Are you ready for the Windows 10 May 2019 Update?

Are you ready for the Windows 10 May 2019 Update?

Are you ready for the Windows 10 May 2019 Update?

It’s been a while coming, but the Windows 10 May 2019 Update is finally on its way to computers around the world.

Microsoft has announced that as the Home and Pro editions of Windows 10 April 2018 Update (version 1803) will reach end of service on 12 November 2019 they will begin updating devices running this as well as earlier versions of Windows 10 to ensure that they can continue to service these devices and provide the latest updates, security updates and improvements.

Every year, Microsoft releases two majority updates for Windows 10, being generally in April and October, however, the latest one, Windows 10 May 2019 update has arrived later than expected.

As per the Windows Experience blog (link opens in new window) article, for those Windows 10 devices “that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update; keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health”.

Some of the new features introduced in Windows 10 May 2019 Update include:

  • Windows Update itself: Windows will seek your permission before installing the major updates (ie. the next October 2019 Update) and Home users can pause updates for up to 35 days (in seven-day periods up to five times). Microsoft provides greater control as to when you wish to install the update and will no longer do so without your permission. You will have approximately 18 months until it will eventually force the update.
  • Troubleshooters: Windows 10 has increased further troubleshooting options for this update. It will provide recommended troubleshooting guidance if required, as well as assistance when you are in trouble. Of course, we are always happy to help with that! In addition, Windows Security is also improving but we would still recommend internet security software for your computer.
  • Passwordless login: One interesting announcement as part of this update is Microsoft’s promise to remove passwords, by replacing them with a PIN or prompt on your mobile phone.
  • Dark mode (light mode): One popular enhancement we are seeing across many apps and websites these days is to introduce a “dark mode” to darken how the interface appears. This includes the start menu, task bar, Action Centre, notifications as well as other areas. In addition, there is also a “light theme” also.
  • Start menu: Microsoft has also reduced the number of programs appearing on the Start menu, making it easier to remove out-of-box apps which you may not use (such as Candy Crush, Xbox Console and Groove Music). This will allow you to also have a smaller start menu, down to a single column. There are changes to separate Cortana and search also.

Usually in the subsequent months, we receive calls from our clients who advise they have seen a particular change or looks different to what they are familiar with. If you are considering updating to the Windows 10 May Update, you may wish to review the new Windows release health dashboard (link opens in new window) which as advises on known and resolved issues

You will generally receive a notification when your device is ready to upgrade to the latest Windows 10 update, however we suggest waiting until at least a few weeks afterwards to iron out any issues.

If you need assistance to upgrading to this update, or would like consulting, support and training, we are happy to provide for this to small businesses, not-for-profit organisations and individuals. Please contact us for more information.

This article is also featured on the CyberGuru Blog.

CyberGuru proudly supports Privacy Awareness Week in 2019

CyberGuru proudly supports Privacy Awareness Week in 2019

Privacy Awareness Week 2019

As part of our commitment to protecting your privacy, CyberGuru is proud to announce its support of Privacy Awareness Week in 2019. Running 12-18 May, this year’s theme is “Don’t be in the Dark on Privacy”, with an emphasis on what businesses and individuals can do to maintain privacy.

For businesses, privacy protection is vital to building and maintaining clients’ trust in our management of their personal information. Privacy should be integrated into all projects that involve personal information so that risks are identified and addressed as soon as possible. Privacy is about transparency – it’s about being upfront about personal information handling practices so that individuals can make informed decisions and won’t be surprised about how their personal information is used.

For example, some of the practices we have taken at CyberGuru to protect privacy include:

  • Undertaking a Privacy Impact Assessment as part of our obligations under the Notifiable Data Breach Scheme.
  • Displaying our privacy policy online, which informs you how we handle your personal information, including collecting only required information necessary to provide our products and services to you and not sharing your information with third-parties unless consent is provided.
  • Ensuring our website and email communications are secure and protected using HTTPS, SSL and encryption technologies.

Individuals need to take responsibility for protecting their privacy. Some companies do not take reasonable steps to protect privacy, exemplified by Facebook’s myriad of privacy scandals in the past year.

This year, Privacy Awareness Week has identified the following five priorities to assist individuals in protecting their privacy:

  1. If you are notified of a data breach act quickly to reduce the risk of harm
  2. Protect yourself online and safeguard your passwords
  3. Check your credit report for free once a year
  4. Sharing your health information is your choice
  5. Be aware of what data you share

For further information and resources on these priorities, please visit the Privacy Awareness Week website (link opens in new window). If you would like assistance in implementing any privacy practices, please contact us today.

Ask CyberGuru: Do I need to read the Office 365 Message centre emails?

Ask CyberGuru: Do I need to read the Office 365 Message centre emails?

Ask CyberGuru

In this month’s Ask CyberGuru, we are asked “Do I need to read the Office 365 Message centre emails?, I seem to get them all of the time and they have no relevance to me?”.

As part of your Office 365 subscription, there are often changes, including new features, updates and products during the year. As part of this service, Microsoft send regular updates via email and through the Office 365 Message Centre. This message centre is to provide you with awareness of new features before they are introduced. You can read about these and correlate these to the roadmap, as well as how it will impact you, as well as what you can do to prepare for the change.

One of the recent emails sent referred to the new Microsoft 365 admin center becoming the common entry point for managing all your Microsoft 365 services. It makes mention that it is applicable to all clients. Depending on the feature, you may not be affected, or required to take any action but would recommend reviewing these briefly and contacting us if you have any questions or concerns.

As many of clients would be aware, we provide updates through our newsletter, blog as well during onsite or remote visits with you. We are always happy to be your reference point for new Office 365 features, however, Microsoft share these with you so that you can prepare for these if required. If you have too many emails, you can choose to set a rule to move these to a folder for later reference or unsubscribe altogether.

If you have a question you would like to ask CyberGuru, please contact us.

Reporting spam email to Microsoft with the Report Message add-in for Outlook

Reporting spam email to Microsoft with the Report Message add-in for Outlook

Reporting spam email to Microsoft with the Report Message add-in for Outlook

Whilst the inbuilt spam and malware filtering built in to Microsoft Office 365 has considerably reduced the amount of unwanted spam email you receive in your email account, a small amount spam can still arrive, or an email may be mistakenly marked as junk when in fact it is legitimate. Fortunately, Microsoft has an addon you can use to further reduce the amount of spam or stop legitimate emails from being marked as junk by reporting this back to them.

Known as the Report Message add-in for Outlook, it enables you to report emails using one of three categories:

  • Junk is generally referred to as spam and are unwanted senders that may be advertising their products or services to you.
  • Phishing is a person or organisation claiming to be someone else to seek your personal information. The email may appear to be legitimate but in fact is not.
  • Not junk is a legitimate email which has been misclassified as Junk.

The Report Message add-in for Outlook can be used on both Outlook and Outlook on the web and enables you to report a message as either junk, phishing or not junk. You can also choose to report the message to Microsoft for further review and investigation.

We encourage our clients who are experiencing spam issues to look at implementing this as part of their cyber security strategy.

For more information and how to set this up, please feel free to contact us.

Don’t be an April Fool – Watch out for business email compromise!

Don’t be an April Fool – Watch out for business email compromise!

Don’t be an April Fool – Watch out for business email compromise!

We have seen an increasing number of reports for business email compromise affecting organisations, so we are calling on everyone not to be an April fool!

“Business email compromise” is a where a hacker gains access to a corporate email account by pretending to be a figure such as a business owner, manager or other decision maker to defraud the organisations or its employees, customers or suppliers of money.

Whilst these scams targeted businesses working with suppliers and businesses that regularly make electronic payments in the past, small businesses and not-for-profit organisations are no longer immune.

We are aware of several cases where a business owner was compromised through a fake email which included a link to download a file from SharePoint or Google Drive location.

Business email compromise - Example of fake Microsoft Office 365 email
Business email compromise – Example of fake Microsoft Office 365 email

In order to download the file, the owner was required to login to what appeared to be a genuine Microsoft or Google sign in page, but was actually fake. Once the account details were entered they were saved and sent to the hacker.

The hacker then used these details to log in and review the contents of the business owner’s email, often accessing their email or address book, to identify contacts from their business, and use their email to send a compromised email to either the accounts department or the business’s clients.

Business email compromise - Example of fake Energy Australia invoice
Business email compromise – Example of fake Energy Australia invoice

 

Business email compromise - Example of fake ASIC invoice
Business email compromise – Example of fake ASIC invoice

The emails sent to accounts and/or clients contain a fictious invoice requesting payment or another fake link to a Microsoft or Google login page as well, then both the CEO and accounts have been compromised.

In some cases, once the scammer had control of the email account used they set up rules to forward incoming email to an external email address of the hacker, automatically delete all email coming the inbox and remove the contents of the current inbox altogether so the account holder was unaware the new email had ever been received.

To protect yourself from such scams, we strongly suggest reviewing your protection strategies including staff education and training before you are compromised. If you receive an email from someone and are required to login to access a document or invoice and you weren’t expecting it, call the sender to confirm it is legitimate. It is important to quickly get onto it.

CyberGuru provides a range of services including consulting, support and training to protect against cyber threats such as these. If we can be of assistance, please contact us.