5 New Year’s Resolutions for Better Online Security

With the new year approaching, you are probably thinking of making some new year’s resolutions for yourself. Eat better, be more generous, spend more time with family etc… The new year is the perfect time to get a fresh start on everything from your health to your finances. At renwick, we love New Year’s resolutions and so we’ve thought of 5 good ones you should use to keep yourself protected online in 2016.

1. Use stronger passwords. As tempting as it is to use your birthday, name, or “password123” so it’s easy to remember, it is important to use strong and secure passwords. Use a unique password for each application, unrelated to your personal information. You should make it a combo of numbers, capital and lowercase letters, and symbols. You can also use a password manager if you have a hard time remembering all of these passwords!
2. Don’t overshare. Social media is a powerful thing. With millions of people using social media every day, and 65% of the adult american population using at least one type of social media, it’s no wonder it’s a popular setting for scam artists. If you want to share a photo of your sandwich go for it! But when it comes to personally identifying information such as banking institutions, birthdays, addresses, and when you’ll be on vacation: less is more.
3. Keep your devices secure. This means a few things. Have a lock on your mobile devices like tablets and cell phones. It is also a good idea to install a security software on your computers. Also be wary of “shoulder surfing”, which is when someone stands behind you to look at your screen for passwords or other confidential information.
4. Keep a closer eye on your finances. The sooner your report any discrepancies in your bank account, the better. Use online banking and check back often through your transaction history and ask about any purchases or withdrawals you don’t remember making. If you wait until your statement comes in, you might be too late.
5. Shop smarter. When shopping online, only buy from stores you are familiar with. If a deal seems too good to be true, it probably is! Don’t give away more information than needed to make a purchase.. and follow our online shopping guide:

We hope you find these resolutions useful in the New Year! Happy Holidays!

The Renwick Group has experience working with many different types of businesses and organizations providing skip-tracing, fraud investigations, WSIB support, legal team assistance, evidence gathering, employee background checks, and more. We also work with individuals who need help with personal matters. Call us at 1 (888) 722-9807 or visit our website for information

5 Tips to Safely Shop Online

Tips to staying safe while shopping online

As the holiday season approaches, you might be itching to start ( or have already started!) your gift shopping. There are many benefits to shopping online; it saves you time, money, and footwork when looking for deals. It’s very appealing to do all of your shopping from the comfort of your home and having the goods delivered right to your doorstep. The downside is that there is a risk with sharing your personal information online. Follow these 5 steps when online shopping this season to stay safe and protect yourself and your finances.

Use trusted sellers

Trust your gut when it comes to selecting where to purchase from online. Amazon, Best Buy, Walmart, Indigo etc are all very well known brands who will offer secure online shopping through their websites. If you are using a new retailer that you are unfamiliar with, research them! Look for third party reviews and ratings, google their name and see what comes up etc..

Make sure you are typing the store’s URL directly into the browser address bar rather than clicking on ads or search results- as it is very easy for fraudulent websites to trick you into thinking they are legit. If the website looks off, shady, or poorly designed- trust your instincts and go somewhere else. You might be disappointed at losing a possible deal, but it is not worth risking your personal information getting into the wrong hands.

Know the policies

Read through the website's policies including their privacy statement, billing, guarantee, and shipping policies. Familiarize yourself with how the company conducts business so there are no surprises later on.

WiFi Safety

Try to use only secure and private networks when transmitting personal or identifying information. While it is not preferable, you may use public wifi to make your purchases as long as you keep in mind a few things:

• Try not to use a public computer to make your purchases as you have no idea what  software has been installed or who else might be connected.
• Use only well-known public hotspots. Walmart, McDonald’s, Chapters/Indigo, and Starbucks all have secure public hotspots, and keep in mind you always use those at your own risk.
• If you do use a public hotspot, be aware of ‘shoulder surfers’- those people who might be looking over your shoulder to read personal information off your screen.

Protect your personal information

It should go without saying that you should never give away sensitive information needlessly.  Online retailers do not need to know your SIN number or birthdate for you to make purchases. It is generally best practice to give the least amount of information possible. It is also a good idea to avoid clicking on links in emails. Phishing is a common scamming practice by which emails will look like they are coming from legitimate sources but actually are only sent to retrieve your confidential informaiton such as passwords, account numbers, ID numbers etc...

Make sure payment pages have secure connections

Legit websites will use a secure protocol to encrypt your information. If you look in the address bar, the URL should start with HTTPS:// and have a little icon of lock next to it. HTTP:// is NOT a secure connection. By looking for this feature, you are ensuring a secure transfer of your personal information.

Even with these best practices, there will always be a risk when shopping online. However by staying vigilant and following these tips you can greatly minimize this risk and enjoy all of the perks that come with shopping online.

The Renwick Group has experience working with many different types of businesses and organizations providing skip-tracing, fraud investigations, WSIB support, legal team assistance, evidence gathering, employee background checks, and more. We also work with individuals who need help with personal matters. Call us at 1 (888) 722-9807 or visit our website for information

How to Protect Your Organization from Social Engineering in 6 Important Steps

What is social engineering and how can it be a threat to your organization? 

Social engineering or “social hacking” as it is sometimes referred to, is a way in which people manipulate someone into revealing their confidential information such as passwords, account numbers, network access, or ID’s. As computer networks and programs improve their security, social engineering becomes more prevalent as a way to gain access to this restricted information, often shockingly easily. Rather than breaking into a computer system, they play psychological tricks 
to gain this information.

Some common ways people use social engineering might be posing as a repairman or company representative such as a financial advisor. Recently a teen in the US gained access to the CIA Director’s email by posing as a Verizon worker.

Social hackers may use phone, the web, or even face-to-face tactics to gain information. They might call you posing as a representative from your bank claiming that your account has been flagged for suspicious activity, and demand personal information to “verify” your identity. A hacker may even pose as a collections agency demanding payments and threatening to arrest you if you don’t pay. You may receive an email claiming to be from the IT dept of your own company requiring restricted information to perform audits or system tests. Some hackers are dedicated enough to gain employment at their target in order to gather privileged information.

So how do you protect yourself from these types of psychological attacks? By following some simple guidelines you can make sure your organization does not fall victim to social hackers.

1. Implement a policy at your organization and train all employees on proper security procedures. Empower them to take responsibility for your company's security by using critical thinking and creating a security aware culture. Require them to verify visitor IDs, and report suspicious activity.
2. Implement proper storage and disposal of sensitive documents. Locked filing cabinets, paper shredders, and high-end network security are your best practices.
3. Remember that it is not enough to have a strong password. Have different logins and passwords for different programs, change passwords often, and never reveal your password to anyone.
4. Stand your ground. If you suspect someone is attempting to use these tactics on you, do not give in to intimidation.
5. Damage control. If you suspect you may have fallen victim to a social engineering attack report the incident immediately to authorities, change all passwords, update your network software, and call your financial institutions or monitor your accounts.
6. Hire a private investigator to complete background checks on employees as well as to help you further protect your organization from hacking and fraud.

Social engineering is a common way to gain confidential information, however you can protect yourself and your organization by staying vigilant and following the steps outlined above.

The Renwick Group has experience working with many different types of businesses and organizations providing skip-tracing, fraud investigations, WSIB support, legal team assistance, evidence gathering, employee background checks, and more. We also work with individuals who need help with personal matters. Call us at 1 (888) 722-9807 or visit our website for information.

10 Tips to Protect Yourself from Identity Theft and Fraud

Identity theft occurs when a person’s private identifying information is stolen for financial gain. An impostor will acquire key pieces of your personal information such as your social insurance number and drivers license … and impersonate you to commit fraud.

Here are some tips to protect yourself from identity theft:

1. Ask questions. If someone is asking you for personal information, question them. Don’t simply answer. Your personal information is protected by Canadian legislation such a PIPEDA, so don’t give it away without questioning the reasons.
2. Protect your pin. This seems simple, but it’s surprising how many people don’t do this! Shield the keypad every single time you enter your pin.
3. Guard your information online. Remember to clear your logins and passwords from your computer, and change your password, at minimum, once per month. Consider paying online with credit card rather than online payment services or debit. Credit card companies usually have guarantees to protect you.
4. Watch out for phishing scams. Be alert when you see “pop-ups” that seem like they’re from a bank. This scam will ask for your personal information which they will try to use to access your accounts.
5. Monitor your bank and credit statements. Keep an eye out for any suspicious purchases. You can go one step further and monitor your credit report through companies such as Equifax.
6. Shred sensitive information. Be careful with your personal information. Any piece of paper that has personal information – including your name, address, account numbers, identification numbers etc. – can be used to commit fraud. Don’t just throw it out on the street, shred the paper first. And this includes old credit and debit cards.
7. Secure your mail. This tip goes along with number 6! Be sure to shred or destroy all documents containing personal information. Especially that pre-approved credit card application that is mailed out.
8. Don’t give out your social insurance number. There are very few organizations that should ask for this information. More importantly, only give this information to organizations YOU have initiated contact with (like banks, employers and government.)
9. Only enter payments on secured sites. Look for the “paddock” symbol and sites that begin with “https.”
10. Use complicated passwords. There’s a reason why you can’t choose “1234” for pin codes. Unique complicated passwords will give you an extra layer of protection. Try to stay away from passwords that can be easily guessed (like your birthday or child’s name).

The Renwick Group has experience working with many different types of businesses and organizations providing skip-tracing, fraud investigations, WSIB support, legal team assistance, evidence gathering, employee background checks, and more. We also work with individuals who need help with personal matters. Call us at 1 (888) 722-9807 or visit our website for information.

5 Simple Tips to Protect Yourself From Intellectual Property Theft and Fraud

Many businesses are at risk of property theft and fraud, causing huge losses in revenue.  Implementing some simple preventative measures can decrease your risk and protect your intellectual property and goods.

1.  The first step in protecting your business is installing a verified alarm system.  Verified alarm systems are different from traditional alarms because they verify the alarm for you.  You will not be dealing with false alarms in the middle of the night that require you to reset your alarm.  Verified alarm companies monitor audio or video security when the sound-based or motion-based alarms are tripped.  If a criminal is attempting to break-in to your business, they dispatch the police immediately.  Verified alarms receive prompt police response and result in criminal apprehensions.  If it is a false alarm, the monitoring station simply resets the alarm.

2.  The second step in protecting your business is a managed access control system.  This will help you monitor which employees access certain areas in your business and allows you to restrict access to certain hours of the day.  Additionally, a managed access control system restricts unauthorized persons from accessing your facility – without the proper key card access, they will be unable to enter.  Electronic key cards and fobs used with managed access control are also easy to disable – in the event that an employee no longer works at your business, it’s simple to remove their access.  This is a simple step you can take if you have a disgruntled employee who still has a key to your building.

3.  Criminal record checks are an important part of employee screening.  Your intellectual property is vulnerable to theft from outside criminals and also internal employees.  Reduce your risk by thoroughly screening employees prior to employment to identify any potential risk factors.

4.  If you’ve implemented a managed access system, you can take an extra step to protect intellectual property, client information or high-end products by limiting access to a specific office or server room.  Restrict access to managers or authorized persons to limit the amount of people who are able to access the room.

5.  Unsecured workstations increase your vulnerability to theft.  Secure your workstations, disable drives and protect your printers.  This will limit easy access to important internal information.  Securing your workstations will ensure the smash-and-grab criminal cannot remove a computer drive easily.  Disabling drives such as USB ports or other means of connecting external drives prevent employees from copying confidential data.  Protecting your printers reduces the chances of printer theft – printers often hold data in their on-board memory.

Implementing these five preventative security measures can considerably reduce your risk of theft.  Theft of intellectual property and confidential information can lead to many negative consequences for your business.  Make sure to take the steps to protect yourself from loss.

The Renwick Group has the knowledge and experience to help you or your business solve problems such as fraud, skip tracing, locating people, litigation support, labour dispute management, and more.. Please call us at 1 (888) 722-9807 to discuss your situation.

Are You an Online Christmas Shopper? Here are some security tips..

The Renwick Group has experience working with many different types of businesses and organizations providing skip-tracing, fraud investigations, WSIB support, legal team assistance, evidence gathering, employee back-ground checks, and more. We also work with individuals who need help with personal matters. Call us at 1 (888) 722-9807 or visit our website for more contact information.

Take the Spam Quiz and Learn About Fraud in Canada

Fraud is a big problem for small and big companies. It is estimated that businesses lose up to 5% of revenue because of fraud in the workplace.

Small business must be extra careful because they don't often have anti-fraud controls or policies used in larger organizations. For example, small businesses may not conduct background checks or credit reports on potential hires. All potential hires should have a criminal record check, and in addition a credit report if they are involved in the financial aspect of the business. Small business should also offer consider fraud training and run periodic audits.

Another aspect of fraud is spam and other electronic schemes.

Here is an online quiz which shows individuals and Business how to protect against spam and other electronic threats which lead to fraud. Click on the image to take the quiz.

In Canada, fraud can be reported to the Canadian Anti-Fraud Centre .

"The CAFC is jointly managed by the RCMP, OPP and the Competition Bureau Canada and its mandate has expanded to include many versions of Mass Marketing Fraud (MMF) – these frauds are essentially schemes that target many victims at the same time whether by telephone, facsimile, postal mail or the internet. Often, MMF involves identity crime, which includes identity theft and identity fraud. As a result, the CAFC also accepts these reports. With the Competition Bureau as a partner, the CAFC deals with deceptive marketing practices and with spam issues related to fraud.

The CAFC remains located in North Bay, the city where it was founded. The Call Centre Unit has 11 full-time Call Takers who are able to field more than 300 calls each day from citizens reporting frauds. Of those calls, the Centre logs data from more than 25,000 victims each year. The Call Takers are dedicated, trained anti-fraud specialists who provide advice on the steps that victims should take to recover lost funds and to protect themselves in the future. Each spring, the Call Centre takes on additional personnel to deal with the increased call volumes brought on by publicity for Fraud Awareness Month during the month of March.

The CAFC has established itself as Canada's central fraud data repository. It has become a trusted source for fraud data and for educational and prevention resource materials. The CAFC plays a crucial role in educating the public about specific mass marketing fraud pitches and in collecting and disseminating victim evidence, statistics and documentation, all of which are made available to law enforcement agencies. " source: CAFC

The Renwick Group has the knowledge and experience to help you or your business with fraud investigations. Please call us at 1 (888) 722-9807 to discuss your situation.

Infographic - The Perpetrators & Victims of Occupational Fraud

Here is an Infographic put together by the LowerRiskgroup.com using the 2012 Global Fraud Study conducted by The Association of Certified Fraud Examiners.

Some of the Fraud Prevention Practices recommended by the study include;

• Fraud Prevention Practices
• ongoing anti-fraud training
• effective fraud reporting mechanism
• measures exist to promote employee's perception of fraud detection
• Tone at the Top is one of honesty and integrity
• Fraud Risk assessments are performed
• Strong anti-fraud controls are in place
• Hiring Policy included comprehensive background checks

Call us to discuss corporate fraud prevention or employment background checks. 1 (888) 722-9807   Or visit us online to learn more about service we provide.

Urban Myths About Cyber Security - How to stay safe online

Are you concerned about online security? Cyber security is an issue not just for governments and businesses, but anyone using the internet from a mobile device or a desktop computer. Here is an overview of myths and truths about internet security issues that may get you thinking about your online habits and systems.

source: BBC News Technology, Alan Woodward

Are we wising up to the dangers lurking online? Or are phishing, spam and hacking just words that we still do not understand and we hope will not happen to us.

Ofcom recently revealed that one in four British people still use the same password for all their activities online, suggesting we still have some way to go to fully understand computer security.
Here Prof Alan Woodward explores some of the misconceptions about how we stay safe online.
While there is still a long way to go in raising awareness of the risks inherent in surfing the net, word is spreading.

Unfortunately, some urban legends have arisen that are leading to a false sense of security.
Probably the most common of these myths is that your computer cannot be infected simply by visiting a website containing malicious code. The story goes, that you are only going to get malware on your machine if you actively agree to download software.

SECRET DOWNLOADS

As with many myths it contains a grain of truth. However, you may not recognise that you are giving your permission, and often hackers rely upon the fact that your computer is set to give permission by default to certain types of download. This has led to the phenomenon of "drive-by downloads".
These downloads can happen in several ways, with hackers developing new methods all the time.
Possibly the most insidious technique relies upon what are known as inline frames or "IFrames". The intention of IFrames was to allow webpages that have a mixture of variable and static content to be constructed so that they used computer resources more efficiently.
First introduced in 1997, IFrames essentially allow you to embed "active" material that is brought in from elsewhere.

When misused, IFrames can secretly download another webpage - one you will not see because they can be as small as a single pixel - which redirects you to a page containing an exploit.
If your browser and system are vulnerable to this exploit then the malware is downloaded on to your computer. And, you did not agree to anything, did you?

A variant of this first great myth is that webpages cannot download to your computer without you clicking on an "OK" button.

You may have to click but that click might not be doing what you think. A typical trick is for a compromised site to pop up a box - usually an advert - which you simply have to close if not interested. The act of closing the advert can be the very click that initiates a download.
Things are not always what they seem online.

HOW TO STAY SAFE ONLINE

1. Anti-virus software is a good start although it can only protect you against the threats it knows about
2. Don't open emails or attachments from people you don't know
3. Block spam emails and delete them
4. Use unique passwords for every site you interact with
5. Make sure passwords are complex and contain no personal information - a combination of letters and numbers is a must
6. When visiting a site check that it is genuine - by looking for addresses and phone numbers
7. Check the address in the browser address bar is the same as the one you typed

Read the full article on the BBC website

OPP Fraud Prevention Resources

The Ontario Provincial Police (OPP) have recently updated their Website with some quality resources. These are all related to Fraud Prevention resources and are well worth checking out.

How to Spot a Scam

 

Who to Contact

 

Further information:

•Canadian Anti-Fraud Centre - http://www.antifraudcentre-centreantifraude.ca/
•Scam Protection - Student's Guide
•Competition Bureau of Canada -  http://competitionbureau.gc.ca/eic/site/cb-bc.nsf/eng/home
•Association of Certified Forensic Investigators of Canada -  http://www.acfi.ca/
•International Association of Financial Crimes Investigators
•Crimes of Persuasion -  http://www.crimes-of-persuasion.com/Crimes/Business/nigerian.htm
•Reporting Economic Crime Online -  http://www.recol.ca/
•Financial Consumer Agency of Canada - http://www.fcac.gc.ca/
•Industry Canada - http://www.strategis.gc.ca/ic_wp-pa.htm

Source: http://www.opp.ca/ecms/index.php?id=133

Published By The Renwick Group