KC News

Phishing Warning from Network Solutions

Here's a warning that Network Solutions is sending their customer. It warns them about a "phishing" scam pertaining to domain registrations:

We've recently become aware of a phishing scam targeting domain name customers of a small number of registrars including Network Solutions(R).

Phishing is the practice of luring unsuspecting Internet users to a fake Web site by using an authentic-looking e-mail in an attempt to steal passwords, account information or other sensitive data.

At this time, we know that fraudulent e-mails are being sent to some domain name customers, regardless who the registrar of record is, which include links to sites that look like networksolutions.com or other domain provider
sites; however they are fake Web sites.

These e-mails are attempting to capture login information. For more information and tips on identifying phishing scams, please visit our blog at www.blog.networksolutions.com/.

If you believe you have received an e-mail of this type, have clicked on the link, and provided your login information, we recommend the following for security
purposes:

1. Log in to your account from the Network Solutions Web site.
2. Review your account information for accuracy
3. Choose a new password security question and answer
4. Change your password


So there you have it. I'll just add that if you use THUNDERBIRD as your email software it will actually warn you that these emails are fraudulent.

And finally here are some links with further details.

New Phishing Hits Domain Owners Accounts At eNom, NetworkSolutions

Network Solutions Phishing Alert : Please watch for emails like this

Network Solutions Proactive in Fighting Recent Phishing Attack


Testimonial from Client ranked #1 on Google Search

Here's a great testimonial from a client of ours, copywriter Bonnie Ayers Namkung, who is currently ranked at #1 on Google: They can't promise it, but Kahl Consultants did their SEO (Search Engine Optimization) magic on my site and now I come up #1 in local searches. Alex and his team are also generous with advice. They told me additional ways I can keep my site's search ranking high.

Thanks, guys!

Bonnie Ayers Namkung

www.banamkung.com

*A Bay Area Green Business*

Here's the Scoop on "SEO" and how Kahl Consultants does it.

Like all marketing, online marketing and website promotion in particular should be an ongoing effort. Focus your efforts on the rule that says "Content is King" and create valuable unique copy for your website. Then use SEO to get more traffic.

Kahl Consultants offers our clients a variety of SEO packages for very reasonable rates. Here are two examples:STARTER SEO/SEM PACKAGE

Our STARTER PACKAGE gets you started to help you increase your ranking and traffic.

The Kahl Consultants SEO STARTER PACKAGE includes the following one time web marketing services:

1. Consulting related to online marketing and integration of online and offline marketing efforts

2. Consulting related to corporate identity, branding, marketing to client target audience

3. Web site analysis and traffic analysis

4.Optimize Meta Tags in your source code (DESCRIPTION, KEYWORD, etc) and TITLE tag with keywords, add additional tags for search engines

5.Edit home page text content to maximize search engine rankings (E.g. do keyword research to optimize text and tags with keywords)

6.Register with popular SEARCH ENGINES and Directories (Google, Yahoo, MSN, AOL, ASK, DMOZ, etc)

7.Register with relevant local search engines and directories (E.g. Get listed with online yellow pages, local and regional business directories, etc.).

8.Register with relevant industry search engines, directories, and industry portals

9.Recommend options for external paid registration services (paid placement and pay-per-click marketing such as google adwords paid separately)

10.Provide client additional marketing recommendations (including content improvement, articles, blogging and social networking advice)

ANNUAL SEO/SEM PACKAGE

Like all marketing, website promotion should be an ongoing effort.

Our ANNUAL PACKAGE is a detailed marketing campaign integrated in your existing marketing plan which maintains and builds on your existing promotion and helps increase your ranking and traffic.

The Kahl Consultants SEO ANNUAL PACKAGE includes the following web marketing services:

1. Consulting related to online marketing and integration of online and offline marketing efforts

2. Consulting related to corporate identity, branding, and focussed marketing to customer target audience

3. Web site analysis and traffic analysis

4. Analyze marketing plan, budget, requirements and existing marketing and advertising efforts

5. Update and reoptimize meta tags and title page text (E.g. do keyword research to optimize text and tags with keywords)

6. Register with top search engines and directories

7. Register with local search engines and directories

8. Register with industry search engines, directories, and portals

9. Recommend options for external paid registration services (paid placement and pay-per-click marketing such as google adwords paid separately)

10. Exchange links with other sites

11. Create social networking pages for client to promote their website, service and/or product (e.g. build a squidoo lens)

12. Include additional content on relevant social networking sites (e.g. LinkedIn, facebook, myspace, flickr, youtube)

13. Add descriptions, recommendations and reviews to relevant business directory websites (e.g. yelp, insiderpages, yahoo local)

14. Locate relevant and beneficial forums for client to participate in

15. Provide client additional marketing recommendations (including articles, blogging and email marketing advice)

If you would like further details check these links:

Kahl Consultants SEO Packages

Site Submission Tips

Multiple Submission and Online Marketing Tips

HIPAA, Websites and Email

HIPAA

HIPAA security rule enforcement is on the rise. HIPAA is the Health Insurance Portability and Accountability Act. This law regulates the privacy and security of individually identifiable patient information.

HIPAA affects any company that regularly transmits or stores employee health insurance information (e.g. healthcare providers, health plans, healthcare clearing houses). Even organizations outside the heathcare industry must consider regulatory compliance requirements associated with HIPAA and implement "appropriate administrative, technical and physical safeguards to protect the privacy of patient information".

See also:

http://en.wikipedia.org/wiki/HIPAA

PHI

Protected Health Information (PHI) is "any information which identifies or could be used to identify an individual and has anything to do with past, present or future physical or mental health conditions, care or payment for care".

HIPAA and Email

HIPAA privacy provisions pose a compliance challenge. Organizations that fail to protect this information face stiff fines and possible jail time.

The privacy of PHI extends to email and computer files. HIPAA requires organizations to reduce or eliminate the risk of interception of emails and receipt of emails by unauthorized persons.

A new security rule focusing solely on PHI that is stored and transmitted electronically is part of HIPAA. The requirements of this rule, which are simply information security best practices, focus on the three cornerstones of a solid information security infrastructure – confidentiality, integrity, and availability of information.

HIPAA enforces well-known best practices that include:

* Ensuring that e-mail messages containing PHI are kept secure when transmitted over an unprotected link

* Ensuring that e-mail systems and users are properly authenticated so that PHI does not get into the wrong hands

* Protecting e-mail servers and message stores where PHI may exist

So HIPAA has requirements for transmission, storage and discoverability of private information (PHI). The technical standards of HIPAA's security rule require the use of encryption, such as PGP, for electronic communication of protected health information over open networks.

What Do We Do?

So what does your organization need to do about HIPAA?

Most likely you will be doing these two steps:

1) use a secure server for your website. Rather than emailing PHI data send links to the secure server.

2) set up encrypted email via PGP.

Still not sure what you need to do for HIPAA? Look here for answers:

H&HS Office for Civil Rights - HIPAA

http://www.hhs.gov/ocr/hipaa/

 

H&HS HIPAA FAQ

http://www.hhs.gov/hipaafaq/

 

California Office of HIPAA Implementation

http://www.ohi.ca.gov/

Email Tip

Many healthcare professionals add postscripts to their email signature lines. They are for the security of protected health information

 

Here is a HIPAA compliant example:

 

First Name Last Name

Organization

This email address is being protected from spambots. You need JavaScript enabled to view it.

w xxx.xxx.xxxx

p xxx.xxx.xxxx

c xxx.xxx.xxxx

http://example.com

This message may contain private information for persons named above. Please don't share that information with anyone without a need to know. If you received confidential information without a PGP wrapper, assume it was compromised, delete it, tell the sender, and try to tell the victim. Please don't send someone else's private information if you're not reasonably certain the recipient has a need to know and that the message will be kept private. Plain email is not private. In some cases, such as health information protected under the US HIPAA law or information protected under the US Privacy Act, plain email may be illegal. If you must relate a person's identity to their private information in email, use Hushmail or insist your recipients provide you their PGP public key. You can get my public key from the keyservers or my webpage.