OrlanTech Insights

As a reminder, this email is only being sent to authorized points of contact.

(But feel free to share it with other members of your team!)

Hello Friend, 

Before you flip that last page of the calendar, take some time to consider your cyber safety and make sure your company's technology feels supported through the end of the year and into 2026. 

The holidays are prime time for cybercriminals to snag your vulnerable information. Whether it's a fake website, deal or delivery scam, they'll count on you handing over your important data without a thought. There are a few ways to keep yourself safe, including good password hygiene. Learn how a password manager (or passkey) can be the first line of defense.

With the holiday shopping season here, let this be an important reminder to be aware of cyber threats. With all the stress and busyness of the season, it's prime time for cyber scams. You may not notice the website that looks like Amazon.com is actually Amozon.com or that the great deal you see on social media leads you to a cybercriminal's website that gathers your credit card information. 

Here's how you can stay safe while shopping online:

1. Keep software updated to ensure you have the latest security patches. This goes for your phone, tablet and computer. 
2. Use unique passwords instead of reused, common phrases that are easy to guess. Consider using a password manager to generate and store complex passwords. (Scroll down for more on that.)
3. Always double-check the legitimacy of deals, charities and websites before taking any action. Most importantly, make sure there is a lock icon in the web address bar before adding card details.
4. Be wary of urgency, as scammers often create a false sense of urgency to trick you into acting without thinking. 

Find more details about how scams happen and how you can keep yourself safe by clicking the button below.

A new wave of cybercrime is leveraging AI to fabricate convincing email threads between company executives — and it’s costing businesses.

Scammers are using generative AI to create fake email conversations that appear to be between CEOs, CFOs or department heads. These fabricated threads are then forwarded to accounting or finance departments, requesting urgent wire transfers, invoice payments or vendor updates.

Because the emails appear to come from trusted internal sources and contain realistic conversation context, they’re incredibly hard to detect without the proper safeguards.

Why These Attacks Are So Effective:

1. The emails often match your company’s communication style.
2. They may reference real vendors or current projects.
3. Email threads are faked, so it looks like an internal discussion is already in progress.
4. The messages are written with perfect grammar and tone, unlike old-school phishing attempts.

How to Protect Your Organization:

1. Verify all unusual financial requests with a phone call or Teams message — especially if they come from internal leadership.
2. Enable MFA and conditional access rules on all executive accounts.
3. Educate your team: Accounting and finance staff should be trained to spot red flags.
4. Consider our ITDR (identity threat detection and response) service to monitor for suspicious email behavior.

Passwords are our first line of defense against cyber threats, but many people still reuse the same password across multiple sites or use simple, easy-to-guess passwords. Unfortunately, these habits open people up to credential stuffing, phishing and data breaches. 

The solution is simple: Use a password manager like Bitwarden or 1Password to store your passwords securely in an encrypted vault. You only have to remember one master password. The rest are automatically generated, stored and filled in securely. 

Count on a password manager to: 

1. Create strong, complex and unique passwords for every site. 
2. Remember passwords for you: No more memorizing.
3. Protect against data breaches: If one site gets hacked, your other accounts remain safe.
4. Encrypt with zero knowledge, which means that even the password manager provider can’t see your data. 
5. Sync across your devices: Access your passwords from anywhere.

Another way to safeguard passwords is to use passkeys where available. Passkeys are becoming increasingly more common. 

Wishing you a restful holiday, a Merry Christmas and best wishes for a prosperous New Year.

Follow OrlanTech

P.S. Love our service? Sharing is caring! Leave us a Google Review and let others know about your OrlanTech experience. We appreciate your feedback!