• Layla Eshack

Spam Email

Most attacks originate in your email. Every email service provider has different security measures available. Always look into your default privacy and security settings and make necessary changes. You should create strong passwords for your email, change them frequently, and always log out of your account. To avoid downloading viruses through your email, download an antivirus software that is equipped to protect your system. There are also services your company could use designed to reduce spam and your exposure to attacks on your staff via email. Avoid clicking on links or download attachments from outside your contacts.


Apply security policies on your network. Some examples include denying or limiting USB file storage access, enabling enhanced password policies, setting user screen timeouts, and limiting user access. Passwords should never be written down or shared. They should be unique and strong, but simple enough to remember. Consider implementing dual-factor authentication for your employees to decrease risk even further.


Backup local. Backup to the cloud. Have an offline backup for each month of the year. Test your backups often. And if you aren’t regularly and completely backing up your data, you risk losing it all. Could your business afford that? If you aren’t convinced that your backups are working properly, call us ASAP.

Dark Web Research

Knowing in real-time what passwords and accounts have been posted on the Dark Web will allow you to be proactive in preventing a data breach. We scan the Dark Web and take action to protect your business from stolen credentials that have been posted for sale. The majority of companies we have provided this scan for have had employee credentials or personal information on the dark web.

Security Awareness

Train your users - often! Teach them about data security, email attacks, and your policies and procedures. We offer a web-based training solution and “done for you” security policies.

  • Layla Eshack

Hackers are always updating their tactics, and they have been hard at work over the past few months developing lucrative COVID-19 scams. Cyber threat actors have been targeting individuals and small businesses more than ever. Typically these scammers are trying to steal your identity, your money, or both.

As of August 5th, COVID-19 scams have cost Americans over $98 million. Learn what to look out for and how you can protect yourself.

Text-Message Campaigns

Criminals have been engaging in large-scale text-based campaigns, sending out messages to random telephone numbers. Often these scams are offering illegitimate COVID-19 therapies, cures, and testing kits. In reality, they are scams to get you to provide personal information or money.


Do not open links from people you don't know. Do not respond to messages from anyone who is not in your contacts. Do not give your information to anyone over text message.

Government Impersonation

Cyber threat actors have been taking advantage of Americans by posing as government organizations and health officials to collect personal information during the COVID-19 pandemic. These are attempts to steal your private information and possibly your identity.


The government will never call you out of the blue, they typically send a letter. They will also never ask you to send money over the phone.


Contact Tracing Fraud

This has become one of the most frequent scams. Someone posing as a contact tracing service for COVID-19 will call you and attempt to collect your personal information, money, or, ideally, both.


Legitimate contact tracers will ask about you and your health, but they never need your personal financial information or money. Never provide information you are not comfortable with, and never click on links from people outside of your contacts.

Phishing Campaigns

Phishing campaigns are unsolicited emails that are trying to get you to provide information, click on a link, or send money. Often they look legitimate, and sometimes they can look like they are from someone you know. Clicking on a malicious link can take over your system and your privacy could be compromised.


Do not click on any links unless you know for sure who they are from and where the link takes you. Do not automatically download attachments - sometimes this is the default, so get into your settings and change it. Do not respond to any emails requesting your login information, personal finance information, or money.

Report suspicious emails and senders to FTC at ftc.gov/complaint.

Work-at-Home Schemes and Fake Job Offers

Unemployment has been at an all-time high this year. This means there are millions of unemployed Americans out there desperate for jobs so they can pay the bills and stay safe. Hackers know this and __ are taking advantage by offering phony job offers that are designed to collect your information.


Be vigilant! Even if it seems like a great opportunity, look into it before offering any information. It could be too good to be true.

Unemployment Insurance

There have been over 50,000 fraudulent unemployment insurance claims using stolen identities in Maryland alone. According to the FBI, “The criminals obtain the stolen identity using a variety of techniques, including the online purchase of stolen PII, previous data breaches, computer intrusions, cold-calling victims while using impersonation scams, email phishing schemes, physical theft of data from individuals or third parties, and from public websites and social media accounts, among other methods. “


Anyone who suspects that their identity has been used to file a fraudulent unemployment claim should contact their state department of labor and complete a request for investigation.


Robocalls are automated mass phone calls, often pushing bogus coronavirus remedies and financial relief. These could seem like they are coming from a legitimate source, like the IRS, but they are scams.

STAY SAFE: It is highly unlikely that the IRS will call you as they communicate primarily by mail. Do not give personal information to a machine or to a stranger over the phone.

Investment Fraud

You may be contacted about what seems like an exciting opportunity to invest, possibly in a cure for the Coronavirus or a breakthrough treatment - these are scams! Any time you are contacted by a stranger to invest in something you have never heard of, you should be suspicious.

STAY SAFE: If you would legitimately like to invest in medical developments related to the

coronavirus, do diligent research before you provide any information or money.


Donating to coronavirus relief efforts is a very kind thought, but often the money donated is not really going to aid people in need. Don’t let criminals profit off of your generosity.

STAY SAFE: Research every organization before you donate. Search the organization again with the keywords “scam” or “fraud” to double-check. Resources like https://www.charitynavigator.org/index.cfm?bay=content.view&cpid=7779 can be helpful tools to sort out the best charities to donate to.

If you have questions about the ways your business can stay protected, please contact Critical IT Solutions today. We provide customized IT support and can help you come up with a plan to stay safe. Shoot us a message about your business needs, and we will get back to you shortly.

Scammers are innovators. Stay up to date on the latest information by signing up for our newsletter.

  • Layla Eshack

As Critical IT Solutions celebrates 10 years of unparalleled support for our clients in the D.C. area, we have decided to share our expert knowledge.

Read on to learn the 6 Best Cybersecurity Practices for small businesses.

1. Protect Your Passwords

Simple and commonly used passwords make it easy for someone to access your information. Develop strong, unique passwords and change them often.

2. Backup Everything

Losing your data would be time consuming and expensive to come back from. Don’t wait until it is too late. Protect your information by regularly backing up your data. These should be scheduled, complete backups to a secure destination, and verifiable.

3. Keep Up With Your Updates

As your business grows, your system needs to keep up. Regularly update your system with the latest OS and security patches and upgrade when necessary. Out of date systems can make you vulnerable and increase your risk of being a victim of hackers.

4. Implement Employee Training

Many hacking attacks can be attributed to user error. Provide cybersecurity training to inform employees of best practices for internet safety. Even so much as clicking on the wrong email could compromise the entire company’s system, not just their computer. Be sure all employees understand the risk.

5. Protect Against Malware & Viruses

Install a second generation antivirus/malware/spyware protection software and keep it up to date. Never click or a link or download a file from anyone unless you are expecting it.

6. Invest in Your Cybersecurity

Investing in your cybersecurity has always been a good idea, and these days it is vital. Find an IT service provider that can help protect your business needs.

  • A good MSP should be able to offer the latest and most effective tools that can protect you from the outside and inside your network.

  • Advanced tools can be expensive; however, the cost of recovering from a cyber attack is much more expensive. An MSP can help you determine the level of protection that is right for you.

12305 Cypress Spring RD

Clarksburg, MD 20871


T: 240.442.2960
F: 877.344.7601


© 2021 by Critical IT Solutions LLC.

  • facebook
  • w-tbird