Baroan Technologies awarded Tier 1 Status by Microsoft

As a member of Microsoft’s SMB Champion program, Baroan Technologies has been awarded Tier 1 status which is the highest level awarded by Microsoft. In the New York metro area, there are only 10 other companies that are Tier 1.

We’ve installed and configured Office 365 for over 70 businesses as a Microsoft SMB partner. We'd love to help you develop your cloud strategy. Give us a call.


Baroan Guide to Avoiding Malicious Software

Phishing Scams


Avoiding it

  • Don’t open attachments in emails unless you know who sent it and what it is. Opening attachments — even in emails that seem to be from friends or family — can install malware on your computer.
  • Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
    • New research shows rise in "deceptive downloads" - legitimate downloadable programs (usually free) that cybercriminals bundle with malicious items.
  • Minimize "drive-by" downloads. Make sure your browser security setting is high enough to detect unauthorized downloads. For Internet Explorer, for example, use the "medium" setting at a minimum. 
  • Use a pop-up blocker and don't click on any links within pop-ups. If you do, you may install malware on your computer. Close pop-up windows by clicking on the "X" in the title bar.
  • Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.

Signs your PC is infected

Monitor your computer for unusual behavior. Your computer may be infected with malware if it:
  • slows down, crashes, or displays repeated error messages
  • won't shut down or restart
  • serves up a barrage of pop-ups
  • displays web pages you didn't intend to visit, or sends emails you didn't write
Other warning signs of malware include:
  • new and unexpected toolbars
  • new and unexpected icons in your shortcuts or on your desktop
  • sudden or repeated changing of your browser's home page
  • your laptop battery draining more quickly than it should


Increasing Cryptolocker Email Traffic

Baroan Technologies recently received the following email from AppRiver, our email filtering service, regarding the Cryptolocker malware. We have written a few blog posts on Cryptolocker, which we began seeing in November 2013 and are still seeing it occur in our clients' environments as recent as this month.

AppRiver is currently seeing a lot of malicious email traffic containing the Cryptolocker malware that can encrypt your business's data. The bulk of this traffic is coming through trusted free file share programs disguised as voicemail messages or faxes. AppRiver is blocking all known variants of this traffic but the spammers are changing up the messages rapidly. It is incredibly important that you let your users know not to open unsolicited emails and download files without confirming their sources. It's also important that you back up your files frequently and, if you use a third-party back up system, make sure it will not overwrite your backup with the encrypted files.

As a reminder, Cryptolocker is an especially destructive virus that will encrypt all of your data. Cyber criminals then force you to pay to get the data back, with no assurance they will actually follow through if you do. For more information, please see this blog article: blogs.appriver.com

Brian Haynes
Director of Channel Sales
One of the common Cryptolocker emails they've been seeing contains a DropBox link to retrieve a Zip file. AppRiver's blog post advises, "If something appears wrong or out of place avoid it!" We cannot stress this enough.


Avoid These CryptoLocker Email Subjects

Back in November 2013, we posted CryptoLocker: What It Is & How to Prevent It. Although we are well into 2014, this malware is still affecting our clients.

As explained in our previous post, CryptoLocker belongs to a particular strain of malware referred to as “ransomware.” Ransomware gets its name from the ransom it demands while holding your computer hostage. Cryptolocker asks for $300 in exchange for decrypting your files that it has locked down.

How does Cryptolocker get on my computer?
This ransomware is spread through email attachments. Take these steps BEFORE you click on any links or attachments:
  • Think. Have you ever received an email like this before? Do you know the sender? In the case of the USPS scam, have you actually shipped anything recently?
  • Hover over the link. If you hover over the link, you can see the address it will take you to. For example, a link may claim to be a company's new terms and conditions, but hovering over it will show that it's actually linked to a zip file (which will infect your computer when clicked on).
  • And if you’re still not sure…Google! If you’re still having a hard time discerning if an email or site is harmful, a quick Google search will usually tell you the answer. For example, if you Google “USPS email,” on the first page of search results you will see several articles warning against fake USPS emails.

The current list of known CryptoLocker email subjects include the following:

USPS - Your package is available for pickup ( Parcel 173145820507 )
USPS - Missed package delivery ("USPS Express Services" <service-notification@usps.com>)
USPS - Missed package delivery
FW: Invoice <random number>
ADP payroll: Account Charge Alert
ACH Notification ("ADP Payroll" <*@adp.com>)
ADP Reference #09903824430
Payroll Received by Intuit
Important - attached form
FW: Last Month Remit
McAfee Always On Protection Reactivation
Scanned Image from a Xerox WorkCentre
Scan from a Xerox WorkCentre
scanned from Xerox
Annual Form - Authorization to Use Privately Owned Vehicle on State Business
Fwd: IMG01041_6706015_m.zip
My resume
New Voicemail Message
Voice Message from Unknown (675-685-3476)
Voice Message from Unknown Caller (344-846-4458)
Important - New Outlook Settings
Scan Data
FW: Payment Advice - Advice Ref:[GB293037313703] / ACH credits / Customer Ref:[pay run 14/11/13]
Payment Advice - Advice Ref:[GB2198767]
New contract agreement.
Important Notice - Incoming Money Transfer
Notice of underreported income
Notice of unreported income - Last months reports
Payment Overdue - Please respond
FW: Check copy
Payroll Invoice
Corporate eFax message from "random phone #" - 8 pages (random phone # & number of pages)
past due invoices
FW: Case FH74D23GST58NQS
Symantec Endpoint Protection: Important System Update - requires immediate action

Is there anything that can protect my computer from Cryptolocker?
The only proven preventative tool is Malwarebytes Anti-Malware Pro. If you have this running and Cryptolocker tries to attack your computer, it will be blocked. However, if you do not have Malwarebytes running and Cryptolocker gets on your computer, there is nothing that the software can retroactively do to remove it.

malwarebytes white logo Baroan Technologies offers Malwarebytes Anti-Malware Pro and Kaspersky Antivirus as options you can include in your maintenance plan. Contact us for further information.

What happens if Cryptolocker succeeds in holding my computer ransom?
You are at risk of losing your computer’s files beyond recovery. If you have a backup that is NOT stored on your computer, then your files can be restored from that. Backups stored locally are at risk of infection.


One Guy’s Opinion: MSPs and HIPAA Compliance

This post was originally featured on the StorageCraft Recovery Zone blog as part of One Guy’s Opinion,” where President Guy Baroan discusses the technology world through the lens of a successful IT managed service provider.

Photo Credit: Rosmary via Flickr

 It’s important for MSPs to understand what HIPAA compliance is, what they can do to be HIPAA compliant, and what might happen if they try to service clients in the medical field without being HIPAA compliant. Luckily, our friend Guy Baroan, expert MSP and owner of IT solutions provider Baroan Technologies, knows his way around HIPAA. Guy explained that a number of clients are medical practices with data that falls under HIPAA compliance standards, which means he’s got to have the necessary security and business practices in place to make sure these standards are met.

With that in mind, we chatted with Guy about how other MSPs can tackle clients in the medical field successfully, and without running into issues with auditing and fines.


Make Outlook Work for You

Microsoft's email program, Outlook, is a surprisingly powerful and underutilized tool that has the potential to save users a lot of time and effort. So often we see our clients not using Outlook to its full potential and really making it work for their needs.

All it takes to be an email master is a combination of your time management skills with an awareness of all the tools Outlook has to offer. Below are Baroan's favorite Outlook best practices straight from Microsoft. Put a few into action and make Outlook work for you.


The 9 (Free) Tools You Need to Grow and Manage Your Company’s Web Presence

This post is for small businesses who...
photo credit: knitting iris via photopin cc
  • Have a website and blog.
  • Have a working knowledge of and presence on social media.
  • Feel like they don’t have enough time or resources to grow and manage their web presence.
  • Think there’s a more efficient way to go about growing and managing their web presence.
Once you setup the framework for your web presence – website, blog, social media – and understand how it all works and works together, then it’s time to save yourself. Save time, save money, work smarter not harder. Your key to that is free tools. And when I say free, I mean 100% free – no 30 day free trials, no one asking for your credit card “just in case.” As the marketing/social media/website manager for Baroan Technologies, as well as MSP Builder, these are my favorite tools that I have accumulated over the past 2 years (I even discovered one of these last week!). I use almost all of them every day, and I hope you find at least one that you can incorporate into your daily routine.