Phishing is one of the most common and consistently used forms of online scams. These scams target users and attempt to find out their personal data. This kind of personal attack is based on deception, much like many real-life scams and frauds. Often no viruses are used and it all falls to the fault of the user, which makes them particularly dangerous.

Image Source:http://onesoundchoice.com/company-blog/cache/com_zoo/images/Christie-Brio_Main-Boardroom_Hi-Res_ec55f224830c302b49ee9af72f17153a.jpg

With the idea of having a "Smart Home" becoming ever more popular, many businesses are looking to modernise their offices into "Smart Offices". The level of convenience at home that is created by products such as Google Home and Amazon's Alexa makes many wish for a more automated and up to date working environment. In a 2016 Study by Dell more than 50% of employees questioned said that they expect to be working in a smart office in the next five years. 82% of millennials questioned in the same study said that the level of workplace tech influences the chance that they'll take the job. So what is a Smart Office and how does it have such an effect?

Windows 10 is a great operating system for both personal and business use. But if you are using an older machine or even one upgraded from Window's 7 it may slow down over time. The more software, documents, images, etc. that are added onto your machine the more weighed down it will become. If you want to try to avoid buying a whole new machine, then follow this guide on simple tips and tricks for how to improve your computers performance.

Last month, Microsoft announced that there was a "significant" step for the update that will allow you to collaborate with your co-workers on Excel, in real-time.

For every operating system there comes a time in its life where Microsoft deems it too old for continued support. This is called "End Of Life" (EOL) for an operating system. Operating systems often last a very long time, compared to the average computer and so you may find that even after a new OS has been released you still prefer your older one. This is perfectly fine but after two or three operating systems have been released since the release of your currently used one, then it may be nearing its EOL.

There has been a new update released for OneDrive and SharePoint Online. It may leave many of you wondering why you still can't Sync with your team's sites. It also doesn't help that Microsoft took a few days to release a changelog explain the update. The update finalised and added the Next Generation Sync Client into the main OneDrive software.

The update itself was for the Next Generation Sync Client (NGSC) to be added into OneDrive and the OneDrive Sync services. It should have really gone unnoticed, being put in place on all devices automatically. You or your admin should not need to do anything, the NGSC update should have been put in along with any updates or bug fixes to your software the moment Microsoft authorise its release. An update to a changelog for the preview version mostly focuses on previous update versions and describes this version as a fix to "top issues related to sync reliability and application stability". You can find all the release notes here. However, its not that simple and you will have to take manual steps to force SharePoint Online to sync with OneDrive, and not OneDrive For Business as it will try to.

Note: The Next Generation Sync Client does not support Sync to the personal version of OneDrive (i.e. Live.com Hotmail/Outlook accounts), only business/school versions of OneDrive and SharePoint Online. To use your version of OneDrive with your team's site and to Sync with it you'll need to perform a manual fix. This means implementing a quick Regedit fix. So open Regedit by going to start and typing "Regedit". Follow through the file tree to "HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive". Then in that top level folder create a 32bit Dword value (right click, new) called "TeamSiteSyncPreview" with the value of "00000001". After restarting the browser, you will then have success with Syncing with your OneDrive team site.

Alternatively, if you want to see if you can find another way of getting around the issue, or if that didn't solve your issue then follow the instructions on this page. The instructions from Microsoft give a good way of setting up your OneDrive but nothing really specific on an issue that could have been caused by the latest update. It is still worth a shot as it may still solve an unrelated issue that could prevent file syncing. For Mac users, if the previous guide didn't help, you can follow this Mac specific guide.

We have created our own custom, one click installer to upgrade your OneDrive to the SharePoint Online sync capable version. If you are having trouble with OneDrive syncs or would like to use our program for speed and convenience then contact us through e-mail (info@bongoit.co.uk), or give us a call (number below).

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Outlook Customer Manager – a micro CRM

Outlook Customer Manager is being released worldwide in the coming months, or sooner for Office 365 Premium users who opted into it. Free for Office 365 Premium users, this new addition to Outlook makes it easier to manage the relationships you have with your customers. Outlook Customer Manager shows you all your business dealings, meetings, e-mails and conversations organised by contact. This addition to Office 365 comes in the form as an addition to Outlook, therefore only needing an update, not an install of additional software. This will allow you to quickly pick up the addition to Outlook and work with it without having to learn any new tools.

Overview of Outlook Customer Manager

The Outlook contact manager covers many useful features and combines them into a single, easy to use area. This helps you find any information you may need on your customers quickly, such as project history, without the use of additional software. Customer details are organised on the right side of Outlook; this helps you match e-mails to customers.

The details that Outlook contact manager stores include: name of customer and name of business, any previous deals (made or failed), any pending deals, upcoming meetings, jobs and calls. The Outlook contact manager also creates a "Today" to-do list. This lets you check off details with several customers that have an event coming up soon. All of the details that go into your Outlook calendar will also automatically be added to Outlook contact manager, so you don't have to enter in the same data twice.

There is also going to be an app released with Outlook contact manager (initially only for IOS but also for other phones and devices soon after release) this app will allow you to view your agenda with each of your customers on the go and in a single app. You can also have certain events give you a notification on your phone for example, reminders for meetings or calls. The app will be seperate to the Outlook app in order to save on performance. The individual apps will still communicate together via your Office 365 account. This means that it will take slightly longer to update, when compared to the desktop version.

How can I get this update early?

If you want to have access to Outlook contact manager early you can enter into the Microsoft Office First Release. This means that you will get each piece of additional Office 365 software slightly earlier than other users. You should, however, always understand that any software that is released before the actual/official release date may still contain errors and is subject to change. So long as you know that the end result may change then you are okay to download the update early and begin practicing with your team on the new software.

To enable Office First Release, you must first go to your Office 365 homepage. After logging in go to the Office 365 admin centre, then go to settings. In settings go to Organization profile then Release preferences then click edit. To enable first release for everyone (all users in your organisation) then choose First release for everyone and click next, then confirm and save and close. If you want to enable First release for certain users, then select First release for selected users instead of First release for everyone. Then select next and confirm. Then add people by searching for them and clicking on the "+" to add them. Once you have added all the users you want to then click save and close.

Not only will you receive new software early, you will also receive updates early too. This means that if you have a scheduled time where you update all your machines, it may become invalid. You will receive all of the updates for Office 365 as they come out. This could mean an inconsistent downtime and several downloads for update fixes etc. instead of one large one per year. It is up to you if you want to manage the early updates for the early software but you can always opt out of the First Release and go back to Standard for the more consistent updates.

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Payment Card Industry Security is an essential for any online business that uses any kind of debit or credit card to make transactions. The PCI Data Security Standard (or PCI DSS) is a standard for companies that handle customer credit card details and bank details. In this blog we will explain the benefits of PCI DSS and how you and your company can reach the standard.

The Cyber Essentials scheme was set up by the government and a group of cyber security experts to help many small to medium sized companies become digitally secure against 80% of known cyber threats. In this blog we will explore how Cyber Essentials could help your business, point you to several ways of implementing it, and suggest other things you can do to make your network secure.

Microsoft has released Windows Server 2016, but what's new? What's been improved? And what hasn't? Hopefully this overview will give you an idea of if it's worth the upgrade or not.

SIP Trunking: VoIP's Perfect Partner

Voice over IP (VoIP) telephony has been gaining traction for some years now, but many businesses have yet to take advantage of SIP trunking, a technology essential for the full realisation of the benefits of VoIP and other tools.

SIP (Session Initiation Protocol) is a communications protocol designed specifically for multimedia communications running over Internet Protocol (IP) networks, such as the typical company network, and the Internet itself. It is most commonly used to underpin VoIP, video call and instant messaging applications.

With the end of the final TV debate of the 2016 US election, what is left that could change the results of the November vote? Analysts claim that Facebook’s "I Voted" button could have a potential influence over voter turnout. The so-called "Voter Megaphone" allows you to show that you have voted and see if your friends on Facebook have also voted. But by how much could it change the Presidential race in the US and its polls?

A recent study finds that one quarter of law enforcement websites based in the UK have a weak connection and could be prone to hacker interception.

Millions of people have recently found out that they not only have a Yahoo account but also that it has been hacked. Many large companies such as BT use Yahoo to base e-mail accounts for their customers. Anyone with an email address ending with "@btinternet.com", "@btopenworld.com" or "@talk21.com" could have been indirectly hacked and their details leaked.

"Without the superb help I recieved from Justin and Andrew at Bongoit, I would not have been able to regain ownership of my businesses online presence."

"6 months ago a contractor who worked at my family business attempted to steal it from me. By the time we caught him out and involved the police he had stolen our domain name, goode review account authority, controlled a website in my business name and was passing himself off online as the business owner. This had a devastating effect on my customer retention and the ability for prospective customers to even find my phone mumber.

Without the superb help I recieved from Justin and Andrew at Bongoit, I would not have been able to regain ownership of my businesses online presence. At every stage they were key in providing the help and support I needed. No matter how busy they were, what time of day or how little notice they recieved, they were there, on the phone and ready to talk my solicitors through aburdly complicated internet/legal jargon and provide expert testimony that without doubt was the deciding factor ond turned the tide.

5 stars is not enough.

Use BongoIT if you need help.

Thank you Bongo!"

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

In recent reports it has been found that the Chinese tech company Lenovo has made their most recent batch of laptops locked into Windows 10. Many have suspected that they had a deal with Microsoft but Lenovo has denied this. This, however, is not the first time Lenovo has tried to constrict what user are able to do on their hardware. 

The Supposed Deal With Microsoft.

A Lenovo spokesperson claimed the Chinese giant "does not intentionally block customers using other operating systems on its devices and is fully committed to providing Linux certifications and installation guidance on a wide range of products". The accusation originated from a Reddit thread. The thread accused Lenovo and Microsoft of locking the operating system onto the laptops at a firmware level. Lenovo stated that the lock was a storage driver compatability failure and not a feature."Unsupported models will rely on Linux operating system vendors releasing new kernel and drivers to support features such as RAID on SSD," the spokesperson staited. This meant that if you want to install Linux, you need a kernel with the required SSD driver. The issue could be simply that the latest kernel for Linux RAID has a small bug that creates a huge problem. The affected models include the "Yoga 900S" and the "Ideapad 710S". This does not bode well for Lenovo's already shaky record of unnecessary firmware additions.

BIOS Editing

In August Lenovo sold laptops with that came with free crapware already installed. This included free demos, unnecessary Microsoft programs and other things that clog up your storage space. The software itself was attached to a BIOS function which detected if any of the crapware is deleted and then reinstalls them for you on the next boot up of your system. The way that Lenovo had created their BIOS for the laptop range was with a WPBT that allowed manufaturers to add their own programs and drivers to your operating system.It was also designed to help prevent corruption by running executables on boot-up. This, however, gives companies like Microsoft a free backdoor to implant free, unremovable, demos and software. This idea of implanting information into the operating system was supposed to be used by anti-virus programs. The idea being that that protection programs could delete viruses that had placed code into the BIOS of your system. But the advertisement of major companies beat any hackers that could figure the vunerability out. But that's not all, Lenovo also sends a moderate chunk of statistics back to their databases in China.

Will Lenovo clean up their act? Or will they continue their scheming ways with Microsoft? We can only wait and see if history repeats itself once more with Lenovo.

Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

Lenovo denies claims it plotted with Microsoft to block Linux installs

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

This handy piece of software allows you to block almost all ransomware - including the dreaded cryptolocker.

Ransomware Prevention, now for Free.

This invaluable piece of software, now given to the public for free, can clean up and prevent most malicious attacks that come in the form of ransomware. The "Cryptolocker Prevention Kit" was only given out to paying subscribers but now it's available to all. It is not something that can replace your anti-virus but it is a usefull addition to your PC's defences. The kit boasts an "article on cleaning up after infection but more importantly materials and instruction for deploying preventative block using software restriction policies". This means that if your computer gets infected by something that is trying to modify existing software it will be blocked from your machine and placed into quarantine.

The SMBKitchen Crew and Third Tier staff had origionally made this program only available to paying customers. But due to the rapid spread of the virus, the producers made it available to everyone. Click here for the download page.

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

In the aftermath of Cryptolocker and Gameover Zeus, is the threat of ransomware still significant? How does ransomware work? How can ransomware be prevented or even removed form the internet completely?

The fight against ransomware and all viruses in general is always an uphill struggle. Your typical anti-virus programs can only prevent attacks from viruses and malware from programs it recognises as threats such as the famous Crytolocker.

What Is Cryptolocker?

Supposidly created by the Russian hacker Evgeniy Bogachev, aka "lucky12345" and "slavik" Cryptolocker is a trojan virus that infected computers via malware. Malware often gets into your system via pirated media and fake advertisements. Cryptolocker was also spread via e-mail attachments, which still today remains one of the most common ways systems are infected. These e-mail attachments could look like anything. Such as a .pdf file, a word document, a powerpoint, etc. although they seem harmless they could always contain code with malicious intent. Cryptolocker was a trojan virus, meaning you would recieve a file (such as a pirated movie or file via e-mail) and then open it yourself thinking that it was harmless, then your computer would be infected. Cryptolocker acted as a ransomware virus. The best ransomware viruses encrypt your personal files and adds itself to the registry of your computer. Cryptolocker did this and also created two processes for itself, one being the actual program and another for keeping the program running if a user wanted to close it.

What Would Cryptolocker Do?

This is what Cryptolocker would do if your system gets infected by it. You would load up your computer as usual and once you reach your own desktop you will be given a timer and a message. The message states that you will have 72 hours to pay a certain cost to recieve the key that would allow you to decrypt and access your personal files again. The program actually had a algorithm that worked out the cost for the key by different currencies (inculding BitCoin) and by how much data had been encrypted. The cost was usually around 400 euros but often was slightly less if paid by BitCoins. BitCoins are an online only currency which is widely used as a way to anonymously buy and sell online. Fraudsters and scammers prefer to use BitCoins as no bank company can trace where the money goes. Crytolocker would give the user a timer in which would indicate how long they had to pay the cost of the key that would release their files before the program destroyed it. Doing things such as attempting to close the program or entering incorecct payment information would be met with warning from the program to half the remaining time. By paying the 300 - 600 euro cost to unlock the key the user would recieve their unencrypted personal files back to them as they had them before they became infected. If you didn't pay the cost before the 72 hours were up then your files will remain encryped and practically unusable. 

Luckily The Threat From Cryptolocker Is Not That Great Anymore

In August 2014 law enforcement shut down a network that was in control of both Cryptolocker and the malware strain called Gameover Zeus. The extortionist gang had created a backup of their victims on a database that they hoped would never reach police hands in the event of an arrest. This would mean they could purge all the data on the primary database and police would lack evidence that could imprison them. They would them simply restore the data from the backup and continue their illegal operations. What they hadn't anticipated was that security firms and police hackers had already gained acceses to part of their network before they had created the backup database. This allowed police to slowly narrow down the list of potentual locations for their network to be based. It also allowed the security firms to find out the names of the victims and their associated file key. They eventually had enough evidence for an arrest and all the victims and their keys were released so that files could be retieved for free.

BBC News Cryptolocker Article

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

In June last year the network provider and multi-million dollar company Ubiquiti was scammed out of $46.7 million and has since been only able to recover $8.1 million with prospects of another potentual $6.8 million. This one blunder will set them back at least $31.8 million. These crimes have inspried other CEOs and executives to fight back against the criminal hackers.

Florian Lukavsky Uses Hackers Own Techniques To Stop Them.

SEC Consult Singapore director Florian Lukavsky has turned predator into prey by creating a hack that sends scammer's Window's 10 credentials to the local police. Scammers like the ones that caught out Ubiquiti use a technique of e-mail spoofing to convince executives to wire large amounts of money into their own accounts. The victim doesn't usually find out that they have been scammed untill several hours later. Banks usually don't refund this type of fraud and it is usually written off as a buissness blunder. Florian Lukavsky's counter-hacking relies on the fraudsters making a blunder that could not only cost them their ill gotten gains but also jail time. After a executive has been scammed Florian Lukavsky sends an e-mail to the attacker which seems like it is a transaction comformation from the victims bank. This e-mail includes a pdf file which contains a virus that when the attacker (hopefully) opens will find as many credentials as it can from their linked Outlook or social media accounts account and then immediatly wires it to the police.

"Someone impersonated the CEO of an international company requesting urgent wire transfers and a couple of hours later they realise it was a scam … we worked together with law enforcement to trick the fraudsters," Lukavsky says. "We sent them a prepared PDF document pretending to be transaction confirmation and they opened it which led to Twitter handles, usernames, and identity information." Lukavsky says that he gets a "kick" out of convincing scammers to fall for their own trick. His efforts have led to many arrests and shut downs of many scammers and their bank accounts based in Africa.

Where does the Lost Money Go?

Ubiquiti, which lost $46.7m in June last year isn't alone in the losses. Belgian bank Crelan, which lost $78m in January, Accenture, Chanel, Hugo Boss, HSBC, and countless other smaller companies have also fallen victim to e-mail spoofing and phishing attacks. The FBI estimates some $2.2billion has been stolen from nearly 14,000 cases in seven months to May this year Some $800m in losses occurred in the 10 months to August 2015. Obviously the money can't go through the conventional route it was intended for, so where does it go? Most scammers that are impersonating another person send the money to a bank in China's Wenzhou region. The region itself has been known for money laundering for many international crimes and scams. After the money leaves that bank, any attempt at tracing it's path is practically impossible. After it leaves a chain of Chinese banks it would likely end up in the personal bank accounts of  scammers like the ones Florian Lukavsky stopped in Africa.

Donald McCarthy Prefers Prevention Over Counter-Attack

Vice President of Operations at myNetWatchman LLC Donald McCarthy has an alternate way of preventing his workers form falling for phishing scams. He belives that anti-phishing is more of a deterrent than counter hacking like Florian Lukavsky. Donald McCarthy has come up with a program that will allow his workers to recognise and report phishing e-mails. His idea includes sending out "mock" phishing mail to members of his workforce and reward them for reporting it or making sure they know what could have happened when they believe them. Over time, as the workers get a better sence of what is and isn't a phishing scam, McCarthy will increase the difficulty by making the e-mails that are pretending to be phishing scams less and less obvious. He says that he often rewards employees for the successful identification of a scam with gift cards and in-office snacks. 

"I think all organisations greater than one person should use anti-phishing," McCarthy says. "Even that one person should use it".

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Source Articles:

Anti-phishing most critical defence against rife CEO email fraud

Ubiquiti stung US$46.7 million in e-mail spoofing fraud

Hacker takes down CEO wire transfer scammers

The new cloud regions in the UK become part of one the world’s largest online storage infrastructures, supported by more than 100 data centres globally. Several large organisations have already signed a new contract with Microsoft to use these new data centres including the Ministry of Defence.

Microsoft has recently opened several data centers in the UK. For the First time ever UK users of Azure and office 365 will be able to connect to their data without it having to pass through another country to get here. This new investment makes Microsoft the first global service to provide data from a cloud based from UK data centers. Many large organisations such as Glasgow City Council, Marks & Spencer, Confused.com, Natural Resources Wales, Pizza Hut Restaurants and Virgin Atlantic already use Microsoft's cloud servises and the Ministry of Defence is soon to join them.

Better Security and Speed For the Ministry of Defence.

The Ministry of Defence has stated that it has signed a contract to make use of the new UK based data servers because of both value for money and security of data. The MoD not only has around 230,000 workers, many of which will use Microsoft cloud products like Azure but also spends around £3 billion each year to improve its data infastructure. This should give you an idea on how much Microsoft has invested into the capacity and security of these servers.

“Microsoft’s secure and transparent cloud service in the UK fits perfectly with the MoD’s digital transformation agenda,” said Mike Stone, Chief Digital and Information Officer at the MoD. “This agreement, which is based on Microsoft’s world-class reliability and performance, will allow us to deliver cost-effective, modern and flexible information capabilities. It will ensure we are better-placed in our ever-changing, digital-first world”. Mike Stone also stated in a BBC interview that this is a welcome change as many elements of the MoD's servers and software hasn't been updated for several years.

The New Investment is a Welcome Change.

"We were still on Windows XP, for instance, and all of the applications were from 2003 or prior to that," he said in a recent interview. "I took the view that the services we were providing were unfit for purpose. The idea is to provide a different capability that fully exploits the power of the cloud and mobility. We can now work on documents collaboratively and understand more about the ways we are working—we will be able to see how much time teams are spending in meetings, on email and on the phone.".

Before Microsoft had installed these local data centers our data was having to pass through several countries. The Neatherlands and Ireland had the largest amount of traffic within their Microsoft data centers due to it having to pass through them to get to UK users. Now UK users will be able to enjoy the global network of Microsoft products such as Azure and Office 365 with less latency and more capacity but with the bonus of added security due to local servers. 

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Source Articles:

MoD inks UK Azure data centre deal with Microsoft

Microsoft becomes first global provider to deliver complete cloud from UK data centres