What's Going On With IT? News and views from the world of IT

How To Spot Phishing Or Spoof Emails

Phishing Email Example
An example of a phishing email from a fictional bank

Phishing is the term for emails which try to trick you into doing something by pretending they’re from someone else. For example you might get an email that appears to come from your bank asking you to click a link and enter your credit card details for “security purposes”. That link doesn’t really take you to your bank website and you end up giving the phisher your credit card details!

With this in mind here are our 8 tips to avoid phishing:

Tip 1: Don’t trust the sender’s name

The first place to check is the address of the sender. At the top of the email in the header you’ll see something like this in a legitimate email:

From: Barclaycard <barclaycard@mail.barclaycard.co.uk>

This includes the “barclaycard.co.uk” which is also the sites real website address. A phishing email might have something like this:

From: Barclaycard <barclaycard893@gmail.com>

This has actually come from an “gmail.com” address which anybody can setup.

Tip 2: Don’t click the links

If you hover your mouse over a link in an email you will see the full address that the link will take you too. A legitimate email should be easy to spot as the link will start with the correct website for the sender. Using our Barclaycard from above you’d expect to see a link along the lines of “https://www.barclaycard.co.uk/…” and a phishing email might have something like “http://barclaycard.usenet.com/…”

Tip 3: Beware of emails preying on your fears

Emails which try to make you act in a hurry, especially where money is involved, should ring alarm bells. A favourite trick is to send you a fake invoice as an attachment which you’ll open without thinking about it because you’re worried.

Tip 4: Don’t give up personal information

Banks and other professional companies will never ask for personal information via email. If you get an email asking you to confirm your credit card number or other personal information that could be used for identity theft don’t give it away.

Tip 5: Check for spelling errors

Companies take their brands seriously and wouldn’t send out emails with bad spelling or grammar. Poor quality logos are another indicator of a fake email.

Tip 6: NEVER open the attachments

Attachments on an email you’re not expecting are a big red flag. You are unlikely to see any attachment from an online shop or your bank so treat any attachment as highly suspicious.

Tip 7: Check the signature

Lack of contact details in the email signature strongly suggests a phishing mail. Legitimate businesses will always provide plenty of ways to contact them.

Tip 8: If in doubt, contact the company direct

If you’re ever in doubt over an email or you’re worried that the invoice you appear to have received could be real. Look up the company and call them directly.

Bonus Tip 9 : Talk to us about anti-spam for your email

This one isn’t so much a tip for spotting spam mails but a way of avoiding a large amount in the first place. Give us a call about implementing an anti-spam gateway for your emails so that the majority of phishing emails never even reach your inbox!


Windows 10 Anniversary Update

The second big update to Windows 10 is out today!Windows 10 Anniversary Update

Like the first update in November this is again more of an incremental update with improvements in lots of different areas of Windows 10.

Microsoft Edge Browser Extensions

This is one I’m very pleased about. I’ve been using Google Chrome for a few years now and one of my favourite features is the extensions available.

Currently there aren’t too many available for Edge but you can already get some of my favourites: Ad Blocker, Lastpass password manager and Save to Pocket (so useful for organising parts you want to go back to later)

Cortana Improvements

I must admit I’ve not used Cortana much on Windows 10 but it’s definitely becoming more useful so I’ll be using it more in the future I think.

This update brings improvements to reminders, lock screen use and is going to have the ability to sync notifications with your phone. Currently the notification sync is only available on a Windows 10 phone but it’s coming to Android and iPhone soon™.

Windows 10 Start MenuStart Menu Improvements

The original Windows 10 start menu was a big improvement on the Windows 8 start screen, moving back to more of a mix between Windows 7 and 8.

The Anniversary Update improves on this further by moving some of settings (power, system settings, documents) to a new icon panel on the left hand side. This frees up the rest of the menu to concentrate on all of your installed apps, instead of having to go into a sub menu for them.

Action Centre Improvements

The Action Centre is where all your notifications are collected. It’s what appears when you click the little speech bubble down by the clock in the bottom right hand corner. Central notifications was a BIG improvement for Windows 10.

The Anniversary Update improves on this further by letting you prioritise which notifications will appear at the top (I have my Emails and Slack messages)

By default each app will only show 3 notifications so that one popular app won’t take over the whole bar.

That little speech bubble will also display a number showing how many unread notifications you currently have at a glance.

Taskbar CalendarWindows 10 Taskbar Calendar

The taskbar calendar found when you click on the date/time in the bottom right corner is now tied into the main Calendar app and will show you an overview of your tasks for the day.

Dark Theme

Again not an earth shattering improvement but a lot of people find stock Windows 10 too bright. Find it at Settings > Personalisation > Colours.

Is that all?

There’s lots of other little improvements “under the hood” to make your PC perform better and make your life just a little bit easier. I haven’t mentioned some of the less serious updates either such as the new Xbox Play Anywhere app or the new Emoji 🙂

How do I get the update?

The update will appear with your normal Windows updates with the snappy name of “Feature update to Windows 10, version 1607”. Expect to see it appearing soon and be prepared for a longer install time than most Windows updates!


Security and You

Being in the IT Support business we see our fair share of virus and malware infections and usually the first question we get asked when we return the infected machines is “how did it get infected?”

Often we won’t be able to pinpoint exactly how it happened but we can make recommendations to try and minimise the risk of future security issues.

Windows 7 - Windows Updates Control PanelSome of those recommendations are obvious such as running up to date anti virus software on the machine. We also recommend you at least keep the Windows firewall enabled on Windows XP and above. Better still, especially on larger networks, to install a centrally managed anti virus/firewall such as Symantec Endpoint Protection which is our preferred solution.

The less obvious recommendation is to keep your software up to date. Windows itself is the most important thing to keep up to date and you can do that on individual PCs using the Windows Update service either manually via the website or by enabling automatic updates. You can also enable the Microsoft Update service which does the same for Windows and other Microsoft applications like Office.

For larger networks it’s possible to centrally manage updates with Windows Server Update Services which can be used to push updates out to all of your networked computers and servers.

An important update to consider is Internet Explorer; Windows 7 by default has Internet Explorer 8 installed which was released in 2009. Microsoft considers Internet Explorer 8 to be an obsolete product now and in general it is very vulnerable to exploitation. Internet Explorer 11 is the latest version and can be installed via Windows Update or you can download it from https://www.microsoft.com/en-gb/download/internet-explorer-11-for-windows-7-details.aspx.

Other software which is frequently targeted include Adobe Reader (Get the latest here), Adobe Flash (Get the latest here) and Java (Get the latest here). We would recommend you don’t even have Adobe Flash or Java installed unless you require it for something specific.

Obviously this isn’t an exhaustive list but it should give you something to think about. If you need any help with any aspects of your IT security please feel free to call us on the number below or fill in the contact form and we’ll get in touch.


Windows XP Support Ends April 2014

Many people don’t realise that Microsoft actually released Windows XP in August of 2001 making it 12 years old now!

Microsoft has a Support Life cycle policy that states that their business software (such as Windows, Office, etc) are supported for a minimum of 10 years. Windows XP support has been extended but it is now coming to an end on the 8th of April 2014.

So what does this mean to you?Windows XP

It means that after the end date there will be no new security updates, non-security hotfixes, no online technical content updates and no free or paid support options.

The most important of these is the end of security updates. Without these any vulnerabilities discovered in Windows XP will not be fixed as they are at the moment with regular Windows Updates. This would leave those systems very vulnerable to virus and malware attacks.

Another important point to consider is that software vendors are starting to end support for Windows XP for their software; Sage Accounts is a well known example.


Recent Tweets

We're loving the look of the new Surface Studio PC! microsoft.com/en-us/surface/…

There's a reason we use Draytek on a regular basis! twitter.com/DrayTek_HQ/sta…

Have to love virtualisation. A client in Bristol today had a requirement for a new server, so we just span up a new 2012 VM in under 20 mins

#iPhone or #iOS user? Update your operating system to protect against Trident #0days symc.ly/2cAVeEG Retweeted by Ncom

We've updated our sites, have you updated yours? twitter.com/WordPress/stat…

I would tell you a UDP joke, but you might not get it...

Not everyone is fluent in txt. #EmailEtiquette outl.ms/14vr0w Retweeted by Ncom

test Twitter Media - RT @Outlook: Not everyone is fluent in txt. #EmailEtiquette https://t.co/drFBtr2tpz https://t.co/099KbYSYO3

Microsoft updates Office for Android with new collaboration and sharing features: neowin.net/news/microsoft… via @NeowinFeed