During the shift to enable hybrid and work-from-home for many businesses, cybercriminals and scammers have tried to exploit every possible vulnerability they could find. Thanks to security features included with Windows 11, the window for many of their tactics is rapidly closing. Still, some old classics manage to find their way back to our hearts every holiday season, here are some notable scams to look out for.

Unexpected E-Card Greetings

Your email has an attachment that looks like an e-greeting card, pretty pictures and all. Malicious e-cards are sent by the millions, often directing you to a scammer’s website that asks for your e-mail address and password. Only sign in to websites that you trust, and use caution when clicking on links in e-mails or documents.

Fake Gift Card Sign-up

You’ll almost never find a real, worthwhile deal on Facebook, and they rarely stop criminals from impersonating legitimate brands and properties. These crooks promote fake gift cards and giveaways through social media, they really are after your information, which they then sell to other cyber criminals who use it for identity theft. A common example scam offers a complimentary $1,000 dollar Best Buy or Bed Bath and Beyond gift card to the first 20,000 people who sign up for the store fan page, which is a actually malicious copy of the original.

The Charity Tricksters

The holidays are traditionally the time for giving. It’s also the time that cyber criminals try to pry money out of people that mean well. Making donations to the wrong site could funding cybercrime or even terrorism, and will often result in a breach of your financial accounts. If a charity contacts you, it’s a good idea to verify their identity through their listed phone number or legitimate website. Only donate to charities you already know, and refuse all the rest.

Complimentary Apple Watch

This one’s tricky. Most legitimate offers for an Apple Watch usually come with huge strings attached. For example, a notable health plan offers one to millions of covered employees… but you’re not going to earn the watch unless you spend 2 hours per day exercising for over 3 years.

Watch out for the too-good-to-be-true coupons that offer complimentary watches, phones, or tablets on sites all over the Internet. Make sure the offers are from a legitimate company.

Postal Deliveries

Watch out for alerts via email or text that you just received a package from FedEx, UPS or the US Mail, and then asks you for some personal information. The vast majority of tracking numbers will not require a log-in to check.

The latest major upgrade for Windows 10 is now available for installation. Aside from the usual performance and ease-of-use improvements, there’s a collection of new features targeted at tablet and pen users, as well as three everyday enhancements we’d like to highlight.

Pictured: Microsoft Wallet improvements

Night Light

At the end of the day, your brain responds to the lack of blue light in the sky by releasing melatonin as a precursor to sleep. Light from computer screens and phones can interfere with this process, so Microsoft is including Night Light with this release, giving you the option to limit blue light exposure from your screen at night.

Dynamic Lock

Dynamic Lock  allows you to automatically lock a Windows 10 PC when you step away from it. The most common use case involves pairing of Bluetooth devices such as phone or fitness trackers.

Picture-in-Picture

Movies and TV shows no longer have to be manually resized for viewing alongside your application windows. Dynamic picture-in-picture will automatically help you multitask without video getting in the way, though initial app support for this feature is limited.

With an upcoming updates of Google Chrome, visitors to any website will notice warnings and notifications if the connection isn’t encrypted with a valid certificate. The notifications will look similar to this one…

… and will likely escalate until as the years go by until most public websites are encrypted.

We strongly recommend encrypting your business website, and RWA technicians are ready to assist. We will analyze your hosting and identify the best route you should take to encrypt your website, based specifically on your needs and the needs of your customers. For some, a new certificate from a free, automated certificate service will suffice. For others – especially those in the banking and healthcare industries – we will recommend a full Extended Validation certificate that tells your customers that your website handles your personal data or finances safely and securely.

Contact us to learn more.

Today, we’re taking a break from non-stop coverage of bad guys and threats posed to your organization. Microsoft announced a number of new products and updates during Ignite this week, and we’re glad to see this new feature coming to Excel through Office 365.

Map Charts takes a table of spatial data and generates colorized map of the results. There’s no GPS, and it won’t give you the same sort of functionality you can find in ArcGIS and certain third-party add-ons, but this is a really nice feature that’s finally included in the base package of Excel.

Map Charts will be introduced at the end of the year in Office 365. RWA is a Microsoft Partner, and when you’re ready to upgrade from an older or out-of-date version of Office, we’ll be glad to help.

The latest mobile gaming craze has everyone from teenagers to their grandparents visiting parks, public spaces, and walking along neighborhood streets in an effort to capture 3D-animated monsters on their cell phone screen. I’ve personally seen 3 to 4 times the number of people out and about while jogging and in the parks, and many museum and memorial sites are asking visitors to refrain from playing the game.

Players need a GPS-equipped smartphone and internet access to play this game, and customers are asking about the ramifications for their business. Here’s our list of concerns:

1. If your businesses uses Gmail and Google Apps, do not allow Pokémon Go on company smartphones.

   We understand that this is a temporary issue, currently being addressed, but the original release of the app utilized Full Access permissions with your Google Account, which could theoretically be used to compromise company data if you logged into Google Apps as well as the Pokémon Go app on the same device and Google account.

   Tools like Microsoft Intune MDM can be used to manage your mobile devices and generate a list of installed software. Contact RWA if you’re interested in learning more.

2. Pokémon Go relies on GPS, and often fails to work indoors.

   The relatively weak signal from GPS satellites often fails to penetrate walls and ceilings, so your business may already be relatively safe.

3. You can’t block cellular signals due to FCC regulations, but you can block access to the game via WiFi.

   If you have firewall access, simply block pgorelease.nianticlabs.com

   If you need assistance, contact RWA for a WiFi security audit or device configuration services.

As for marketing and promotion, if you’re a retail business or a medical clinic that caters to the younger crowd, we highly recommend taking advantage of the game by deploying lure modules nearby and advertising their presence on social media. In a strange twist, places of worship have a huge advantage relative to commercial businesses… They are recognized as public places and often designated “Pokestops”, giving youth pastors a new opportunity to reach out to visitors that may not regularly attend church.

If you or your children decide to start playing this game, please stay aware of your surroundings and keep safe.