The copper switch-off explained for London businesses and building operators | Book your free copper audit

Have you heard the saying, "A picture is worth a thousand words"?

Cybercriminals have too, and they're using it to their advantage.

In a new twist on phishing campaigns, cybercriminals are luring victims to click on images rather than downloading malicious files or clicking suspicious links. Let's dive into the warning signs, so you can keep your business safe from these sneaky attacks.

First things first, what's the big deal about clicking on an image? It might be promoting a killer deal or one-time offer. But when you click on the image, you don’t go to the real website. Instead, it’s a fake site designed to steal your personal information.

Imagine being lured in by a cute cat photo only to find out that Mr Whiskers was a wolf in sheep's clothing! Not so cute anymore, right? So, how can you tell if an image is part of a phishing campaign?

Here are some warning signs to look out for:

• Unexpected emails: Did you receive an email from someone you don't know or weren't expecting? Be cautious! It's like accepting sweets from a stranger – you never know what you're getting yourself into
• Too good to be true: If an email promises you a free holiday or a million pounds just for clicking on an image, remember the golden rule: if it sounds too good to be true, it probably is.
• Spelling and grammar mistakes: We all make typos, but if an email is riddled with errors, it could be a sign that something is going on.
• Mismatched logos or branding: If an email claims to be from a reputable company but the logo or branding doesn't match up, assume it’s a scam

Now that you know what to look for, let's talk about how to protect your business from these image-based phishing attacks:

1. Educate your employees: Knowledge is power! Make sure your team is aware of the latest phishing tactics and knows how to spot the warning signs.
2. Keep software up-to-date: Just like you wouldn't drive a car with bald tyres, don't let your software become outdated. Regular updates help patch security vulnerabilities that cyber criminals might exploit.
3. Use strong passwords: It might be tempting to use "password123" for all your accounts, but resist the urge! A strong, unique password for each account can help prevent unauthorised access. Using a password manager is even better.
4. Enable multi-factor authentication (MFA): MFA adds an extra layer of security by requiring people to verify their identity through another method, such as a text message or fingerprint scan.
5. Backup your data: In case disaster strikes, make sure you have a backup of all your files. That way, you won't be left high and dry if your data is compromised.

Whilst cyber criminals are getting smarter and smarter with their tactics, there's no need to panic. By being aware of the warning signs and taking proactive steps to protect your business, you can stay one step ahead of these digital tricksters.


Remember, not all that glitters is gold – or in this case, not every cute cat picture is just a cute cat picture. Stay vigilant, and don't let the scammers win!

Are you aware that the rise in global VPN usage has skyrocketed? The reasons are clear as day: Virtual Private Networks offer increased security, anonymity, and allow access to geo-restricted content online.

But here's the million-dollar question: Are all VPNs created equal?

The answer is a resounding no. And that has potential implications for your business.

Although tempting with their zero-cost allure, free VPNs aren’t always what they promise to be. Why, you ask? Let's take a closer look at free VPN services.

For starters, it's important to understand that running a VPN service comes with substantial costs. Servers, infrastructure, maintenance, staff – these aren't free.

So how do free VPN providers keep the lights on? Some employ tactics that could compromise your privacy and security.

Imagine this: You're sipping your morning coffee, browsing the net through a free VPN, believing your online activities are private. Your sensitive information might be collected and sold to the highest bidder.

Cyber criminals, advertisers, even government agencies could potentially get their hands on your data.

Shocking, isn't it?

Moreover, free VPNs are notorious for injecting unwanted ads and tracking cookies into your browsing sessions. Ever wondered why you're suddenly bombarded with eerily accurate ads? It's probably your free VPN service cashing in on your browsing habits.

Now, consider the potential danger if an employee downloads a free VPN on a company device, or on their personal device that they use for work. Company data could be exposed, representing a significant business risk. Picture a scenario where your company's sensitive data falls into the wrong hands - a chilling thought.

So, what do you think is the solution?

Educating your employees about the risks associated with free VPNs is crucial. Encourage the use of reliable, paid VPN services that guarantee no data logging, robust encryption, and superior user privacy.

In fact, you may choose to provide one to them. If we can help you find the safest, most suitable VPN for your business, please feel free to get in touch.

Remember, when it comes to online security, free often comes at a higher cost. Isn't it worth investing a few ££ a month to protect your company's valuable information?

You’ve checked your pockets, your bag, under cushions… and then it hits you. You left your work phone on the table at the coffee shop.

You panic.

It's not the device itself that’s got you worried, but all the sensitive business information stored on it. If that mobile ends up in the wrong hands, you’re facing a nightmare.

But that worry could be over. Microsoft and Samsung are joining forces to make your work phones safer. This month, they’re launching a groundbreaking solution to help protect anyone who uses a Samsung Galaxy device in the workplace.

How?

With something called on-device attestation. It lets companies see if mobile devices have been compromised, even at their deepest components. Think of it as a security guard for your phone.

Samsung brings its software and hardware innovations to the table, whilst Microsoft provides its endpoint management expertise.

And whilst other device attestation tools require a network connection and access to cloud services, this solution works reliably regardless of network connectivity or device ownership model.

This solution will be released alongside Microsoft Intune (previously known as Windows Intune), a unified endpoint management service for both corporate devices and BYOD (Bring Your Own Device). And it will be available to select Samsung Galaxy smartphones and tablets, especially those "Secured by Knox".

So, whether you're working from the office, a busy coffee shop, or a remote cabin in the woods, you can rest assured your device is safe.

In business, your phone is more than just a communication device. It's a vault of sensitive (and valuable) information. And with Microsoft and Samsung on the case, that vault just got a lot safer.

Can you believe it? After 30 years of faithful service, Microsoft is finally pulling the plug on WordPad. The app that debuted with Windows 95, and lets you open a .doc file if you don’t have Word installed, is being shown the door.

But why now and what does it mean for your business?

Microsoft recently announced plans to stop updating WordPad and eventually remove it from Windows altogether. It was a quiet reveal, and it's unclear when this will happen, but it's in the works.

Let's be honest though… how many times have you accidentally opened a document in WordPad when you were aiming for Notepad?

Notepad is what you use for plain text. WordPad is more like a word processor. Everyone gets them confused.

Could this common mix-up be the reason behind WordPad's impending demise? Or perhaps Microsoft is trying to nudge more people towards paying for Microsoft Word, a key part of its Microsoft 365 suite.

In an excerpt from Microsoft's recently updated Windows deprecated features list, they recommend using Microsoft Word for rich text documents and Windows Notepad for plain text documents. So, in other words, "WordPad who?"

But let's not get too sentimental here. As a lifelong Windows user, I can confess that I've mostly opened WordPad only by mistake. And if it does vanish, I won't be losing sleep. There are plenty of other word processors out there, and I'm quite fond of Word.

However, if you're a diehard WordPad fan, don't despair just yet. Microsoft is asking for feedback via the Windows Feedback Hub app. So, if there's an outpouring of support, who knows? Maybe Microsoft will reconsider and allow WordPad to stick around, even if it's just as an optional, rarely-updated app from the Microsoft Store.

If we can help you discover the best apps for your business, get in touch.

You’re no stranger to the endless threats lurking in your email inbox. But have you ever considered that an email that seems to be from Microsoft could end up being your worst nightmare?

Microsoft, the tech giant we all know and trust, has become the most imitated brand when it comes to phishing attacks. That’s where cybervcriminals send you an email which contains a malicious link or file. They’re trying to steal your data.

And whilst Microsoft isn't to blame for this, you and your employees need to be on high alert for anything that seems suspicious.

During the second quarter of 2023, Microsoft soared to the top of brands imitated by criminals, accounting for 29% of brand phishing attempts.

This places it well ahead of Google in second place (19.5%) and Apple in third place (5.2%). These three tech titans account for more than half of the observed brand imitator attacks.

But what does this mean for your business?

Despite a clear surge in fake emails targeting millions of Windows and Microsoft 365 customers worldwide, careful observation can help protect you from identity theft and fraud attacks.

Whilst the most imitated brands change from quarter to quarter, usually cyber criminals are less likely to change their tactics.

They use legitimate-looking logos, colours, and fonts. Phishing scams frequently use domains or URLs that are similar to the real deal. But a careful scan of these and the content of any messages will often expose typos and errors – the tell-tale signs of a phishing attack.

One of the latest attacks claims there has been unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from login credentials to payment details.

And whilst tech firms continue to be popular scam subjects, many cyber criminals have turned to financial services like online banking, gift cards, and online shopping orders. Wells Fargo and Amazon both rounded up the top five during Q2 2023, accounting for 4.2% and 4% of brand phishing attempts respectively.

What can you do to protect your business?

The answer is simpler than you might think. The best course of action when it comes to phishing is to slow down, observe, and analyse. Could you check for discrepancies in URLs, domains, and message text?

If we can help please do get in touch!

Have you heard about the latest productivity update from our friends at Google?

They've added a little feature to Google Calendar that could make your life much easier – especially if you’re a hybrid worker.

Remember in 2021 when they introduced the option to share your working location with your colleagues? They've taken it up a notch.

Now, you can set up multiple locations for any given day on your calendar. So whether you're splitting your time between the office and home or out and about as a mobile worker, Google’s got you covered.

Picture this: you're only in the office for half a day before heading to a client meeting. With this new feature, your colleagues will know exactly when and where to find you.

Google is all about helping us work smarter, not harder. They know that heaps of us are still working remotely, or juggling a mix of office and remote work. This update is specially designed for hybrid workers.

It's only available to those with a Workspace account, including:

• Google Workspace Business Standard/Plus
• Enterprise Standard/Plus
• Education Fundamentals/Standard/Plus
• The Teaching and Learning Upgrade
• Nonprofits

Unfortunately, personal accounts won't have access just yet.

The working location feature will be switched on by default. But if you prefer that your colleagues can’t find you (we’re not judging… we all get distracted at work) you can easily disable it.

If we can help you get the most out of everyday applications like calendars and email, get in touch.