FTC Warns of Fake Charity Scam

Posted by Milan Tesanovich, TCC Security Analyst

The following alert was recently issued by the Federal Trade Commission (FTC), warning of a fake charity scam.

July 6, 2017, by Lisa Lake, Consumer Education Specialist, FTC

Scammers are creative, cunning and cruel — and they often mix in a little truth to spice up their big lies. This scheme shows just how low they can go.

Government imposters claiming to be with the FTC, or another agency like the fictitious “Consumer Protection Agency,” are calling to inform people they have won a huge sweepstakes from the Make-a-Wish Foundation, a well-known charity for very sick children. To get the money, the callers say, the “winner” must first pay thousands of dollars to cover taxes or insurance on the prize. The call may even come from a 202 (Washington, DC) area code to appear credible — since the headquarters for the FTC and most federal agencies are in DC.

This is just a scheme using the well-known names of Make-a-Wish and the FTC to rob thousands of dollars from people. Once you wire money or send banking information, you will never see your money again.

Here are a few facts and tips to protect yourself and others:

  • If someone asks you to wire money or provide your bank account information over the telephone, it’s a scam.
  • Anytime you have to pay to get a prize, it’s a scam.
  • The FTC doesn’t oversee sweepstakes and no FTC staff is involved in giving out sweepstakes prizes. We do, however, go after sweepstakes scams like this one.
  • If an FTC case results in refunds, you can find the details at ftc.gov/redress.
  • The Make-a-Wish Foundation has information about this specific scam on its fraud alerts page.
  • If you encounter this or other scams, report it to the FTC at 1-877-FTC-HELP or ftc.gov/complaint.
  • Talk to your friends and family about scams. Visit FTC.gov/PassItOn to find out how.

 

To learn more about TCC’s IT Managed Services, please visit our website https://e-tcc.com/managed-services.

Scam Targeting Microsoft Office 365 Account Holders

Posted by Milan Tesanovich, TCC Security Analyst

Recently, one of our employees received an email purporting to be from Microsoft Corporation. The email informed the employee that a Microsoft Online (Office 365) account had been created or modified for that person.

The email intends for the target to click on the link highlighted in the body of the email, ostensibly to be taken to a website to either activate the account or set a new password. An example of such an email is below.

Office 365

This is a scam that targets people who the scammers are betting have created an Office 365 Microsoft account. It’s insidious in its use of the legitimate Microsoftonline.com domain in parts of the email that can lull a user into believing it is legitimate because of the valid Microsoft domains.

Don’t be fooled; the crux of the scam is spoofing the legitimate domain of onmicrosoft.com. The scammer substitutes a bogus domain for the legitimate domain, which is where you will be taken if you click on the spoofed link: [XYZ_User]@XYZCompany.onmicrosoft.com.

Some scammer set up a valid MS Office 365 account in the employee’s name and is spear phishing that employee. You can read more about this scam here: https://www.onlinethreatalerts.com/article/2015/9/22/beware-of-malicious-and-spam-emails-from-onmicrosoft-com-microsoft-office-365/

Please be wary of such emails.

To learn more about TCC’s IT Managed Services, please visit our website https://e-tcc.com/managed-services.

 

Reflections from June National Early Childhood Conferences

Posted by Michelle Thomas, TCC Senior Policy Advisor

During the month of June, TCC sponsored two of the biggest national early childhood conferences – the National Association for Education of Young Children (NAEYC) Professional Learning Institute (PLI) and the BUILD QRIS National Meeting. It was inspiring to reconnect with friends, colleagues and clients and to start conversations with new friends.

Conference Themes

Each conference provided rich and diverse learning opportunities and each effectively used the power of current technology to connect participants and keep the dialogue open throughout the conference.

  •  NAEYC PLI – Elevating and empowering the early childhood workforce was a clear objective of this conference. Participants had many opportunities to hear from national experts and advocates and to build relationships with colleagues and peers
  • BUILD QRIS National Meeting – This conference was built around the notion that improving quality of early childhood programs is not enough; we must also ensure equitable access to high-quality programs for all families and children

ascend

ascendbox

At both events, TCC staff gave hands on demonstrations of our newly enhanced early childhood integrated data system, Ascend.  Thank you for all of your positive and insightful feedback about Ascend. We are already working with our developers to integrate your great ideas into the next version of Ascend!

We hope to see you again at the next two conferences we are sponsoring:

  • National Workforce Registry Alliance (NWRA): September 6-8 in Alexandria, VA
  • National Association of Regulatory Administration (NARA): September 11-13 in Minneapolis, MN

To learn more about Ascend, please contact Michelle Thomas at Michelle.Thomas@e-tcc.com and visit our website https://e-tcc.com/ascend.

 

Things to Consider While Crafting a Backup and Recovery Plan

Posted by Rick Fowler, Director of Mainframe Services

Unplanned outages are the bane of our existence in the mainframe world. It is very important that companies have a strategy for managing outages and minimizing the impact to the business. I recently read an article in IBM Systems Magazine that breaks down the common points companies need to consider when creating a backup and recovery plan. Vitse, C. (n.d.). Five Points to Consider When Preparing for Backup and Recovery. Retrieved July 06, 2017, from http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708/#/42.

The article cites the following as the five points companies should consider while creating a comprehensive backup and recovery plan:

  1. The importance of the data on the system
  2. How often the data changes
  3. Lifecycle of the data
  4. If this data is required for system recovery
  5. When this data should be backed up

I believe that number one is the key step in this process. Having a thorough understanding of the data that resides on the system and its multitude of unique requirements is critical to crafting a backup and recovery plan that offers maximum protection. Clients need to identify what would happen if their data was corrupted or lost and then IT mainframe professionals can assist in identifying what it takes to get that data back online and define the recovery point objective.

The article notes that the type of data drives the backup plan in terms of whether it is for compliance or recovery. Companies that do business with the government must store compliance data for a specified period of time. This is a major consideration in deciding the most appropriate method to use for backup.

No one wants to take a chance on having their data set corrupted or lost. Companies need to understand their data and how it relates to achieving business continuity. A carefully crafted and comprehensive backup and recovery plan is a vital part of assuring that even in the face of an unplanned loss, critical business operations can continue smoothly.

To find out more about TCC’s Mainframe Managed Service, please visit our website https://e-tcc.com/managed-services.