The Value of Applying Digital Forensics

The use of digital forensics in any type of litigation or investigation can uncover tremendously valuable electronic evidence from laptop and desktop computers, tablets, smart phones, and other mobile devices, as well as e‑mail and network servers.

These devices have become an integral part of peoples’ daily lives; and many corporations have adopted “bring your own device” policies. This combination ensures that our handheld devices now contain a large amount of both business and personal information including call history, text messages, e‑mails, photographs, videos, calendar items, memos, address books, passwords, and credit card numbers.

Consider the fact that 90% of American adults own a cell phone, two thirds of which are smart phones. Americans use smart phones for many purposes.

Cell Phone Activity

Continue reading the full blog on Avalon’s website – The Value of Applying Digital Forensics

Ransomware – An Effective Money Making Menace

Written by John Walp, Vice President of Cyber Services 

Holding someone or something for ransom is an age-old, effective technique that has found a new home: the internet. This venue offers a level of anonymity and scale that is sometimes difficult to comprehend.

An estimated 40,000 people attended this year’s RSA Security Conference, February 13 through 17, in San Francisco, California. Security professionals from across the globe gathered to discuss the latest and largest cyber security threats and ways to keep consumers and businesses safe. The RSA Conference identified Ransomware as one of the biggest and fastest‑growing threats. Numerous sessions were dedicated to helping security pros understand the threat from Ransomware and, most importantly, what can be done to combat it.

20012126873_e376a09029_kPhoto Credit: Christiaan Colen /

Continue reading Ransomware – An Effective Money Making Menace on Avalon’s website.

Keep Your Friends Close and Your W-2s Closer, Beware of Tax Identity Theft

If Melissa McCarthy was behind every identity theft, it might not be so terrifying. Unfortunately, that is likely not the case (although, it has not been confirmed).

melissa-mccarthyIdentity thieves are getting more sophisticated by the day. They used to steal your credit card number to buy a video game and grab a slice at the food court, but now they’re stealing identities to file tax returns and collect refunds.

The IRS has certainly improved its defense against phony refund requests—last year, as of March 5, 2016, the IRS identified 42,148 fraudulent tax returns involving identity theft, and identified 20,224 prisoner tax returns for screening, with $227 million claimed in fraudulent funds.[1] But these are simply the cases the agency is aware of, and there are likely many more. The IRS continues to expand its efforts to detect tax refund fraud.

Read more about fraudulent tax returns over on the Avalon blog…


Avalon and DIGITS Successfully Complete an Extensive Information Audit


Buffalo, NY (October 4, 2016)— Avalon Document Services and DIGITS LLC (a division of Avalon) have successfully completed the Shared Assessments Program Standardized Information Gathering and Agreed Upon Procedures (SIG AUP). The SIG AUP is an audit used by organizations to evaluate their information security program, which is inclusive of data protection, privacy, and business resiliency from IT failure. Avalon/DIGITS retained and independent CPA firm to complete the audit, which consisted of the evaluation of policies, procedures, and controls for the purpose of alignment with current regulations, industry standards, guidelines, and information security best practices.

To read more about this audit, continue to the Avalon blog…

Dropbox Dropped the Ball

You probably have enough managers in your life—your boss, your boss’s boss, your kids, your spouse, your dog—but we suggest you seriously consider getting just one more: a password manager.

password-866979_1920The good news is you don’t have to fetch coffee for or even talk to this manager. A password manager is a software application that stores and organizes your passwords, typically in an encrypted state. You create a complex, creative master password and use it to unlock and gain access to your entire password database. And if you get lazy, most password managers have the ability to generate, and subsequently store, unique complex passwords as needed.

Continue reading the full article on Avalon’s website: Dropbox Dropped the Ball 

Life’s a Breach

Written By: Mike McCartney, President of DIGITS, LLC – A Division of Avalon

stockvault-cyber-security-concept-open-and-closed-locks176755-768x540Typically, we consider ourselves pretty serious nerds when it comes to computers. But, we have to admit, cyber attackers are a challenge even for us. They hack into other people’s secure information, and they’re good at it. So it’s important to protect yourself and your company from these cyber assailants.

Many large, internationally known corporations—Target, eBay, Stubhub, and many others—have become victim to such attacks. But small, unknown companies are suffering as well. No one is immune to this alarmingly increasing trend.

Continue reading the full article on Avalon’s website: Life’s a Breach

The Cloud for Dummies Like Me

Written by: Ashley Hazlett, Director of Marketing – Avalon & DIGITS LLC – A Division of Avalon

Cloud-Data-Thumb-DriveWe all know someone who takes photos with their digital camera, uploads those photos to Facebook or a photo-sharing site, and then never deletes the images from the memory card.

I’m looking at you, Aunt Christine.
And for what? For fear of never having access to them again? With the increasing popularity of the cloud, those fears can now go away.

Aside from the previous sentence, you have no doubt heard the term “the cloud” upwards of 27 times just this week. You might have even used it yourself. But do you know what this trendy buzzword really means?

Continue reading the full article on Avalon’s website: The Cloud for Dummies Like Me

Law Firms & CPA Firms are Targets of Organized Hackers

Written By: Michael McCartney, President of DIGITS, LLC – A Division of Avalon

I think we can all agree that the FBI is badass. So when they say something is threatening us, it’s for real. In November 2009, the FBI issued their first official warnings concerning spear phishing attacks targeting U.S. firms.

stockvault-hacking-concept-transparent-hands-over-computer-keyboard180407-768x505A spear phishing attack is when an e-mail is sent to a high-level executive of a firm that appears to originate from another high-level executive within the firm. The e-mail from the attacker has the same e-mail convention that the firm uses (e.g., and the content of the e-mail can be as simple as, “After our conversation last week, I found this interesting article that I thought was very much on point for your matter.” The e-mail has an embedded link that, if clicked, takes the recipient to a website that downloads the referenced article as well as a payload allowing remote access to that computer system. This is an entry point into the corporate network and, depending upon the level of access the victim has, the hacker can laterally access other resources and data as well.

Continue reading the full article on Avalon’s website: Law Firms & CPA Firms are Targets of Organized Hackers

DIGITS Responds to the DNC Security Breach

Written by: Stu Babson, Senior Forensic Examiner, DIGITS LLC – A Division of Avalon

DNCDespite Donald Trump’s best efforts to monopolize the media with his policies and facial expressions, the Democratic party is sparking all sorts of chatter lately. First, Bradley Cooper apparently set off some Republican fans of his by attending the Democratic National Convention and daring to show his face in the crowd. Second, the Democratic National Committee (DNC) suffered a security breach that added to concerns associated with e-mail security.

Although Bradley showed off a pretty serious beard at the convention, most would say the second hot topic is more newsworthy.

See how we would have handled the security breach in the full article DIGITS Responds to DNC Security Breach on Avalon’s website.

December 18 – Cyber Security: When Hackers Strike Your Business, Will You Be Prepared?

Due to the “Snowvember” storm we had in Buffalo, the Cyber Security CLE event has been rescheduled to Thursday, December 18, 2014.  Same great programming will be provided!


SUNY Buffalo Law School & the Law Alumni Association’s GOLD Group presents a CLE* program.

When: Thursday, December 18, 2014 – 8 a.m. to 9 a.m. (registration begins at 7:30 a.m.)
Where: The Buffalo Club, 388 Delaware Avenue, Buffalo NY (free parking)


Cyber Security: When Hackers Strike You Business, Will You Be Prepared?



Presentation Costs
-FREE to paid 2014-2015 LAA Members at the $60 level
-$15 for GOLD Group Members
-$20 for all other
-Cost includes lecture, handouts, and breakfast


RSVP:  Call the Law Alumni Office at (716) 645-2107 or register at:

Questions? Contact Pat Warrington at (716) 645-7885


*Earn 1.0 CLE credit in the area of skills – these credits qualify as transitional or non-transitional credits.