15 May

Secure Password Practices: How to Protect Your Business from the Ground Up

CK Solutionssecurity

Passwords are your first line of defence against cyber threats, yet many people still underestimate the importance of using secure passwords. Weak passwords are one of the primary entry points for hackers, potentially leading to severe business disruptions, financial losses, or reputational damage. To keep your personal information and business data safe, adopting robust password practices is essential.

Creating Strong Passwords: Key Guidelines

Creating strong passwords doesn’t have to be complicated, but it does require a disciplined approach. Follow these simple guidelines to strengthen your passwords effectively:

  1. Length Matters
    • Aim for passwords that are at least 12 characters long. Longer passwords are significantly harder for attackers to crack using brute force attacks.
  2. Use a Mix of Characters
    • Combine upper and lower case letters, numbers, and special symbols (e.g., !, @, #, $, %) to increase complexity.
    • Example: Instead of “password123”, try something like “P@ssw0rd#20211!”
  3. Avoid Predictable Patterns
    • Stay away from easily guessable passwords like “123456”, “password”, or your birthdate.
    • Avoid common phrases or sequential characters, as these are among the first combinations hackers try.
  4. Unique Passwords for Each Account
    • Never reuse passwords across different platforms. If one account is compromised, all your accounts with the same password become vulnerable.

Risks of Reusing Passwords Across Platforms

Reusing passwords across multiple platforms is one of the most dangerous password practices. If a website or app gets hacked, cybercriminals often test stolen passwords across other services, a practice known as “credential stuffing”. If your passwords are reused, a single breach can expose multiple accounts, including sensitive ones like email, banking, or your company’s cloud infrastructure.

Potential consequences include:

  • Identity Theft: Cybercriminals accessing sensitive personal information.
  • Financial Loss: Hackers accessing bank accounts or making unauthorised purchases.
  • Operational Disruption: Business accounts compromised, causing data breaches and downtime.

Password Managers: The Smart Way to Securely Manage Passwords

Managing multiple complex passwords can be overwhelming. Password managers, such as Bitwarden or 1Password, simplify this process by securely storing your passwords and automatically filling them into login forms. They use strong encryption methods, keeping your credentials safe from attackers.

Benefits of using password managers include:

  • Enhanced Security: Generate and securely store highly complex passwords automatically.
  • Convenience: Easy access to your passwords across multiple devices and platforms.
  • Team Management: Centralised password sharing and access control within teams, improving overall security posture.

How CK Computer Solutions Can Help

At CK Computer Solutions, our Managed IT Services based in Dublin specialise in enhancing cybersecurity practices for businesses of all sizes. We help businesses:

  • Implement robust password management systems.
  • Educate employees on best password practices through tailored cybersecurity training.
  • Regularly monitor for credential leaks and vulnerabilities.
  • Provide seamless integration and ongoing support for password managers like Bitwarden or 1Password.

Our proactive approach ensures your business remains secure, efficient, and resilient against evolving cyber threats.

Get in touch with CK Computer Solutions today, and take the first step towards strengthening your organisation’s cybersecurity.

29 April

Invoice Redirection Scams: How They Work and How to Protect Your Business

CK SolutionsEmail, MANAGED IT Support services Dublin, Phishing, security, Training

Invoice redirection scams are one of the most financially damaging fraud tactics affecting Irish businesses today — particularly small and medium-sized enterprises (SMEs) that often lack robust payment verification procedures. These scams are clever, subtle, and can catch even the most diligent finance team off guard.

In this post, we’ll break down how invoice redirection scams typically work, and more importantly, outline clear procedures your business can follow when a supplier asks to change their bank details.

What Is an Invoice Redirection Scam?

An invoice redirection scam, sometimes called mandate fraud, occurs when a criminal tricks a business into changing the bank account details of a genuine supplier — redirecting payments to a fraudulent account controlled by the scammer.

Here’s how it usually works:

  1. The Set-Up: The scammer monitors your communications, often through email account compromise or social engineering, to identify payment patterns and key suppliers.
  2. The Deception: They pose as a legitimate supplier and send an email requesting a change in bank account details — often using a lookalike email address or even compromising the real supplier’s email account.
  3. The Pay-Out: Your accounts team updates the supplier’s details and processes the next invoice payment — but the funds go directly to the fraudster’s account.

By the time the real supplier starts asking why they haven’t been paid, the money is long gone.

Why This Scam Works So Well

What makes this scam particularly dangerous is that it doesn’t rely on malware or brute-force attacks. It uses trust, timing, and a dash of social engineering.

Scammers often study their victims carefully, learning supplier names, invoice due dates, and internal approval chains. The fake emails they send often look just like the real thing — complete with signatures, logos, and familiar language.

Unless your team is trained to spot red flags and follows strict verification procedures, these scams are frighteningly easy to fall for.

Tips for Verifying Supplier Bank Detail Changes

To protect your business from invoice redirection scams, follow these practical steps every time a supplier requests a bank account change:

1. Always Call to Confirm – Using Trusted Details

Never rely on the contact details included in an email requesting bank changes. Always use the contact number you’ve previously saved for the supplier — or look it up on their official website. Speak to someone you know and trust in their accounts department.

It might feel like an extra step, but a 2-minute phone call could save your business tens of thousands of euro.

2. Verify in Writing – But Not by Email Alone

After a verbal confirmation, request a written confirmation of the change. This adds a second layer of verification and ensures there’s a documented trail of the request. However, don’t rely on email alone for verification — especially if that’s how the initial request came in.

3. Use a Supplier Change Request Form

Implement a standardised form in your company that must be completed for any supplier banking changes. This form should include:

  • Supplier name and contact
  • Previous bank details
  • New bank details
  • Date of request
  • Name of internal staff member processing the change
  • Signature of authorised approver

Make it company policy that no change is processed without this form completed and signed off.

IT Procedures to Support Fraud Prevention

While people are the first line of defence, your IT systems play a huge role in preventing and detecting fraud attempts.

At CK Computer Solutions, we help businesses across Dublin and beyond implement secure email systems, employee training, and fraud monitoring tools. Here’s how we can help:

  • Email Filtering & Monitoring: We’ll help ensure phishing emails and spoofed domains are blocked before they ever hit your inbox.
  • Multi-Factor Authentication (MFA): Adding MFA to your email systems makes it much harder for criminals to compromise staff accounts.
  • Audit Trails & Access Controls: We’ll help you implement IT controls to track who’s accessing sensitive supplier and finance data — and when.
  • Cybersecurity Awareness Training: We’ll train your staff to spot suspicious emails, verify requests, and follow secure processes confidently.

We’re not just here to install software — we’re your trusted managed IT services provider. We’ll work closely with your finance and procurement teams to integrate technology with policy and process.

Red Flags to Watch Out For

Train your team to stay alert for the following warning signs:

  • Urgent or last-minute requests to change payment details.
  • Poor grammar or formatting in emails, especially from regular contacts.
  • Slight variations in email addresses (e.g. suppliername@companny.com instead of company.com).
  • Emails that skip personal greetings or use vague language.
  • Requests that pressure staff to “just process this quickly.”

If something feels off — trust your gut and verify independently.

Invoice redirection scams can be devastating — but they’re also preventable with the right mix of process, technology, and awareness.

Take the time to build and enforce procedures around supplier bank changes. Train your staff regularly. And make sure your IT systems are properly set up to detect and block threats before they cause damage.

At CK Computer Solutions – Managed IT Services Dublin, we can help you review and strengthen your internal controls, protect your email systems, and provide ongoing training for your team. Whether you’re a small local business or a growing SME, we’re here to help you stay safe, smart, and secure.

Need help locking down your systems or training your team against invoice scams?
Get in touch with CK Computer Solutions today – and let’s build a safer digital foundation for your business.

24 April

Understanding DKIM, DMARC, and SPF: What They Are and Why They Matter

CK SolutionsEmail, Office 365, security

Understanding DKIM, DMARC, and SPF: What They Are and Why They Matter

Email authentication protocols—SPF, DKIM, and DMARC—are fundamental to securing domain-based email systems against spoofing, phishing, and unauthorised use. These technologies work together to ensure that email claiming to come from a specific domain is actually authorised by that domain’s owner.

This post explains the function of each protocol, how they interact, and provides DNS record examples to assist with accurate implementation.

Protocol Overview and Purpose

  • SPF (Sender Policy Framework) allows a domain to list authorised mail servers via DNS.
  • DKIM (DomainKeys Identified Mail) adds a cryptographic signature to emails, verifying integrity and legitimacy.
  • DMARC (Domain-based Message Authentication, Reporting & Conformance) enforces alignment between SPF/DKIM and the visible “From” header, while also enabling detailed feedback through reporting.

Together, these protocols create a layered authentication strategy that helps protect your domain’s reputation and improves deliverability.

SPF: Authorise Sending Servers

SPF works by checking the envelope sender (the Return-Path) of an email against a TXT record in DNS. If the sending IP is not listed, the message fails SPF validation.

Example DNS record for SPF:

yourdomain.com.  IN  TXT  "v=spf1 ip4:203.0.113.5 include:spf.protection.outlook.com -all"
  • ip4:203.0.113.5 allows a specific mail server IP
  • include:spf.protection.outlook.com includes Microsoft 365 servers
  • -all indicates hard fail for unauthorised sources

Best practices:

  • Avoid using +all, which defeats SPF’s purpose.
  • Don’t exceed 10 DNS lookups (include: and redirect= count).
  • Only publish one SPF record per domain.

DKIM: Sign Outbound Mail with a Private Key

DKIM validates that a message’s content was not modified and that it originated from the stated domain. It does this via a cryptographic signature added to the email headers.

Example DNS record for DKIM:

selector1._domainkey.yourdomain.com.  IN  TXT  "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3..."
  • selector1 refers to a key selector used by the signing mail server.
  • The p= value contains the RSA public key.

Best practices:

  • Use 2048-bit keys where supported.
  • Rotate keys periodically.
  • Ensure your MTA (Mail Transfer Agent) is correctly signing outbound email.

DMARC: Align, Enforce, and Monitor

DMARC ensures that either SPF or DKIM (or both) pass and are aligned with the domain in the “From” header. It also instructs recipient servers what to do with unauthenticated emails, and provides reports.

Example DNS record for DMARC:

_dmarc.yourdomain.com.  IN  TXT  "v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com; sp=none; adkim=s; aspf=s"
  • p=quarantine tells recipient to quarantine messages that fail DMARC
  • rua= defines the address to receive aggregate reports
  • sp=none sets a separate policy for subdomains
  • adkim=s and aspf=s enable strict alignment

Best practices:

  • Start with p=none to gather reports before enforcing policies.
  • Regularly review and analyse DMARC reports.
  • Use tools to parse and visualise report data.

Protocol Interoperability and Domain Alignment

These three protocols work together:

  • SPF validates the mail server sending the email.
  • DKIM verifies message integrity and authenticity.
  • DMARC ensures the “From” header aligns with SPF or DKIM domains and applies policy accordingly.

This alignment is critical because SPF and DKIM alone do not cover the “From” header—the most visible part of an email to users.

Example alignment failure:

  • Email claims to be from accounts@yourdomain.com
  • SPF passes for mail.vendor.com (used in Return-Path)
  • But the “From” is yourdomain.com, and they don’t match → DMARC fails

Implementation Considerations and Common Pitfalls

  • Publishing multiple SPF records—merge them into one
  • Using soft fail ~all permanently (should only be used during testing)
  • Misconfigured DKIM selectors or missing DNS records
  • Not enabling DMARC reports (rua=), which limits visibility
  • Assuming third-party services automatically support these protocols—many require manual setup

Subdomain note: Use the sp= tag in DMARC to control policies for subdomains explicitly. For example:

sp=reject

enforces rejection on subdomains too.

How CK Computer Solutions – Managed IT Services Dublin Can Help

While setting up SPF, DKIM, and DMARC is technically straightforward for experienced admins, ongoing management and monitoring are where most businesses stumble.

CK Computer Solutions offers expert assistance to:

  • Implement correct DNS records across multiple domains and services
  • Coordinate with third-party senders to align email sources
  • Parse and act on DMARC reporting
  • Harden policies over time while maintaining deliverability
  • Keep your systems compliant as standards evolve

We work with both cloud-based systems like Microsoft 365 and Google Workspace, and hybrid/on-prem environments. As your Managed IT Services provider in Dublin, we’ll secure your domain at the DNS, mail server, and policy levels—ensuring that your email reputation is protected and your communications stay trusted.

Contact Us

CK Computer Solutions