Skip to main content


News Post category

Do you know your risky apps from the safe ones?

By Blog, News No Comments

Downloading an app comes as second nature to many of us

There are apps for everything but are they safe to use? And how much research do you do before clicking the ‘install’ button?

What is an app?

Did you know there is an average of 60 to 90 apps on the average smartphone?

Apps are computer programs, changing large packets of data into user-friendly chunks. They make a large website usable on a smaller screen.

What is fleeceware?

You’ve heard of malware, adware and spyware, but what about fleeceware?

Fleeceware are apps that come with hefty subscription fees.

They are legal and they contain no malicious code.

They often have 5 star reviews and thousands of downloads. But all might not be as it seems.

Not intimidated by the subscription costs?

What you want to pay for an app is down to you and the value you think you are getting from your purchase.

Fleeceware companies use tactics to ensure they can keep taking the money from your account.

They won’t remind you when a free trial is due to end, they won’t make it easy to cancel your subscription and they won’t be clear in their pricing.

Many of these services offer weekly or monthly subscription fees to keep the perceived cost relatively small so you won’t even notice it.

How do I view my subscriptions?

Trying to remember every service or product you’ve ever subscribed to is impossible. But that’s ok, you can check your current (and not current) subscriptions fairly easily.

View your Google Play subscriptions by clicking on the hamburger menu (top left) in the Play Store and clicking on ‘subscriptions’. Here you will find all of your active and inactive app subscriptions.

If you’ve taken a bite out of an apple device search for ‘see or cancel your subscriptions’. This provides instructions of how to see all of your subscriptions whether it’s an iPod, iPhone, iPad, Mac etc.

Avoid falling victim to fleeceware

The good news is that things are changing.

Google, Apple and Amazon want the app-store user experience to be a positive one, they don’t want you to feel cheated or fleeced.

There are new guidelines on app transparency. These ensure app-developers make subscription details, free trials and introductory offers clearer. They want you to feel fully-informed before making an app-purchase.

On the downside, did you know Apple and Google receive 30% of an app’s revenue in the first year? The more the fleeceware developers earn, the more Google and Apple gain.

Our tips to help you avoid fleeceware

  • Look at what apps your phone already has, it may already have an app that can do what you want
  • Download apps from well-known businesses/companies you know of
  • Check for apps made by your phone’s manufacturer, simply search ‘Samsung’ for example
  • Checks all reviews, good, bad and the ugly
  • Scroll down to ‘Similar apps’ to see if there are any free alternatives
  • Read ‘About this app’ so you are fully informed of what it is, what is does, who made it, how much in-app purchases are and even app permissions.

Keeping Safe Online During Covid-19

By News No Comments

It may feel our lives are on hold right now but online fraud is as prevalent as ever. Whether it’s through emails, texts, calls or those exploiting others online seeking to buy hand sanitisers or face masks, you need to be alert. By using the Take Five initiative from the Government ( you can be one step ahead of the fraudsters.

Online fraudsters will try anything and everything to get your personal details, debit or credit card details or access to your bank. Let’s look at the ways you may be exploited within knowing it.

Text scams also known as the cute and cuddly term, smishing. Smishing is fraud, they are texts claiming to be from the good guys, the reputable companies, but they are not. They will ask you to click on a link or call a premium telephone number, a prompt that gives them the opportunity to take information from you or take your money. A good example is a recent text received from O2 claiming a bill hadn’t been paid, it looked 100% genuine, only by logging in to the account itself did we confirm that it was in fact fraudulent. The text contained a link and had we entered bank details who knows what would have happened, so keep an eye out and think before clicking the link.

Whether it’s business or personal, email phishing affects everyone. Did you know over 3 billion phishing emails are sent every day? These are like smishing but longer, more elaborate and if the fraudster has done their homework, they will contain personal information or details you can relate to. They are designed to get you to click on a URL contained within that email or download a file which can be attached in any form, including Word, Excel or PDF. As a business we receive several pertaining to unpaid invoices, some look genuine from real companies and others are simply trying their luck. Clicking on links or downloading files can be a sure-fire way to give fraudsters access to your details and the potential of being hacked. If it is an email you feel you need to follow up with, use known websites or customer service contact details to confirm whether it is genuine or not.

You are eligible to get a tax refund of £1,234 GBP, click here to access your funds. Look familiar? HRMC scams come in the phishing and smishing form, along with phone calls and WhatsApp messages. You may have received an email which looks very real, it has the banner, the official icons, the text looks right and it asks you to click on the link to claim your rebate or tax refund. Don’t. It will take you to what looks like a genuine web page to enter your details but it isn’t real. Where you were hoping for some extra cash, it will end up costing you. There are currently two known SMS scam texts allegedly from the HRMC, one is offering a Goodwill payment, ‘click here to apply’ and the £250 fine text, which claims you have left your house more than once during lockdown. This scam provides an 0800 to call. If you are unsure about any communication you have received from the HRMC visit their website for help (

Shopping online. During lockdown online grocery sales have increased by a quarter, it is no surprise if we can’t go out, we shop online, whether it’s for food, clothes, electronics or face masks. There are millions of websites that want to sell to you but how do know if they are safe to shop with? If you are using Chrome they provide some protection against dodgy websites, a big red webpage will arrive when you click on a link with a warning such as ‘this website may contain malware’ or ‘deceptive site ahead’. Also look for the padlock symbol alongside the website’s URL in your browser; you can click on the padlock to see the site’s information including the site’s SSL certificate, cookies and the site settings. There are more obvious signs such as bad English, spelling mistakes or grammatical errors; try looking for a telephone number, company number or head office address. If they’ve passed those tests, Google the website name and see what comes up. This is usually a good indicator if they are worth spending your money with. Always be wary when purchasing medicine online and always look at reviews, the good, bad and ugly as many can be fake.

The promise of sun, sea and sangria. It is safe to say the pandemic has disrupted everyday life across the world. Weddings, festivals and holidays were all cancelled and the promise of some summer sun in a foreign country later in the year can be very tempting right now but is it legit? There are many online scams which offer the dream villa for a week or two, the price is unbelievably low and they warn you that this deal won’t be around for long, all you need to do is make the bank transfer and your booking will be secured. This is a scam. They will take your money and seemingly disappear, seeking their next victim. Always use reputable travel companies, those who are ABTA protected and those with a track record. This will ensure you are financially protected and your autumn/winter escape is secured.

How Scam-Savvy are you? Take the Take Five Stop Fraud online quiz

When Is A Website Up Or Down?

By News No Comments

It is normal to assume that a web site is visible to everyone all the time but this is not necessarily the case. We host over a hundred websites for our clients and use various monitoring methods to check the status of their sites and to advise us when they are ‘down’.

Over the past few weeks we have had more exceptions than previously experienced where a website has not been accessible but the systems we use to monitor it have not worked as intended. Status Cake is a tool that actively monitors a site’s status by checking the home page (or another) is live and issues alerts if there is failure. However the default out-of-the-box settings mean that it can misreport and suggest the site is fine even when it is not.

Using the generic status codes means that as long as a domain is serving a page it is enough to satisfy the monitoring software that the entire site is up and live, this approach can give a false positive. A way around this is to ask the monitoring software to search for a specific string in a web page and then point the app to that instance. When it runs it’s regular test, if this string is found then all is good, if not then an alert can be sent to notify the web master of the event.

There are several good web-based monitoring services out there and some offer a free option for single sites. The free versions provide only a basic service whereas more advanced features such as the ‘string search’ above will require a subscription or incur a cost. If you run an e-commerce site then downtime is costly so a PRO licence is essential. This allows you to monitor the website more frequently so that is can be tested every minute. Additional tests can also be executed allowing you to monitor additional features such as checking the validity of the sites SSL.

If you are serious about your website and its uptime then we strongly advise using a tool such as Statuscake to keep an eye on up time.

What is Bluetooth?

By News No Comments

Bluetooth technology is used by millions of devices every day, whether it’s your smart speaker, connecting your mobile phone to your in-car system or simply wearing wireless Bluetooth headphones, it’s everywhere and it’s used constantly.

There are three classes of Bluetooth with varying ranges from 100m (commercial) to 1m.

Bluetooth uses the ISM radio frequency and every Bluetooth device is a receiver and a transmitter so they can simultaneously send and receive wireless signals to other gadgets with Bluetooth.

Bluetooth works by using radio-wave technology with short-range transmitters; this is a huge advantage over similar technology such as Wi-Fi, which uses the same technology just with longer ranges which is therefore more prone and easy to attack.

Up to 8 Bluetooth devices can communicate at any one point using one of the 79 channels creating their own mini-computer network. A ‘master’ device sends out a signal to other compatible ‘slave’ devices and a connection is established. They keep the connection secure by shifting the frequency they’re using thousands of times a second.

But is it safe and secure to use Bluetooth?

Just like the internet and other technology, Bluetooth uses encrypted networks however it is vulnerable to bluebugging, bluejacking and bluesnarfing.

Every single Bluetooth device has a unique 48-bit address. This will usually be presented in the form of a 12-digit hexadecimal value such as ‘D4:38:9C:9C:36:51’.

Creating a Bluetooth connection between two devices requires 3 steps, the inquiry, connecting and the connection. It is the inquiry stage which can pose a threat to the security of your device.

How is Bluetooth vulnerable?

Bluetooth-enabled devices advertise themselves to other Bluetooth technology in publicly available channels, dubbed as “advertising channels”. This shows they are available for pairing and make connecting with other devices easy.

Previously a device’s permanent Bluetooth MAC address was broadcast in these clear advertising channels, leading to major privacy concerns and the subsequent potential for device-tracking.

In an attempt to remove this problem, device manufacturers were given permission to allow the Bluetooth devices they were manufacturing to use temporary random addresses rather than the device’s permanent address when trying to make a connection with other technology.

However many devices also use dynamic identifying tokens, which are again unique to a specific gadget and remain static long enough to be used as secondary identifiers to the random addresses.It was found by researchers at the Boston University that they were able to successfully track devices because of this flaw.

One identifying token could be linked with a current address as well as the next random address assigned to the device. This provides a bridge between randomised addresses that can be followed by an attacker.

How did the researchers do it?

The team used a ‘packet sniffer’ to analyse the traffic coming across the advertising channels using an address-carryover algorithm.The algorithm listened to incoming addresses and tokens as they were broadcast on the advertising channels when trying to make a Bluetooth connection.

Once the tokens had been identified for a specific device and the advertising address changes, a match is attempted using any of the available captured identifying tokens. In a successful match, the identity of the device can be updated with the incoming address, so that the device was successfully tracked across addresses.

Apple, Microsoft and iPhones were tested however not all devices were susceptible to this flaw and it was found that Android devices were not affected at all.It was found that the algorithm succeeded consistently on Windows 10 and less frequently on Apple operating systems according to the report.Apple devices have the ability to synchronise updates of identifying tokens with address randomisation, but they occasionally fail. Any device is vulnerable to the carry-over algorithm if it does not change all of its identifying tokens in sync with the advertising address.

What does this mean for the future of Bluetooth technology?

The use of Bluetooth technology is expected to grow from 4.2 to 5.2 billion devices in the next three years. With over half a billion of these new Bluetooth connections to be used by wearables and other data-focused connected devices.

The good news is mainstream Bluetooth technology used in everyday items like smartphones, Bluetooth headphones or your smart watch only have a range of 10-20 metres. However the bad news is that Bluetooth ranges can be extended using a botnet. Combine this with compromised Wi-Fi routers and the ability to track one device becomes global.

In addition to this other metadata such as online transactions, facial recognition and other digital traces could easily be combined with Bluetooth tracking to generate an exact location profile of one individual.

How can I avoid this problem?

For Windows 10 devices periodically disable the Bluetooth connection through the Windows Device Manager and re-enable it again. This will reset both the advertising address and the token.If you work with an Apple device, switching Bluetooth off and on in the System Settings (or in the Menu Bar on macOS) will randomise the address and change the payload.

Instagram Accounts Left Open To Hacking

By News No Comments

In June 2018, Instagram had amassed one billion monthly active users worldwide with the USA being the largest user group and the UK 8th on the demographics chart with a total of 23 million users.

Facebook purchased Instagram in 2012 and combined they are the two most popular social media networks used worldwide.

What happened?

In July of this year a critical vulnerability was discovered in Instagrams’s 2-step authentication password recovery feature allowing hackers to compromise any Instagram account in only ten minutes without the account holder being aware.

2-step or two factor authentication is an additional layer of security added to websites, including Amazon, Google, Microsoft and Twitter, to mention a few, to make it harder for hackers and fraudsters to access your online accounts. There are various types of two factor authentication however mobile text verification is still the most widely used and it is the type of authentication used by Instagram.

How was the vulnerability identified?

The flaw in Instagram’s recovery system was found by Laxman Muthiyah, a bug bounty hunter.

He investigated the password recovery feature that allows users to regain access to their account after forgetting their password. This involves a user receiving a six-digit passcode to their smartphone for authentication.

He knew that the use of 6 digits meant there could be a total of 1 million possible combinations that could be text to account holders.  To be able to access an account all 1 million codes would need to be tried within the 10 minute window between receiving the code and the code expiring.

Although this seems impossible, it can be done with mass brute-force campaigns using an automated script and a cloud service account.

“In a real attack scenario, the attacker needs 5,000 IP [addresses] to hack an account,” he said. “It sounds big but that’s actually easy if you use a cloud service provider like Amazon or Google. It would cost around 150 dollars to perform the complete attack of one million codes.”

Log-in attempts from one specific IP are restricted by Instagram, however Muthiyah discovered that they didn’t blacklist the IP addresses that had exceeded the number of allowed attempts for a certain time period which meant he could he switch between IP addresses in order to perform a continuous attack.

“I found two things that allowed me to bypass their rate-limiting mechanism: Race hazard and IP rotation,” he said. “Sending concurrent requests using multiple IPs allowed me to send a large number of requests without getting limited. The number of requests we can send is dependent on concurrency of requests and the number of IPs we use. Also, I realized that the code expires in 10 minutes, it makes the attack even harder, therefore we need thousands of IPs to perform the attack.”

He provided the evidence to Facebook, they verified the issue and congratulated him, awarding him with a $30,000 bounty, whilst swiftly resolving the glitch.

“The Facebook security team was convinced after providing the above video of sending 200K valid requests,” Muthiyah said. “They were also quick in addressing and fixing the issue.”

Are other websites vulnerable to this threat?

There are many different forms of two-factor authentication, such as app-generated codes, physical authentication keys, email-based systems and app-generated authentication but many 2FA schemes still use mobile text verification involving six-digit, one-time passcodes that expire within a few minutes. So how many services are vulnerable to the same kind of attack?

Almost all well-known websites use some form of two-factor authentication and it is clearly more effective than just a username and password but 2FA attacks are on the rise and many of the systems for account recovery are susceptible to phishing. With the amount of websites using 2FA increasing, it is important these flaws are found and eliminated quickly.

We have to bear in mind when online that although 2FA provides additional security it is not completely watertight.

Last year, an Android Trojan was exposed taking money from PayPal accounts even when 2FA is active. Posing as a battery optimisation tool, the app asked for excessive accessibility permissions, allowing it to observe activity on other apps and waiting for someone to open PayPal and log in.

What you can do

Google and Microsoft both have Authenticator Apps you can use for an added layer of security, downloadable from the Microsoft Store and Google Play, however where there is an app or a website, there is always a hacker trying to break the code and access your details. Get tips on how to stay safe online at

Goodbye Windows 7

By News No Comments

From January 14 2020 Microsoft will no longer be supporting our old favourite Windows 7. Yes its the end of an era which will affect all devices running Windows 7 including Home and Pro licenses.

Where did Windows 7 start?

Released four years after Windows Vista , Windows 7 was released on the 22nd July 2009 to overcome the critical flaws of the Vista operating system.

In just 6 months from its release, a hundred million copies of Windows 7 had been sold around the world and as of April of this year (2019) 33.38% of computers were still using the Windows 7 operating system.

Why is Windows 7 support coming to an end?

Windows 7 is old technology and as with all technology businesses, they need to allocate their time and resources to the right applications and services to ensure they remain competitive.

When will Windows 7 suppoort stop ?

Windows updates (including security patches) will cease for Windows 7.

Computers, PCs, laptops and mobile devices with this operating system will continue to work on and offline however they will be vulnerable when online.

If a PC or laptop is using Windows 7 and you never connect to the internet, this change will not be as detrimental however it may be a good time to upgrade to a new device if you intend to change your PC or laptop in the future.

This may make backing up existing files, photos and music easier whilst your older machine is still safe to use.

With the known date for the end of support, hackers will seek to exploit weaknesses in the Windows 7 operating system to take advantage of those still using it and there will be no security patches released to prevent this.

Using antivirus will limit the risks, however it will not be a fool-proof solution.

What are my options ?

If you connect your laptop or PC to the internet it’s best to move away from Windows 7, this means one of two options:

Upgrade your existing device to Windows 10 at a cost

OR buy a new device with the latest version of Windows 10.

Once you have upgraded to Windows 10 the problem has been averted and you are safe to continue using your device as before, however if your pc or laptop wasn’t suitable for the upgrade perhaps it’s time to trade it in and purchase a new computer.

There are three mainstream operating systems to choose from when making a new purchase:

  • Windows
  • Mac OS (Apple)
  • Chromebooks

All new laptops or PCs come with the latest version of the operating system they use.

If upgrading from a Windows machine you may prefer the familiarity of this platform, visit high street stores to test out different operating systems and hardware, if you’re used to using a desktop PC you may prefer the flexibility of laptop and vice versa,.

At Myriad Digital we are currently in the process of upgrading our clients businesses and charities to Windows 10.

If you’re upgrading your businesses PCs, laptops  or servers we can help. At Myriad Digital we offer a range of attractive packages with future proof specification. We also offer finance packages to allow you to spread the cost of your new kit over 2 or 3 years.

So, don’t risk being left behind and vulnerable to cyber attacks, online criminals will be ready attack as soon as the end of support date arrives. Call us on 01626 360011 to dicuss your requirements.

What is 5G and what will it mean for you?

By News No Comments

5G is finally here !

5G will arrive officially in the UK on the 30th May with the mobile network EE.

They are officially launching 5G in London, Edinburgh, Belfast, Cardiff, Manchester and Birmingham with other cities added throughout 2019 to increase the overall 5G coverage.

What is 5G?

5G is the fifth-generation of mobile internet connectivity, following on from 2G, 3G and you’ve guessed it – 4G. This change will affect mobile phones, tablets and laptops which use a data connection via a sim card.

It promises faster data download and upload speeds, better mobile internet coverage and more reliable internet connections when using your mobile phone.

Whatever you currently do on your smartphone, you’ll be able to do it faster and easier, whether it’s mobile gaming, watching mobile videos (Youtube etc.) or video calls which will clearer and reliable. Fitness trackers will now also be able to monitor your health in real-time (the fitness tracker will however require the necessary technology to allow it to do this).

The change in technology will also allow for new internet-related services and innovations, including the development in autonomous vehicles to communicate with each other, reading live map information and traffic data.

Why do we need it?

Mobile devices are increasingly being used as our main interaction online, whether it’s visiting a website, updating our social media or streaming that album from Spotify; We’re consuming more and more data year on year as more media is made available.

For example in 2006 Amazon Video was introduced, followed shortly  by Netflix in 2007, these types of instant online services have increased in popularity year on year, with thousands of streaming apps, data-hungry games and online music-services being used by millions every day.

This demand on the mobile internet network causes congestion, especially if lots of users in the same area are trying to access mobile services at the same time, the service becomes slower and depending on the devices being used can stop working altogether.

5G has better capability for handling thousands of devices at the same time, however real-time speeds will be dependent on each carrier. 5G is a brand new radio technology and as such will require new masts and transmitters and investment in said equipment will vary from each network carrier, with some pig-backing off other carriers to provide the 5G service.

How much faster is 5G?

The fastest current 4G mobile networks offer about 45Mbps (megabits per second) on average, 5G could achieve browsing and download speeds which are 10 to 20 times faster than this, based on 5G networks built alongside existing 4G LTE networks.

A standalone 5G network could achieve a much faster rate, however these will not arrive for a few years.

Will I need a new phone?

Yes you will need a new smartphone. Current smart phones do not have the necessary technology to use the 5G network.

However, as the 5G infrastructure hasn’t yet been rolled out fully, a 5G-enabled smartphone is not expected until later in 2019.

The new generation smartphones will be able to work seamlessly between 4G and 5G to offer a more reliable and quicker internet connection, even during busy usage periods.

Will this affect my fixed line services?

No, 5G will only affect mobile internet available on devices with a sim, this will include smart phones, tablet devices and some laptops.

Domestic and office broadband services will remain to be provided by a fixed line connection for many years to come yet, due to the stability and certainty of the physical infrastructure currently in place and are therefore not affected by this change.

Will it work in rural areas?

No, not in the immediate future.

5G operates on high-frequency radio bands suitable for more densely-populated areas; It is not as suitable over longer distances, where lower-frequency bands are better.

With this in mind and with the 5G roll-out, there will also be focus on improving 4G LTE coverage to ensure the majority of the UK’s mobile internet users get the best service that is available to them wherever they are.



Is that email a scam?

By News No Comments

Did you know 14.5 billion spam emails are sent everyday and hidden in these emails are scamming emails. emails targeting users to click on links or provide personal information that they can use to infiltrate the security of your PC to gain passwords, usernames and logins. These types of scamming emails are known as phishing emails.

What is a phishing email?

A phishing email is an email attempting to masquerade as an individual (this may be someone known to you) or an organisation. These emails may ask for help (i.e. a friend or loved one stuck in a foreign country with no way to get home) or may offer freebies and refunds; All phishing emails usually contain a click through link or require you to confirm personal information to access your account.

The Test

A test was conducted by KnowBe4, they sent test phishing emails to 6 million email users.

They found emails which created a knee-jerk reaction in the user were the most effective, this includes the offering or loss of money, free food and drink emails, missed delivery attempts from a courier and contact requests appealing to our basic curiosity.

Social media themed phishing attacks also proved to be popular, with LinkedIn notifications the most convincing with requests to add people, join networks, reset passwords, and new messages, convincing 53 percent of test subjects to click through on dubious links.

We are all potentially vulnerable to phishing attacks and as they become more refined and harder to tell from genuine emails it is important you never click on a link in an email without considering a few tips first.

Types of Phishing Emails

  1. Deceptive Phishing

A very common form of phishing, these emails imitate a legitimate company, using their logos, footers, email signatures and general email format in an attempt to access personal information such as login credentials or bank account details.

An example of this may be an email from Paypal. These emails are often titled with ‘Suspended Account’ or other similar titles designed to cause worry and an instant reaction. In the body of the email they will ask you to click a link whether it’s to restore your account or act now. All phishing emails will be very similar, always pay close attention to:

  • wording, grammar and spelling in emails
  • the email address that the email has been sent from, it may look genuine but with simple letters added, changed or removed
  • the details of the URL it is trying to send you to, hover over the link provided in an email, this will provide the actual URL it is sending you to.

Never risk it by clicking on the links, simply contact the business or organisation yourself by going direct to their website, using their email addresses provided on the website or by calling them.

  1. Spear Phishing

Spear phishing are emails tailored to the individual they are targeting. They use personal details to make the email user believe it is a genuine email, such as your name, location etc, any personal details available on platforms such as social media.

They have the same objective as general phishing but are often harder to detect.

Always look at the style and form of the email, is it different from emails previously received from this source? Is the email asking you to do something different?

If you have any doubts, never click on any links.

  1. CEO Fraud/Whaling

“Hi, I’m out of the office but need to arrange payment immediately to ABC company for £3,500. Please make a bank transfer this afternoon, I can sign the necessary documents when I get back in …..”

This is a targeted form of phishing, it relies on personal information and contact details of the owner or a manager of the business which they then use to contact colleagues/staff to ask them to do something i.e. make a bank transfer to another individual or company.

These emails can be written in such a way to create urgency, this prevents the colleague questioning the original email before making the transaction as asked, when a quick phone call could have clarified it was actually a hoax.

If your manager, boss or colleague has not previously sent emails asking for transactions to be made, always double check by phone or in person.

Also look closely at the email address used to send the original email, the slightest change i.e. exchanging an o for an 0 or adding one extra letter to an email address is hard to detect and can make the email look genuine.

It’s better to delay a transaction rather than send money to cyber fraudsters.

  1. Pharming

Pharming involves domain name system (DNS) cache poisoning.

Malicious code or a Trojan is installed on a computer or server, changing a computer’s host file to direct traffic away from the original URL, directing users to a fraudulent website, with the potential to install more viruses/Trojans or collect personal information. If it affects the DNS server, it can cause multiple users to visit the fake website without them been aware.

Anti-virus software can help prevent this however it is not 100% fail safe against such cybercrime as it is harder to detect and the websites users are directed to can look legitimate and genuine.

By using firewalls, you can protect and secure your IT network. For further information get in touch with us today.

  1. Dropbox/Google Docs Phishing

Online file-sharing is one of the easiest online scams.

You receive an email supposedly from Dropbox or Google Docs saying someone (this could be someone you know) has sent you a file. To see that file you need to click on a link, you click on the link and it takes you to the website. When you arrive on the page it all looks genuine and to see the document you need to login. You enter your username and password, click enter and end up on a very different website unaffiliated with Dropbox or any other file sharing platform.

The cybercriminals now have your login details to whichever email platform you used to try to login to the fake Dropbox (Google Docs etc) website, they can now login to your email account, hijack your account and use it to distribute the same scam to all of your contacts in your online email address book.

When using any file-sharing platforms/websites it is recommended wherever possible to use Two-Factor Authentication. This will provide a six-digit code whenever a user logins in to the platform or a new user is added.

If you are sharing files online you could login directly to your file sharing website rather than clicking on any links in emails. When logged in you should be able to see any files which are being shared with you and who they are from.

What can be done

Putting the right technology in place such as firewalls and antivirus software along with providing security awareness for all staff minimises the risk of phishing attacks.

Your business and your employees need to be aware of these risks and avoid them wherever possible.

Speak to Myriad Digital today to discuss how we can help keep your business safe from cybercrime.

Is Your Business At Risk of Being Hacked?

By News No Comments

The Wannacry cyber attack targeted the NHS in 2017, it shut down hundreds of thousands of computers, affected 1/3 of Hospital Trusts and 8% of GP Practices in the UK.

The cyber attack came from no-where, infiltrating NHS systems, with 200,000 locked out of their computer and ransom messages appearing on screen demanding Bitcoin payments to release their data.

It cost the NHS £92 million in total, £72 million of which was used to ‘cleanup’ and upgrade their IT infrastructure and systems after it had happened, but could this have been prevented?

How did it happen?

WannaCry, a hard-drive encrypting malware, exploited a vulnerability in the Microsoft XP operating system which is no longer supported but still has a whopping 4.59% market share. A patch had been released that year in March, however it is user dependant to ensure updates and patches are applied to each computer. Are your computers patched up to date ?

It was speculated that the WannaCry malware was spread via an email campaign (phishing) however, it was found, this wasn’t the case. Using a leaked NSA hacking tool, Wannacry looked for vulnerable public-facing SMB ports it could establish a connection to.

Once it had found a way in, it could then apply itself to that machine and any other vulnerable machines on the connected network. It took just one computer which led to a whole network being infected with the ransom ware.

The NHS had clarified, after the attack that no patient information had been stolen; the Wannacry malware instead encrypted all documents, photos, videos and databases on each infected PC/laptop. Staff had to return to a pen and paper operation, using their personal mobile phones to carry on working.

It is estimated that 1% of the entire NHS workforce was disrupted over the course of that week.

What were the consequences?

In this situation more than 19,000 appointments had to be cancelled, costing the NHS £20m.

In another case, the Hilton Hotel group were fined £525k for risking 363,000 accounts in two credit card data breaches when they were hacked in a similar style which could have been avoided if goog IT practice was in place.

Is a data breach really likely in my business?

Over 4 in 10 businesses (43%) in the UK have had a data breach within the last 12 months (UK’s Department for Digital, Culture, Media and Sport’s Cyber Security Survey 2018)

It is estimated that only 3 in 10 businesses currently have a formal cyber security policy in place.

Why invest in cyber security?

Scammers work around the clock, sending emails and creating viruses to infiltrate IT infrastructure of companies like yours. Did you know if your customer data is harvested through a hack you can and held liable and fined?

Viruses, Trojans, malware and ransomware can cause downtime to your business. If your files on your PC were encrypted and you could not access them what would you do?

Prevention is always better than the cure and with hacking on the increase it’s time to get your IT up to scratch to ensure you’re not vulnerable.

Things you can do to prevent a data breach

  1. Backup your data regularly, with regular off-site automated backups
  2. Deploy strong passwords, using a password generator if necessary
  3. Train your employees in safe working practice when online
  4. Encrypt your data
  5. Invest in the latest technology now rather than take the risk

At Myriad Digital we offer entire solutions, from secure offsite backups, to Award-winning antivirus software, encryption programs and contingency planning so that you are covered should anything go wrong. Why not call us to arrange a meeting about keeping your business secure. Tel. 01626 360011

Remember Windows 7 will not be supported beyond February 2020 – so why not look at replacement options for your older computers and consider our leasing packages to make thing affordable.

Looking to replace your laptop computer ?

By News No Comments

Choosing the right laptop for you and your business

There are many brands, hundreds of models, so when it comes to selecting the right laptop for your business and employees it can be difficult to know what you need from the machine itself its operating system.

There are three main components to look at in any laptop

  • Power
  • Performance
  • Portability

Laptops available on the high street may appear tempting with special offers or bundled options, however nearly all models in retail stores will be suited and designed for simple home use, i.e. browsing on the web, doing homework etc; or created for gamers, with expensive graphics cards and added RAM for speed and effective visual output when gaming.

The cheaper the laptop the more basic it will be with a lack of ability to join it to a domain, run business software or multi-task with various windows/tabs open at the same time.  Cheaper laptop deals often also feature older generation CPUs (more about this later).

Laptop power & performance

When looking at any laptop consider the size and speed of the hard drive, the RAM, CPU and screen size.

These four components will make up the performance of the machine and generally the bigger the specification, the faster and smoother the computer will be to use.

Let’s break them down and explain the components.

The hard drive stores your information, documents, files etc. The larger the hard drive, the more you can store. The smaller the hard drive the less storage available and as it is used, the laptop may slow down and you may experience ‘freezing’ whilst accessing applications or files.

Anyone in a creative industry, working with larger files types such as videos or high-resolution graphics will require larger hard drives.

Measured in Gigabytes and Terabytes, the minimum specification for an office environment is 1TB however for maximum performance on any machine an SSD (Solid State Drive) may be worth investing in, although it can be costly, it can provide long-term effective performance.

The RAM manages the smooth running of tasks. A good average RAM for any office environment is 8GB – 16GB, however advanced graphics and web design will require a RAM of 32GB and above.

The Central Processing Unit or CPU has three elements to look at, the generation i.e. i5 (5th Gen), the number of cores (dual-core, quad-core), and the speed of each core.  Dual-core should be the bare minimum used for an office laptop.

The generation is very important, a 1.9GHz CPU from three years ago will not perform as well as a 1.9GHz CPU built today. Newer chips are more efficient and less power-hungry, meaning the laptops are a lighter weight with a much longer battery life.

When looking at which screen size to opt for, consider the battery life and quality of screen required. Size does not equal quality, you will need to look at individual screen resolutions from the laptop specifications.  The finish is also important for some users and comes in matt or gloss which tends to reflect more making the screen harsher on the eyes.

The more creative your business i.e. if you work with images or videos the better quality screen you will require therefore opt for a higher resolution screen.

An average laptop screen may be 1366 x 768p, through to a decent screen of1920 x 1080p, some offer Full HD.

The larger the two numbers on the spec, the clearer the laptop screen image will be.

Laptop portability

Portability will depend on the size, the weight and the battery life.

Laptops can range from 10.1” through to 17”, with ultra-thin laptops weighing from 1kg with larger bulkier models weighing sometimes four times as heavy at 4kg.

If you or your employees are going to travel with a laptop daily or frequently, a lighter laptop is the best option.

Laptops with the biggest screens are great when working however the larger the laptop the more battery power required for it to operate, therefore always check the average battery life before making a purchase and read reviews from other users of the machine to see if the manufacturers claims of battery life are true to their word. Charging points in public places i.e. on trains and at airports are more common these days, however the longer the battery life, the better.

Let us help you find the right laptop

At Myriad, we’ve assisted many businesses and charities finding the right laptop, from an initial chat, discussing what you require we can provide competitive quotes and offer commissioning, data trasnfer and joining to your domian so that it’s ready to go when you receive. If you are in the market for a newmodel then please dont hesitate to contact us and we’ll see what the best current deals are then select something that suits your criteria