3 Reasons to Avoid Signing in With Facebook or Google Accounts

by

Nine out of ten times today when you visit a website you’re asked to sign in. To add convenience, many sites offer the ability to sign in using a Facebook or Google account. Sure, it’s simpler, but this article will share three key reasons why you might want to avoid this easy route.

It’s estimated that we each have an average of 100 passwords. That’s a lot to remember, especially as we need unique logins for every site to lower our risk of cyberattack.

At the same time, every website wants us to set up an account. It helps them get to know their users. This can help them to target marketing and product development efforts. They might also share the information with third parties as another source of income.

Still, the website wants to keep its users coming back, so they allow you to sign in with Google or Facebook accounts to streamline the process. Weigh the value of that added convenience against these three considerations.

#1 Youre giving away more data

By using Google or Facebook to sign in on other websites, you are giving the sites greater access to information about you. Now, they not only know what you do on their sites, but you’re also allowing them to build out their picture of you with data insights from the shared sites.

Google and Facebook have powerful tools to dig deeper into your online activity, and other websites can also extract data from your Facebook and Google accounts. If you don’t read the privacy policies, you may not know what sensitive data the platforms share.

#2 You could lose access

You may join those who are deciding to quit Facebook or leave Google in favor of another platform. If you do so, and you have used that account to access other sites, you’ll have to create new logins.

Even if you’re not ever going to do away with your Facebook or Google account, you could still lose access. If there’s a major outage at one of those two sites, you won’t be able to log in at any of your connected sites either. The other websites won’t be able to authenticate you until Facebook or Google is back up and running.

#3 Your attack surface gets bigger

If you have one, unique login credential for a website, you risk your data there only if that site gets hacked. However, if you use Facebook or Google login, and bad actors compromise that account, they can access any shared sites.

Think of it like dominos. The Facebook or Google account is the first to fall, but all those other accounts you “conveniently” login to using those credentials will come tumbling down soon after. Don’t think the attacker won’t bother looking for other connected accounts. All they have to do, once they breach one account is go into your settings to see what you have connected.

Social media accounts are also a prime target. Don’t believe us? Bet you’ve seen a post from a Facebook friend (or ten) telling you to ignore strange activity due to a hacked account.

Protect your online identity

Account compromise is a top cause of data breaches worldwide. Protect your online identity by following best practices for cyber hygiene.

Need help with password security? Our IT experts can set you up with a password manager or provide other online security help. Contact us today at (515)422-1995!

How to Safely Retire Old Devices

by

It’s inevitable that we’ll retire old devices to upgrade to the latest and greatest. A new laptop, desktop, or phone is exciting. Yet, before you get too distracted by your shiny, new device, take the time to safely retire the old one.

When buying the new device you may take trade-in value. Otherwise, you may let that old iPad sit in your drawer for another couple of years. Either way, it’s important to take some key steps to protect the data on that old device before moving on.

Backup the old device

Most devices today have a backup feature installed. Be sure to use it before you retire an old smartphone or tablet. This ensures you’ll have continued access to your photos, texts, and contacts. Settings and apps are typically automatically backed up for download to a new device.

When retiring a computer or storage device, backups protect against critical information loss. You may also need evidence of device decommissioning to meet regulatory requirements.

Reconfigure your 2FA

Two-factor authentication (2FA) protects you in case someone gains access to your password. Typically, this is an email or text notification sent to your phone. You might also have a 2FA code generator on your phone to strengthen your security. Either way, you’ll need to set up a fresh 2FA app on the new device or you risk getting locked out of all your accounts.

Wipe the old device

Whether you decide to sell the device or not, you still want to secure your data by wiping that device clean. Deleting a file is not enough. Even if you go to the recycling or trash bin of the device and delete the item “permanently,” that’s not enough. Reinstalling the operating system is not enough either.

You need to actually overwrite the data so that it cannot be recovered. Otherwise, hackers with use software to search the drive for sensitive information.

Know where your old devices are

Don’t get sloppy with your old devices. You could leave a treasure trove of data available if that device gets lost or stolen. You’re less likely to notice the device is gone if you put it up on that shelf in the office supply closet. So, be sure to put any old devices, already wiped, in a safe place.

Consider destroying your hard drives

When it comes to securing old hard drives, many businesses will actually destroy them. This means literally breaking them down so that data is almost impossible to recover. Destroying the hard drive renders the hardware completely unusable or repairable.

Let a pro help

When you’re upgrading to new devices, get an IT expert to help. We can migrate all your necessary information to the new device and securely destroy data on the old one. Contact us today at (515)422-1995!

Tech Tips for Small Business Owners in 2022

by

A new year is a chance for a fresh beginning. To that end, try these tech tips for small business owners to kick 2022 off right.

First, launch a successful new year for your business by going mobile. Agility is one of the key differentiators of a small business. Be more flexible than larger competitors by taking full advantage of cloud computing. Use Microsoft 365 (MS365) as an all-in-one solution for communication, collaboration, and more. When you’re cloud-based, you and your employees can operate from any location with ease.

You’ll also want to focus on security. Don’t think that you’re safe because of your small size. Every business is a target. An automated bot isn’t going to differentiate between a company with six employees and those with 60 or 600. It is simply going to find that vulnerability and attack. Don’t risk losing time and money to a data breach or ransomware. Instead:

  • Secure your email.
  • Put a disaster recovery plan in place.
  • Backup data in more than one place.
  • Educate employees about the importance of unique passwords.
  • Prohibit third-party apps on work devices.
  • Set devices to notify remote workers when they may be connecting to unsafe networks.

Also, make sure you’re leaving room in the 2022 budget to invest in IT. This is one area where you don’t want to be cutting corners. Unreliable internet service could cause downtime that hurts productivity and loses you clients. Skimping on software or hardware upgrades could lead you vulnerable to safety issues.

New Year, New Your Business

Another smart move? Get a professional email address. Using you@gmail.com or you@yourISP.com doesn’t make a great professional first impression. Instead, have a you@yourbusinessname.com email address. We can set up reliable business-grade emails from MS365.

Do an information and communications technology audit as well. Take stock of your current technology and how it is performing. This check-up can help you identify opportunities to streamline processes. You might consider adding a customer relationship management tool. This will centralize your customer information and help you personalize pitches. An enterprise resource planning system could improve accounting, human resources, and operations workflows.

Now is also a good time to hire a managed service provider. Partnering with an IT professional helps you make good technology decisions. You may have a lot of people with opinions, but you want to get input from industry experts who understand technology, security, and optimizing IT resources.

Contact us today at (515)422-1995 to learn more about what we can do to help your business meet its goals in 2022 and beyond.

The Unexpected Benefits of Password Managers

by

The main advantage of a password manager is obvious to anyone with more than one account online (i.e. everyone). Instead of remembering all 100 usernames and passwords, the password manager autofills them. It’s a boon. But it’s not the only reason to use a password manager. This article shares several more unexpected benefits.

Password manager programs generate, manage, and store many different passwords. You may be concerned about whether a password manager is safe to use. But, the cybersecurity industry consensus is “yes, it is.”

A password manager uses top-notch encryption to protect passwords. Plus, they take a zero-knowledge approach. They can’t actually see the passwords they store and prefill on sites. The password is encrypted before it reaches the manager’s server and can’t be deciphered. This is why you need to be so careful not to forget your master password!

That said, the password manager offers more than a vault for encrypted credentials.

More Benefits of Password Managers

For one thing, many password managers have apps for download onto mobile devices. Then, you can use the password manager to prefill forms on those, too. This gives you the advantage of convenience not only on your desktop computer but also on the go.

Some password managers offer added security benefits, as well. They might:

  • warn you of weak password and login credentials;
  • remind you to change your passwords;
  • notify you if your passwords may have been compromised in a breach;
  • advise you against repeating access credentials if you’re about to do so.

Another advantage is that you can conveniently share passwords with others. Maybe you want to give family members shared access to streaming accounts or allow a work colleague access to applications you’re using remotely. A managed password sharing feature can allow them to see selected passwords. You aren’t showing everything: you can pick what you make available. Plus, when you change your credentials, the password will change on their end, too. This doesn’t need to be permanent either. You can easily revoke password sharing.

You can also use a password manager to secure other important information. You might store things such as credit card numbers or other personal identifying information. Keeping that kind of data in an unencrypted note on your desktop or mobile device is unsafe, but you can take advantage of password manager encryption to safely store those precious details.

Secure your passwords with a manager

You can’t expect to remember all your unique passwords. Yet the days of writing down passwords on Post-it notes are over. Use cloud-based password management to secure your passwords and do more.

Contact our IT experts today to find out more about password management. We’re happy to suggest the best solution for your needs and set it up, too.

Call us now at (515)422-1995!

Don’t Get Reeled in by Holiday Phishing Attacks

by

We expect the holiday season to be a time of good cheer, and peace and goodwill to all, right? Except cyberattackers didn’t get the memo. They are more likely to attack businesses with phishing attempts during the holidays. Prevent issues by knowing what to expect.

Cybercrime research shows the season “dramatically impacts” the volume of phishing attacks. Phishing attacks “spiked to more than 150% above average” the week before Christmas. After the holidays, the number of attacks dwindled significantly in Barracuda research.

Why would hackers target a business during the holidays? Because they know things can slow down and people aren’t paying the same diligent attention. They’re already mentally out the door sipping eggnog and planning where to do last-minute shopping. Oops! They click on a malicious link or fill out a form seeking sensitive information.

Or they expect you’re overwhelmed, trying to get everything done before the holidays. Purchase orders, bills, and emails are flying around. They bank on people overlooking details.

The Basics of Phishing

Phishing uses social engineering to expose security weaknesses and leverages potential vulnerabilities. The hacker dupes someone into responding to a fake request from a bank, vendor, or colleague. They are hoping to get a nibble from unsuspecting employees who don’t think to:

  • check the spelling of the URLs in email links;
  • be wary of URL redirects to fake sites made to look legitimate;
  • question why Jamie in HR needs their access credentials;
  • contact the sender of a suspicious email for confirmation before responding.

During this season at the office, everything can feel urgent, and employees are more likely to fall for emails telling them to do something right now. They might not notice that the invoice from a usual supplier has a new bank account number, or they could fall for something dumb because they are distracted or too busy.

Top email subject lines that target employees for phishing attempts include:

  • “Undelivered mail”
  • “HR: Your Action Required”
  • “HR: Download your W2 now”
  • “Microsoft Teams: Rick sent you a message.”

It’s easy to imagine how someone would click on those without thinking twice.

What to Do About Phishing

You can communicate with employees about the dangers of phishing, and educate about prevention. Also, reiterate policies around payment, wire transfer, data sharing, and sending confidential data. But this may not be the best time to present the information.

Other preventative measures include:

  • Make sure all security updates are current and installed to patch known vulnerabilities.
  • Set up automated filters to check the safety of links in inbound emails before they get to the user.
  • Test your infrastructure to identify any weak points.
  • Establish geofences to inspect traffic coming from certain regions associated with phishing.

Finally, if you hire any temporary staff to handle a holiday crush, be sure to limit their access. Then, when their contracts expire, immediately revoke their systems and network access.

If your business is too busy now to focus on phishing prevention, we can help. Contact our IT experts today at (515)422-1995. We can set up mail management and filtering tools to secure your business year-round.

7 Common Business IT Myths Debunked

by

MythBuster programs on television never focus on business misconceptions about IT. Too bad, because believing these myths can be both costly and dangerous to your business. This article debunks seven common business IT myths.

Sometimes myths are harmless, but when it comes to business IT myths, not knowing the truth is damaging. Make smarter tech decisions with accurate information and a better understanding of IT.

Myth 1: Consumer PCs are interchangeable with business PCs.

Sorry, this one’s false. Selecting a business-grade computer can impact productivity. Don’t squander your competitive advantage by relying on consumer PCs to get the job done.

Consumer PCs are largely about getting the price point down by using lower-quality materials, whereas business computers are built to last, use higher-quality components, and go through more testing. They have business-appropriate features such as fingerprint readers or encryption tools, and better warranties and support.

Myth 2: Apple computers can’t get viruses.

Microsoft Windows users are targeted more often because there are more Microsoft users, and the payoff is bigger. Plus, Windows PCs run any program requested, regardless of danger, whereas Apple has steps in place to prevent unauthorized malware from running.

This myth is also untrue. In fact, in September, Apple released a security update to fix its phones, tablets, and watches. Victims didn’t even have to click on a malicious file to risk device infection. So, if you’re using an Apple device, go into Systems and make sure you’ve upgraded to iOS 14.8, macOS 11.6, and/or watchOS 7.6.2.

Myth 3: One backup is enough.

In the case of data backups, you are much safer taking a 3-2-1 approach to data backup. Have three data backups available on at least two different mediums, one of which should be off-site.

You might backup your data to:

  • a second hard drive;
  • an external hard drive;
  • a thumb or USB flash drive;
  • a cloud service.

Myth 4: Antivirus software completely prevents infection.

Antivirus software is valuable, yes, and your business should consistently upgrade its antivirus software. But no antivirus is going to protect your business from every threat.

Security programs do their best to keep up with new threats and vulnerabilities, but infections can spread across the internet quickly. Plus, bad guys are getting better at crafting variations to evade antivirus tools. As a result, make antivirus software only one piece of your cybersecurity strategy.

Myth 5: Cybercriminals only target enterprises.

Attacks on enterprises grab the headlines, but nearly half of the cyberattacks hit small businesses. The bad actors know that small businesses are more resource-constrained and don’t have cyberattack prevention plans in place. It is easier to go after the little fish than targeting the enterprises with IT teams as big as a basketball squad.

Myth 6: It’s OK to wait until the computer fails to replace it.

You can wait, but it’s not going to be the best thing for your business. Long before a computer fails it could be slowing down your business. Older PCs disrupt productivity and reduce employee satisfaction.

As the computer ages, you’ll lose time loading applications and dealing with crashes. You may also be leaving your systems vulnerable to cyberattack if you can’t upgrade the software.

Myth 7: IT outsourcing is not effective for small businesses.

Maybe you think your IT systems are too small to need ongoing maintenance or monitoring, or (Myth 5) that you’re not at risk. Yet, IT systems of any size need ongoing, consistent attention, and outsourcing can help free up your IT resources to do more value-add tasks.

A managed service provider (MSP) can monitor hardware and backups, streamline systems for speed, and keep security current. The MSP can also manage firewalls, and identify and protect against threats. Partner with us for business IT support today! Call us now at (515)422-1995

What Not to Do on a Work Computer

by

Working from home has its advantages but can also blur the line between professional and personal time. Plus, employees may grow more relaxed about what they do on their work computer while remote. This article shares things employees should avoid doing on work computers, whether remote or in the office.

What to avoid doing when working remotely

Log in to an unprotected network

Working outside the office means you are more mobile. If you have a business laptop, you could decide to work one day in a coffee shop and the next in a public park. But in doing so, never connect to public Wi-Fi. This is an unencrypted network. Hackers can position themselves to compromise your computer.

If you absolutely must use a public network, add a layer of protection by using a virtual private network. This can help shield your browsing from anyone monitoring your online activity.

Save personal files

You spend so much time on the work computer, and you want to get a few personal things done during the day. You might even start saving personal files on the computer. Maybe you created a “my stuff” folder on the desktop.

This isn’t a good idea, because personal data could get automatically backed up to the cloud with the work files. Cloud backup is good practice for the business, but now you’re losing control of your personal information. Plus, if you leave the job, you lose access to that computer and those personal files.

Let family and friends surf the Web

Working from home changes the office environment. People want to look something up, or kids need to submit schoolwork online. And your work computer is right there! Why shouldn’t they use it?

This could expose proprietary business data or sensitive information. You may think “my 10-year-old won’t know what that spreadsheet says.” Yet, especially in a regulated industry, you could be compromising compliance.

What to avoid doing when in the office

Stream personal entertainment

You have a break, or things are slow, so you decide to catch up on your favorite TV show at work. What’s the harm?

In fact, you could be making it more difficult for your colleagues to do their work. Streaming takes up bandwidth, and there is only a set amount available to your business. So, while you’re laughing at a sitcom, others are struggling. Colleagues could drop from video calls or wait longer to download important files.

Click on unrecognized links or download attachments from unknown parties

This one is well-known. It’s up there with not using simple access credentials such as “password” or “letmein.” Be wary of what links or attachments you click on or download. Cybercriminals constantly leverage human error to gain illicit access to business networks. Don’t be the weak link in your company’s security posture.

Also, avoid visiting non-work-related websites. You are more likely to visit a site that harbors malware if you are surfing the Web for personal use at work.

Download software without first asking IT

You might have a preferred way of doing things, but the business computers don’t have the software you’re familiar with. Deciding to download it to your own computer seems safe enough. It could be a well-known app or piece of software. It’s not like one of those shady downloads from the point above.

Yet downloading software to a work computer can cause problems for the IT team, as they don’t know what’s working on the systems. There could be upgrades or system updates you miss that create a vulnerability. You could also, again, risk noncompliance.

These six things should be avoided if you’re using a work computer. It doesn’t matter where you’re working, you still need to be thinking of cybersecurity and productivity for you and your colleagues.

Need help knowing what your employees are doing with work computers on- or off-site? A managed service provider can help. Learn more about remote monitoring and other helpful tools. Contact us today at (515)422-1995.

Delivering SMS “Smishing” Scams

by

Smishing is high up on the list of words that do not sound as intimidating or threatening as they should. Smashing the word fishing together with the “SM” for short messaging service (aka text), smishing is a cyberscam.

Especially with online shopping skyrocketing during the pandemic, delivery smishing has gained traction. Don’t fall victim to this type of cyberattack.

What does smishing look like?

You’ll get a text message that appears to be from a shipping company. You’re told you have a package coming, but that more information is needed to ensure delivery. You’ll squeal, “a package!” OK, maybe you won’t squeal, but you’ll feel anticipation and click on the link to help deliver that package to your door.

You might already be expecting a package. After all, as recently as June 2021, PWC was describing a “dramatic shift” toward online shopping. According to its most recent consumer survey, in the last twelve months:

  • 44% of those surveyed bought online using a mobile phone or smartphone;
  • 42% used smart home voice assistants to shop online;
  • 38% used a tablet for online shopping;
  • 34% bought something online via PC.

So, you might not think twice about clicking on a link appearing to be from a major delivery service.

Don’t do it.

What happens next?

You click on the link and are asked for personal information, even a credit card number or password. Otherwise, clicking on the link will download malware onto your phone. The bad guys use their access to snoop and/or send your sensitive data to its servers, without you knowing it.

The smishing scam is a global one:

  • March 2021 saw a 645% jump in Royal Mail-related phishing attacks, equating to an average of 150 per week.
  • UPS warns about this type of fraud on its website.
  • FedEx has tweeted the reminder, “We do not send unsolicited texts or emails requesting money, packages or personal information. Suspicious messages should be deleted without being opened and reported to abuse@fedex.com.”

Package delivery isn’t the only common smishing tactic either. You might also see:

  • urgent messages saying your bank account is locked;
  • a warning from your credit card company about a fraud alert;
  • something promising that you’ve won a great prize;
  • an unusual activity report from a company where you have an account.

All that would get your attention, right? So, what do you do about smishing? That’s covered next.

Protect against smishing

Avoid getting drawn in by the urgency or emotional appeal of the SMS. Don’t click the link, and don’t call the number in the message either. Instead, look through your bills or go online into your account for information on how to contact that company.

Reputable mail carriers and financial institutions won’t send text messages asking for credentials, credit card numbers, ATM PINs, or banking information.

Look at the sender more closely. A message from a number with only a few digits was likely sent from an email address, which can flag that it’s a scam.

Also, don’t store personal banking or credit card information on your mobile phone. That way the criminals can’t access it, even if they do get you to download malware onto your phone.

You can help others to not fall victim to smishing as well. Report any attempts to your telecommunications carrier or your communications regulatory body.

For more helpful information on mobile security threats and how to protect your home network from cyberattack, contact us at (515)422-1995!

Outsourcing to an MSP: Custom-size Your Partnership

by

When it comes to business technology, there is no one-size-fits-all answer. Managed service providers (MSPs) know this firsthand. That’s why you’ll find they make it easy to partner with them for different levels of outsourced IT. This article outlines the three tiers of MSP outsourcing typically available.

Small and mid-sized businesses share many challenges. They need to manage resources, follow regulations, and combat cyberthreats. At the same time, they grapple with constant changes (e.g. growing workforce mobility). Yet for all these commonalities, the technology used in each business can vary, and so too can the level of in-house expertise to manage and maintain IT.

So, many businesses turn to MSPs to get to know their IT infrastructure. The MSP can act as an IT watchdog, offer specific value-added services, or replace an in-house IT team.

MSP as IT Watchdog

This level of MSP engagement is for the business that wants expert backup support. The MSP watches over the business infrastructure and makes sure everything runs smoothly.

The MSP will use remote monitoring to keep tabs on the IT environment. They won’t make any changes if an issue arises – that’s up to the business – but they’ll help detect concerns to avoid any business disruption.

Many businesses don’t have the personnel for around-the-clock IT monitoring. This basic level of MSP service is a good way to track critical networks, systems, and databases 24/7/365.

MSP’s Menu of Services

MSPs also offer a menu of value-added services on top of the monitoring. The added tasks outsourced can depend on your expertise, budget, and desire to be hands-on with IT.

Value-add services MSPs offer include:

  • taking responsibility for installing software updates;
  • fixing security vulnerabilities as they are detected;
  • suggesting current, reliable, and secure technology solutions to improve your operational performance;
  • handling data backup and disaster recovery;
  • serving as your IT help desk for employees.

Partnering with the MSP for these services can save the business time and money. Consider data backup: The MSP may have its own data centers for all its clients, which might mean a better rate on essential data backup thanks to economies of scale.

MSP as IT Team

Other businesses can benefit from handing over all IT to a trusted MSP. For one thing, this saves the business from having to recruit, train, and keep its own IT team in a tight labor market.

The MSP continues to remotely monitor and manage the IT infrastructure, but they now have full responsibility. It’s not a matter of picking from the services available on the a la carte menu above. All those tasks are the MSPs responsibility.

Many internal IT teams are reactive, as they don’t have the bandwidth to act otherwise. Yet with an MSP in place of an overwhelmed IT staff, you gain a proactive partner. The MSP secures applications and networks, manages mobility, and handles any incidents. They keep your business running by avoiding disruptions leading to revenue loss, customer churn, and reputation damage.

Putting an MSP in charge of IT can concern some business owners who are reluctant to give up control, but an MSP brings the benefits of specialized experience with technology (and, ideally, your industry). They have the tools to provide data analytics, improve cybersecurity and continually better your business.

An MSP Partnership to Suit You

On any of these three levels, you want to work with an MSP that will become an extension of your business. The right MSP becomes a trusted partner looking out for your business’s best interests. Contact us today at (515)422-1995.

How Hackers Get Around SMS Two-Factor Authentication

by

Every time you’re online and a site sends a separate code to check your identity, you’re using two-factor authentication. It’s become the norm. So, of course, hackers have figured out how to get around this, too. This article shows you how they do it and how to stay safe.

With billions of usernames and passwords leaked, access credentials everywhere are at risk, especially if you are reusing your log-in information on more than one site (don’t do it!).

Business websites want to offer a secure user experience, so two-factor authentication (2FA) has become the norm. It’s meant to help stop automated attacks in which bad actors use the leaked usernames and passwords.

Still, if the site you’re visiting uses short message service (SMS) to send a one-time code to your phone, you could still be at risk.

Hackers, using information they have from a data leak, can call your telephone company. They use your name, date of birth, and other identifiers available on the Dark Web, to impersonate you. Then, say you’ve lost your phone, they transfer your phone number to a device with a different SIM card.

That means when the one-time SMS code gets sent your phone number, the message will instead go to their device.

Android Users Also Beware

On Android devices, hackers have an easier time getting access to text messages. If they have access to your leaked Google credentials, they can log into your Google Play account. From there, it’s simply a matter of installing a message-mirroring app on your smartphone.

The app synchronizes notifications across your different devices. It’s for when you really need to be connected, and you’ll be able to see your phone’s SMS alerts on your tablet!

The app won’t work unless you give it permission when prompted to do so, but too many people don’t stop to read alerts from their own accounts: they assume it’s another necessary update and go on with their day. Otherwise, the hacker might call you in a social engineering ploy pretending to be a legit service provider. They’ll be familiar to you, so you’re more likely to listen when they ask you to give permission.

Again, when the one-time SMS code gets sent to your phone, because of the message-mirroring app, the hacker’s device will also receive the code.

What Can You Do to Protect Yourself?

It starts with using unique passwords for all sites you visit. Worried you’ll forget them? A password manager can keep all your access credentials in one secure place for you.

You should also confirm that your credentials haven’t been compromised. If you use Google’s password service, you can head to the password manager site and tap “check passwords” to see if there are any issues. On Firefox, head to the Firefox Monitor page and “Check for Breaches.” On Safari, click on Preferences, and then on Passwords to see what recommendations they have for your security.

Change any passwords that have been involved in a leak!

To avoid the SMS concern specifically, avoid using one-time SMS codes to verify your identity. Instead, you can use a non-SMS authentication tool such as Google authenticator, which provides two-step verification services within the app itself.

Need help learning if your credentials have been leaked? Or want assistance setting up more security for your online activity? We can help. Contact our IT experts today at (515)422-1995.

Click to see our BBB Report

FOLLOW US

VISIT US

Privacy Policy