Jack’s Hacks: Spring Edition

The Latest in Cybersecurity

Recruiting Scams – Job Seekers Beware 

The digital job market and the rise of sophisticated recruitment fraud poses significant threats to job seekers. Forbes reports that scammers increasingly impersonate reputable companies, offering enticing yet fictitious positions to extract personal information or money from applicants. These fraudulent schemes often involve unsolicited messages promising high salaries and remote work opportunities, luring individuals into sharing sensitive data or making upfront payments. 

Protect yourself from recruiting scams: 

Verify Job Offers: Cross-check job postings on official company websites to ensure their legitimacy.

Research Recruiters: Confirm the identity of recruiters by carefully examining their professional profiles and contacting companies directly if approached unsolicited.

Avoid Upfront Payments: Legitimate employers do not ask for money during the hiring process, nor due they ask you to buy equipment and ship it to their IT teams for configuration.

Be Cautious with Personal Information: Share sensitive details only after confirming the authenticity of the job offer.

Staying vigilant and informed is crucial in navigating the job market safely. 

Upgrade Now, Stress Less Later: Say Goodbye to Windows 10

If you’ve been putting off that Windows 10 upgrade, consider this your friendly nudge. October might sound far away, but pumpkin spice season has a way of sneaking up on you.

Here’s the deal: as of October 14, 2025, Microsoft will officially stop supporting Windows 10. That means no more security updates, no more patches, no more protection. If you’re still using Windows 10 after that date and you’re connected to the internet—you’re leaving the door wide open for cyber-attacks.

For small and medium-sized businesses (SMEs), this isn’t just an IT housekeeping item—it’s a real risk. Without regular patches, outdated operating systems become prime targets for attackers looking to exploit known vulnerabilities. And once support ends, every month that passes increases your exposure to digital threats and cyber attacks.

Think of upgrading like locking your doors at night. You could leave them open, but would you really sleep well?

Need a practical reason to act now? Microsoft’s own support page confirms the end-of-life date and urges users to make the transition sooner rather than later. Getting ahead of the curve means you’re not scrambling to upgrade under pressure or dealing with compatibility issues at the last minute.

Bottom line: Upgrading to Windows 11 is more than a cosmetic change. It’s part of a healthy patching strategy—one that keeps your business safe, secure, and compliant. So yes, it’s time. Make the plan, schedule the upgrades, and give future-you one less thing to stress about. 

Jack’s Top Monthly Hacks

Cyber Hacks for Business: 

Cyber Security Shortcuts: The Hidden Cost of “Cheap” 

I see this mistake too often: businesses chasing short-term savings and sacrificing long-term security. 

Take cyber security for example. A common scenario you ask? Choosing basic antivirus (AV) software over endpoint detection and response (EDR). On paper, the savings look great. But here’s what tends to happen: 

A vendor pitches a low-cost AV solution to replace a solid EDR tool and decision-makers focus on price, convincing themselves it’s “good enough.” 

Then one of three things unfolds: 

1. Hidden Costs: Migration brings surprise fees. The price goes up after year one. The deal’s not so great anymore. 
2. Weak Protection: The new tool can’t keep up. Lacks visibility. Incidents slip through. Now the team is firefighting—and quietly regretting the switch. 
3. Lucky Break: Occasionally, the switch works. But in my experience, that’s rare—especially when you’re replacing a proven solution that’s kept pace with emerging threats.

Cybercrime isn’t slowing down. Small and midsize businesses are prime targets, and basic antivirus software can’t catch what EDR can—like lateral movements or fileless attacks. According to IBM’s Cost of a Data Breach 2024 report, organizations with fully managed EDR/XDR and automation saved an average of $2.22 million compared to those without.

So before cutting corners, ask: are we saving money—or creating risk?

Cyber Hacks for Individuals & Families: 

Take Charge of Your Personal Information: Have I Been Pwned? 

Want to see if your personal info has been exposed in a data breach? Start with Have I Been Pwned—a free tool that lets you check if your email or passwords have shown up in known data leaks.  

The reality is most of us have had personal data exposed at some point. What really matters is what you do next. Reusing or slightly tweaking compromised passwords (like changing a few characters) isn’t enough. That’s why I recommend using tools like 1Password to generate strong, unique passwords and manage them securely. Like any tool, password managers aren’t perfect, but they’re far better than trying to juggle it all in your head.  

Also, don’t underestimate the power of a password book for home use. While not a great idea for business, your home is much less likely to have a physical breach where those written down passwords are an issue. Putting the book in a locked drawer or safe also helps. Plus, if you pass away unexpectedly, your family can get access to critical accounts more easily in a time of great sadness and stress. 

As for removing your exposed data—it’s tough. Nearly impossible once it hits the dark web. Services like Incogni offer to remove your info from data broker sites. They can’t pull it from criminal marketplaces, but they can reduce your exposure by scrubbing it from legitimate and semi-legitimate databases, which lowers your risk in future breaches. If you have a Cyberboxx Home cyber insurance plan with BOXX, you get access to Equifax credit and ID monitoring that protects against identity theft and lost wallet assistance. 

In short: stay aware of your personal data that’s available online, regularly do an audit of exposures, use tools to help you manage and monitor your data; and don’t recycle your passwords.