Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Capstone Works Blog

Capstone Works, Inc. has been serving the Cedar Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

3 Huge Unexpected Cybersecurity Risks Your Staff Needs to Know About, Today

3 Huge Unexpected Cybersecurity Risks Your Staff Needs to Know About, Today

Most people these days are somewhat familiar with the traditional attack vectors of cybercriminals. Because of this, the bad guys are always exploring alternative options for spreading malware and stealing data, often in places where you would least expect it.

Here are three unexpected cybersecurity risks that you and your staff need to be aware of.

QR Codes Can Be Dangerous

QR codes are those black and white square barcodes that started to become popular again during the pandemic, as restaurants would often use them to display digital menus to prevent the spread of germs on traditional paper or plastic menus.

It’s pretty likely that the QR codes the wait staff is handing out are safe, but a QR code is really nothing more than a website address, or in some cases a bit of text or some other small amount of code. When you scan it with your phone, your phone simply goes to that website address or reads the text or runs the code. It doesn’t take any effort to produce a QR code—they can be produced automatically or with free tools online. 

What makes them potentially dangerous is that someone with bad intentions can easily take a malicious URL and create a QR code that leads people to it.

Here’s a hypothetical situation—many TSA checkpoints at airports offer to upsell travelers to skip the line. Usually they offer QR codes to scan while you are standing there waiting in line to try to get you to commit to the upsell. It wouldn’t be very complicated for someone to print off their own QR code that leads to a website that they created that looks like a TSA login, getting you to submit account information or make a quick transaction thinking it will get you through the line faster. If someone were to make their own QR code as a large sticker and cover up the correct QR code on some of the signage, it might take the TSA hours, or days, or longer before realizing what is happening.

This is just one example, so it’s best to stay vigilant. We’re not saying you shouldn’t scan any QR code, but only scan them when you are certain they are going to do what they are meant to do.

Bitly and Short Links Can Pack a Harmful Surprise

This isn’t really anything new. Ever since URL shorteners like Bitly and TinyURL have existed, people have been using them for nefarious purposes. These tools are really handy, because if you are using your website for marketing, you can drive people to a specific page with a URL that is much shorter and easier to type by using URL shorteners. 

It’s just as easy for someone with bad intentions to take a malicious URL and shorten it to make it look more trustworthy. For example, one could make a website that looks like a local credit union, and create a short URL with Bitly and then share it with local users. To entice people to click on it and submit their banking information, it could be texted to local numbers with a message like “Alert - we’ve detected suspicious activity with one of your bank accounts. Please log in to review your account.” and then include the fake link.

It’s important to be skeptical of links like this, especially when they come with urgent messaging that is trying to get you to react without thinking clearly.

Lost Portable Storage Devices and USB Thumb Drives Aren’t Worth Recovering

If you ever stumble across a random USB thumb drive or some other storage medium like a portable hard drive, your first instinct might be to plug it in and see what’s on it.

There are a lot of ways this can go south.

First, USB thumb drives are generally very cheap these days. You can order a bulk of 50 of them for around $60 on Amazon right now. For a novice criminal, it’s a very cost effective way to infiltrate a network with the right tools.

Most people are familiar with ransomware. Just in case, ransomware is a type of cyberattack that quickly locks down vast amounts of data on a device and the only way to get it back is to pay a ransom to the cybercriminals anonymously. Once a system or network is infected by ransomware, it’s pretty much impossible to clean it up without relying on a full backup restore, or submitting to the criminals and paying the ransom. 

Now let’s stop right there and ask a fun question—do you ever wonder where all this malware and ransomware comes from? 

As it turns out, a lot of modern ransomware is just software that criminals can buy and distribute. A criminal can purchase the software they need to deploy and manage ransomware campaigns off the Darkweb, and the software itself can run for as little as $20 to $50.

So for around (or less than) $100, a novice cybercriminal can load up 50 thumb drives with ransomware and drop them in office lobbies, parking lots, leave them on public transportation, or even toss them onto the desk of a receptionist who isn’t looking. As soon as the drive is plugged into a PC, it deploys the ransomware and immediately takes over the network until you pay.

The Typical End User Has a Lot to Watch Out For

These were some unexpected threats that can cause a lot of havoc on a business, but the traditional threats like phishing attacks, malware, sketchy email attachments, dangerous links, and more are still a problem that your staff needs to keep an eye out for. 

The best solution is providing ongoing training and to make sure that your network and the devices on it are protected. At Capstone Works, we can help make sure your network is secure, and we offer solutions to help train and protect your employees, whether they are working within the office, remote, or a hybrid of both. 


Let’s talk about protecting your business so that you can focus on running it. Give us a call today at (512) 343-8891.

Could Your Business Survive a Ransomware Attack?
Benefits of Outsourcing Managed IT Services
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 07, 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Ransomware managed IT spam Microsoft business owners Efficiency IT Support high-threat environment right time Common password content Servers Disaster Recovery accounts need Managed IT comprehensive IT Cloud computing web application smart devices Tech Support Marketing EMR Backup Managed Services File Folder Compliance Computer Data Privacy Day Network Security Remote Work Microsoft Office Password business continuity AutoCAD application employees download Shadow Architect IT Engineering Privacy Break/fit Gadgets media accounts Software Apple business IT support Saving money Content Filtering employees Internet Co-managed IT Health Remote Workers hackers Recovery best practices Two-Factor Authentication Microsoft Teams COVID-19 devices Saving Money Workplace Tips Passwords Social Media Quick Tips 365 features Workplace Strategies sports teams password protection Cloud Computing cybersecurity tools surge protection Current Events Business continuity Innovation Cloud Communications AWS Workplace Strategy BDR Data Broadband phishing Tip of the Week AI Passwords today Productivity cybersecurity UPS Security cloud Mobile Office User Tips New Year Vendor January 28 Communication Technology Server IoT Malware HIPAA Best Practices SCAMS IT Services Clutch Windows Outsourced IT Cloud services Managed Service VoIP Cyberattack Business Continuity Small Business Email Microsoft Office 365 Data Recovery Users Remote Network Delightful Hosted Solutions 2FA Business Cybersecurity Disaster Planning Hardware

Latest News & Events

Capstone Works is proud to announce the launch of our new website at https://www.capstoneworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Capstone Works can do for your business.

Call Us Today
Call us today
(512) 343-8891

715 Discovery Blvd
Suite 511

Cedar Park, Texas 78613