Technology Information & News

Australian Tax Office Issues Tax Refund Scam Warning

Australian Tax Scam

As tax season rolls around, another tax scam has reared its ugly head, this time in Australia. This particular scam is fooling so many people that the Australian government’s Taxation Office has issued an urgent warning about it to the citizens of the country. It is the goal of the Taxation Office to prevent any other Australian citizens from falling victim to this scam, as it can have a devastating effect on a person’s finances. To protect themselves, it is important that all Australian citizens pay close attention to the warning and heed it carefully.

According to the Australian Taxation Office, there is an email being sent to people around the country that has a convincing copy of the myGov branding on it that the federal government uses. However, the email and branding are fake. One will know the email is a scam by reading it, even if the branding initially makes them believe it is the real thing.

The scam email tells the recipient that they are owed money in overpaid taxes, and directs them to fill out an application form to receive these funds. When the email recipient clicks the link to fill out the form, the scammers, whose identities are not yet known, are able to access all of the extremely personal information the recipient puts on the form.

The amount in back taxes the email says a recipient is owed varies, but it can be considerable or quite small. One email obtained by a local newspaper in Australia claimed the recipient was owed $80.93.

Even when the amount is small, people usually want to claim any money that may belong to them, so those who are not aware of the scam may fill out the form even for miniscule amounts. To many people, receiving $80.93 back from the goverment would be worth filling out a simple form, and the scammers know this.

The email obtained by the newspaper reads:

“After the last annual calculation, we noticed that you are eligible to receive $80.93 AUD,” it reads.

“To submit the application electronically, please fill out the form. Once the form is completed, you will be asked to confirm that the information in the document is correct.

“Please click on the link below to submit and eForm for refund.”

While the email is enticing and the logo for myGov looks real, it is relatively simple to tell if the email is from the scammers. All one has to do is hover their mouse over the link to the form. Instead of the my.gov.au address being shown, as it would if one were being re-directed to a legitimate government website, a different URL is shown.

Another way to tell that the email is not real and is from scammers is to examine the grammar and spelling in it, which are both poor. The email also does not include a name, which is another sure sign of a scam.

According to the Australian Taxation Office, there is no tax refund form issued by their office. Also, all of the online management of tax issues with individual taxpayers is handled through one of the genuine myGov accounts, with a URL to prove it. Looking for a link leading to a myGov site is imperative in learning whether the email one receives is a scam.

This scam is a good example of why it is so important for email users to be careful about what links and attachments they click on. This is true even if the email looks like it comes from someone you know, or from a legitimate source. Always check the re-direct links, and make sure the grammar and spelling are good. If you still have questions, contact the person or agency who supposedly sent the email and ask them if it is legitimate before clicking on anything in the email.

Scammers today are becoming more sophisticated. Their ability to successfully recreate the myGov logo in a convincing enough way to fool many Australians who receive it is a testament to that. In this age of cyber-scams, one must always be on one’s toes, even with emails from friends and family. You never know who has hacked your computer and received information on your contacts to use to scam you.

Be alert, be aware, and avoid becoming a victim of the next cyber-scam.

Is Virtual Reality For Real In Healthcare?

Virtual Reality Healthcare

Over the last couple of years, both the concept and the real world application of Virtual Reality (VR) has moved from the fringes of our imagination, into everyday use.

What was once a technology that was considered as only beneficial in computer games and futuristic projects designed never to come to fruition, is now infiltrating many areas of our lives. The military, education, entertainment, fashion, and even engineering are all being touched by the power of VR, but it is the healthcare sector where it is really making waves.

Notably, during the previous 18 months, something of a virtual reality revolution has taken place in terms of health-related applications. We may well still be in the early days of releasing its full potential for patients and medical practitioners, but so far it seems that VR is becoming something of a tangible reality in healthcare.

Here are just some of the pioneering ways that VR has been integrated into the healthcare industry to improve the lives or both patients, and doctors.

Autism Therapy

Around 1% of the global population sits somewhere on the autism spectrum. With no preventative methods, no cure, and little understanding of why it occurs, therapeutic treatments are the only way to help those afflicted. Language and speech therapy can offer significant improvements in an autistic individuals quality of life, but previously this therapy had to be done face-to-face. This posed a number of limitations depending on the location and level of mobility of the individual, and it also means doctors are restricted to practicing in certain geographical areas.

But with VR this doesn’t have to be the case. Some startups have begun to utilize technology to simplify the delivery of therapy to autistic individuals, without the need for travel. Products use VR to create social interactions by creating virtual characters in a digital scene. For example, instead of sitting in a doctors office and looking at toys on a table, the individual will see a panda in a virtual safari park that they can interact with accordingly. Each environment can be specially tailored to include the appropriate sensory environment for each patient- something that is hard to do in ‘real life’.

Virtual surgery

The concept of virtual surgery is being used in both to educate trainee medical professionals, but also to give surgeons a chance to rehearse complex operations before the real thing.

By allowing trainee doctors to conduct medical procedures in a VR situation, their confidence and experience can be built on significantly. Being able to perform a surgical procedure on a virtual patient means they can practice new techniques and skills in a ‘real’ setting, without ‘real’ consequences.

For more experienced surgeons, the ability to walk through a complex or lengthy surgery before having the live patient on the operating table can allow them to deal with a variety of outcomes, as well as to troubleshoot or practice tricky maneuvers.

Chronic Pain

Over 25 million people in the US alone, suffer with chronic pain. These people resort to the long-term use of painkillers and opioids which carry their own risks and contraindications, including addiction and death. As a result, doctors have been searching for a way to provide safer, more effective, and less problematic alternatives as quickly as possible. Virtual reality has been suggested as one way of doing just this and so far studies have show that it can help to reduce pain by around 25%.

Virtual reality therapy has been shown to not only reduce pain in patients, but to stop the brain from processing pain the same way. This can lead to reductions of in-patient time as well as decreased dependency on powerful prescription drugs. By helping to distract the minds of patients in pain, the world of VR can release stress which in turn contributes towards the alleviation of pain. Allowing patients to escape the four walls of hospital or their homes and to swim with dolphins, take a helicopter ride, or play a game of tennis, has a significant impact on their mental and subsequently, physical wellbeing.

Providing visual and motion-based experiences has been found to work in positive ways on several parts of the brain, leading to increased rehabilitation rates and enabling them to live a more normal and less painful life.

Restoring Vision

Vision impairment affects around 150 million people around the world, in varying levels. Whether it is age related or caused by a medical issue or injury, it severely impacts the patient’s ability to live normally.

Low vision is not easily treated with glasses, medicine, or surgery, and until recently, those afflicted had little choice but to learn to adapt. Now, with the use of VR, levels of vision can be increased by allowing the patient to magnify certain objects in a visual scene without losing sight of the rest of the environment. Certain software applications allow users to literally zoom in on certain things without impacting the rest of the ‘scene’. Users are then able to adjust the contrast, text, or ambient level, allowing them to carry out normal activities with more ease.

Care of the Elderly

When dealing with elderly patients, it can be difficult for younger medical professionals to understand the situation and limitations that age imposes on patients. For example, an age difference of 50 years between patient and doctor can create a significant disconnection between the two, resulting in frustration and breakdowns in communication.

VR, however, is helping to change this. By harnessing virtual reality technology, doctors and nurses are able to experience what growing old feels like or what recovering from a stroke is really like. Applications have been created where the user is able to experience life as an elderly person, see the world through their eyes, and experience as realistically as possible, how everything from movement to sight can be severely limited. It is hoped that this kind of experience will bridge the gap between elderly patients (especially those that are non-verbal) and caregivers to increase the level of care offered.

Brain Trauma Recovery

Strokes are one of the leading causes of brain trauma and to stand a good chance of recovery, patients need to start therapy and rehabilitation as soon as possible. In some communities and circumstances however, this is not always possible.

By using virtual reality, patients are able to practice regaining the functions they have lost such as moving their fingers or lifting their arms. Whilst the patients are not actually carrying out the actual movement, the motivation, engagement, and activity of the brain is improved through the use of audio-visual feedback. It is understood that this can lead to significantly improved recovery time for those who have suffered significant neurological trauma and injury.

Microsoft Data Breach Highlights Need for MSP Collaboration and Security

Microsoft Outlook Data Breach

A recently announced hack data security breach of Microsoft’s Outlook.com product has many wondering how to work with MSP customers to understand the scope and impact.

Ulistic recently spoke with several MSP security experts to understand more about the breach and next steps.

What Happened to Outlook.com Data?

It appears that the breach occurred when a support agent’s access credentials were compromised. Support agents are customer service representatives that handle technical issues and complaints. That led to unauthorized access to a portion of the accounts on Microsoft’s web email service from January 1 to March 29, 2019.

The hack apparently affected Hotmail and MSN users in addition to Outlook account holders. In an email to users, Microsoft noted that, “This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments,”

Microsoft also said that the hackers were able to access content on about 6 percent of users.

Is That the Complete Scope of the Breach?

Not necessarily.

“At this time the impact of this particular breach is still under investigation,” noted Swinburne Charles of Checksum Systems, a Toronto IT services company. “However, overall it would not surprise any security expert that far more users were affected. The mere fact that the Microsoft support engineer’s credentials were affected so long would imply that the perpetrators had unfettered access to millions of email addresses and could have simply ‘botted’ their way around those mailboxes, scraping information such as name, email address, mail subject, and message body.”

Phil Cardone of Radius Executive IT, a Boston-area IT company, pointed out that Microsoft support technicians do not have access to end-user protected data. “This breach could have been much worse if the hackers had destructive intent and compromised the integrity of the Microsoft Office 365 environment,” Cardone said.

“The impact of this attack shows how vulnerable we all are to hacking,” added Anthony Buonaspina of Long Island, New York-based IT support company LI Tech Advisors. “Even through no fault of our own, our information can be compromised by a lapse in security by some individual at a company that maintains our information. It’s scary that these types of hacks can happen without our knowledge and we may or may not even get notified for months after an attack.”

What Should I Do If I Have an MSN, Hotmail or Outlook Account?

In cases like this, it’s important to take precautionary steps, whether or not your account is affected.

“Users should continue to employ safe email practices, keeping an eye out for an increase in phishing emails designed to solicit a response,” said Sarah Ober of Washington, D.C.-based IT company Intelice. “Attackers gained access to email addresses of contacts and had visibility into subject lines of emails, which could be used in targeted attacks.”

Buonaspina, Cardone and Charles all urged users to change their passwords immediately. Charles noted that companies “should not skimp” on deploying two-factor or multi-factor authorization for systems and applications. Cardone encouraged global account administrators to firm up security on Office 365 tenant accounts and using Office 365 Secure Score to assess and provision as many precautions as possible.

Is This Attack Like Other Ongoing Breaches or Is Something More Significant about This One?

“This attack is like many other ongoing breaches where soft passwords or internal security procedures are lax, allowing for security breaches like we see with Microsoft,” Buonaspina said. “What’s more significant about this one is that it undermines our trust in a major corporation. If they can’t get it right, how the hell are smaller, less security-minded companies supposed to keep their data and their clients’ data safe?”

Ober noted the need for end-user vigilance. “One concerning part about this breach was that it involved compromised credentials of a Microsoft support technician, and lasted for multiple months before being remediated,” she said. “It highlights the importance for all support staff to be vigilant with their own chain of security, as it is only as strong as the weakest link.”

“This attack went after the back-end system infrastructure versus the actual end-user experience,” Cardone explained. “A typical breach may affect day-to-day interactions between people and organizations, whereas this attack could have affected the structural integrity of the Microsoft Office 365 system infrastructure. This could have been much worse than it was.”

Be Aware: ASUS Update Tool Hijacked By Aggressive Hackers

ASUS Motherboard Hackers

Large software and hardware manufacturers are generally a trusted source for updates, but that same level of trust with consumers is what makes these groups a heavy target for hackers. The recent infiltration of ASUS made it all too clear that no one is safe from the threat of malware attacks. The Taiwan-based tech giant recently was the high-profile victim of hackers as their automatic update tool was leveraged to distribute a malicious backdoor on nearly a million computers and other devices before the discrepancy was identified — over five months after the update was launched.

Trusted Digital Signature — Tainted Software

The malware distribution took so long to identify due to the accurate digital signature that the hackers were able to put in place. ASUS computers accepted the malware due to the “acceptable” digital signature, even though the software package itself was tainted. The delivery package was only the first wave of the attack, opening a potential vulnerability in the systems that were affected. Now, hackers are able to target these machines at will. To date, only about 600 machines have been hit with this second-stage attack. The hack happened sometime in late 2018, with Kapersky notifying ASUS of the situation in January 31, 2019.

ASUS Implements Advanced Security Measures

How is ASUS responding? Oddly enough, they didn’t raise the alarm with customers until digital security firm Kapersky went public with their findings around the attack, which they’re calling ShadowHammer. This notification to customers downplayed the severity of the attack, calling it an “attempt to target a very small and specific user group” in the official statement posted on their website. ASUS noted that they released a fix in the most recent version of the Live Update, one that included additional security measures that were meant to reduce the possibility of this happening in the future. Not only did the company strengthen its end-to-end software architecture, but they also enhanced the overall encryption of their updates.

Supply Chain Attacks Growing in Prominence

This is far from the first time that attackers have decided to go up the supply chain to target computers. The notPetya cyberattack that devastated machines throughout the US, Europe, Australia and Asia was delivered as an upgrade to popular accounting software that experts claim was made not for the demanded ransom — but just to spread mayhem throughout the world. The hackers who built and distributed the ransomware used much of the code from Petya, but that is where the similarities ended. With notPetya, the cybercriminals clearly didn’t think through their process for collecting money from victims, as it quickly disintegrated under the pressure of organizations attempting to pay and request their unlock keys. Unfortunately, the damage was already done as not Petya spread rapidly through networks, infecting machines and destroying files as it went. Microsoft, CCleaner and Transmission are a few other organizations that have been the victim of this type of attack vector over the past decade.

Are My Computers Infected?

With any attack of this scale, the first question on business owners’ minds is whether or not their organization may be vulnerable to this particular issue with ASUS. The service professionals at ASUS have been busily reaching out to customers since the update was released, along with the recommendation that you update their latest security patches and updates to ensure that the effects of the hack are washed from your system. Security giant Kapersky Labs has created an easy tool to determine whether your device was one of the millions affected by ShadowHammer, with the results based on your MAC address.

With hundreds of thousands of devices receiving the primary payload and only 600 devices targeted for a secondary wave, cyberattacks such as ShadowHammer are meant to cast a wide net in the hopes of getting the highly detailed information on a limited audience that they need. A key benefit of working with an IT solutions provider is their constant focus on security, allowing them to proactively scan sources such as Kapersky and take immediate measures to remediate the scope of the attack.

How To Encrypt an Email In Microsoft Outlook

Encrypt Email In Outlook

There is any number of reasons to encrypt an email in Microsoft Office Outlook, anything from details about your salary to negotiations to purchase a business. With the state of cybersecurity, you need to know that you are protected from individuals who may attempt to hijack your email as it is in transit between locations, too. Fortunately, Outlook has the functionality built in that will allow you to quickly and easily encrypt your email as well as stop people from forwarding the email message.

Why Is Email Encryption Important?

The rise of malware and ransomware has made many users wary of opening emails, and definitely can make you question opening any attachments — even those from a known user. One of the key reasons for utilizing email encryption is to prevent an attacker from intercepting emails and reading them, or even adding a questionable attachment that could be infected with malware. While there are some web-based encryption platforms, the most effective are often those that are built directly into the email platform being used by staff members on a daily basis.

Email Encryption in the Enterprise

Email encryption options have been around for years and can provide your email and attachments an added level of security that could be necessary for sensitive conversations. In the past, it’s been a bit more challenging to apply encryption and even required an add-in or separate application in order to ensure that your corporate emails are safe in transit. As far back as Office 2007, there’s been the ability to add one-click encryption that applied to a single message. You also have the option to encrypt all outgoing messages, a crucial addition for financial and legal organizations. Network eavesdroppers will be thwarted by this advanced function of Microsoft Outlook. If you are using the Office 365 suite, you can find instructions for encrypting your emails on Microsoft’s help site.

How Does Email Encryption Work?

It’s important to understand that email encryption is a two-way street. Not only is it required that you have the software options available to encrypt messages that you are sending, but your recipient must also be able to remove the encryption with a key in order to view the message or attachment. In Outlook, there is a certificate generated that allows you to store the email in your Sent items as well as provides recipients with a way to respond to the email — as you’ll have to open the encrypted file when it is returned to you. This can become problematic when you have multiple people on a distribution list for your email. When recipients are within your organization, Exchange server stores a copy of the encryption key for each individual on the server for ease of use.

Microsoft Outlook is one of the most widely-used email platforms in the country, especially for business professionals. The simple instructions for email encryption and the quick application of the rule for all emails means it is easier than ever to protect your confidential messages.

Tech Education: What Is A PBX Phone System?

PBX Phone System

The image of a traditional PBX phone system may make you uncomfortable because systems in the past were either tied into a particular type of hardware or an individual vendor. While that may make you want to shy away from the enhanced functionality that you receive with a PBX system, today’s telephone switching is radically different than in the past. There are many flexible options for implementing your PBX (Private Branch Exchange) system, including virtual solutions as well as on-premise hosting. Learn more about PBX phone systems and see why they may be the right choice for your business.

Using Technology to Reduce Restrictions

Creating an extensible telecommunications system is crucial, as businesses communicate in more varied ways than ever before. Simply connecting two individuals via phone could include a complex dance of rerouting calls to a mobile phone, translating audio voice mails to text and routing faxes to an email address. With the new Open-Standards-based IP PBX, Internet Protocol is the underlying transport technology that is used to deliver telephone calls. This less restrictive option for communications delivery provides enhanced functionality for your investment.

PBX Features and Functionality

There are a wide variety of PBX phones, with the traditional analog PBX phone system managing calls by connecting over copper wiring — with the hardware generally living inside the telecom closet of your office. Analog PBX systems connect to POTS, or Plain Old Telephone Systems, lines that pre-date the internet. VoIP (Voice over Internet Protocol) or on-premise PBX systems utilize broadband internet to replace the copper lines, allowing these systems to deliver high-definition telephone calls and video. This provides the ability to provide sophisticated PBX features, including:

  • Call queuing
  • Application integration
  • Flexible business hour rules
  • A unified communication system with your CRM (Customer Relationship Management) software
  • Automatic Call Distribution queues that can evenly distribute calls throughout a department
  • Call transfers between extensions
  • Detailed records of incoming and outgoing calls

These advanced functions make it simpler for businesses to provide the flexibility that workers need to be productive regardless of their physical location.

Should You Choose On-Premise or Virtual Hosting for Your PBX?

Virtual hosting is an increasingly popular option for businesses that are interested in purchasing a PBX system. Also known as hosted VoIP, this internet phone system provides all of the call routing and management as well as the advanced features that you would expect from a PBX system. Instead of the upfront cost associated with purchasing a PBX system for on-premises use, you’ll pay a service provider a monthly fee to manage all of the hosting for your business. Per-minute charges may apply and there may be additional costs for extending the system with integrations or advanced functionality.

With on-premise PBX, businesses find that this option is more similar to a traditional PBX system. Your business buys the hardware and physically hosts the machines in a server room or phone closet. The key difference between an on-premise VoIP PBX is that it will leverage the internet connectivity for your office. You will still need a provider to handle the gateway for calling, but your ongoing monthly cost will likely be lower than a virtually hosted instance after you’ve covered the costs of expenses.

Determining which option is right for your business requires finding a strong partner with a deep understanding of the technology, who is willing to listen to the needs of your business and make a solid recommendation. The true benefit of investing in a PBX phone system is that you are providing your business with the telecommunications flexibility and the extensible system that will serve your needs both now and in the future.