Tis the Season for Identity Theft Protection

Many of us have the latest gadgets and “smart” appliances on our gift lists.  Many are now connected to the wonderful “Internet of Things”.  What I’m sure none of us have on our wish list is getting hacked.  Today’s blog is advice from Consumer Education Specialist Ari Lazarus from the Federal Trade Commission—the division of the Federal government that takes on the responsibility of consumer protection.

 

Today’s hackers are attacking a lot more than just computers. They’re going after ‘Internet of Things’ (IoT) products – like internet connected cameras and refrigerators and using them to create havoc on the internet.

 

In October, hackers used the “Mirai” malware to attack unsecured IoT devices, turning them into zombie computers to overwhelm and shut down popular websites including Netflix, Paypal and Twitter.

 

Attacks like that are more than just an inconvenience. They can put your information at risk. So what can you do to reduce the risk of compromise to your home network and smart products?

  • Be mindful of each question during the set up process—DO NOT JUST CLICK “NEXT”. Review the default settings carefully before making a selection, and use the security features for your device. If it allows you to set up a passcode lockout (“three strikes and you’re out”) and enable encryption, you can add a layer of protection to your device.
  • Like you do for your computer and smartphone, download the latest security updates. To be secure and effective, the software that comes with your device needs updates. Before you set up a new device, and periodically afterwards, visit the manufacturer’s website or the device’s settings menu to see if there’s a new version of the software available for download. To make sure you hear about the latest version, register your device with the manufacturer and sign up to get updates.
  • Be sure to create original passwords for each device. The manufacturer may have assigned your device a standard default password. Hackers know the default passwords, so change it to something more complex and secure.

 

At Legal Shred, we want to do everything we can to help make this year’s holiday season your best ever.  For more on identity theft best practices, please visit legalshred.com or hvshred.com

Keeping Scammers from Dimming Holiday Cheer

Form of payment is key.  If someone is asking you to pay with an iTunes or Amazon gift card or to wire money through Western Union or MoneyGram: Don’t do it. Scammers ask you to pay in ways that let them get the money fast — and make it nearly impossible for you to get it back. If you’re doing any holiday shopping online, know that credit cards have a lot of fraud protection built in.
A key way to spot imposters is understanding imposters pretend to be someone you trust to convince you to send money or personal information. They might say you qualified for a free government grant, but you have to pay a fee to get it. Or they might send phishing emails that seem to be from your bank asking you to “verify” your credit card or checking account number. Don’t buy it.
In the holiday spirit and taking advantage of tax benefits, it’s a big time of year to donate to charities.  To make sure your money is really getting to a real charity, research your chosen charities first.  Good resources for verification include Charity Navigator, Charity Watch, and Guide Star.
The holiday season is upon us–let’s make it the cheeriest ever.
For more on identity theft best practices please visit www.hvshred.com

Thankful for 2016

Going into the last weeks of 2016, we’d like to use this week’s blog to reflect on a great year.  On January 1, 2016 we announced our expansion into the Greater NY/NJ Metro market taking on the dba “Legal Shred”.  In April we solidified our presence with the acquisition of Stay Green and welcomed Joseph Ferguson to our team. A few months later we secured clients in Connecticut, Massachusetts, and NJ.

As we grow, our mission and core value remains the same.  Security, strong relationships, and accepting nothing less than the best from ourselves each and every service, each and every day, each and every week, each and every month…each and every year.  That’s how we roll.

We appreciate the continued support of so many clients who have now been with us since our first days in 2008 and each client we have serviced since–whether monthly, weekly, or just once.

We at Legal Shred are looking forward to helping with year end-clean outs as well as partnering with our existing and new clients to make their 2017 budgets manageable while ensuring top level data security including document destruction as well as hard drive destruction.

Already we have helped save over 20,000 trees and nearly 4000 cubic yards of landfill.

We always welcome feedback as to how we can improve our service–we look forward to hearing from you in these final weeks of 2016 and going into 2017.

For more information on the most secure and cost efficient document security solutions, please visit www.legalshred.com or call us 845 705 7279

THANK YOU!

Shannon Miller Share the Gold Medal Mindset

Shannon Miller shares the Gold Medal Mindset at the Mid Hudson Chapter of the NYS CPA Society Networking Event

Shannon Miller shares the Gold Medal Mindset at the Mid Hudson Chapter of the NYS CPA Society Networking Event

As Co-Chair of this year’s annual Mid Hudson Chapter of the NYS CPA Society Networking event, we thank everyone who helped make it a great evening.  We at Legal Shred enjoy being part of local events that help grow fellowship in our community.  Shannon Miller headlined this year’s event and inspired us all with her Gold Medal Mindset including stories from her Olympic feats in 1992 and 1996 as well as beating ovarian cancer in 2011.

We had an enthusiastic and dedicated event committee including co-chair Steven Engels from RBT CPAs, Jennifer L. Capicchioni Nugent & Haeussler P.C., Noelle DeLuca KPMG LLP, Denise L. Finney EisnerAmper LLP ,Rebecca J. Hasbrouck Precision Pipeline Solutions LLC. Jean M. Walsh PKF O’Connor Davies, LLP Terry A. Wheeler Goldstein Karlewicz & Goldstein LLP  and Jennifer Adduci Farm Credit East

Of course, we couldn’t have made it happen without the support of our sponsors:

Gold-TD Bank and Orange Bank & Trust

Silver- Hudson Valley FCU, Tompkins Mahopac Bank, Lakeland Bank, Empire State Bank, Drake Loeb Attorneys at Law, Catania, Mahon, Milligram & Rider PLLC

Bronze-Walden Savings, Key Bank, Bank of Millbrook, Legal Shred, Jeff Bank, Ethan Allen, Riverside Bank a division of Salisbury Bank

Thanks to everyone who attended–we always welcome your feedback for how we can make it even better next year.

Legal Shred is dedicated to being part of the community and looks forward to opportunities to help keep with secured data destruction for businesses throughout the Hudson Valley and greater NY/NJ metro area.

More information www.legalshred.com

 

Excellent Resource for Identity Theft Protection

Here’s what’s hot off the presses:

  • Identity Theft – What to Know, What to Do gives an overview of identity theft and steps to recover from it. If you’re teaching people in your community about avoiding and dealing with identity theft, this is the publication to order.
  • Identity Theft – A Recovery Plan, formerly Taking Charge: Fighting Back Against Identity Theft, is a comprehensive guide for victims of identity theft. This booklet includes to-do lists, forms, and sample letters – all of which you also can find right away at IdentityTheft.gov.

All of these publications are available in bulk, free of charge, atFTC.gov/bulkorder. Be sure to read, download, order and share them!

We always welcome your feedback for whether you find our blogs useful.

For more information please visit www.hvshred.com or www.legalshred.com

Are You Making it Too Easy for Companies to Get Your Personal Information?

If you are getting calls or emails from companies you’ve never heard of and wondering how they got your name or number — or how they know what you’re interested in, the reason might be lead generation.

Today’s blog is meant to help you understand how they get your information in the first place:

Lead generation is when companies gather information that people submit, often from online forms or applications. Lead generators sell that information to other companies offering products or services those people might be interested in.

It’s your information getting collected and sold, and it might pass through a lot of hands along the way.

The upside is you might find out about products or services you’re interested in, and get deals you wouldn’t have heard about otherwise.

The downside is, even if you know you’re giving information to a lead generator — like a site that matches people seeking loans with lenders — you might not realize your info could be sold and resold. If it’s sold to anyone willing to pay for it, you might be contacted by all kinds of companies you’ve never heard of.

Sometimes, lead generation also results in deception or outright scams. Last year the FTC sued a company that got people’s information from online payday loan applications, then sold it to non-lenders who raided people’s credit and bank accounts for millions. In another case, a company settled charges that it used fake job ads to get leads for colleges and career training programs.

The key is–Before you fill out forms or applications on a site, find out more about the company — on the site itself, and by doing an online search for the company with words like “complaint” or “review.” How will they protect your information? And think long and hard before you give out your Social Security Number or bank or credit card information. In the wrong hands, they can lead to identity theft. If you think information you’ve already shared has been misused, report it right away to the FTC and local police.

For more on best practices in Identity theft protection, please visit www.hvshred.com or www.legalshred.com

Tips from Homeland Security for Identity Theft Protection

We use this blog to share valuable resources for best practices in Identity Theft Protection.  This entry is adapted from a blog by Andy Ozment an Assistant Secretary, Cybersecurity and Communications.

According to Ozment, most of us have developed a very close relationship with our mobile devices: we carry them with us throughout the day, check them frequently, and even sleep with them nearby at night. Although mobile devices allow us to instantly connect with friends and family, to access the internet, get directions, and make purchases, this increased convenience also comes at an increased risk. Many of these online activities require us to provide personal information such as our name, email address, account number, and credit card information. This puts us at an increased risk of having this information compromised by cyber criminals.

The Department of Homeland Security is encouraging all Americans to follow these simple steps to ensure the security of their personal information online:

To keep your private information private, avoid sharing your full name, address, and other personal information online. Frequently check a website’s privacy options to ensure you have enabled the highest level of privacy as options may get updated or changed completely

The old “when it doubt, throw it out” guide works in this case.  Links in emails, tweets, posts, and online advertisements are often how cybercriminals compromise your computer or mobile device. If it looks suspicious, it’s best to delete it, even if you know the source. If appropriate, mark the message as “junk email” so that future messages from the sender do not end up in your inbox.

Passwords are key–make them strong. Setting passwords that are long, unique, and hard to guess is one of the most important things you can do to protect your online accounts. Changing passwords regularly and using different passwords for different accounts goes a long way to protecting your online information.

For any vulnerable accounts, ask for protection beyond passwords. Many websites now offer additional ways for you verify your identity are before you conduct business on their sites, such as two-factor authentication.

The same pertains to your mobile devices–In order to prevent theft and unauthorized access, use a passcode to lock your mobile device and always lock it when it’s not in use. Never leave your mobile device unattended in a public place.

For more on best practices for identity theft protection, please visit www.hvshred.com and www.legalshred.com

Owner Judith Papo featured in Jewish Newsletter

We were honored to be featured in the High Holiday Edition of The Voice-the Jewish newspaper of Dutchess County and surrounding areas published by the Jewish Federation of Dutchess County.

Debbie Silbergleit interviewed Judith and wonderfully captured the backstory of Judith’s childhood and how it has informed her launch of HV Shred, Inc.  Growing up in the 70s and 80s in Dutchess County was integral to giving Schwartz-Papo the self confidence and courage to team up with her family to create a business with strong values and a goal of helping businesses and the community at large securely and efficiently dispose confidential records as well as implement sustainable business practices by recycling the shredded material.

Voice Article Features Judith Papo of Legal Shred

Judith feels strongly the fostering and supportive environment of her nuclear family echoed by the larger community around her has been integral to her success.

Judith wishes all a sweet and happy Jewish New Year–enjoy lots of apples and honey.

For more on how Legal Shred can be of service for your office or community please visit www.hvshred.com

FBI Urges Victims of Ransomware to Report Incidents

This week’s blog begins a several week series on Ransomware adapted from the Internet Crime Complaint Center. The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners. Information is analyzed and disseminated for investigative and intelligence purposes to law enforcement and for public awareness.

In it’s most recent post, the FBI is urging victims of ransomware to report their experiences to federal law enforcement to help the Agency gain a more comprehensive view of the current threat and its impact on U.S. victims.

Ransomware is a type of malware installed on a computer or server that encrypts the files, making them inaccessible until a specified ransom is paid. Ransomware is typically installed when a user clicks on a malicious link, opens a file in an e-mail that installs the malware, or through drive-by downloads (which does not require user-initiation) from a compromised Web site.
Ransomware infections impact individual users and businesses regardless of size or industry by causing service disruptions, financial loss, and in some cases, permanent loss of valuable data. While ransomware infection statistics are often highlighted in the media and by computer security companies, it has been challenging for the FBI to ascertain the true number of ransomware victims as many infections go unreported to law enforcement.

The FBI is urging victims to report ransomware incidents regardless of the outcome. Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases. Knowing more about victims and their experiences with ransomware will help the FBI to determine who is behind the attacks and how they are identifying or targeting victims.

What to Report to Law Enforcement
The FBI is requesting victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center, at www.IC3.gov, with the following ransomware infection details (as applicable):
1. Date of Infection
2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
3. Victim Company Information (industry type, business size, etc.)
4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
5. Requested Ransom Amount
6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
7. Ransom Amount Paid (if any)
8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
9. Victim Impact Statement

More on the impact of ransomware in upcoming weeks.

For more information on identity theft best practices, please visit www.legalshred.com

Another Attempt to Use IRS to Scam

This week we again adapt a post from a favorite resource–The FTC Identity Theft Blog.  In a September 1st blog, Andrew Johnson Division of Consumer and Business Education warns about the latest scammers posing as IRS agents calling with an issue.

Johnson’s advice–Don’t panic. And don’t return the call. It’s a scam.

Here are a few facts about the IRS to keep in mind if you get a similar call:

(1) If the IRS needs to contact you, they’ll do it by mail first.
(2) The IRS won’t demand personal information like credit card or Social Security numbers over the phone.
(3) The IRS won’t threaten to arrest or sue you, or demand that you pay right away.

(4)The IRS also won’t tell you to use a specific form of payment like a money transfer from MoneyGram or Western Union, a cash reload from MoneyPak or Reloadit, or a gift card from iTunes or Amazon. Scammers ask you to use those ways to pay because they’re hard to track or cancel payments.

If you or someone you know receives a call like this, report it the FTC and the Treasury Inspector General for Tax Administration (TIGTA). Include the caller’s phone number, along with any details you have. If you’re not sure whether a call is really from the IRS, you can double-check by calling the IRS directly at 1-800-829-1040. For more, check out this IRS imposter scams infographic.

Share with friends and family. They may get the call next.

For more on best practices to deter Identity theft, please visit www.legalshred.com