Tag Archives: General Interest

Posted on Author Atlantic Computer Services Categories Blog

How To Optimize Your Website With SEO

So, you’ve built your company’s website. That’s great news and a major milestone, for sure.  Unfortunately, your work is just beginning.  If you want anybody to be able to find you among the billions of sites that make up the internet, you’re going to need a little bit of help.

The first and best thing you can do for your new site is to optimize it for SEO.

SEO is shorthand for “Search Engine Optimization.”

A long time ago, search engines weren’t all that smart. Back then, site owners could get away with things like “keyword stuffing,” which is to use the same key word or phrase up to a hundred times in a given web page’s content, thereby ramming the point home.

The search engines took a dim view of that, and the phenomenon was thankfully short-lived.

These days, search engines are much smarter.  They can skim through your content and gain an understanding of what each page of content is all about.

The important thing to understand however, is that every search engine uses a different algorithm, which means that the optimization strategies are different for each one.  Given the fact that Google is the dominant search engine on the web, when most people talk about Search Engine Optimization, what they’re really talking about is optimizing for Google.

If you use a content management system like WordPress, you’re in luck!

WordPress has tons of great plugins that help you optimize your site for Google.  These will literally walk you through the process while helping to ensure that you’re making good use of titles and meta tags. Those titles and tags help web crawlers understand what your site is about.

If you’re not using an SMS, then you’re going to need to validate your HTML by hand, which is a somewhat time-consuming process, but well worth the effort.

The other big thing you can do is to make sure your website’s structure is logical and easy for a human  to follow.

If your site is just a random mishmash of poorly interlinked pages, then neither humans nor web crawlers will be able to find good information on your website. You can bet that neither will spend much time looking.  Organization is key!

Finally, make sure your content is “human readable.”

All the major search engines use LSI, which is short for Latent Semantic Indexing.  That’s just a fancy way of saying that if you build a site about the latest Apple products, web crawlers will “know” that your site is about technology and the results won’t show up when someone types in a search request for something else. Your site will not come up for “Apple Recipes”, for example, since that person is probably looking for food items.

SEO optimization is a very deep rabbit hole, but quite intuitive.  The basic idea is that you want to make sure your content is highly organized, clearly labeled, and easy to navigate to.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft 365 Accounts Targeted In New BEC Scam

Recently, researchers at Mitiga have sounded the alarm about a new Business Email Compromise (BEC) campaign.  They discovered evidence of the campaign responding to another incident and have watched the campaign grow in scope and scale over time.

Here’s how the attack works:

The individual targeted by the campaign receives an email that appears to be from a bank and explains that the corporate account they usually send payments to has been frozen while a financial audit is underway.

In the meantime, the email explains that if the target needs to send payments, they can follow the instructions below the message.

The instructions appear to be inside a document behind a DocuSign wall, which is a contract management platform used widely in the corporate world.

To access the instructions, a potential victim needs to press the “Review Documents” button, which hands the victim off to a website controlled by the hackers.

These websites typically have names that appear to be legitimate companies the victim is familiar with, but a careful review of the URL will reveal an intentional typo, which gave rise to the term “typosquatting” to describe this very phenomenon.

On this page, the victim is asked to log into the Windows domain. If they do so, they inadvertently hand the attackers their Microsoft 365 account details which can be used later for any nefarious purpose the hacker’s desire.

On the face of it, this may not seem terribly convincing, but the hackers employ several tricks to make it seem completely legitimate.  Chief among these is the fact that the hackers hijack existing email streams and interrupt them. So to a reader who’s not paying close attention, the instructions seem to come from someone the victim is having an ongoing conversation with.

So far, the campaign has been devastatingly effective, so keep your guard up.  You don’t want to become their next victim.

0
Posted on Author Atlantic Computer Services Categories Blog

Modern Security Solutions For Evolving Ransomware Attacks

Based on a recent survey conducted by the folks at Titaniam, a solid majority of organizations have robust security tools in place. Yet nearly 40 percent of them have fallen victim to a ransomware attack in the past year.

How can this be?  With conventional tools in place, how can this still be happening?

The answer to that question is complex. Ransomware attacks ultimately have three different phases.  Each phase must be protected against and in each case, the type of protection needed varies.  Let’s start by taking a closer look at the anatomy of a typical ransomware attack. They always begin the same way: Infiltration.

To do anything to your company’s network, the hackers first must gain access to your network.  Thus, your first line of defense is to keep that from happening.

The good news is that most companies have robust tools that are specifically designed to block unauthorized intruders.  The bad news is that hackers can get around those tools entirely by stealing an employee’s login credentials. That is how many of these types of attacks occur. Once inside, the hackers proceed with data exfiltration.  Wholesale copying sensitive data and uploading it to a command-and-control server operated by the hackers.

From the perspective of the hackers, this is where the payday is.  They know all too well that companies will pay handsomely to keep proprietary data from being leaked to the broader public, and hackers are only too happy to take full advantage of that fact.

This is where many companies are weak.  To protect against data exfiltration, companies need to invest in three different types of encryptions.  Encryption at rest, encryption in transit, and encryption in use. Most companies invest in one.  A solid minority invest in two, but very few invest in all three. That creates a window of opportunity for the attacker.

Finally, the third stage is wholesale file locking. This is exactly like what you think it is.  All the files that the malicious code can get to will be locked and encrypted.  If you want them back, you must pay.  Assuming you don’t have a recent backup, of course. Even if you do have a backup, you’ll pay in the form of downtime while you’re restoring those files.

Understanding exactly how a ransomware attack is put together and how it functions is key to designing a security routine that will defeat it, preventing the attackers from ever gaining a foothold on your network.

0
Posted on Author Atlantic Computer Services Categories Blog

Known Senders Option In Google Calendar Decreases Spam Invites

Recently, Google’s engineers introduced a small but important feature to their Calendar app.  If you haven’t used the “known senders” option, you owe it to yourself to check it out.

It allows you to toggle a setting that will filter out invites from people you don’t know, with an eye toward eliminating or drastically reducing instances of invites from people you don’t know automatically appearing in your calendar.

It’s a surprisingly good addition because prior to its inclusion, you had to jump through an annoying number of hoops to filter out unknown senders. This was done in a process which forced you to disable automatic event additions entirely, meaning that you had to respond manually to every invitation.

Google had been promising this fix since 2019 but time, circumstance, and recent events including the pandemic delayed its release significantly.  Its recent release received little fanfare and with everything going on, it would be no great surprise if you missed it.

It’s worth mentioning that the new setting won’t do anything to prevent you from receiving spam invitations, but they won’t land on your calendar, which is what most people are after.

It’s a small change but much more helpful than you might think. It is one of a multitude of recent improvements to a whole range of Google’s Workspace apps in recent months.

If you rely on Google Calendar to help keep yourself organized, you’re sure to love this feature.

Kudos to Google for continuing the hard work of continuous improvement with an eye toward an ever-better user experience.  It is work that often goes unnoticed and underappreciated but over the last few years, we’ve seen Google’s entire suite of productivity apps improve markedly. We can hardly wait to see what further improvements lie ahead.

0
Posted on Author Atlantic Computer Services Categories Blog

DuckDuckGo Email Privacy Service Beta Released

DuckDuckGo has a reputation for protecting the privacy of its users far more than most other companies.  Last year, the tiny search engine announced that they were experimenting with a free service designed to dodge email trackers as a means of further protecting the privacy of its users.

The company’s Email Protection service works by stripping email trackers from messages.

Initially, DuckDuckGo’s Email Protection service was available via a waitlist only.  You had to sign up.  If/when a spot opened for you, you could test it out.  During this waitlist testing period, the company reports that it found trackers in some 85 percent of incoming messages.

Now, DuckDuckGo’s Email Protection service has moved to Open Beta, so literally anyone can get a @duck.com email address. Per the company, you can create as many private email addresses as you like and they will be accessible from your desktop, iOS or Android devices.

Not only does the service promise to strip out unwanted email trackers, but it will also give you a report detailing exactly what trackers it found in your messages. It includes a new Link Tracking feature that helps prevent tracking across email links.

If that wasn’t enough, the service also includes Smart Encryption, which upgrades unencrypted HTTP links in emails to their secure HTTPS counterparts whenever possible. You can reply to messages with a @duck.com email address in lieu of whatever address you normally use.

To make use of the service, you’ll need to install the DuckDuckGo Privacy Browser for iOS or Android.  Once installed, simply go to the Email Protection section of the Settings menu to try it out.

If you’re planning to use it on your desktop PC, you’ll need the DuckDuckGo Privacy Essentials extensions depending on the browser you use. It is available for Chrome, Edge, Brave, Firefox or the DuckDuckGo Mac browser.  Once you’ve got the extension installed, just pay a visit to the email section of the company’s website.

0
1 2 3 4 5 6 192