Bryley Basics: Why do my outbound emails show up as spam?

Anna Darlagiannis and Gavin Livingstone, Bryley Systems Inc.

I just got a call from a prospect; he notes that his emails are showing up as spam and his email recipients now think he is a spammer.  This is a topic that many email-oriented organizations experience.

Unfortunately, with ransomware growing more common, spam-filtering efforts are getting more aggressive, which makes it even easier to be labeled a spammer and then blacklisted.  Is it a losing battle?

Spam is unsolicited/unwanted bulk email; it is often easily identified, but can also be a bit ambiguous, making it difficult to separate desired email from undesired.

Spam filters, both free-standing (Reflexion, MimeCast, Proofpoint, etc.) and built-ins (spam-deterrents built into Google Gmail and Microsoft Office365) use various algorithms and keyword searches to review incoming email, apply a spam “score”, and then block those that exceed a specific threshold.  In addition, they blacklist repeat offenders considered spammers, effectively preventing the source emailer from reaching their intended audience.

Subject-line triggers are a significant issue; using words like “Free” or “Viagra” in your email subject line (and within the body of your email) can easily get your message labeled as spam.  Send this email to hundreds of recipients will get you blacklisted as a spammer.

In addition, these are other common email-spam identifiers:

  • Generic greetings
  • Grammatical and spelling errors
  • Unusual use of capitals or punctuation (BUY!!!)

Here’s how to stay off the spam-filter radar:

  • Avoid attachments
  • Check spelling and grammar
  • Provide an unsubscribe option
  • Avoid certain keywords1 and subject-line triggers

1Please see The Ultimate List of Email SPAM Trigger Words by Karen Rubin of Hubspot on January 11, 2012.

Do I need Cyber Liability Insurance?

Gavin Livingstone, President, and Mike Carlson, CTO at Bryley Systems Inc. with Bill Percuoco, Sales Executive at DF Murphy Insurance Agency, Inc.

In general, Bryley retains business insurance to address all areas of significant risk; we ensure that we have sufficient coverage for all big-event issues, while usually requesting the greatest deductible possible.  Cyber Liability Insurance is high on our list of must-have coverage; both for ourselves, and for our clients.

Cyber Liability Insurance is designed to protect consumers of technology services or products.1  It provides coverage for data breaches, known or even undiscovered, and is a risk-transfer option designed to address some of the costs of mandatory notification (required within the Commonwealth of Massachusetts and 45 other states) and to deal with the remedial aspects of a data breach.2

Coverage typically includes:

  • Data breach/crisis management costs – Reporting and managing an incident, including remediation
  • Network security liability – Third-party damages due to denial of access
  • Multimedia liability costs – Restitution for defacement of website(s)
  • Extortion liability costs – Losses due to extortion attempts

Organizations that process credit cards are at risk; more so if they store credit-card information on their network.  In addition to credit-card information, a data breach that discloses other types of personal information can introduce extensive liability:

  • Employee information is a risk for any employer.
  • Information collected and retained from medical applications may include confidential medical and/or personal data.

While non-Fortune-5000 organizations are unlikely to be specifically targeted for their data, many of these attacks are broadly distributed, often via forged emails sent to thousands of people.  The attackers gather data from successful attacks and then determine if it is of any use to them.

Another targeted area could be your public presence – web site, Facebook/Twitter, etc.  This is more of an embarrassment than a financial liability, but restoring the web site and regaining access to hacked social-media accounts and the like does have a cost.

Bill Percuoco of the DF Murphy Insurance Agency, Inc. (our insurer), notes that they have recently seen several claims stemming from social engineering where a criminal has tricked an individual into transferring money.  (Social engineering is the psychological manipulation of someone to reveal confidential information or perform a desired action.3)

Due to supporting the technology of our clients, Bryley Systems remains extremely diligent; in addition to our security measures and internal controls, processes, and policies, we have had Cyber Liability Insurance for many years.  Our premiums are based on annual sales, factored by industry, services, policies, security, and risk-exposure; we are likely at the high end since we protect other organizations.

We believe that it is far less expensive to purchase Cyber Liability Insurance coverage than it is to face these situations without sufficient resources.  To that end, we recommend Cyber Liability Insurance to our clients and to all organizations using online technology, particularly those that accept credit cards and/or use online financial, medical, or employee-oriented applications.

1Please see Data breach and cyber liability:  Real risks in a virtual world in the blog at DF Murphy Insurance Agency, Inc. from May 11, 2015.

2Please see Understanding Cyber Liability Insurance from Trusted Choice® Independent Insurance Agents.

3Please see Social Engineering in Wikipedia, the free encyclopedia.

My final words on Ransomware (at least until next month)

Gavin Livingstone, Bryley Systems Inc.

Ransomware continues to grow at a rapid pace:

  • The FBI received over 2,400 Ransomware complaints in 2015
  • There was a 30% increase in Ransomware cases in Q1-20161
  • Ransomware infections in April 2016 more than doubled2

The most-popular variants and their distribution methods:

  • CryptoWall – Distributed through ZIP attachments on email files
  • Locky – Spreads through MS Office macros or JavaScript files
  • Samas – Propagates on vulnerable web servers

Why it is so attractive to cyber-criminals:

  • There is a direct path to immediate payment from the recipient (versus other, riskier, cyber-crime methods that require selling something, i.e.: credit-card information, to unknown parties that might be law enforcement)
  • It is easily spread through phishing (and now, vulnerable web servers)
  • The technology is constantly improving
  • Anyone and everyone is a target

The impact3:

  • Temporary or permanent loss of sensitive files and information
  • Significant disruption to daily operations during recovery
  • Financial impact to restore (or re-enter) encrypted files
  • Possible harm to the organization’s reputation

A few of the best defenses:

  • Backup your files at least daily and store these backups at a remote location3
  • Keep anti-virus/anti-malware software and operating systems up-to-date
  • Do not click on Web-links on an email or a website
  • Whitelist desired applications; blacklist all others
  • Restrict end-user access and permissions

1Please see “Q1 2016 saw a Record High for Ransomware” by Larry Loeb of Security Intelligence on May 24, 2016.

2Please visit “April 2016 was the Worst Month for Ransomware on Record in the US” by GoldSparrow in Computer Security articles at Enigma Software.

3Go to “Ransomware and Recent Variants” published by the US Computer Emergency Readiness Team (US-CERT) on March 31, 2016.

4Visit “More Ransomware – Jeez I’m getting sick of this topic!” in the May 2016 edition of Bryley Information and Tips (BITs).

Bryley Basics: Setup your Android or Apple phone as a burner

Anna Darlagiannis and Gavin Livingstone, Bryley Systems Inc.

Wouldn’t it be great to have a disposable phone-number; one you could use to make calls to an unavoidable person that you’d rather not have call you back?  Well, you can now get Burner from Ad Hoc Labs, Inc.

Burner creates phone-numbers on your existing phone.  You can create multiple burner numbers, temporary or long term, which are accessed through the app.

Burner is perfect for keeping your phone-number private.  Potential uses include:

  • First dates,
  • Selling items on craigslist, and
  • Responding to nuisance situations.

Basically, any time you wish to remain anonymous and keep your real phone-number private, you can call or text through Burner and avoid the hassle of a potential call-back or text-back.

Burner starts at $1.99 and can be purchased through App Store (Apple) or via Google Play.  Pricing is based on functionality:

  • Number of texts sent,
  • Number of minutes used, and
  • Number of days the phone number stays active.

Burner is, however, free to download and Ad Hoc Labs provides a free trial – you can test a free burner phone-number for up to seven days.

More Ransomware – Jeez, I’m getting sick of this topic!

Gavin Livingstone, Bryley Systems Inc.

Guess what:  Cyber crooks are killing it!  According to Kaspersky Labs, over 700,000 people late 2015/early 2016 gained the privilege of stress-testing their backup strategies or forking over money (and a comment on their vulnerability) to some overseas creeps who view every server and workstation as a potential cash cow; this was 5x the amount of people reporting similar issues in late 2014/early 2015.  And, the attacks are getting more sophisticated, and much more effective.

Sure, it is constantly in the news and we are all concerned, but many of us are like the proverbial Ostrich, sticking our proverbial (yes, I meant to repeat proverbial; I like the way it sounds; proverbial, proverbial, proverbial) heads in the sand.  And, it is costing us significant money!

To recover from Ransomware, we recommend backups that follow the 3:2:1 rule:

  • Three copies of your data
  • Two media types
  • One offsite

This simple rule, when followed diligently using a professional-grade backup application with at least daily, monitored, encrypted backups, can save your data from Ransomware, disasters, and other ills.  (Windows Server Backup, although improved, is not a professional-grade backup application since it lacks logging, which can lead to unintended consequences, particularly when swapping backup media on a daily basis and trying to verify previous, good backups.)

Case in point:  We saved an organization that relied on Windows Server Backup with a single, attached USB drive (no media swapping). It was attacked by Cerber Ransomware, which was inadvertently downloaded to the Windows PC of a user with administrative rights.  (Cerber Ransomware is licensed to cyber-criminals, who pay royalties for its use; these royalties are sent back to its originators in Russia.  It emerged in March 2016 and has recently targeted Microsoft Office365 users.)

The virus on the server went to high-value accounts, concentrating on encrypting data and Windows Server Backup files while making it appear that all files within most folders were already encrypted (although only about one in 10 had been encrypted initially).  Some interesting points:

  • The virus was injected into User Accounts in their AppData/Remote folder, which executed when the user logged onto the network.
  • Over 25,000 data files in about 1500 folders were encrypted.
  • All Windows Server backup files on attached drives were encrypted and renamed to @@@@@@@@.server with the current date or no date.
  • The requested ransom was $2,000; 2.725 bitcoins.

In broken English, the attackers noted:

  • “You have turned to be a part of a big community #CerberRansomware.”
  • “…we are the only ones who have the secret key to open them (your files).”
  • “Cerber … is not malicious and is not intended to harm a person…”
  • “…created for the sole purpose of instruction regarding information security.”

The upshot:

  • We rebuilt the server and reintroduced it to the network.
  • The Network Administrator’s workstation was wiped clean and rebuilt.
  • With significant effort, we recovered 90% of the company’s original data.
  • We now professionally backup this site using our remote Bryley BU/DR.

Related:

  • Anyone and everyone is a target; these criminals are happy to get a few hundred dollars each from millions of potential “customers”.
  • A solid backup plan is only one step in your line of defense; security requires a multi-layered approach.
  • Don’t pay cybercriminals; one Kansas hospital paid the ransom, and was told to pay again! Plus, you become an unwitting target for future attacks!

Please see these issues of Bryley Tips and Information (BITs):

Please also see Cyber-Security Firm:  Crypto-Ransomware Infections have reached Epidemic Level by Jonathan Keane of DigitalTrends on 6/24/2016.

Bryley Basics: How to determine what Google knows about you

Gavin Livingstone and Anna Darlagiannis, Bryley Systems Inc.

If you ever wondered why those pop-ups are becoming more targeted (and more invasive), you might be aware that your profile information (name, email address, location, etc.) and web-surfing habits are being shared with others.

It is an unwritten agreement:  Google helps you search the Internet and gives you handy applications (Gmail) and websites (YouTube), but it shares your information with others (i.e.: advertisers).  And, it collects and retains everything!

There are two main sites used to review what Google knows about you:

  • Web and App Activity – Details that you provide when you sign-up for a Google-owned web-site or application.
  • Ads Settings – Data that Google derives from your web-usage behavior.

The former is typically required, but voluntary (as in you can choose to not visit the website or not deploy the application); the latter is always collected and analyzed.

After logging in to Google, I discovered my Web and App Activity data included:

  • Name
  • Email
  • Gender
  • Age

From Ad Settings, it was pretty clear that Google stores years of information on every site visited, with implications that are Big Brotherish.  (I wanted to pull out my aluminum-foil cap and relocate to a cardboard box in the forest, but cooler heads prevailed.)  I found out that I had these interests (which were previously unknown to me):

  • Hair Care – My hair is mostly intact, but graying with age.
  • Bicycles and Accessories – Too old for that; probably get hurt.
  • Hygiene and Toiletries – Isn’t everyone at least a little interested in hygiene?

Basically, you can access and delete this data, but it takes some effort and you will endure constant nagging from Google when doing so.

 

Please visit Julie Bort’s excellent article (5/6/2016) from TechInsider: How to find out everything Google knows about you.

Why no-one wants to pay for IT support

Gavin Livingstone, Bryley Systems Inc.

I’d be rich if I had a $5 dollar bill (inflation) every time I heard:

  • “My son/daughter/niece/nephew (pick one) who is only 2/4/6/8 (pick one) years old was able to solve my computer problem; why do I need you?”
  • Lisa, a senior VP in our marketing department, handles our IT.”
  • “I’m moving to the Cloud, so I won’t need IT support.”
  • “I looked up the answer on Google; it was easy to fix.”

Sure, anyone with technical interest and aptitude can address IT-support issues, particularly those at the lower, end-user level (comprised of printers, computers, and mobile devices).  Many organizations have that one Lisa/Joe/Patty who helps with IT-support issues (in addition to working their full-time job) or is the dedicated IT resource within the organization; they feel it is cost-effective to have an internal IT person or an IT department, often citing the need for a warm body onsite who can respond instantly, particularly when the President can’t sync her iPhone.

However, IT is a complex field with many moving parts; it is difficult to be proficient, let alone expert, in all areas.  For example:

  • Lisa designed the computer network to be reliable, secure, and robust, but is overqualified (and not cost-effective) helping someone print a document.
  • Joe can change toners, but does not know what to do when the Internet is down; especially troublesome when your primary application is Cloud-based.
  • Patty configures Windows desktop computers and iPhones for employees, but cannot verify that the firewall is doing its job.

Basically, IT is a multi-facet discipline; successful IT support personnel have:

  • An understanding of the components (desktop computers, mobile devices, servers, firewalls, routers, Cloud, etc.) and their interdependencies.
  • A step-by-step troubleshooting mentality that works well under pressure.
  • A willingness to stay current with constantly changing and emerging topics.

IT is an expense, but also an enabler; it is usually fundamental to an organization’s success, often representing an opportunity to get ahead of a less-savvy competitor.  Given the breadth of technology options and the potential to develop new business or reduce costs, more organizations trust (and outsource) their critical IT functions to a Managed IT Services Provider (MSP) or a Total IT Services Provider (TSP).

Truly effective MSP/TSP companies are dedicated to remaining IT savvy while focused on the business requirements and concerns of their clients.  These companies share similar characteristics:

  • A broad, experienced service team with varying levels of competence:
    • Technician (Level-1) – End-user oriented and experienced in the devices common to end-users: Mobile devices, PCs, MACs, printers, scanners, and the like.  They should work well with others, be experienced in end-user operating systems (Microsoft Windows, Google Android, MAC iOS), and have excellent troubleshooting skills.
    • Engineer (Level-2) – Network-device oriented and experienced in Cloud, servers, virtualization, Ethernet switches, firewalls, routers, Wireless Access Points, and other network devices. They must be good troubleshooters and understand network-level IT components.
    • Consultant (Level-3) – Implementers of Cloud-based solutions and local and wide-area networks. Social skills are expected; business skills are a must.
    • Chief Technical Officers (God-level) – Architects of Cloud-based/ hybrid-Cloud solutions and wide area networks. They must understand the technical functionality of all of the moving parts, while keeping the business needs and consequences in clear focus.
  • A proven, capable management team that can focus technicians, engineers, and consultants on the tasks at hand while preparing them, skill-wise, for an ever-changing world.
  • A defined set of business-oriented processes designed to manage, optimize, and secure (coincidently, Manage ● Optimize ● Secure is our tagline) their client’s network environments. These processes are not static, but tend to be ever-evolving and striving toward proactive automation and perfection.

In sum:

  • IT is a complex, changing discipline of multiple levels,
  • IT can enable new opportunities or reduce costs,
  • IT can make or break an organization, and
  • MSPs/TSPs can maximize your IT potential!

Gavin Livingstone interviewed by CRN®

Gavin Livingstone, President of Bryley Systems, was interviewed by Richard Whiting in CRN’s 2016 Managed Service Provider 500 in the February 16, 2016 online issue of CRN®. Highlights:

“We’re doing really well,” said President Gavin Livingstone, noting that 2015 was the second-best year in the company’s history (2000, in the midst of the dot-com boom, is hard to beat). Today about 70 percent of the company’s revenue is services (and just more than half is recurring revenue) while 30 percent is hardware and software.

Demand for Bryley’s services is being driven by IT complexity, the need for end-user support, security needs and compliance requirements, Livingstone said. “Manage, optimize and secure” is how he sums up his company’s work, which uses the motto “Dependable IT at a predictable cost.”

Anna D. promoted to Manager of Client Relationships

Anna D., a member of Bryley Systems’ Business Development team, has been promoted to Manager of Client Relationships – a new position designated to proactively monitor and enhance client services within the Company.

Anna joined the firm in 2010 and most recently served as an Account Executive. In her new role as the Manager of Client Relationships, Anna will oversee Bryley’s Premier Clients, handling all aspects from account management, updates, training, and proposals through Client Business Reviews. Building high-value, long-term relationships with clients is a top priority for Anna and for Bryley Systems as the Company continues to grow.

Anna is a graduate of the University of Connecticut and has achieved industry certifications for VMware VSP and Cisco SBAM.

Michelle Denio promoted to Technical Support Supervisor

MAD_prfMichelle Denio, a key member of the Bryley Systems’ Technical Services team since 2008, will continue to support the Company’s clients in this newly created position.

With a look to the future of Bryley Systems’ continued growth, she will also take an active role in the supervision of the Technical Services team during its expansion.

Ms. Denio, a graduate of Quinsigamond Community College, is an expert in ConnectWise and Kaseya, two primary tools of Managed IT Services Providers.