18 Year Old Enters “Dumb Criminal Hall of Fame”

/0 Comments/in , , , /by

There’s dumb criminals and then there is this kid.

A family was away from their home and had someone take care of some items around the house. Apparently the caretaker was doing some work on the exterior of the home and opened some shutters around a window and saw someone inside who wasn’t supposed to be there.

As soon as he realized it wasn’t a family member he called the police. And somehow the burglar was able to get out of the home and flee before law enforcement arrived.

When they entered the home to secure it they found a backpack, discarded food wrappers, a bag of pot, and soda cans. There was an open window adjacent to all the stuff where they determined that’s where he may have entered and exited.

So what does an 18 year old spend a lot of time doing (other than breaking into homes) he spends time on MySpace. And this kid logged onto the family’s home PC to his MySpace page. When he realized he was seen in the home he fled, forgetting to LOG OUT!!!!!!!!!

When the police looked at the computer they saw his stupid face above his dumb name (which happens to be “Robert”). With a current photo of him they were able to inform other officers on patrol and quickly saw him walking down a street equipped with burglary tools. He was arrested.

No offense to the homeowner, but they were no smarter leaving their home vulnerable to thieves with open windows, no alarm and a computer that didn’t have a password with administrative login requirements. At least lock all your windows, get a home security system and lock down your PC so it can’t be accessed.

Oh, and read this “Log Out, Log Out, I repeat, LOG OUT”.

Robert Siciliano personal security expert to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover.

What Security Issues Should You Worry About?

/0 Comments/in , , , /by

First thing I tell my seminar attendees is “The chances of anything bad ever happening to you is very slim. So don’t worry about. However you should still put these systems in place.”

Are you a helicopter parent? An “alarmist”? Or Chicken Little: The sky is falling, the sky is falling! I heard somewhere along the line that 90% of what we worry about never happens. It might be even closer to 99%. But there is still that one percent that concerns.

Deciding what to worry about may be a conscious or unconscious (or sub-conscious) decision.

Often what we worry about comes from what we see and are fed in the media. It is well known that the nightly news is built on the premise “If it bleeds it leads”. Blood and guts is what sells airtime and newspapers.

These worries when confronted are often dumbed down by statisticians, researchers, some security professionals, social psychologists and are called “baseless paranoid fears”. Books written in this regard are designed to give perspective. My feeling is they are written simply to sell a contrarian idea to stimulate conversation (and sell books) and in reality the author is no less of a “worrier” than anyone else.

Perspective is good. Too much “worry” can have ill health affects and significantly detract from quality of life.

My gripe with the “Don’t worry, it’s a 1 in 10 million chance” mentality is that it fosters the “It can’t happen to me” syndrome which prevents people from taking responsibility for their security in the first place.

If you knew the statistical probability of the chances of your kid being shot at school or your child being kidnapped or even being struck by lightning and all were “slim”, would you take any less precaution to protect yourself or your family?

Would you stand next to a metal pole in a lightning storm? Would you drive without a seatbelt? Would you allow your 7 year old who is perfectly capable of navigating their way to school go by themselves even though the chance of them being kidnapped is extremely slim?

For many of the issues we worry about the chances of them happening might be 1 in a 100,000 or 1 in 10 million. Your chances of something bad happening may equate to the same statistics as winning the lottery, which is very slim, but you still might play the number.

Does it really matter what the odds are?

Every day someone somewhere wins the lottery. Every day someone somewhere is a victim of a heinous crime.

Knowing what I know I’m concerned about it all and I take the necessary steps to prevent what’s in my control. Do I worry?  Well, a part of my life’s energy goes into putting measures in place to prevent “bad”. If being proactive and taking responsibility is “worry” then yes. And I feel safe, secure and grounded without any nagging “paranoid” angst that detracts from the quality of life.

What’s so wrong with that?

Robert Siciliano personal security expert to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover.

Is “Enterprise Rent a Car” Insurance a Scam?

/1 Comment/in /by

I rent cars all the time. I travel and need to get around so I can teach people about how scams work and how to protect themselves. Yesterday I encountered what seems like a scam but is probably just very unethical behavior on the part of Enterprise Rent a Car.

Here is how it played out.

I head to the counter to rent my car. The Enterprise Rent a Car agent asks me, “Robert, would you like to purchase rental insurance for your car today”. I say “No, I have American Express and they take care of my rental car insurance”. Which they do. I’m Platinum on AMEX and AMEX ROCKS. Their card offers physical damage insurance but not liability. Liability insurance is paid via my personal policy.

The Enterprise Rent a Car agent responds “I’m sorry; we don’t have a contract with American Express.”

Her statement “I’m sorry, we don’t have a contract with American Express” more than likely was a statement that was provided to her in sales training by Enterprise Rent a Car to overcome objection.

That statement makes an American Express card holder doubt whether or not their American Express card covers rental car insurance.

So I respond to her again, “Well, I’m pretty sure my AMEX covers me” and she responds again, “Sir, I’m trying to tell you we don’t have a contract with American Express and you will have to go through them for that”. She is now reinforcing her original statement and trying to put further doubt in my mind. Then she says, “Sir, may I suggest to you that you purchase insurance, it is only $21.00 for the day and you will be protected”. This statement further suggests that my AMEX will not cover me.

The language she used was possibly engineered by someone whose motivation was to overcome objection in the insurance sales process. Enterprise Rent a Car agents and all other rental car agents hear the same statement in regards to AMEX every day. However in my experience when Hertz agents hear me say “No, I have American Express and they take care of my rental car insurance”, Hertz agents respond with “OK” and nothing more. Hertz has elected to take the high road and not try to scam me into paying for insurance I do not need.

However Enterprise Rent a Car, instead, pads their bottom line with unethical language meant to confuse the public and get them to pay for insurance they clearly do not need.

Shame on you Enterprise Rent a Car.

Robert Siciliano identity theft and personal security expert discussing scammers and thieves on The Big Idea with Donnie Deutsch.

Crime Is On The Decline. I Didn’t Notice

/0 Comments/in , , /by

According to the figures released by the FBI, the estimated number of violent crimes in the Nation declined in 2009 for the third consecutive year. Property crimes also declined in 2009, marking the seventh straight year that the collective estimates for these offenses dropped below the previous year’s total.

What has always bugged me about these reports is the sense of relief some get, but in reality how little crime actually declines. Generally it’s anywhere from 5 percent to 6 percent for either category. So maybe there were 22,000 murders gone down from 25,000 murders. That’s still lots of grieving families.

Much of the decline in crime can be attributed to better police work and support from various federal agencies. Over the years law enforcement has gone from whistles and Billy clubs to sophisticated programs based on community involvement coupled with innovation and technology.

In addition to better police work I believe the public has a higher degree of security intelligence. Over the past 10 years our collective consciousness in regards to protecting ourselves, has increased. The tragedy of 9/11 raised awareness that we must take some degree of responsibility for our personal security.

While might have dropped a tick and we are more aware, we still have lots and lots of work to do. Remember, there always has been, is now and always will be criminals seeking their next target.

For example a study in Connecticut showed that 12 percent of burglaries occurred through an UNLOCKED door and that in 41 percent of alarmed homes that were burglarized; the security system was not turned on.

These kind of stats just makes me mental. Even though property crimes have declined, there are still over 2 million burglaries.

Here are some tips from a police department

Be proactive with the help of wireless home security. New interactive smart home solutions go beyond traditional home security to provide a new level of control, accessibility and connection.

Wireless home security provides with anywhere, anytime access to your home via smart phones or personal computers, including iPhone application to:

• Arm and disarm their home security system.

• Get notified of alarms and selected events via email and text messages as well as video clips.

• View their home through cameras and watch secure real-time video or stored video clips of events from monitored areas of the home.

• Access lights and appliances or set schedules to automate them.
Robert Siciliano personal security expert to Home Security Source discussing Home Security on NBC Boston.

Google Assembles “Best Of” Family Safety Center

/1 Comment/in , /by

Teaching kids internet safety and security is an evolving and complex issue. The goal is to achieve a level of trust with your kids while providing a long enough leash to foster growth and responsibility. Google’s Family Safety Center is a new site compiling the best of resources for advice, guidance, direction and action items to provide parents with the necessary tools to help kids navigate the wild wild web.

Google Family Safety Center works alongside many organizations in the US to promote action and awareness around Internet safety. They offer resources and advice on cyber bullying, child protection and online education both for parents and children.”

A few of the resources include:

ConnectSafely is the leading interactive resource on the Web for parents, teens, educators – everyone engaged and interested in youth safety on the fixed and mobile social Web. In addition to safety tips, advice, and youth-tech news, ConnectSafely provides a discussion forum for all stakeholders on safe, active engagement in participatory media and culture.

Common Sense Media is a favorite of mine and is an independent nonprofit organization committed to providing kids and families with the trustworthy information, education, and independent voice they need to thrive in a world of media and technology.

The National Cyber Security Alliance’s mission is to educate and therefore empower a digital society to use the Internet safely and securely at home, work, and school, protecting the technology individuals use, the networks they connect to, and our shared digital assets.

OnGuardOnline.gov is a project of the federal government and the technology community to help you guard against Internet fraud, secure your computers, and protect your privacy. For more tips on talking to your kids about staying safe online, read Net Cetera: Chatting with Kids About Being Online. This comprehensive guide for parents, also available in Spanish, covers topics ranging from social networking to file sharing.

By investing quality time with your kids learning the intricacies of online security, both child and parent will develop skills that will last a lifetime.

Robert Siciliano personal security expert to Home Security Source discussing sharing too much information online on Fox News.

Botnets Lead to Identity Theft

/0 Comments/in , , /by

When a virus recruits an infected PC into a botnet, a criminal hacker is able to remotely access all the data on that computer.

Robot networks, or botnets, have a varied history. A bot, which doesn’t necessarily have to be malicious or harmful, is essentially a program designed to connect to a server and execute a command or series of commands.

As reported by a McAfee study, networks of bots, otherwise known as drones or zombies, are often used to commit cybercrime. This can include “stealing trade secrets, inserting malware into source code files, disrupting access or service, compromising data integrity, and stealing employee identity information. The results to a business can be disastrous and lead to the loss of revenue, regulatory compliance, customer confidence, reputation, and even of the business itself. For government organizations, the concerns are even more far reaching.”

In the second quarter of 2010, more than two million PCs were recruited into botnets in the United States alone. That’s more than five out of every 1,000 personal computers. The rise and proliferation of botnets will continue to put identities at risk.

Computers with old, outdated, or unsupported operating systems like Windows 95, 98, and 2000 are extremely vulnerable. Systems using old or outdated browsers such as IE 5 or 6, or older versions of Firefox offer the path of least resistance.

To protect yourself, update your operating system to Windows 7 or XP SP3. Make sure your antivirus software is set to update automatically. Keep your critical security patches up to date by setting Windows Update to run automatically as well. And don’t engage in risky online activities that invite attacks.

In order to protect your identity, it is important to observe basic security precautions. When you conduct transactions with corporations and other entities, however, the safety of your information is often beyond your control.

Consumers should consider an identity theft protection product that offers daily credit monitoring, proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. McAfee Identity Protection includes all these features in addition to live help from fraud resolution agents if your identity is ever compromised. For more tips on protecting yourself, please visitwww.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft. (Disclosures)

Travel Security Tips for Turkey Day

/0 Comments/in , , , /by

Thanksgiving is coming quickly and it is one of the most traveled times of the year. Burglars know this. There are unfortunately many unsavory characters that are anticipating you are heading to a Thanksgiving Day football game or going to grandmas house and some of you might be helping the homeless at a soup kitchen.

To ensure an uninterrupted feasting of the fowl and a safe return home, I suggest you consider the following:

Here are a few tips to help protect the safety of your home while you are gone:

  • If you are traveling by car make sure it’s running properly, check belts and tires and oil. Have a good spare and carry an emergency kit.
  • If you are heading overnight pack your car in your garage or late at night under the cover of darkness.
  • Use timers on indoor and outdoor lights.
  • Let a trusted neighbor and the police know you are traveling.
  • Unplug garage door openers.
  • Have a neighbor park their car in your driveway.
  • If grass is still growing where you live and if you’re gone for a bit have a landscaper mow your lawn.
  • Don’t share your travel plans on social media or on a voicemail outgoing message.
  • Lock everything of significant value in a safe.
  • Invest in a home security camera system and home security alarm system.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures.

Protecting Children on the Internet

/0 Comments/in , , /by

Today’s kids don’t even know what it’s like to not be connected to the Internet. But being technology savvy doesn’t mean they are safe and secure.

Since the Internet as we know it was born in the early 1990s, it has become an integral part of our and our kids’ lives. Online shopping, social media, mobile web, and computers in the classroom are as normal to them as riding a Huffy bicycle was to me. For these kids’ parents, the online world often feels too fast and too complicated. Nevertheless, it is essential that parents educate themselves on safe, secure online practices in order to set a positive example and provide guidance for their children as they navigate the web.

Fortunately, safe and appropriate online behavior isn’t much different than in the real world. The main distinction is that on the Internet, it is necessary to be particularly sensitive regarding how and with whom you communicate.

Parents who lack experience with the Internet, computers, or mobile phones must learn the basics before they can adequately monitor their children’s habits. A parent’s discomfort or unfamiliarity with technology is no excuse to let a child run wild on the Internet.

As with any task, one should start with the fundamentals. In recognition of National Cyber Security Awareness Month, let’s go over some of those fundamentals:

  • Spend as much time as possible with kids in their online world. Learn about the people with whom they interact, the places they visit, and the information they encounter. Be prepared to respond appropriately, regardless of what sort of content they find. Remember, this is family time.
  • One popular tactic has been to set up the computer in a high-traffic family area, and to limit the time children may spend using it. This is still good advice, but it becomes less feasible as more children have their own laptops and mobile phones, which can’t be so easily monitored.
  • Teach children to recognize inappropriate behavior. Kids will be kids, but that doesn’t mean it’s okay to say mean things, send racy pictures, make rude requests, or suggest illegal behavior. If it isn’t okay in the physical world, it isn’t okay on the Internet.
  • Consider investing in computer security software with parental controls, which limit the sites kids can access.
  • Decide exactly what is and is not okay with regards to the kinds of websites kids should visit. This dialogue helps parents and children develop a process for determining appropriate online behavior.
  • Children should be restricted to monitored, age-appropriate chat rooms. Spend time with your children to get a feel for the language and discussion occurring on the websites they wish to visit.
  • Do not allow children to create usernames that reveal their true identities or are provocative.
  • Children should be reminded never to reveal passwords, addresses, phone numbers, or other personal information.
  • Kids should not be permitted to post inappropriate photos or photos that may reveal their identities. (For example, a photo in which a t-shirt bears the name of the child’s city or school.)
  • Never allow a child to meet an online stranger in person.
  • Children should be taught not to open online attachments from strangers.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses online predators on Fox News. Disclosures

Digital Photos Held for Sextortion

/0 Comments/in , , , /by

This is a little over the top and if this story was happening to one person I may not even dare to discuss. But it seems to be happening to hundreds, maybe thousands and possibly tens of thousands. And the fact that kids today are posting anything and everything, it needs to be discussed.

Right now hundreds of cyber threat victims are coming forward, arrests are being made and court dates are set because criminal hackers in the form of weird men are breaking into women’s email programs and social networking sites and scanning their media for photos that show them as they were in their birthday suit.

The depraved men are then contacting these women alerting them to their dirty deeds and giving them an opportunity to save face before the photos are posted to Facebook by paying them off in money or more photos!

This is serious stuff, now while you may not participate in stupid activity like this someone you know and care for may. The Register reports One victim, who was 17 at the time, testified that she was so humiliated that she quit her summer job and dropped out of advanced college classes. Another victim attempted suicide.

The hacks occur when:

Users have simple and easy to guess passwords and their accounts are infiltrated

Malicious software is installed on the users PCs in a number of ways

The computer has Peer to Peer (P2P) file sharing programs that allow anyone to scan the computers hard drive.

Here’s the bottom line: If you don’t want the world to ever see it, then do not do it. Because if an ex-boyfriend, ex-husband, ex-girlfriend or ex-wife has an axe to grind it may go live. Worse, a devious criminal hacker may get it and “sextort” you. Otherwise you’re next consideration (if you just need to be a shutterbug) is to put all digital media on hard drives that are not connected to the internet.

Otherwise protect yourself with anti-virus, don’t install or remove P2P file sharing software and create passwords that are difficult to crack that have numbers and letters.

Robert Siciliano personal security expert to Home Security Source discussing hacked email passwords on Fox News. Disclosures.

Colorado Supreme Court: Using a Stolen Social Security Number is Not Identity Theft

/1 Comment/in , , , , /by

I feel like my head is going to explode.

The Colorado Supreme Court has ruled “that using someone else’s Social Security number is not identity theft as long as you use your own name with it.”

The defendant in this particular case had admitted to using a false Social Security number on an application for a car loan, and to find employment. The court ruled that since he had used his real name, and the Social Security number was only one of many pieces of identifying information, he “did not assume a false or fictitious identity or capacity,” and “did not hold himself out to be another person.” The court found the defendant’s use of a false Social Security number “irrelevant,” since the number was provided to fulfill “a lender requirement, not a legal requirement.”

Justice Nathan Coats dissented, writing, “The defendant’s deliberate misrepresentation of the single most unique and important piece of identifying data for credit-transaction purposes” was “precisely the kind of conduct meant to be proscribed as criminal.”

This is yet another example of the lack of justice in the judicial system. The justices erred by failing to understand what identity theft really entails, especially when considering the distinction between a “lender requirement” and a “legal requirement.” Whether or not a Social Security number is legally required in order to obtain credit, it is still a legal identifier in many circumstances.

42 USC Chapter 7, Subchapter IV, Part D, Sec. 666(a)(13), a federal law enacted in 1996, determines when the numbers should be used. This law requires a Social Security number to be recorded for “any applicant for a professional license, driver’s license, occupational license, recreational license or marriage license.” It can also be used and recorded by creditors, the Department of Motor Vehicles, whenever a cash transaction exceeds $10,000, and in military matters.

“Synthetic identity theft” occurs whenever an identity is partially or entirely fabricated. This commonly involves the use of a real Social Security number in combination with a name and birth date that are not associated with the number. This type of fraud is more difficult to track because the evidence does not appear on the victim’s credit report or on the perpetrator’s credit report, but rather as a new credit file or subfile. Synthetic identity theft is a problem for creditors, who grant credit based on false records. It can also create complications for individual victims if their names become associated with synthetic identities, or if their credit scores are impacted by negative information in an erroneous subfile.

With this decision, the Colorado Supreme Court has fundamentally upset the balance of law, effectively opening a Pandora’s box of problems. This saga is far from over.

Since the law won’t protect you, at least in this scenario, consider investing in McAfee Identity Protection, which includes proactive identity surveillance to monitor subscribers’ credit and personal information, plus access to live fraud resolution agents who can help subscribers resolve identity theft issues. For additional tips, please visit www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft victims onThe Morning Show with Mike and Juliet. (Disclosures)