Gone Phishing: Five Signs That Identify Scam Email Messages

A significant danger to businesses today is phishing—the act of forging email to fool someone into revealing login credentials, credit card numbers, or other sensitive information. Of course, phishing is a problem for individuals too, but attackers more frequently target businesses for the same reason as bank robber Willie Sutton’s apocryphal quote about why he robbed banks: “Because that’s where the money is.”

The other reason that businesses are hit more often is that they have multiple points of entry—an attacker doesn’t need to go after a technically savvy CEO when they can get in by fooling a low-level employee in accounting. So company-wide training in identifying phishing attempts is absolutely essential.

Here are some tips you can share about how to identify fraudulent email messages. If you’d like us to put together a comprehensive training plan for your company’s employees, get in touch.

Beware of email asking you to reveal information, click a link, or sign a document

The number one thing to watch out for is any email that asks you to do something that could reveal personal information, expose your login credentials, get you to sign a document online, or open an attachment that could install malware. Anytime you receive such a message out of the blue, get suspicious.

If you think the message might be legitimate, confirm the request “out of band,” which means using another form of communication. For instance, if an email message asks you to log in to your bank account “for verification,” call the bank using a phone number you get from its Web site, not one that’s in the email message, and ask to speak to an account manager or someone in security.

Beware of email from a sender you’ve never heard of before

This is the email equivalent of “stranger danger.” If you don’t know the sender of an email that’s asking you do something out of the ordinary, treat it with suspicion (and don’t do whatever it’s asking!). Of course, that doesn’t mean you should be entirely paranoid—business involves contact with unknown people who might become customers or partners, after all—but people who are new to you shouldn’t be asking for anything unusual.

Beware of email from large companies for whom you’re an anonymous customer

Attackers often forge email so it appears to come from a big company like Apple, Google, or PayPal. These companies are fully aware of the problem, and they never send email asking you to log in to your account, update your credit card information, or the like. (If a company did need you to do something along these lines, it would provide manual instructions so you could be sure you weren’t working on a forged Web site designed to steal your password.)

Since sample email from large companies is easy to come by, these phishing attacks can look a lot like legitimate email. Aside from the unusual call to action, though, they often aren’t quite right. If something seems off in an email from a big company, it probably is.

Beware of email from a trusted source that asks for sensitive information

The most dangerous form of this sort of attack is spear phishing,where an attacker targets you personally. A spear phishing attack involves email forged to look like it’s from a trusted source—your boss, a co-worker, your bank, or a big customer. (The attacker might even have taken over the sender’s account.) The email then requests that you do something that reveals sensitive information or worse. In one famous spear-phishing incident, employees of networking firm Ubiquiti Networks were fooled into wiring $46.7 millionto accounts controlled by the attackers.

Beware of email that has numerous spelling and grammar mistakes

Many phishing attacks come from overseas, and attackers from other countries seldom write English correctly. So no matter who a message purports to come from, or what it’s asking you to do, if its spelling, grammar, and capitalization are atrocious, it’s probably fraudulent. (This is yet another reason why it’s important to write carefully when sending important email—if you’re sloppy, the recipient might think the message is fake.)

One of the best ways to train employees about the dangers of phishing is with security awareness testing, which involves sending your own phishing messages to employees and seeing who, if anyone, falls for it. Again, if you need help doing this, let us know.

29.547412 -98.481029

Advertisement

MacTLC: Tip of the week

iCloud Services Being Wonky? Check Apple’s System Status Page

Many Apple users rely on mac.com, me.com, or icloud.com email addresses, along with plenty of other iCloud-related services. So if you can’t send or receive email, if photos aren’t transferring via iCloud Photo Library, or if some other iCloud-related service isn’t responding, the first thing to do is check Apple’s System Status page. It’s updated every minute, and if it shows that the associated Apple service is having problems, you know to sit tight until things come back up. If everything is green, you’ll have to look elsewhere for a solution—or get in touch with us.

 

29.544994 -98.509623

What Is a “Managed IT Services” Model and Why Is It Important for Your Business?

You’ve chosen Apple devices to run your business. That’s great, but are you still dealing with each of those devices individually? If you hire a new employee, do you go to the Apple Store to buy a new Mac, bring it back to the office, spend a few hours installing the right software, and then sit down with the employee to get them started with email accounts and other logins?

That self-support approach can work when your company has only a few users, but as your business grows, how much of your time can you afford to spend on IT? You might enjoy it, but it distracts you from what you need to do to make your company thrive. Sure, you might think you’re saving money by doing this work yourself instead of hiring an IT professional, but that amount may pale in comparison to the amount you could make in your primary role. There’s a better way: managed IT services with device-management software.

In essence, with managed IT services, we become part of your team, creating systems that simplify and speed up the process of onboarding new devices, monitoring their usage, ensuring their security, and providing ongoing support. Here are some of the ways managed services can help your business.

Faster and More Accurate Setup

With managed IT services and properly configured device-management software, you can order a Mac or iOS device from Apple (through an Apple Business Manager account) and when it arrives, your employee can take it out of the box, log in, and have the entire device automatically configured over the network with required apps, server settings, security policies, and more.

If you’ve spent several hours configuring devices manually, it’s magical to watch a device pick up apps and settings automatically. And it’s not just for new devices. If an employee leaves or you need to repurpose a Mac or iOS device, device-management software can automatically wipe it and set it up for its new role with minimal effort.

Increased Security

An important aspect of switching to a managed IT services model that relies on device-management software is requiring security policies. If you’ve ever worried about an employee losing a company device containing confidential data, device-management software can eliminate those concerns by automatically enabling FileVault for Macs or enforcing non-trivial passcodes on iOS devices. Lost devices can even be locked or wiped remotely from a central management console.

Also, device-management software can restrict what apps users may install, so you don’t have to worry about apps that could leak confidential information or malware that could be stealing passwords.

Proactive Monitoring

A managed IT services support model lets your users focus on their work, rather than on their Macs. Monitoring software can report if Mac hard drives start to fail, when laptop batteries start to go, if RAM is faulty, and more. It’s better to know that a drive is dying beforeyou lose data.

Monitoring software can also check on important events, making sure that backups are happening regularly, warning if a user has downloaded a potentially problematic operating system update, and making sure anti-malware software is up to date.

Proactive Maintenance

Monitoring helps identify issues early on, but perhaps the most important aspect of a managed IT services solution is how it combines proactive monitoring with proactive maintenance. It uses software and services that go beyond identifying problems to fixing them—blocking undesirable software upgrades, automatically deploying essential security updates, and removing malware—before they impact your workflow. This saves your users downtime and frustration, and lets you focus on your work rather than troubleshooting problems.

Improved Reporting

It may not be difficult to keep track of a handful of Macs and iPhones, but as your business grows, inventory can become daunting. A managed IT services solution helps you know exactly what devices you have, who is using them, and more. It can also report on installed software to make sure you’re in compliance with your software licenses.

Predictable Pricing

If your company pays for support on an hourly billing model, there’s no way to budget accurately for expenses, since no one can predict what will go wrong. Plus, it takes longer to investigate and resolve problems because of the time necessary to figure out the status of the device in question. Solving complex or recurring problems can get expensive in such a scenario.

With managed IT services, we instead charge a flat monthly fee based on how many devices you have. Thanks to proactive monitoring and device management, we can fix many problems before the user even notices. And if a user does need in-person support, it’s faster and easier to help them when we know exactly what device they’re using, what version of the operating system it’s using, what software they have installed, and more.

A managed IT services model isn’t for every situation, but if your business has more than a handful of Macs, iPhones, and iPads in use by your employees, it could reduce downtime, save you money, and increase security.

 

29.547412 -98.481029

MacTLC: Tip of the week

Ignore Unsolicited Calls and Texts from Apple and Other Tech Companies

We don’t want to belabor the point, but multinational tech companies like Apple, Facebook, and Google will nevercall or text you personally out of the blue. So if you get a call or text purporting to be from such a company, it’s 99.9% likely to be a scam, and you should ignore it regardless of whether the caller ID seems legitimate. If you’re still worried, look up the company’s tech support phone number separately—never respond directly to such a call or tap a link in a text—and discuss the situation with the support reps. Or contact us, and we’ll talk it through with you.

 

29.544994 -98.509623

Winter Weather Warning: Keep Your Tech Toasty!

When it’s cold out, you can always throw on a sweater to stay warm. But your electronics are more reptilian—they can get sluggish or even fail to work in freezing weather. (No, that’s not what iPod Socks were designed to fix.) Worse, charging batteries at low temperatures or moving tech gear between extreme temperature ranges can cause damage.

There’s a difference between temperatures your devices can withstand when you’re actively using them and when they’re just being stored. Manufacturers usually publish the environmental requirements for devices, though it may take a little searching to find the details. Here are the ranges for the devices you’re most likely to care about:

• iPhone/iPad: Operating temperatures from 32° to 95° F (0° to 35° C) and nonoperating temperatures from −4° to 113° F (−20° to 45° C)
• MacBook (Air/Pro): Operating temperatures from 50° to 95° F (10° to 35° C) and storage temperatures from −13° to 113° F (−25° to 45° C)

 

It’s easy to imagine wanting to use an iPhone in temperatures below freezing or a MacBook outdoors on a crisp autumn day. And in fact, they probably won’t stop working entirely. After all, putting your iPhone in your pocket next to your body will keep it warmer than the outside air, and it will take a while to cool down. But you shouldn’t be surprised by crashes, shutdowns, or other unusual behavior if you do use your device below its recommended operating temperature for a while.

Batteries Hate Working in the Cold

The main problem is that batteries prefer to be used in moderate temperatures (they hate heat even more than cold). When batteries get cold, they appear to discharge more quickly. That’s because the chemical reactions that generate electricity proceed more slowly at lower temperatures, and thus produce less current. The weak discharge fools the device’s power management circuitry into thinking that the battery is nearly dead; hence the shutdowns. Once your device has had a chance to warm up, the battery should revive.

However, don’t charge batteries when it’s very cold, as in −4° F (−20° C). Doing so can cause plating of the graphite anode in the battery, which will reduce battery performance.

Other Technologies That Dislike Cold

Two other standard bits of technology don’t like operating in the cold either: hard drives and LCD screens.

Hard drives aren’t nearly as common as they used to be, particularly in laptops that are likely to be left outside in cold cars. Most have a minimum operating temperature of 32° F (0° C), and you’re unlikely to want to use a laptop in temperatures lower than that. In very cold temperatures, the lubricant inside the drive can become too viscous to allow the motor to spin up the platters. Although solid-state drives have no moving parts, most are rated for the same minimum operating temperature, oddly enough.

LCD screens can also have problems. Extreme cold can slow their response times, leading to slow or jerky screen drawing. OLED displays, such as in the iPhone X, XS, and XS Max, withstand cold significantly better—some OLED displays are rated for temperatures as low as −40º (which—trivia tip!—is the same in Fahrenheit and Celsius).

Avoid Temperature Swings

Regardless of whether you want to use your devices in cold weather, you’ll extend their lifespans if you don’t regularly expose them to significant temperature swings. There are two reasons for this: condensation and thermal expansion.

Those who wear glasses know that when you come into a warm house from the cold, your glasses immediately fog up with condensation. That’s true even though most houses are quite dry in the winter. Wait a few minutes and the condensation evaporates back into the air. The same can happen with any electronic device that’s open to the air, and moisture inside electronics is never good. It’s thus best to let electronics warm up slowly (and in their cases or boxes) to reduce the impact of condensation.

Finally, as you remember from high school science, objects expand when heated and contract when cooled. The amount they expand and contract may be very small, but the tolerances inside electronics are often extremely tight, and even the tiniest changes can cause mechanical failures, particularly with repeated cycles of expanding and contracting. Try to avoid subjecting devices to significant temperature swings on a regular basis or you may find yourself replacing them more frequently than you’d like.

In the end, our advice is to keep your gear warm whenever possible, and if you must use it in temperatures below freezing, be aware that battery life and screen responsiveness may be reduced.

29.547412 -98.481029

MacTLC: Tip of the week

Apple Has Disabled Group FaceTime to Prevent Pre-call Eavesdropping

A serious bug has been discovered in Apple’s Group FaceTime multi-person video chat technology. It allows someone to call you via FaceTime and then, with just a few simple steps, listen in on audio from your iPhone, iPad, or Mac while the call is ringing, before you have accepted or rejected it. To prevent the problem from being exploited, Apple says it has disabled Group FaceTime and promises a fix “later this week.”

In the meantime, if you’re still concerned (there were some reports of people being able to invoke the bug even after Apple disabled Group FaceTime), we recommend turning off FaceTime entirely in Settings > FaceTime in iOS and by launching the FaceTime app in macOS and then choosing FaceTime > Turn FaceTime Off. (Or just be quiet when a FaceTime call comes in.) Apple may be able to fix the problem without requiring users to update software; if iOS and macOS updates do prove to be necessary, we recommend that you install them sooner rather than later.

 

MacTLC: Tip of the week

So What Are All Those Stacks of Notifications in iOS 12?

It can be easy to become overwhelmed by iOS notifications, particularly if you have chatty friends or apps. In iOS 12, Apple corralled notifications by grouping them into stacks so you no longer see an endless screen of alerts. To expand a stack of notifications on either the Lock screen or in Notification Center (swipe down from the top of the screen), tap the stack. Once you’ve expanded a stack, you can tap Show Less to restack it, tap the X button to remove the entire stack, or tap any individual notification to open it. By default, iOS 12 groups notifications intelligently, which might entail separate stacks for different Messages conversations, for instance. If that’s still too much, you can go to Settings > Notifications > App Name> Notification Grouping and tap By App to collect every notification from the app into the same stack.

iOS 12’s Screen Time Feature Helps You Manage Your iPhone Usage

Do you frequently reach for your iPhone for a quick check of Facebook or Messages? It’s all too easy to let social media, the latest hot game, or even your work email intrude on your real life. If you’re uncomfortable with how much—and when—you use your iPhone or iPad, iOS 12’s new Screen Time feature can help you limit your usage in two ways, by time of day and by time spent in an app.

(Screen Time can help you monitor and limit your children’s iOS usage too. This article focuses on setting it up for yourself; we’ll examine Screen Time parental controls another time.)

Get Started with Screen Time

To enable Screen Time, go to Settings > Screen Time and tap Turn On Screen Time. After you see an introductory splash screen, tap This Is My iPhone to go to the main Screen Time screen.

Two options on the lower portion of this screen help you customize Screen Time overall. Tap Use Screen Time Passcode to create another passcode that controls access to Screen Time settings and lets you extend time limits. It’s designed for parents who let their children use their devices, but you could use it as a speed bump when overriding your self-defined limits.

If you use both an iPhone and an iPad, enable Share Across Devices to aggregate your usage. This syncs settings between your devices, so if you want different setups, keep this option off.

Downtime

To limit your usage according to a schedule, perhaps so you don’t get caught up in a game before bed, tap Downtime, turn on the Downtime switch, and set start and end times. Unfortunately, you can’t create multiple schedules for different portions of the day.

App Limits

When you tap App Limits and then Add Limit, Screen Time presents you with a list of categories and examples of your apps in each one. Select one or more—say Social Networking and Games—and then tap Add. Then set the amount of time you want to allow yourself overall for apps in that category. You can create multiple category limits with different amounts of allotted time.

If an app category is too broad, you can limit a particular app. Tap the Screen Time graph at the top of the screen, scroll down to the Most Used section, and tap an app in the list. At the bottom of that screen, tap Add Limit and specify a time limit.

There are a few exceptions to the apps limited by both Downtime and App Limits, regardless of your settings. The Phone app is always available, and Clock, Find My iPhone, Safari, and Settings appear to be exempt. For other apps you never want limited, tap Allowed Apps on the main Screen Time screen, and then tap the green plus button next to any app you want to allow. Apple adds FaceTime, Maps, and Messages to the Allowed Apps list by default, but you can remove them if desired.

Living with Screen Time

Screen Time alerts you 5 minutes before a time limit expires and displays a Time Limit screen when time runs out. Although the point of Downtime and App Limits is to help you stop playing the latest addictive game or reflexively checking Facebook, you can tap Ignore Limit to keep using the app, either for 15 minutes or the rest of the day.

Screen Time also dims the icon for any affected app on the Home screen and puts a tiny timer icon next to the name. You can still open such apps, but you’ll go right to the Time Limit screen.

Equally as helpful is the way Screen Time reports on your usage so you realize how much you’re using different apps. It provides a weekly report, but you can always go into Settings > Screen Time to see your daily usage.

Tap that graph, and Screen Time lets you dive into the details, for example, by revealing your most-used apps, how often you pick up your device, and how many interrupting notifications you receive. Much of the information in this screen is interactive—tap various items to see more details or adjust settings.

Only you can decide if you’re using your iPhone or iPad more than you like, and only you can exercise the self-control to restrict your usage. But Screen Time highlights how you’re actually spending time, both as you’re doing it and after the fact. Give it a try!

 

MacTLC: Tip of the week

Apple Moved Control Center in iOS 12 on the iPad—Here’s Where to Find It

Although most of what’s new in iOS 12 are new features, one change for change’s sake may throw you. In iOS 11 on an iPad, you would bring up Control Center by swiping up from the bottom of the screen, just like on all iPhones other than the iPhone X. With iOS 12, however, Apple brought the iPad in line with the iPhone X and the recently released iPhone XR, XS, and XS Max. Swiping up from the bottom of the screen on the iPad now reveals the Dock, and if you continue swiping, the App Switcher. But no Control Center! To bring up Control Center, swipe down from the upper-right corner of the screen—use the Wi-Fi and battery icons as a reminder.

Use Continuity Camera to Scan Documents and Take Photos Right into Mac Documents

Have you found yourself composing an email message on your Mac while staring glumly at the receipt or document you need to scan and attach to the message? Adding that scan to the message isn’t impossible, but until macOS 10.14 Mojave, it hasn’t necessarily been easy.

It’s super simple now, thanks to a new Mojave feature called Continuity Camera. It lets you take pictures or scan documents with an iPhone or iPad running iOS 12 and have those images show up immediately on the Mac, either in a document or on the Desktop.

Continuity Camera Basics

Apart from Mojave and iOS 12, Continuity Camera requires that the devices be on the same Wi-Fi network, have Bluetooth turned on, and be logged in to the same Apple ID, which must use two-factor authentication. Continuity Camera also requires explicit support in apps, which means for the moment that it works only in Apple’s apps, including the Finder, Mail, Messages, Notes, TextEdit, Pages, Keynote, and Numbers. We aren’t aware of any third-party apps that support it yet.

How you access Continuity Camera can vary by app, but the most common approach is to Control- or right-click where you want the scan or photo to go. Look either for commands for Take Photo and Scan Documents, or for an Import from iPhone or iPad submenu, under which those commands will be replicated for each device.

The Take Photo and Scan Documents commands may also appear in the File menu or in an Insert menu. Plus, Mail composition windows have a drop-down menu on the right side of the toolbar that includes those commands.

Should you import directly into an app, or onto the Desktop? It’s up to you, of course, but adding a file to the Desktop that you can then drag to its eventual destination gives you more options for reuse or modification, along with backup. That could be important since the photos and scans aren’t stored on the iPhone or iPad.

Using Continuity Camera

Follow these steps to use Continuity Camera to take a photo or scan a document to your Mac. Because it’s the most likely scenario, we’ll describe importing to the Desktop from an iPhone, but the steps are the same for importing into any supported app or from an iPad.

First, Control-click the Desktop and choose either Import from iPhone > Take Photo or Import from iPhone > Scan Documents. A dialog appears on the Mac screen, telling you to use the iPhone to take the photo or scan the document. The iPhone displays a variant of the Camera app automatically.

If you’re taking a photo, you can switch between the rear- and front-facing cameras, pinch out to zoom, or enable the flash with the flash button. All you need to do is tap the shutter button. If the photo is blurry or otherwise unusable, tape Retake to try again, but if you like it, tap Use Photo. The picture shows up immediately on your Mac as a JPEG file.

If you’re instead scanning a document, you also get a Filters button that lets you set the scan type: color (the default), grayscale, black-and-white, or photo. By default, the scanning interface takes a picture automatically when it detects a document. If it moves too fast for you, tap Auto (at the upper right) to switch to Manual. Then tap the shutter button to capture the image, after which you may drag the circles to identify the document corners better. Then tap Retake or Keep Scan. If it’s a multi-page document, flip the page and continue scanning to add more pages. When you’re done, tap Save to send the document to your Mac as a PDF.

That’s it! The first time or two might seem a little awkward, but once you get the hang of Continuity Camera, it’s a wonderfully quick way to get a scan or photo onto your Mac.