Preparing Your Small Biz for the New Year

If you’re a business owner, it’s as important to review the year that’s ending as it is to prepare for the new year to come. For the last few weeks, I’ve been touching on some key activities to be sure all loose ends are tied up before the calendar turns.

– Taxing Matters: I’ve done a tally on this year’s numbers, hunted and gathered documentation for deductions, assessed how to best round out charitable giving as well as any last business purchases for attribution to this year’s return and made sure all clients have a copy of my 1099 and are current on payments. I’ve also soaked my mind in some helpful articles to spark final smart moves in these last days of the year.

– Year in Review:  As I look back on a blessedly successful year, I’ve made note of the “Best Of” projects to help me determine where to focus my energy going forward. Defining my “Best Of” projects as those that blended passion and profit, I’m honing my expertise and narrowing the promotion of my business to hit more “Best Of” targets in the year to come. This process is helping me better define and articulate what I do—and what I don’t want to do, as well. Hopefully, I will have so many preferred projects that fillers simply won’t be necessary.

– Electronic Decluttering: I’ve been cleaning out my inbox! Since things slowed a bit over the holidays, I’ve taken time to click “Unsubscribe Me” (rather than hitting “Delete”) on the bevvy of emails I’ve somehow subscribed to over the years. I’ve also bowed out of some LinkedIn Groups that I clearly lost interest in, nixed a couple Google alerts I set up long ago, and I purged my email marketing list. I’m looking forward to spending less time fussing with unwanted messages; what a relief!

– Putting the “New” in New Year: I’ve pegged a couple of new endeavors I want to devote time to in the new year. These endeavors are extensions of the “Best Of” biz projects I just mentioned, and my hope is to launch them as fresh revenue streams and an outgrowth of that honed expertise I’ve been defining. To that end, I’m squaring a little time during this relatively quiet holiday week to create some marketing materials to make my first steps in these new directions as effective as possible.

Suffice to say, all these tasks require revisiting throughout the year. I do my fair share of defining, determining, decluttering and endeavoring every month of the year. What about you? What’s on your To Do list as we prepare to welcome a new year?

Thanks for reading…and Happy New Year!!!

Advertisement

Three Essential Truths for Independent Business Owners

I recently participated in REBarcamp, an intensive day of knowledge-sharing sessions for those in the real estate industry. Topics ranged from digital marketing and social media to HUD info and business development. As a sponsor of the event for my new biz, QRHere, LLC, I led an educational session on the use of QR codes for real estate and otherwise took the chance to better understand the perspectives of real estate pros.

It was interesting to be in the mix as a voyeur—a non-real estate type whose roots are in the more traditional business world—yet see how the needs, interests and experiences of all independent business people run parallel. Here are three transcending truths I was reminded of by spending the day at REBarcamp.

1 – Independent business people often do it all until they can’t do it all.

When you’re initially building your business, you often have to be jack-of-all-trades. You are COE—Chief of Everything, pouring yourself into every aspect of the business every day…and every night. That arrangement holds until the well runs dry, and you simply can’t do it anymore. At that point you either retool the biz model and get help, begin your exit strategy or just limp away in utter fatigue.

The lesson: Hiring help is an investment in your business that may prevent you from wearing out or giving up.

2 – Independent business people need to know what they don’t know.

You aren’t the omnipotent deity of your business. You may know a little about a lot of things,  but you’re only a subject matter expert on maybe three topics at best. You have to be honest about where your knowledge is thin, lest you become the biggest obstacle on your path to success.

The lesson: Know what you don’t know, then get to know who knows what you don’t. This will help you hire the right help, as mentioned in the previous point.

3 – Independent business people need to define what “success” is to them.

So you get the biz going, hire help, make good money and are your own boss. Is that it? Is that your goal? If it is, then good for you; now just keep going. If not, then it’s essential that you step back and determine what success really means to you. Otherwise, you’re running on a hamster wheel of your own making. Which is pretty much like running on a hamster wheel of somebody else’s making but with more complicated taxes.

The lesson:  Only you can know what constitutes victory, contentedness and bliss for you, so don’t let the idea of ‘being your own boss’ become the boss of you.

My takeaway from REBarcamp? I’m examining the idea of hiring help by first focusing on the key areas where I know what I don’t know. Also,  I’ve renewed my perspective on where this whole ship is heading just to make sure I’m charting the right course to my personally defined “success.”

Fellow Small Biz Big Timers, what’s your take on these three points? Do tell, either by commenting here or by posting over on the Facebook group page.

THANKS for reading!

Don’t Baby Your Biz: Maintain Objectivity to Take Your Small Biz Big Time

When’s the last time you had to diaper your business? Rock it to sleep? Give it positive affirmations so it would grow up with healthy self esteem?

Exactly. Your business is near and dear to you, yes. But it’s not a baby, so stop treating it like one.

When it comes to your small business, you must always act as an investor and a manager…not a nurturer. Investors and managers look objectively at all aspects of a business. They make smart decisions to support goals for market penetration, revenue growth and innovation. Investors and managers don’t get tangled in personal sentimentality when reviewing the books, productivity or the bottom line.

I’ve seen many business owners who inadvertently fall into the “nurturer” mode. They get so close to their operations that they become parental over the business—overly proud and protective—and lose objectivity. “I don’t care that there are 17 competitors in the market doing it better and faster, my business is special. How can any customer not love my business?!”

Recently, I connected with a fellow with a web-based start-up company. He was looking for help with branding and online promotion, and I’d come recommended to him for those tasks. Within the first 10 minutes of the conversation, I knew I’d be declining this ‘opportunity’, as it was abundantly clear this fellow was acting more like a proud papa than a discerning business person.

First of all, the business idea was not at all unique, yet the owner spoke as if it were the greatest idea since sliced bread. He blew off the full grown businesses already doing what he was setting out to do in the market, acting as if his bald, fussy infant of a business would top ’em in no time. Then he shared that he’d already dissolved relationships with two other marketing professionals because he had been displeased with their creativity.  That’s the “only what’s best for my baby” syndrome. I felt like he was looking for a nanny, not a business partner.

As I looked at that prospect, I thought like an investor. Was that idea one that I believe in enough to devote my time to, regardless of the immediate pay that might be involved? With all the other work on my plate, would I really want to carve part of my time to participate in the development of this business? “No” was the answer on all accounts; I want to work on business that calls upon my branding leadership, not my babysitting skills.

I haven’t blogged in a long while because I’ve been in the throes of launching another new business and have really had to focus my time accordingly. Early on in this new endeavor, I pitched to some investor groups as I sought options to fund the business. Though I was ultimately able to bootstrap the launch, I can’t hardly begin to place a value on what I learned by presenting to investors.

Of course, I’ve been enthused by the prospect of this new biz, and I can sing the praises of my idea all the livelong day.  However, investors demand to know how the idea will make money in the short and long term; they demand to know the competitive landscape and the model for sustained success. They have to know that you’ve thought 20 steps ahead and sussed through potential barriers and problems to market entrance and progression. in presenting to investors, I had to think like them, and that served me and my business idea very well.

Trust me, I know that owning a business is an innately personal endeavor. You live and breathe it, pour your thoughts, creativity, energy and money into it, and you often align your identity with its success…or its struggles. You and the business you own are often perceived as one in the same.

Though the world may not see a discernible demarcation between the business owner and the business itself, you’ve got to keep a clear perspective. Business is ultimately just that..business. Unless you count becoming overly emotionally involved in your work as part of being successful, don’t hold your business tight against  you like a helpless baby. Like an investor, question everything, then groom your biz, grow it and make it work for you. If the biz doesn’t perform, let it go, and find the next opportunity.

That’s how to take small biz big time!

Thanks for reading!

 

 

 

 

Beware the Self-Proclaimed “Serial Entrepreneur”

Have you ever met anybody who uses the term “Serial Entrepreneur” as a job title?  I’ve seen many humans use that self-proclaimed moniker lately, and frankly, I’m not impressed.  Even if they leave off the tongue-in-cheek “Serial” and just go with “Entrepreneur,” I’m still led to yawn.  What kind of title is that?  What does that really mean?

I contend the real entrepreneurs, those who are worthy of the moniker, are those who first and foremost identify themselves otherwise.  Retailers, bankers, moms, IT specialists, repairmen, marketers,  mechanics, programmers, clerks, managers, analysts, artists, healthcare providers—whatever…  The real entrepreneurs have enough work-a-day world perspective to know how to identify market problems and create solutions and have likely done so in the context of their jobs all along.

While I acknowledge that some professionals are flat-out gifted in the creation and launching of businesses, I find those touting the “Serial Entrepreneur” title are typically motivated by self-promotion—not by providing practical solutions for marketplaces in need.  “Serial” implies “compulsive,” “predictable” and “redundant.”  Those aren’t exactly the qualities desired in someone who’s going to foster new directions for business or invent something I’m led to buy. While so many of those “entrepreneurs” are tweeting about their latest “ideating and innovating,” there are some hard workers with their sleeves rolled up, tinkering on the next solutions and inventions that we’ll all be buying.

In the last two years, I’ve discovered my inner entrepreneur.  I’ve transformed from “employee” to “business owner.”  I’m starting new endeavors—yes—but I have no desire to be titled an “Entrepreneur.”  The endeavors I’ve started are born of my intimate understanding of marketing and my ability (based on experience) to create solutions for my clients’ needs.

As for that idea of “serial entrepreneur”?  I figure if I’m any good at this entrepreneur thing, there will only be so many times I have to attempt it.  I want to build businesses that bear fruit long term—because the solutions I provide are so undeniably helpful and important to customers.

Beware those who trumpet their “Entrepreneur” titles too loudly.  Those who actually qualify for the title are too busy working, managing, researching, testing, checking and reworking to toot their own horns.  But keep your eyes open for those hard-working types; they’ve got the next Big Thing you’re gonna want or need!

Thanks for reading!

The “Getting Paid” Series: How I Decided to Take a Case to Small Claims Court

I did it.  I took a rogue client to small claims court and won a favorable judgment.  It was kinda awesome.

Though I’m enjoying my moral victory, I still have yet to see a dime of what the court of law decreed I’m owed.  Not to mention, I’ll never earn back the value of the time I spent preparing to present my case in that court of law.

Still, I believe the effort was worth it in my situation.  I also acknowledge that, had some things been different, it would not have been worth the time or mental energy the process demanded of me.

Here are the key factors that helped me decide to file claim.  If you’re dealing with a non-paying client or customer, compare notes with me, and see if these points help you make a decision to take action.

– I deserved to get paid what I was owed. I did a really strong job on this month-long assignment.  I went the extra mile…or two or three…to get things done.  In the midst of the business, the client had relied on me profusely and praised my “professionalism” and “responsiveness.”  My work brought positive results that I had fully documented and presented to the client.

Why does all this matter?  It mattered because I knew I could stand in a court confidently.  Sure, the client would’ve owed me even if I’d simply met expectations; that’s how these things are supposed to function: you work, you get paid.  Yet knowing full well that I’d exceeded expectations bolstered my fortitude.

– It was just enough money to be worth the effort. While I’d earned every dollar owed to me, I knew the process of filing claim and following through was going to be time and energy consuming.  I had to really assess if the amount I’d potentially receive would be worth the effort.  I determined the owed amount was substantial enough to pursue, yet not enough to retain an attorney to help acquire it.  I opted to go it alone in attempt to get what I was owed.

– The rogue client starting falsifying information. During much of the collections process, the non-paying client was very apologetic about the delay.  She stated her apologies, asked for my patience and even claimed to have a check in hand for me at one point.  However, the nature of her messaging abruptly changed as time went on, from apologizing to denying.

When I received an email that contained outright fallacy, I knew I’d never-ever see a penny if I didn’t take legal action.  While she was still being truthful, my patience was thin, but I was prone to baby-step the collections process.  At the point she began fabricating information, my urgency spiked, and I knew the situation had broken loose of parameters of rationale and interpersonal correspondence.

– I exhausted all other reasonable methods of collection. I handled my collections process by the book.  I invoiced promptly, followed up soon after terms weren’t met and then escalated my correspondence to match the increasing age of the invoice.  I was consistent and clear but always very polite.  Even when I grew weary trying to get resolution, I still ended my messages with “thank you,” kept an even tone and kept my emotion and frustration out of my correspondence.

My last message before filing was a ‘demand letter’ in which I openly, clearly stated my next course of action if payment was not received by a certain date.  I sent this message by email and by registered mail with delivery confirmation.  I followed through when no response was received by deadline.

– It was the principle of the thing. Trust me, I didn’t think filing a claim would rock the world.  Yet I felt sincere motivation to take action on behalf of all independent business people who work so hard.  While I knew it would be a time crunching effort, I knew I could put in the weird hours it would take, and I wanted to do it for all us “Small Biz Big Timers.”

***- I knew I had a solid case. Notice the asterisks before this one?  That’s because this is the most important point.  I knew I had enough documentation and evidence to prove my case.  If I had not been able to substantiate my case adequately in front of a judge, I would have had to file this situation as a lesson learned the hard way.

I was certain my files and email trails thoroughly conveyed the truth.  I knew I could organize them effectively to present in court, and I felt assured I could offer rebuttal to any false claim the rogue client might attempt to make in court. Let me repeat a key phrase here”  “I knew I could organize…”.  All my evidence would not have helped me if I hadn’t been willing to arrange the documentation coherently and succinctly.  The court has no time for fumbling, bumbling.

Thank goodness I relied on this standard in taking my claim to court, as ‘she’ showed up with a lawyer the day of the hearing.  The judge let me know I was at a disadvantage without representation.  Nonetheless my case withstood the test.

Learn from others

I watched another case while waiting for my turn in court that day.  The plaintiff was representing himself against a defendant who had a lawyer.  The plaintiff had come to court with three witnesses willing to testify and a briefcase full of documentation.  Unfortunately, he had not organized any of it into a coherent case.  When called to the stand, the plaintiff took his briefcase with him, and began to unload piles of papers.  His disarray was spread out over the edge of the witness stand walls and onto the edge of the judge’s desk.

The judge asked some questions and really did his best to give the plaintiff room to state his case.  The fellow didn’t even  know exactly what dollar figure he was seeking from the defendant.  He couldn’t locate key pieces of evidence from his mish-mashed stacks.  Though it appeared he had a real case in there somewhere, the judge’s hands were tied.

“You’re not ready to be in court,” the judge said with surprising patience. “How can I make a judgment when you aren’t sure how much money you are owed?”

Case dismissed.

Observing that incident, I was very relieved that I’d taken the necessary hours to put together an orderly booklet of evidence with page numbers and sections.  I truly believe that helped the judge take me seriously from the start.

Your turn on the stand…

Have you been to small claims court?  How’d you make the decision to go for it, and did you win?  Please share your own experiences and insights over on our Facebook Group, where we’ve assembled a jury of your peers.

Thanks for reading!!!

The “Getting Paid” Series: My Adventures in Small Claims Court

Last week, I walked in a county courtroom 45 minutes north of my home.  I sported my ‘church clothes’, used my best posture and anxiously-yet-confidently carried three copies of a thick booklet of evidence (aka “The Truth”) close to my body like a security blanket.  When I set those booklets on the court room pew, they gave an echoing “thunk“on the smooth, worn oak.

Speaking of “thunk,” I kept playing the colloquial phrase “Who’da thunk?!?” in my head as I peered back over my shoulder to watch the trickle of local characters enter the courtroom.  (Remember the show “Night Court”?)  How—after just 7 months of officially becoming my own business—did I end up here on the docket with the estranged couple battling division of property, the man dressed as Santa Claus suing his dry cleaner for ruining the fur on his suit, the weary fellow ill-prepared to get payment from a slick defendant who was all lawyered up?  I mean, really. Who’da thunk I’d have to resort to small claims court to get paid by a rogue client so early in my small biz adventures?

Yet there I was, and assuredly so, seeking overdue compensation for good work I carried out over a withering month back in the summer.   When it came to getting paid, I’d done everything on script:  submit invoice upon completion of assignment, begin gentle follow-up when terms were not met, escalate correspondence as invoice aged, state intention to take heightened action, send ‘demand letter,’ follow through on demand.  The defendant went from apologetically pleading for my patience to abruptly stating, uh, let’s call them ‘inaccuracies’ about our business arrangement.  She fell silent after I answered her ‘inaccuracies’ with copious documentation and clear demand for resolution.

I had to take action based on principle…based on the fact that I earned that money.  By. Golly.

Since it’d been over a month since she’d responded to me at all, I had nary a clue if the defendant would even show for the hearing.  At the last minute before the judge took the bench, she scooted in the back of the court room and was seated, a distant, stern grimace on her face.  The judge invited “any case for which either party has representation” to exit the courtroom to see if resolution could be attained prior to a hearing, then began roll call.  When he called my case, not only did I raise my hand; a man in a gray suit rose with hand extended.  “Your honor, I’m legal counsel for the defendant.”

She brought a lawyer.  A lawyer.  Mr. Gray Suit, Esq.  For this amount of money?  When I had such a clearly documented case?  Who’da thunk?!?

Gray Suit, Esq.  summoned me to the lobby immediately.  I grabbed my booklets and headed out, mentally coaching myself “game on…think before you speak…steady, steady.”

On the other side of the courtroom doors, he quickly stepped into my personal space.  “Now…I’m not here to strong arm or put you up against a wall…” he began.  Uh-huh.  I thought to myself “oh, you won’t,” dialing up the righteous indignation.    I knew my case, aka The Truth, inside out, backwards and forwards.  I wouldn’t have dared waste my time, the defendant’s or the judge’s had I not been certain I was in the right.

There was no strong arming me that day. By. Golly.

Gray Suit, Esq. proceeded to ask me three questions, which he obviously thought would be the crux of his case.

1.  Did I realize there was no signed contract for my work?  Yes, I was aware. (This was literally the only client relationship in YEARS that I’d not gotten a signed project quote upfront.)   Yet there was a clear verbal contract backed  by over 400 emails substantiating that I was in a business relationship with the defendant.  I was not at all worried, though a signed contract would’ve been handy.

2.  Did I realize that the defendant or the defendant’s business did not benefit from the work I performed…that my efforts had benefited a third party?  The defendant runs a marketing firm. I was retained to help her service her client, the third party.  So yes, of course I realize her business did not directly benefit from my PR, ad creation and marketing consultation.  But I helped her succeed in servicing her client.

3.  The third question was so dumb I don’t even remember it.

As I responded to Gray Suit, Esq.  I could tell he had no clue about the nuances of the situation.  When I would not be wavered, he averted his eyes toward the courtroom doors, evoked a little swagger and smugly uttered “Alright, we’ll have a little hearing.  This won’t take but about 10 minutes.”

I thought to myself, “10 minutes?  We’ll see,” and clutched my booklets tightly at my side.

Just what was in those booklets?  34 pages of chronological documentation of the origins, progression, conclusion and collections processes related to the work for which I’d not been paid.   Since I earn my living synthesizing and organizing information to make compelling arguments (usually to help people sell stuff), I called on those skills to prepare for court. I save every sent and received email and thus I had over 400 bits of correspondence to cull for this case. I spent oh-so many valuable hours organizing my booklet-with-thunk-value.  In the process, I came to know every broken promise, each false assurance, all pivotal statements by date, time, chapter and verse.

Back in the court room, I sat through three other cases awaiting my turn.  When the judge called my case, Gray Suit, Esq. stepped forward and looked at the judge.  “This won’t take but about 10 minutes,” he repeated his swagger slogan to the judge like the court was appeasing me.  Hmpf.

Next thing I knew, I was at a podium in front of the judge, Gray Suit, Esq. and rogue client to my right, in that order.  We took the oath, then I was up to bat, as the plaintiff bears the burden of proof.  Though I had 34 pages of The Truth, I knew full well the judge wouldn’t be reading every page.  I directed him to page 2 to begin making my case.  Page 2 had a statement provided by a colleague, the man who’d brought me in on the business, clarifying the nature and terms of my retention.  It was an ace-in-the-hole statement, but Gray Suit promptly objected.

“Any correspondence not from the defendant is hearsay evidence and can’t be used,” the judge respectfully informed me. Drat.  That’s ‘People’s Court’ 101; I should’ve known that.

“No worries, Your Honor,” I retorted confidently.  “I have enough emails directly from the defendant to completely substantiate my case.”

From there, I led the judge to Page 26 of the booklet where I had a beautiful trail of emails between me and the defendant.  I pointed out the good parts, those in-her-own-words noose tighteners. “I am so, so sorry for delay.”  “Please be patient.”  “I have your check in hand…  You’re most welcome. Again, I’m so sorry.”

Gray Suit took his crack at trying to crack the case.  He asked the defendant a few questions; she made it plain that the third party…the end client for whom we’d done the work…had not paid her.  Then I took a shot with a couple cross-examination questions, just to prove her deep-rooted involvement throughout the time I worked on the business.

Yep, I cross-examined. By. Golly.

The judge spoke up, and from the first few phrases, it was pretty clear he was leaning toward a favorable verdict for me.  Gray Suit coughed up a few Hail Mary arguments.  “Your Honor, this is a matter of convenience for Ms. Williams.  It’s much easier for her to file suit here in this county than try to get payment from the business owners who live in Arizona.”

I let him finish, then looked the judge straight on.  “I don’t appreciate him speaking for me.  I’m an independent business person.  I have to assign value to every hour of my day in order to put food on my table and pay my mortgage.  This is anything but convenient.”

By. Golly.

The judge summarized the case, referencing the defendant’s own emails as the defining elements.  He stated it was clear the defendant retained me to bolster her service offerings to her client, led me to believe all along that she would be paying me and even claimed to have a check in hand at one point.  Thus, it was judgment in full for PLAINTIFF.

By. Golly.  And who’da thunk?!?

I’m still enjoying the victory, though now my attention is turning to the collections process.  As an independent business person, every dollar I earn really does matter, and I deserve to be paid what even a court of law acknowledges I’m owed.  In the meanwhile, I’ll gladly share with you lessons that I’ve learned and business truths that have been affirmed for me in this experience.  I hope my experience helps many others along the way; I really want to do justice by the justice I’ve earned!

Thanks for reading!

If You Slack, You Will Get Hacked: Tips to Prevent Account Hack Attacks, from One Who Learned the Hard Way

In my last post, I gave you some of those “we all know, we don’t all do” kind of reminders.  Use long, illogical passwords with capital letters, numbers and special characters.  Change passwords regularly.  Don’t use the same password on all your accounts.  Obvious though they may be, these reminders are not heeded often enough!  I likely could’ve spared myself major drama had I done the obvious.

Today’s post digs into some more tips, some less obvious things I learned as a result of the hack attack.  These are really practical, helpful and important.  If you use a service like Yahoo!, Gmail or Hotmail for any email account, read these tips for comprehension and treat them like explicit instructions, because there will be a test!

– Open a back-up email through another service.

When hackers hijacked my Yahoo! accounts (I have four paid and one free Yahoo! email address), I lost access to my accounts through normal means.  I couldn’t even go through the “I lost my password” gyrations because of the account resets the hackers had done.

Once I got a Yahoo! customer service rep on the phone, she asked for an alternative email address where she could send a temporary password.  I was able to give her a Gmail address I’ve rarely used, and she quickly sent the temporary password.  That side account was the key to my regaining control of my regular email addresses.

I recommend you open your own side account rather than rely on the email of a family member or friend because you need fast access in the moment if you’ve been hacked.  Dramatic as this may sound, moments really do matter.

– Find the phone numbers before a crisis strikes.

I contend it was only divine intervention that allowed me to find a functional Yahoo! phone number within minutes during my hack attack.  I googled some phrases in my blurred frenzy and miraculously happened upon a number that got me through to someone who could help.  (And thank goodness it was still within their business hours; there’s no emergency 24/7 phone help for these email providers.)  If I’d had that phone number already on hand, that would’ve save me even more precious minutes.

Mind you, I have paid Yahoo! accounts, so I had a slight advantage in finding help more readily by phone.  The phone number(s) I found for my Yahoo! incident proved unhelpful to my friend who was hacked days after me because he uses the ‘free’ Yahoo!.  Yet even if you rely on the free version of your email provider’s accounts, there are phone numbers to call…if you dig to find them.

Digging for the phone number in crisis doesn’t go so well; find them NOW.

-Log out of your account every time you’re done or step away from the computer.

Identity Theft Expert John Sileo earned his title the hard way; he had his identity stolen by a business partner who would casually hop on his computer anytime he stepped away from his desk.  John had the computer set to shut down after 15 minutes of inactivity—plenty of time for the bad guy to shimmy on over to his work station and wreak havoc while John headed to lunch.

I work from home in a contained environment.  But most of you likely access your personal emails even while at work, amongst other humans.  Make it a course of habit to log out every time you finish a session—even if you don’t get up from your desk.  Better safe than sorry.

– Don’t log in to any accounts over free WiFi connections; tether your cell phone to your laptop instead.

Free WiFi is a hacker’s stocked pond. It’s really easy for them to phish where there’s no layer of security for passwords or information. If you log on to accounts over free wireless connections, you are potentially revealing all to the bad guys.   I’ll admit, I’ve done it many-many-many times over the years, and never once did I at least go in and change my password later.  Tsk, tsk on me!

John Sileo recommends that people who’re often on the go yet must stay connected should tether their mobile phones to their laptops, using the phone as a modem for Internet access.  Cell phone service providers will charge extra for this capability, but it’s much more secure than trusting free WiFi hot spots or even using services like Boingo.  And it’s a small price to pay for avoiding the upheaval and potential cost of a hacking or identity theft incident.

– Associate a non-primary email with your Facebook account.

Hackers almost simultaneously hijacked my Facebook account with my email.  I will never know how thoroughly they’d plotted this invasion, but they knew what they were doing for sure.  My primary email might’ve helped them find me on Facebook, as that’s the one associated with the account.  If you really want to secure the Facebook front, use an obscure email address that nobody really knows; that will make you quite unfindable through email searches.  Of course, any account alerts will direct to that email.

– Check your Facebook Account Settings, Account Security & Account Activity. NOW.

Go…do this right now!  Even just today, I noted unauthorized activity on my Facebook account, and I’m on red alert just a week and a half after my attack.  See this graphic to guide you where to go.  Set your system to alert you when unauthorized activity occurs on your account!

Also—go to Privacy Setting and set your email so ONLY YOU can see it.  The above measures will not be completely effective until you set your email to be completely private.  Rest assured, your real friends will have other ways to access your real email address!!!

– Check your credit reports yearly…and immediately if you’ve been hacked.

After the hack attack, I checked my bank account, my credit reports and any other online financial account I hold.  I put an alert on my file with all three credit reporting entities.  While my email didn’t house any direct account number information and the passwords that were compromised varied from those associated with my finances, I felt vulnerable and exposed on all fronts…because I very well could have been.

– Encrypt or password-protect sensitive documents sent via email.

This is a great tip from John Sileo, one I wished I’d put into practice years ago:  encrypt or password protect sensitive documents before sending via email.  As an independent contractor, I often email clients necessary information in order to get paid, etc.  Every time I’ve hit ‘send’ on such emails, I’ve put way more than my email password at risk.

It’s really easy to add this measure of safety.  In Microsoft Word, follow the trail from “File” to “Save As” to “Tools” to “Security Options” to “Password to Open.”  In iWorks Pages, go to “Export” to “PDF” to “Security Options” to create a password to open.  You can also set security options within the Adobe PDF program.

Once a document’s encrypted, just call the receiving party with the password.  Without that password, the document is gibberish.

– Back up your email contact list on your computer.

Hackers will use, export then delete your email contact list.  My email list was 9.5-years in the making, and in a few clicks, the hackers erased it all.  They did this so that I couldn’t easily get back in and follow up with everyone to alert them to the hacking.  If I’d had that list handy on my hard drive, it surely would’ve made my life easier.

– Be vigilant and know that it really could happen to you!

“Man, I’m glad that’s not me.”  C’mon…you know you were thinking it as you observed my breathless post-hack status updates.   Hacking is on the long list of things we think won’t really ever happen to us—until it does.

Check out John Sileo’s ThinkLikeASpy.com for more personal identity tips.  I think his online Toolkit is full of really useful information; click here to read and learn.  It’s all great, eye-opening information.  And check out his book, Privacy Means Profit. I really appreciate the wisdom he shared; it was helpful for me as I was still reeling from my incident.

Please…share your own experiences over on the Facebook page! We can all learn from one another.

THANKS for reading!

How to Prevent a Hack Attack

In my last post, I shared the account of my recent email and Facebook hack attack. Now, it’s time to get to the nitty gritty—the relevant details that might help you and me prevent future digital identity theft and account invasions.

The most common question I’ve gotten since the hack attack is “how did this happen?.”  That one simple inquiry has a hundred potential answers.  The reality is I will likely never know how this happened to me with any certainty, especially since my online activity is extensive, my travels have taken me far and wide, and I’ve been lax on security issues for some time.

Of course, everyone who’s asked how this happened is ultimately looking for real answers about how to avoid it ever happening to them.  Though I can’t pinpoint the answer, I can share with you some possible, plausible scenarios that carry very useful lessons for all of us.

Change your passwords regularly. Dare I admit that I hadn’t changed my password in—um, well, er, uh—YEARS?!?  It’s so “Online Security 101.”   I’ve traveled internationally, logged onto countless wireless connections—even unsecured free Wi-Fi, been on public and borrowed computers, you name it.  Yet I never changed my password in all those years.

(Hey—don’t judge; you know you hadn’t changed yours for years either until you saw all my post-hacking status updates imploring you to change your password!  Just sayin’.)

Use difficult passwords with no reference to anything logical or personal. Though the email password I had in place for years wasn’t woefully obvious, it was ultimately quite crackable, as it incorporated some words relating to things about my life.  A tour around my Facebook profile (before I changed my privacy settings) could have revealed a series of testable guess-phrases.  With advanced ‘dictionary attack’ methods, hackers can input potential elements of passwords and autogenerate thousands of combinations until the right one strikes.

The rule of thumb:  Use a nonsensical combination of letters, numbers and special characters (if the system allows), including random use of capital letters in the mix. Go at least 9 characters long for maximum security.  Studies have proven longer passwords exponentially decrease the likelihood of deciphering.

Since I’ve purveyed this tidbit post-hack, I’ve had so many friends respond with lamentations about not wanting to create something “too hard to remember.”  To those friends I say, nothing motivates one to lock and load a crazy-hard password into the memory bank than living through the upheaval of a hack attack.

Vary your password usage. If you’re using the same password on all your major accounts—email, Facebook, Twitter, LinkedIn, etc.—you’re making it really easy for hackers to trounce all over your online identity.  Over the years, I’ve relied on a pretty steady collection of emails, intermingling the same few amidst my various accounts.

Variations on a theme are not safe enough.  After the hack attack, I went into all my online accounts and changed every password to something totally disjointed, individual and difficult.  There’s now no theme or thread of similarity to any of my passwords.

Be VERY careful about what you ‘click.’ I fancy myself cautious about click throughs.  Those inspirational PowerPoints and video clips that you got from your friend who got it from her cousin who got it from her husband’s former boss’ secretary?  I don’t open them.  That flashy ad with the bug-eyed cartoon on the sidebar of that blog I visited last month and that “guess how many jelly beans” brain teaser that loads when I refresh my free email account?  I resist clicking every time.

Still, I do click things on occasion, including some videos through Facebook or links to articles from people I don’t know on Twitter.  Though I usually use a Mac which is less susceptible to spyware, viruses and the like, I have clicked through on my unprotected little, Windows-running Netbook.  One bad click could’ve led to hackers tracking my password inputs with ease.

PC users are more likely to succumb to viruses, spyware and malware.  Proper scanning programs are musts for anyone who regularly searches the Internet.

Don’t be phishable. Phishing is the illegal process of obtaining sensitive information (logins, passwords, account numbers) through electronic communications presented as trustworthy.  Rack my brain as I might, I can’t recall ever falling for the bait of a phisher.  I have identified and deleted probably hundreds of phishing emails over the years, and if I ever fell victim to such a scam, the phishers were so effective I still have no knowledge of the scam.

The moral of this point is fundamental.  Don’t divulge  your details outside the confines of a known, fully identified entity with built-in security and privacy settings that provide the utmost assurance of trustworthiness.  Stay vigilant lest you fall for a scam hook, line and sinker.

Rely on a trustworthy email service provider. My email is hosted entirely in the clouds through Yahoo!.  While all emails that are sent and received must travel to and through ‘the clouds’ at some point, I could find an alternative service that hosts more securely, with layers of additional protection, firewalls and such.  There’s no denying that services such as Hotmail, Yahoo! and Gmail are just more vulnerable to hackers.  Long term, I will be finding more secure solutions for my email hosting needs.

For anyone who’s dismissed my saga as one that was bound to happen because of my extreme online activity and visibility, I implore you to think otherwise.  Sure, it could well be that the hackers pinpointed me based on what was abundantly findable through my digital breadcrumb trail.  Yet, as the above points make plain, there are any number of ways any of us could be hacked regardless of the amount or frequency of online activity.

Also, being visible doesn’t have to equate with being vulnerable.  By heeding the aforementioned key points (as well as more to come in my next blog post), I can maintain my online profile and still protect myself.

Have you survived a hack attack?  Please share your stories with other Small Biz Big Time readers.  Post your two cents’ worth over on the Facebook group.

My next post will feature some eye-opening information and wonderfully practical tips from Identity Theft Expert and Speaker John Sileo.  It’s seriously good stuff, so stay tuned…

Thanks for reading!

My Email Hack Attack: What Happened to Me Could Happen to YOU

Last Friday afternoon, my email and Facebook accounts got hacked.
I’m talking H – A – C – K – E – D.

As I dashed to run no more than 40 minutes’ worth of errands, identity thieves—mostly likely from Nigeria*—invaded my email account(s) and unleashed a frenzy of fraudulence.

They’d clearly been poised for the takeover.  Within 30 minutes of my last sent email (3:03 p.m.) and less than 15 minutes from the time I stood up from my desk (approximately 3:15 p.m.), my archived files show that the hackers began sending out their rogue “I’ve been mugged in the UK; please wire money!” message to my entire contact list (3:33 p.m.).  They sent the false plea out in 25 batches to “undisclosed recipients.”

Yet before they started sending the highly implausible message, they’d actually wreaked the most havoc by hijacking my accounts (this hacking affected multiple accounts because I use one interface to access all four of my paid, Yahoo! Small Business accounts as well as my free Yahoo! account), changing the password and altering settings within my email management system.  They’d observed which of the five accounts was my primary email and were certain to use that one to do their damage.

When they finished pummeling my contacts, they exported my entire 9.5-year old contact list, deleted it from my system, then set about trashing bounce-backs and responding to replies some of my colleagues had already begun sending.  When one long lost contact (it was a really old email list!) retorted tongue in cheek “$10,000 on its way”, the hackers responded “thank you please hurry.”  I could see the trail of all this activity because I have my email set to save all sent messages and the trash file was still full.

As I was returning to my home office from my brief errand (3:45-ish), I began receiving calls from friends and colleagues.  “Irene, you’ve been hacked!!!”  I had just a mile and a half left to get back to home base, but it was the longest journey ever.  I live online.  My email is the lifeblood of my business.  Any compromise to this system is detrimental to my productivity…to my livelihood.

Back at my desk, I immediately saw that my email login was null and void and started frantically googling for a Yahoo! phone number.  Miraculously, I unearthed one rather quickly (“miraculously” because Yahoo! does everything it can to divert customers from actual human interaction).  As I struggled to attain resolution with the person from Yahoo!’s call center, I opened a new browser and discovered my Facebook account was also hijacked.

In the ultimate of adrenaline-infused multitasking, I maintained contact with Yahoo!’s call center and managed to regain control of my Facebook account (I’ll explain how in another blog post).

Thankfully, I have a rarely-used Gmail account by which the Yahoo! rep could send a fresh account verification.  With that contortion, I was able to click through and reset my password to regain control of my account.  Back inside, it was like coming home to find the place ransacked.

I spent all night and the rest of the weekend fielding calls and messages from contacts far and wide, new and old.  The nature of the calls fit into two categories:  those who wanted to warn me I’d been hacked and those who thought it might be a hoax but just wanted to talk to me to make sure all was well.

Mind you, I did have one contact who thought with his heart first and wired $500 before reaching out by email or phone to verify my whereabouts.  Thankfully, he was able to halt the transfer.  I shudder to think how close the thieves came to stealing money from someone so kind-hearted.

Less than one week after my horrific hacking, a fellow Yahoo! email user whose name had been harvested from my contact list was also hacked—on email and Facebook.  Frankly, his saga turned out to be a much longer, even more intrusive situation.  The hackers managed to camp out for hours in his accounts.  They changed all his settings, associated a false email with his Facebook so he had no authority to ‘get back in’ and even set up his email to forward to a false email address that was just one letter off from his real email.  This trickery was intended to enable the hackers to engage contacts in extended exchanges that might be more convincing.  Thankfully, it didn’t work.

With the full story now recounted for you, I’ll now be offering posts about how this could also happen to you and how you can protect yourselves and your information.  Don’t think that this happened to me just because I’m so highly active online.  This could happen to any human with an email account.

Look for my next posts.  Please-please-please read and take heed!

Back to you shortly…
THANKS!

* – Email hacks are often traced back to Nigeria. I feel strongly this is accurate for my case because of some information unearthed by my friend who was hacked just days after me.

Your Business: Who’s Driving?

Show of hands:   Who finds this quote highly relevant…and slightly convicting?  I had to put my hand down to continue typing this blog post, but suffice to say this thought by Ben Franklin hits the mark with me today.

My business—and probably yours, too—is all about client (or customer) service.  Daily, we strive to balance being responsive to clients and honing our business models to position for growth and profitability.  At what point does responsiveness become submissiveness?  At what point do we acquiesce the driver’s seat of our own businesses?  For anyone who’s  accommodating by nature (I just raised my hand again), the balancing act is a constant challenge.

Recently, my friend Billy Smith shared a story of leadership that is a real-life example of “Drive thy business” that really inspired me.   Read and learn from this wisdom…

As  former owner of one of the largest and most profitable salons in the Southeast, Billy knows lots about leading people and relating to customers.  Once, the husband of a frequent salon customer purchased a $500 gift card to give to his wife on their anniversary, which was a few weeks away.  Before the husband had a chance to present the gift, his wife became ill with a rare condition that led her to have a severe reaction to being touched.  Massages, pedicures, facials—so many of the services the gift card would be good for could no longer be of benefit to the wife.

When the husband sought a refund for the gift card, every staff member he interfaced with quoted him the strict company policy:  no refunds or exchanges on gift card purchases, period.  As the husband worked his way up the totem pole of the salon, he became increasingly incensed that his request was declined.  Eventually, his complaints reached Billy, and by then, he was livid.

Billy, aware of the entire scenario, made the difficult phone call to the customer.  He began his conversation with a clear, concise statement—that kept him in the driver’s seat of his business from the get-go.  “Mike, before we begin this conversation, you need to know two things.  First, the thing you’re asking for is the one thing I can not do.  Secondly, before this conversation is done, we will reach a resolution that leaves you 100% satisfied yet does not compromise our policy.”

Billy then began an open discourse with the husband, and ultimately, they agreed on a way for that $500 gift card to be put to good use.  Billy and his team offered to open the spa to the couple after business hours, and they provided a special meal, a massage for the husband and non-invasive services for the wife (a carefully given manicure, etc.).  They even surprised the couple with a personalized dessert and gift items from the salon.  By the end of the evening, the husband and wife were in tears thanking Billy and his staff for such a wonderful experience.

By remaining in the driver’s seat, Billy never broke his own policy yet converted an infuriated, frustrated customer into a weeping, grateful friend of the business.

There’s so much to learn from that story.

– Don’t cave to avoid conflict.

– Manage interactions from the start.

– Clearly state—and respect—your own policies.

– Exceed expectations.

– Drive thy business.

We don’t have to appease to please our customers.  What a great lesson!  What’ve you learned behind the wheel of your business?  What drives you to succeed?  Please—share your thoughts over on the Facebook group page.  We’d LOVE to hear from you!

Thanks for reading…always!