Archive for the ‘Uncategorized’ Category

Newer Entries »

Spam Scam Alert

Tuesday, June 9th, 2009

It never takes long for the spammers to find you.  Within days of opening this blog, we began receiving the first spam comments –the typical “buy this product”, “click this link” type that you also receive in your email.

But last week I encountered a new type of comment spam that almost slipped past me –it was a positive comment, no products mentioned, from a legitimate sounding name and email address, with no links to any strange websites.

After encountering enough scams, however, you develop a kind of sixth sense out of pure defensiveness.  I did a google search on the name, and found that the same person had posted nearly identical comments in thousands of blogs on the same day –suggesting it was a robot and not a real person.  But the question was why?

My best guess is this –once the original round of robot comments go out, the spammer can do a websearch on his alias to find out which forums approved his message.  He can then concentrate his next round of spam –the kind carrying the payload –on the most vulnerable sites.

I don’t want to mention the exact names and messages here for that very reason, but if you want to find out more about this, there’s a blog entry from another blogger who was hit last week here.

Posted in Uncategorized | No Comments »

Forensics First Response

Tuesday, June 2nd, 2009

Often as a Forensics Expert, I find myself doing an investigation for a client where unfortunately critical information has been lost or the evidentiary value of the data has been compromised.

For a successful forensics investigation, the expert has to be able to assure that:

1. The data has not been changed or tampered with and is preserved in its original state.
2. Proper procedures are followed in gathering the evidence.
3. The opinions and findings can be based on solid information.

When you are victim of employee malfeasance or theft, your first reaction is to sit down at the offender’s computer and start digging for information. After all, most business owners are accustomed to taking charge and getting a handle on the situation. Unfortunately, where digital evidence is concerned, this is where good information gets lost or spoiled.

Often accusations get passed back and forth during the process. Evidence planting by the employer, the accused persons’ enemies in an organization, or other explanations are often given to explain away the information that is discovered. Therefore it is important that you as a business owner secure the information as quickly as possible.

If you have retained a forensics’ expert in the past, call them right away and have them walk you through the proper procedure in securing the evidence. If no one is available, or you don’t know who to call, at least consider taking the following steps:

1. Turn off the computer immediately by shutting off the power. When a computer goes through its shutdown process, it can overwrite information that could be valuable. However, if there is valuable information on the screen that may or may not have been saved to the computer hard drive, you will have to leave it on.
2. Take the computer to a secure location, and lock it away in a location that only two people have access. Make sure a log is kept of whom accesses the location of the computer. If you had to leave the computer on, secure the room/area where it is until a forensic’s expert can arrive.
3. Check around the area for CDs, USB Drives, or other portable media and lock it away with the computer.
4. Do not use the computer in any way shape or form until the hard drive has been properly imaged.

Taking a step back and slowing things down can save good information that will be invaluable during future civil and or criminal proceedings.

Tags:
Posted in Uncategorized | No Comments »

Twitter, Twitter, Tweet, Tweet

Wednesday, May 27th, 2009

I have to admit –I’m a Twitter resister.  Even in this age of instant communications, the idea of staying current on the minute-to-minute details of the lives of all my friends, loved ones and acquaintances seems less like a blessing and more like a curse.  But I do have to admit that there’s a place where twitter makes perfect sense –in the business world.

When my boss first announced the concept, I was skeptical.  But for a business like ours, Twitter is fantastic.  Most of us are rarely ever in the office –we’re all either telecommuting or out on assignment.  But with Twitter, we never need to worry about the right hand knowing what the left hand is doing.  Instead, it’s simplicity itself to know where all my coworkers are and what project they are engaged in.  It’s even helped me keep track of myself on particularly busy days by giving me a record of what I did when.

However, when the work day ends, I sign out of Twitter with no regrets or urges to check up on people after hours.  For now, at least, my private life remains proudly untweetable.

Posted in Uncategorized | No Comments »

Disaster Recovery: are you prepared?

Wednesday, May 20th, 2009

It’s never “if” your hard drive fails it’s “when”. Be prepared for the eventuality. It is not enough to run nightly backup routines and keep them on the company premises. Data must be stored ‘offsite’ in medium that can quickly be restored.
What If the worst of the worst happened to your business’s location and it was no longer there?
Your plan should include:

1. A Temporary Location
2. Hardware: Computers, Laptops, Printers, etc…
3. Software necessary to your company’s daily operation.

Also consider the size of your organization, it may be necessary to create plans and procedures for each department.

Posted in Disaster Recovery, Uncategorized | No Comments »

Newer Entries »