Since the start of COVID19, we have worked tirelessly to help you reduce costs and add services that will assist you in the new challenges facing businesses during lockdown. I am happy to introduce a new video conferencing service included with our maintenance plans. The service will be free of charge for moderate use. We ask that you only utilize the resources that you need and keep it strictly for business use. We have imposed generous limitations, they are:
If you wish to exceed these limitation or have your own custom branded meeting rooms, please contact me for information about installing an on-site version.
To start, visit https://www.falconitservices.com/support/default.aspx and click on the virtual meeting icon. Sign up with a user name and password and I will notify you once your account has been approved. From there, you can start presenting your own virtual conferences.
The Big Blue Button is an advanced platform for video conferencing and presentations. It can be used to conduct video conferences, sales presentations, distance classroom or virtual trainings.
Please following these simple rules of conduct when using our service:
Click here for instructions on how to set up meeting rooms and manage the meetings as a presenter.
Interested in being a beta tester for Elon Musk's Starlink satellite based Internet? Starlink is promising 1 Gbps speed with 30 ms latency... not bad! Sign up here.
PC's, phones and other electronics, while having a positive influence on our lives and bettering our humanity, have a flipside. The flipside is toxicity and although apparent in many places, it's impossible to ignore in rare earth mining cities such as Baotou, Mongolia.
It was only a matter of time, but this year a deep fake was used to steal $ 243,000.00 by duplicating the voice of a CEO using deep fake technology. At this time, live deep fake conversations are relatively difficult to accomplish and require sophisticated AI technology. Recorded conversations on the other hand, are much easier to pull of and can be done with modest technology.
For this reason, please make sure that you NEVER transfer money or change wire transfer instructions based on an E-Mail thread (even if the thread is familiar or has previous thread conversation embedded in the email) or voice mail messages (even if you recognize the person's voice).
To avoid wire fraud, please continue to use the same best practice outlined in our Web site's policies and procedures section under the support section. If you receive an email or voice mail asking to wire money or asking to change wire instructions:
If you are in an industry that has been affected by COVID19, please make sure that any furloughed employees are reported to us and that their PC's are NOT turned on for any reason. Each month you will receive a credit for PC's that have been off-line for 30 or more days.
Since the start of COVID19, hacking activities have increased by 15%. Hackers are exploiting COVID19 fears as well as vulnerable work at home employees who are now operating in a newer, less familiar environment.
Please read the attached document and stay extra vigilant!
Supercon comes to Miami Jualy 3-5, 2020! We are purchasing a limited number of tickets/badges for ourselves and up to 10 of our clients. If you are interested in joining our group, please e-mail me (miguel -@- falconitservices.com) so that I can reserve a badge for you. For more information visit https://www.floridasupercon.com/
I have a coupon for 35% off Foxit Phantom PDF Pro. Regular price is $ 129.00, minus the 35% discount, each license is $ 84.00. The promo is valid until October 31st. Visit www.foxitsoftware.com and use coupon code SNP873-AD2WXZUT57NWN26S6
Coupon works for Foxit Studio Photo, PhantomPDF Mac, PhantomPDF Standard, and PhantomPDF Business*.
This sale ends on 10/31/19, act now!
Here is your coupon code: SNP873-AD2WXZUT57NWN26S6
To use the code, please go to Foxit's online store:
Then please enter the coupon code into the field marked "Promotional Code" and click "Apply Code".
PhantomPDF lets you:
* Edit words, content, pages and images for any PDF file * Convert PDF files to high quality Word, PowerPoint or Excel files to repurpose the content * Create, fill out, save, sign and send dynamic PDF forms * Publish content to PDF and then share with team members or partners to get work done faster
The FBI recently reported that Ransomware attacks that propagate indiscriminately have 'sharply declined', however losses from Ransomware have increased.
The cause of this is that threat actors have stopped sending out mass mailings with attached ransomware. They have instead turned to targeted attacks. The main areas of interest for ransomware attackers has recently been: health care, industrial, transportation and government.
Attackers have been very successful sending out mass mail campaigns and monetizing malware by encrypting documents and photographs on personal computers. They are now targeting large businesses where payouts can reach millions of dollars instead of the hundreds of dollars that home users are willing to pay for their photos.
Targeted attacks are very dangerous because attackers perform reconnaissance on their targets. Emails are often signed by people that the recipient knows and have a look and feel of authenticity.
The more information you post on your Web site and on social media, the more information that is available for reconnaissance. For example: if your corporate Web site displays the names and email address of your executive staff, this is valuable information that an attacker can use.
Please be extremely suspicious and vigilant, even if an email has a sense of familiarity. When you receive an unexpected or out of context email, call the sender to verify its authenticity. As always, schedule our free, yearly on-site cybersecurity training which is available to your entire staff.
FBI Cybersecurity Report:
Falcon IT On-Line CyberSecurity Training Video:
As Dorian appears to be coming ashore with Category 3-4 winds, we ask that you take proper precaution to protect your computer infrastructure:
When electricity is restored after the storm, don't turn your power back on right away. Wait until the electricity in your area is stable. If you have lived through a hurricane before, you know that electricity can turn on and off again multiple times while FPL is restoring power. This fluctuation can damage equipment due to surges and spikes.
For more information about weather preparedness, visit our video tutorial:
Unfortunately, some of our clients who have recently moved to Office365 have been targeted by scammers posing as Microsoft. Once you move your email to O365, it's relatively easy for scammers to know it by viewing your domain's DNS records or by analyzing your email headers, both of which will show outlook.com as a routing gateway.
Scammers will try to use this information in order to get access to your O365 account by attempting to impersonate Microsoft. If they can control your O365 email, they will use it as a launching platform for getting to your financial and other accounts via email-based password resets.
Microsoft will not call you to solicit passwords or any account details about Office 365. Please do not under any circumstances divulge information by phone or email. If you receive a call from anyone claiming to be calling from Microsoft, simply state that O365 is managed by a third party and refer them to us.
We have upgraded our spark server to the latest version which has some added features and increased security. The new SPARK server has changed to chat.falconitservices.com.
Good afternoon and Happy New Year! We have remotely patched an Adobe PDF Reader software on your PC after a reported vulnerability that allows an attacker to gain access when a user opens a malicious PDF file. We do not block PDF files sent by email since PDF has generally been considered safe. For this reason, it's important to make sure that this patch was successfully installed.
To make sure that the patch was successfully applied to your computer, please open Adobe Reader, accept the license agreement, then select 'check for updates' from the help menu. Adobe update should indicate that there are no new updates available.
If you are not fully updated, please call the helpdesk to have a manual update installed before opening any PDF files sent to you via Email or from a Web site.
I also recommend that you check your personal/home computer to see if you have Adobe Reader installed. If so, visit the Adobe Web site and download the latest version in order to patch this vulnerability.
This is a serious flaw that has just been discovered and pretty soon you will start to see spammers/hackers trying to take advantage of this flaw. Let's make sure that we are fully patched before this happens.
A description of the vulnerability is linked below:
-Miguel Fra / Falcon IT Services
SonicWall recently released a mid-year update to their 2018 Cyber Threat Report.
In it, they cover increases in malware attacks, encrypted attacks, and cryptojacking attacks. But one of the most prominent attacks remains a constant threat – ransomware.It feels like ransomware is old news - with so many stories in the news, and vendors claiming to have a handle on it, it's natural to feel like it's no longer a really-real threat. But the truth is ransomware is alive and kicking.The SonicWall report brings to light the reality of just how serious you need to take the threat of ransomware:
The new criminal king of the hill GandCrab Ransomware is now rapidly adapting in real-time to security solutions offered by security vendors. GandCrab is a strain which targets mainly English-speaking countries. GandCrab is distributed via the RIG and GrandSoft exploit kits, as well as phishing attacks. The malware is operated in an affiliates program, with those joining the program paying 30%-40% of the ransom revenues to the GandCrab author. In return, affiliates get a full-featured web panel and technical support. This news highlights the importance of ensuring your users are as vigilant as ever. Maintaining a constantly elevated culture of security is necessary to reduce the attack surface within your organization. This is accomplished through frequent and effective new-school security awareness training used to both educate the user on methods and techniques used by bad guys, but also about security-minded browsing and email habits.
Please contact to schedule an on-site cybersecurity awareness training if you have not done so this year. As always, we recommend that our clients take our on site course every year and require new hires to take the on-line version on YouTube.
This article details one of the reasons you should not grant WiFi access to employee cell phones and tablets. Best practice calls for installing a physically segmented WiFi guest zone.
NIST has developed new guidelines for passwords. I would highly recommend adhering to the new standards, given that NIST is the standard used by many federal agencies and large corporations.
In short, the new guidelines calls for 'password phrases' of 16 characters and the removal of complexity (no more complex alpha-numeric characters or hard to memorize passwords). NIST is recommending that password be changed ONLY if the user forgets it or if there is suspicion of password theft.
Studies showed that requiring users to change passwords often, and requiring complex passwords, incentivized users to write passwords down on paper, kept in proximity of their computers, and/or storing them electronically. Ironically, these policies effectively reduced security. By creating longer passwords that are easy to remember, and not requiring them to change often, security is increased.
Unabridged version: https://pages.nist.gov/800-63-3/sp800-63b.html
Please be aware of a new fake email campaign that has recently emerged, It is very crafty.
In this campaign, the sender inserts a footer with a recent date and time, and the recipient's email address, to make it look like the SPAM email is a reply to a previously sent email.
This exploits familiarity; the user, upon seeing her email address in a previous reply, may be tempted towards further examination.
In the example shown (right), although the highlighted text is completely fake, it gives the illusion that the email is in response to a back-and-forth.
If the recipient clicks on the link to the Invoice portal, she is presented with a Word document that contains a cryptographic virus that installs using Word macros.
Special thanks to David Hummer (TGS) for reporting this fraud to the helpdesk and for being extra cautious!
If you are suspicious about the validity of any email, please forward it to email@example.com
We are currently scheduling the removal of all backup media for safe removal and off site storage. Please keep in mind that any work done today and tomorrow is not included in the off line backup, so make sure that you have a paper trail for entries made into your accounting systems for today and tomorrow.
We will be remotely shutting down all servers and IT systems Friday night or Saturday morning. If you plan on switching off the elctricity before then, please coordinate with us by contacting Arlen at Ext 820.
If you have an urgent matter and cannot access our helpdesk after the hurricane, please contact your company's POC (point of contact) and have them contact us. If you are not sure who the POC is, please ask before you leave.
The POC has alternate emergency contact information to get in touch with us. Please do not ask the POC for the emergency number or call it directly, we manage close to 400 users and need to keep the emergency contact number from being overwhelmed by calls.
Thank you for your patience and understanding and we hope you and your family all remain safe during this difficult period.
Miguel Fra Falcon IT Services
Please be aware that the Petya and NotPetya ransomware that began spreading in Ukraine two days ago have reached the U.S.
The NotPetya ransomware has had its payment servers disrupted so you cannot pay to recover your data.
Be EXTRA CAREFUL this week and observe the following best practice:
* Do not move and open any attachments from your Outlook folder 'infected items', ESET is placing them there because they contain malicious attachments.
* Email the helpdesk (firstname.lastname@example.org) to have your junk mail unjunked. Our helpdesk staff are trained to analize suspicious attachments before unjunking them.
* Do not bring thumb drives, CD/DVD's, USB drives or any other media from your home and connect them to company computers. If you need to transfer data, use SeaFile.
* Do not open files directly from cloud based storage servers such as OneDrive and Dropbox. Save the files to your desktop, right click on them and select 'scan with ESET' before opening them.
* Do not bring personal computers or devices connect them to the wired or WiFi LAN. Personal devices should only connect to the guest WiFi.
* Be extra cautious when surfing Web sites and be on the lookout for popups that ask you to download or install any software, applets or controls.
This week I have been inundated with calls and emails related to the crypto-virus du jour. I would like to say that last week and this week are no different than any other week. The only difference, and the reason this crypto virus has made the news rounds, is because the exploit it used was stolen from the NSA and it infected hundreds of computers at the NHS.
This does not mean that it's not a year-round danger. A crypto virus can bring your business to a halt. It means that these problems make the news only when a big name gets hacked. Even when not making the news, crypto viruses are still looking for victims. Crypto viruses are one of the most dangerous liabilities affecting businesses. Every week, dozens of new exploits are discovered, and thousands of computers fall victim to some form of ransom ware.
Here are some of the thing you can and should do YEAR-ROUND to avoid the crypto virus:
If you have not enforced any of these policies on your network, you have a higher risk of being infected and/or affected by crypto virus attacks. Remember: security and convenience are inversely related. If you already adhere to these policies, the only thing missing is to make sure that your employees receive yearly training from us. Awareness is one of the less expensive and more effective security tools out there!
This is just a reminder that consumer grade electronics such as WiFi access points, DVR's, security cameras and other network connected devices, do not have the same level of security and reliability that are found in business class products.
As youy can see in the article listed here, some consumer devices barely have security at all. An insecure, connected device is an Achille's heel to any network.
For this reason, we ask that you refrain from connecting devices to your company network without consulting with our staff first.
Information about Falcon IT Services YE 2016 technology and what's in store for 2017.
FITS Stakeholder Letter 2016.pdf
You may already be aware that after the Tuesday 2:00pm hurricane update, South Florida has been placed under hurricane watch. There is a 50% probability that South Florida will experience hurricane force winds.
The hurricane may arrive Thursday which mean that tomorrow may be the last day of work. If your business is closing Thursday due to the hurricane, please prepare your equipment by following these instructions:
* Place your PC and monitor underneath your desk and elevated at least 1 foot off the floor (in case of flooding). The top of the desk will protect it from water and falling drop ceiling pieces that may be caused by roof leaks.
* Cover your PC and monitor with a plastic garbage bag if you cannot place it underneath your desk. This will protect it from water that may leak from the roof.
* UNPLUG your PC from the power outlet, especially if you cover it with a plastic bag. If the power comes on and the computer turns on, it could overheat and cause a fire. Make sure to UNPLUG it from the power outlet. This will also protect it from power fluctuations that occur during inclement weather.
* Unplug the Ethernet cord from the back of your pc and/or phone or from the wall outlet. Electrostatic discharge from close lightning strikes can traverse Ethernet cables and damage your computer.
* Heavy rains may cause roof leaks. If you want to protect your server and/or equipment rack, contact us tomorrow so that we can power down the equipment and then place a plastic tarp over the equipment rack. Be sure to unplug all devices from the power outlet so that the equipment does not power back on and risk overheating and/or fire.
* Please make sure you unplug all your electronic equipment, printers, copiers, etc. heavy rains can cause flooding and/or roof leaks which can be fire hazards if the equipment is plugged in.
Please visit the site linked below and enter your email address to find out if your account on any of the following services have been divulged: Adobe Cloud, Linked In, Tumblr and several others.
If you find that you are listed, please log in and change your password right away. If you used the same password for other accounts (which is not a good idea), make sure to change the passwords for those accounts as well.
As you may have already read, TeamViewer has come under scrutiny after multiple posts are claiming that users of the remote control service have seen their computers taken over by unknown assailants attempting to access their personal and business bank accounts. If you have Team Viewer installed on your home computer (many people do this so that they can access their home computers when they are away) please uninstall it immediately and wait for further clarification.
Our work from home policies are set up so that remote access to your work computers are managed through VPN, RDP or both, oftentimes using dual authentication mechanisms . This means that you should NOT have Team Viewer or any other remote control software installed on your work computer, so there is no need to worry.
The attached brochure shows some of the things can happen if a malicious program is installed on your computer. To help prevent such incidents both at home and in the workplace, educate yourself about computer security. Awareness is one of the most useful tools against malware.
It's unfortunate that I have two pieces of bad news in two days
concerning computer security but it's a sign of the times. Two major
flaws have been discovered in Apple's Quicktime, however since Apple is
going to discontinue Quicktime for the Windows platform it has no plans
to patch the security flaw.
For this reason, I am asking our helpdesk staff to uninstall
Quicktime if they find it on a windows PC while performing work. In
addition, I am going to send a SPARK message to all users asking them to
contact the helpdesk if they have iTunes or Quicktime installed on
Although seldomly used, Quicktime installs itself by default on
Windows PC's when the user installs iTunes. The two programs can be
disassociated, so it's possible to uninstall Quicktime without
uninstalling iTunes and affecting the iPhone Synch or the iTunes music
See related, non technical article on the matter:
Hello early birds and late night owls. Next week we will begin working an hour earlier and by June 30th we will begin closing an hour later!
Starting 4-11-16, our helpdesk hours will be from 8:00am to 6:00pm EST.
Starting June 30th, our helpdesk hours will be from 8:00am to 7:00pm EST.
Thank you all for your feedback to last week's survey. As you can see, your input helps us create directives based on your needs.