securewebsite

Exploit: Phishing attack
Ameritas: Insurance company operating as a subsidiary of Ameritas Mutual Holding Company

Risk to Small Business: Severe: Several employees fell for a phishing scam and provided their credentials to hackers who used that information to access customer data. The insurance company disabled the affected accounts and issued a company-wide, mandatory password reset. The company’s quick actions certainly prevented the data breach from becoming more expansive, but even temporary access can allow hackers to inflict significant damage on a company’s data security. Because Ameritas failed to adequately prepare their employees for a phishing scam, they will now incur the significant cost of hiring an external security firm to shore up their data integrity, even as they face the less quantifiable reputational cost that always accompanies a data breach.

Individual Risk: Severe: Hackers accessed customers’ personally identifiable information, including names, addresses, email addresses, social security numbers, and policy numbers. Ameritas is offering one year of free credit and identity monitoring services, and anyone impacted by this data breach should enroll in these programs. At the same time, they should diligently monitor their accounts for unusual or suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: The cost of a data breach is higher now than ever before, which makes a preventable data breach even more egregious. Consequently, awareness training should be a top priority for every company. The expense of credit and identity monitoring services, reputational damage, and IT upgrades far exceeds the awareness training that can prevent phishing scams from compromising customer data.

Read more

---

In Other News: Capital One Data Breach Impacts US and Canadian Customers 

An expansive data breach at the credit card juggernaut, Capital One Financial, has compromised the personal information for more than 100 million US and Canadian customers. 

The breach exposed the personal data for more than six-million Canadians, making it one of the most significant data breaches in the country’s history. Capital One, which provides Mastercard credit cards for retailers like Costco Wholesale and Hudson Bay Company, noted that the data is primarily restricted to consumers and small businesses who applied for a credit card between 2005 and 2019. 

The data includes names, addresses, postal codes, phone numbers, dates of birth, and incomes. For US customers, the stolen data also includes 80,000 linked bank account numbers and 140,000 social security numbers.

The incident is just the latest wide-spread data breach impacting small businesses and consumers, making their preemptive data protection a must-have element of personal or organization data security.

Read more

Last week, Capital One announced that they experienced a data breach in March which exposed the data of nearly 106 million bank customers or credit card applicants. Capital One has said they will notify the customers or applicants whose data was exposed. However, you must stay alert and be on the lookout for any phone calls, emails, or text messages from cyber criminals related to this data breach.

Watch out for the following things:

• Phishing emails that claim to be from your financial institution where you can “check if your data was compromised”
• Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information
• Calls from scammers that claim they are from your bank, a credit union, or a government institution
• Any unexpected communication requesting personal information, such as your Social Security Number
• Indications that your identity was stolen, such as fraudulent charges on your credit card or notifications that your credit score has lowered

Stay safe out there!

Stop, Look, and Think. Don’t be fooled.

Exploit: Ransomware

New Haven Public Schools: Public school district serving students in New Haven, Connecticut

Risk to Small Business: Severe: A network vulnerability allowed hackers to install ransomware on the district’s servers, prohibiting access to many of their critical digital assets. Fortunately, New Haven Public Schools maintained comprehensive backups, allowing them to restore functionality without paying the ransom. Many attacks in this realm are self-initiated, with an employee accidentally clicking into a phishing email that installs malware into a system. However, in this case, the district insists that technical vulnerabilities were the culprit.

Customers Impacted: Unknown

How it Could Affect Your Business: A holistic ransomware response plan is a mission-critical component of any organization. This plan, which must include everything from attaining the right insurance policy to determining a philosophical position on paying ransom demands, can mitigate the consequences of an attack. In this case, New Haven Public Schools had the backups in place to avoid paying a ransom and to quickly restore operations. Of course, securing IT infrastructure is a complicated process, and partnering with third-party experts can help spot vulnerabilities before the lead to a data breach.

Read more

---

In Other News: Ransomware Gets a New Lease on Life 

Ransomware attacks have made a precipitous return to public life, making them one of the most potent threats in today’s digital landscape. 

Once targeting individual computer systems, ransomware fell out of favor with cybercriminals as it failed to net significant returns. That changed when cybercriminals began targeting local governments and small and medium-sized businesses where they can earn thousands of dollars from the relatively inexpensive attack method. 

Many attribute this shift in approach to the WannaCry ransomware virus, which captured national headlines and set a new direction for future cybercriminals.

As municipalities and organizations grapple with the best response plan, it’s clear that bad actors will continue to wreak havoc with new iterations of ransomware. A strong defense is the most affordable and advantageous approach to these attacks and getting expert eyes on your cybersecurity landscape can ensure that your vulnerabilities are accounted for.

Read more

Be on the lookout for suspicious attachments! The bad guys are using a new type of attachment to trick you and it could reach your inbox. They’re sending phishing emails with SHTML file attachments (.SHTML extension). These types of files are typically used on web servers. If you “open” this attachment, you’re brought to a dangerous website that requests sensitive information. Always remember, never open attachments that you weren’t expecting. Even if the attachment appears to be from someone you know, pick up the phone to verify it’s legitimate.

Stop, Look, and Think. Don’t be fooled.

Most small and mid-range entrepreneurs try to do everything themselves. While it is of vital importance to have your finger on the pulse of your daily operations, some things, like business taxes, are often best left to the professionals. End your search now and trust our business management consultants. Get in touch with ORAM Corporate Advisors and give your small business a boost!

It can be difficult to manage a whole company on your own. Teams and departments help to break up the workload. This is where business management consultants work best.

Surveys show that most business owners are hesitant to outsource to experts outside of their company. The result is that they waste time on the daily grind and not on their company’s growth. If that’s you, maybe it’s time to ask if hiring a business management consultant is the right strategy.

Why should you hire a business management consultants? 

In the early days of business, budgets can be tight. ORAM Corporate Advisors understands the struggling of a budding entrepreneur. We don’t focus just on the big guys; we can also make an impact on small business consulting firms.

We know your business gets more demanding as it grows. It makes more sense to hire a business consultant to take over these stressful duties. Bookkeeping can be a hard job, especially when dealing with high-level transactions. By taking care of your bookkeeping needs, we will ensure you always stay one step ahead of the game. 

Get expert opinions

Consultants can do much more than just keeping a track on your tax changes or calculating your taxes. A good accountant will keep a record of your business, which includes submitting invoices, doing payroll, and paying bills. He/she can provide you with recommendations on how to reduce your taxes as well. 

Your business consultant will guide you through the process of obtaining office space. They will advise you on whether to buy or rent. They can also show you ways to cut down your business costs and help you flourish.

Our Accounting Software

Accounting software can reduce the need for bookkeeping and accounting loads. Accounting software is designed especially for small businesses. It can help you to record POS (Points of Sale), invoice on the spot, and record expenses. It makes it easy to calculate and keep track of taxes.

Other benefits you can have with accounting software:

• The ability to customize your invoices with your logo
• Payroll time and billing 
• Customer relationship management (CRM)

Information Technology (IT) Services 

Data innovation is a rapidly changing industry. It is difficult to imagine a business that does not use technology to function. Business is conducted over personal computers, cell phones, and tablets. 

It’s important to stay up-to-date with the latest equipment and programs. An IT expert can walk you through this process while protecting your valuable business data.

Finding a trustworthy IT administrator can be a challenge. You want to make certain their team has qualified specialists who can react to your IT needs in real time. You’ll be able to do your work without any stress.

Final Verdict

In the end, always make decisions wisely. If you have questions about our service offerings, comment below. We will reach out to you as soon as we can.

Be on the lookout for a new sophisticated phishing extortion scam. In this scam, the bad guys claim to be from your local state police and say they have some incriminating information about you. Since they are retiring, they generously offer to delete the evidence in exchange for 2000 bitcoin. It even includes a phone number which you can call if you have any questions.

Don’t let the bad guys scare you into action! If this email makes it through your inbox, do not click the link, do not reply or call the number in the email, and do not send them any money. Be sure to follow your organization’s procedures for reporting these types of criminal emails.

Stop, Look, and Think. Don’t be fooled.