Windows Hello gets a new look and improved security
Do you dream of never having to remember another password ever again?
That’s what Windows Hello, Microsoft’s biometric sign-in tool is all about. It helps you log in to your Windows 11 devices quickly and securely – with just a glance or a touch.
Now, Windows Hello is getting a makeover, bringing not only a new look but also enhanced security features that are perfect for busy business owners.
If you’re not familiar with Windows Hello, it lets you skip traditional passwords and sign in using:
- Facial recognition
- Your fingerprint
- Or a simple PIN
This means faster access, better security, and a lot less frustration.
Windows Hello is invaluable for businesses, allowing employees to securely access their apps and devices without the risks associated with weak or reused passwords.
The refresh will improve the design of Windows Hello, so it fits right in with the sleek, modern look of Windows 11. The whole experience will feel smoother and easier, whether you're logging in to your computer or accessing the Microsoft Store.
Microsoft have also made it easier to use passkeys – another secure, password-free login method. With Windows Hello’s new passkey experience, you can choose your preferred sign-in method and switch effortlessly between devices.
These updates are currently in testing, but we should see a rollout soon.
Want to give Windows Hello a go? We can help, get in touch.
Beware that "support call" – it could be a ransomware scam
If you get a call claiming to be from Microsoft Teams support, think twice before doing what they ask.
There’s a new trend for scammers to pose as “help desk” staff, with the aim of tricking employees into letting them take over their devices.
This is part of a larger ransomware attack, where you’ll be denied access to your business data unless you make a hefty payment to get it back.
Recently, a notorious cyber crime group has taken this scam to a new level.
First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.
They may ask your employee to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.
Be warned – they don’t only reach out over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.
They do this by choosing usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then they send one-to-one messages to employees, saying they need access to their device.
Ransomware attacks are serious business. Along with locking you out of your data, they can also shut down your operations, disrupt customer service, and potentially leak confidential information.
Recovering from a ransomware attack can be expensive, both in terms of paying the ransom and dealing with the aftermath. It can cause loss of revenue, damage your reputation, and it could even have legal consequences.
Make your team aware of this scam and encourage everyone to be cautious with any unsolicited support calls or Teams chats. And make sure everyone knows to check with your actual IT department first, if someone is asking to install software or gain access.
Also, if you use Microsoft Teams in your business, make sure it’s set up securely. Only allow external chats from trusted domains, and make sure chat logging is enabled.
If you want extra help safeguarding your setup, we can do that. Get in touch.
Security alert: Attacks on business email accounts are surging
Email has become an essential tool for any successful business, but as the saying goes, "with great power comes great responsibility".
As a business owner, it’s your responsibility to make sure your emails are secure. It’s one of the key ways to stop your business data falling into the wrong hands.
Business Email Compromise (or BEC) is a growing threat. And if you become a target, it could cost you – big time.
So, what exactly is a BEC attack?
In simple terms, it’s where scammers pose as people high up in the business, like CEOs, executives, and IT staff. The goal is to trick your employees into sharing sensitive information or sending money. Research shows that nearly 90% of BEC attacks are set up this way.
It’s easy to see how someone might quickly respond without a second thought, especially when they trust the sender.
BEC attacks have spiked dramatically this year, especially over the third quarter. Researchers have analyzed 1.8 billion emails worldwide, discovering a shocking 208 million malicious emails among them. And of these malicious emails, more than half (58%) were BEC attempts.
The figures make it clear: BEC scams are now the biggest email threat to businesses.
Another thing worth noting? Most BEC scams target employees lower in the business, who might be less likely to question authority or be less aware of cyber threats.
Although BEC attacks are common, it’s also important to remember that scammers still use other methods too. This includes commercial spam and phishing attacks, which are designed to trick people into sharing personal information, like login details.
In fact, the combined effect of these types of scams now overshadows traditional ransomware and malware attacks.
Luckily, it isn’t complicated or expensive to protect your business.
Simply make sure that all members of your team are trained to think twice about every email they receive.
If an email asks for sensitive information or a financial transaction – especially if it feels urgent – your employees should know to stop and check with someone before they action anything.
If you need help making sure your business is secure, get in touch.
Security alert: Does your business have old logins for ex-staff?
When someone leaves your business, you might be so wrapped up in the rush of everyday tasks, you forget to delete their login details.
It’s easy to overlook. You’ll get around to it later, right?
But unused login details could be a ticking time bomb for security breaches, leaving the doors wide open to cyber criminals. It can also be an unnecessary drain on your budget if you’re paying for old subscriptions you no longer need.
A recent report found that almost half of businesses had accounts that were no longer actively managed.
If you’ve forgotten about an account, you’re not monitoring it. And this leaves your business vulnerable to attacks.
These risks aren’t just hypothetical, either. Many cloud security breaches happen because unused login details and accounts have been compromised.
So, what do you need to do?
Take the time to audit all accounts and login details used by your business. Make sure you no longer have accounts open for ex-employees (and check that their access has been fully revoked, not just left inactive).
The same goes for any software or service that you’ve stopped using in your business. You might not realize you’re still paying for a service you haven’t touched in months – or even years.
Going forward, make sure you have a clear process for when people leave, and regularly review the applications and services your business uses.
If you’re not sure where to start, let us help you perform a security review and make sure you’re not leaving your business exposed to unnecessary threats. Get in touch.
New phishing scam is smarter than ever… here's how to protect your business
Microsoft is warning business owners about a new type of phishing scam (where cyber criminals pose as a trusted source to trick you into giving away login info), which uses popular cloud services like SharePoint and OneDrive.
Although these platforms are usually safe, scammers have figured out how to trick privacy settings to get past security checks.
The scammers hack your cloud storage by stealing your login details or buying them on the black market.
Once they get inside, they upload a file that is designed to look authentic – like a fake Microsoft 365 login page. They set the file to “view-only” or limit access to specific people, such as you and your team.
Opening these files or following any links inside the emails could cause serious damage to your business. Scammers can use your information to access your systems, or they can install malware (malicious software) that lets them cause disruption and steal information.
Recovering from these kinds of attacks can be expensive and time-consuming – not to mention the damage it could do to your business’s reputation.
Make sure your employees are aware of this new threat and know to be cautious when opening emails, even if they appear to come from a trusted service.
Before opening any shared files, double-check the sender’s identity. If something feels off, contact the sender directly to verify it.
Make sure you use multi-factor authentication (MFA) across all your team’s devices. This adds an extra layer of security by requiring a second piece of information (like a code sent to your phone) along with your password.
Also, keep your security software up to date so that it’s always ready to block the latest types of attack.
Would you like our help protecting your business with added security, training, and monitoring? Get in touch.
How future-ready is your business’s IT?
How do you feel about the technology you use in your business? A recent study found that 90% of business leaders felt confident that their IT systems today are “best in class”.
But how about tomorrow?
The same study showed that:
- Only 39% of business leaders felt confident that their current IT system was future-ready
- 64% worry that their technology might be getting outdated
- Around half the tech used by businesses was at its end-of-life.
When technology is no longer supported by the manufacturer or software creator, it’s like driving a car that hasn’t had a service in years. Sure, it might run fine for now – but sooner or later, it’s going to break down (and it’ll probably happen at the worst possible moment).
When it comes to business IT, cyber security is another big concern. The study found that 65% of business leaders worry about cyber attacks, and 56% admit that they find it a challenge protecting their business from these attacks.
Nobody can control whether their business comes under attack – but you can make sure your business is prepared. And the best way to do that is by keeping your IT systems up to date and investing in the right security tools.
So, how can you make sure your business’s IT is future-ready?
Take a good look at your current setup. Is your tech starting to slow down? Do you need to start replacing your hardware or software?
If your business tech does need updating, don’t wait until things have stopped working. Think ahead and start planning for upgrades now.
And while you’re at it, make sure your team is trained up on how to use the latest tools and systems.
If you need help building a technology strategy for your business’s next few years, that’s what we do – get in touch.
Beware this malware: It "annoys" you into handing over login details
How cautious are you and your team with online security? You know about phishing scams, dodgy downloads, and not clicking suspicious links, right?
But an even sneakier new malware (that’s malicious software) wants to frustrate you into giving up your Google login details.
The malware doesn’t have a catchy name yet, but it’s part of a larger threat known as “Amadey”, and it’s been on the rise since August.
It forces your PC into something called “kiosk mode” (a setting often used on public computers that only lets you access one window). This allows it to lock your browser in full screen mode, hiding all your usual navigation buttons like the address bar and menus. Then you get sent to a fake Google password reset page.
Normally, you’d just hit the Esc or F11 keys to get out of full screen mode, right? Well, not this time. It won’t work if the malware has infected your PC. It wants to confuse you into thinking you must enter your password to solve the problem.
The password reset page will look like a real Google page. But the second you type in your details, they’ll be stolen by a second piece of malware hiding in the background, falling right into the hands of cyber criminals.
Pretty scary stuff.
But here’s the good news: You can break free without giving up your details.
If your browser gets stuck in full screen mode, try hitting ALT+TAB to switch tasks, or ALT+F4 to force the window to close. Otherwise, try closing it through your task manager (CTRL+ALT+DELETE).
If all else fails, just restart your PC by holding down the power button or unplugging it, then get an expert (like us) to look at the malware.
Prevention is always the best approach, though. Be wary if your computer starts behaving strangely, especially if your browser suddenly goes into full screen mode and won’t let you navigate away.
Avoid clicking on suspicious links or downloading attachments you aren’t sure about. And as tempting as it might be to get past an annoying screen, never enter your password unless you’re 100% sure the website is legit.
If you’d like us to teach your team how to avoid the latest scams, we can help. Get in touch.
A third of all data loss is caused by problems with backups
Losing access to your business’s data – even temporarily – is a nightmare worthy of a horror movie.
Data backup tools create copies of your data and store them in a safe place. If something goes wrong, recovery tools will use these copies to restore your lost files.
So, if your business already uses backup and recovery tools, you’d think your data is safe… but this isn’t necessarily true.
A new report shows that some backup tools aren’t always as reliable as they should be. In fact, a third of all data losses are caused by backup-related issues. When people try to recover data, they discover it’s been lost or corrupted.
It’s not just corrupted backups that you should be aware of.
One of the biggest threats to businesses right now is ransomware. This is a type of malicious software (or "malware") that locks you out of your files unless you pay a ransom to regain access.
The report found that half of businesses using backup tools still ended up paying ransoms to retrieve their files, because it was faster than trying to use their own recovery tools. Even worse? Only a small number of businesses that paid ransoms were able to fully recover their data.
Backup tools are supposed to keep your data safe, so why are they unreliable for so many businesses?
Often, it’s because they haven’t been set up properly. And even when they are, they still need to be verified regularly to make sure they are still backing up your files.
Also, older backup and recovery tools can’t always keep up with today’s sophisticated cyber attacks.
Setting up and maintaining a reliable backup system can be complicated. IT experts (like us) can make sure your tools are running correctly every day.
We can also put in place extra safeguards such as continuous data protection (CDP). This constantly saves changes to your files, allowing you to go back in time and restore your data as it was just before an attack or loss.
This is something we do for businesses like yours every day. If you’d like us to help you too, get in touch.
Don’t Get Hooked: Understanding and Preventing Phishing Scams
Listen to our podcast below:
Picture this: your day begins with a warm mug of coffee, prepared to handle your duties. Out of the blue, an email pops up in your inbox. It appears to be from a reliable coworker. It seems authentic, but concealed within is a phishing snare laid by cyber felons.
This situation is becoming increasingly prevalent for enterprises, regardless of their size.
Phishing frauds are advancing and growing more intricate with each passing day. As a leader, it's vital to comprehend these hazards and dispel prevalent misconceptions to safeguard your business effectively.
The most common phishing misconception
Many people think phishing scams are easy to spot. They believe they can recognize them by poor grammar, suspicious links, or clear requests for personal information.
Contrary to popular belief, contemporary phishing attacks have evolved to be extremely complex, making them hard to identify. Cybercriminals are now leveraging sophisticated technologies like AI to craft emails, websites, and messages that convincingly imitate genuine communications from reliable sources.
Today’s phishing attempts often look real. They use logos, branding, and language that resemble those of trustworthy companies or people. This degree of deceit implies that even individuals with extensive training can succumb to skillfully camouflaged phishing attempts.
Various Phishing Scams Categories
Phishing scams exist in numerous forms, each exploiting distinct vulnerabilities. Familiarizing yourself with the most prevalent types can enhance your business's protection:
1. Email phishing: This is the most prevalent type, where cybercriminals dispatch emails that seem to originate from authentic sources, such as banks or renowned companies. These emails typically include links to counterfeit websites, which they utilize to pilfer sensitive data.
2. Spear phishing: This is a targeted attack on specific individuals or organizations. The attackers gather information about their victims. They use this data to create personalized and convincing messages. This makes their approach very dangerous, as it can bypass regular security measures.
3. Whaling: This is a type of spear phishing that targets high-ranking people like CEOs and executives. The objective is to deceive these individuals into disclosing confidential information or approving financial transactions.
4. Smishing: This is a type of social engineering attack that sends phishing messages through SMS or text. These messages often contain links to dangerous websites. They may also tell people to call a phone number. This encourages recipients to share personal information.
5. Vishing: This is when attackers make phone calls pretending to be real organizations, like banks or tech support. They ask for sensitive information over the phone.
6. Clone phishing: In this type of attack, attackers copy a real email you received before. They change the links or attachments to harmful ones, or use attachments containing harmful content. This strategy takes advantage of trust, making it difficult to distinguish between fraudulent emails and legitimate communication.
7. QR code phishing: Cybercriminals employ QR codes to lead victims to harmful websites. These codes are often found on flyers, posters, or email attachments. Upon scanning, the QR codes redirect you to a phishing website.
Shielding your business from phishing frauds
To protect your business from phishing frauds, adhere to these practical measures:
• Regularly educate employees to identify the most recent phishing attempts and carry out simulated drills.
• Deploy sophisticated email filtering solutions to identify and prevent phishing emails.
• Implement multi-factor authentication (MFA) on all accounts to provide an additional level of security.
• Regularly update software and systems with the most recent security patches.
• Employ firewalls, antivirus software, and intrusion detection systems to guard against unauthorized access.
Team up for triumph
It's evident that phishing scams are perpetually changing, and keeping up with these risks demands ongoing diligence and effort.
If you want to learn how to protect your business from phishing and online threats, contact us.
Our crew is ready to assist you in systematically enhancing your cybersecurity protocols. Collectively, we can establish a more secure digital landscape for your business.
Don't delay. Contact us immediately!
Unlock your potential with Copilot
Imagine having an assistant by your side that never gets tired, never misses a detail, and can help with everything from drafting emails to organizing meetings.
Sounds great, right?
Well, that’s what Microsoft Copilot is. It’s a smart, AI-driven tool built into the Microsoft apps you already use, like Word, Excel, and Teams. It’s designed to handle time-consuming tasks that slow your team down.
But how exactly does it work, and why should you care?
In simple terms, Copilot is AI embedded into the Microsoft Office suite. It’s always there to assist you, whether you're typing up a report, analyzing data in Excel, or even planning your next big meeting. And the best part is, you don’t need to be tech-savvy to use it. If you can use Word, you can use Copilot.
So, how can it make a difference in your business?
First off, one of the most exciting things about Copilot is that it’s seamlessly integrated into the software you already know. There’s no need for complicated installations or training sessions. And because it’s built into Microsoft 365, your team can jump right in with minimal disruption. It works across devices too, so whether you're in the office or travelling, Copilot is always there.
One area where Copilot really shines is how it simplifies your daily grind. Think about how much time gets wasted on things like sorting through emails or organizing meetings. We’ve all been there, spending way too long combing through endless email chains or trying to figure out who said what in a meeting.
Copilot tackles this for you. It can summarize long email threads and even suggest responses, so you can get back to what really matters. It’s like having someone do all the heavy lifting while you focus on the more important tasks.
Speaking of meetings, Copilot is a big help when it comes to collaboration. Let’s say you’re wrapping up a Teams call. Instead of manually taking notes or worrying about missing key action items, Copilot will summarize the entire meeting for you, highlighting decisions and tasks. It listens in, captures the key points, and even helps you plan the next steps.
But Copilot isn’t just about cutting down on admin work, it’s also a creativity booster. You know that moment where you stare at a blank document, unsure how to start? Whether it’s drafting a client proposal or putting together a presentation, sometimes the hardest part is getting the ball rolling.
That’s where Copilot comes in. Give it a few prompts, and it’ll generate a first draft or outline to get you started. You don’t have to be a creative genius to produce something great. Copilot takes care of that early-stage work, freeing you up to fine-tune and add your personal touch.
All this leads to a more productive, efficient, and creative workplace. That’s what makes Microsoft Copilot such a powerful tool. It not only takes care of the little things but also helps you unlock your team’s full potential.
Want to find out what Copilot could do for your business? We can help, get in touch today!
Call us at 408-559-2800, email us at info@trutechnical.com or visit us at www.trutechnical.com.
You’re ready for the upgrade… what’s holding you back?
With the end of support for Windows 10 just over a year away, many business owners are starting to wonder why they haven’t upgraded to Windows 11 yet. Are you one of them?
Research shows that most businesses could make the switch, but a surprising number are still holding back. This despite the upgrade being free and easy.
A recent survey of more than 750,000 Windows 10 systems found that 88% are on hardware that’s fully capable of moving to Windows 11.
Yet, 82% of businesses haven’t taken the plunge.
This is worrying, especially with the clock ticking down to the deadline in October 2025. After then, Windows 10 won’t get any more free updates, including all-important security patches. That could leave your business exposed to risks.
So, what’s the hold-up? For many, it’s the fear of disrupting business operations. Upgrading an entire business’s operating system might sound like a hassle, with concerns about downtime or technical headaches.
But the truth is, upgrading to Windows 11 can be a lot easier than you think, especially with expert assistance (contact us if we can help you with this).
And there’s more to it than just avoiding the risks of sticking with an outdated system. Windows 11 comes with so many benefits:
- Better security to keep your business safe from modern threats
- Improved performance to boost productivity
- And a sleek, intuitive interface that makes work easier for your team
Plus, if you are using newer hardware, Windows 11 will let you make the most of it.
The upgrade from Windows 10 to 11 is free if your devices meet the requirements.
With so many advantages and the deadline fast approaching, there’s no reason to wait.
We help make all upgrades as easy as possible. Let’s jump on a call and we’ll tell you about our extensive preparation, when we schedule upgrades, how we train your team – and answer all your questions.
Our goal is to get you up and running on Windows 11 without disrupting your daily operations. Let’s talk!
Call us at 408-559-2800, email us at info@trutechnical.com or visit us at www.trutechnical.com.
How to cheat (the Blue Screen of) Death
If you’ve ever had the misfortune of seeing the dreaded Blue Screen of Death (BSOD) on your computer, you know just how frustrating it can be. It’s that moment when your screen turns an ominous shade of blue, and you’re left wondering what went wrong and how much work you’ve just lost.
For businesses, these crashes are more than just annoying – they can be disruptive and cost money.
Recent research highlights just how common BSODs have become, with one in 200 devices crashing under normal use. And it gets worse. During the recent CrowdStrike outage, that number shot up to one in ten devices.
While the tech industry seems to be hit the hardest, with more than 15% of devices affected monthly, even sectors like healthcare and retail, which are less prone to these crashes, still get about 8-10% of devices displaying the dreaded blue screen.
So, what’s causing all these crashes? And more importantly, how can you reduce the risk of them happening in your business?
The good news is that about half of these incidents are avoidable.
The bad news is that many businesses simply don’t have the tools or strategies in place to prevent them.
One of the key takeaways from the study is that many BSODs are linked to a few common issues. Problematic hardware, poorly managed Windows updates, and misconfigured drivers for things like graphics cards, networks, and audio systems are among the top culprits.
When these aren’t working properly, it can lead to system instability, which often manifests as a BSOD.
For business owners, this means taking a proactive approach to IT management is crucial.
Instead of waiting for something to go wrong and then scrambling to fix it, businesses should focus on identifying potential problem areas before they lead to a crash. By monitoring the health of your devices and making sure that updates and drivers are properly managed, you can significantly reduce the likelihood of BSODs disrupting your operations.
The research suggests that with the right preventative measures, businesses could cut the number of BSOD incidents in half, reducing the occurrence to about one in 400 devices. This not only minimizes downtime but also frees up your IT team to focus on more strategic tasks rather than constantly putting out fires.
Unfortunately, many businesses lack the necessary tools to identify these risks early on. In fact, most companies don’t even know which of their devices are at risk right now, let alone which ones might crash in the future.
To move from a reactive approach to a proactive one, invest in tools that can provide insights into your IT systems. These tools allow you to make data-driven decisions, which can reduce costs, relieve employee stress, and ultimately increase productivity.
Better still, get experts to do it for you. Our approach is proactive IT management. This prevents problems before they can interrupt your work.
Let us keep your business crash-free. Get in touch today!
Call us at 408-559-2800, email us at info@trutechnical.com or visit us at www.trutechnical.com.