Arlington West Rotary Satellite Club Business Networking Social

DINNER INVITATION

We are delighted to invite you to join us at Arlington West Rotary Satellite Club’s Business Networking dinner on:

TUESDAY, May 14, 2019 6:30pm to 8:00pm 

Moni’s Pasta and Pizza

1730 West Randol Mill Rd.

Arlington TX 76012

COST: $10 DONATION + COST OF YOUR MEAL

Come meet other like-minded business professionals and fellow Rotarians to build goodwill and better friendship over dinner while discussing non-controversial current topics.

WHAT TO EXPECT:

·      Be prepared to give a 30 second commercial about yourself, depending on the number of attendees, you will be randomly selected to tell a little about what you do.

·       Discuss current topics. Please bring one that is suitable for group discussion.  (no controversial topics, the moderator will not let things to become heated) We are building relationships.

·       You will be encouraged to meet people and setup a one on one time to learn more about someone in the group. Bring at least 2 business cards.

·       Be prepared to designate where half the money collected will be donated.  Local Charity or Rotary Club.

CONTACT:

ROBERT BLAKE

TEL: 972-365-7010

E-MAIL

Please RSVP

FOLLOW ARLINGTON WEST ROTARY CLUB:

  facebook.com/ArlingtonWestRotaryClub                            Website: https://arlingtonwestrotary.org/

UConn’s $5M data breach lawsuit

UConn’s $5M data breach lawsuit

The University of Connecticut Health Center has been served a class action lawsuit over a data breach that resulted in the exposure of 326,000 current and former patients. Yoselin Martinez and others are seeking $5M in damages, alleging that the university not only took months to report the breach, but could have done more to prevent it. Martinez claims that her bank account has been defrauded and overdrawn due to the information that was compromised during the breach.

The attack was discovered in December of last year, when an unauthorized party was able to access an employee’s email account and compromise names, DOBs, addresses, medical information, and SSNs. With the public eye scrutinizing organizational efforts to protect their customers and employees, small businesses must catch on early and begin working with MSPs to bolster new cybersecurity initiatives.

https://www.scmagazine.com/home/security-news/data-breach/uconn-health-center-hit-with-5m-suite-over-breach/

Don't be part of the 41%

In Other News:

Celebgate 2.0: attacks on the Apple accounts of musicians and athletes

A Georgian man has confessed to hacking the Apple accounts of NFL and NBA players, along with famous musicians. By creating fake accounts and impersonating Apple’s customer service, Kwamaine Jerell Ford was able to send phishing emails that coaxed victims into providing their login credentials as early as 2015. Once he had taken over the accounts, he would change the email addresses and passwords, and proceed to purchase air travel, hotels, and furniture.

With credit card information from Apple in hand, he was also able to transfer money to his own online payment accounts. Ford has pleaded guilty to one count of computer fraud and one count of aggravated identity theft. He will be sentenced on June 24.

Such an incident serves as a strong reminder of just how much damage can be inflicted through phishing. To prevent this highly effective form of cyberattack, small businesses and security providers invest in solutions that are specifically designed with customers and employees in mind, and able to proactively stop phishing campaigns in their tracks. Enter BullPhish ID!

https://www.techspot.com/news/79447-man-pleads-guilty-hacking-apple-accounts-famous-musicians.htmlhttps://www.techspot.com/news/79447-man-pleads-guilty-hacking-apple-accounts-famous-musicians.html

The growing threat of business email compromise (BEC), and what you can do about it

The growing threat of business email compromise (BEC), and what you can do about it

BEC is a scam in which hackers target companies that pay their bills through wire transfers. Typically, scammers will impersonate C-suite employees and leverage social engineering techniques to route funds to themselves, resulting in hundreds of thousands in losses. In 2016, the global average for costs faced by a single company was $140,000.

Below are the 5 most common forms of BEC fraud, according to the FBI:

• The Bogus Invoice- Fraudsters pose as vendors requesting payments to accounts that are owned by them. Such an incident is most common among companies who deal with foreign suppliers.
• CEO Fraud- As the name implies, cyber criminals will assume the role of an executive and request fund transfers from their finance teams.
• Account Compromise- In this scenario, employee accounts are hacked and leveraged to request invoice payments from vendors.
• Attorney Impersonation- Attackers pretend to be lawyers in charge of confidential information and will ask for unusual requests via phone or email. This form of BEC tends to occur toward the end of a business day.
• Data Theft- Hackers will go after HR and finance employees to gain PII and tax statements of employees, which can be used for future attacks.

What makes BEC so dangerous is that such scams can circumvent traditional security solutions, since they do not contain any malicious links or attachments that can be identified. Some immediate security flags for such tactics are words like ‘request, payment, transfer, or urgent’ in an email subject line, but employee cybersecurity training and awareness remains the most effective solution to preventing BEC.

https://www.trendmicro.com/vinfo/us/security/definition/business-email-compromise-(bec)

"Why does HIPAA apply to me if I am not in the medical field?"

"Why does HIPAA apply to me if I am not in the medical field?"

HIPAA, the acronym for the Health Insurance Portability and Accountability Act, is a regulation administered by the Department of Health and Human Services.

Most people are aware that hospitals, long-term care facilities, health insurance companies, doctors offices, & the like must comply with both the privacy and security components of HIPAA. However, many people are fuzzy on the fact that other organizations also have to follow a minimum set of security standards under HIPAA.

Any organization who provides services to any of the entities above has to sign what is called a business associate agreement or BAA. This agreement is essentially an attestation that the business associate will exercise due care while handling medical records.

Here are some examples of business associates:

- An outsourced IT firm

- A third-party cybersecurity firm

- A CPA firm who provides accounting services and has access to PHI in the process

Any time a business associate discloses handles or uses PHI, they must comply with HIPAA Security Rule and HIPAA Privacy Rule mandates.

The HIPAA Security Rule requires periodic risk assessments, users to be trained on security best practices, and penetration testing to ensure that the business associate is not adding unnecessary risk to the handling of protected health information.

Essentially, anybody coming in touch with protected health information needs to align their cybersecurity posture with HIPAA requirements.

Net more info.. contact us at 877.860.5831

Robocall Scam is back, to the tune of $40M

In Other News:

Robocall Scam is back, to the tune of $40M

Ever dropped everything you were doing to take a call, only to receive an automated message in a foreign language? You certainly are not alone.

Most of us likely hung up without thinking twice (and without understanding a word that was said). However, a recent slew of Mandarin-based calls has been targeting Chinese Americans, attempting to trick them into thinking that they are in legal trouble with the Chinese government. On Thursday, the FBI revealed it had received more than 350 complaints from victims of the scam, with aggregated losses reaching over $40 million. Dubbed the “Chinese Embassy Scam,” it has amounted to average losses upwards of $164,000 per victim.

Some of us may be wondering how such a scam could be so effective, but it all comes back to the concept of relevance, originality, and impact. By speaking in a familiar language and using phone spoofing to change caller ID tags, cyber criminals can defraud virtually anyone. To fight fire with fire, companies must invest in advanced cybersecurity solutions that are specifically designed to thwart phishing campaigns (like BullPhish ID!)

https://www.pcmag.com/news/367491/chinese-embassy-robocall-scam-rakes-in-40m-from-victims