Category: Internet Security

Can Hackers Breach Microsoft 365 Accounts?

Can Hackers Breach Microsoft 365 Accounts

Microsoft 365 accounts have come under increasing attacks by hackers. It seems like no organization is safe if reports are anything to go by. It seems like no organization is safe if reports are anything to go by.

Microsoft released a report that the level of threat sophistication is rising. It makes it harder for them to identify cybercriminals. Key areas of concern are the internet of things (IoT) devices. Other threats are ransomware, and credential harvesting. In 2019, the company blocked 13 billion suspicious and malicious emails.

Foreign governments are also playing dirty. They are working with hackers to monitor US treasury department emails. They also used software and Microsoft Office 365 to get access. Hacking is, without a doubt, a major concern for everyone. It is crucial to prevent such attacks.

Parents must also be extra watchful. You must take the necessary steps to keep kids safe while online.

We will show you everything you need to do to secure your Microsoft 365 account.

How to Secure a Microsoft Office 365 Account and Keep Your Kids Safe While Online

Microsoft Office 365 accounts are critical for most businesses. But, they have also become quite popular amongst hackers. Once the cyber criminals are in your system, they access services and applications. Such include the calendar, SharePoint file, email, and Onedrive.

It will compromise your online security and expose you to different threats. Hackers will use several methods to get excess. Such include:

  • Phishing through the use of fake login pages. They will often ask you to change your account settings, including the password.
  • Business email compromise where the hacker uses a genuine Office 365 account. You get an email asking for specific information or action. Be careful about opening links whose source you do not know. Be wary of emails that have a lot of urgencies, especially to send money.

How to Know When a Hacker Compromises Your Microsoft Office 365 Account

There are specific things that show that your Microsoft Office 365 account is not safe. Such include:

  • An increase in email deletions due to the mailbox rules.
  • Difficulty accessing account.
  • Changes to your account that you did not allow.
  • Suggestions for new actions including Mail forwarding or moving orders.
  • Requests for password changes from location to do not know.
  • Many login attempts.
  • An increase in inbox activities that you are not taking.
  • Changes to your profile, contact details, signatures, and credentials.

Steps To Take To Secure Your Microsoft Office 365 Account

If you are on the receiving end of hacking, it can be scary. There are steps you can take to restore safety on Microsoft 365. Remember online security starts with you. Watch the sites your children visit.

If possible, restrict access to some of the sites. Only use secured networks when you are online. Also, enable the firewall and install the necessary antivirus protection on your devices.

1.   Work Offline

When you always connect your computer to the internet, hackers have an easy way of finding access to you. The alternative is to work offline as much as you can. It is a good idea to consider if the kids use the computer a lot, especially for school work.

Install the desktop version of Office 365. It eliminates the need to depend on the cloud to access the applications. You still have access to your programs without needing internet connectivity.

2.   Use Microsoft Office for Chromebook

To increase security, consider installing Microsoft Office for Chromebook.  The Chromebook’s design focuses a lot on security features. It makes it safer than Linux, Android, iOS, and even windows.

Chromebook works by blocking any installation attempts. If there is a malicious virus in an email, it will not attack your system. Everything you do when using Chromebook is cloud-based.

It makes it harder for hackers to get access to your system. The developers are always rolling out updates. Verified boots, and sandboxing also help prevent infection. In the long-term, you save a lot. You do not need external malware or virus protection.

3.   Use Strong Passwords and Multi-Factor Authentication

A weak password can compromise your safety. Take the time to craft a strong password for your accounts. A combination of numbers, letters, and symbols is a good idea. Avoid the use of birthdays, anniversaries, and 1234 as passwords.

Enable the password expiration so that you only use the password for several days.

Multi-factor authentication requires the use of an extra password to access the account. It uses information that only you would know. It may ask questions like who was your first teacher. What was the first object that you ever bought for yourself? Who is your favorite author? The answer you give becomes your second password.

4.   Configure Your Office 365 Accounts

Be careful about how you use the administrative account. Do not give access to everyone and assign privileges. You should not use the admin account for administrative use.

Before you access the admin account, make sure you close all other browser sessions. Do the same for any email accounts that are currently running. Once you finish using the admin account, make sure you log out completely.

Do not let anyone else get access to your emails or calendars. Avoid Mail forwarding to external domains. Remove global mail forwarding that the attacker may have created.

Also, take advantage of the security measures that Microsoft Office has in place. The company is even using artificial intelligence to improve the Microsoft defender.

5.   Secure Mobile Devices

Take note of the mobile devices you use as well. Microsoft Intune is a mobile device management tool that helps you secure your data. You can use it on IOS, Windows, Android, and iOS devices. If you lose your device, you can wipe out the data remotely.

Final Thoughts

From our article, we have shown that hackers can breach Microsoft Office 365. The good news is that there are specific steps to prevent breaches. Come up with a strong password and take advantage of the multi-factor authentication.

Download the desktop version of Office 365 so that you do not depend on the cloud. The other option is to use Microsoft Office for Chromebook. You get to enjoy the security features of the latter.

It is important to keep the kids safe while online. Use some of the tips we have shared above and enjoy peace of mind knowing they are safe.

Educate yourself and your family on how to protect your computer at risk.

Learn how hackers can access your computer via a session hijacking attack.

Share This Article

TikTok and Online Security | Is TikTok Safe for Kids?

Is TikTok Safe for Kids?

You might have recently heard about some of the scandalous accusations that have been aimed at TikTok. Their accused lack of respect for peoples’ privacy and for online security has led to people wondering if they are spying and even seen calls for the app to be banned in the USA.

In this guide, we’re looking at some of the reasons why people are so suspicious of TikTok and going in depth on whether or not you should trust this social media giant.

What is TikTok?

TikTok is a social media company that is similar in some respects to other visual platforms like Vine and Instagram. It focuses on short, snappy videos. There are effects you can add as well as songs and soundtracks, and these make a lot of the videos perfect for sharing. There are TikTok celebs in the same way that there are YouTube celebs as the younger generation especially become infatuated with the platform.

The TikTok Controversy: Is TikTok Safe?

People suspect that they are less than honest for a few different reasons. The Chinese company that owns TikTok has been accused of working with the Chinese government and the CCP in order to spy on Americans and other nationalities using the app.

Also, TikTok has had a chequered past where 42 million user profiles were exposed in a massive data leak, and because it is quite an open platform it can be abused by some scammers.

Why would TikTok want to steal peoples’ information?

It is hard to know the exact motives, but the accusations of links to spy groups suggest that they could wield some very powerful information. If the TikTok security was breached (something that a lot of people are concerned about) then this information, and the huge amount of data that the app requests to store when you use it, could be utilized for those with sinister intentions.

One of the things that has made people suspicious is the fact that TikTok records so much, including your location and even your device’s keystrokes.

Identity Theft Facts

Did you know that cybersecurity statistics show that nearly 1 in 3 DATA breach victims (30.5%) also suffered from identity fraud In 2013 – up from 22.5% in 2012. And this was years ago, Identity theft has been on the rise ever since, before TikTok was even on the scene. This type of theft is becoming more viable, and more easy to implement for certain criminals and this means that it is growing. Identity theft could well overtake physical forms of theft. People can use your details to borrow money or even to commit crimes, so it is important to be really cautious about what information you make available.

Identity theft can seem like something a bit abstract and like it is not relevant to you, but over 60% of those hit by scams say they have no idea how it happened to them. You can never be too careful as it can happen to anyone out there.

How to protect yourself and your children from Identity Theft

If you are at all worried then you should remember that you don’t have to get a TikTok account, and even if your children are desperate to have one, you might want to discourage this use of social media wherever possible. Though it doesn’t seem fun, it is worth actually reading the privacy policy and terms and conditions of the app. If you aren’t comfortable, steer clear.

If you do create an account, ensure that it is a private account, and see if your device will allow you to stop apps and third parties tracking your use of the device while you use the apps as this can be a way to prevent identity theft and stop loads of details about you and your life from being collected. 

How Safe is TikTok for Kids and Teens?

TikTok Safety and Online Security

As with any social media platform, there are certain risks associated with the app that parents should be aware of. One risk includes the potential for exposure to inappropriate content. While it’s true that the app’s official guidelines prohibit illegal or inappropriate content to be shared, it’s worth noting that there aren’t real people managing this process. Instead, TikTok relies on digital algorithms to automatically filter out content that violates the app’s official guidelines. The reality of this is that some illicit content will inevitably fly under the radar and end up on users’ screens.  

Another area of concern is the potential for communication with strangers. With over one billion users on the app, the risk of contact with strangers shouldn’t be ignored. Teens aged 16+ that create an account will have their profile set to public by default, and their account activity is visible to anyone. While accounts made by children between the ages of 13 and 15 are automatically set to private, it’s not hard to bypass this restriction—all they have to do is enter a false birth date when they register for an account. 

While there are many parental controls parents can activate to mitigate many of these risks and create a safer experience for their children who use the app, it’s still important to be educated on the potential dangers that come with any social media platform. Knowing what privacy settings you can manage and taking time to set technology boundaries with your kids are some of the best ways you can ensure your kids are protected on TikTok.

Cyberbullying on TikTok

TikTok has taken steps to combat this issue by implementing reporting mechanisms, content moderation, and algorithmic changes to promote positive interactions. However, parents should be diligent to recognize the signs of cyberbullying to protect their children.

One of the main reasons why cyberbullying thrives on TikTok is the ability to hide behind a screen. Users can create anonymous accounts or use pseudonyms, making it difficult to identify the perpetrators. This anonymity emboldens cyberbullies, allowing them to engage in hurtful behavior that not only affects the victims’ mental and emotional well-being, but it also creates an environment where bullying can persist unchecked.

Because of the viral nature of TikTok’s content, well meaning videos that gain popularity can quickly attract negative attention, leading to a barrage of hurtful comments, insults, and even threats. The comments section, where users can interact and leave their thoughts, can easily become a breeding ground for cyberbullying.

What Will Happen To TikTok?

Nobody has specific proof that TikTok is being used to spy on people or to steal identities. In the world of politics there is plenty of debate about the app and its use as people realize just how much power the owners of the app, ByteDance, who first acquired musically then transformed it into TikTok, could have if they really are tapping into that personal data.

If the claims are valid then it is probably a good idea to come off the app, but also to protect yourself in other ways. You can use identity monitoring services to try and establish whether data about you has leaked or become available on the black market. If some of the claims that have been made about TikTok and the Chinese government links then there is every chance that there will be some really drastic measures taken very soon.

The Future of Tiktok

TikTok seems to be tightening up some of its security.  The recent bad PR has led to the app trying to build confidence from consumers that they are not trying to steal data from people or collude with parties who are less than trustworthy.  It still remains to be seen how safe TikTok can be for kids.

The app could be removed from app stores if it is not up to scratch in terms of its privacy policies, so there are real threats to whether it will continue to exist within the western hemisphere. The threat of this will surely lead to the app becoming more watertight and giving users a lot more security controls. If not, the days of cute cat videos on TikTok could be numbered.

Share This Article

How to Protect My Family’s Finances from Hackers

Protect My Family’s Finances from Hackers

With the rise of technology, online security is more important than ever. Hackers are always developing new ways of compromising banking accounts. You do not want to be a victim of these cybercriminals, and most especially, you do not want your loved ones to fall in the trap. Thus,are there ways to make sure yours and your family’s finances are safe online?

There are many things you can do to protect your family from hackers. You can install the best antivirus, use a VPN to hide your IP, create strong passwords, and avoid clicking on bad links, etc. Read the entire guide to learn more.

Install the Best Antivirus

One of the effective ways of protecting your finances online is by installing good antimalware. A good antivirus will protect you from all malware created by hackers such as Trojans, Viruses, ransomware, adware, spyware, to name just a few.

The best antivirus comes with extra features to keep your online accounts safe from scams and other cybercriminals. Here are the features to look out for when buying one;

  • Malware protection; a good antivirus program should offer protection against new and advanced forms of malware. Cybercriminals use this malware to steal your banking details such as passwords and usernames.

This protection will improve your device’s native security system. When your devices and online accounts are protected, it will be less likely that your credit card numbers will be exposed to hackers.

  • Ransomware protection; ransomware is a type of malware that encrypts a victim’s files. The best antivirus will prevent your data from being held ransom.
  • Phishing protection; it is so easy to click on a link that disguises as your bank. A good anti malware will warn you when you are about to enter into a fake site.

On a fake website, hackers entice you into entering sensitive information such as credit card details, email addresses and passwords. Hackers use this information to steal your money. With a good antivirus, hackers will not be able to steal this data.

You will also be warned if you receive fraudulent emails that look as if they are from a friend, a company or financial institutions.

Parental control features; since many kids are spending more time online, they need an antivirus that can keep them safe from predators, addictive apps, and hackers.  A good antimalware program has parental control features that can filter out offensive content, block tracking apps and give the exact location of your kids for proper monitoring.

Use a VPN to hide your IP address

Get a good VPN. It will increase your security on private and public internet connections making it hard for cybercriminals to steal your financial information.

With a VPN, your details, like your location revealed by your IP address, are hidden, so you can securely access websites, apps, entertainment and more. It offers online privacy. Your internet provider, tracking website and internet browsers cannot be able to tell what you are doing online or able to disclose your sensitive information.

With this program, you can share any file without worrying a hacker might know its content.

Use 2-Factor Authentication to Protect your Financial Accounts

One of the best ways of protecting your family from hackers is by using 2-factor authentication to secure their online accounts.  Usernames and passwords are no longer sufficient since hackers can guess them.

With multi-factor authentication or 2-factor authentication, you will be required to verify your identity either by use of a call, text, or a code being sent to your phone number.  This provides an extra layer of security to your online accounts.

This technology can use your fingerprint, voice, and facial recognition so as to verify your identity.  Many banking institutions are using this technology since it best secures your information online.

Create strong passwords

If you want your family to stay safe online, encourage them to create strong passwords for their online accounts. Strong passwords are hard to crack.  A strong password that can beat hackers has the following characteristics;

  • Has 15 characters or even more
  • Has a mix of numbers, letters, and characters. Don’t forget to include too uppercase and lowercase letters
  • Avoid easy passwords such as 123, admin
  • Avoid using your names, phone numbers and your birth date as your password. Do not use passwords that you have used before or use for your other online accounts.

Remember, the best passwords will thwart brute force and make your accounts hard to break.

Educating Kids

The more your kids know about online safety the better they will be equipped to deal doing their part.  They will more easily understand the dangers of financial hacking when they first respect the value of money.  You can also start simply by teaching kids how to use online finances responsibly.


Read more about family finances:
5 Creative Ways to Save For Your Children’s Future

Share This Article

How to Report an Email as Phishing

Report Email Phishing

Hopefully when you received a phishing email regarding one of your online accounts you didn’t click the link and try to login. This is how hackers attempt to gain access to your account without you knowing. If you did login, immediately close your browser. Then, re-open it and go to the proper sign page through your browser and change your password.

We all get phishing attempts via email but we can do more than just educate ourselves on how to prevent being tricked. Before you delete the phishing email report it to the proper website that the phishing email is trying to access. These same companies have cyber security people that you can forward the email to.  Simultaneously you can report all phishing attempts to the Anti-Phishing Working Group at [email protected]

When concerned about possible virus infection of your computer perform a malware scan. To clarify, most phishing attempts are not created to infect and take over your computer.  Rather, the goal of phishing is to learn your account login details so they can steal your personal information.

Below are some of the more common companies that identity thieves try to mimic. These are just examples and there are many others.  If you don’t see the contact information below for the company you are looking for, simply Google it safely at the top of our website. For example, if the phishing attempt is in regards to PayPal, Google “Report PayPal Phishing”.  Often, you will find an email address posted that you can forward the phishing email to.

Report as Phishing to These Companies

In addition to forwarding phishing emails to appropriate companies and to the Anti-Phishing Working Group, you can also report the phishing link to Google but be careful. Don’t open the link in a browser, simple right click the link and select copy hyperlink. Cut and paste that link into the Google submission form and submit. Then, delete the phishing email. 

Here are a few examples of the top companies whose account holders are the top targets.  These companies want you to forward phishing emails to them so they can prevent future fishing attacks.

PayPal

PayPal is a top target of phishing because it gives thieves direct access to your money. If if you don’t currently have funds in your PayPal account, people with access can make payments out of a bank account or credit card that you have linked to. Report PayPal phishing attempts to [email protected] which can also be accessed on their PayPal suspicious activity.

If you have clicked a bad link or are worried about whether your account has been compromised change your password immediately. Learn more about how PayPal deals with account fraud.

DocuSign

Often, phishing links for DocuSign will go to Google Docs.  This may appear legitimate because it is using the Google domain but really it is someone with a Google account hosting a bad doc to gain your personal information.  Be proactive and report suspicious emails to DocuSign’s security team at [email protected]. If you feel the security of your account is at risk, contact DocuSign customer support.

Below are some tips to help spot the difference between real and spoof DocuSign emails: 

All URLs to view or sign DocuSign documents will contain “docusign.net/” and will always start with https.  All legitimate DocuSign envelopes include a unique security code at the bottom of notification emails. If you do not see this code, don’t click on any links or open any attachments within the email.

For the latest DocuSign security and system performance information, visit the DocuSign Trust Center

Report Facebook Phishing

Facebook is one of the largest website in the world with over 2.7 billion active users.  They have taken great strides to protect against phishing and promote that they take seriously all phishing reports when you forward the email to [email protected].   They have also set up security tools to prevent outsiders from signing into your account.  Like many online accounts they recommend and offer ‘two factor authentication’.  They will also email you of suspicious login attempts when you set up to receive unrecognized login notifications.

Netflix

Because Netflix is such a popular streaming service these days, it’s one of the more popular targets for phishing. Netflix states that they will never ask you to click a link to enter personal information about your account. Even if you are not sure the email you receive is a phishing attempt, report it to Netflix by forwarding the email to [email protected]. If you want to check your account to see if something is wrong with your billing, for example, go to Netflix.com directly or via a bookmark you’ve already saved to log into your account.

Here is a classic phishing email that Netflix would never send to you.

Dear user, We’re having some trouble with your current billing information. We’ll try again, but in the meantime you may want to update your payment details.

Most phishing emails feature proper links to the company at the bottom of the email, such as the Netflix support page or contact page. This is to trick you into thinking it’s legit. However, the link in the middle of the email goes to a different website.

Banks and Credit Card Companies

You may only have one bank account and one credit card. So when you receive an email from a bank that you don’t have an account with, it’s easy to ignore. You may even be thinking, why would they send this to me? Well, cyberthieves use spam internet servers to sent the phishing email to millions of people because they know at a percentage of those on the list will have an account with a particular bank.

This is why you will sometimes get an email that looks like it’s from your bank. Don’t worry, the scam artist probably doesn’t know you have an account with a certain bank. You are simply one of millions of people on a list.

Chase is one of the top banks that phishing emails try to mimic.  But really, there are too many banks and credit card companies to list, so it’s wise to be wary of any email from your bank.  Any information you need to know about your bank account will be within your account, so just go to your regular bookmark in your browser to login or to go Google and search for your bank.  You never have to worry if you always go directly to your bank to see if there are any important notifications for you.  Or just call you bank. 

To report a phishing email to your specific bank, search for your financial institution on Google by typing in your bank name followed by the keywords ‘report phishing email’.

Report as Phishing to Apple

Apple is a big one.  Your user name and password gives phishing attempts access to your iCloud account where all of your files are stored, including your contacts and pictures.  If you see any email that looks suspicious report it to Apple by forwarding the email to [email protected]Apple will never ask you to verify your identity using your password.  They also recommend to protect your Apple ID by using two-factor authentication.  This security measure is available with many online accounts where a code is sent to you via text or email to complete your login.  This means that even if hackers gain access to your user name and password and try to log in, you will get a notification, but unless they have access to your phone, they can’t gain access.

Courier Companies and Shipping Outlets

Couriers include companies like Fed Ex, UPS, DHL Express, Purolator, and USPS.  Shipping may also come from online stores who use couriers, such as Amazon and Target.  The email may say something line “We are having trouble delivering your shipment!”  If you are expecting a shipment, you will immediately be concerned.  If you are not expecting a shipment you may wonder why you are receiving a product when you didn’t order anything. This is probably a phishing email, but even if it isn’t look closely at the email.  It’s always best not click any links and simply go to your account directly through your browser.  If you don’t have an account with a specific store, such as Walmart, then you know it is more than likely a phishing email.  Report it to the company concerned then delete the email.

Amazon

Many people have an Amazon account.  You may get an email from Amazon asking for your to login to correct a problem.  This is more than likely phishing.  Do not login using the link in the mail. Go directly to your Amazon account from your browser to see if there are any issues.  Amazon also uses couriers and the same safety rules apply.  Amazon usually notifies online shoppers that a real shipment has been delivered to their door, but they will never put a link in that email and ask you to check on your shipment.  Forward all suspicious emails to Amazon at [email protected]

Additional Contacts to Report Phishing

If you have scrolled down to this bottom of this email looking for a company that is not listed above, below are are few safe links or email addresses to report a phishing attempt to that company. Reporting phishing is important so that collectively, we can work to shut down the hackers and scammers who are trying to steal personal information from millions of account holders around the world.

A Quick Review of What to Do When you Receive a Suspected Phishing email.

  • Don’t click any link to login to your account.  Go directly to your account via your browser bookmark or by searching for it on Google.  If you don’t have an account related to the email, it’s probably a phishing attempt and you have nothing to worry about.
  • Before deleting the phishing email, forward the email to the company the identity thieves are pretending to be.
  • Report the phishing link to Google but be careful how you copy the link to paste it on Google’s reporting page. Never click the link.  Instead, right click on the link to copy the hyperlink. Then delete the email.
  • When you forward a phishing email to any company, cc the email to the Anti-Phishing Working Group at [email protected]

Here are additional emails not written about above that you can report phishing emails to:

Report Email as Phishing to Gmail

This image below shows you how to report amy phishing attempt that is sent to your Gmail. To access this, you need to be signed into the web version of your gmail account. Reporting these emails will help reduce phishing and spam emails to your Gmail, but you should also report emails to the company being spoofed.

To report phishing to Gmail follow the steps below.  1) On an open email, select the drop down menu on the top right. 2) Select Report Phishing.Report Email Phishing to Gmail

About Google Account Security:  Since Google accounts only have one login to multiple website, including YouTube and the multiple apps within Google for Education, consider setting up Two Factor Authentication to protect your account.

Additional Resources

Make sure your computer is not infected with Malware because you clicked a phishing email, scan your computer and protect against future attacks.

Learn more about Phishing and the new ways hackers use to steal peoples personal information.  Read about Smishing (Text) and Vishing (Phone) Scams.

Share This Article
Google Safe Search Explore the Safe Search Engine - Google for Kids