According to Michael Ogden in his recent article in PropertyCasualty 360, there are five mobile devise threats and how to prevent them.
- Phishing Attacks - use deceptive sites or software programs that masquerade as legitimate ones to steal vital user information (user login credentials and credit card numbers)
- Malware Infections - can steal data and eat up computing resources from mobile devises. They can trigger users into taking actions that further compromise mobile devices.
- Advanced Persistent Threats - are coordinated network attacks hackers use to gain access to an organization's network and data.
- Untested Mobile Apps - beware of downloading apps from a third-party source instead of downloading from regulated app stores.
- Outdated Operating Systems - leaves your mobile devise vulnerable to malware and other security threats.
How to avoid these threats according to Comodo Threat Research Labs:
- Avoiding connecting to unsecured Wi-Fi networks, such as public Wi-Fi hotspots;
- Downloading apps from trusted sources, such as the Google Play Store and iOS App store, and not from unreliable third-party sources;
- Being wary of unsolicited calls or messages; and
- Mitigating mobile device attacks from penetrating the corporate environment, which provides the controls needed to secure, manage and monitor all the employee-owned mobile devices that access critical business data.
Keep these tips in mind to help you maintain your mobile device.
Wrap up the Small Business Week by supporting local businesses. Small businesses are the backbone of the US economy. They also create two out of every three new jobs. To survive they need our support.
So, when you run your errands this weekend, stop by and support your local small businesses.
The compromise of business email is on the rise, particularly for cloud-based applications, according to the most recent report from Beazley Breach Response Services, part of specialist insurer Beazley P.L.C.
The industries most affected were the financial services, health care and professional services industries, according to the Beazley Breach Insights report, released Monday.
Many of the incidents involved Office 365, the cloud-based suite of Office applications, which accounted for 13% of incidents, the report said.
Hack or malware accounted for 42% of incidents, followed by accidental disclosure at 20%, and both social engineering and insider at 9%, the report said.
Other causes were portable devices at 5%; physical loss/non-electronic record at 4%; payment card fraud at 1%; and unknown/other at 10%.
Spreads among the different industries varied widely. In higher education, hack or malware accounted for 47% of incidents, followed by accidental disclosure at 21%, less than half.
The spread in the financial sector is even greater, with hack or malware in 55% of incidents and accidental disclosure, the next most frequent type, in just 18%.
Among health care incidents, however, hack and malware and accidental disclosure both came in at 29%, the report showed.
“These incidents are usually caused by an employee clicking on a link in a phishing email, often in the form of a ‘DocuSign’ request, Help Desk message, or Microsoft survey,” the report said.
Such incidents are on the rise because they are easy to carry out and the email accounts can be used for a variety of purposes, the report said.
Many can be easily avoided, however, by enforcing strong password policies and educating employees about the risks of recycling passwords for different applications; alerting employees who have access to accounts payable systems or wire transfer payments about these types of scams; and training all employees to beware of phishing attempts.
“The number of compromised email accounts is accelerating, but simple steps such as frequently changing passwords, having dual-factor authentication and removing auto-forwarding or auto-delete rules can help reduce vulnerabilities,” Katherine Keefe, global head of Philadelphia-based Beazley Breach Response Services, said in the report.
Source: Beazley Breach Response Services
The Coalition Against Insurance Fraud is warning seniors of an identity-theft scam targeting Medicare recipients.
Starting this month, Medicare will be mailing new cards with random characters – instead of Social Security numbers – to nearly 60 million seniors. The new cards are a security measure to prevent medical and financial ID theft by scammers who steal seniors’ Social Security numbers from the cards, according to the coalition.
But con artists have been cold-calling senior citizens about the new cards, trying to steal Social Security numbers, bank account numbers and credit card information, the coalition warned. Callers pretend they’re from Medicare and request seniors’ personal information. Among the pitches scammers are using are:
- You must pay for your new Medicare card or else you’ll lose your benefits
- Medicare is updating its files and needs your bank and credit card numbers
- Medicare needs to confirm your Social Security number before you can receive your new card
- Medicare needs your bank information in order to send you a refund on your old card
The coalition warned that scam emails and texts are using similar tactics.
“Scammers prey on confusion about the new Medicare cards,” the coalition said. According to an AARP survey, three out of four seniors know little or nothing about the cards, and six in 10 think they must pay a fee. Up to half might not question the legitimacy of a call from someone claiming to be a Medicare representative.
The coalition offered this advice:
- If someone calls you with a pitch about the new cards, hang up. Medicare won’t phone you about the cards. They’re free, and Medicare recipients do not have to report or verify information in order to receive them
- Sign up for an alert that Medicare has mailed the new card
- Destroy your old Medicare card when the new one arrives
Please follow these tips to keep your Medicare information.
Source: Insurance Business America
April 17th is right around the corner and that is when we submit our tax filings to our state and federal government. Tax deductions can help you cut down your 2017 tax bill.
Here are 11 deductions that you might have overlooked courtesy of CNN Money:
Traditional IRA contributions - you have till April 17th to make a tax-deductible contribution to your traditional IRA for 2017. You can contribute $5,500, or $6,500 if you're over 50.
Head of Household filing status - If your spouse has not been in the home for the last six months of 2017, you can qualify for head of household status.
Moving expenses - you can deduct any moving related expenses not reimbursed by your employer or if you are self-employed.
Mileage - If you drive for work you may deduct a portion of the miles you log, as long as you meet certain criteria and itemize your deductions.
Gambling losses - If you enjoy wagering, you're allowed to deduct your losses but only up to the amount of your winnings for the year, and only if you itemize.
Personal property taxes - If you itemize your deductions and live in a state that imposes an annual personal property tax based on the value of your car, you may deduct that tax on your federal return.
Medical expenses - You can take this deduction if you itemize, and the new tax law made it a little easier to take, temporarily. The general rule is that you may deduct any unreimbursed medical and dental expenses that exceed 10% of your adjusted gross income. But that threshold is lowered to 7.5% of AGI for tax years 2017 and 2018 only.
Reinvested dividends - If you sold a long-held stock or mutual fund in 2017, you'll owe tax on any capital gain, which is the difference between your purchase price (aka your "cost basis") and the price you sold the investment for. But if you've been reinvesting your dividends all along, that money gets added to your cost basis. And that will reduce the overall tax you owe on your capital gains.
Private mortgage insurance premiums - If you itemize deductions, you're allowed to deduct the PMI payments you made last year on loans taken out after 2006. You only have to pay PMI if you put down less than 20% on the home you bought. You can't take the deduction if your AGI is over $110,000. This break had expired but was given a one-year extension under a recent spending deal passed by Congress.
Home equity interest - If you've taken out a home equity loan or line of credit, you may still deduct the interest you pay on it for 2017. But per guidance from the IRS, from 2018 through 2025, you will only be able to deduct the interest if you use the money for home improvement.
Since 1992, April has been designated as Stress Awareness Month. According to the American Institute of Stress, about 90% of all visits to primary care physicians are for stress related disorders, ranging from stomach trouble to heart disease. Job related stress costs American businesses about $150 billion a year.
AmeriHealth has put together an entire Stress Awareness Employer Toolkit that you can use to coordinate employee sessions on how to handle stress. Among the items are quiz, fact sheets, flyers, and resources.
To obtain a toolkit, click here.
Do you use Orbitz to book your travel? If so, you might be one of over 880,000 payment card number and related information exposed to a data breach. These were two breaches which occurred:
- January 1, 2016 and June 22, 2016
- January 1, 2016 and December 22, 2016
If you booked travel via Orbitz, you might be a victim of identity theft and aren't aware that you data has been compromised due to the late release of this information by Orbitz.
Call the agency today to find out about identity theft coverage which can help offset the expenses of identity restoration.
Every year more than 164,000 emergency room-treated injuries and 300 deaths in the US are caused by falls from ladders. Since March is Ladder Safety Month, here are some Basic Ladder Safety Tips from The American Ladder Institute which can help prevent serious injuries.
- If you feel tired or dizzy, or are prone to losing your balance, stay off the ladder.
- Do not use ladders in high winds or storms.
- Wear clean slip-resistant shoes. Shoes with leather soles are not appropriate for ladder use since they are not considered sufficiently slip resistant.
- Before using a ladder, inspect it to confirm it is in good working condition. Ladders with loose or missing parts must be rejected. Rickety ladders that sway or lean to the side must be rejected.
- The ladder you select must be the right size for the job. The Duty Rating of the ladder must be greater than the total weight of the climber, tools, supplies, and other objects placed upon the ladder. The length of the ladder must be sufficient, so that the climber does not have to stand on the top rung or step.
- When the ladder is set-up for use, it must be placed on firm level ground and without any type of slippery condition present at either the base or top support points.
- Only one person at a time is permitted on a ladder unless the ladder is specifically designed for more than one climber (such as a Trestle Ladder).
- Ladders must not be placed in front of closed doors that can open toward the ladder. The door must be blocked open, locked, or guarded.
- Read the safety information labels on the ladder. The on-product safety information is specific to the type of ladder. The climber is not considered qualified or adequately trained to use the ladder until familiar with this information.
The Three Point-of-Contact Climb
Factors contributing to falls from ladders include haste, sudden movement, lack of attention, the condition of the ladder (worn or damaged), the user's age or physical condition, or both, and the user's footwear.
- Although the user's weight or size typically does not increase the likelihood of a fall, improper climbing posture creates user clumsiness and may cause falls. Reduce your chances of falling during the climb by:
- wearing slip-resistant shoes with heavy soles to prevent foot fatigue;
- cleaning the soles of shoes to maximize traction;
- using towlines, a tool belt or an assistant to convey materials so that the climber's hands are free when climbing;
- climbing slowly and deliberately while avoiding sudden movements;
- never attempting to move a ladder while standing on it;
- keeping the center of your belt buckle (stomach) between the ladder side rails when climbing and while working. Do not overreach or lean while working so that you don't fall off the ladder sideways or pull the ladder over sideways while standing on it.
When climbing a ladder, it is safest to utilize Three Points-of-Contact because it minimizes the chances of slipping and falling from the ladder. At all times during ascent, descent, and working, the climber must face the ladder and have two hands and one foot, or two feet and one hand in contact with the ladder steps, rungs and/or side rails. Please don't carry any objects in either hand that can interfere with a firm grip on the ladder.