Connect with Us
  1. Comportz
  2. Blog
  3. Online Security

Online Security

15Nov 2018

The Cloud: The Forecast Is Looking CLOUD(Y)

The Cloud

Tech companies love using buzzwords such as Big Data, 5G, and the internet of things. Unfortunately for most customers, these terms are confusing and often don’t make it clear what they actually mean. The “cloud” is one of those terms, and no, I don’t mean the fluffy white stuff in the sky.

When tech companies say your data is in the cloud, they don’t mean in the sky. The cloud refers to the software and services that run on the internet, instead of on your computer. Most cloud services can be accessed through a Web browser. Some companies offer dedicated mobile apps. Some examples include Netflix, Yahoo, Google Drive, Apple Cloud, Dropbox, etc.

The best thing about the cloud is that you can access the information on any device as long as you have an internet connection. You know how you can make edits in Google Docs anywhere on any device? The cloud

Another benefit of the cloud is that because the remote servers handle much of the computing and storage, you don’t necessarily need an expensive, high- end machine to get your work done. In fact, some companies are making a cloud-based computer as a low- cost option for consumers.

The cloud isn’t perfect though. Without an internet connection or with a poor connection, you’re basically locked out of your data and cloud-based programs.

With all your information online, there is also a risk of your information getting into the wrong hands. Even though all cloud companies have security measures in place to protect your data from hackers, they aren’t foolproof. It is always a good idea to be careful what you have stored in the cloud.

Overall, cloud solutions don’t appear to be going away. In fact, quite the opposite. Looks like the future is looking pretty cloudy.

For a complete suite of cloud solutions, contact us today to learn how we can help move you and your business to the “cloud”. 

5Nov 2018

Importance of SEO

Search Engine Optimization

When you do a web search, do you usually click on a link from the first page of results or do you look through a few pages before you click on a result? You probably answered from the first page and you’re not alone. 75% of people will not scroll past the first page of their search results. For any business, it is crucial that their website shows up on the first page of a possible customers web search.

When a possible customer is searching for something your business can provide it is crucial to show up as one of the top links in a search engine. If your website is not on the first page, competing businesses that rank better in search engines will easily steal business away from yours.

If you do rank high on search engines, it is also crucial to have a website that is easy to operate and understand. Sites which are overly informational and less visual will have a hard time holding someone’s attention. You want to keep navigation simple and have lots of pictures and fewer words on your homepage so the viewer remains interested, not overwhelmed.

But what makes a website show up on the first page of someone’s search results? To show up in the top results, a website must be SEO friendly and be optimized for all devices.

What Exactly is SEO?

But what is SEO? SEO or search engine optimization is the process of optimizing your website to appear/rank in a search engine.

To fully understand SEO, you need to understand how search engines actually work. We’ll use Google as our example. Google uses pages it already has in its system to find links to websites it does not know of. To follow these links, Google uses crawlers or bots.

Crawlers are programs that search the world wide web in order to create an index of data. The first step in making sure your website is recognized by Google is making sure it is connected to a site that Google already recognizes. This is so “crawlers” can crawl your website and put it into Google’s index.

You also want to make sure your keywords are optimized to your website. To find your website’s keywords, take notice of what words your website uses frequently, defining words in the title, and headers of your website.

Out of these words, think about your target audience and the keywords they might search to find your products or similar products. These specific words can be optimized to be a website’s keywords. Remember though, keywords shouldn’t be flooding the text of your website, but should be around 1-2% of your website’s words.

Make it Appealing

Along with improving the viewing experience, having an easy to use, a visually appealing website can also help improve your websites SEO. If your website is intuitive and operates smoothly, the search engine will usually know.

While we have only scratched the surface of SEO optimization, it is very clear that SEO is vital to getting your website recognized not only by search engines but also by the people that are searching the web. Over the next few weeks be on the lookout for more blogs about SEO and more advanced SEO practices.

Contact Comportz Technologies

For more information on SEO, please reach out to us here at Comportz to see if you and your business could benefit from an SEO audit.


23Jul 2018

The Importance of Password Security

It’s 2018, take your password security seriously. The consequences are not worth the inaction.

In today’s world of growing identity theft and online crime, a weak password can lead to unwanted access to your financial information, email, and much more. Passwords are one of the essentials in keeping all your information safe but are not the only part of the equation. In addition to creating a long, complex password, you should store your passwords in a secure location, like in a locked drawer, or find a trustworthy password vault online. That’s why now, more than ever, password security is more important than it ever has been. 

There are many password managers you can use to keep your passwords safe.  Some popular ones are DashLane, LastPass and 1Password. If you get a password manager, all you need is to remember one master password that unlocks a vault with all your other passwords.

About 63% of confirmed data breaches involved weak, default or stolen passwords.

— Source: Verizon 2016 Data Breach Investigations Report


Have an extra layer of security

Another way you can protect your information is 2-factor authentication. The most common is a code or some other type of message that is sent to a mobile device registered to you so you can verify it’s really you who is logging in.


Never give anyone your password

Although this seems obvious, many people will give their passwords to good friends thinking it’s not a big deal. But those friends could accidentally pass it along to others or use it to harm you. When it comes to password security, it’s a given we shouldn’t be handing out our passwords to anyone.



Most people choose passwords that are easy for them to remember or something personal to them. If you fear you will forget your password then use a passphrase. Use the first letter of a sentence that you know you would remember. Ex. “I like to drink coffee and read” could be turned to, “!L2dc&r”. You can also find a random password generator online.


Use different passwords for each site

It’s crucial to use unique passwords for your different sites in case of a breach. If someone hacks your Instagram, and you use the same password for all your other sites, you could be in a lot of trouble.


Changing your password frequently might not be as necessary as you think

First of all, most people that change their passwords frequently, don’t even really change them, but rather “transform” them. As an example say someone has their password as ElePhant5, they would then just change it to elepHaNt6, which can be easily hacked. In addition to that, hackers now days have new and better software for hacking passwords and will probably take immediate action as soon as they get a hold of your password. Changing your password after you realize you there has been a breach is a must, but it is highly doubtful changing your password every month will help much.

Following these tips can help you stay protected online. Password security is one of the leading issues facing you to ensure your identity and information is safe.

Password security

Contact Comportz today to learn more about how we can help you and your business follow these password security protocols. We offer a variety of different ways we can help protect your business. 

12Jul 2018

15 Common Ransomware Scams

Common Ransomware Scams

The goal of this post is to identify the 15 most common ransomware scams. You will learn about each of these scams, how they work and what they target. Knowing is half the battle.

common ransomware scams


  1. Locky’s- Locky’s is similar to many other types of ransomware. This common ransomware scam spreads via an email message, that is disguised as an invoice. When the malware is opened, the invoice is scrambled and the victim is instructed to enable macros in order to read the document. However, when macros are enabled, Locky begins encrypting a large number of file types using AES encryption.

2. NotPetya- NotPetya is a malware known as a wiper with a sole purpose of destroying data instead of obtaining a ransom.

3. Petya- Unlike other types of ransomware, Petya encrypts entire computer systems. Petya overwrites the master boot record, rendering the system unbootable.

4. Spider- Spider is spread via spam emails across Europe. Spider is hidden in Microsoft Word documents that install the ransomware on a victim’s computer when downloaded. The Word document is disguised as a debt collection notice, which contains malicious macros. When the macros are executed, the ransomware begins to encrypt the victim’s data.

5. TeslaCrypt- TeslaCrypt is new on the scene. TeslaCrypt uses the AES algorithm to encrypt files. The malicious malware is typically spread via the Angler exploit kit, which specifically attacks Adobe vulnerabilities. Once exploited, TeslaCrypt installs itself in the Microsoft temp folder.

6. TorrentLocker- TorrentLocker is distributed through spam emails and is geographically targeted to specific regions. TorrentLocker is often referred to as CryptoLocker and uses the AES algorithm to encrypt files while also encoding files.TorrentLocker collects email addresses from the victim’s address book to spread the malware beyond the initially infected computer.

7. WannaCry- WannaCry is becoming an epidemic and has affected organizations all over the globe. The ransomware has hit over 125,000 organizations in 150 countries. The Wanna cry strain is also known as WCry or WanaCrypt0r and currently affects Windows machines through a Microsoft exploit known as EternalBlue.

8. ZCryptor- ZCryptor is a self-propagating malware strain that acts like a worm. The malware encrypts files while also infecting external drives and flash drives so it can be distributed to other computers.

9. Bad Rabbit- Bad Rabbit is a sort of ransomware that has infected organizations in Russia and Eastern Europe. Bad Rabbit is spread through a fake Adobe Flash update on compromised websites. When the ransomware infects a machine, the users are taken to a payment page demanding .05 bitcoin (around $285).

10. Le Chiffre- “Le Chiffre”, which in French means “encryption”. Unlike other ransomware, LeChiffre is run manually on the compromised system. Cybercriminals automatically scan networks in search of poorly secured remote desktops, logging into them remotely and manually running an instance of the virus.

11. Jigsaw- Jigsaw encrypts and progressively deletes files until a ransom is paid. The ransomware deletes a single file after the first hour, then deletes more per hour until the 72-hour mark, when all the files that are left are deleted.

12. CryptoLocker- The original CryptoLocker botnet was shut down mid-2014, but not before the hackers behind it extorted $3 million from victims. Since then, hackers have copied the CryptoLocker approach, although the variants in operation today are not linked to the original.

13. CTB-Locker- The criminals behind CTB-Locker used a different approach to spreading malware. Taking a page from the playbooks of Girl Scout Cookies these hackers outsource the infection process to partners in exchange for a cut of the profits. This is a proven strategy for achieving large volumes of malware infections at a faster rate.

14. KeRanger- KeRanger is a common ransomware scam that was discovered on a popular BitTorrent client. It’s known as the first fully functioning ransomware designed to lock Mac OS X applications.

15. Cerber- Cerber targets cloud-based Office 365 users and has impacted millions of users using an elaborate phishing campaign. This type of malware emphasizes the growing need for SaaS backup in addition to on-premises.

If you have any questions about these common ransomware scams or about cyber security in general, please contact us and read our blog on How Ransomware Attacks your Business or our FREE E-Book: The Small Business’ Guide to Ransomware

11Jul 2018

How Ransomware Attacks Your Business

Why you shouldn’t click on random links that are sent to you

You go to check your email, when you notice that you have a weird message from someone that you don’t know. You open the message and read through it. Basically, the email says that you have inherited some money, and in order to receive it you need to click a link that accompanies the email. Don’t click the link! Never click anything sent to you from someone you don’t know. The reason for that is ransomware. Ransomware attacks businesses frequently and without hesitation. Basically, ransomware is a kind of malicious software that takes over your computer and ransoms the files on it back to you for a price. If or when the price is met, the malware “leaves”, even though Forbes reports the only 19% of victims got their files back.

Photo of ransomware attack

How Ransomware attacks your business?

After the victim clicks on a link that contains ransomware, they are redirected to a real looking site, but in reality the site itself is an exploit kit. The server then sends out a request to software such as Java, this is to find vulnerable versions that the kit can exploit. If the software breaks in, it forces your computer to run its software. The ransomware then deletes files that cripple the security system on the victim’s computer in order to hide itself. This is to limit the possibility of file recovery. After this takes place, the ransomware then begins encrypting files on the victim’s computer and sends an encryption key back to the command server. The malware now has complete control over your computer. This is when you receive a message telling you how to pay. Usually, it’ll ask the victim to pay in bitcoin, which is a cryptocurrency that can’t be traced. When or if you pay, the hackers aren’t done yet. If you receive your files back, the malware may be lurking on your computer, collecting information about you (such as bank cards, residency, name, general information, browsing history). If you pay for malware, always seek help from people who know how to get rid of ransomware.

Not all ransomware works the same. Some steal information, some steal money, and some just brick (break) your computer.

Check out our new post on the 15 most common ransomware attacks.

Comportz can protect your company’s email at a low cost, that can keep your business safe from malicious ransomware . Please contact us today to learn how to prevent ransomware attacks at your business. Check out our FREE E-Book: The Small Business’ Guide to Ransomware




25Jun 2018

New Email Attack Can Bypass Office 365 Security Protocols

Scam Alert- Email Attack

ZeroFont phishing email attack- recently cybercriminals are getting creative in their attacks by manipulating font sizes to get around Office 365 anti-phishing filters.

One of the anti-phishing/spoofing detection mechanisms in Office 365 involves natural language processing to identify the content of the messages typically used in malicious emails. This tactic has been named ZeroFont, simply because these tricky emails are using words with a font size of zero to bypass Office 365 protections.

What the ZeroFont email attack essentially does is insert a long string of meaningless text with a font size of zero in the HTML code of an email, in between real text. The zero font text is invisible to the recipient of the email but not to the Office 365 filter.

For example, an email including the words “Apple” or “Microsoft” that are not sent from legitimate domains, or messages referencing user accounts, password resets or financial requests are flagged as malicious. Any emails that suggest banking information, user accounts, password resets, financial requests, etc. are scrutinized for authenticity through Microsoft’s filters. This means attackers have had to get increasingly more creative in their attempts to work around these filters.

You might get an email trying to impersonate your bank. Inside the email, it might say something along lines of “Your account needs to be updated. Please click here to verify your account.” The design of the email and the footer of the email will look almost exactly like an email you might get from your bank. The footer will even say “2018 Your Bank Name. All Rights Reserved.” Everything will look legitimate to you as the end-user. If you click on the link, you will be brought to a webpage that will also look like your banks website and be asked to enter private information and possibly even your bank account number.

The problem is, this email used to the ZeroFont technique to bypass the filters through the manipulation of the HTML code. You’ll see this:

          Thanks for taking these additional steps to keep your account safe.
          Your Bank Name
          © 2018 Your Bank Name. All rights reserved.

While the Office 365 filters see this:

         Thfdsjkllkfnnlankfdssds for taking these adfdsdsfditiofdsfsdfsdnal stfdsfsdfseps to keefdsfsdfp your accodsdsfsdfunt safdsfsdfsdfe.
          Yofdsfsdfur Bfdsfdsafsdnfsdfsk Nfsdafsdmfsde
          © 2018 Ydfdsofsdfsur hghfgBhgfhfghagfhfdhnk Nahfgfghmgfhfge. Agfhfgll rigfhgfghts resgfhfgfgeghfghrbvbcved.

All of the letters in the second example that aren’t in the view the user sees are using the ZeroFont technique. And since Microsoft cannot see the name of your bank in the email, it cannot detect that it is a spoofing email.

What this means for you as a business is you need to be more vigilant than ever to combat these new attacks. There are many additional options outside of Office 365’s protection out there for businesses to utilize that can increase your chances to prevent an attack and filter out spoofing emails.

Talk with a Comportz representative today to learn about these low-cost solutions that can keep you and your business safe.


1Jun 2018

Steps to Protect Your Identity

Identity theft has become and will remain a concern for individuals and businesses for the foreseeable future. Take some time to learn some key steps you can take to protect your identity.

Identity Theft

Identity Theft

The last thing you would want for you and your business is to lose access to your accounts whether it’s financial or personal. Learning some tips on how to keep your information away from online thieves can save you quite the trouble of trying to get all your information back.

  • Make sure to shred any unwanted information that you are about to throw away. A document shredder can become your new best friend when it comes to getting rid of old unwanted documents.
  • Providing your personal information to only verified companies that have an outstanding reputation is another way to keep unwanted predators out.
  • Encryption software allows all your digital documents to be stored and hidden so no one who takes a look at your computer will be able to see it.
  • Change your passwords often. Make sure to use strong characters that decrease the chances of breach. Password manager is an effective program that allows to keep track of all your current passwords.
  • Your smartphone contains personal data that could potentially be easy access to identity thieves. Set up a strong authentication method lock on your device. Fingerprint or facial recognition is one of the strongest lock methods you could use.
  • Sharing post and pictures with your friends on social media have become more popular. Do you know that with each post you make you could be at potential risk of sharing that information with identity thieves as well? Avoid oversharing and make sure that your privacy settings are up to date.

Phone Identity Theft

At the end of the day, common sense will go a long way in keeping your identity safe. If something doesn’t look or feel right, it usually isn’t. Use caution and avoid risky behavior online. In the world of online security, it’s better to be safe than sorry.

If you or your business need advice, protocols, software aimed at protecting your identity, reach out to us today. Comportz provides a variety of best practice online security services to make sure your identity is safe.