Cybercrime watch: Three simple Quick Free Tips That Can Keep Your Cards Safe

Tip#1: Avoid Giving Your Card To A Server or Bartender

ess-food
Photo credit to Ian Arunga (https://twitter.com/arungaian)

Beware of your cashier. I have been skimmed before at an upmarket restaurant/bar/lounge in Westlands and I realized this is a pervasive problem. Evidence suggests that restaurants are now breeding grounds for skimming activity.

Tip #2 – Pay for your fuel in cash

Petrol station skimmers are found almost every day in petrol pumps but it’s the ones they don’t find that you should be worried about.  Pay for your fuel in cash and NEVER put your debit card in a gas pump.

Tip #3 – Supermarkets

skimmer 3.jpgThe next time you go shopping, be sure to pay close attention to the clerk who swipes your card.  Department stores can be potential hot spots for skimming because much like a restaurant or bar, it is not unusual for a clerk to leave your site to process the transaction, making the temptation greater, and the successful completion of the scam easier.  Sometimes a skimmer will pay an inordinate amount of attention to the number on your card, so if they seem to be staring as though trying to memorize your number, or examining it front and back as if they’ve never seen such wonders before, it would be smart to watch them closely.

 

 

Source: SignalVault and the Identity Theft Resource Center

 

Top 5 Legal Add-ons for lawyers

Friday, June 16th, 2017 time is 2pm I find myself clicking away on the google chrome homepage in the Apps section and I was amazed at the number of add-ons lawyers may not realize exist. I’ve aggregated them to what I call the top 5 add-ons for legal productivity. And they are:

  1. Lexbox

Lexbox pic

Lexbox helps you organize and monitor your online legal research. It enables you to assemble in one central location relevant legal information from various online sources and to create personalized alerts. Lexbox is your legal research workspace.

Lexbox is the online version of your “legal research folders”. It allows you to organize links to legislation, case law, and webpages by file folders, and assist you in keeping this information up to date. Lexbox has the capacity to generate alerts when new legal research results become available, when cases get cited or when legislation is amended. It also keeps track of your online legal research sessions for invoicing purpose, or to recover missed items. It has the capacity to export this history, as well as stored research items via lists of authorities.

Lexbox currently supports 8 legal research websites with advanced features: CanLII, the Supreme Court of Canada decision website, Federal Court of Appeal decision website, Federal Court decision website, the Tax Court of Canada decision website, the Canadian Federal Legislation website, Ontario’s E-Laws, and the BC Laws website. A bookmarking functionality is also provided to store webpages from any other site.

Features List:

-Save, monitor and email cases, legislation and webpages

-Save frequent search queries and get alerts for new results

-Get citation alerts and track impact of cases over time

-Get modification alert when legislation is amended

-Create, edit and delete research folders

-Add personal notes to folders and individual items

-Track your online research history sessions

-Export lists of authorities

To get started:

-Install the Chrome extension

-Create your account at https://app.mylexbox.com/#/signup

-Visit one of the supported websites at http://lexum.com/en/products/lexbox/#supportedwebsites

  1. Blueline fetch: Quickly Fetch Legal Citations

Blueline Fetch pic

BlueLine Fetch reads your clipboard, finds citations and queries Westlaw, Lexis or Scholar. By using a hotkey, you can fetch citations from anywhere on your computer, even without a Chrome browser open.

The program has a handful of modes and additional features including google searching, multi-mode for batch downloading, quick mode to minimize clicks, name recall, context menu support, and the ability to search for cases by name or opinion text among the cases you recently viewed.

  1. StudyBlue

Studyblue pic

Study millions of student-authored explanations for your classes, or create your own. For free!

Features StudyBlue students:

  • Create, study and share your own digital flashcards for free

  • Customize your study materials with images and audio

  • Quiz yourself, track your progress and set study reminders

  • Access study materials seamlessly across desktop and mobile devices

  • Copy and edit flashcards you like to make them your own

  • See flashcard recommendations tailored to your studies

  • Get fast answers with Homework Help and easily turn them into flashcard decks.

  1. Bundledocs

bundle docs pic

Effortlessly Prepare Quality Legal Briefs, Court Bundles, And Booklets In Minutes. Create, Customise, Print Or Securely Share.

As every lawyer knows, a well prepared brief is an important aspect of any case. However, the problems with preparing legal briefs have not gone away and their preparation can still cause many a late night. Lawyers and legal teams can spend countless hours copying, assembling, indexing, paginating (numbering) documents for court. With Bundledocs these problems are a thing of the past…

Bundledocs is designed to help legal professionals quickly and easily create court-ready legal briefs. With this intuitive software, lawyers no longer have to outsource tasks or waste valuable time creating briefs.

Our cloud based solution (also available as an on-premise solution) means that legal teams do not need to invest in any hardware or software. It’s simple. Users simply logon to their unique account and begin creating briefs immediately.

Bundledocs brief builder software is an all-in-one solution used to create: litigation briefs, trial bundles, court bundles, commercial deal bibles, e-briefs (electronic bundles), report books etc.

Website

http://www.bundledocs.com/

  1. Docusign

Docusign pic

Send docs for electronic signature, or add your own signature in minutes. Sign PDFs directly from Google Drive or Gmail. Need others to sign? DocuSign also makes it easy for you to send out documents for signature.

Key features of DocuSign for Google Drive:

1) Send and Sign from Gmail and Google Drive

  • Right-click on any of your files to send with DocuSign. Guide signers with clear fields to complete the document. Send quickly to signer’s email inbox.

  • Are you the only one signing? Sign unlimited documents for free on your account.

  • Need others to sign? Your first 3 signature requests are free.

2) Store securely in Google Drive

  • Completed documents are automatically returned and stored for you, making for easy retrieval and organization.

3) Real-time status updates

  • Timestamps will show you when your signers have opened, viewed, and signed your documents.

4) Access account from any device, anywhere

  • DocuSign works with any device so that you can sign and send on the go

DocuSign provides a simple and secure way to electronically sign documents and collect signatures from others. Install the Docusign for Google Drive app today and eliminate the costs, hassle, and lack of security in paper-based transactions. With just a few clicks you can sign and send any document for signature right from Google Drive or Gmail.  No printing, faxing, scanning, or overnighting required. Once you’ve tried DocuSign, you’ll wonder how you ever got along without it! DocuSign is the most widely used eSignature platform in the world, and is trusted by millions who have DocuSigned in 188 countries. It is used in nearly every industry and department, including finance, legal, human resources, sales, real estate, healthcare, and many others.

Want to learn more about our advanced features? Go to http://www.docusign.com.

Case Law: Employers have no claim to property in e-mails or the content of e-mails sent by employees from the employer’s email accounts

Confidential information — Breach of confidence — Employment — Claimants seeking injunction requiring former employees to forward copies of e-mails received whilst employed — Whether e-mails and/or their content claimants’ property — Whether claimants entitled to relief

Capita Plc & Anor v Darch & Ors, Court of Appeal – Chancery Division, May 26, 2017, [2017] EWHC 1248 (Ch)Capita issued a claim, alleging that the Darch, their former employees, had acted in breach of express and/or implied terms of their contracts and also that they had acted in breach of confidence by extracting, receiving and misusing the Capita’s trade secrets and confidential information and infringing Capita’s rights in its database.

Capita issued a claim, alleging that the Darch, their former employees, had acted in breach of express and/or implied terms of their contracts and also that they had acted in breach of confidence by extracting, receiving and misusing the Capita’s trade secrets and confidential information and infringing Capita’s rights in its database. Capita sought damages and delivery up of all documents and other records belonging to them. Capita applied, for an order requiring that Darch forward to their lawyers’ copies of all e-mails that they had received into any personal e-mail account from Capita’s e-mail accounts.

On the application and the question whether an employer had a claim to property in e-mails or the content of e-mails that were sent by employees from the employer’s email accounts, it was held that the e-mails and/or the contents of the e-mails were not the Capita’s property. Accordingly, they were not entitled to the relief sought.

Full case can be found here

Dubai’s cyber security strategy

His Highness Sheikh Mohammed bin Rashid Al Maktoum, launched the “Dubai Cyber Security Strategy” aimed at strengthening Dubai’s position as a world leader in innovation, safety and security.

The plan focuses on five main domains*;

  1. A cyber smart nation aimed at raising public awareness on the importance of cyber security, ensuring building a society that is fully aware of the dangers of cybercrime, as well as developing the skills and capabilities required to manage cyber security risks among government and private institutions and individuals in Dubai.
  2. Innovation in the field of cyber security, and the establishment of a secure and safe cyberspace characterized by freedom and justice, so as it encourages innovation in Dubai.
  3. Building a secure cyberspace “Cyber Security” by establishing controls to protect the confidentiality, integrity, availability, and privacy of data; and
  4. Maintaining the flexibility of the cyberspace “Cyber Resilience” and ensuring the continuity and availability of IT systems in cyberspace. These objectives can only be achieved through the national and international collaboration among different sectors, and thus, the fifth domain is concerned with this aspect.

The next phase will witness a number of effective initiatives that will contribute to achieving the strategy’s objectives and providing a secure cyberspace for users, making Dubai’s cyber security experience a global model.

*From the Dubai Government Services Directory

Intelligent search in legal Knowledge Management

CaptureSearch is vital in the modern law firm. The ability to find information quickly and efficiently contributes not only to business success but also to work satisfaction. We’ve all been frustrated at some point when we’re looking for a case, or a research point but no good leads show up. On close of business, it’s much more satisfying to look back on a productive day where you actually finished a project instead of contemplating a day where you found yourself constantly impeded by the lack of necessary information and your productivity diminished by fruitless searching.

Pre-internet, pre-web, pre-mobile…..pre-everything!

In our youth, the only recourse was a set of encyclopedias our parents had been cajoled into buying. We would drag out the large, heavy books just to clarify that Rome is the cap­ital of Italy.

Today, of course, there’s no need to pull a volume of an encyclopedia off a shelf or even leave the room to find answers. In much more subtle fashion, you can simply look down at your phone to search for answers to factual questions. Google and Wikipedia have certainly redefined what it means to search. However, we tend to search because it is easy to do so. A primary reason for Google’s phenomenal success is its vaunted ease of use. Typing relevant keywords is enough to quickly get meaningful results – why bother with hard texts when you can get answers online? Why do physicians not use medical literature, rather than relying on the drug company salesman for information about a new drug? By no means do I imply that fast and easy is best. But only that fast and easy is often “good enough”.

Search has gone mainstream. People search sports and entertainment or to locate a retail store or book a hotel. The reality is that the simplistic notion of search does not carry over particularly well to finding information essential to doing your job.

Who cares?

Recently a colleague reached out to me looking for reading material in a certain area of law. The topic was from a 1942 case. Her issue was that she didn’t just want the 1942 case; she wanted 5 recent cases that reported on the topic, as well as articles. Her initial searches did not yield anything relevant, not even the 1942 case; and she’s not alone. Many lawyers find themselves frustrated when they can’t find the desired information in an immediate way because of how current search applications are designed. They involve typing keywords into a search engine via a browser, at least with respect to online resources outside the firm. Further, internal search applications are complicated by the need to search both structured and unstructured material and the fact that an internal search platform is either non-existent or relatively user unfriendly as compared to the internet.

Certainly the integration of search into the daily lives of most people supports the argument that while search is important to what we do, it certainly does not lead, without more, to anything like a competitive advantage, either personally or for your employer. Why? Because everyone is doing it (perhaps not skillfully) – moreover as more millennials enter the workforce, many have been doing it for quite some time.

But as a Knowledge Management strategy, search is not a “one off” tactical activity whose goal is to find pieces of information and call it a day, but rather a more strategic activity whose objective is to add search results to an evolving and organic narrative around an area of law. It is the ability to plug search results into a narrative, one that provides a holistic context.

Despite the enabling technologies now available, implementing a KM strategy that is viable and market differentiating remains a challenge because of the 3 Ps; people – which requires changing employee thought patterns and behaviours, process – the creation, maintenance and usage of a knowledge base (that is how the initiative is actualized) and the platform – the set of technologies that is leveraged in the actualization and its inherent characteristics such as accessibility, availability and reliability.

Legal KM is here to stay

735e9448-19a3-4a3b-8319-1a8bde400f62Legal Knowledge Management (LKM) is here to stay. I remember when I first joined LKM and guys just couldn’t understand what it is I do. I was in the library, ensuring statutes are up to date, cajoling lawyers to keep up with their CPD points, organizing trainings and lawyers meetings, lots of legal research – at first glance you’d think it just administrivia going on right? Wrong! This perception couldn’t be any further from reality.

So in this post, I offer some realities.  As LKM professionals we see ourselves not just as legal librarians sitting in the cornermost part of the office, but as gatekeepers of knowledge. We smartly capture and curate legal know-how to enable its re-use seamlessly.

First LKM boosts lawyer productivity, a key ingredient to deliver better value. Think of productivity in the common sense of the word i.e. output per hour as opposed to billable hours per year.

Then there’s LKM technology. For large practice firms, efficiency is king. In my previous role I used Contract express, a document assembly application on a daily basis and through a base template, I was able to churn out documents in minutes saving myself and my fee earner colleagues’ time to do more substantive work. Other applications complimented this such as Sage for my HR issues or Maconomy for time recording and billing. Legal tech and LKM are now symbiotic in that one cannot exist without the other. A survey done by Mitratech, an enterprise legal software provider, found that law firm spending on LKM technology will grow at 18% for the next few years. A high growth rate compared to other categories of software.

You may be surprised at the breadth of what LKM professionals do. Initially the focus was mainly on creating precedent and taxonomies and building both digital and physical libraries. Now the LKM toolkit is largely digital with innovations in AI, search, document assembly, social media integration into existing legal software and mobile applications for remote access to a knowledge database being some of the hottest trends right now. While the LKM toolkit grows, so does the remit of LKM professionals. Today, many support alternative fee arrangements, process improvement, and legal project management.

For in-house lawyers, LKM can improve efficiency of their own lawyers. And it can avoid paying law firms to do the same work more than once. Law firms can also improve efficiency. Plus firms can use LKM to improve their service delivery, perhaps the only sustainable way to differentiate today.

Your device, your privacy: the who, what and the how of mobile privacy

Lest we forget, digital secrecy does not exist. We may not realize it but we are kept on a close electronic leash and tracked, followed, observed and monitored on a very large scale and we are actively participating in this through our use of mobile phones.

Before you write me out as some paranoid cyber security lawyer, be aware that your personal data, behaviour, tastes and relationships form the basis of the economic models adopted by the free app providers making your information even more lucrative. With an attention span shorter than a Goldfish, we don’t bother going through the End User License Agreements, it’s just a pain.

So you go about your normal day sending business and personal e-mails, downloading apps, or updating your social media status, a little pop-up appears that has nothing to do with what you’re actually doing. Then it dawns on you. You may have seen this product page before. A simple search you did in the past has come searching back for you.

Accessing user information both for legitimate and malicious purposes is no longer uncommon in the digital age, where you do just about everything using a mobile device. But can breaching one’s privacy be stopped? What should you do to protect your privacy from mobile threats like this?

  • Who

The right to mobile privacy

We all have the right to privacy. But this easily gets violated whenever someone tries to access our personal information on any platform, without our consent or any given lawful reason. Breaching could be as simple as a friend spying on your social media account to marketing agencies deliberately studying the types of websites you visit and barraging your inbox with unsolicited alerts or offers.

With everything going mobile these days, it’s not surprising that some, if not most of us, often disregard the value of privacy. Sometimes, we ourselves, enable ‘data leaks’ failing to log out of sites leaving cybercriminals more than happy to take advantage of our oversight.

In social media alone over-sharing has become a springboard for more severe types of cybercrime like identity theft with the creation of a number of malicious apps engineered to steal sensitive user data.

  • What

Your device settings

Your default device settings serve as suggestions you can use to increase protection. By familiarizing and modifying these settings to suit your mobile needs, you can be assured that no one has easy access to your mobile device. Getting familiar with these settings could gain you more security.

Visiting malicious sites and drive-by downloads

Symantec security defines a malicious website as a site that attempts to install malware (a general term for anything that will disrupt computer operation, gather your personal information or, in a worst-case scenario, gain total access to your machine) onto your device. Malicious websites often look like legitimate websites and sometimes ask you to install software that your device appears to need.

Drive-by downloads are malware that can be installed on your device simply by looking at an email, browsing a website or clicking on a pop-up window with text designed to mislead you, such as a false error message.

So don’t open that email or click on that pop up message if you think it is malicious; guys, there’s no swimsuit model in Russia who thinks you’re hot – trust me.

Your mobile behaviour 

Owning a mobile device gives you the freedom to access the online world more frequently. But does it change your behaviour when it comes to security? This freedom often makes mobile users more vulnerable to threats through mobile activities like social networking, shopping and banking.

Cybercriminals are stepping up the production of threats that affect social networking sites, online stores, and even banks—and they won’t just stop at creating apps that could easily be mistaken for legitimate ones.

Why – money is the driving force

Mobile devices have impressively centralized one’s online activities. But at the same time, it has opened doors to vulnerabilities exploited by cybercriminals driven by one agenda: money.

Kenya Cybercrime firm Serianu estimates that Kenya lost more than KES 17 billion to hackers in 2016. Not only did the number grow, the sophistication and capabilities associated with these threats grew as well. Cybercriminals are always on the lookout to steal information stored in smart phones and tablets that can be used for profit.

How

apps.jpg

They’re called free apps for a reason

It is so easy to get lost in the number of free apps you can download these days. One click and you can enjoy the game everyone is talking about or that app that filters your photos to the stone age. But remember that there’s always a trade-off. If they don’t charge you for using their app, chances are they could be earning by reselling your personal information. How about that!

Device loss or theft

No matter how careful you are with what you store in your mobile device, once it gets lost or stolen, you have little to no control over what happens with the sensitive files or data you have in them.

End-User License Agreements (EULAs)

EULA.png

You know that little checkbox you click that says you’ve read the terms of the agreement? That’s what the online service developers use to look out for themselves, they’re called EULA’s. You see it on the terms they ask you to agree with that they can change at any time, with or without notice. Before saying yes to these EULAs, you should read up and familiarize yourself with what’s stipulated. You may end up allowing them to sell your photos, track your online activities or hand over information to authorities without your knowledge.

Bring Your Own Device (BYOD)

Employers are now turning the tide with regards to personal devices for work related activities. Companies are now investing in their own devices and top of the range anti-virus software to curb the menace associated with BYOD. But if your organization allows you to BYOD, be wary since even a company’s IT policy could mean giving your IT department access to your personal files and information.

Anyone could fall victim to cybercriminals trying to breach your privacy. But there are still stops you can pull to prevent this.

General Checklist:

  • Configure your device’ privacy and browser settings to control the amount of information it shares.
  • Activate screen locks and passwords to minimize chances of hacking and change passwords every three months for security.
  • Refrain from storing compromising files (photos and videos) you’re not comfortable with on your device
  • Clear your mobile browser cache regularly to avoid data leakage and information-stealing malware. Constantly monitor your app and account settings to make sure sharing and connectivity are secure. For the less tech savvy, I would recommend theClean Master App. A few clicks and you’re safe.

Get rid of apps you don’t use

  • Download only from trusted sources like the developer’s website or from Google Play. Remove apps not in use.
  • Always check the app’s permissions to ensure that it doesn’t perform functions outside of its intended use.
  • Use your mobile browsers’ private browsing settings, especially for sensitive transactions like online banking.

Device Loss or Theft Readiness

  • Take note of your account credentials or make use of a convenient password manager when the need to reset them arises.
  • Backup files with irreplaceable information in the cloud.
  • Prepare to contact the authorities, your service provider, and concerned organization to avoid the malicious use of your identity and to block bill charges.
  • Sign up for a reliable remote service that allows you to find, lock or wipe your device when you need to.

Check your BYOD Agreements

  • Are you required to produce personal devices for forensic analysis?
  • Does this apply to devices shared with other family members?
  • Who can access personal information stored in your device?
  • Can your company track your location? Is this a requirement? Do they have notifications if the need for this arises? Under what circumstances?
  • Are your personal online activities monitored? Are these systems active outside regular work hours?
  • Is this information retained when you leave the company?