Our goal at HV Shred is to help the community increase all avenues of security—including safe web browsing.  Here is the latest on a what the FBI is calling a malware scare:

Domain Name System (DNS) is an Internet service that converts user-friendly domain names, such as www.fbi.gov into numerical addresses that allow computers to talk to each other.  Without DNS and the DNS servers operated by Internet service providers, computer users would not be able to browse web sites, send e-mail, or connect to any Internet services.

Criminals have infected millions of computers around the world with malware called DNSChanger which allows them to control DNS servers.  As a result, the cyber thieves have forced unsuspecting users to fraudulent websites, interfered with their web browsing, and made their computers vulnerable to other kinds of malicious software.

To check if your computer is affected, go to http://www.dns-ok.us/ 

The page will tell you if it thinks your computer is looking up servers correctly. 

That’s not the end-all though. 

A few other steps that should be followed for computer safety regardless of threats.

1. Make sure your Windows Security Updates are up to date (if you have not installed windows updates in a while, it is recommended you do so.  If you’re not comfortable looking at the messages that come up on your computer, go to this web site: http://www.update.microsoft.com and check for updates.

2. Make sure all your plug-in programs are up to date.  This includes Flash, Java, Acrobat, etc.  If you have updates pending, you typically will see an icon on the start bar on the right side that will detail that you have updates from one of these programs.  You can also go on the web to check if you have the latest updates at www.adobe.com and www.java.com

3. As always, keep an eye out for suspicious pop-ups, ads, and other messages that appear out of place.  If you’re not sure about a window pop up, make sure you use the x at the top right of the window to close it.  That will keep programs from running anything malicious. 

Even if you were to be infected, after all of that, the problem is quickly solved by running a scan program that finds and removes it, but if your virus software is up to date, run a manual scan to ensure it’s clean. 

HV Shred is here to help—visit www.hvshred.com

In a recent USAA article, Stacy Cowley, tech editor for CNNMoney shared her nightmare of being a 6 time survivor of identity theft. The central message she imparted was the importance of using big, reputable, well-fortified cash machines.

Seems like the culprit for the majority of her ID Theft experiences were sketchy ATMs, usually those conveniently located in corner delis. As she learned, thieves also like to use these non-bank ATMs; they rig them to capture your card number and PIN. As she says, “use these off-label machines enought times and you’re likely to get hit.”

Stacy’s advice: “Don’t panic!” While ID Theft is scary, in general, banks will immediately freeze your account and reissue a new credit or debit card with a new number. You also get a chance to dispute any transactions.

If your card is stolen, your maximum liability, in most cases, is capped at $50 as long as you report it timely. It’s still frustrating to be cut off from your financial lifelines.

Stacy also recommends keeping a few dollars in cash just in case–it took about a week for her to get reimbursed when her cash was wiped out.

Biggest take away–use bank ATM’s–they’re the least likely to be compromised. Thieves still go mostly for the easy hit–make it hard for them and you’ll have the best chance of staying out of range.

For more id theft prevention tips visit www.hvshred.com

Unfortunately, ID theft appears to be on the rise again. According to Javelin, a leading research firm, in 2011, identity fraud increased by 13 percent. More than 11.6 million adults became victims of identity fraud in the United States, while the dollar amount stolen held steady. Their latest findings in a nutshell:

• Identity fraud incidents increased, amount stolen remained steady—The number of identity fraud incidents increased by 13 percent over the past year, but the dollar amount stolen remained steady. Additionally, consumer out-of-pocket costs have decreased by 44 percent since 2004, likely due to the improved prevention and detection tools that have come available as well as fraud alerts leading to reduced detection time.
• Social behaviors put consumers at risk—For the first time, Javelin examined social media and mobile phone behaviors and identified certain social and mobile behaviors that had higher incidence rates of fraud than all consumers. Despite warnings that social networks are a great resource for fraudsters, consumers are still sharing a significant amount of personal information frequently used to authenticate a consumer’s identity. Surprisingly those with public profiles (those visible to everyone) were more likely to expose this personal information. Specifically, 68 percent of people with public social media profiles shared their birthday information (with 45 percent sharing month, date and year); 63 percent shared their high school name; 18 percent shared their phone number; and 12 percent shared their pet’s name—¬all are prime examples of personal information a company would use to verify your identity.
• Smartphone owners experience greater incidence of fraud—The survey found seven percent of smartphone owners were victims of identity fraud. This is a 1/3rd higher incidence rate compared to the general public. Part of this increase may be attributable to consumer behavior: 32 percent of smartphone owners do not update to a new operating system when it becomes available; 62 percent do not use a password on their home screen—enabling anyone to access their information if the phone is lost; and 32 percent save login information on their device
• Data Breaches increasing and more damaging — One likely contributing factor to the fraud increase was the 67 percent increase in the number of Americans impacted by data breaches compared to 2010. Javelin Strategy & Research found victims of data breaches are 9.5 times more likely to be a victim of identity fraud than consumers who did not receive such a data breach letter.

We share this information to encourage all to be wary of vulnerable areas. For more information and resources, visit www.hvshred.com

The Federal Trade Commission recently released its list of the top consumer complaints received by the agency in 2011. For the 12th year in a row, identity theft complaints topped the list. Of more than 1.8 million complaints filed in 2011, 279,156 or 15 percent, were identity theft complaints. Nearly 25 percent of the identity theft complaints related to tax- or wage-related fraud.

The report breaks out complaint data on a state-by-state basis and also contains data about the 50 metropolitan areas reporting the highest per capita incidence of fraud and other complaints. In addition, the 50 metropolitan areas reporting the highest incidence of identity theft are noted.

The next nine complaint categories are Debt Collection; prizes, sweepstakes, and lotteries; shop at home and catalogue sales; bank and lenders; internet services; auto related complaints; imposter scams; telephone and mobile services; and advance-fee loans and credit protection/repair.

The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the United States and abroad. Enforcers search the database to research cases, track targets, and identify victims.

“The FTC’s Consumer Sentinel Network is an incredibly powerful tool for law enforcers who are working to protect consumers and go after the bad guys,” said David Vladeck, Director of the agency’s Bureau of Consumer Protection. “It’s used by agencies across the country and around the world to enhance their enforcement efforts.”

Other federal and state law enforcement agencies contribute complaints to the Consumer Sentinel Network, including the U. S. Postal Inspection Service, the Department of Justice’s Internet Crime Complaint Center, and the Offices of the Idaho, Michigan, Mississippi, North Carolina, Ohio, Oregon, Tennessee, and Washington Attorneys General. Private-sector organizations that contribute complaints include all U.S. and Canadian members of the Better Business Bureau, Western Union and Moneygram, and the Lawyers Committee for Civil Rights Under Law.

According to Richard Cordray, Director of the newly created Consumer Financial Protection Bureau, “The Consumer Sentinel Network is a treasure trove of information for law enforcers.”

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad.

Many people still feel protected from identity theft as long as they stay off the internet. This week’s post is a reminder that much of identity theft is still low tech. It’s dumpster diving and, in this case, capitalizing on low security in a health provider’s facility.

The message is we need to be vigilant of our paperwork at all times. We need to do things like keep and eye on the mail box, shred personally identifying information, and keep our fiduciaries on the ball as well. The latter is harder than the former since it involves a perhaps uncomfortable interaction with those we trust–still, we need to make sure our doctors, accountants, financial planners and everyone else we entrust with our personal information are also taking steps to protect us.

Here’s is the cautionary tale:
Chelsea Catherine Stewart of Birmingham, Alabama has been sentenced for 39 months for wrongfully obtaining individually identifiable health information. She also plead guilty to attempted bank fraud and aggravated identity theft.

This may seem like another story about a health care worker stealing patient information. But this one is a bit different. Chelsea was visiting a friend at Trinity Medical Center. When there was no one monitoring the patient files, she helped herself and copied the information of patients down.

This is what we call low tech hacking. It is the basic steps like locking files and shredding that must be taken to protect information.

For more information on how HV Shred can help please visit www.hvshred.com

At HV Shred, we use our blog to educate the community about the latest scams.  Caller ID Spoofing is far from being a “funny ha ha” spoof.  It could be a serious attack on your personal information.  How does it work?  A Caller ID Spoofer logs on to one of several websites that enable them to create an account by paying a small fee–the account allows them to enter a name and a number they want to pretend to be calling from–a bank–a credit union–some entity we are inclined to trust.

When we see the trusted name on our caller ID, we pick up the phone feeling as if we know with whom we are speaking–lulled into a false sense of confidence, we share personally identifying information. 

What to do?  Never give personal information over the phone on a call you don’t initiate.  If you are contacted by a financial institution or similar, hang up and call the number you know directly.  Better safe than sorry.

Be sure also to let you financial institution know if someone is spoofing them–they want to weed these hacks out even more than you–they are costing us all a lot of money and frustration.

For more on identity theft protection, please visit www.hvshred.com

In this season of Valentine’s and budding romances, we just want to help make everyone aware of a scam found to be more and more prevalent by The Internet Crime Complaint Center (a private/public partnership established to deter/detect/and defend again identity theft.  The IC3 has warned the public to be wary of romance scams in which scammers target individuals who search for companionship or romance online. Scammers search chat rooms, dating sites, and social networking sites looking for victims. The principal group of victims is over 40 years old and divorced, widowed, elderly, or disabled, but all demographics are at risk.

Scammers use poetry, flowers, and other gifts to reel in victims, the entire time declaring their “undying love.” These criminals also use stories of severe life circumstances, tragedies, deaths in the family, injuries to themselves, or other hardships to keep their victims concerned and involved in their schemes. Scammers also ask victims to send money to help overcome a financial situation they claim to be experiencing. These are all lies intended to take money from unsuspecting victims.

Victims who have agreed to meet in person with an online love interest have been reported missing, or injured, or in one instance, deceased. IC3 complainants most often report the countries of Nigeria, Ghana, England, and Canada as the location of the scammers. If you are planning to meet someone in person that you have met online, the IC3 recommends using caution, especially if you plan to travel to a foreign country, and, at the very least:

• Do not travel alone.
• Read all travel advisories associated with the countries you will visit. Travel advisories are available at http://travel.state.gov/.
• Contact the United States Embassy in the country you plan to visit.

Even though it seems to be contrary to the thought of starting a new romance, do not be afraid to check a new acquaintance’s story online. Remember, like most fraudulent schemes, scammers use whatever personal information you provide to quickly paint themselves as your perfect match. If your new friend’s story is repeated through numerous complaints and articles on the Internet, it is time to apply common sense over your feelings. To obtain more information on romance scams and other types of online schemes, visit www.LooksTooGoodToBeTrue.com. Anyone who believes they have been a victim of this type of scam should promptly report it to the IC3’s website at www.IC3.gov.

HV Shred, Inc is proud to be a resource, so please also check out www.hvshred.com for more information.