Dumpster Diving – Email Style

We get overloaded with email and tend to let it just sit in our inboxes. When you max out your storage space, which is the equivalent of an electronic dumpster, you can create problems that are time-consuming and costly to fix.

Email overload became a vexing problem for a client who had 160,000 messages in their inbox, which Outlook limits to 50 GB. They wanted to delete some messages and keep some, but there were just too many messages to go through individually.

We decided the most practical course of action would be to delete all the messages except for those from the last three months. But that solution created other problems. There are limits on how much email you can simply delete. There’s also an issue of how Outlook handles deleted files: they just don’t go to an electronic landfill. They can go to recoverable folders, where they stay for 30 days before going to the “landfill.”

You can delete a large number of files by going to your Outlook online instead of your Outlook mail client. That’s what we had to do, but the process took hours. You can prevent the problem by just paying more attention to your inbox management. Try some of these measures:

  • Delete unwanted/unneeded email as you go. New Outlook’s default lists your messages on the left, and the preview pane on the right shows you the content. As long as you don’t open the email, it won’t harm your system. You can simply click on the trash can in the list to delete the message.
  • Set up subfolders within each account. Within each account, you can set up subfolders and drag-and-drop file messages there. That keeps them out of the dumpster.
  • Empty deleted emails on a regular basis. Whether you do it daily, weekly or biweekly, empty your deleted emails as a routine task. If you have Outlook on your mobile devices, you can delete unnecessary emails without needing your computer. I make deleting emails from my phone a regular task while traveling.

If you need to empty an electronic dumpster, we can help you set up and manage the process. If you need to institute a system to manage email across multiple accounts and users, we can help you determine rules that meet your needs and implement a program. Call us – 973-433-6676 – or email us to talk about it.

Cybersecurity Climate Only Getting Worse

The heat is rising fast in the cybersecurity world. At a recent conference in Phoenix, AZ, we saw how the industry’s top hackers and defense experts team up to fight an ever-increasing number of invasion attempts from bad actors around the world. Visiting a cybersecurity war room really opened our eyes.

We were ushered into a huge room, full of screens that hackers and defenders used to monitor traffic. This link, which shows the origins of constant firewall attacks from all around the world, made a huge impression on me. The attacks were detected because they had an invalid format or invalid character. It meant that the hackers probably forgot to change the language they were using to launch the attack.

My takeaway is that if hackers get smarter or pay more attention to details, they can become more lethal. They can use AI (artificial intelligence) to eliminate the need to know English, and that’s scary. For example, as we saw, they can use Chat GPT to create malware with a specific task. It’s only going to get worse as we hit the holiday shopping season.

Helping a client deal with an email hack brought home all the dangers. They thought they had an email hack, which resulted in emails going to their contacts under the guise of coming from them about file sharing in Dropbox. They thought they had it fixed, but the same problem cropped up two weeks later. It had a link to click (always a danger sign when the recipient “trusts” the sender).

As we got into the process of fixing the hack, it involved an apple.com account with a reference to Dropbox. Our efforts were hampered by the difficulty we had getting into accounts to verify that the hackers were using Dropbox to launch bogus email.

Our client could have just ignored the problem, or they could have sent an email to their entire contact list to warn them not to open emails with the Dropbox reference. But my preference and theirs was to get to the root of the problem. You have to know where all the dots and connections are so that you can get ahead of the hackers and shut them out.

We can help you stay secure by auditing your cybersecurity practices and implementing programs to strengthen your defenses. Call us – 973-433-6676 – or email us to discuss your cybersecurity and gain more peace of mind.

Out with the Old, In with the New

As Microsoft winds down its tech support for Windows 10, it’s time to make a plan to migrate to Windows 11 and – if needed – the hardware to run it. It can save you money in the long run when you factor in the cost of support for Windows 10 and the efficiencies you’ll gain.

As most of you know, Windows will only offer security-related tech support for Windows 10, starting next October. It will not upgrade any performance features. Furthermore, the tech support will cost you $30 per year.

We’ve been getting a lot of calls from clients whose hardware is not up to snuff for Windows 11. Your best option, in our opinion, is to have new hardware in place for Windows 11, and as you’ve probably read in our newsletter, it goes beyond just the operating system.

Older hardware and software put software vendors in a bind. They feel a need to protect all their users, and they don’t want to leave technology systems exposed to a breach. Yet at the same time, they need to serve their customers who demand more security and better performance. If not, those customers will look for other software vendors.

Hardware has a shorter shelf life, but hanging on to a device for too long can be a disservice. As most of us work with larger files, possibly in collaboration with other users in real time, the speed and security of data transfers through the cloud has become increasingly more important. We’ve had older computers crash during file transfers, putting data at risk. Data, after all, is your most valuable asset.

We saw that value first-hand when we installed five new computers for a client. During the process, we discovered there were some missing files in obscure locations. They had not been saved to the cloud or backed up. Two of the people getting new computers had issue after issue with transferring files. We had to copy files from their old computers onto another device and then transfer them from the device to the new computers.

When you combine the cloud with software subscriptions and up-to-date hardware, you have data security with system reliability and performance. It’s where technology is heading, and we think you will fall farther behind by waiting to install and maintain new hardware.

If your hardware isn’t compatible with Windows 11, we strongly urge you to start the replacement process. Rome wasn’t built in a day, as the saying goes, but your technology can crash and burn in an instant. Call us – 973-433-6676 – or email us to develop a plan to keep your technology up to date.

Upgrade for Security

Should you upgrade to Windows 11 and get a new computer? Microsoft and an increasingly aggressive, more sophisticated hacking environment are calling the question. For a number of reasons, our answer is a resounding “yes.”

We’ve discussed this before, but we have an increased sense of urgency about upgrading technology to improve your security. Microsoft reports that in 2015, they were detecting around 115 password attacks per second. In 2024, that number has surged 3,378% to more than 4,000 password attacks per second. We need stronger, more comprehensive security approaches than ever before, and we need them across all devices and technologies we use in our lives, both at home and at work.

Microsoft and its hardware partners developed an array of software solutions to harden your security. These solutions rely on brute power to process massive amounts of security protocols and tools to keep out bad actors. Many of these tools use artificial intelligence (AI) to find and implement security measures that require nimble, changing movements, much like you find if you’re a gamer. They also power increasingly sophisticated passkeys (such as facial recognition or other biometrics) or two-factor authentication (2FA).

Windows 11 has the software tools, but they’re either useless or toothless without the hardware to power them. To install or upgrade to Windows 11, devices must meet the following minimum hardware requirements:

  • Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC).
  • Memory: 4 gigabytes (GB) or greater.
  • Storage: 64 GB or greater available disk space.
  • Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver.
  • System firmware: UEFI, Secure Boot capable.
  • TPM: Trusted Platform Module (TPM) version 2.0.
  • Display: High definition (720p) display, 9″ or greater monitor, 8 bits per color channel.
  • Internet connection: Internet connectivity is necessary to perform updates, and to download and use some features. Windows 11 Home Edition also requires a Microsoft Account to complete device setup on first use.

These are the minimum requirements, and they can change at any time.

Is your computer compatible? If it’s more than three years old, it’s unlikely. Three years has become the lifespan for many machines because the technology changes so quickly and extensively. We recently replaced the personal computers in our family so that we could all take advantage of new computer capabilities. For personal computers, it will be a crapshoot as to how much longer you can safely go online.

For businesses, it can be to your advantage to upgrade your computers before the end of the year – though your tax advisors can give you more precise information. We can only tell you that you need to balance the cost of a new computer against the possible costs of a security breach.

We can help you in several ways.

  • We can evaluate your hardware, especially if you are still running Windows 10, and help you determine if new hardware will be cost-effective for running Windows 11.
  • We can help you select and buy computers and other systems that fit your budgets, and business needs as best as possible.
  • We can configure your new computers and systems to make sure you have the best balance of security and performance.

Call us – 973-433-6676 – or email us for an appointment.

Hacked SSNs: What, Me Worry?

With apologies to Alfred E. Neuman, yes, you should worry. But you don’t need to panic, especially if you have Windows 11, a computer with a later-generation chipset and a lot of common sense.

New reports say the hacking group USDoD claimed it had allegedly stolen personal records of 2.9 billion people from National Public Data, according to a class-action lawsuit filed in U.S. District Court in Fort Lauderdale, FL. The breach was believed to have happened in or around April, according to the lawsuit. A class-action law firm said the stolen file includes 277.1 gigabytes of data and includes names, address histories, relatives, and Social Security numbers dating back at least three decades. A post from a cybersecurity expert on X claims the records for citizens of the U.S., U.K., and Canada were sold on the dark web for $3.5 million.

Yes, that’s scary. But it’s not as dire as you think. Security breaches happen all the time because thieves find vulnerabilities in large systems and exploit them. Some thieves steal simply because they can. If they don’t try to use stolen information, you don’t have a problem. But if they do try to use stolen data, they need to know how to defeat whatever aggressive defenses exist at, say, a bank. Often, they fail.

They may try to sell the data, but if there’s no market, the stolen information languishes. If they do sell it, the data might turn out to be outdated. Finally, the buyers may be state actors. If you’re not a likely target of blackmail or in possession of interesting secrets, they may have the goods on you but not want to use them.

All you can do is harden your defenses as best you can.

Set up two-factor authentication for every online account that offers it, or use an authentication app, such as Microsoft Authenticator to secure your online accounts. If thieves haven’t intercepted your email, text messages, or phone, it’s going to be hard for them to break in.

Sign up for account alerts. Depending on your bank or card company, you can set them up for many things, including any charge outside your home country, any (or all) ATM withdrawals, or transactions over a certain amount.

If you get an alert you didn’t expect — or even one you did — don’t click links or call phone numbers in the alert. Instead, log into the account in question and find a contact number there. That will keep thieves from redirecting you to their own operations.

We can answer questions about 2FA, and we can help you set up Microsoft Authenticator. A proper set-up will prevent problems down the line. Call us – 973-433-6676 – or email us for an appointment.

Inside a Hack Investigation

Getting hacked doesn’t always mean your world has come to an end. In many cases, however, fixing it is a grueling process, physically and mentally, and you’ll have to provide a lot of information you hadn’t planned to disclose.

Here’s how it started. A client clicked on a pop-up window at 3 p.m. that said their computer was infected with a virus. The message in the pop-up said illegal activity was detected on the computer. But if the client called the number in the window, they could clean it up.

The client let them on the computer and was given a cost (it doesn’t matter what it was) to fix the problem. They said it could be paid for by taking cash out of his account and depositing the cash at a specified ATM. They said not to turn off the computer. The client told friends they thought they’d been hacked.

They called the next morning and said they felt stupid. We told them not to. We see hacks from pop-up windows all the time – and they frequently happen on sites where people print recipes. The site opens what looks like a print dialogue box, and it can sometimes be difficult to know what the icon in the box means.

Our first advice to anyone who thinks they’ve been hacked is to turn off the computer and call us immediately at 973-433-6676. In most cases, the money is already gone by the time you turn it off, but nobody can get anything out of a computer that’s shut down.

To do our best to close off any new attempts from a hacker, we ask our clients to walk us through every detail of the incident. We need to find where something started so that we can close off any loops. We need to do this at every point affected by the hack. Once a hacker has gotten into your computer, you can bet they’ll be back – and you can bet they’ll look for all the doors they got through.

The obvious lesson we can all learn from this is to be extremely careful about pop-up windows. You can install pop-up blockers on your computer’s browser, and they can be configured so you can allow them on a case-by-case basis.

But pop-ups can pose additional risks, especially as artificial intelligence (AI) becomes more widely deployed. When you call a phone number in a pop-up – or any link for that matter – your voice can be recorded and synthesized. If you visit financial or health-related websites that rely on voiceprints as part of their security, you can be at risk. Whenever you answer any phone call from a number you don’t know, avoid saying the word “yes.”

We can help you tighten your security by helping you configure pop-up blockers and fine-tune your anti-virus programs. Call us – 973-433-6676 – or email us to discuss your needs.

Bring on the Passkeys

Passwords are porous, and so are some forms of two-factor authentication (2FA), such as those numeric codes sent to your phone or email to verify your identity. Known as one-time passwords (OTPs), they’re relatively safe, but hackers are getting better at breaching that defense. Passkeys are coming into their own as a stronger cybersecurity tool.

OTPs are typically provided in a text message, which is vulnerable to attacks in several ways. A hacker who intercepts the text to your phone might not get the password directly, but they could launch a smishing attack (it’s like an email phishing attack) and wait for you to make a mistake (responding to the text) to get into your account. More sophisticated hackers engage in SIM swapping or a more effective means of message interception to take over your phone and account. With those latter two forms of intrusion, it may take a while for you to discover the hack. Even if it’s less than an hour, it could be too late.

Risky as they are, OTPs by text are likely to remain in use for a while. Some companies are reluctant to change because they fear it will cost them customers who are not tech-savvy enough to adapt to more sophisticated verification tools. Most of you can reduce the risk somewhat by using a password manager. Reputable providers keep your master password secure – sometimes allowing you to bypass using it (as you’ll read shortly) – and add a strong layer of protection by generating long, complex passwords that are hard to crack.

As a smartphone and password manager user, you’re likely to be using a passkey already. For iPhone users, it’s facial recognition. For Android users, it’s a fingerprint. These and other passkeys work in the background to assemble a mathematical puzzle. The numbers are always changing, and they are not tied to anything that’s unique to you as a person. It doesn’t care about your mother’s maiden name or your first-grade teacher.

Most password managers use biometrics to authenticate you and your device, and you don’t need to be a tech wizard to set up and use it. For facial recognition, you just need to let the authentication app see several views of your face. For fingerprints, you just need to roll a finger over a sensor. In most cases, when using your smartphone, tapping on the app for a website automatically starts the authentication sequence.

Authenticator apps such as Microsoft Authenticator and Google Authenticator can work with website visits from a computer or mobile device. We like to set up our Microsoft OneDrive clients using Microsoft Authenticator to access files securely from any device from any internet connection.

For mobile devices, you can use a mobile app push for even more security. It works with mobile apps on your phone. When you log in to a website, you get a notification in the corresponding app on your phone that prompts you to verify your identity through that notification. This verification method is independent of the device you are logging in on and better than SMS or authenticator OTPs. However, you still need to pay attention. A hacker could repeatedly try to log in to your account using a stolen password, and you would get multiple messages on your phone to verify. If you click to verify, you could give the hacker account access.

We can help you move to a stronger authentication process. Call us – 973-433-6676 – or email us to see what authentication could work best for you. We can help you install and configure the necessary software and get you started on using it.

You and Your Credit Card

Credit cards can be convenient and reliable, but sometimes, you’re much better off if you just leave yours in your wallet. The following “don’ts” apply to online and offline occasions when you’re tempted to pull out that piece of plastic.

  • If you don’t see the letters https as the first letters in the address bar of a website’s URL, don’t use a credit card. https is the universal protocol for secure communication over a computer network on the Internet. However, don’t blindly trust this. A scam website or scam merchant can obtain https certification, so be sure it’s the correct website before you type in your info. As an alternative, you can use PayPal if it’s presented as an option.
  • If you don’t see any online reviews of a merchant, consider that a red flag. If you see a merchant with no or few reviews while shopping on a site like Amazon, it’s a caution flag. While you assume they were vetted, they could have slipped something through the process. Some other things that shouldn’t be missing from a website are social media accounts, though there are Facebook marketplace scams. Be wary if you don’t see complete, verifiable physical addresses and telephone numbers.
  • Don’t put your credit card info into an email, especially if responding to an email. It could be part of a phishing campaign. We’ve written extensively on how responding to misspelled email addresses or URLs are ways to get you to provide a valid card number to a fraudulent operation. You’re actually better off giving your credit card to someone over the phone – but only if you initiated the call. A valid merchant uses a system that only retains the last four numbers of your card.
  • Going offline, don’t allow a merchant to take your card out of your sight. Who knows what they’re doing with it? More restaurants are processing your credit cards at your table. It’s all the same “trust but verify” thing.

If you’re a consumer, you likely know just about everything we discussed in our “don’t do” list.

If you’re a merchant, we can help you keep your credit card system secure by providing you with hardware and software systems that comply with all regulations. We can also help you get the proper https certification you need for your website. Call us – 973-433-6676 – or email us for an appointment to talk about it.

Manage Wi-Fi Network Overload

We love our smart-home devices, and it’s easy to overload our Wi-Fi networks with them. When that happens, our network traffic can slow to a crawl – just like we see at our Hudson River crossings. It’s easier and faster to clear up your network traffic jams.

Just as roads have a capacity, your Wi-Fi network can only handle a specific volume of traffic, which means it can handle only so many devices before performance backs up. We don’t think much about it as we add all sorts of smart devices in our homes, such as smart speakers, cameras, lighting, HVAC controls and some appliances. They’re all in addition to computers, TVs, and all our mobile devices. In most cases, the problems creep up on us gradually until we notice not everything is working at their expected speeds. Sometimes, we’ll see a lot of buffering while streaming 4K video or gaming, and those problems grab our attention.

To clear up network traffic jams, you can start with some easy steps. First, make sure all dongles and power cords have solid connections. That could solve a problem with one or a few devices. The next step is to restart your router. Unplug it from the electric outlet, and if you have a power on/off switch, hold it in for 30 seconds. That will help clear out the electronic junk that can accumulate in any device. While you’re at it, you should also check for firmware updates for your router and install any that are available.

Another easy step is to make sure your router has plenty of room around it. If it’s in the middle of clutter or too close to a wall, moving it or cleaning up the surrounding area can help.

If you still don’t get the performance you want, you can take a couple of technical measures. The first is managing the traffic on the router’s frequency bands. Most routers are dual-band routers, which means they run both the 2.4 GHz and 5.0 GHz bands. In an ideal setup, the 2.4 band carries signals for smart speakers, light switches, door locks, garage door openers, and security cameras – to name a few. Those devices usually have default settings for that band. Computers, TVs, tablets, and other devices used for streaming and gaming are suited for the 5.0 band, which is faster and more robust for shorter distances.

There are a number of apps – including those from Apple (Siri), Amazon (Alexa), Google, and others – that can tell what devices are connected to your Wi-Fi network. Some apps allow you to assign some devices to one band or the other and even let you assign devices to specific channels in each band. The apps also enable you to disconnect devices from your network, and this alone might be enough to restore some speed to your network.

If none of these steps gives you the performance you want, you can consider getting a new router and/or adding a mesh network. Electronic components do wear out, and older routers may lack the technology needed to handle the growing demands on your network. A mesh network is essentially a system of smart repeaters that work in combination with your router to extend and manage network traffic to optimize performance for connected devices. Like routers, newer generations of mesh networks are built to handle more network traffic, and if you have an older one, it may not be able to keep up with your technology needs.

If the simple DIY suggestions in this article don’t give you the network performance you want, we can help you with more extensive analyses and solutions, including setting up a network management app and selecting and installing a router, mesh network, or both. Call us – 973-433-6676 – or email us to discuss your needs.

Red Light, Green Light, Warning Signs

How many of you ignore red or amber warning lights when they appear on your car’s dashboard? Based on what we see in IT, most of you probably ignore them. When you see a red warning on your computer screen, it could be a security alert or a malfunction.

I recently got a red warning when I tried to print a document. When I looked, the system was objecting to my print parameters. I was trying to eliminate the margins so that I could fit everything I wanted on the piece. In this case, I was able to add some instructions to override the printer’s setting; it’s something I’d bet a lot of you have done.

Other types of warnings can’t be circumvented. In our next example, a client got a new computer but didn’t pay close attention to a OneDrive warning about synching files between his old computer and OneDrive. Typical OneDrive accounts provide a terabyte (1 TB) of storage space. It sounds like a lot of room, and we keep throwing stuff there. However, there is a finite limit on how much you can store. And just as with your hard drive, you need to have space available to be able to manage files. That’s one reason OneDrive and your computer’s hard drive can’t sync.

Microsoft is pretty good about giving you a heads-up on problems, but you need to be proactive, too. In the lower right corner of your computer screen, OneDrive users can see an icon for their drive on their service tray; it should be a blue cloud, and you should monitor that corner of your screen – just like you check your dashboard and mirrors when driving your car. When there’s a problem with OneDrive, you’ll see a red indicator. You can right click on the icon to see what the problem is.

In this client’s case, they missed the warning as they were transitioning to a new computer. When they started to use it, they were missing six months’ worth of files because unbeknownst to them, the synching stopped. Fortunately, they were able to recreate the lost files, but it cost considerable time and money.

It goes without saying that the earlier you catch a problem, the faster and easier it is to fix. Sometimes, it’s an administrative issue, such as a problem with your account. Signing in to your account may point you to a few steps. Sometimes, it can be as simple as just signing in.

But other times, you may have run into a complicated technical issue, and that’s where you need an IT professional’s help. We have seen just about all OneDrive problems known to the world, and we have tools to get to the heart of your issue. Depending on the problem and your comfort/skill level with technology, we get you started on the solution, work with you at various stages of the solution, or fix it for you.

Taking a few steps back from the crisis stage, you can prevent a number of problems by properly setting up OneDrive on a new computer. We can verify all systems are working as they are supposed to. We can do this in one of two ways: 1.) access your new computer remotely once you take it out of the box and get it online; or 2.) take delivery of your new computer, start the setup with you on the phone, ship it to you, and finish the setup remotely.

No matter what we do for you or how we do it, we will remind you: red light, green light. If you can get into the habit of checking the status of apps on your service tray, you need our services a lot less often. Call us – 973-433-6676 – or email us if you have a problem or want to take a step to avoid one.