About Us

IT Services

Understanding IT

News & Events



Contact Us

  • Register

Capstone Works Blog

Capstone Works, Inc. has been serving the Cedar Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tips to Avoid Getting Scammed at Home, School and Work

Tips to Avoid Getting Scammed at Home, School and Work

Let’s cut to the chase: scams are everywhere out there today, which makes it important that you are aware of how to avoid them. Let’s run through a few basic tips we always recommend.

Don’t Click on Links or Open Attachments You Didn’t Expect

If you receive a link or an attachment that you weren’t aware was coming—regardless of whether it comes in through an email, an instant message, or a text message—you should always reach out to the apparent sender through a different means of communication to verify that the link or attachment is legitimate. This is something you should do even if you expected this information, or at least proceed with great caution.

If your bank (or literally any other account or entity) sends you an emergency message about your account, don’t tap the link. Instead, log into your account like you normally would and look for the issue from there. It never hurts to change your password either.

Use Strong, Unique Passwords All the Time

According to NordPass, “123456” was the most-used password in Belgium. And in Chile. And in Estonia. And in Lithuania. And in the Philippines. And in Taiwan. And in the rest of the world.

I think you see the point I’m getting at…certain passwords are both horribly insecure in how often they are used, and relatedly, in how easy they are for a cybercriminal to therefore guess. That password, 123456, was found 103,170,552 times, and would presumably take less than a second to crack.

This is what makes it so important that you come up with sufficiently secure passwords—ideally, passphrases (random words chained together with some characters added in and switched, like c0un+rys!de+++func+!0n+++asser+!ve), to protect the various accounts you have.

Relatedly, Don’t Ever Use the Same Password on Two Accounts

Before you go and change every password you have to that new, clever, secure password you just came up with. It is also important to consider what would happen if one of your accounts was involved in a data leak. If you used the same username and password for all of your accounts, that means that all of your accounts are now undermined.

One way to fix this is to use a different password (or passphrase) for each account you have—and before you even have a chance to argue that it’s way too much to remember, that’s what a dedicated password manager is for, as a piece of software that securely stores your passwords and provides them as you need them.

Always Use Two-Factor or Multifactor Authentication

Unfortunately, passwords aren’t as effective as we might hope they are, which makes it prudent to rely more on the alternative identity authentication in addition to the password alone. Two-factor or multi-factor authentication (2FA or MFA) are effective means of this, as it requires another proof—like a biometric signature or randomly-generated, time-sensitive code—before access is granted to an account.

Learn to Spot a Phishing Attack

Phishing attacks are meant to fool you. Fortunately, there are many warning signs that you can look out for to counteract their attempts.

  • Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from PayPal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com. If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. a. paypal.com - Safe
    2. b. paypal.com/activatecard - Safe
    3. c. business.paypal.com - Safe
    4. d. business.paypal.com/retail - Safe
    5. e. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after PayPal’s domain name)
    6. f. paypal.com.activatecard.net/secure - Suspicious!
    7. g. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!

Remember, these tricks are designed to be subtle and easy to miss! Pay close attention to what you are clicking on!

  • Check the email in the header. An email from PayPal wouldn’t come in as [email protected]. Do a quick Google search for the email address to see if it is legitimate.
  • Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious. If the email shows up out of the blue with an attachment, even if it is from a sender you trust, it doesn’t hurt to ask them if it is legitimate.
  • Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious. 
  • Spread phishing awareness! There is no shame in being overly cautious! If you show those that you work with that you are mindful of these threats, they may adopt similar practices. In the long run, it makes email much safer for everybody!

Businesses Need to Restrict Access

Let me ask you something—would you allow everyone in your business to have free access to all of your business’ documents, including the financial records and HR files? No? Then why would you keep your network and all the data on it open for all of the business to see?

It’s really the same thing. Plus, reducing the number of people who have access to different directories reduces the number of people who might be scammed into giving it up.

Keep PCs, Laptops, Servers, and Networked Devices Updated

Software updates are largely intended to fill security gaps and holes previously left in the programming. Thereby, with fewer devices left unattended to or updates neglected on your network to serve as security holes, your network and everything on it is left more secure.

This includes running Windows updates, sever updates, keeping the software and firmware on your network devices up to date, and any other applications you have installed should be checked and updated regularly.

Businesses Should Have Their Network Audited Regularly

We can help businesses do just that. Reach out to us for a network audit and consultation, along with assistance in ensuring your operations are secure. Give us a call at (512) 343-8891 to learn more.

Now’s the Time for Austin Businesses to Start Thin...
We Chucked the Auto Attendant a Long Time Ago, and...
Comment for this post has been locked by admin.


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, May 27, 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Recovery Shadow Server Workplace Tips Tech Support hackers Saving money Data Cloud computing IT support Internet Small Business Microsoft Teams Business Cybersecurity IoT Compliance employees Communication Saving Money Business Continuity Microsoft Office 365 Backup Current Events spam File Folder Privacy smart devices Business continuity January 28 New Year Quick Tips HIPAA Disaster Recovery sports teams password protection Managed Services Servers Malware Marketing Two-Factor Authentication Microsoft Office Computer Health Remote Work Microsoft Security Vendor Email business continuity Passwords surge protection 365 features Delightful Common password content AutoCAD UPS Remote Password accounts need User Tips Users Innovation managed IT business VoIP comprehensive IT BDR high-threat environment Remote Workers devices 2FA Productivity application employees download Engineering IT Support Managed IT Best Practices Hosted Solutions Architect IT EMR cybersecurity tools cybersecurity Gadgets web application Tip of the Week Mobile Office Software COVID-19 Break/fit AI Efficiency right time Apple Hardware Clutch Technology Managed Service cloud Network Co-managed IT Outsourced IT Cloud Computing Cloud Communications Cloud services AWS media accounts Broadband Social Media Data Privacy Day Cyberattack Network Security IT Services Disaster Planning Content Filtering Passwords today Data Recovery SCAMS best practices Workplace Strategies Ransomware business owners Workplace Strategy phishing

Latest News & Events

Capstone Works is proud to announce the launch of our new website at https://www.capstoneworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Capstone Works can do for your business.

Call Us Today
Call us today
(512) 882-2242

715 Discovery Blvd
Suite 511

Cedar Park, Texas 78613