Beware Of 10 Tax-time Scams

We are approaching tax time. Scammers are ramped up and looking for your money. Learn these tax season scam tips and watch your back.

1. Text messaging scams or smishing a.k.a Phexting. Like phishing but texting. Criminal hackers have access to technology that generates cell phone numbers and access to mass text messaging services. They send texts that install keyloggers or direct you to websites that steal your data.

2. Tax preparer scams. Reports of tax preparers who tell their clients they have to pay back their stimulus checks, then pocket the money.

3. Basic phone scams. Using the telephone for scams is back. Scammers call your home posing as local fire dept collecting your personal information for their records in case there is an emergency.

4. Caller ID spoof. New technologies that allow anyone any time to mask what shows on your caller ID and pose as an official, lottery or authority to get you to reveal data or write checks.

5. Late payment scam. As people fall behind on their utilities or taxes, lists are created and available either internally or as public record. These lists fall into the wrong hands and thieves call you to collect.

6. Affinity fraud. The Madoff scandal has inspired a new generation of cons to adopt the Ponzi once again.

7. Advanced fee fraud. Now more than ever, if it seems too good to be true, it is. Desperate times mean desperate people are making bad decisions and getting taken to the cleaners.

8. Work at home scams. Millions of people laid off, millions looking for a job. There isn’t a newspaper in the country that doesn’t have a work at home scam ad.

9. Foreign lottery scams. The promise of money is overseas, not here at home and criminals are using the phone, email and snail mail to find their victims.

10. Identity Theft. Identity thieves raised the bar as it has gone up 22%. Watch your credit reports and look for and shut down accounts opened in your name you have not authorized.

Robert Siciliano personal and home security specialist to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover.

School Officials Warn of Identity Theft

In a small Maine town, local school officials buck state requirements and tell parents not to give out their child’s Social Security number.

The Bangor Daily reports “School departments across the state are required by a new state law to collect students’ Social Security numbers for all enrolled this fall. Parents, however, should know that they can decline”. Local school officials, worried about the possibility of identity theft, are encouraging parents not to provide their children’s Social Security numbers to the state so the students can be tracked as they leave school and get jobs.

“We’re required to ask but we’re encouraging parents not to tell,” Superintendent Daniel Lee said on Monday.

The SSNs are supposed to be used for a 12 year study that will track each students and their progress throughout school. This is a perfect example of “functionality creep” of the SSN.  Functionality creep occurs when an item, process, or procedure ends up serving a purpose that it was never intended to perform.  An alternative to relying on SSN to track the students, another identifier could be assigned.

It is precisely this type of expanding use of an individual’s SSN that puts their personal identity at risk. Each child who coughs up their SSN has to worry whether or not someone who has authorized or even unauthorized access to the data base may use that child’s primary identifier to open new credit.

McAfee Identity Protection includes proactive identity surveillance to monitor a child’s identity and access to live fraud resolution agents who can help subscribers work through the process of resolving identity theft issues. For additional tips, please visit

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing child identity theft on NBC Boston (Disclosures)

Personal Security Signage Adds Layers Of Protection

Recently I had the pleasure of working with a journalist in the Boston area who is also a family man. We did a story on home security and the different options consumers have to protect themselves. I see him on TV all the time reporting on issues of crime, violence and death. Unquestionably he is on the front lines of what’s happening in our world.

In the course of our interaction we discussed many different aspects of personal security, all stuff he knows better than most.  When doing a story like this the journalist asks questions so the answerers will benefit the audience, but like many others personal security isn’t his vocation so some questions he really wanted to know the answers to.

It always surprises me that some people don’t know what I know, even if they deal with blood guts on a daily basis.

Anyway at one point we were discussing “layers of protection” and the subject of “signage” came up. I’ve always believed the more layers you put in place the more secure you’ll be. Signage is one small deterrent that can make a big difference. A sign saying your home is alarmed is one layer. Another saying “Beware of Dog” defiantly puts doubt in the mind of a bad guy.

He asked me if that really is a deterrent and I used a simple example like a NO PARKING sign. If you see a no parking sign, you are much less likely to park there because you fear of a ticket. If a bad guy sees an alarm sign, he may fear getting caught or when a “Beware of Dog” sign is posted, he may fear getting bit.

Depending on the dog, getting bit by a dog is worse than getting arrested. It’s all about layers.

Robert Siciliano personal and home security specialist to Home Security Source discussing self defense on Fox Boston.

How Does Device Reputation Protect Me?

Device reputation spots online evildoers by examining the computer, smartphone, or tablet they are using to connect to any website. If a device is recognized as having previously committed some type of unwanted behavior, the website has the opportunity to reject the transaction, preventing damage before it occurs.

In the physical world, as the saying goes, “You are only as good as your word.” And when somebody says one thing and does another, we no longer trust them.

Online, people say and do things they never would in the real world. Internet anonymity fuels bad behavior. Websites’ comments sections are filled with vitriol that you’d never hear real people utter. Pedophiles who’d never approach a child on the street contact kids over the Internet. Sex offenders avoid the stigma of their label on dating sites and social media. Scammers create accounts in order to con people and businesses into forking over money. And identity thieves use your personal information to fill out online applications for credit.

All of this is made possible by the anonymity of the Internet.

As fraudsters develop more sophisticated schemes and collaborate in elaborate fraud rings, the threat of cybercrime increases. Online businesses are getting hit hard by fraud and abuse, and it’s critical that fraud protection solutions save them from significant losses and damaged reputations.

A device reputation service checks for suspect history, but also investigates for characteristics consistent with fraudulent users. And the best part is that it denies criminals, often even before their first attempt.

According to Greg Pierson, Founder and CEO of iovation, “Device reputation helps prevent identity thieves from monetizing the credentials that they have stolen.  At the same time we are protecting online businesses, we’re also protecting the consumer.”

Device-based fraud management and a shared device reputation infrastructure play a critical role in identifying online fraud and abuse. Neglecting to take advantage of these tools severely limits a business’s ability to prevent fraud.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses Scambaiting on Fox News. (Disclosures)

Big Game Scores Big For Scammers

Internet criminals follow a similar editorial calendar as newspaper and magazine editors, coordinating their attacks around holidays, and the change in seasons. They further capitalize on significant events and natural disasters.

On Super Sunday weekend much of the scamming taking place is designed to separate the public from their money using the Big Game as the lure. People are seeking information on the Game and are being tackled by criminals who steal the ball.

The promise of cheerleader-filled videos along with downloadable player pictures or even Big Game memorabilia will dominate the scamverse.

Don’t get taken:

Ticket scams abound: Auction sites and Craigslist are ground zero for Scammers who buy up a few expensive tickets and, because many tickets are printed at home, the scammer just makes copies and resells the fakes to desperate buyers online or at the game.

Social media scamming: Bad guys who pose as legitimate individuals or businesses offering up Super Sunday media and post infected links that will infect the victim’s PC or network with a virus that gives hackers backdoor access.

Search poisoning: Scammers lure victims to their scam sites via search engines. When a website is created and uploaded to a server, search engines index the scam sites as they would any legitimate site. Doing a Google search can sometimes lead you to a website designed to steal your identity.

Zombie PCs: A botnet is a group of Internet-connected zombie personal computers that have been infected by a malicious application, which allows a hacker to control the infected computers without alerting the computer owners.

Scott Waddell, Vice President of Technology at iovation states, “Criminals will lure Internet users to malicious sites where malware can compromise their computers, making their systems ‘zombies’ in a global botnet. Identity data on these systems can be stolen and remote fraudsters can monitor the systems to compromise online accounts.”

Solutions like iovation’s ReputationManager 360 can identify fraudulent use of stolen accounts through geolocation rules, velocity indicators associated with identity thieves trying to quickly leverage stolen credentials, and the shared reputation view across more than 2,000 fraud fighting professionals strengthening the system every day.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses another data breach on Fox News. Disclosures

Custom Fitting A Home Security System

There is no such thing as one size fits all. Today, we have more variety and choice than in the first 1950 years of modernity combined. Why? Because we want it! Transportation fueled by oil and gasoline along with big box retailers and suburbia all transformed life as we know it and choice became an option.

My ADT Pulse system is no different. When the sales person showed me my options, it was like I was 10 years old and he was Santa and I was able to go right in his big red bag of tricks and pick out all the stuff that had been on my list since I was 5!

You wouldn’t think one would get all giddy about a home security system but this is not just home security. It’s home automation that secures your home. We walked through my home and he asked me all kinds of pertinent questions about our comings and goings to help decide on what options would suit us and secure us best.

We discussed all the light switches that I’d want replaced with home automation to be able to turn on remotely and have set to go on when we came home or timed to give the impression we were home when we weren’t.

Next  was all the areas of the home I wanted to install surveillance cameras that would allow me to record and drop in on sections of the house while I’m traveling or even home.

Most importantly, we went through a whole process of thinking like a burglar and determined all the vulnerable areas of the home that needed sensors on doors and windows such as motion and glass break. For me, that was the funniest part. Thinking like a burglar is necessary to prevent a burglar from getting in.

You’d be amazed at the lengths a burglar will go through to get in. And, scaling a 3 story porch and busting through a door or window on a ledge is a welcome challenge for a burglar. I’ve got that covered!

Robert Siciliano personal and home security specialist to Home Security Source discussing burglar proofing your home on Fox Boston

Top 5 Home Burglary Prevention Reminders

Imagine coming home seeing your side door open and some of your stuff on the ground. You wonder what’s happening and think maybe your stupid irresponsible roommate dropped something. But as you look closer the door is smashed and inside the house looks disheveled. Then the sinking feeling of “I’ve been burglarized” sets in. That’s was me.

It was the early 90’s and I had bought my first home at 20 years old. It was a “3 decker” and me and a few friends lived on the first floor and I rented out the rest. It was more of a “frat house” than it was a home. We even gutted a refrigerator and had a keg on tap 24/7/365. Then one night we had a few people over, and they brought a few people we weren’t familiar with.

After an evening of being stupid we headed to bed. Next morning to work. After work reality set in. When I saw what happened, I immediately knew who did it. It was one of the friends of the friend that came to my flat the night before.

Being the “take things in my own hands” 20 years old I was, I went to this person’s house with the police and recovered my stuff. Right after that, I got a home security system.

#1 Secure entrance ways: Burglars often go right through your back or front door. They first ring the bell or knock on the door to see if you’re home, and if you don’t answer they jiggle the doorknob. Lock your doors. Sometimes if the door is locked they will use a crowbar to force it open. Install solid core doors that can’t easily be compromised. Install heavy deadbolts that go deep into the jam with 3-4 inch screws that go into the door’s frame. For sliding glass doors, install an additional wooden dowel preventing the door from being opened from the outside. Make sure your home security alarm has open door sensors.

#2 Windows: When a burglar encounters a locked door they may look for unlocked windows. Lock your windows. As an extra layer of security install a wooden dowel on top of the window to prevent it from being opened. Install window film that prevents the glass from being broken. Install glass break sensors to compliment your home security system.

#3 Lighting: Lighting on the exterior is an effective way to keep the bad guy away. The benefit of additional lighting helps your neighbors to see suspicious activity at night. Include timers on indoor light to give your home that lived in look.

#4 Home Security Systems: Most people install a home alarm after the home is burglarized. Don’t wait to be a victim of crime before you smarten up.

#5 Security cameras: Compliment your alarm with surveillance cameras. I didn’t get cameras until they were affordable. If I had got them years ago, it would have saved a lot of heartache. Today they are inexpensive and easy to install.

Oh, and what happened to the guy who broke into my house? He was arrested and was in and out of jail for the next 15 years. Last time I saw him was when he was on the front page of the Boston Globe because he had cut a woman’s head off.

Robert Siciliano personal and home security specialist to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover

Preventing False Alarms

If you have a home security system, you know the pain associated with false alarms. I have set this thing off at least a 100 times and then I have to run like a gazelle to the keypad to shut it off then wait for alarm central to call me so I can give them a PIN.

Many, if not all of us are guilty of setting off our alarms accidentally. Sometimes we open a door or window that sets it off, other times we mess up the secret code. The result of this mishap is usually a very loud siren and the attention of your neighbors. If you don’t call to cancel in time, then it results in law enforcement showing up.

In many counties, towns, cities and states there are laws and ordinances that impose a fine for false alarms.

1. Have your service provider set up your home alarm system to call your mobile phone first, then your home phone second. If you don’t answer the phone, then, they will call the police.

2. Program your mobile phone with your alarm service provider’s number and call them the second you falsely set off your alarm. Memorize your PIN so you aren’t fumbling for it.

3. Don’t carry your PIN in your wallet. If your wallet is lost or stolen, your address and alarm PIN is in the hands of a stranger.

4. Whenever you are setting up any access for anyone to enter your home while you are gone, your risks for false alarms go up dramatically. Provide specific hands on instruction on how to disable and reset the alarm. Telling someone over the phone how to do it is often insufficient.

5. With the new ADT Pulse system there are 5 ways to turn off the system including a wired keypad, touchpad, iPhone app, remote control and a PC. I have different devices strategically placed throughout the house, so I can easily set and deactivate whenever needed.

Robert Siciliano personal and home security specialist to Home Security Source discussing Home Security on NBC Boston.

Check Your Credit/Debit Card Statements NOW!

The holidays are over. Your used your credit card in so many places you forget where. Now is when the bad guy may pull up that “skimmed” card number they got from you when they were working as a temp at the mall.

Every time you use a credit card, you increase the chances of that card number being used fraudulently.

#1 Watch your card. Whenever you hand your credit or debit card to a salesperson or waiter, watch to see where your card is taken and what is done with it. It’s normal for the card to be swiped through a point of sale terminal or keyboard card reader. But if you happen to see your card swiped through an additional reader that doesn’t coincide with the transaction the card number may have been stolen.

#2 Select online shopping websites carefully. Phantom websites exist to collect personal and credit card information. They can appear online any time of the year, but the holidays are prime time. They imitate the look and feel of a legitimate website, and many simply copy the web code from well-known online retailers, right down to the names and logos. You may even order a product and get it. But now they have your card number. When searching for a product or service online, do business only with those you recognize. Established e-retailers are your safest bet.

#3 Beware of phishing and vishing. When you used your card, the skimmer may not have picked up the 4 digit CVV security code. You may receive a voicemail or an email requesting that data so the bad guy can complete a transaction.

#4 The most important tip of all is to watch your statements. This extra layer of protection requires special attention. If you check your email daily, you ought to be able to check your credit card statements daily, too, right? Once a week is sufficient and even once every two weeks is okay. Just be sure to refute any unauthorized withdrawals or transactions within the time limit stipulated by your bank. For most credit cards, it’s 60 days, and for debit cards the limit can be 30 days or less.

Robert Siciliano personal and home security specialist to Home Security Source discussing credit and debit card fraud on CNBC.