Friday, January 30, 2015

US Cert IRS and US-CERT Caution Users: Prepare for Heightened Phishing Risk This Tax Season


Overview

Throughout the year, scam artists pose as legitimate entities—such as the Internal Revenue Service (IRS), other government agencies, and financial institutions—in an attempt to defraud taxpayers. They employ sophisticated phishing campaigns to lure users to malicious sites or entice them to activate malware in infected email attachments. To protect sensitive data, credentials, and payment information, US-CERT and the IRS recommend taxpayers prepare for heightened risk this tax season and remain vigilant year-round.
Remain alert

Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. In many successful incidents, recipients are fooled into believing the phishing communication is from someone they trust. An actor may take advantage of knowledge gained from research and earlier attempts to masquerade as a legitimate source, including the look and feel of authentic communications. These targeted messages can trick any user into taking action that may compromise enterprise security.
Spot common elements of the phishing lifecycle

A Lure: enticing email content.
Example 1 of actual phishing email
Example 2 of actual phishing email
A Hook: an email-based exploit.

Email with embedded malicious content that is executed as a side effect of opening the email
Email with malicious attachments that are activated as a side effect of opening an attachment
Email with “clickable” URLs: the body of the email includes a link, which displays as a recognized, legitimate website, though the actual URL redirects the user to malicious content.
A Catch: a transaction conducted by an actor following a successful attempt.
Unexplainable charges
Unexplainable password changes
Understand how the IRS communicates electronically with taxpayers

The IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information.
This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.
The official website of the IRS is www.irs.gov.
Take action to avoid becoming a victim

If you believe you might have revealed sensitive information about your organization or access credentials, report it to the appropriate contacts within the organization, including network administrators. They can be alert for any suspicious or unusual activity.

Watch for any unexplainable charges to your financial accounts. If you believe your accounts may be compromised, contact your financial institution immediately and close those accounts.

If you believe you might have revealed sensitive account information, immediately change the passwords you might have revealed. If you used the same password for multiple accounts, make sure to change the password for each account and do not use that password in the future.
Report suspicious phishing communications
Email: If you read an email claiming to be from the IRS, do not reply or click on attachments and/or links. Forward the email as-is to phishing@irs.gov(link sends e-mail), then delete the original email.
Website: If you find a website that claims to be the IRS and suspect it is fraudulent, send the URL of the suspicious site to phishing@irs.gov(link sends e-mail) with subject line, “Suspicious website”.
Text Message: If you receive a suspicious text message, do not reply or click on attachments and/or links. Forward the text as-is to 202-552-1226(standard text rates apply), and then delete the original message (if you clicked on links in SMS and entered confidential information, visit the IRS’ identity protection page).

If you are a victim of any of the above scams involving IRS impersonation, please report to phishing@irs.gov(link sends e-mail), file a report with the Treasury Inspector General for Tax Administration (TIGTA), the Federal Trade Commission (FTC), and the police.
Additional Resources

For more information on phishing, other suspicious IRS-related communications including phone or fax scams, or additional guidance released by Treasury/IRS and DHS/US-CERT, visit:
Avoiding Social Engineering and Phishing Attacks
Recognizing and Avoiding Email Scams
Phishing and Other Schemes Using the IRS Name
IRS Repeats Warning about Phone Scams
Report Phishing and Online Scams
Tips for Taxpayers, Victims about Identity Theft and Tax Returns

To report a cybersecurity incident, vulnerability, or phishing attempt, visit US-CERT.gov/report.


Author US-CERT and IRS

Thursday, January 29, 2015

Credit card holders warned of major fraud ring in NC



What authorities are describing as a "Major credit card fraud ring" is sweeping across North Carolina, already tallying almost half a million dollars in purchases.

"They are mostly hitting places along the Interstate 40 corridor from Wilmington all the way to Morganton," said Morganton Public Safety Investigator Roger Tate.

Surveillance video was released on Thursday showing several people who used the fraudulent credit cards.

Tate says cards are not being stolen, instead, the card numbers are taken. They believe they were retrieved from legitimate processing centers and new, fraudulent cards, were made overseas.


30 days' notice is not enough!



President Obama recently proposed a law requiring that companies inform customers within 30 days when personal information, such as Social Security numbers, is exposed. Forty-seven states have data breach notification laws, which vary widely.

Pennsylvania requires that companies notify customers “without unreasonable delay” but the government isn't notified. How does one define “unreasonable delay”? Also, only information in electronic format is covered. Writing your Social Security number on a paper form that isn't shredded could result in your being exposed and you wouldn't be notified.

A recent Pew Poll noted that 91 percent of Americans feel they've lost control of their personal information. Once you share information, will company employees be diligent in guarding your information? According to Experian's Data Breach Resolution group, 80 percent of data breaches are rooted in employee negligence/error.



Read more: http://triblive.com/opinion/featuredcommentary/7641763-74/credit-data-information#ixzz3QEykyQBl
Follow us: @triblive on Twitter | triblive on Facebook

Green Dot Fraud



Bradley County Sheriff Eric Watson has issued an alert concerning attempted fraud.

The Sheriff says law enforcement agencies have received numerous calls about “Green Dot” card swindle.

There have been several other scams of this type in Southeast Tennessee and nationwide recently. Complainants report they receive a phone call from a male identifying himself as an officer with the Bradley County Sheriff’s Office.

The caller advises there is an arrest warrant on file for the citizen; however, that citizen could pay a fee to resolve the issue.

The “Scam Officer” directs the citizen to go to a Wal-Mart to purchase a Green Dot money card for a specific amount of money, and then call the “scammers” back at the telephone number provided.

One issue that is more serious is that now the criminals involved in the incidents use actual names of Bradley County officers, while calling from this area’s 423 area code and local pre-fix numbers such as 650, 284, 605, 715, 716 or others.


Wednesday, January 28, 2015

US Cert Linux "Ghost" Remote Code Execution Vulnerability



The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.

US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu(link is external) and Red Hat(link is external). The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.

US Cert Linux "Ghost" Remote Code Execution Vulnerability



The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.

US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu(link is external) and Red Hat(link is external). The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.

Apple Releases Security Updates for OS X, Safari, iOS and Apple TV



Apple has released security updates for OS X, Safari, iOS and Apple TV to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system.

Updates available include:
OS X v10.10.2 and Security Update 2015-001 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10 and v10.10.1
Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.1
iOS 8.1.3 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later
Apple TV 7.0.3 for Apple TV 3rd generation and later

US-CERT encourages users and administrators to review Apple security updates HT204244(link is external), HT204243(link is external), HT204245(link is external) and HT204246(link is external), and apply the necessary updates.

Apple Releases Security Updates for OS X, Safari, iOS and Apple TV



Apple has released security updates for OS X, Safari, iOS and Apple TV to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system.

Updates available include:
OS X v10.10.2 and Security Update 2015-001 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10 and v10.10.1
Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.1
iOS 8.1.3 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later
Apple TV 7.0.3 for Apple TV 3rd generation and later

US-CERT encourages users and administrators to review Apple security updates HT204244(link is external), HT204243(link is external), HT204245(link is external) and HT204246(link is external), and apply the necessary updates.

Tuesday, January 27, 2015

My Bug Out or Back Home Bag

















BG Ultimate Kit
Gerber® Miniature Multi-tool
Needle Nose Pliers
Wire Cutters
Fine Edge Knife
Phillips Screwdriver
Small Flat Driver
Medium Flat Driver
Lanyard Ring
Bottle Opener
Tweezers
Waterproof Bag
Miniature Light
Hand Saw
Signaling Mirror
Survival Blanket
Fire Starter
Waterproof matches
Cotton Ball - Fire Tinder
Snare Wire
Emergency Cord
Waxed Thread
Fishing Kit
Sewing kit
Lanyard Whistle
Lightweight, ripstop nylon bag with waterproof zipper
Land to air rescue instructions
Priorities of Survival - Pocket guide contains Bear’s survival essential

5.11 Carry Bag RUSH Moab 10
Smith and Wesson Handcuffs
Lockpick Set
US Army Compass
UZI Tactical Pen
EMR 4 Oz. Water
72 Hour Emergency Bar
Water Purification Tablets
3 Types of Tender
1 Magnesium Stick
Fire Strike
Sterile Wipes
Alcohol Pads
Burn Gel
9MM Taurus PT-92 Handgun
Tactical Knife with Glass Break
Hemostats
100’ Para cord
Tire Patch Kit
Kenwood Tri-band HT with Weather Channel
Twine
Electrical Tape
Emergency Meds
50 Rounds of 9mm Ammo “Remington Saber Defense Loads”
BG Headlamp
Surefire Tactical Flashlight
Dog Tags /w Silencers
Wool Hat and Wool Socks for Sleeping Bag
Waterproof Digital Camera (Nikon)
Optic Fire Starter
Wire Cutter and Stripper
Chop Sticks and Spork
Knife Sharpener
BG Fixed Blade
UTG Ball Cap
Pencil
Shooting Gloves
Sherpa
Blackhawk Indemnification Badge Holder
Para cord Surestrike Bracelet
Tactical Extending Baton.


Not Pictured Wool Blanket and Pillow, Also I keep my first EMT bag.

My Bug Out or Back Home Bag

















BG Ultimate Kit
Gerber® Miniature Multi-tool
Needle Nose Pliers
Wire Cutters
Fine Edge Knife
Phillips Screwdriver
Small Flat Driver
Medium Flat Driver
Lanyard Ring
Bottle Opener
Tweezers
Waterproof Bag
Miniature Light
Hand Saw
Signaling Mirror
Survival Blanket
Fire Starter
Waterproof matches
Cotton Ball - Fire Tinder
Snare Wire
Emergency Cord
Waxed Thread
Fishing Kit
Sewing kit
Lanyard Whistle
Lightweight, ripstop nylon bag with waterproof zipper
Land to air rescue instructions
Priorities of Survival - Pocket guide contains Bear’s survival essential

5.11 Carry Bag RUSH Moab 10
Smith and Wesson Handcuffs
Lockpick Set
US Army Compass
UZI Tactical Pen
EMR 4 Oz. Water
72 Hour Emergency Bar
Water Purification Tablets
3 Types of Tender
1 Magnesium Stick
Fire Strike
Sterile Wipes
Alcohol Pads
Burn Gel
9MM Taurus PT-92 Handgun
Tactical Knife with Glass Break
Hemostats
100’ Para cord
Tire Patch Kit
Kenwood Tri-band HT with Weather Channel
Twine
Electrical Tape
Emergency Meds
50 Rounds of 9mm Ammo “Remington Saber Defense Loads”
BG Headlamp
Surefire Tactical Flashlight
Dog Tags /w Silencers
Wool Hat and Wool Socks for Sleeping Bag
Waterproof Digital Camera (Nikon)
Optic Fire Starter
Wire Cutter and Stripper
Chop Sticks and Spork
Knife Sharpener
BG Fixed Blade
UTG Ball Cap
Pencil
Shooting Gloves
Sherpa
Blackhawk Indemnification Badge Holder
Para cord Surestrike Bracelet
Tactical Extending Baton.


Not Pictured Wool Blanket and Pillow, Also I keep my first EMT bag.

US Cert Linux "Ghost" Remote Code Execution Vulnerability


The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.

US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu(link is external) and Red Hat(link is external). The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.

US Cert Linux "Ghost" Remote Code Execution Vulnerability


The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.

US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu(link is external) and Red Hat(link is external). The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.

#LizardSquad takes credit for Facebook, Tinder, and Instagram Outage....but



It looks like the downtime was a result of a system failure. It was a configuration issue. Facebook recently released the cause of the downtime was from a bad configuration.

http://www.forbes.com/sites/thomasbrewster/2015/01/27/lizard-squad-didnt-down-facebook-with-ddos/

#LizardSquad takes credit for Facebook, Tinder, and Instagram Outage....but



It looks like the downtime was a result of a system failure. It was a configuration issue. Facebook recently released the cause of the downtime was from a bad configuration.

http://www.forbes.com/sites/thomasbrewster/2015/01/27/lizard-squad-didnt-down-facebook-with-ddos/

US Cert Security Advisory for Adobe Flash Player



Adobe has released Flash Player desktop version 16.0.0.296 to address a critical vulnerability (CVE-2015-0311) in 16.0.0.287 and earlier versions for Windows and Macintosh. This vulnerability could allow an attacker to take control of the affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB15-01(link is external) and apply the necessary updates.

US Cert Security Advisory for Adobe Flash Player



Adobe has released Flash Player desktop version 16.0.0.296 to address a critical vulnerability (CVE-2015-0311) in 16.0.0.287 and earlier versions for Windows and Macintosh. This vulnerability could allow an attacker to take control of the affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB15-01(link is external) and apply the necessary updates.

Monday, January 26, 2015

FBI Looking to Legalize VPN and Tor Network Hacks





The FBI is at it again. After failing to remove encryption from U.S. citizens' smartphones, it is now looking for a change in federal law to essentially attack anyone using Tor network or VPN solutions.


Known as "fishing expeditions", the new move looks to change Federal Rule 41(b), which would allow the FBI to obtain an electronic warrant on a citizen without any questions on the who, what, when, where and why.


FBI Looking to Legalize VPN and Tor Network Hacks





The FBI is at it again. After failing to remove encryption from U.S. citizens' smartphones, it is now looking for a change in federal law to essentially attack anyone using Tor network or VPN solutions.


Known as "fishing expeditions", the new move looks to change Federal Rule 41(b), which would allow the FBI to obtain an electronic warrant on a citizen without any questions on the who, what, when, where and why.


Sunday, January 25, 2015

When You Could possibly Not Want a Safety Freeze on Your Credit Report



A security freeze is a really hard lock on your credit. If you've been a victim of identity theft or recent retailer breaches, your initial believed may well be to go ahead with the lock. In some circumstances, even though, you might be far better off leaving...


When You Could possibly Not Want a Safety Freeze on Your Credit Report



A security freeze is a really hard lock on your credit. If you've been a victim of identity theft or recent retailer breaches, your initial believed may well be to go ahead with the lock. In some circumstances, even though, you might be far better off leaving...


Saturday, January 24, 2015

US Cert FBI Releases "Ransomware on the Rise"


The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock it.

Users and administrators are encouraged to review the FBI article "Ransomware on the Rise" for details and refer to Alert TA-295A for information on Crypto Ransomware.

US Cert FBI Releases "Ransomware on the Rise"


The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock it.

Users and administrators are encouraged to review the FBI article "Ransomware on the Rise" for details and refer to Alert TA-295A for information on Crypto Ransomware.

FREE Lock Picking Kit



BREAKING NEWS: FightFast has just released a brand new
product -- "Survival Lock-Picking Secrets".

If you act now, I will send you this stunning Kit -- which
includes a step-by-step DVD package and a set of
lock-picks...

...For FREE!




This may be more important to you than you think.

Because understanding lock picking is not only fun, but it's
also a very smart survival strategy -- which is explains why
the U.S. military includes them in their own survival kits.

There's MORE cool stuff in this package too, including:
A handy case so you can carry the picks in your wallet.
Instruction on how to make and use "beer can
shims" to open practically any pad lock in seconds.
U.S. Special Forces "Survival" DVD (dozens of
clever tricks NEVER taught to civilians -- until now).
Video on how to track animals or men across even the
toughest terrain.

http://www.fightfast.com/nbcv/FFSK/ntbt2.php

FREE Lock Picking Kit



BREAKING NEWS: FightFast has just released a brand new
product -- "Survival Lock-Picking Secrets".

If you act now, I will send you this stunning Kit -- which
includes a step-by-step DVD package and a set of
lock-picks...

...For FREE!




This may be more important to you than you think.

Because understanding lock picking is not only fun, but it's
also a very smart survival strategy -- which is explains why
the U.S. military includes them in their own survival kits.

There's MORE cool stuff in this package too, including:
A handy case so you can carry the picks in your wallet.
Instruction on how to make and use "beer can
shims" to open practically any pad lock in seconds.
U.S. Special Forces "Survival" DVD (dozens of
clever tricks NEVER taught to civilians -- until now).
Video on how to track animals or men across even the
toughest terrain.

http://www.fightfast.com/nbcv/FFSK/ntbt2.php

US Cert IC3 Releases Alert for a Scam Targeting Businesses



The Internet Crime Complaint Center (IC3) has released an alert warning companies of a sophisticated wire payment scam dubbed the Business E-mail Compromise. Scammers use fraudulent information to trick companies into directing financial transactions into accounts they control.

Users are encouraged to review the IC3 Scam Alert for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

US Cert IC3 Releases Alert for a Scam Targeting Businesses



The Internet Crime Complaint Center (IC3) has released an alert warning companies of a sophisticated wire payment scam dubbed the Business E-mail Compromise. Scammers use fraudulent information to trick companies into directing financial transactions into accounts they control.

Users are encouraged to review the IC3 Scam Alert for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

Friday, January 23, 2015

Silk Road 2.0 deputy arrested after 6-month attack on Tor



With the trial of alleged Silk Road mastermind Ross Ulbricht under way for a second week, Department of Homeland Security (DHS) agents have also now arrested the alleged deputy of the illegal drug bazaar's reboot, Silk Road 2.0.

Brian Richard Farrell, 26, of Bellevue, Washington, was arrested last week and charged on Tuesday with conspiracy to distribute heroin, methamphetamine, and cocaine, according to a statement from the office of Acting US Attorney Annette L. Hayes, for the Western District of Washington.

Farrell allegedly went by the handle "DoctorClu" on Silk Road 2.0, which sprang up in November 2013 following the government's seizure of the first Silk Road website.



Silk Road 2.0 deputy arrested after 6-month attack on Tor



With the trial of alleged Silk Road mastermind Ross Ulbricht under way for a second week, Department of Homeland Security (DHS) agents have also now arrested the alleged deputy of the illegal drug bazaar's reboot, Silk Road 2.0.

Brian Richard Farrell, 26, of Bellevue, Washington, was arrested last week and charged on Tuesday with conspiracy to distribute heroin, methamphetamine, and cocaine, according to a statement from the office of Acting US Attorney Annette L. Hayes, for the Western District of Washington.

Farrell allegedly went by the handle "DoctorClu" on Silk Road 2.0, which sprang up in November 2013 following the government's seizure of the first Silk Road website.



Five ways online advertisers can protect themselves from sly post-holiday fraud



Online ad prices fall after the holidays, make it easier for criminals to defraud unwary online advertisers. Here’s what to watch out for.

Holiday 2014 has come and gone, and we’re settling into the New Year. Those inflated holiday ad prices feel like a thing of the past, and marketers everywhere can rejoice in the increase of available ad inventory and the decrease of bid rates. Getting a lot of inventory for cheap is great, right? What could go wrong?

Turns out, a lot if you’re not careful. The price transition on ad inventory between holiday and the New Year is one of the easiest times for fraudsters to sneak in fraudulent inventory – like ad stacking (placing multiple ads on top of each other in a single ad placement, where only the top ad is seen, but all are loaded and charged to the advertiser as impressions, allowing the fraudster to collect publisher fees) and fake URLs (a URL that has little to no real consumer traffic, but collects publisher fees for impressions, and often houses malware generating fraudulent clicks) - without being detected. One reason is that fraudulent inventory is normally priced very low, which blends right in with those low January bid rates. Another reason is that advertisers become less vigilant as their display costs decrease from the pricey, holiday months.

Five ways online advertisers can protect themselves from sly post-holiday fraud



Online ad prices fall after the holidays, make it easier for criminals to defraud unwary online advertisers. Here’s what to watch out for.

Holiday 2014 has come and gone, and we’re settling into the New Year. Those inflated holiday ad prices feel like a thing of the past, and marketers everywhere can rejoice in the increase of available ad inventory and the decrease of bid rates. Getting a lot of inventory for cheap is great, right? What could go wrong?

Turns out, a lot if you’re not careful. The price transition on ad inventory between holiday and the New Year is one of the easiest times for fraudsters to sneak in fraudulent inventory – like ad stacking (placing multiple ads on top of each other in a single ad placement, where only the top ad is seen, but all are loaded and charged to the advertiser as impressions, allowing the fraudster to collect publisher fees) and fake URLs (a URL that has little to no real consumer traffic, but collects publisher fees for impressions, and often houses malware generating fraudulent clicks) - without being detected. One reason is that fraudulent inventory is normally priced very low, which blends right in with those low January bid rates. Another reason is that advertisers become less vigilant as their display costs decrease from the pricey, holiday months.

Risk management: the key to business growth



Business growth requires a solid foundation and a solid foundation is built on powerful risk-management. The message is simple. As a rule of thumb, when you cut your risk, you cut your losses and maximise profits.

The single most important thing an SME can do to minimise the risk of failure is to establish a risk management plan that identifies risks and nominates processes to deal with them. Failing to do so is like setting out to sea in an unseaworthy vessel – a bit of bad weather and you will be spending more time bailing than sailing, diverting sorely needed resources from the core business.

The list of business risks is extensive and can be broadly grouped under the categories of regulatory risk, market risk, credit risk and environmental risk but there are a few that are particularly prevalent among SMEs

Read more: http://www.smh.com.au/small-business/finance/risk-management-the-key-to-business-growth-20150123-12wmnw.html#ixzz3Peg36VLg

Risk management: the key to business growth



Business growth requires a solid foundation and a solid foundation is built on powerful risk-management. The message is simple. As a rule of thumb, when you cut your risk, you cut your losses and maximise profits.

The single most important thing an SME can do to minimise the risk of failure is to establish a risk management plan that identifies risks and nominates processes to deal with them. Failing to do so is like setting out to sea in an unseaworthy vessel – a bit of bad weather and you will be spending more time bailing than sailing, diverting sorely needed resources from the core business.

The list of business risks is extensive and can be broadly grouped under the categories of regulatory risk, market risk, credit risk and environmental risk but there are a few that are particularly prevalent among SMEs

Read more: http://www.smh.com.au/small-business/finance/risk-management-the-key-to-business-growth-20150123-12wmnw.html#ixzz3Peg36VLg

Thursday, January 22, 2015

Bank Robberies On the Rise.










Please keep yourself vigilance if you work with-in a financial institution and please remember your banks procedures in mind. Here is a Carolina List from the first of the new year.



Rose Hill Police searching for bank robbery suspect
WNCT-Jan 20, 2015Share
Police are searching for a man who robbed a bank in Duplin County Tuesday ... The Duplin County Sheriff's Office and North CarolinaSBI are ..




BREAKING: Bank Robbery has School on Lockdown while Police ...
WLOS-Jan 16, 2015Share
Police are searching for a man who robbed a bank in South ... at 12:48 PM of a bank robbery at the Bank of North Carolina located at 1999 ... He was last seen on foot heading north west towards West Summit Avenue.

Asheville police seek info in Friday bank robbery
WHNS Greenville-Jan 16, 2015

Georgetown
WBTW - Myrtle Beach and Florence SC-Jan 8, 2015Share
The most recent robbery happened Monday at PNC Bank on NCHighway 179 -- just 600 feet from the SC line -- at 5 pm, according to ... shirt and tie bank robber faces 2nd bank heist charge ...



Bank Robbery has School on Lockdown while Police Search for ...


WLOS-Jan 16, 2015Share


He was last seen on foot heading north west towards West Summit ... ASHEVILLE, N.C. -- A bank robbery at the Bank of North Carolina on ...





Police search for bank robbery suspect in Fayetteville
WNCN-Jan 20, 2015Share
North Carolina's flagship university is assuring that its top executives ... Fayetteville Police are investigating a bank robbery at the First Citizens ...

WTOK
Cefco employees charged in armed robbery
Meridian Star-12 hours agoShare
16 armed robbery at the Cefco located at 144 North Hills St. ... The most recent occurred Tuesday at Trustmark Bank at 612 Highway 19North.


Zebulon man accused of mortgage scam
WNCN-10 hours ago
Two former student-athletes at the University of North Carolina at Chapel Hill ... Ephraim D'Carus Smith was charged with one count ofrobbery with a ... The Commissioner of Banks revoked Cox's license as a mortgage loan ...



Police Arrest Man in Asheville Bank Robbery
WLOS-Jan 19, 2015
ASHEVILLE, N.C. -- The man police say robbed the Bank of North ... that's when they were able to link Benoy to the bank robbery in Asheville
Asheville man charged in bank robbery, attempted robbery at Walmart
WHNS Greenville-Jan 18, 2015
Explore in depth (5 more articles)


Second Wells Fargo bank in Raleigh robbed by similar-looking ...
WRAL.com-Jan 8, 2015
Raleigh, N.C. — Police said Thursday that a man who robbed abank in Raleigh's Cameron Village "closely resembles" the man they have ...

Bank robbery sparks lockdown at Buncombe schools
Asheville Citizen-Times-Jan 16, 2015
The robbery was reported at 12:49 p.m. at the Bank of North Carolina at 1999 Hendersonville Road, according to Sgt. Mike Lamb of the ...



Bank Robberies On the Rise.










Please keep yourself vigilance if you work with-in a financial institution and please remember your banks procedures in mind. Here is a Carolina List from the first of the new year.



Rose Hill Police searching for bank robbery suspect
WNCT-Jan 20, 2015Share
Police are searching for a man who robbed a bank in Duplin County Tuesday ... The Duplin County Sheriff's Office and North CarolinaSBI are ..




BREAKING: Bank Robbery has School on Lockdown while Police ...
WLOS-Jan 16, 2015Share
Police are searching for a man who robbed a bank in South ... at 12:48 PM of a bank robbery at the Bank of North Carolina located at 1999 ... He was last seen on foot heading north west towards West Summit Avenue.

Asheville police seek info in Friday bank robbery
WHNS Greenville-Jan 16, 2015

Georgetown
WBTW - Myrtle Beach and Florence SC-Jan 8, 2015Share
The most recent robbery happened Monday at PNC Bank on NCHighway 179 -- just 600 feet from the SC line -- at 5 pm, according to ... shirt and tie bank robber faces 2nd bank heist charge ...



Bank Robbery has School on Lockdown while Police Search for ...


WLOS-Jan 16, 2015Share


He was last seen on foot heading north west towards West Summit ... ASHEVILLE, N.C. -- A bank robbery at the Bank of North Carolina on ...





Police search for bank robbery suspect in Fayetteville
WNCN-Jan 20, 2015Share
North Carolina's flagship university is assuring that its top executives ... Fayetteville Police are investigating a bank robbery at the First Citizens ...

WTOK
Cefco employees charged in armed robbery
Meridian Star-12 hours agoShare
16 armed robbery at the Cefco located at 144 North Hills St. ... The most recent occurred Tuesday at Trustmark Bank at 612 Highway 19North.


Zebulon man accused of mortgage scam
WNCN-10 hours ago
Two former student-athletes at the University of North Carolina at Chapel Hill ... Ephraim D'Carus Smith was charged with one count ofrobbery with a ... The Commissioner of Banks revoked Cox's license as a mortgage loan ...



Police Arrest Man in Asheville Bank Robbery
WLOS-Jan 19, 2015
ASHEVILLE, N.C. -- The man police say robbed the Bank of North ... that's when they were able to link Benoy to the bank robbery in Asheville
Asheville man charged in bank robbery, attempted robbery at Walmart
WHNS Greenville-Jan 18, 2015
Explore in depth (5 more articles)


Second Wells Fargo bank in Raleigh robbed by similar-looking ...
WRAL.com-Jan 8, 2015
Raleigh, N.C. — Police said Thursday that a man who robbed abank in Raleigh's Cameron Village "closely resembles" the man they have ...

Bank robbery sparks lockdown at Buncombe schools
Asheville Citizen-Times-Jan 16, 2015
The robbery was reported at 12:49 p.m. at the Bank of North Carolina at 1999 Hendersonville Road, according to Sgt. Mike Lamb of the ...