Databranch Monthly Tech Talk
IT Solutions for the Workplace

August | 2022

What's Inside?

01 -Congratulations to Josh and Joel!

02 - Introducing Suanne

03 - New Service / Support Email

04 - Reply Chain Phishing Attacks

Did you know?


Google's Android mascot is unofficially known as Bugdroid.

Congratulations to Josh Britton for achieving the Microsoft Windows Server Hybrid Administrator Associate certification! 

The Microsoft Windows Server Hybrid Administrator Associate required passing two Microsoft exams – Administering Windows Server Hybrid Core Infrastructure and Configuring Windows Server Hybrid Services


Candidates for the Windows Server Hybrid Administrator Associate certification have subject matter and expertise in configuring and managing Windows Server on-premise, hybrid, and infrastructure as a service (IaaS) platform workloads.  

Congratulations to Joel Common for achieving the latest CompTIA A+ certification!  

The CompTIA A+ Core Series required passing two exams, emphasizing the technologies and skills IT pros need to support a hybrid workforce. 


The CompTIA A+ covers a wide variety of knowledge and troubleshooting skills. 


Joel is the first Databranch engineer to attain this latest CompTIA A+ certification version, just released in April 2022.
Click Here to View a List of Our Certifications!

Introducing Suanne to the Databranch Team!

When did you join the Databranch team?


I joined the Databranch team on August 15th, 2022.


What do you like best about Databranch?


The people and amazing co-workers.

 

How would you describe your role at Databranch?


As the Administrative Assistant, I am the first person to greet you when you call or visit the Databranch office. I also manage our purchasing and renewal process for our clients.


What’s an interesting way that you use technology in your personal life?


I use smart devices around my home to connect my cameras, phones, and other devices together.


How many computers do you own?


I own 2 computers.


Hobbies:


I love reading, driving my side-by-side, and visiting with friends and family.


Kids:


I have 4 beautiful daughters and 4 equally beautiful grandchildren.


Pets:


I have 1 dog and 1 cat, both of which I absolutely love.

New Email for IT Services

and Support!

The Databranch team is continuously seeking out ways to deliver the highest level of Managed IT Services to our customers.


To that end, and in line with the recent addition of Client Service Coordinator, Renee Congdon, we are pleased to announce a new standardized email address for IT Service Request Management. 


Going forward, Databranch will be accepting all requests for IT Service and Support at support@databranch.com.


This shared email will be actively monitored by our Service Team to ensure that we are able to continue meeting your IT needs with the timely and professional service you have come to expect from the Databranch team.


Please use this email address going forward to request support via email and look for email correspondence from this address related to your service needs. 

You Need to Watch Out for Reply-Chain Phishing Attacks

Phishing. It seems you can’t read an article on cybersecurity without it coming up. That’s because phishing is still the number one delivery vehicle for cyberattacks.


A cybercriminal may want to steal employee login credentials or wish to launch a ransomware attack for a payout. They might also want to plant spyware so they can steal sensitive info. Sending a phishing email can do all of this and much more.


80% of surveyed security professionals say that phishing campaigns have significantly increased post-pandemic.

 

Phishing not only continues to work, but it’s also increasing in volume due to the move to remote teams. Many employees are now working from home. They don't have the same network protections they had when working at the office.


Why has phishing continued to work so well after all these years? Aren’t people finally learning what phishing looks like?


It's true that people are generally more aware of phishing emails and how to spot them compared to a decade ago. However, it's also true that these emails are becoming harder to spot as scammers evolve their tactics.


One of the newest tactics implemented by hackers is particularly hard to detect, the reply-chain phishing attack.  


What is a Reply-Chain Phishing Attack?


Just about everyone is familiar with reply chains in email. An email is copied to one or more people, one replies, and that reply sits at the bottom of the new message. Then another person chimes in on the conversation, replying to the same email.


Soon, you have a chain of email replies on a particular topic. It lists each reply one under the other so everyone can follow the conversation.


You don’t expect a phishing email tucked inside that ongoing email conversation. Most people are expecting phishing to come in as a new message, not a message included in an ongoing reply chain.


The reply-chain phishing attack is particularly insidious because it does exactly that. It inserts a convincing phishing email in the ongoing thread of an email reply chain.  


How Does a Hacker Gain Access to the Reply Chain?


How does a hacker gain access to the reply chain conversation? By hacking the email account of one of those people copied on the email chain.


The hacker can email from an email address that the other recipients recognize and trust. They also gain the benefit of reading down through the chain of replies. This enables them to craft a response that looks like it fits.


For example, they may see that everyone has been weighing in on a new product idea. So, they send a reply that says, “I’ve drafted up some thoughts on this idea, here’s a link to see them.”


The link will go to a malicious phishing site. The site might infect a visitor’s system with malware or present a form to steal more login credentials.


The reply won’t seem like a phishing email at all. It will be convincing because:

  • It comes from an email address of a colleague.
  • This address has already been participating in the email conversation.
  • It may sound natural and reference items in the discussion.
  • It may use personalization. The email can call others by the names the hacker has seen in the reply chain.


Business Email Compromise is Increasing


Business email compromise (BEC) is so common that it now has its own acronym. Weak and unsecured passwords lead to email breaches. So do data breaches that reveal databases full of user logins. Both are contributors to how common BEC is becoming.


In 2021, 77% of organizations saw business email compromise attacks. This is up from 65% the year before.


Credential theft has become the main cause of data breaches globally. This means that there is an increased risk of hackers trying to compromise your companies email addresses.


The reply-chain phishing attack is one of the ways that hackers turn that BEC into money. They either use it to plant ransomware or other malware or to steal sensitive data to sell on the Dark Web.


Tips for Addressing Reply-Chain Phishing


Here are some ways that you can lessen the risk of reply-chain phishing in your organization:


Use a Business Password Manager:


This reduces the risk that employees will reuse passwords across many apps. It also keeps them from using weak passwords since they won’t need to remember them anymore.


Put Multi-Factor Controls on Email Accounts:


Present a system challenge (question or required code). Using this for email logins from a strange IP address can stop account compromise.


Teach Employees to be Aware:


Awareness is a big part of catching anything that might be slightly “off” in an email reply. Many attackers do make mistakes.


How Strong Are Your Email Account Protections?


Both awareness training and security software can improve your defenses against phishing attacks. Contact us today at 716-373-4467 x 15 or info@databranch.com to discuss your email security needs.



Article used with permission from The Technology Press.

Technology Trivia


What is the most commonly used password??


The first person to email us at info@databranch.com and give a correct answer gets a $25 Amazon Gift Card!

Need a Laugh?


Machetes are extremely

tech savvy...

 

They can hack anything!
If you were forwarded this email from one of our great Databranch clients and would like to receive future updates, reply to this email and we will add you to the list!
Databranch | www.databranch.com
Facebook  Twitter  Linkedin  
Databranch | 132 North Union Street, Olean, NY 14760
Unsubscribe bprince@databranch.com
Update Profile | Constant Contact Data Notice
Sent by info@databranch.com powered by
Trusted Email from Constant Contact - Try it FREE today.
Try email marketing for free today!