Thursday, February 18, 2016

Don't Go Phishing - An Email Safety Tip

I am preparing a training for my clients on how to avoid problems that show up in email. Whether it's work email or home email, certain "bad" emails will always get through. If you have a good anti-virus program and a good spam filter, you shouldn't get viruses in your inbox.

But "phishing" is another program. Phishing is pretty much what it sounds like - bad guys are fishing to see who will bite. Here's a great example of a phishing email:

Notice the popup that says "http://s522558593... ." We'll come back to that.

When you get any email that includes links, do not click on anything unless you are 100% sure that it's real. For example, if you receive a regular newsletter, those links are probably safe.

Here are some quick tips for dealing with phishing emails.

First, be suspicious. Phishing emails often look very real. They will frequently have a "scare" tactic to get you to click without thinking. For example, a letter was returned undeliverable. Make sure we have the right address.

Well, wait a minute. Do you even use this product or service? Do you care if a letter went missing? Is this your bank?

Second, never click on the links in an email unless you asked this person to send you this email. If your bank has an urgent message for you, then open a browser and log into your bank. That way you'll know YOU initiated the contact and that it's really your bank. If there's an urgent message for you, it will be there.

If you want to see where the link is really going, float your mouse over it. See the example above. The "link" looks like it's going to, but if you click it will really go to that long link instead. In this case, that link is to a server with a reputation for sending massive amounts of spam email. If you click anything, you verify that your email works and they can sell it again.

I did not click on the link because 1) I don't use CoveredCA, and 2) I floated my mouse over it and the address was different.

But if I had clicked, I bet it's a site that looks very much like the "real" CoveredCA web site. But when you put in your information, if fails. In reality, you have just given the bad guys your username and password!

That's what they're fishing for.

The bad guys convince people to let their guard down. You need to have some hard, fast rules that you never break. And remember that the government will never initiate contact with you. And neither will most large businesses!

And here's a bonus tip: If you receive an email with an attachment, never open the attachment unless you asked that person to send you that email.

In general, click less and slow down. When you go fast, the bad guys can trick you into clicking when you should be deleting!


Saturday, February 6, 2016

Beware Budget Bifurcation

Humans have an amazing capacity to isolate various pieces of our lives and treat each independently. Perhaps we have to do this in order to make decisions at all and not be overwhelmed with data.

But sometimes we know very clearly that two things are directly related and choose to ignore this relationship anyway. This is called bifurcation.

The best example of bifurcated thinking is the government budget process. In the spring, Congress passes all kinds of laws with almost no attention to costs. Policy is all that matters. Then, in the Fall, they look at the costs of all  those programs and start  cutting and trimming costs - without regard to the policies.

Yes, the government always manages to overspend. But there is a budget process. And the most common compromise is the very simple and predictable: Split the difference. In other words, the House and Senate meet halfway in the middle - without regard to the policy differences.

What's this got to do with Small Business? Unfortunately, A Lot!!!

Business owners are also tempted to use bifurcated thinking when they budget as well. But unlike Congress, you can't go over budget without feeling the pain - and you can go out of business.

The most common example of bifurcated thinking in small business involves saving money in the wrong way. I call this "Saving the wrong pennies." Here's a great example.

Last year, one of my clients bought a new laptop. They only needed it for a few simple tasks, so they bought a low-end $300 machine instead of the business class machine I recommended for $600. It looks like they saved $300, right? Wrong - by a long shot.

Super basic, low-end equipment almost never saves money. That extra $300 was saved somewhere by the manufacturer. As a result, setting up the machine to work on a network was slower. Since that's billable labor, the client paid more for the setup right off the bat.

Then they started using it and found that it is noticeably slower than other machines in the office. "That's okay," they said, "We just need it once in awhile for low-end needs."

But right away they were disappointed because the new laptop printed very slowly and the printouts were often grainy, especially with photos. That's because the machine has almost no video memory, and almost no processor cache. Those are "specs" that almost no one compares, and they are very important for good performance.

And you know what happened next. They hired a new employee and that laptop is now used as a desktop computer every day. It is super slow and doesn't do the most important thing a computer should do: Make the user more productive!

So the client asked if we can upgrade the graphics card. But of course they can't. On a nicer laptop they might be able to upgrade the graphics - but they wouldn't need to because it would already have a better graphics card.

Now that they feel the pain, they see that the laptop is really only good for a few tasks and they'll pay whatever it takes to get something that performs well. This reminds me of a twist on an old saying: "We don't have money to do it right, but we have plenty of money to do it over."

Bifurcation Warning: You can always make decisions on price alone, but don't be surprised if that becomes a powerful, expensive decision in the long run.

The solution to this is surprisingly simple: Find a technology consultant who will give you good, honest advice and help you with long-term planning. A good consultant will help you create some kind of technology budget instead of just reacting to situations as they arise. Very often, the answer will be to save money in the short run as well as the long run!

Ideally, you have an ongoing maintenance contract and hold quarterly "roadmap" meetings to discuss your technology needs going forward. Once your I.T. consultant knows about your plans for the months (and years) ahead, they can help you make wise long term decisions.

For example, I recently had a client with some minor but annoying problems on a desktop PC. Knowing that the machine was scheduled to be replaced in two months, I asked her how much time I should spend on it. This reminded her about our earlier "roadmap" discussions and she said to limit my time to one hour.

Your I.T. consultant should be a consultant. That is, they should give you good advice that serves you well in the long run.

Be of one mind. Stop the bifurcated thinking!