Security is the top priority for Legal Shred.  While we recycle the shredded paper, do our best to create environmentally friendly routes to reduce our carbon footprint, and support our clients’ compliance with federal and local regulations, the most important service we provide is securely disposing confidential records.

One of the ways we assure our clients that we are the most secure means of document security is by being Mobile Shredding Association Certified.

In more detail, that means we are accountable by submitting to annual random audits.

We have already been subject to and passed a random audit earlier this year.  Here’s how the process works:

We were notified via email of our audit and given 30 days to submit the required verification materials:

•  Proof of $1 Million Insurance liability policy

•  Proof of meeting background testing requirements (our employees are randomly checked each year on an ongoing basis).

•  Proof of meeting drug testing requirements (our team members are randomly drug screened on an ongoing basis).

• Signed confidentiality statement between company and their employees and contractors who have access to client’s confidential information

• Insurance records listing the VIN of each shred truck in operation

For more information on our top notch secured document destruction, please visit www.legalshred.com

A new favorite resource for our weekly blog is the blog posted by the Division of Consumer and Business Education of the Federal Trade Commission (FTC).  Earlier this month, Andrew Johnson wrote a blog to raise awareness of a scam in which the scammers have managed to create a familiar caller id number.  As he described it “Your phone rings. You recognize the number, but when you pick up, it’s someone else. What’s the deal?”

Scammers are using fake caller ID information to trick you into thinking they are someone local, someone you trust – like a government agency or police department, or a company you do business with – like your bank or cable provider. The practice is called caller ID spoofing, and scammers don’t care whose phone number they use. One scammer recently used the phone number of an FTC employee.

The bottom line: Don’t rely on caller ID to verify who’s calling. It can be nearly impossible to tell whether the caller ID information is real. Here are a few tips for handling these calls:

• If you get a strange call from the government, hang up. If you want to check it out, visit the official (.gov) website for contact information. Government employees won’t call out of the blue to demand money or account information.
• Do not give out — or confirm — your personal or financial information to someone who calls.
• Do not wire money or send money using a reloadable card. In fact, never pay someone who calls out of the blue, even if the name or number on the caller ID looks legit.
• Feeling pressured to act immediately? Hang up. That’s a sure sign of a scam.

If you’ve received a call from a scammer, with or without fake caller ID information, report it to the FTC at FTC.gov

For more on best practices to protect your identity please visit www.legalshred.com

Today, we credit the FTC consumer information blog as the source for our weekly effort to educate our community.  The blog addresses the growing problem of text message spam.

Scammers often use the promise of free gifts, like computers or gift cards, or product offers, like cheap mortgages, credit cards, or debt relief services to get you to reveal personal information.  To claim your gift or pursue an offer, you may need to share personal information including how much money you make, how much you owe, or your bank account information, credit card number, or Social Security number. Clicking on a link in the message can install malware that collects information from your phone. Once the spammer has your information, it is sold to marketers or, worst case scenario—identity thieves.

These spam texts can also lead to unwanted charges on your cell phone  bill as well as slow down the performance of your phone by taking up space on your phone’s memory.

With few exceptions (of course political campaigns can text), for the most part, no one can send you a text without your permission.

To stop the spam texting:

• Delete text messages that ask you to confirm or provide personal information: Legitimate companies don’t ask for information like your account numbers or passwords by email or text.
• Don’t reply, and don’t click on links provided in the message
• Treat your personal information like cash: Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. Don’t give them out in response to a text.
• Place your cell phone number on the National Do No Call Registry
• If you are an AT&T, T-Mobile, Verizon, Sprint or Bell subscriber, you can report spam texts to your carrier by copying the original message and forwarding it to the number 7726 (SPAM), free of charge.
• Review your cell phone bill for unauthorized charges, and report them to your carrier.

For more on best practices in identity theft protection, please visit www.legalshred.com

In a recent post by Andrew Johnson from the Federal Trade Commission’s Division of Consumer and Business Information, we get explanation of one of the latest scams.

It’s really just a new wrinkle in the old tech-support scam-the one where the scammers gain access to your computer by promising to “fix” a computer problem that doesn’t actually exist. According to Johnson, the FTC is hearing reports that people are getting calls from someone claiming to be from the Global Privacy Enforcement Network. They claim that your email account has been hacked and is sending fraudulent messages. They say they’ll have to take legal action against you, unless you let them fix the problem right away.

If you raise questions, the scammers turn up the pressure – but they’ve also given out phone numbers of actual Federal Trade Commission staff (who have been surprised to get calls). The scammers also have sent people to the actual website for the Global Privacy Enforcement Network. (It’s a real thing: it’s an organization that helps governments work together on cross-border privacy cooperation.)

Here are few things to remember if you get any kind of tech-support call, no matter who they say they are:

• Don’t give control of your computer to anyone who calls you offering to “fix” your computer.
• Never give out or confirm your financial or sensitive information to anyone who contacts you.
• Getting pressure to act immediately? That’s a sure sign of a scam. Hang up.
• If you have concerns, contact your security software company directly. Use contact information you know is right, not what the caller gives you.

For more on identity theft protection and best practices, please visit www.legalshred.com

We use this blog space to identify and help manage the risks associated with identity theft.  A top risk area is non-secured documents.  A major area of risk presents itself when employees prepare the necessary information to complete a tax filing or similar confidential documents.  The data is often pulled from various locations and digital copies are frequently printed to be used as backup material. This can result in loose paperwork being stored on desktops or left at printing stations leaving the sensitive data vulnerable to snooping and data theft, and available to outside staff such as cleaners and building maintenance.

To manage the risk, implement a clear desk policy and having lockable storage units for employees can help protect confidential information not only during tax season, but throughout the year. Requiring employees to use a security code to complete a print job also ensures that confidential documents are not forgotten at printing stations.

Another area to consider is the increasing numbers of employees working from home offices or even just out on the road.  While the introduction of laptops, tablets, smart phones and external hard drives allow employees to work off-site, it also means an immense amount of confidential information is leaving the office with them. A single lost or stolen laptop has the potential to seriously damage any business.

To manage the risk, thoughtful and thorough training is a must to ensure employees understand and take appropriate precautions when removing any data from their workplace. They must not leave hardware or materials in vehicles, and should encrypt phones and hard drives, and activate passwords on electronic devices. Once out of use, devices should be securely destroyed.

Remember, we are all in this together.

For more information on identity theft best practices, please visit www.legalshredinc.com

Not that we needed any more reasons to monitor our credit cards and the like, but right here in our Hudson Valley a Rite Aid Pharmacy is the scene of identity theft to an unknown level.

Anyone who shopped at Rite Aid’s 238 Hooker Ave. store in the past year should keep an eye on their bank and credit card statements, according to the Rite Aid Corporation.

A Rite Aid associate at the Poughkeepsie location “may have obtained limited customer information” including customer names, addresses and payment card information in order to make “unauthorized payment card transactions,” according to a press release from the corporation.

The Rite Aid associate accused of the thefts is no longer employed at the store, according to Rite Aid. City of Poughkeepsie Police charged Kevin Thomas, 26, of the Town of Poughkeepsie, on Nov. 24 with second-degree identify theft, a class E felony.

The exact number of victims of the alleged thefts is unknown, police said. Rite Aid and the City of Poughkeepsie police are still investigating the incident and are asking customers to report any unaccounted for transactions.

More charges may be filed against Thomas if additional victims come forward, according to city police.

There is no indication that customer health information or Social Security numbers, or any customer information from other Rite Aid stores, was compromised.

Rite Aid is encouraging all customers at the 238 Hooker Ave. location to monitor and review payment card account statements.

Those who believe they have been affected should contact their bank or payment card company, according to the release. Customers with questions about the incident can call 1-800-877-2611 or email privacyoffice@riteaid.com.

For more information on best practices for identity theft protection, please visit www.legalshredinc.com