Get in touch





    I agree to the
    terms & conditions

    Off the hook: 6 Tips to avoid Phishing scams

    Off the hook: 6 Tips to avoid Phishing scams

    It has come to our attention that many of our customers have seen an increased number of phishing campaigns over the last few weeks and it has become clear that there is some concern regarding the best way to deal with these emails. As an IT organisation ourselves, we know for a fact that security issues come in many different forms and it just so happens to be the case that phishing has the potential to be a very devastating variation of a cyber-attack. In the opening months of 2018, extremely convincing phishing campaigns have been catching vulnerable business off guard so we thought it would be prudent to provide some insight and practical advice when it comes to spotting and overcoming these manipulative messages.

     

    1: Train your staff to know what to look for

    Training your staff to be aware and vigilant of all attachments and links from unsolicited emails can be a great way to start preventing the possibilities of a potential phishing attack. All emails with attachments should be treated with caution, even those from friends, family and colleagues. Make sure you can spot common aspects of phishing emails, for example very unspecific information such as “take a look at this”. Phrases like this should raise concern, but whether they are hostile or not can be easily verified by replying to the email asking if the assumed contact actually sent the email. When you respond to these emails, the real person will receive the question and the virus or phishing attempt won’t receive your response. If the person says they didn’t send the email – good job – you just mitigated a potential dangerous attack.

     

    2: Deceptive URLs and domain names

    It is imperative that all links in emails or documents, recognised or not, are checked and verified. This is very easy to do. By hovering over links, you are able to identify the actual site the link will take you to, and if it looks suspicious simply do not click it. In addition to this, if a link takes you to a site asking for a username and password be wary. Check the address is correct and know that people might use very similar (misspelled) variations to fool their victims. Another common URL trick is to hide the address bar so you can not verify if you are on the wrong page.

     

    3: The message contains poor spelling and grammar

    Large organisations usually review every email, letter and notification for spelling, grammar and legality issues amongst a wide variety of other things. If an email contains poor grammar or any spelling mistakes, it’s likely that it’s illegitimate.

     

    4: The email makes offers that sound too good to be true

    If you get an email offering technology for extremely low prices (for example at a 90% discount) then you know it’s a scam. These emails usually tell the recipient that there is a “deal for a limited time” and often catch people out on their impulses for gratification. It’s highly likely they just want to steal your card details.

     

    5: Asking for money to cover costs

    Over the last few weeks, a wide number of phishing emails asking for payments to cover costs have been plaguing businesses all over the UK. The senders of these emails usually mimic an email address of a colleague (such as your boss) and will send you an email asking you to make the payment. These emails usually look extremely convincing and will base their attachment design off common invoices from banks, service providers and websites. The senders of these emails gamble on you not questioning the request of your superiors, as they pretend to be a trusted colleague, and therefore are one of the most manipulative.

     

    6: The message is random and uninitiated

    Phishing attacks often leech off of the popularity of services such as the lottery or other competitions to steal personal information. An example of an uninitiated attack would be receiving a message in an email claiming that you have won a competition even though you never entered one. These attacks can be successful because many people do enter competitions and draws such as the lottery, so there is a high chance the recipient can be fooled.

     

    If you have any concerns or questions don’t hesitate to call us on 01189 186822 or contact us by email on hello@nouveau.co.uk.

    Tackling Today’s Emerging Cyber Challenges

    Tackling Today’s Emerging Cyber Challenges

    Tackling Today’s Emerging Cyber Challenges The widespread disruption caused by the global pandemic has left those in higher education reeling and with many challenges. We recognise that educators are working hard to keep students safe by deploying remote and...

    Nouveau Newsletter October 2020

    Nouveau Newsletter October 2020 Do you know about Back-up and Disaster Recovery as a Service? In a world where storing your data securely is of utmost significance, it is important to find a cost-effective and flexible way of doing so. With imminently increasing...
    How to Maintain Effective Cyber Security Posture with Remote Working

    How to Maintain Effective Cyber Security Posture with Remote Working

    Since remote working, have you seen a rise in the amount of suspicious/spam emails? Perhaps some are stating “urgent request” or ‘document shared with you” Maybe a few have even broken through your filters into your inbox? This is only the tip of the iceberg of concerns for companies who are remote working. During COVID-19, threats to our cyber security systems have increased exponentially, so now is the time to really ask yourself, is my cyber security posture the most secure it can be, with all these extra risks and threats we are facing with remote working?

    What do we mean by Cyber Security posture?

    We all know about how to retain the correct posture at your desk through all the health and safety audits we have sat through (no pun intended) but what do we really mean by posture when it comes to cyber security systems?

    Just like sitting the right way, and having your desk set up correctly can help prevent potential injury to your body, a good cyber security posture will help prevent serious injury to your systems especially, security breaches and cyber-attacks. Your posture in this manner of speaking is how secure you and your workers are from these potential threats.

    From a recent survey Barracuda carried out, they found that almost half of all respondents from global businesses have encountered at least one cyber security scare since shifting to remote working, during this Covid-19 lockdown. This shows that now more than ever, it should be a priority to make sure your cyber security posture is secure and that you are confident in your systems, tools, as well as your employees.

    Things to consider in order to be cyber secure

    Equipment and VPNs

    There are many different factors to consider, in order to ensure your cyber security systems are the most secure they can be with remote working. One of the most important things to start with is to make sure you have a secure VPN for all your employees to use. This is vital as home broadband does not have the same security protocols and will not be 100% secure and safe. You can read more about the importance of VPNs on one of our previous posts here.

    You also need to make sure that all your employees are using authorised, protected work devices at all times. It is all too simple for an employee to decide it is easier to send and receive emails from their personal mobile. But, this should be stopped, to help prevent potential security breaches. You can do this through a simple fix which requires the employee to get admin permission to set up email accounts on different devices. This will also enable your IT team to monitor who tries to use non-authorised devices to access work servers.

    Email reminders

    When your employees are in the office, it is easier to pop over to their desks to remind them of upcoming IT updates that need to be completed. However, this is something that often falls by the wayside by both employers and employees when remote working. Make a point of sending out reminder emails when updates are due. Those updates are key to continuing to retain a strong cyber security posture, in order to help protect your company from threats.

    On the topic of email reminders, when was the last time you emailed your employees reminding them to stay alert to phishing/scam emails? Phishing emails spiked by over 600% since the end of February reported in info security magazine. This is due to cyber criminals have begun to take advantage and capitalize on the fear and uncertainty generated by COVID-19 pandemic. This could cause serious problems for your company and it only takes a single employee to open one resulting in a security breach.

    GDPR

    GDPR. The new set of guidelines brought in which changed the way we share and store data completely. With remote working, it is just as important if not more so to remember GDPR, and ensure all staff is remaining compliant. This includes ensuring any sensitive data being sent to a 3rd party is encrypted with the relevant security, and that files are shared in the correct manner, and not in a way that could be intercepted by hackers.

    There is a multitude of file sharing sites out there which will enable your employers to share documents securely and help keep your cybersecurity posture strong. Make sure your employees are aware of the importance of encryption and sharing data responsibly and securely.

    But, what happens if your staff suspects a potential breach to your cybersecurity systems? Do your employees know what to do, should they suspect this? If you can’t instantly and confidently say yes then make sure you remind all staff on the protocols so that if the worst does happen and a breach does occur, you can be alerted straight away and ensure minimal damage and disruption.

    So, how do I know my cybersecurity posture is the most secure it can be?

    You may be reading through this article saying to yourself “I already make cybersecurity one of my top priorities” but can you put your hand up and say with 100% confidence, that your cybersecurity posture, is as secure as it can be?

    Don’t worry if you can’t, you are not alone. According to Barracuda’s survey, over 41% of respondents had doubts over how secure their web applications were, and who can blame them, with so many new cyber threats appearing each day?

    There is a simple solution for this, which can help to put your mind at ease and provide a full security report within a matter of days. Security assessment tools such as our CTAP assessment are designed to help identify any areas for concern to help strengthen your cybersecurity posture. This will not only assess all your cybersecurity systems for potential weaknesses, but the analysis results can also lead to an improvement in productivity and utilisation. Assessment tools such as ours are key to ensure your cybersecurity posture is the strongest, and most secure it can be.

    It’s clear to see that remote working has put a lot of extra pressure on companies worldwide.  With no foreseeable end right now for remote working. Our priority is your security and peace of mind so that you can focus on your company, and not worry about cyber threats.

    To find out more about what Nouveau can do for you or about our new CTAP tool call us on 01189 186822 or email us on hello@nouveau.co.uk

    Security Newsletter – June 2020

    Security Newsletter – June 2020

    Security Newsletter – June 2020 Proactive Managed Service Cyber threats continue to rise for organisations across the entire world and it is common to hear of reputable companies being breached. IT departments are expected to run their systems for 24×7 x...


    ” I would like to take this opportunity to thank you for all the prompt assistance you provided us with during this project.

    Could you kindly express our gratitude to your engineers for the excellent work they carried out for us. “

    Farhad | London Borough of Hounslow

    ×


    ” Being responsible for IT in an organisation which is very tech dependant is a real challenge, especially having no formal IT experience myself.  Having the Nouveau team at the end of the phone is a real-life saver and I have needed a life line many times.  I most appreciate the accessibility, knowledge and friendliness of the team. “

    Judith Ball | CFO | Aspen Worldwide

    ×

    Euronics Logo
    ” The company I work for has been using Nouveau Solutions for the past 15+ years and I have had the pleasure myself to build up a good, close relationship with them for about 12 of those years.

    Nouveau Solutions have dedicated teams for each different area that are made up of very knowledgeable technicians and engineers that specialise in their specific area of expertise. It is due to this that I always feel confident that Nouveau Solutions will be able to deliver us any IT services that we may request from them (there has been a lot over the years).

    They have always gone above and beyond to deliver high quality professional IT services to meet any requirements that we throw at them within any timeframes that we may set.

    On top of the ad-hoc IT services we request from Nouveau Solutions, they also monitor, manage, maintain and support some of our network infrastructure and have always been on hand to resolve any issues that may be noticed via their monitoring or raised by us within a timely manner.

    We also purchase the majority of our IT equipment including hardware, software and licensing through Nouveau Solutions which is always at a reasonable price and always received within a timely manner.

    Since day one of our relationship with Nouveau Solutions we have been appointed to the same one account manager which has allowed him to get to know our business very well. The service that has been provided by him to us has been nothing but exceptional. He always comes across as knowledgeable in any business discussions that we may have and has always been happy to take the time to communicate with us, make us aware of anything that we need to be aware of, or provide us with updates on anything.  I have always had the impression that his main priority is to ensure that we are happy with everything that Nouveau Solutions provides to us and he will do anything to ensure that is the case.

    All in all, I have nothing but praise to offer for Nouveau Solutions and would highly recommend them to any company that was looking for an IT services company.  There are definitely no plans here to switch to a different IT services company for the foreseeable future.

    Here’s to many more years with using Nouveau Solutions! “

    Lee Burgess | IT Systems Administrator | Combined Independents (Holdings) Ltd

    ×


    ” Nouveau have been brilliant from start to finish – very professional and competitive with their service and pricing. We needed a large number of Firewalls to deploy across our global company over a very short time period and thanks to Jack’s excellent availability, Nouveau’s turn-around time was extremely swift, even with nearly no notice. Nouveau not only provided us with the hardware  – one of their competent technicians supplied us with some design work in the past to help with our data centre firewalls replacement project! Nouveau have been great to work with. “

    Hassan Ashraf | IT Service and Infrastructure Manager | Everlight Radiology

    ×


    ” In the summer of 2017, I approached Nouveau in the hope of finding a competent partner that could help us through an upcoming hardware refresh. A priority of ours was to discover a local business (within 20 miles) that excelled and specialised in HPE, Dell, Fortinet and Microsoft/Office 365 as we planned to refresh our whole core infrastructure,. This included storage, infrastructure hosting and networking (core, access and perimeter) for our headquarters and our other branches. After an extensive phase of speccing, detail planning and quoting, Andy Swain and his team were able to offer a “spot on” solution for our demands with a very high cost/value ratio. This project led to a very open and trusting partnership with Nouveau and made them our No.1 partner within IT. “

    Stefan Nader | Ensilica

    ×