Evidence Solutions, Inc.

The FBI warned about a quickly growing nationwide scam specifically targeting older individuals, as 66% of victims are age 60 or over. These scams are known as "Phantom Hacker" schemes and are a new variation on a previously rampant form of tech support fraud. The threat actors will pose as tech support personnel, bank representatives, or government officials, quickly gaining the target's trust. Losses to this scam exceeded $542 million in the first half of 2023 alone.

As a Digital Forensics company, we receive frequent inquiries from people who believe their devices have been hacked. In some cases, it becomes quickly apparent that the person reporting the hacking may be imagining some or all elements of it (especially when the FBI is claimed to be involved). However, that does not change the fact that there are 100% legitimate instances of hacking, and it is essential to be aware of the warning signs that someone may be accessing your devices without your knowledge. Here are some indicators that your electronics may have been compromised - and what to do about it:

Sedona Conference published the third edition of the "The Sedona Conference Cooperation Proclamation: Resources for the Judiciary."

With the holiday season behind us, hopefully you are all using those fun and interesting electronic gifts you received. One of those gifts might be a tablet or e-reader, but beware it could have an adverse effect on your sleep cycle. Specifically, backlit e-readers and tablets should not be used before going to sleep, says a new study from the Cambridge, Massachusetts based Harvard Medical School.

It seems like there are as many rumors about how you should be charging your phone and how to make that battery last longer. These are just a few of the myths that we hear most often.

For those unfamiliar with the case of Jodi Arias in Arizona,she was arrested and later found guilty of the murder of Travis Alexander in 2008, she is currently facing the death penalty. The nitty gritty of the case aside,the defense hired a Computer Forensics expert to examine a computer which belonged to the victim.

One of the main items taken into account when considering how to price a settlement for a personal injury case is: what is the economic value of loss of ability to work or lead a normal life? In many cases it’s based on conjecture. In terms of working it can be a simple calculation of dollars per hour of work missed sometimes a little extra, but how can you quantify compensation for someone who seems relatively normal?

It looks like the new and highly publicized Google Glass wearable device is sliding down into the depths of failed technology. It joins these other failed products like the Segway, which failed due to low consumer demand and the Hewlett Packard TouchPad which failed due to incompatibility.

The Ponemon Institute, headquartered in Traverse City, Michigan, recently released their data breach survey which surveyed over 500 executives in the United States about how they think their company would respond to a breach. Last year when they completed this survey, about 61 percent of companies said they had data breach response plans in place for such an event. This year that percentage has increased to 73 percent.

Facebook has become a veritable giant in the world of social media. Although they have not been quite as successful with their recent IPO as originally planned, they still raked in over $3 billion in revenue this past year, not bad for a website. Now they are taking their service one step further in an unprecedented move to an anonymous social media.

Cell phones have an amazing amount of data on them:pictures, call logs, contacts, text messages, etc. One of the things that most modern cell phones have is GPS (Global Positioning System) data. GPS information allows one (or anyone else for that matter) to find out where you are in the world. But what if you don’t have GPS? Your phone still knows where you are, albeit only roughly.

In late 2014, the Municipal Bond Insurance Association experienced a breach in security when a large amount of customer data was found through a Google search. The UCLA Health System had a similar issue which involved patient communication records. The Pentagon Defense Information Systems Agency had a database with contractor data which was exposed.

We’ve all heard them, those little snippets of information that you heard from a friend who got it from a friend of a friend of a friend.Let us separate a little fact from fiction once and for all.

In an increasingly cyber-world, many experts believe that the United States is not prepared for a sophisticated cyber-attack. Every day we get closer to a potential cyber disaster.

While Amazon is working to develop “Prime Air”, the FAA and other groups battle over the use of Drones. Prime Air’s goal is to deliver products to Amazon’s customers within 30 minutes of the product being ordered. Meanwhile,the Federal Aviation Administration is not expected to establish final rules for commercial drone use until late 2015.

California is putting pressure on cell phone manufacturers to integrate a “Kill” function into their cell phone operating systems (OS). It appears that the pressure from State and Federal law enforcement officials is working on Google and Microsoft.

Safenet, a large data security company based in Belcamp, MD, recently released a report at the RSA Conference. The RSA conference is sponsored by RSA the Security Division of EMC, which is based in Hopkinton MA. The report titled: “Data Breach Level Index” contains some very interesting statistics about data breaches. Here is a summary:

Recently, Delaware became the first state to enact a law that ensures families’ rights to access the digital assets of loved ones during incapacitation or after death.

Part of our Forensics practice at Evidence Solutions,Inc. includes Electronic Medical Record (EMR) / Electronic Health Record (EHR) forensics. We take special interest in finding out about hacking events that affect Electronic Medical Record (EMR) Systems.

These three significant breaches highlight just how vulnerable U.S. private networks are to black hat hacker threats. The massive data breach of Target in the last quarter of 2013 generated tremendous concern for PII. Despite all the attention and concern generated by the massive data breaches of the last year, many companies still appear unprepared to detect and mitigate network intrusions.

Federal officials say the copy-and-paste features common to computers which are used to enter Electronic Medical Records (EMR) and Electronic Health Records (EHR) invite fraud. Merely copying and pasting another patient’s clinical notes can be considered fraud. The Federal Government believes there is a need to reduce the healthcare provider’s ability to duplicate notes.

As you travel keep the following scams in mind:

As you travel keep the following scams in mind:

One of our experts was notified by a friend that her laptop had disappeared at an airport security screening checkpoint. Never to be seen again. Yikes! It is a good reminder we need to be extra vigilant while traveling.

2014 was certainly a year to be remembered, from politics to the people who were born and died, it will be a difficult year to forget. From a technology standpoint, it is also nothing to shake a stick at. The ever anticipated 2014 Internet Trends report from Kleiner, Perkins, Caufield and Byers (KPCB) a venture capital firm located in Menlo Park, California in Silicon Valley, was released in late May of 2014.

Evidence Solutions, Inc. has first hand experience which indicates spying on one’s spouse is on the rise. It is not unusual for us to receive a request to download the data from a spouse’s cell phone. We also receive many requests to review a spouse's computer system that may contain evidence of hidden assets.

Shortly after Target’s massive data breach in December of 2013, Attorney General Eric Holder released a statement encouraging the United States Congress to pass a federal law which would become the standard for data breach notification. "This would empower the American people to protect themselves if they are at risk of identity theft," Holder said in the statement.

On June 13, 2014, P.F. Changs, based in Phoenix Arizona, released a statement saying they had experienced a breach involving data from their customers credit and debit cards used at their 403 location in the U.S. (including P.F. Changs and Pei Wei). he statement said the time frame in which credit card information was stolen was between March and May of 2014.

United States Attorney Booth Goodwin, announced recently that a former network engineer at Charleston, South Carolina based EnerVest Operating, LLC (“EnerVest”), was sentenced to four years in federal prison for intentionally causing significant damage to his employer’s computer system. The culprit: Ricky Joe Mitchell, 35, of Charleston, West Virginia.

The world has watched in recent years as Twitter, Facebook and other social media sites have made political uprisings possible where previously very difficult or perhaps impossible. In countries where dissidents had trouble making their voices heard due to the inability to quickly connect with one another, these tools are used to forward their agendas and change history.

Electronic Medical Records (EMR) and Electronic Health Records (EHR) are great tools that allow for data exchange between providers and faster access to a person’s medical history. Along with this ease of access comes the potential for abuse.

A recent article in the New York Times underscores the demand clients are requiring of their law firms to step up their cybersecurity. Financial institutions, including some Wall Street banks, are asking their outside counselors to answer questionnaires of up to 60 pages, which probe the firm’s cyber security measures. Other types of corporations are also asking their legal firms to allow for internal and/or external Information Technology (IT) firms to do an audit.

The Heartbleed bug is bad, very bad indeed. By one estimate, it affected nearly 2/3 of Internet sites at its discovery. The problem still exists today with sites that were not fixed. Here's what you need to know.

An ID Experts study says that the increased use of smart phones and tablets is significantly increasing the risk of cyber attacks in the health care industry. It links the risk to these devices to not having proper malware and virus protection. The study also indicates that there has been a 100 percent increase in attacks in these types of organizations since 2010.

Security and privacy is important, and probably more important than what many realize. Recently it has become more obvious that security and privacy have been lacking, so here are a few, sometimes wacky, tips to ensure your continued safety and privacy from a variety of threats that can arise.

An employee of the website hosting and Internet domain registrar, GoDaddy was tricked into giving a Black hat hacker information that could allow the hacker to take over customer’s domain names. This incident further illustrates that employees can be the weakest link in an organizations security.

A proposed California law would force Cellular Providers to have the ability to remotely destroy stolen cell phones. Once destroyed, the cell phone would be useless.

In today's technology world, almost every company uses computers. Here's a sample of an Employee Termination Checklist.

Here is a sample Cell Phone Use While Driving policy.

In today's technology world, almost every company uses computers, but there's still plenty of papers to sift through on your desk. Here's a sample of a Clean Desk policy which can be used in your organization.

In today's technology world, almost every company uses computers. Over the next few weeks, Evidence Solutions, Inc. will be delivering some sample policies which can be used in your organization. Our Holiday Gift to You.

In today's technology world, almost every company uses computers. Here is a sample Computer and Email Usage Policy.

Black Boxes on trucks including EDR, ECM, ECU, allow help determine what was happening with the vehicle during the time prior to the crash. Some of these devices can store years worth of data, others just store the condition of the Tractor during a recent event such as “Hard Stop” or crash.

The first spoliation case of its kind is almost a decade old…. But there are still lessons to be learned from it. The case is known as the "Arista Records, Inc. v. Sakfield Holding Co" case. While this case may not mean much to some, it is a well-known case in the digital forensics world because it brings up an interesting point: What happens when the data you are looking for is gone?

There’s been a lot of hype in the media of Google’s (based in Mountain View, CA) new toy, Google Glass. A wearable computer that is controlled primarily by voice and eye movement, this rather distracting piece of eyewear has been touted as the new hot item that everyone wants.

With new cars having extra features such as assisted parking and crash avoidance, they require more computers to control them. It is estimated that the average new car can have upwards of 50 microprocessors (computer brains) in it, that control everything from how much you brake to your air conditioning.

According to a recent survey, about 56% of employees admit to stealing Intellectual Property (IP) from their company when they are fired.

It is inevitable, one day you will die. Modern science may someday cure this flaw in the human body, but for now we know that at some point, we will cease to be alive. This brings about a flurry of various costs and fees (dying can be expensive) and your possessions will be given to your next of kin. But what happens to your digital possessions?

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) and the Department of Homeland Security (DHS) have recently received complaints regarding a ransomware campaign using the name of the DHS to extort money from unsuspecting victims.

Whenever you hear the term “hacker” what most often comes to mind? The most common visual is the pale nerd in his mother’s basement who is getting into his university server to change his rivals grades to failing ones. Then there are the various Hollywood depictions which show “master criminals” manipulating traffic signals and financial markets. This is a fairly recent use of the word “hacker” and for years before it had a very different meaning.

Let’s define the term “Social Engineering”. Simply put, it is the art of manipulating people into doing something, like divulging confidential information or performing actions that would expose information, and making them feel good about doing it, i.e they “solved” a problem or helped someone, etc. This allows the hacker to obtain information in a non-threatening manner.

Since the dawn of the modern smart phone it has been apparent that they can be used to spy on someone. Reviewing cell phone GPS information can track the user’s movements. In addition, if you want to know who calls have been place to or received from a review of the phone’s call logs stores this information.

Facebook recently released a statement detailing how over 6 million of its 1.1 billion users had their personal information unduly exposed. The cause? A minor error in the software of one of its largest archives. This error inadvertently allowed unauthorized users to view confidential contact data (such as email addresses and phone numbers) without any need for a password.

In today’s society, traveling with a laptop seems like an everyday occurrence, whether for “mobile office” or just personal use. There are some things you should be aware of when traveling with your laptop. Since it is portable and portable items can be easily lost or stolen. Here are a few tips to help avoid heartache and an employer’s wrath.

In recent years government has increased its requests for access to Cloud data. Storage-As-A-Service providers such as Google Drive, Dropbox, iDrive, Microsoft Skydrive, Apple iCloud and others are receiving numerous requests to view what has been stored by various individuals and companies. In addition to the government, there are instances of the storage company’s employees exposing or taking data for their own or others use.

As part of our forensics practice, we sometimes have to break or “crack” passwords. Password cracking is much more difficult and can, perhaps, foil hackers when a few simple rules are followed. Here are some tips to help keep our client's data safe:

A Toronto area law firm is missing six figures from their trust account. After being hit over the holidays by a virus which gave hackers remote backdoor access to the firm’s bookkeeper’s computer. The virus, known as the Trojan Banker Virus, was designed to capture keystrokes, which can include bank passwords, as they are typed.

Smartphones continue to grow in popularity and are now as powerful and functional as many computers. As mobile cybersecurity continues to grow, it is important to protect your smartphone just like you protect your computer. Mobile security tips can help you reduce the risk of exposure to mobile security threats.

Smartphones continue to grow in popularity and are now as powerful and functional as many computers. As mobile cybersecurity continues to grow, it is important to protect your smartphone just like you protect your computer. Mobile security tips can help you reduce the risk of exposure to mobile security threats.

Smartphones continue to grow in popularity and are now as powerful and functional as many computers. As mobile cybersecurity continues to grow, it is important to protect your smartphone just like you protect your computer. Mobile security tips can help you reduce the risk of exposure to mobile security threats.

There have been some interesting stories about how GPS tracking systems needed to “see the sky”. And there have been plenty of idiots who have simply placed the tracker on the roof of the car. In that case finding the tracker is simple. In more sophisticated and therefore challenging locating exercises, it can take several hours for mechanics to find the device, especially when they are mounted behind the dashboard.

Last week, the United States District Court of New Jersey filled charges against eight people, who allegedly hacked into many big name banks and stole upwards of $15,000,000.

In part one of this article we discussed how employees generally do not consider e-mail as it relates to the company’s legal standing. As an owner/supervisor, it is left to you to consider and take great care in educating your employees in what should or shouldn’t be put in writing. In addition, it is also up to you to make your employees aware how the written word is conveyed when read.

As an employer, Human Resources Director, or Risk Management Supervisor, ask yourself this question: “Do our employees think about the legal risk of sending communications over the internet?” If you are like the majority of companies, your answer would be, “It is highly improbable”. It is a very common problem amid the work place, for an employee to believe their electronic communications are transient, temporary and, once deleted, untraceable and therefore, harmless.