Every day, we read a headline about a computer hacking or hear a personal story about a friend, family member, or colleague getting hacked. The signs of your computer or identity being hacked are often apparent, such as a menacing pop-up screen notifying you that all your critical files have been encrypted and a ransom is demanded to unencrypt them. Other times, though, the signs are subtle and not easily recognizable to the average user.
One of the easiest ways to recognize a hack or identity theft is to routinely check your credit report because one of the primary motives of cyber criminals is financial. Ensuring there aren’t unauthorized accounts opened in your name is a good first step in protecting your online safety.
The use of digital forensics in any type of litigation or investigation can uncover tremendously valuable electronic evidence from laptop and desktop computers, tablets, smart phones, and other mobile devices, as well as e‑mail and network servers.
These devices have become an integral part of peoples’ daily lives; and many corporations have adopted “bring your own device” policies. This combination ensures that our handheld devices now contain a large amount of both business and personal information including call history, text messages, e‑mails, photographs, videos, calendar items, memos, address books, passwords, and credit card numbers.
Consider the fact that 90% of American adults own a cell phone, two thirds of which are smart phones. Americans use smart phones for many purposes.
Written by John Walp, Vice President of Cyber Services
Holding someone or something for ransom is an age-old, effective technique that has found a new home: the internet. This venue offers a level of anonymity and scale that is sometimes difficult to comprehend.
An estimated 40,000 people attended this year’s RSA Security Conference, February 13 through 17, in San Francisco, California. Security professionals from across the globe gathered to discuss the latest and largest cyber security threats and ways to keep consumers and businesses safe. The RSA Conference identified Ransomware as one of the biggest and fastest‑growing threats. Numerous sessions were dedicated to helping security pros understand the threat from Ransomware and, most importantly, what can be done to combat it.
If Melissa McCarthy was behind every identity theft, it might not be so terrifying. Unfortunately, that is likely not the case (although, it has not been confirmed).
Identity thieves are getting more sophisticated by the day. They used to steal your credit card number to buy a video game and grab a slice at the food court, but now they’re stealing identities to file tax returns and collect refunds.
The IRS has certainly improved its defense against phony refund requests—last year, as of March 5, 2016, the IRS identified 42,148 fraudulent tax returns involving identity theft, and identified 20,224 prisoner tax returns for screening, with $227 million claimed in fraudulent funds. But these are simply the cases the agency is aware of, and there are likely many more. The IRS continues to expand its efforts to detect tax refund fraud.
Buffalo, NY (October 4, 2016)— Avalon Document Services and DIGITS LLC (a division of Avalon) have successfully completed the Shared Assessments Program Standardized Information Gathering and Agreed Upon Procedures (SIG AUP). The SIG AUP is an audit used by organizations to evaluate their information security program, which is inclusive of data protection, privacy, and business resiliency from IT failure. Avalon/DIGITS retained and independent CPA firm to complete the audit, which consisted of the evaluation of policies, procedures, and controls for the purpose of alignment with current regulations, industry standards, guidelines, and information security best practices.
You probably have enough managers in your life—your boss, your boss’s boss, your kids, your spouse, your dog—but we suggest you seriously consider getting just one more: a password manager.
The good news is you don’t have to fetch coffee for or even talk to this manager. A password manager is a software application that stores and organizes your passwords, typically in an encrypted state. You create a complex, creative master password and use it to unlock and gain access to your entire password database. And if you get lazy, most password managers have the ability to generate, and subsequently store, unique complex passwords as needed.
Written By: Mike McCartney, President of DIGITS, LLC – A Division of Avalon
Typically, we consider ourselves pretty serious nerds when it comes to computers. But, we have to admit, cyber attackers are a challenge even for us. They hack into other people’s secure information, and they’re good at it. So it’s important to protect yourself and your company from these cyber assailants.
Many large, internationally known corporations—Target, eBay, Stubhub, and many others—have become victim to such attacks. But small, unknown companies are suffering as well. No one is immune to this alarmingly increasing trend.
Written by: Ashley Hazlett, Director of Marketing – Avalon & DIGITS LLC – A Division of Avalon
We all know someone who takes photos with their digital camera, uploads those photos to Facebook or a photo-sharing site, and then never deletes the images from the memory card.
I’m looking at you, Aunt Christine.
And for what? For fear of never having access to them again? With the increasing popularity of the cloud, those fears can now go away.
Aside from the previous sentence, you have no doubt heard the term “the cloud” upwards of 27 times just this week. You might have even used it yourself. But do you know what this trendy buzzword really means?
I think we can all agree that the FBI is badass. So when they say something is threatening us, it’s for real. In November 2009, the FBI issued their first official warnings concerning spear phishing attacks targeting U.S. firms.
A spear phishing attack is when an e-mail is sent to a high-level executive of a firm that appears to originate from another high-level executive within the firm. The e-mail from the attacker has the same e-mail convention that the firm uses (e.g., firstname.lastname@example.org) and the content of the e-mail can be as simple as, “After our conversation last week, I found this interesting article that I thought was very much on point for your matter.” The e-mail has an embedded link that, if clicked, takes the recipient to a website that downloads the referenced article as well as a payload allowing remote access to that computer system. This is an entry point into the corporate network and, depending upon the level of access the victim has, the hacker can laterally access other resources and data as well.
Written by: Stu Babson, Senior Forensic Examiner, DIGITS LLC – A Division of Avalon
Despite Donald Trump’s best efforts to monopolize the media with his policies and facial expressions, the Democratic party is sparking all sorts of chatter lately. First, Bradley Cooper apparently set off some Republican fans of his by attending the Democratic National Convention and daring to show his face in the crowd. Second, the Democratic National Committee (DNC) suffered a security breach that added to concerns associated with e-mail security.
Although Bradley showed off a pretty serious beard at the convention, most would say the second hot topic is more newsworthy.