as a serious threat to all computer users.

Please follow the Link for More...

http://www.actionfraud.police.uk/news/action-fraud-warns-that-banking-malware-accounts-for-41-percent-of-recorded-malware-attacks-apr16

Action Fraud has recieved numerous calls and reports from the public who have recieved debt collection and council tax scam emails

Debt Collection Emails- Please see spear phishing email below.

As you can imagine these have worried recipients because they use detailed personal infromation such as full name, address and postcode. The emails clain to act on behalf of a legitimate comapny called Optex (Europe) Ltd and contain a link which could infect your computer with Cryptolock or Maktub randsomware. This spear phishing email could evolve at any given time, so look out for variations and that it is easy for fraudsters to adapt information. To prevent your personal infomation ending up in the hands of  fraudsters. Follow Action Fraud and their advice on how to protect it. http://www.actionfraud.police.uk/resources-and-campaigns/not-with-my-name/-tips-to-prevent-id-crime

Council Tax Emails- Please see spear phishing email below

This email has been continuously spammed out over the past few weeks and aims to catch residents off guard. It uses a realistic domain name and claims there is a new service up and running to make it so much easier to pay your council tax bill online. If you are in doubt about any service your coiuncil provides, contact them directly.

To report a fraud and receive a police crime reference number, call Action Fraud on 0300 123 2040.

'Determind to make difference'

@RBS_FW #FWW2016

Harlequin CDIS attended the Royal Bank of Scotland Group, Focused Women's Networking event. The RBS Focused Women's Network (FWN) was launched in 2007 to support the Group iin actively attractive, developing and retaining a gender balance and talented women at RBS. In the last three years, the FWN has grown from 2,000 to 6,000 memebers across 31 countries. This includes 300 male members who recognise the value that a dicerse team can bring to the buisness.

Harlequin CDIS was able to meet inspiring women in the buisness industry, their personal goals and history behind their brand. Delegates and Speakers included:

• Karen Gill MBE - Every Woman LTD
• Melanie Lawson - Bare Biology
• Nicky Chisholm- The Mumspreneurs Networking Club
• Caroline Haworth- Womankind Worldwide
• Nzinga Graham-Smith - Queen of the Crop
• Hana McEwan- Flotsam & Jetsam
• Ritu Sethi - The Sethi Partnership and Solicitors
• Maggie Semple OBE - Semple

Phishing scams are at all-time high.

Did you know, 1 in 5 employees open a phishing email without realising?

Phishing scams is a method used by fraudsters to access personal and company data. Phishing attacks rose 21% during 2015 totalling an estimate of 95,556; costing British consumers a total of 174.4m over the course of the year. 29% of all reported phishing emails were also found to contain potentially malicious links which when clicked, could deliver malware to a victim’s computer within seconds.

Spear phishing is also one you can’t ignore. Spear phishing is an email that appears to be from an individual or a business that you know. But it isn’t, it’s from the criminals that want your credit card and bank account details. Your name and email address can be found easily online IE Linked In and other social media. Phishing attempts are directed at specific individuals.

This could cost your business thousands!

Employee behaviours that can put you and your company at risk:

• Opening attachments, or clicking on links within emails that are unsolicited or unexpected.

• Accounts/Purchase Ledger opening what they believe is legit emails from senior employees, suppliers or contractors.

• Responding to emails that ask for your personal or financial details.

• Logging in to a webpage that you have arrived at via a link in an email.

Harlequin CDIS can help

By deploying our own phishing solution we are able to test and identify those using areas of your business that fall foul of those types of scams.

We are able to provide a comprehensive report detailing who, when and how users interact with these sorts of messages. Should it be required, we are then able to provide training and support to all employees.

Contact us to find out how Harlequin CDIS can help prevent phishing and other scam attacks in your business!

“I don’t need a security solution for my Mac”. I’m protected. Please stop telling yourself that, because you may not be. Mac users are led to believe that they are super-secure and are completely immune to viruses. If you have been following the news, you probably heard that ransomware has now made it onto macs. The ransomware KeRanger, is said to be short lived however it is still alarming. Ransomware is a plague on the internet that has impacted business and individuals alike.

https://youtu.be/sdF5IsyOxU4

Kaspersky Lab's have reported on vulnerabilities and exploits to Macs. In-depth study and protection tips are avaliable on their website.