Best Practices for Setting Up A Wireless Network

More and more of us are using wireless routers.  A recent post by Aditi Jhaveri Consumer Education Specialist for the FTC takes us through the best practices of setting up a wireless router.

We need to fight the temptation to rush through the set-up process. Here’s why you should pay close attention while setting up your router, and afterwards.

Heard of ASUSTeK? Among other things, they sell ASUS-branded wireless routers for home use. Some of their routers come with features — called AiCloud and AiDisk — that allow people to attach a hard drive to their routers and create their own “cloud” storage.

More and more of us are using wireless routers. A recent post by Aditi Jhaveri Consumer Education Specialist for the FTC takes us through the best practices of setting up a wireless router.
We need to fight the temptation to rush through the set-up process. Here’s why you should pay close attention while setting up your router, and afterwards.

Heard of ASUSTeK? Among other things, they sell ASUS-branded wireless routers for home use. Some of their routers come with features — called AiCloud and AiDisk — that allow people to attach a hard drive to their routers and create their own “cloud” storage. According to the FTC’s complaint, ASUS routers had major security flaws that allowed hackers to harm consumers in several ways, including getting access to sensitive personal information — like tax documents — that people stored through these “cloud” services.
If you have an ASUS router at home, take these steps right away:
• Download the latest security updates for your router. According to the FTC, the ASUS router update tool often indicated that software was current when it wasn’t, putting people’s home networks at risk. Moving forward, ASUS is required to provide accurate information about software updates. So check the router’s software update tool and the ASUS support site again for the newest security updates.
• Check if access to your network storage is limited. Make sure access to AiCloud and AiDisk is limited to what you want. The FTC took issue with the default option during AiDisk’s set-up, which gave anyone on the Internet access to your storage. For more privacy, choose “limited” or “admin rights” access instead of “limitless.”
• Change pre-set passwords. According to the FTC, ASUS pre-set weak default passwords on every router. So create new passwords that are strong and unique for both your router and any “cloud” services — something only you know. This can help prevent hackers from getting easy access to your network.

No matter what brand wireless network you set up, it is important to be deliberate about each step of set up and maintenance process.

For more on best practices in the realm of identity theft protection please visit www.legalshredinc.com

 

Reminder of Best Practices to Protect Personal Information

A valuable resource we have found is the The Internet Crime Complaint Center (IC3). It is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center Internet Crime Complaint

A recent posting focused on Defending Against Hacktivism:

While eliminating your exposure in the current digital age is nearly impossible, law enforcement and public officials can take steps to minimize their risk in the event they are targeted.

(1) Turn on all privacy settings on social media sites and refrain from posting pictures showing your affiliation to law enforcement.
(2) Be aware of your security settings on your home computers and wireless networks.
(3) Limit your personal postings on media sites and carefully consider comments.
(4) Restrict your driver license and vehicle registration information with the Department of Motor Vehicles.
(5) Request real estate and personal property records be restricted from online searches with your specific county.
(6) Routinely update hardware and software applications, including antivirus.
(7) Pay close attention to all work and personal emails, especially those containing attachments or links to other Web sites. These suspicious or phishing emails may contain infected attachments or links.
(8) Routinely conduct online searches of your name to identify what public information is already available.
(9) Enable additional email security measures to include two factor authentication on your personal email accounts. This is a security feature offered by many email providers. The feature will cause a text message to be sent to your mobile device prior to accessing your email account.
(10) Closely monitor your credit and banking activity for fraudulent activity.
(11) Passwords should be changed regularly–and make them strong by combining letters, numbers, and symbols
(12) Be aware of pretext or suspicious phone calls or emails from people phishing for information or pretending to know you. Social engineering is a skill often used to trick you into divulging confidential information and continues to be an extremely effective method for criminals.
(13) It’s a group effort! Advise family members to turn on security settings on ALL social media accounts. Family member associations are public information and family members can become online targets of opportunity.

It’s a lot to do in some ways–but worth the effort.

For more on best practices with personal information protection, please visit www.hvshred.com

Latest Tax ID Theft Scheme

Tax season is now in full swing and a story dominating the scene has been false filings specifically targeting TurboTax users. State tax departments are telling victims they should contact the Internal Revenue Service and their state tax authority as well as the Federal Trade Commission.

The FTC advises consumers who have discovered theft of their identities to contact the three major credit-reporting firms — Equifax Experian and TransUnion — to place initial fraud alerts on their credit files. These alerts last for 90 days and can be renewed. Victims are entitled to a free copy of their credit report, which they can use to identify suspicious activity and dispute errors.

Consumers also can ask the credit-reporting firms to impose a credit freeze, which makes it harder for a thief to open new accounts. Your personal information also may have been used to rack up unauthorized charges on credit cards or to open new accounts.

Of course, TurboTax is assuring the public their software is safe whether downloaded or using the cd.
Still, some experts believe that using downloaded software can be safer than online preparation, although far fewer taxpayers use the former. With software, “you’re not putting your personal information on a company’s server,” says David Barton, a managing director at UHY Advisors, an information-security consulting firm in Chicago.

Intuit and outside experts say one of the best protections against identity theft is to change all passwords on a regular basis and make sure they are strong.

A huge safety issue is taxpayers using unsecured Wi-Fi access. Anyone using computer software applications should be using the latest versions available and making sure there is a password on home Internet access. Taxpayers should also update antivirus software to help prevent thieves from getting access to their information.

As always, be on the lookout for “phishing” emails that purport to be official notices from the IRS or tax preparers. One recent phishing attempt, for example, warns that “Your Federal Return Has Been Rejected” and asks the recipient to click through and enter personal information.

State tax departments are telling victims they should contact the Internal Revenue Service and their state tax authority as well as the Federal Trade Commission.

For more on best practices regarding identity theft protection please visit www.hvshred.com

HV Shred and Metroshred Merge

Great news Hudson Valley!   Judith Papo, President and owner of HV Shred, Inc. and Dean Rothstein, President and owner of Metroshred Document Destruction are excited to announce as of February 1st the two companies have merged.

“We have long considered ourselves partners in the industry so this just makes that relationship official,” said Judith Papo, President of HV Shred, a Southern Dutchess based on-site shredding service. “We both approach our clients as extended family, so this is a marriage made in heaven.”

We will continue to provide the highest level of security and customer service to the Hudson Valley business and residential community with our regularly scheduled service, as well as our on-call cleanout service, and community shred events.

To learn more about government compliance including HIPAA, best practices in secured document disposal, and identity theft prevention, visit www.hvshred.com

ROTARY SHRED EVENT THIS SATURDAY SEPTEMBER 27TH

This is it!!! This upcoming Saturday is when we celebrate our 2nd Annual Poughkeepsie Arlington Rotary Community Shred Event hosted by LaGrange Pharmacy and Bridgeway Federal Credit at the new plaza at the junction of Routes 82 and 55 in LaGrangeville, NY. Please gather your confidential paperwork to take advantage of this great opportunity to securely dispose of your paperwork as well as support a great cause.

On-site shredding service will be provided by HV Shred, Inc from 9am-noon. 100% of the suggested $10 per box/bag donation will go to the community improvement projects run by the Poughkeepsie Arlington Rotary.

No need to worry about staples, paperclips, spiral notebooks, or even bank books. HV Shred’s high tech shredding knives can easily shred through all that. In addition, all the shredded paper is recycled helping to preserve and protect our local and global environment.

For more information, please contact Judith a (845) 705-7279

We’re looking forward to a big crowd so we can fully fund all the Poughkeepsie Arlington Rotary programs in the upcoming year.

It’s all part of a Fall Festival in the Plaza:
Shears Hair Salon – Gift Basket Raffle
Price Right Wines & Liquors – Wine tasting vouchers
Rosa’s Deli – Hot food available with proceeds going to Poughkeepsie-Arlington Rotary
Pizza Express/Carlo’s – Gift Basket Raffle

Special gift bags for all who attend including a pile of valuable coupons!

Help us make it a success–and protect your identity and the earth as well!

See you THIS Saturday, September 27th 9am-2pm at 1520 Route 55 in LaGrangeville NY 12540

Social Security Scams

In a recent posting to one of our favorite ID security blogs—ONGuardOnline.gov, the focus was on Social Security scams.  The following information is adapted from Amy Hebert’s post on behalf of the FTC and Andrew Cannarsa’s post on behalf of the US Inspector General.

To facilitate Social Security’s services, the SSA started an official Twitter account and has already accumulated more than 16,500 followers; every day, SSA tweets information about applying for Social Security benefits, and answers frequently asked questions.

With so much interest in a government Twitter handle like @SocialSecurity, imposter accounts were bound to materialize.

When @SociSecurity appeared last year with an SSA emblem as its profile photo, and began tweeting Social Security-related information, SSA alerted our Office of the Counsel to the Inspector General.

The US Office of Counsel—which is made up of the Counsel to the Inspector General, the Deputy Counsel, and a staff of attorneys—enforces Section 1140 of the Social Security Act. To summarize, the law prohibits people and organizations from using Social Security words and symbols in communications in any way that could mislead the public to believe that Social Security has an official connection with that communication. The law also prohibits people or organizations from charging a fee for an otherwise-free Social Security form or publication without authorization.

In this case, the Office of Counsel worked promptly with Twitter to suspend the @SociSecurity account, which violated Section 1140. We—and SSA—were primarily concerned that the account would spread incorrect information and confuse people into thinking they were communicating directly with SSA.

In another case, we insisted on changes to a “Social Security Disability Blog” Facebook page, which used an emblem that appeared to be official and was classified as a “Government Website.” The account no longer uses that particular emblem, and is no longer classified as a “Government Website.”

With these recent examples in mind, we want to warn you—and ask you to spread the word—to be on guard for misleading Internet Social Security-related advertisements and communications, including those on social media and mobile apps.

Section 1140 scams can include:

  • Websites misleadingly designed to appear as SSA’s official website or officially authorized by SSA (see example below). Official-sounding web addresses or domain names—like SocialSecurityHome.com,—used by themselves or along with misleading websites, can create the false impression of an SSA connection.
  • Sale of SSA publications, forms, and services otherwise provided free of charge.
  • Social Security Disability Representation. Some websites are misleadingly designed to appear as SSA’s official website or as if they are authorized by SSA, but their actual purpose is to obtain people’s personal information to generate leads for either attorney or non-attorney Social Security disability advocacy services.
  • Email Phishing Scams. We are aware of several email phishing scams that use SSA as the hook to get you to open and respond to the email. Purporting to be from SSA, these emails were designed to steal your personal email account login ID and password.

As always, be mindful of originating any communication before sharing personally identifying information.  If you ever question the legitimacy of any Social Security-related communication, you can report that directly to the OIG through our Fraud Hotline, online at http://oig.ssa.gov/report or by phone Monday through Friday 10 a.m. to 4 p.m. EST, at (800) 269-0271.

For more information on identity theft best practices, please visit www.hvshred.com

Paper Shredding Through the Ages

This week, we share the interesting back story behind paper shredding.  According to our amateur research, the first paper shredder is credited to  inventor Abbot Augustus Low of Horseshoe, located on the Western shore of Horseshoe Lake, in Piercefield, New York. His patent for a “waste paper receptacle” to offer an improved method of disposing of waste paper was filed on February 2, 1909 and received the U.S. patent number 929,960 on August 31, 1909. Apparently, Low’s invention was never manufactured, however.

Adolf Ehinger’s paper shredder, based on a hand-crank pasta maker, was manufactured in 1935 in Germany. Supposedly he needed to shred his anti-Nazi propaganda to avoid the inquiries of the authorities. Ehinger later marketed his shredders to government agencies and financial institutions converting from hand-crank to electric motor. Ehinger’s company, EBA Maschinenfabrik, manufactured the first cross-cut paper shredders in 1959 and continues to do so to this day as EBA Krug & Priester GmbH & Co. in Balingen.

The U.S. embassy in Iran used strip-cut paper shredders to reduce paper pages to strips before the embassy was taken over in 1979 (though not entirely successfully). After Colonel Oliver North told Congress that he used a Schleicher Intimus 007 S cross-cut model to shred Iran-Contra documents, sales for that company increased nearly 20 percent in 1987.

Until the mid-1980s, it was rare for paper shredders to be used by non-government entities. After the 1984 Supreme Court decision in California v. Greenwood, in which the Supreme Court of the United States held that the Fourth Amendment does not prohibit the warrantless search and seizure of garbage left for collection outside of a home, paper shredders became more popular among US citizens with privacy concerns. Anti-burning laws, concern over landfills, industrial espionage, and identity theft concerns created greater demand for paper shredding.

These days, for reputation management and to fulfill fiduciary responsibilities, many companies enjoy the security and convenience of on-site shredding.  For more information on secured document destruction please visit www.hvshred.com

The Garbage is a Treasure Chest for Identity Thieves

This week’s blog draws our attention to the continuing danger of not taking our garbage seriously.  Things we often consider junk mail too often end up as treasures for identity thieves who don’t consider it junk at all.

Valuable data comes in the mail everyday: pre-approved credit card offers, notices from the bank or car loan provider. Do we even pay attention to them? We definitely should.

The few details thieves can gather just from junk mail is easily enough to steal a person’s identity.

Think about what comes in the mail:  mortgage information including how much you owe what interest rates you’re paying, and who it’s with.  With those tidbits, identity thieves can go online and buy additional information.   All they need is the name, address and a couple other qualifying pieces of information.

By the time victims discover the theft, it could be past 30 days and much damage could be done.

Businesses are especially at risk because of their fiduciary duty to their customers.

The key is to err on the side of caution and securely dispose of all information that identifies an individual.  Even just the name and address could be a liability.

On site shredding service is the most secure and provides the most peace of mind.  Not to mention most services will also recycle the shredded paperwork—a step in the right direction to sustainable businesses practices.

For more information on identity theft protection and secure data disposal, please visit www.hvshred.com

Another Crafty Scam

The On Guard On Line is a regular source of valuable information for our weekly blog.  A recent posting asked, “Have you gotten an email with the subject line “Pending consumer complaint” that looks like it came from the FTC?” According to Consumer Education Specialist Amy Hebert,  the email warns that a complaint against the recipient has been filed with the FTC. It asks the recipient to click on a link or attachment for more information or to contact the FTC.

These emails pull out all the stops to look official: They have an FTC seal, references to the “Consumer Credit Protection Act (CCPA)” and a “formal investigation,” and what look like real FTC links. The truth is that they’re fakes.

The FTC has heard from many people that emails like this are making the rounds. If you get one, PLEASE DO NOT OPEN IT. Don’t click on the links. If you click on the link, it may install malware on your computer. Malware can cause your device to crash and can be used to monitor and control your online activity, steal your personal information, send spam, and commit fraud. You can forward the email to spam@uce.gov, but then delete as soon as you do.

For more information on identity theft best practices, please visit www.hvshred.com

Chamber Hosts Green Symposium

As co-chair of the Living Green Committee of the Dutchess County Regional Chamber of Commerce, I’d like to invite one and all to our upcoming Green Symposium.  Our goal is to provide the local business community with actionable steps to achieving sustainability.  The event is free and open to the public on Tuesday, April 29 from 8:30-noon at the Cornell Cooperative Extension, located at 2715 Rt. 44 in Millbrook.

An Agriculture Showcase, new to the Green Symposium, highlights this year’s program.  Farming and agriculture members of the Chamber will attend and display their local products, food samples and services. There will be a morning filled with expert presenters, exhibitors, networking and Q&A forums. The event is complimentary to attend and is open to members as well as non-members. A continental breakfast will be provided.

Ajax Greene, Founder Re>Think Local and Co-Founder of On Belay Business Advisors, will deliver the Symposium’s keynote address.  Greene will discuss his perspective on building “place-based” organizations and a business community that expresses a strong commitment to being conscious of the triple bottom line: people, planet and prosperity.  He will talk about combining synergies including marketing and branding, people management, finance, operations and a strategic commitment to social responsibility.

To register for the Green Symposium, please visit dcrcoc.org or call 845-454-1700 ext. 1000.

The Dutchess County Regional Chamber of Commerce’s Living Green Committee works to implement greener practices for businesses that choose to reduce their ecological footprint. Throughout the year, they host numerous symposiums and events including the popular bi-annual Electronic Recycling Days.  For complete information about the group, visit dcrcoc.org and select ‘Living Green Committee’ under the ‘Committees’ tab.

More information on recycling please visit www.hvshred.com