As we embark on a new school year, we’d like to “school” our blog community with some tips for how to tell one shredding service apart from another.

We encourage all businesses and individuals wherever they are and how small or large the service to THINK LOCAL FIRST.

Local businesses like HV Shred are more likely to be invested in the local community. At HV Shred, our owners are involved with the day to day business–we take the service personally–and we feel service in the community is a premium. That’s why our president Judith Papo is a Rotarian, an active member of the Mid Hudson Chapter CPA Society, as well as active in the local chambers.

In addition, HV Shred focuses on keeping the service simple and straightforward. No hassles with sorting of folders–we even shred hard cover books and spiral notebooks.

Newly added is our hard drive shredder. We can now shred hard drives in seconds right on sight! Electronics recycling is part of our offerings as well.

We are the total data security solution for local businesses.

And everything we shred gets recycled–our clients helped us save over 2000 trees in August alone!

Please visit our newly updated website for more information www.hvshred.com

Continuing with our theme of best practices for identity theft protection and building on last week’s post of strong passwords, this week we highlight those security questions. This post too is adapted from a recent post on OnGuard On Line by Whitney Merrill Legal Fellow, Division of Privacy and Identity Theft Protection, FTC.

If you forget your password or sometimes just as additional security, many companies require you to answer security questions to regain access. Here are some tips to make sure an attacker can’t use your security questions as a way to get into your account:

• Select security questions where only you know the answer. Many security questions ask for answers to information available in public records or online, like your zip code, mother’s maiden name, birth place. That is information a motivated attacker can obtain.
• Don’t use answers to security questions that can be guessed. An attacker can guess the answer to a security question that has a limited number of responses (dates, colors, states, countries). Avoid questions like “What state were you born in?” or “What color was your first car?” which allow an attacker to guess all possible answers.
• Don’t give a generic answer to a security question. Find an answer to a security question that you will remember but is also more complicated than a generic word. For example, if the security question asks “What is your favorite childhood memory?” the answer “watching the Dodgers with my mom” is more secure than “baseball.”

For more on best practices when it comes to identity theft protection, please visit www.hvshred.com

Best practices for identity theft protection is a theme of our HV Shred Blog. A recent post on On-Guard On-Line by Whitney Merrill Legal Fellow, Division of Privacy and Identity Protection, FTC is a good refresher when it comes to password common sense.

When the time comes to create another password, be sure it a secure one. A little extra attention when you create a strong password can prevent an attacker from getting access to your account.

Your password should be long, complex, and unique. Here are additional steps you can take to help create strong passwords and secure your accounts:

• Avoid common words, phrases, or information. Don’t use information available to others like your birthday, phone number, or Social Security number. Attackers often use a dictionary of previously exposed passwords and information gathered from the internet to help them guess a password.
• Change passwords quickly if there is a breach. Attackers who steal data from companies often obtain password information. If you receive a notification from a company about a possible breach, change that password and any account that uses a similar password immediately.
• Consider a password manager. Most people have trouble keeping track of all their passwords. Consider storing your passwords and security questions in a password manager, an easy-to-access application that allows you store all your valuable password information in one place. Use a strong password to secure the information in your password manager.

For more on best practices for identity theft protection, please visit www.hvshred.com

This week we turn again to the “IC3” Internet Crime Complaint Center established as a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate. The IC3 was intended, and continues to emphasize, serving the broader law enforcement community to include federal, as well as state, local, and international agencies, which are combating Internet crime and, in many cases, participating in Cyber Crime Task Forces.

According to I-062315-PSA data from the FBI’s Internet Crime Complaint Center (IC3) shows ransomware continues to spread and is infecting devices around the globe. Recent IC3 reporting identifies CryptoWall as the most current and significant ransomware threat targeting U.S. individuals and businesses. Between April 2014 and June 2015, the IC3 received 992 CryptoWall-related complaints, with victims reporting losses totaling over $18 million.

The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website. Once the victim’s device is infected with the ransomware variant, the victim’s files become encrypted. In most cases, once the victim pays a ransom fee, he or she regains access to the files that were encrypted.

If you believe you have been a victim of this type of scam, you should reach out to your local FBI field office. You may also file a complaint with the IC3 at www.IC3.gov. Please provide any relevant information in your complaint.

Tips to protect yourself:

• Always use antivirus software and a firewall. It’s important to obtain and use antivirus software and firewalls from reputable companies.
• Enable popup blockers. Popups are regularly used by criminals to spread malicious software.
• Always back up the content on your computer. If you back up, verify, and maintain offline copies of your personal and application data, ransomware scams will have limited impact on you.
• Be skeptical. Don’t click on any emails or attachments you don’t recognize, and avoid suspicious websites altogether.

For the latest on internet safety and identity theft best practices, please regularly check in to our website www.hvshred.com

In a recent blog by Lois C. Greisman Associate Director, Division of Marketing Practices, FTC, the latest trend is to add insult to injury.

Among the latest scams is hackers using the on-line dating sites to steal identities.  Heart break in this case leads also to heart burn and even worse depending.

On-Guard On Line is always on top of reporting imposter scams. In recent months, we’ve told you about IRS imposters, romance scams, and work-at-home scams. We always give you tips on how to spot and avoid these scams. We tell you about the cases we’ve brought to shut down the scammers. But, as a civil law enforcement agency, we don’t often get to tell you about the criminal charges brought against the scammers. Until today.

The Department of Justice (DOJ) recently announced the extradition of six Nigerian nationals from South Africa to Mississippi to face a nine-count federal indictment for various Internet frauds. These six people join 15 others who were previously charged with, among other things, conspiracy to commit mail fraud, wire fraud, bank fraud, identity theft, and money laundering.

What were the scams? According to the indictment, the defendants found and reached out to their potential victims through online dating websites and work-at-home opportunities. In some cases, they carried on so-called romantic relationships with their targets, trying to get their victims to do things like re-ship merchandise purchased with stolen credit cards, deposit counterfeit checks, and send money to the defendants – whether via wiring money or sending prepaid debit cards.

Here’s where you come in. If you know someone who lost money or information to romance, reshipping, fake check, or work-at-home scammers, please tell them to visit DOJ’s announcement. Why? Because there’s a list of aliases and email addresses that the defendants allegedly used in carrying out these scams. If you recognize a name or email address, you could help in the investigation of these crimes.

It’s not every day you get to help lock up alleged bad guys. Unless, of course, you work at the Department of Justice, the US Postal Inspection Service, or Homeland Security Investigations – all of which had a hand in this case. Please check out the list and see if you might have information to share with the investigators.

This points to the need for the entire community local, national, and global to work together to help deter, detect, and defend against identity theft.  For more information, please visit www.hvshred.com

Once again turning to a favorite resource, we adapt the latest entry by Consume Education Specialist Amy Hebert from the FTC’s On Guard On Line website.

The focus this week is on safe travel arrangements.  Whether you travel a lot or just a little, you’ve probably gone online to book a hotel stay. Sometimes you might find a travel comparison site gets you the best deal. Other times, you might book directly at a hotel’s website — maybe to earn points for the company’s reward program, or because you have some special requests for your stay.

For those times you’re looking to book directly with a hotel, make sure that’s what you’re doing. The FTC has heard from people who searched online and thought they were booking on a hotel website, only to find they’d unknowingly been doing business with someone else.

The confusion resulted in problems like:

• arriving and finding no reservation
• having trouble canceling or modifying a reservation, or disputing charges through the hotel
• finding reserved rooms didn’t reflect special requests like disability access
• being charged undisclosed fees
• paying a higher rate than what’s advertised by the hotel
• getting credit card charges from the third party, not the hotel
• not earning points with their hotel reward program

It can be hard to tell that you’re not on the hotel’s site. You might see a hotel’s name in the URL, or call the number shown next to the hotel’s address and not realize it’s the reservation company — not the hotel — you’re talking to.

Your best bet to avoid surprises — look closely at your search results. If you know you want to deal directly with a hotel, take the time to look for signs you might be on a third-party site, like another company’s logo. It’s also a good idea to find the hotel phone number yourself, rather than rely on what’s listed on the site.

Keep checking for more information for best practices in identity theft protection and safety on line at www.hvshred.com