PHISHING ALERT: FAKE LOGMEIN EMAILS PLAY OFF WANNACRY SCARE

On the heels of the publicity around the WannaCry ransomware scare, we’ve received reports about suspicious emails that are designed to look like they are coming from LogMeIn. These e-mails have all the hallmarks of a phishing attempt.  The reported emails have the same headline and text. In each case, these communications are meant to look like an alert of a computer infected with the now notorious “WannaCry” ransomware with an email subject line similar to the following: “Your computer is infected with WannaCry Ransomware.”  We want to make it clear that these communications did NOT come from LogMeIn and we urge recipients not to click on any such links if you receive a similar email.

As part of our commitment to security, we want to make sure our users and the public are aware of this specific email, as well as provide an easy way for people to identify the telltale signs of phishing attacks.

For more details, please see the full blog post at our corporate blog here. 

 

         

LogMeIn and WannaCry

LogMeIn has been monitoring the evolving WannaCry situation and taking proactive measures to mitigate the risk associated with this global event. To that end we have:

1) Made a concerted effort to patch all of our machines with the latest available security fixes;
2) Configured our internal computer security, security information, and event management (SIEM) tools to monitor for recognizable or known signatures of any WannaCry activity;
3) Alerted our end users within the organization to be ever vigilant; and
4) Been in communication with the vendors of our perimeter and end point protection security systems.

In addition, the LogMeIn corporate network is segregated from the production systems network, providing a further layer of protection and defense. As a result, at this time, we believe that our exposure to the WannaCry ransomeware is minimal and controlled.

         

Make Your Business More Cyber Aware

Closeup of business people working

We talk a lot about security here at LogMeIn, especially with our recent partnership with Kaspersky Lab, and given that October is National Cyber Security Awareness Month (NSCAM), it’s an ideal time to refresh some of your company’s security practices.

As a small business or an IT lead for a larger company, you’re maintaining a large amount of technology, devices, users, and much more. But there are a few areas where you can make quick improvements to better secure your company’s important information. Check out this list of items you can address fairly quickly and make quick improvements to your security:

Networks

From WiFi to VPN, make sure your company networks have strong, secure and protected passwords. Enable strong encryption (WPA2 and AES) and require authentication as needed. For the WiFi, set up multiple networks for each use case – one for employees, guests, IT, development, etc – to help eliminate disruption and security breaches impacting the entire company. Also consider the physical security of your network equipment – is it stored in the open where anyone can access, or is it stored away hidden from potential theft?

Mobile Devices

It’s likely that many of your employees are using more than just their desktop or laptop to access company systems and information. Make sure those devices are secure as possible, including requiring a passcode that enables you to wipe the device in case it is lost. On top of the passcode, use finger swipe authentication for additional security.

POS Devices

Many LogMeIn users are managing not just computers, but also POS devices. Those machines should be just as secure as others with strong, secure passwords that are changed frequently, if not automatically, and enabled with both user and admin access. You’ll also want to set up anti-virus protection on these machines; it’s likely they don’t receive as frequent maintenance as a laptop or desktop computer so anti-virus monitoring is critical to ensuring the machine is free from malware and threats.

File Storage

Whenever you’re using a cloud-based file storage and sharing solution, you can enable authentication for those user accounts as well. And if possible, set up application-level encryption to protect that data. You can also choose to restrict the locations and devices where data and files stored in the company account can be stored so you always know where that data is going.

Passwords

Our friends at LastPass have done a great job at highlighting the importance of good password practices, not just at home, but at work as well. The three key tenants that your company should adopt is secure, unique passwords for each account, use of two-factor authentication, and use of a password. Start with employee education on secure password practices and take steps within your team to roll out 2FA. While these are just a start, these steps will greatly improve your company’s security.

         

Phishing Alert: Fake Emails Mimic LogMeIn Activation Emails

In light of recent news around the Yahoo breach, we are getting reports from both the general public and LogMeIn customers about suspicious emails that are designed to look like they are coming from LogMeIn — they have all the hallmarks of phishing attempts.

All of the reports are meant to look like a LogMeIn activation email. The email subject line is: Activate your account” or “Verify your new LogMeIn ID.”

We want to make it clear that these did NOT come from LogMeIn and people should NOT click on the links in these emails.   While we are working with our partners to remove these malicious websites, as part of our commitment to security, we want to make sure our users and the public are aware of this specific email, and we wanted to share what we’ve learned, as well as provide an easy way for people to identify the tell-tale signs of phishing attacks.

View the entire post on our corporate blog at blog.logmeininc.com.

         

The Surprising State of IT Security: 4 Key Trends Revealed

Whether it’s malware or hackers or viruses, they pose significant threats to businesses and companies around the world, and rightfully so. These continue to evolve – and get smarter – making risk management a consuming task for IT teams and MSPs. There were over 400 million known malware instances in 2015 and that number is on the rise in 2016. What’s even scarier is how commonplace breaches and attacks are – almost 60% of IT teams have experienced a breach or attack at some point.

But rather than becoming more skilled at handling these threats, IT teams are more challenged by them now than ever before. And there are plenty of reasons for that. With the proliferation of devices such as laptops, smartphones, tablets, and the rise of account-based information that lives in the cloud, employees and companies are more at risk than ever, and IT teams are scrambling to keep up with rapidly-changing tech behaviors.

In our latest research study, we heard from 500 IT professionals on everything related to anti-virus and security management – their current processes, challenges, and overall take on the overwhelming task of protecting their computers and customers from threats. Check out the infographic below to learn the 4 trends we uncovered in the current state of IT security.

LogMeIn_State_of_IT_Final_standard_res

         

PASSWORD REUSE ISSUE AFFECTING SOME LOGMEIN USERS

This excerpt is from a post that originally appeared on our official corporate blog: 

“…Today we began proactively resetting some LogMeIn users’ passwords. So we wanted to let both these users and the rest of our customer base understand why. The short version is these users’ credentials were on a list making the rounds on the web — credentials taken from high profile breaches at companies like LinkedIn, Tumblr and MySpace. Here’s a bit more.

What happened?

As you may have seen in the news, lists of hundreds of millions of user credentials taken from past breaches (mostly at social networks) are now being used for a variety of recent nefarious activity on high profile sites like Netflix and Facebook.

LogMeIn actively looks for situations where the accounts of our users could be at risk—even if the threat is external to our service. In this particular case, we identified users who may be at risk because of password reuse. Out of an abundance of caution, we proactively reset those users’ LogMeIn passwords…”

View the entire post on our corporate blog at blog.logmeininc.com.

 

 

         

Why CAPTCHA (and how do you turn it off)?

Your security is our first and foremost interest. Your experience is an incredibly close second. So we want to protect you in the most friction-less way possible. To that end, we’ve just started using a CAPTCHA check when you login to join.me, LogMeIn Pro, LogMeIn Central and/or Cubby. But we understand it does add an extra step that some users may not want. So here’s a quick take on why CAPTCHA is a good thing when it comes to protecting your account…and how you can turn it off if desired.

Why CAPTCHA:

Simply put, CAPTCHA stops most brute force attacks. That is, it stops bad guys who are trying to run hundreds, thousands or millions of login attempts against popular online services to gain access to individual user accounts. You’ve likely heard the recent stories, but if you haven’t, millions of social media accounts are reportedly on sale. Worse is there is lots of evidence that hackers are counting on users’ reusing these across other services.  CAPTCHA largely protects against such attempts.

How to turn it off:

CAPTCHA should help as an extra layer of protection against password reuse, in that it protects against automated, big scale attacks that rely on such reuse. Even better is changing your password. So if you want to shut off CAPTCHA, all we ask is that you reset your join.me, LogMeIn or Cubby password. Here’s how you can do that.

         

What kind of Password Protector are you? Take the quiz to find out!

MeldiumGrader-Google-497x373-alt

It’s no secret that people’s password habits are concerning. We recently published research results that found more than half of people store their passwords in a spreadsheet and over 25% still write passwords down on paper or sticky notes! Considering these passwords contain valuable personal information like bank statements, credit card information, financial info, and much more, it’s alarming that individuals are so haphazard with their passwords.

To help you get a pulse on your own password habits, we’ve created a new password quiz to see if you’re doing a good job protecting your data, or if you need to spruce up your habits. So far, we’re impressed with the results. Just over half of people earned the most secure status from the quiz, “Password Secret Service,” which means they’re generating diverse, unique passwords, storing them securely, and more. For the other 50% that could do some housekeeping on their password habits, here are 3 easy tips to help you protect valuable personal information and be a better password protector:

  • Don’t use the same password for too long: Many websites don’t have strict password requirements, meaning you could easily create an account, which includes your credit card info, with some of the weakest, worst passwords. Stronger passwords can be achieved simply by adding numbers, letters, and symbols. Make these changes and create unique passwords across every account, app, and device. This is the only way to keep your data secure.
  • Stop relying on memory: The root of the issue is often the number of accounts and passwords people are being asked to create, and then manage in order to carry out simple day-to-day activities. The easiest way to keep track of all of these unique accounts (and strong passwords) is to use a password manager. This will ease the burden of password management and encourage strong passwords that don’t have to be committed to memory.
  • Share accounts, not passwords: There are certainly circumstances where individuals need to be able to share passwords with one another. Passwords are often shared through insecure channels such as email and instant messaging. Password managers, like Meldium, are designed for business and team use – encourage proper password hygiene and allow access to the specific account or application without bothering with passwords. These tools add convenience and an extra layer of security.

If you haven’t already, take the Password Quiz to get see you how you stack up against others. If you need to up the ante on your security, follow these 3 easy steps to keep your accounts, passwords, and personal information safe.

         

Promote Employee Awareness During Internet Safety Month

security

June is Internet Safety Month, as designated by the US Congress with support from the National Cyber Security Alliance (NCSA). While Congress started this initiative in 2005 with a focus on Internet safety among children and teens, the goal broadened to promote awareness among all ages of Internet users. Today the NCSA declares safe online business practices as one its 4 key pillars.

At most small businesses, Internet safety starts and ends with employees. From email to Internet browsing to password practices, informed employee behavior is the best way to protect your business from unwanted problems. In honor of Internet Safety Month we pulled together 4 core tips to keep your employees informed:

1. Build Internet safety guidelines – The first step for a small business is to have an opinion on what is safe and what’s not, and make it known throughout the company. Put these rules and regulations into a document that you share with employees on their first day of work and post it where it can be found at any time.

2. Promote good password practices – More than 30% of adults have over 10 passwords to remember.  Whether or not you use a password manager, your employees hold the key to a great deal of valuable company data, and you want it to be safe from hackers. Require employees to change their password every 30, 60 or 90 days, and give them guidance to create strong passwords with tips such as:

  1. Don’t use obvious names, dates or numbers like your birthday, anniversary or hometown
  2. Include both upper and lowercase numbers
  3. Include symbols and characters
  4. Use at least 8 characters

3. Create awareness of email fraud – Prepare employees to look for potential phishing attempts that are designed to steal personal and valuable information. Safeguard your company by understanding the key signs of a fraudulent email and communicating them to employees. Have employees ask the 5 questions below if they suspect a phishing attempt. If they can answer ‘yes’ to one or more, the email might be suspicious.

Does the email in question…

    1. Want you to verify account information beyond email address?
    2. Ask for your password?
    3. Contain personal information like social security number or age?
    4. Include links or required attachments?
    5. Ask for financial information?

Also look for a message from the company to offer validity to the email. For example, LogMeIn adds this notice to the footer of every email it sends:
Important Security Notice: LogMeIn never asks for your password or other sensitive information by email. Do not click links or respond to a suspicious email! For details, visit blog.logmein.com/products/avoiding-phishing-attacks.

4.  Encourage two-factor authentication – As the use of cloud apps in SMBs continues to rise and more employees are introducing their own apps to get work done, it’s important for SMBs to stay in control of their data. Encourage employees to use a two-factor authentication app that adds an extra layer of security to valuable company information. Many two-factor options, including the LogMeIn Authenticator App, allow you to enforce this practice company-wide if desired. 2factorauth

These four tips are just a start to safe, secure Internet practices for your business. Learn more about how to protect your business at the NCSA site. Happy Internet Safety Month!

         

What your organization can do to avoid getting phished

As you are probably well aware, phishing attacks are on the rise all around the world. Organizations must take extra steps to make sure that they protect themselves as well as their customers against this threat.

As Attila mentioned in his post earlier this week, LogMeIn employs SPF, DKIM and DMARC on every email it sends from a @logmein.com address.

The combination of these three technologies allows the recipient server to validate that:

  1. The email was sent from a server authorized by LogMeIn
  2. The contents of the email has not been manipulated

The key point is that the check is done on your organization’s email servers. They have to support DMARC, SPF and SKIM in order to filter out phishing emails.

Most major email providers, including Gmail, Yahoo mail, and Outlook.com checks for these records and will put phishing emails appearing to come from a @logmein.com address into the Spam folder. Be wary of slighter variations of the domain part. If you see an email from logme.in.com or logmeein.com or some other variation of our domain, you can safely delete it.

If your organization maintains its own email servers, and you receive these phishing emails please ask your email administrator to set up SPF, DKIM and DMARC. You are going to save yourself from a lot of headache.

And as always, follow the best practices for email.

Does your organization use DMARC? If it does not, what is the reason?  Please leave a comment and share your thoughts.