Vol. 23, #12 - March 26, 2018 - Issue #1174

WServerNews: Gone phishing

Free Tool for Monitoring Exchange Server Status & Performance 

Image

SolarWinds® Exchange Monitor is a free tool that allows users to monitor Microsoft® Exchange™ Server 2013 and 2016. Get basic information about the server’s metrics, services, and database availability group (DAG) status. Add as many Exchange Servers as you wish. Simply click the “Add Server” button and fill IP address/domain name and credentials.

Download Free Tool


Editor's Corner

This week's newsletter is all about phishing. I don't know about you but I like to eat phish at least twice a week if possible because it's a great source of protein, digests easily, and has omega 3 fatty acids. Hey, that's a great lead-in for promoting our other weekly newsletter FitITproNews:

http://www.wservernews.com/go/i5ialp2e/

If you haven’t subscribed yet to FitITproNews you can do so on our Newsletters page here:

http://www.wservernews.com/go/2ea8g81x/

Meanwhile let's get back to phishing which is our main topic for this issue of WServerNews. Of course we also have lots tips, tools, links to news and articles, and some phun stuff phor you as well. OK that's my phinal pun.

By the way, who's the worst offender in your company when it comes to opening phishing emails? Your boss of course! You might want to print out this Dilbert comic strip and paste it onto the door of your boss's office when he/she isn't around and see what happens:

http://www.wservernews.com/go/1p1x3i0d/

 

Ask Our Readers!

WServerNews now has over 400,000 subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]

 

From the Mailbag

A couple of weeks ago we included the following factoid/question in our newsletter:

Self-driving cars will leave 'THIRD of population JOBLESS' as AI sparks MASS UNEMPLOYMENT!! OK that's the downside, now what's the upside?

While self-driving cars are certainly not a core subject for our newsletter, the effect of rapidly evolving technologies on our IT profession definitely is something that many of us worry about, so in a tangential sense the topic of self-driving cars and their impact upon industry and society is something we may want to take a closer look at. Along these lines two readers wrote to us with sobering thoughts on the subject--sobering in the sense of helping to dial down some of the hysteria around the subject.

First off here's what Matt, a contractor who works for a company that provides technology solutions and services for government agencies, said about this subject:

People have always freaked out about how technology (i.e. robots and AI) is taking over jobs, which will leave everyone jobless.

What most people don't think about though is for every job that is lost to a robot or AI, many times MORE jobs are created in its place.

Someone has to design the hardware.

Someone has to code the software.

Someone has to install the technology.

Someone has to maintain/troubleshoot/upgrade the technology.

Most of the time, this not done by one person, but several people, each trained in a specific field (hardware support vs programming).

The world is not coming to an end. Yet …….. (cue the Terminator theme …… )

Next we hear from Bruce who works for the IT services of a state government in the USA:

This discussion always brings me back to my dad and granddad. My dad grew up on a farm, not owned by my grandparents.

They did a bit of farming for themselves and my grandpa also worked on other farms as a farm laborer. In the winter he harvested ice.

It used to take quite a staff of people to work a 40 acre farm and harvest ice. My uncle and his wife now farm 400 acres by themselves. If we need ice we go to the freezer or corner store.

It was quite an economic adjustment but are we better off with the farm and ice automation? I'd like to think so.

Farm and ice harvesting work are both quite dirty and dangerous.

Food and ice are quite cheap in this country.

Now, how it will all shape up when all truck drivers are replaced? Cab, Uber, and delivery drivers (I think Johnny Cab from Total Recall)?

I do not know the answers for how this will all shake out, but I will not immediately say it will be negative!

Any other readers who would like to comment on this subject (or the related topic of the impact of technological change on our IT profession) can email me at [email protected]

And now on to the main topic of this week's newsletter…



Gone phishing

Phishing is one of the most serious security issues facing businesses today--and all indications are that it's becoming steadily worse. For example, SC Magazine published an article back in September last year that indicated that devastating phishing attacks dominated the headlines for 2017. They indicated that in the first half of 2017 Kaspersky Labs products blocked 51 million phishing attempts and that research by

Ironscales estimates that 95 percent of successful attacks start with phishing:

http://www.wservernews.com/go/j6nd69up/

SecureList has a detailed analysis of spam and phishing attempts in 2017 here:

http://www.wservernews.com/go/98221zfr/

And TripWire reports that three-quarters of all organizations experienced phishing attacks in 2017:

http://www.wservernews.com/go/t6prhawy/

Why are phishing attacks on the rise? Probably because they're profitable for those who instigate them. For example, DashLane reports that the average cost impact of a phishing attack on a mid-sized company is about 1.6 million dollars:

http://www.wservernews.com/go/cculmx99/

And a recent article on ABC News r4eported that Michigan auditors decided to conduct a fake phishing attack on 5,000 randomly selected state employees. The results of this were that nearly one-third of employees opened the phishing email, a quarter of them clicked on the link in the email, and almost one-fifth of them entered their user ID and password on the web page that opened from clicking the link. 

Yikes!

The question that IT faces of course is: How can phishing attacks be prevented from succeeding? Or how can their effect at least be mitigated? 

I talked with several of my colleagues who work in IT at organizations of various sizes to get their thoughts on this matter. Most of them agreed that the results of the experiment conducted by Michigan State auditors is typical for most businesses and organizations. Several colleagues suggested that IT should periodically send out fake phishing emails to users to test their responses. Those who open the emails and/or click on the links in them and/or enter personal info into the form on the web page that opens must be given stern warnings and required to take online training to detect and properly deal with phishing emails. Repeat offenders should be required to take in-person training and/or be interviewed by a human resources representative. The way this was implemented at one company is that when a user receives one of these fake phishing emails and clicks on the link in the email, they're taken to a warning page that reminds them about the dangers of phishing attacks and the consequences they might face if they fail to deal with them properly. The company involved also makes sure that the Microsoft Junk Email reporter add-in for Microsoft Outlook is installed on all their users' computers. This add-in adds a Report Junk menu option to the Outlook ribbon, and users at the company are instructed to use this feature to report any emails they think might be phishing emails so IT can block them accordingly. You can download this add-in here:

http://www.wservernews.com/go/jqtvpwnt/

Another recommendation was that interviewing new candidates for employment should include tests of their ability to recognize and appropriately deal with phishing emails and other social engineering attacks to screen out gullible individuals and hire only those who show a healthy level of skepticism and suspicion. 

From a technical perspective of course there are various things IT can try doing to protect users from phishing attacks. For example they can configure their email system to rewrite or block URLs from domains that have not been verified (for example by using DNSSEC). Unfortunately such solutions tend to be of limited value for most organizations since verifying senders for example may result in users not receiving legitimate emails from partners and customers. And rewriting URLs in emails can cause new problems like causing problems for users who need to click on links to activate accounts with vendors or access the vendor's support site. IT of course should lock down users' email clients as much as possible to prevent such things as notification of receipt by opening an embedded image in the email, but remember that the more you try to make end-user software secure the harder it will be for the user to do legitimate work with their software.

So basically we're back to educating the user when it comes to preventing phishing attacks. What do you do at your organization to guard against phishing attacks? Email us your suggestions so we can share your wisdom with our readers: [email protected]

 

 

Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at [email protected]


Recommended for Learning

VIDEO: Managing application permissions with PolicyServer

Security is always a major concern in any application that gets developed. Not only do users need to be authenticated to identify themselves, but applications also need to verify that their users have the correct permissions to carry out certain tasks. In this episode, we're joined by Brock Allen and Michele Bustamante who are here to talk about managing application permissions using their new project: PolicyServer.

http://www.wservernews.com/go/m0qpq5fx/

 

Microsoft Virtual Academy

IT Expert Roundtable: Using Azure Data Lake for Advanced Analytics

Join a team of Microsoft IT experts, as they talk about how Microsoft built a centralized, big data architecture on Azure Data Lake to connect supply chain data and processes. These experts were members of a team that authored a significant paper on this topic. Listen in as they point out how bringing data together helped eliminate the tendency to operate and make decisions in silos.

http://www.wservernews.com/go/g8akg40u/


Factoid of the Week - I ate but I'm still hungry!

Last week's factoid and question  was this:

Meditation DOESN'T make you a calmer person: Buddhist practice leaves people just as aggressive and prejudiced, reveals study. How do YOU as an IT pro calm down when things go wrong in your server room or datacenter?

This refreshingly drew some serious responses from our readers (though seasoned a bit with snark). Doug, a Systems Administrator working for a government agency in Iowa, USA responded:

Answer: SERENITY NOW!

Answer: Lithium

Answer: Buy Lottery tickets

Answer: I really want to say, "Oh, do things sometimes go wrong with your servers or datacenter? Hmmm, I have never run into that." 

More seriously, I give myself a few seconds while assessing the situation to use colorful words with good hard consonants, blame the vendor and plan my retirement. After that I find it easier to use a more calm analytical approach and save the world.

Loved that last response and love the guttural Anglo-Saxon language with all its harsh consonants too ;-)

Another reader by the name of Michael meditated as follows:

I think the meditation answer can be summed up with this light bulb joke: How many therapists does it take to change a light bulb? Just one, but the light bulb really has to want to change.

People, in general, like who they are. If people change, it is because they are forced to, usually by external circumstances they have no control over. I would think the two most common reasons are Love (with a capital L) and health, and/or combinations of these two. Fundamental change in one's thoughts, emotions, and actions would mean embracing ideas that one never could have imagined on their own, without that external stimulus pushing them. Meditation, by itself, is just a tool that helps people cope with their life, and possibly make some sense of it. But to turn hatred into peaceful loving... one would need a lightening bolt strike from heaven, during said meditation, and that would probably work. But if that happened, I don't know if I would ever meditate again.

Everyone else was probably too busy fighting fires in their datacenter or server room to have time to respond to last week's factoid/question so let's now move on to this week's factoid:

Michael also offered this more sobering take on the subject of autonomous cars:

Fact: Wine glasses are seven times larger than they used to be

Sourcehttp://www.wservernews.com/go/kwp07vxe/

Question: If that's so then why do the food portions keep getting smaller at my favorite restaurant while the prices keep going up? Has anyone else noticed anything like this happening at their favorite restaurants? Argh.

Email your answer to us at [email protected]

Until next week, 

Mitch Tulloch

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]

Restore single files or entire VMs from a storage snapshot in minutes. Free Veeam Explorer is #1 granular recovery for the world’s leading storage vendors: HPE, Dell EMC, Net App, IBM, Lenovo.

http://www.wservernews.com/go/pxmy9ayy/ 


GFI LanGuard provides a comprehensive overview of your business’s network security status through vulnerability assessments, patch management, and network and software auditing.

http://www.wservernews.com/go/qif87k3c/


This script checks Windows 10 upgrade compatibility, compares the "blocking" programs against the list of mitigated apps, and copies the logs to a network share if it needs more review:

http://www.wservernews.com/go/a8ubeooq/


Certification Test Tool for Windows Server 2016 can be used to validate application compatibility and certify your application for Windows Server 2016 certified logo and Hyper-V certified logo:

http://www.wservernews.com/go/uad0s0et/


ResetRecentAddresses is a utility that will allow you to reset recent addresses Outlook stores on Microsoft Outlook 2016 for Macintosh:

http://www.wservernews.com/go/byv71p8z/



This Week's Tips

Windows 10 - Shortcuts for settings

Ed Bott has a helpful tip on ZDNet about how you can create shortcuts that will open certain frequently-used settings pages in Windows 10:

http://www.wservernews.com/go/1frqxkrc/


Office - Fixing Word formatting problems

When you have problem with the formatting of a Word doc but you can't share the doc with others because of its sensitive content, one trick you can do is to replace the text in your doc with nonsense words. Office Watch has some VBA code you can use for doing this:

http://www.wservernews.com/go/7b0iu4br/


Mac - Work faster

Some of our readers use Mac computers in their businesses so it makes sense for us to occasionally include some tips for Mac users in our newsletter. This article from TechRepublic gives five tips that can help speed up your workflow when you're using MacOS:

http://www.wservernews.com/go/0o81ody5/



Events Calendar


Microsoft Tech Summit on March 28-29, 2018 in Amsterdam, Netherlands

http://www.wservernews.com/go/jeua5kvf/

Microsoft Ignite 2018 on September 24-28, 2018 in Orlando, Florida USA

http://www.wservernews.com/go/f6gtgfpp/


Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]


New on TechGenix.com

The power of Get-ADObject PowerShell cmdlet

Get-ADObject is a PowerShell cmdlet that can help you reduce the time it takes to search for information in the AD. In this tutorial, you'll learn various ways to use it:

http://www.wservernews.com/go/p00qg74u/


Air turbulence when piloting Office 365 to the cloud

Migrations from conventional IT to the cloud can be challenging. This story of a pilot to move Office 365 to the cloud illustrates some of these challenges.

http://www.wservernews.com/go/r4mssaqr/


Windows 10 revisited: What's new, what's changed, what's different

Windows 10 is heading to its third birthday with a head of steam. The OS has been tweaked and improved constantly. Here's a look at what's new.

http://www.wservernews.com/go/pbr6mnv7/


Laptop and PC failure rates: Why are they so high?

Your laptop is only 18 months old when suddenly it dies. Why does this sort of thing seem to be happening more? Here's what may be causing a spike in failures:

http://www.wservernews.com/go/uqihyepj/


Digital privacy under attack: What you can do to protect yourself

While it is impossible to stay completely protected online, there are many steps that you can take to ensure your digital privacy.

http://www.wservernews.com/go/e24jph3t/

 

Tech Briefing - System Center

Create VMM template for Ubuntu 16.04

Nick Eales

http://www.wservernews.com/go/31a26qu7/


SCCM 1710 and PeerCaching: Technical Notes

Lee Stevens

http://www.wservernews.com/go/tq2q2twb/


Microsoft Intune Enrollment Restriction Update

Thoughts about Windows

http://www.wservernews.com/go/0io4pdqc/


SCCM: For those nasty incremental collections

Lee Stevens

http://www.wservernews.com/go/70rjwca5/


Automating Compliance Policies in Microsoft Intune with PowerShell

Thoughts about Windows

http://www.wservernews.com/go/blc20069/

 

Other Articles of Interest

Ten Windows 10 Fall Creators Update features to know

Microsoft introduced some significant changes to Windows 10 in the Fall Creators Update. The My People app, for example, lets users pin contacts to their task bars. Read on to find out more. 

http://www.wservernews.com/go/9otbf6zr/


Meltdown, Spectre, and mobile: A reminder that Android security patches exist

The relative success of Android Security Bulletins can get lost in all the "Android OEMs are bad at updates" noise.


http://www.wservernews.com/go/xwllqehk/


Get to know root cause analysis tools for VDI

Not all VDI monitoring tools provide the same features. IT admins in search of a root cause analysis tool may want to turn to third-party vendors. Read more here.

http://www.wservernews.com/go/tfyji5jt/


Citrix, VMware, thin clients, printing, DaaS, and Windows 10: Six things I'm watching in 2018

Predictions are overrated! Here are the expectations I have of Citrix, VMware, thin client vendors, printing vendors, DaaS, and Windows 10 migrations as we begin 2018.

http://www.wservernews.com/go/oj52qja9/

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

Urban Mountain Bike Champion

Watch Tomas Slavik's intense winning run at the Red Bull Valparaíso Cerro Abajo 2018 Urban Urban Mountain Bike race:

http://www.wservernews.com/go/zm0zzxsj/


3D Street Art - Amazing Optical Illusions

The world's best 3D street artists create imaginary worlds so realistic, you have to look several times to grasp exactly what you are looking at:

http://www.wservernews.com/go/kubia00g/


Blue Angels - Amazing Cockpit Footage

The Blue Angels are the US Navy's flight demonstration squadron and some of the very best aerobatic and formation air pilots in the world:

http://www.wservernews.com/go/f164o0fc/


The Future Of Commuter Air Travel Is Here

Meet Cora, Kitty Hawk's self-flying electric airplane, which was designed and built to bring the freedom of flight to our everyday lives:

http://www.wservernews.com/go/8ql4k9ao/


Have any other readers found similar content they'd like to recommend for our Fave Links section? Email us at [email protected]

 

WServerNews - Product of the Week

Free Tool for Monitoring Exchange Server Status & Performance 

Image

SolarWinds® Exchange Monitor is a free tool that allows users to monitor Microsoft® Exchange™ Server 2013 and 2016. Get basic information about the server’s metrics, services, and database availability group (DAG) status. Add as many Exchange Servers as you wish. Simply click the “Add Server” button and fill IP address/domain name and credentials.

Download Free Tool

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.