Secret Weapon Against Phishing? This Simple Email Check Could Save You!

The recent news about Ethereum developer Nick Johnson being targeted by a sophisticated phishing attack serves as an important reminder of the ongoing threats we face online. Johnson, the lead developer of the Ethereum Name Service (ENS), fell victim to a cleverly designed email that bypassed Gmail's security filters.

The attack utilized a "DKIM replay" technique, making the malicious email appear to be a genuine security alert from Google. The email, which claimed a subpoena had been issued for Johnson's Google account, used a spoofed "no-reply@google.com" address and even passed the DKIM signature check, causing it to be grouped with legitimate Google security notifications.

Image Source: https://x.com/nicksdjohnson/status/1912439023982834120

The email urged immediate action via a link to "Review Activity," which led to a fake Google support portal hosted on a legitimate Google subdomain (sites.google.com). This added to the deception, as the URL appeared trustworthy at first glance. The attackers exploited a vulnerability in Google's OAuth system to create this convincing fake communication.

This incident highlights the increasing sophistication of phishing attacks, which are now leveraging legitimate infrastructure and authentication methods, making them harder to detect.

Understanding How to Spot Phishing Emails

While these attacks can be sophisticated, there are still key indicators that can help you identify a potential phishing scam:

• Sense of Urgency: Phishing emails often try to create a feeling of urgency, pressuring you to act quickly without careful consideration. Be wary of phrases like "Immediate Action Required" or threats of account closure.
• Examine the Sender's Email Address: Don't just look at the name displayed. Hover your mouse over the sender's name to see the actual email address. Verify if the domain matches the legitimate organization. For example, emails from Google should typically end in @google.com.
• Inspect Links Before Clicking: Before clicking any links, hover your mouse over them to see the actual URL. Check if it matches the expected website address and look for any unusual characters or misspellings. In Johnson's case, the link directed to sites.google.com instead of the primary accounts.google.com for account-related actions.
• Check the "Mailed by" and "Signed by" Information: This relates to email authentication protocols like DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting & Conformance), which help verify the sender's identity. Ideally, for a legitimate email that has passed these checks, the "mailed-by" and "signed-by" domains should be the same. If these domains are different or appear suspicious, it could be a sign of a phishing attempt. 

Image Source: https://x.com/nicksdjohnson/status/1912439027224944676

• Look for Grammatical Errors and Typos: While not always the case with sophisticated attacks, many phishing emails contain grammatical mistakes or typos. Legitimate organizations usually have professional standards for their communications.
• Be Cautious of Attachments: Avoid opening attachments from unknown or unexpected senders, as they may contain malicious software.
• Verify Through Official Channels: If you are ever unsure about the legitimacy of an email, do not respond to it or click any links. Instead, contact the organization directly through their official website or phone number to verify the communication.

The phishing attack on Nick Johnson underscores the importance of staying vigilant and informed about online security threats. By understanding the tactics used by cybercriminals and knowing how to identify potential phishing attempts, individuals can significantly reduce their risk of becoming a victim.

Conclusion

Having strong email security measures in place is more critical than ever. At Interlock IT, we understand these challenges and are committed to empowering you with the tools and knowledge to stay protected. That's why we offer comprehensive DMARC report analysis to help you understand and improve your email authentication setup, a crucial step in preventing email spoofing and enhancing your overall security posture. As a trusted Google Partner and Microsoft Silver Partner, we provide expert guidance and solutions tailored to your specific needs. Don't wait until it's too late – take proactive steps to secure your cybersecurity today.

Contact us today for more information.

Interlock IT's Insider Secrets to Outsmarting Big Bank Fees

At Interlock IT, we're always looking for ways to optimize our operations and save money. And as it turns out, one of the biggest drains on our resources was something many Canadian businesses face: exorbitant banking fees and poor exchange rates, especially when dealing with US dollars (USD). Our owner, a seasoned CPA, was tired of seeing hard-earned money disappear into the pockets of big banks. So, we made it our mission to find and implement the most efficient, cost-saving Canadian payment and banking solutions.. And we’re here to share our story, because we believe everyone deserves to keep more of their money.

The Hidden Costs of Traditional Banking

Let’s face it, traditional banks can be costly. We noticed this firsthand when converting USD to Canadian dollars. For example, when we needed to convert $8,514.23 USD, the amount we received from our regular bank was noticeably less than what we could get elsewhere. We found that we were losing money due to hidden fees and less-than-ideal exchange rates. It felt like we were paying for convenience, and not getting much in return.

Testing Canadian Payment and Banking solutions

We decided to explore alternatives, and what we found was eye-opening. Here's what we did:

• Wise: For currency conversions, Wise became our go-to. It offers transparent fees and much better exchange rates. We saved a significant amount on every USD to CAD conversion.
  
  
• Venn: For Canadian dollar and USD electronic payments, Venn is our top choice. Their fees for EFT payments within Canada are much lower than Wise's, and they offer monthly plans with unlimited local payments. It's more cost-effective for electronic payments within Canada. We switched from Plooto to Venn because of the cost savings. 
  
  
• EQ Bank: We moved our primary banking to EQ Bank. It’s a completely digital bank with no monthly or transaction fees, and it pays us 3% interest on our operating funds. That’s a huge win compared to the zero interest and fees at RBC and other traditional banks.
  
  
• Wealthsimple: An alternative to EQ Bank for 2.75% interest on business savings accounts but with the added option of investing in their managed stock portfolios. Self directed investment accounts are coming soon.
  
  
• RBC: We still maintain an account with RBC for legacy reasons, to receive payments from long-term customers who have been using it for 15 years. However, we transfer our RBC receipts daily to EQ bank to earn that 3% interest.

Why This Matters to You:

You might be thinking, "What does this have to do with me?" Well, the same principles apply to everyone. Whether you're a business owner or just managing your personal finances, you can benefit from:

• Saving money: By using platforms like Wise, you can get better exchange rates and avoid hidden fees.
• Earning more: Digital banks like EQ Bank offer higher interest rates, allowing your money to work harder for you.

Our Experience is Your Benefit

At Interlock IT, we've seen firsthand how these changes can make a real difference. We’re not just talking about saving a few dollars; we’re talking about significant savings that add up over time.

Want to Try It Yourself?

We’re so happy with these services that we’re sharing our referral links. We’re sharing these links because we truly believe these platforms are beneficial. 

• Wise: https://wise.com/invite/dic/blairc78 (Use this link to save on your first transfer, and we'll receive a small bonus.)
• Venn: https://app.venn.ca/signup?referral=4h38zhwc&utm_source=app&utm_campaign=referral
• EQ Bank: https://join.eqbank.ca/referral;code=SBLAIR6182
• Wealthsimple: www.wealthsimple.com/invite/RDEZHG

We want to be clear that these referral fees are not our main motivation. Our primary goal is to share useful insights. If our guidance has proven valuable to you, we see no reason to decline them.

Key Takeaways:

• Don’t settle for high bank fees and poor exchange rates.
• Explore other banking tools to save money and simplify your finances.
• Every little bit of savings adds up.

A User-Friendly Guide to Microsoft 365 Support

If you're running a business, you're likely using or thinking about Microsoft 365. It's not just the familiar Office programs anymore, it's a complete cloud system that helps teams work together.

Microsoft 365 makes teamwork easy. You can work on files together at the same time, save automatically, and get to your files anywhere. Teams is like your online office, where you can talk, meet, and share. OneDrive stores your files in the cloud, and SharePoint helps your team stay connected.

While Microsoft 365 gives you a lot of power, keeping all its parts working well can be difficult. That's where reliable support becomes essential.

Understanding Support's Role

Microsoft 365 support is like your tech safety net. It's not just about troubleshooting issues, but it also includes:

• Preventing Issues: Instead of reacting to crashes, skilled support teams prevent them, ensuring uninterrupted productivity.
• Maximizing Efficiency: They act as guides, showing advanced features you might not know about which can optimize your workflow.
• Strengthening Security: Keeping your digital security strong is crucial. Support teams can help you understand and implement the right security measures.
• Providing Training: Good support includes teaching you how to use advanced features and leverage the full power of Microsoft 365, making your team more efficient.

Different Types of Microsoft 365 Support

Getting help with Microsoft 365 doesn't have to be a maze. No matter your Microsoft 365 challenge, there's always a support solution.

Direct Technical Assistance: For immediate issues, Microsoft's technical support is your first point of contact. Whether it's a quick chat or a more detailed phone call, they're ready to help. Larger businesses can even get dedicated support managers.

Microsoft's Own Learning Hub: Microsoft provides a wealth of free training and resources through its Learn Platform. From beginner guides to advanced certifications, it's a great place to boost your knowledge.

The Power of Community: Microsoft's online forums are a goldmine of information. IT pros and experienced users share their insights, offering solutions and tips you might not find elsewhere.

Personalized Partner Support: For a more tailored experience, partnering with a Microsoft 365 expert like Interlock IT means getting personalized solutions and dedicated support to maximize your productivity and security. Also, dealing with Microsoft's general support can often mean waiting for answers, which isn't ideal when time is crucial. In contrast, partnering with Interlock IT, a Microsoft 365 Silver Partner, means immediate access to a team of dedicated specialists which eliminates the hassle of long wait times and ensures your productivity and security are never compromised. 

Get the Help You Need

Don't face Microsoft 365 challenges alone. Use available support - from official channels to expert partners, leverage these resources. Even experienced users need help. A strong support system boosts productivity and saves time. 

Ready for Expert Support?

If a partnership with expert Microsoft 365 support and timely responses sounds good, then let’s talk. Reach out to our team at Interlock IT, and we can get started.

How Reliable is Your Cloud Data Backup?

Is your Business Continuity and Disaster Response (BCDR) a safety net or a gamble? More and more businesses use cloud services to store their important files. Data loss can happen anytime. This means we need new ways to protect that data. 

Afi.ai helps businesses keep their cloud data safe and get it back quickly if something goes wrong. Afi.ai provides the reliable cloud data protection you need to ensure business continuity, no matter the crisis.

What Afi.ai Does 

Afi.ai gives you a way to back up and protect your important data in the cloud. This includes emails, files, and shared documents. It's like having an extra copy of everything, just in case something goes wrong. This is crucial for disaster recovery, so you can get your business running again quickly.

Why Afi.ai is Different 

• Quick recovery: If you lose data, Afi.ai helps you get it back fast, even during a disaster, which is essential for disaster recovery and maintaining business continuity. 
• Instant Offline Data Export: Afi offers instant offline data export, unlike other backups that cause delays with cost-saving storage. This ensures quick data access without compromising affordability.
• Offsite Storage: Afi's off-site cloud storage, with locations across the USA, Canada, EU, UK, and Australia, safeguards data from local disasters. This geographical distribution ensures business continuity by keeping backups secure regardless of regional incidents.
• Data Retention: Cloud data retention means managing data storage and disposal according to platform rules, ensuring compliance with environments like Google Workspace and Microsoft 365. Afi enhances this by offering versioning, deleted item recovery, and unlimited data retention.

Afi.ai is for All Businesses

While IT companies find Afi.ai invaluable, it's designed for any business that relies on cloud data, offering simple yet powerful BCDR solutions for everyone, regardless of size.

The Future of Data Protection

Afi.ai is important because it helps businesses keep their data safe in the cloud. As more businesses use the cloud, tools like Afi.ai will become even more important for effective Business Continuity and Disaster Recovery (BCDR).

Final Thoughts

As data concerns and the risk of losing it are on the rise, having a good cloud backup solution is crucial. Afi offers top-notch features like easy backup and recovery, ensuring one's data stays secure. For more information on how Afi can further enhance data protection journey, feel free to reach out to our team for a demo.

Key Changes to Microsoft Pricing & Billing

Microsoft has announced some changes to its pricing and billing for several key products, including Microsoft 365 Copilot, Teams Phone, and annual subscriptions. Let's break down what you need to know.

More Flexibility for Copilot

Good news for those interested in Microsoft 365 Copilot! As of December 1, 2024, you now have the option to pay for your annual Copilot subscription monthly. This means you can spread out the cost over the year instead of paying it all upfront. 

This applies to 

• Microsoft 365 Copilot 
• Microsoft 365 Copilot for Sales
• Microsoft 365 Copilot for Service. 

Keep in mind, though, that choosing the monthly billing option for your annual Copilot subscription will cost you 5% more than paying annually. The annual price itself remains the same. This new monthly option is available whether you buy online, through a Cloud Solution Provider (CSP), or via a Microsoft Customer Agreement for Enterprise (MCA-E).

Standardizing Monthly Billing (Coming Soon)

Beyond Copilot, Microsoft is also streamlining how they bill monthly for annual subscriptions. Starting April 1, 2025, the monthly cost for all new and renewing annual subscriptions will be standardized. 

This includes

• Microsoft 365, 
• Office 365, 
• Enterprise Mobility + Security, 
• Windows 365, 
• Dynamics 365 Services, 
• Power Platform, 
• And other online services. 

This standardization means a 5% price increase on the monthly billing plans for these annual subscriptions. This change will apply across all purchasing platforms (Buy Online, CSP, and MCA-E).

Here's what you should consider: 

To avoid this additional cost and simplify your billing process, switching to an annual billing plan is highly recommended. Lock in your current pricing and avoid the 5% premium by switching to annual billing before the change takes effect on April 1, 2025. Enjoy the convenience of a single annual transaction and streamline your payments.

Teams Phone Price Update (Coming Soon):

Teams Phone is also seeing a price update. Since its launch in 2017, Teams Phone has received numerous updates and improvements. To reflect this added value, the annual billing price for Teams Phone will be adjusted starting April 1, 2025. This is the first price change for standalone Teams Phone plans since they were introduced. 

Prices for other Teams Phone plans, including those for frontline workers and bundles with calling plans, will also be updated. However, if you get Teams Phone through a Microsoft 365 E5 or Office 365 E5 annual subscription with annual billing, there are no immediate price changes. Just like other annual subscriptions, the monthly billing option for Teams Phone will also include the 5% increase.

Here's what you should consider: 

Just like the other subscriptions, switching to an annual billing plan for Teams Phone before April 1, 2025, will help you lock in the current pricing and avoid the 5% increase associated with monthly billing.

Key Dates to Remember:

• December 1, 2024: Monthly billing option became available for Microsoft 365 Copilot annual subscriptions.
• April 1, 2025: Standardized monthly billing pricing for all annual subscriptions and updated pricing for Teams Phone.

Need help navigating these changes? 

As a Microsoft Silver Partner, Interlock IT is here to assist you. We can help you understand the implications of these updates for your business and find the best solutions for your needs. 

Contact us today to discuss your options.