Have you heard the saying, "A picture is worth a thousand words"? It seems cyber criminals have too, and they're using it to their advantage.

In a new twist on phishing campaigns, cyber criminals are luring victims to click on images rather than downloading malicious files or clicking suspicious links.

Let's dive into the warning signs, so you can keep your business safe from these sneaky attacks.

Update: This controversial image enhancement feature now seems to have been removed by Microsoft, following privacy concerns.

Don't be mistaken, we love Microsoft Edge (and think you will too), but lately, something has come to our attention that we wanted to share.

It's always a good idea to be aware of what your browser is doing behind the scenes. And there’s an Edge setting that you might be interested to learn about. It’s one that sends the images you view online to Microsoft.

While this might not seem like a big deal on the surface - it’s done to enhance the images - some business owners might be concerned about the privacy implications. After all, you never know who might be looking at your browsing history.

When you replace old computers or external drives, do you delete data and then just… get rid of them? You could be putting your sensitive data at risk. A new study by a data recovery specialist shows that millions of deleted files can be recovered from improperly wiped hard drives that are sold online.

It isn’t just buyers who can access your old files. Cyber criminals often buy used hard drives and attempt to recover data from them. This could include anything from confidential business information to client details. It’s easy to forget about old data when you’re excited about shiny new technology. However, it’s important to consider what’s on that old drive before selling it or disposing of it.

Even if the drive is encrypted, it’s still possible for data to be recovered. And if the drive is damaged, there’s a chance that some of the data is still salvageable. It’s better to be safe than sorry when it comes to sensitive information.

Think about it this way: Would you leave important documents lying around for anyone to see? Of course not! Your digital information deserves the same level of protection.

So what can you do to protect yourself?

Tired of endless notifications from your multi-factor authentication (MFA) app? Cyber criminals are exploiting this "MFA fatigue" to target your valuable business data. MFA adds an extra layer of security by requiring multiple identity verifications. However, attackers flood employees with constant MFA notifications, increasing the likelihood of someone authenticating a login attempt out of frustration or exhaustion.

You know those charging points you find in airports, hotels, cafés, and even shopping malls? They're super handy for boosting your phone or laptop battery on the go. But lately, they've been making headlines for all the wrong reasons. The FBI recently tweeted some advice, warning people to stop using these charging points. Apparently, some clever criminals have figured out how to take advantage of the USB ports and sneak malware onto your devices while they charge.

Now, you might be thinking, "Wait, is this 'juice jacking' thing for real?" Well, it used to be more of a theoretical concern, but the technology needed to pull off such an attack has become smaller, cheaper, and easier to use. As a result, even less tech-savvy criminals are getting in on the action.

Have you ever tried to buy tickets for a huge event and found that the seller’s website has collapsed under the weight of thousands of people all trying to do the same thing at the same time?

The ticket site falls over – usually temporarily – because the server is overloaded with traffic it doesn’t have the capacity for.

Criminal Distributed Denial of Service attacks – DDoS, for short – exploit the same principle. When a DDoS attack targets a business, it floods it with internet traffic in an attempt to overwhelm the system and force it to fail. This results in the business and its customers being unable to access services. That may trigger a temporary failure, or it could be more serious.

AI chatbots have become a dominant force in recent times, but beware, their rise has given cyber criminals the tools to create even more frightening scams. These malicious actors have discovered how AI can make their phishing attacks more insidious and terrifyingly effective.

Ironically, the phishing emails generated by a chatbot feel more human than ever before – which puts you and your people at greater risk of falling for a scam. So we all need to be even more careful.

The typical red flags that people are used to looking out for in suspicious emails, such as spelling and grammar errors, are now being eliminated by AI-powered phishing emails. The technology can even construct entire email threads that appear legitimate and trustworthy, making it even more difficult to distinguish between what's genuine and what's not.

If you employ anyone aged between 16 and 19, you need to pay special attention to the cyber security training you’re giving your team. A new study has revealed that a host of worrying online behavior has become almost normalized among many young people. And much of this activity is illegal.

We’re not talking serious cyber crime such as ransomware attacks or stealing data; but one in three 16 to 19-year-olds have admitted to digital piracy; and a quarter have tracked or trolled someone online. Most of these behaviors may not directly affect your business. But some are so commonplace that too many young people view them as a part of everyday life.

That’s not something you want them bringing to work.

With its huge dominance in the workplace, Microsoft’s Windows has become the prime target for cyber criminals. They’re looking to access your information, disrupt your business, or hold your data to ransom.

Tens of millions of attempted malware attacks were discovered throughout this year, and a massive 95% of those threats were targeted at Windows. The vast majority of attacks are unsuccessful, but those that do succeed can create havoc for the affected businesses. So you need to be sure that you’re taking all possible precautions to protect your business and your data.

Almost half of people with social media accounts have admitted to falling for shopping scams. So if members of your team are doing a little last minute Christmas shopping from work, how can you be sure your business is protected? New research shows that a massive 47% of people have clicked on links hoping to get a great deal, and instead ended up giving financial and personal details to cyber criminals.

That could mean they’re not only putting their own data and money at risk, but your device – and even your network – could be exposed, too. It’s not just shopping scams that are fooling people online. Phishing links have tricked 36% of people into revealing personal data. Phishing is where you get an email that seems to be from a person or brand you trust, but it’s not.

The same number have fallen for gift card scams – that’s where criminals gain victims’ trust and persuade them to buy gift cards or online vouchers. If an employee clicks a malicious link or downloads an infected file using their work device, the results for a business can be devastating. The risks go beyond the loss of data and reputation. The cost of downtime while you get going again is enough to put many people out of business for good.

Passkeys are set to take over

Passkeys are set to take over from traditional passwords to give us a safer, more secure way of logging into our online accounts.

That will be a major step forward for online security, and it’s gathering pace quickly with more and more big names adopting the technology. So how long will it be before we finally wave goodbye to the password?

This new tech has long been supported by the FIDO alliance – an organization of big tech companies including Apple, Google, and Microsoft – in the hope that it could eventually kill off passwords completely. These megabrands are already rolling out passkeys on some of their applications. But now some of the big names in password management software are getting in on the act, too, which is likely to speed things up even further.

You could be losing a full-time working week for every member of your team, thanks to the hassle of setting up video calls.

Video conferencing has revolutionized team meetings, and saves a huge amount of travel time. But we’re still not getting the full benefit from the new technology, according to new research.

Employees aged between 18 and 24 take up to 10 minutes to get set up for each remote meeting.

Times that by a typical five meetings a week, and it’s suddenly lost you 40 hours every year. That’s a whole working week of wasted time – a figure that gets even higher when you look at older age brackets.

It isn’t necessarily a result of differing technological know-how. The research shows that employees blame the tech itself for the loss of productivity.

Almost a third of people said they didn’t have the right tools for the job, and 23% even said they felt excluded from remote meetings thanks to inadequate tech.

A huge number of small and medium-sized businesses would consider using pirated software to try and save money. A new study has revealed a surprising number of businesses willing to break the law to save costs. Our advice? Think twice before you walk the plank.

Right now, the most popular types of pirated software are project management tools, and marketing and sales software. But a huge 56% of business owners said they’d even think about using illegal cyber security software in an effort to cut costs.

Don’t do it.

Not only is pirated software unsupported – so if you have a problem with it (which you probably will) there’s no help available to rectify the issue – but it can open your business up to bigger problems too.

Microsoft Teams has fast become one of THE most useful business tools for the way we work today. No matter where your people work from, they can communicate and collaborate quickly and reliably. But this remote way of working can also open the door to some major security issues.

New research shows that nearly half of employees frequently share confidential and sensitive files via Teams. That can be a big problem if employees are using personal equipment rather than company issued kit… it's simply not as secure as work devices.

More than half of people surveyed say they’ve shared ‘business critical’ information using personal devices. Worse still, 48% admitted they’ve accidentally sent files they shouldn’t have – possibly to the wrong person!

So how can you be sure that your people are using Teams in the safest, most secure way?

When you think about tools for remote working and chatting online, one of the first names in your mind is Zoom. But its popularity has opened the door for cyber criminals. They’re using its name to steal sensitive data.

Researchers have discovered at least six convincing-looking download sites. They’re not the real thing. They’re designed to tempt you into downloading FAKE Zoom software, containing ‘info stealers’ and other forms of malware (malicious software).

Accidentally use one of these sites thinking that you’re downloading a Zoom update… and you risk having sensitive data stolen. Possibly your banking info, passwords, or browser history. Some can even steal your multi-factor authentication details. That could give cyber criminals access to your most sensitive data.

How productive do you feel your people are when they work from home? Shockingly, 4 in 5 bosses believe people get more done in the office. Microsoft has become the leader of productivity over many decades. Can you imagine doing your day to day work without their software?

So, it’s no surprise the tech giant recently conducted a major new survey into productivity in the workplace – and some of the results might surprise you.

Researchers surveyed 20,000 people working for businesses in 11 different countries. They discovered the majority of bosses don’t believe their employees are as productive when working from home.

In fact, four out of five employers said they thought their people got less done when working remotely. On the other hand, a massive 87% of staff felt they were MORE productive when working from home.

Data security isn’t a matter to be taken lightly, as too many businesses have found out the hard way. Unfortunately, there are far too many simple ways to correct common security issues - enough that it’s foolish not to do so. We’ll review a few ways to fix security issues, after discussing one of, if not the, most egregious security failings in modern history.