Staying safe isn’t just about strong passwords or “Think Before You Click.” Although VERY important, there are other dangers that you need to be aware of:

The Dangers of Public WiFi Explained

Public Wi-Fi is everywhere – coffee shops, airports, hotels, trains. It’s super convenient, especially for busi-ness travelers or anyone working remotely.
But what if we told you that hopping on that free Wi-Fi could expose your business data to cyber criminals? That’s the reality of using unsecured public networks.
When you connect to public Wi-Fi, you’re opening the door to scammers who know how to exploit these networks. The two biggest threats you need to know about are called Man-in-the-Middle (MITM) attacks and Evil Twin attacks.
Yes, they sound like something out of a spy movie… but they’re very real and can have serious consequences for your business.

Let’s start with Man-in-the-Middle (MITM) attacks. You’re sitting in a coffee shop, sending an email or logging in to your business bank account. You think your device is communicating directly with the Wi-Fi network, but in reality, a cybercriminal has inserted themself between you and the network.
This “man in the middle” can see everything you’re doing – your passwords, your emails, even your credit card details. And the worst part? You probably won’t even notice it’s happening.
Criminals use this stolen information in all sorts of ways. They might sell it to advertisers, use it to imper-sonate you in phishing scams (where they trick people into sharing sensitive information, like passwords or credit card details). Or even steal money from your accounts. For businesses, this could mean sensitive fi-nancial information or customer data ending up in the wrong hands.

Now let’s talk about Evil Twin attacks.  see two Wi-Fi networks: One called “Airport Free Wi-Fi” and another called “Airport Wi-Fi Secure”. They both sound legit, but one of them could be a fake network set up by cyber criminals.
When you connect to the fake network, scammers can monitor everything you do online, just like in a MITM attack – but they can go even further. They can steal your cookies (little bits of data that websites use to remem-ber you) and gain access to things like your login details or personal information.
In some cases, they can even install malware (malicious software) on your device without you clicking a sin-gle thing. Scary, right? All it takes is connecting to the wrong Wi-Fi network, then your data – and your business’s security – could be compromised.
Using public Wi-Fi doesn’t have to be a security nightmare, but you do need to be cautious. Here are some steps you can take to help keep your business protected:
• Avoid accessing sensitive information while connected to public Wi-Fi. This includes anything involving passwords, personal data, or financial accounts. If you wouldn’t want a stranger looking over your shoulder, it’s best to save it for when you’re on a secure network.
• Stick to websites that use HTTPS, which encrypts your data. You’ll know a site is secure if you see a pad-lock icon in the address bar or “https://” at the beginning of the web address. Most websites use this today.
• Consider using trusted browser extensions designed to boost your online safety. Many can block cook-ies, ads, and even malicious websites, reducing the risk of your information being exposed.
• Turn off auto-join on your business devices. This stops your work phone, tablet, or laptop from auto-matically connecting to any available network, including potentially dangerous ones.
• Be wary of suspicious pop-ups. Scammers often use these to trick you into clicking something mali-cious. If a pop-up feels wrong, don’t interact with it – just close the window.
• Enable two-factor authentication (2FA) on your business accounts whenever possible. This requires a second form of identification (like a code sent to your phone) to log you in, which makes it harder for any-one to break in even if they get hold of your password.
• Finally, keep your software up to date. Updates often include security patches that protect your device from the latest threats. Ignoring them could leave your business devices vulnerable.
A little caution goes a long way when it comes to keeping your business protected online. Ask yourself: Is the convenience of free Wi-Fi worth the risk of exposing my data?
This information is from our Weekly Tech Update https://actsmartit.com/2-wifi-threats/

If you get a call claiming to be from Microsoft Teams support, think twice before doing what they ask.

There’s a new trend for scammers to pose as “help desk” staff, with the aim of tricking employees into letting them take over their devices.
This is part of a larger ransomware attack, where you’ll be denied access to your business data unless you make a hefty payment to get it back.
Recently, a notorious cyber crime group has taken this scam to a new level.

First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.

They may ask your employee to install remote desktop software like AnyDesk or use built-in tools like Win-dows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.

Be warned – they don’t only reach out over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.
They do this by choosing usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then they send one-to-one messages to employees, saying they need access to their device.

Ransomware attacks are serious business. Along with locking you out of your data, they can also shut down your operations, disrupt customer service, and potentially leak confidential information.

Recovering from a ransomware attack can be expensive, both in terms of paying the ransom and dealing with the aftermath. It can cause loss of revenue, damage your reputation, and it could even have legal con-sequences.

Make your team aware of this scam and encourage everyone to be cautious with any unsolicited support calls or Teams chats. And make sure everyone knows to check with your actual IT department first, if some-one is asking to install software or gain access.

Also, if you use Microsoft Teams in your business, make sure it’s set up securely. Only allow external chats from trusted domains, and make sure chat logging is enabled. Information from our Weekly Tech Update: https://actsmartit.com/supoort-call-ransomware/

Every week, we offer a new Tech Update Video. The latest edition is on our home page. Visit our archives for our back issues of relevant videos: https://actsmartit.com/weekly-video-tech-tip-achieves/

Would you like a print copy of this infographic mailed to you?
Simply fill out the form below