Ransomware is Still a Problem

This week we turn again to the “IC3” Internet Crime Complaint Center established as a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate. The IC3 was intended, and continues to emphasize, serving the broader law enforcement community to include federal, as well as state, local, and international agencies, which are combating Internet crime and, in many cases, participating in Cyber Crime Task Forces.

According to I-062315-PSA data from the FBI’s Internet Crime Complaint Center (IC3) shows ransomware continues to spread and is infecting devices around the globe. Recent IC3 reporting identifies CryptoWall as the most current and significant ransomware threat targeting U.S. individuals and businesses. Between April 2014 and June 2015, the IC3 received 992 CryptoWall-related complaints, with victims reporting losses totaling over $18 million.

The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website. Once the victim’s device is infected with the ransomware variant, the victim’s files become encrypted. In most cases, once the victim pays a ransom fee, he or she regains access to the files that were encrypted.

If you believe you have been a victim of this type of scam, you should reach out to your local FBI field office. You may also file a complaint with the IC3 at www.IC3.gov. Please provide any relevant information in your complaint.

Tips to protect yourself:

  • Always use antivirus software and a firewall. It’s important to obtain and use antivirus software and firewalls from reputable companies.
  • Enable popup blockers. Popups are regularly used by criminals to spread malicious software.
  • Always back up the content on your computer. If you back up, verify, and maintain offline copies of your personal and application data, ransomware scams will have limited impact on you.
  • Be skeptical. Don’t click on any emails or attachments you don’t recognize, and avoid suspicious websites altogether.

For the latest on internet safety and identity theft best practices, please regularly check in to our website www.hvshred.com

Heartbreak Scammers Nabbed

In a recent blog by Lois C. Greisman Associate Director, Division of Marketing Practices, FTC, the latest trend is to add insult to injury.


Among the latest scams is hackers using the on-line dating sites to steal identities.  Heart break in this case leads also to heart burn and even worse depending.

On-Guard On Line is always on top of reporting imposter scams. In recent months, we’ve told you about IRS imposters, romance scams, and work-at-home scams. We always give you tips on how to spot and avoid these scams. We tell you about the cases we’ve brought to shut down the scammers. But, as a civil law enforcement agency, we don’t often get to tell you about the criminal charges brought against the scammers. Until today.

The Department of Justice (DOJ) recently announced the extradition of six Nigerian nationals from South Africa to Mississippi to face a nine-count federal indictment for various Internet frauds. These six people join 15 others who were previously charged with, among other things, conspiracy to commit mail fraud, wire fraud, bank fraud, identity theft, and money laundering.

What were the scams? According to the indictment, the defendants found and reached out to their potential victims through online dating websites and work-at-home opportunities. In some cases, they carried on so-called romantic relationships with their targets, trying to get their victims to do things like re-ship merchandise purchased with stolen credit cards, deposit counterfeit checks, and send money to the defendants – whether via wiring money or sending prepaid debit cards.

Here’s where you come in. If you know someone who lost money or information to romance, reshipping, fake check, or work-at-home scammers, please tell them to visit DOJ’s announcement. Why? Because there’s a list of aliases and email addresses that the defendants allegedly used in carrying out these scams. If you recognize a name or email address, you could help in the investigation of these crimes.

It’s not every day you get to help lock up alleged bad guys. Unless, of course, you work at the Department of Justice, the US Postal Inspection Service, or Homeland Security Investigations – all of which had a hand in this case. Please check out the list and see if you might have information to share with the investigators.

This points to the need for the entire community local, national, and global to work together to help deter, detect, and defend against identity theft.  For more information, please visit www.hvshred.com

The RIght & Responsibility to Vacation Safety

Once again turning to a favorite resource, we adapt the latest entry by Consume Education Specialist Amy Hebert from the FTC’s On Guard On Line website.

The focus this week is on safe travel arrangements.  Whether you travel a lot or just a little, you’ve probably gone online to book a hotel stay. Sometimes you might find a travel comparison site gets you the best deal. Other times, you might book directly at a hotel’s website — maybe to earn points for the company’s reward program, or because you have some special requests for your stay.

For those times you’re looking to book directly with a hotel, make sure that’s what you’re doing. The FTC has heard from people who searched online and thought they were booking on a hotel website, only to find they’d unknowingly been doing business with someone else.

The confusion resulted in problems like:

  • arriving and finding no reservation
  • having trouble canceling or modifying a reservation, or disputing charges through the hotel
  • finding reserved rooms didn’t reflect special requests like disability access
  • being charged undisclosed fees
  • paying a higher rate than what’s advertised by the hotel
  • getting credit card charges from the third party, not the hotel
  • not earning points with their hotel reward program

It can be hard to tell that you’re not on the hotel’s site. You might see a hotel’s name in the URL, or call the number shown next to the hotel’s address and not realize it’s the reservation company — not the hotel — you’re talking to.

Your best bet to avoid surprises — look closely at your search results. If you know you want to deal directly with a hotel, take the time to look for signs you might be on a third-party site, like another company’s logo. It’s also a good idea to find the hotel phone number yourself, rather than rely on what’s listed on the site.

Keep checking for more information for best practices in identity theft protection and safety on line at www.hvshred.com

Efficiency & Economy of On-site Shredding

There are many reasons you should be using a shredding vendor to handle the destruction of your confidential documents, but the biggest motive for businesses to outsource this task is always security. Proper document destruction means compliance, because non-compliance can be costly, embarrassing, and have long-term financial effects, not to mention your brand’s name will be indefinitely tarnished.

Many federal and state laws govern how you handle your confidential documents and the record retention policies your business must abide by. Often times, businesses will stockpile their records for far longer than necessary, so it’s imperative to know when and how often you should destroy old documents.

To save on storage fees and to keep your records current, it’s recommended to rely on routine document destruction services. This will take the guess work out of when and how long to keep documents, but also alleviate sensitive waste that can pile up in offices, such as human resources departments, tax and finance departments, and healthcare practices.

Why should you consider routine service from HV Shred Shred?

  • There are no required contracts
  • Billing can be set up automatically
  • Options are flexible; we can service your needs weekly, monthly, or anywhere in between
  • Legal Shred is certified with MSA (Mobile Shredding Association), so you know the job will be handled properly and with the utmost care
  • We supply you with all bins
  • We come to you and will shred all of your documents right at your location
  • HV Shred’s routine scheduled service is a great plan for customers that have a legal and ethical obligation to protect their sensitive information on a daily basis, and the most crucial benefit to routine service? It saves money.

With a routine service schedule, we are able to offer competitive pricing for your destruction needs.

To learn more, please visit www.hvshred.com and feel free to contact us immediately via email or phone. We customize the service to suit each company’s specific needs.

Efficiency and Economy of On-Site Shredding

There are many reasons you should be using a shredding vendor to handle the destruction of your confidential documents, but the biggest motive for businesses to outsource this task is always security. Proper document destruction means compliance, because non-compliance can be costly, embarrassing, and have long-term financial effects, not to mention your brand’s name will be indefinitely tarnished.

Many federal and state laws govern how you handle your confidential documents and the record retention policies your business must abide by. Often times, businesses will stockpile their records for far longer than necessary, so it’s imperative to know when and how often you should destroy old documents.

To save on storage fees and to keep your records current, it’s recommended to rely on routine document destruction services. This will take the guess work out of when and how long to keep documents, but also alleviate sensitive waste that can pile up in offices, such as human resources departments, tax and finance departments, and healthcare practices.

Why should you consider routine service from HV Shred Shred?

  • There are no required contracts
  • Billing can be set up automatically
  • Options are flexible; we can service your needs weekly, monthly, or anywhere in between
  • Legal Shred is certified with MSA (Mobile Shredding Association), so you know the job will be handled properly and with the utmost care
  • We supply you with all bins
  • We come to you and will shred all of your documents right at your location

HV Shred’s routine scheduled service is a great plan for customers that have a legal and ethical obligation to protect their sensitive information on a daily basis, and the most crucial benefit to routine service?   It saves money.


With a routine service schedule, we are able to offer competitive pricing for your destruction needs.

To learn more, please visit www.hvshred.com and feel free to contact us immediately via email or phone.  We customize the service to suit each company’s specific needs.

 

The Return of an Old Scam

Among our favorite resources for best practices in identity theft protection is the “OnGuard Online Blog”.  A recent blog posted by Consumer Education Specialist Amy Hebert alerted the public to the return of an old scam: The FTC Imposter Scam.

An email arrives in your inbox that tells you there’s a complaint against your business, and wants you to click on a link. Here’s what one of the scammy emails said:

“This notification has been automatically sent to you because we have received a consumer complaint, claiming that your company is violating the CCPA (Consumer Credit Protection Act).
According to our policy, we have initiated a formal investigation before taking legal action. You can download the document containing the complaint and the plaintiff contact information, from…” followed by a link.

At first glance, it might look legitimate. It has the FTC seal, the email appears to come from an FTC email address, and the web address looks like it goes to an FTC site. But if you hover over the web address, you’ll see the link actually sends you somewhere else.

If you get an email like this, don’t open it. And most important: don’t click on the links. Don’t open any attachments, either. If you do, you could install malware on your computer, causing your device to crash, or allowing a scammer to monitor and control your online activity, steal your personal information, send spam, and commit fraud. You can forward the phony email to spam@uce.gov — but then delete it.

Government imposters aren’t just impersonating the FTC. If you get an unexpected email that says it’s from the government and asks you to click on links, open attachments, or share personal information, don’t do it. Even if you think it’s legitimate, it’s best to look up the number and contact the agency directly to check it out.

For more on best practices regarding identity theft protection, please visit www.hvshred.com

Independence Holiday Blog

With Independence Day on the horizon, at HV Shred we’d like to offer the business community a world independent from the expense and heartbreak of security breaches; the hassle of removing staples and paper clips, and the frustration and danger of overheating and paper jammed office shredders. Not to mention the noise of the in house shredder along with the dusty bags of shredded paper; it’s a world where shredded paper saves trees and water and oil.

This is the world of on-site service with HV Shred.

We are thankful for the many offices throughout the Hudson Valley business community that have already engaged our services and welcome the contact from any office doing on-call file purging and/or has on-going needs to securely and sustainably dispose of confidential paperwork.

We shred on-site; we provide the certificate of destruction, and we recycle everything we shred!

For more information, please visit our website www.hvshred.com

Be Wary of Gift Card Scams

With education as a main thrust for our weekly blog, one of our “go to” resources is the Internet Crime Complaint Center (IC3): a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C)

The latest IC3 posting is timely considering this is a popular gift giving time with graduation and wedding season upon us.

The FBI warns consumers of potential fraud particularly in the Secondary Gift Card Market. The Secondary Gift Card Market provides a venue for consumers to resell unwanted gift cards. However, criminal activity has been identified through sites facilitating such exchanges.

Among the popular gift card scams reported to the IC3 are:

  • Victim sells a gift card on an auction site, receives payment for the sale, and sends the PIN associated with the gift card to the buyer, who disputes the charge after using the gift card.
  • Victim purchases an item on an auction site and is advised by the seller to purchase gift cards to pay for the transaction. After purchasing thousands of dollars in gift cards, the victim finds out the auction transaction is a scam.
  • A Secondary Gift Card Market site agrees to pay a victim for a discounted merchant gift card. The victim sends the code on the gift card, and the payment for the transaction was reversed. Thus, the buyer uses the gift card code to purchase an item and stops payment to the seller.

Consumers should beware of social media postings that appear to offer vouchers or gift cards, especially sites offering deals too good to be true, such as a free $500 gift card. Some fraudulent offers may pose as Holiday promotions or contests. The fraudulent postings often look as if a friend shared the link. Oftentimes, these scams lead to online surveys designed to steal personal information. Never provide your personal information to an unknown party or untrustworthy website.

Following the tips below will go a long way to keep consumers safe:

  • Check Secondary Gift Card Market website reviews and only buy from or sell to reputable dealers.
  • Check the gift card balance before and after purchasing the card to verify the correct balance on the card.
  • The re-seller of a gift card is responsible for ensuring the correct balance is on the gift card, not the merchant whose name is on the gift card.
  • When selling a gift card through an online marketplace, do not provide the buyer with the card’s PIN until the transaction is complete. Online purchases can be made using the PIN without having the physical card.
  • When purchasing gift cards online, be leery of auction sites selling gift cards at a discount or in bulk.
  • When purchasing gift cards in a store, examine the protective scratch-off area on the back of the card for any evidence of tampering.

If you believe you have been a victim of a gift card scam, you may file a complaint, providing all relevant information, with the IC3 at www.IC3.gov.

For more on identity theft best practices, please visit www.hvshred.com

Walkway Marathon Goes Green

HV Shred President Judith Papo was thrilled to be part of the Walkway Marathon Green Team.  Together with dozens of volunteers we educated thousands of attendees on what is composted vs recycled vs just plain trash.  The crowd was not just receptive but also enthusiastic about their opportunity to run among the most scenic races in the country as well as be part of what we expect to be the first ever Green Marathon in NY State.  A big thank you to all who participated.  We will have the data in the near future.

HV Shred is proud to be part of efforts to help our local and global community increase sustainable practices.  For more on recycling as well as secured data disposal, please visit www.hvshred.com