Prevent Cryptojacking

Have You Been Cryptojacked?

Posted Posted in Security

Hidden in the thicket of JavaScript, a permission-less browser-based mining script may be  patiently waiting to exploit your CPU resources — and you wouldn’t even know it. It’s called cryptojacking and the threat is on the rise. Here’s what you need to know to help prevent it.

Creating a Layered Security Approach

Posted Posted in Security, Uncategorized

“Imagine a typical Seattle weather day (excluding July and August maybe). You’re heading out for a mixed day of fun and errands that may include visiting the local farmers market, taking the dog for a walk, making a trip to a taco truck, and maybe a hike around Discovery Park. You’ll do some walking, some driving and move between indoors and outdoors. How do you dress for this multi-faceted excursion? Layers. The answer is always layers.”

Think Before You Click: Employees Need to be at the Frontline in the Battle Against Phishing

Posted Posted in Security

At EXP, we strongly believe in the web of protection that must exist to properly guard institutions and their data from these threats. This web is comprised of several things. Many of these are technological tools that keep threats from ever entering your environment, let alone being executed within it. Unfortunately, all the gates, checkpoints and filters cannot prevent human error\action – frequently the last stop on the cyberthreat train. Humans must be informed users of technology for our web of protection to remain whole.

phishing

Stay Alert & Foil Phishing Attempts

Posted Posted in Security

We regularly see cases of successful phishing attacks. Most of them involve people being conned into sharing valuable personal information with unauthorized parties. This is usually done over email but sometimes involves a phone call.

A frequent scam goes like this. You receive an email from someone claiming to work at an organization you trust or regularly interact with such as your bank or a retailer you often shop with. They seem legitimate because they have likely gathered some accurate information about you from social media, your company website, press releases, or other public means. Since they get a few details right, you may be inclined to believe them. But you must dig deeper to determine if the request is legitimate.

You may be asked for personal information that could be used to access funds — credit card numbers, bank account information, passwords, etc. — or even asked to wire money. All this is done, of course, under false pretenses. And it could cost your business a heap of money and hassle.