Be Careful Of Earthquake Related Charity Scams

Internet criminals follow a similar editorial calendar as newspaper and magazine editors, coordinating their attacks around holidays, and the change in seasons. They further capitalize on significant events and natural disasters. Japans earthquake is a biggie.

Whenever a natural disaster hits normal people get an urge to help those in distress. Our want/need/ability to help out comes from thousands of years of communal living as an interdependent species.

However natural disasters also bring out the worst in the bottom feeding sleazebags who smell blood.

Scammers have ramped up and are sending “phish” emails designed to extract your money to their own nefarious cause, “themselves.” Right now, there is 24 hours news reports focusing on the tragedy and people are understandably getting sucked into the drama of the events. This is a prime time to reach out to those same people who are enmeshed in the reports and get them to donate to fake organizations. The following tip will help prevent you from getting scammed and get your donation into the right hands.

Do not donate cash: Anyone asking to come to your home or office and pick up cash is a scammer. Any phone calls or emails received requesting cash or to wire money transfers is a scam.

Be suspect of all emails requesting donations: I would never click on a link in an email, especially short URL’s. Always manually enter the domain name into the address bar. The best thing is to go directly to the organization’s website.

Check with the Better business Bureau: The first thing you should always do prior to making a donation to any charity is to check their credibility with the BBB. Go online to http://www.bbb.org/us/Charity-Reviews/ and search out the charity.

Give only to charities, not individuals: Any communication from someone requesting money because of their hardship is an obvious scam. But some people are saps for an emotional sob story. While you may be savvy enough not to fall for these scams, someone in your life who may be naïve could.

Give now and consider giving to the Red Cross: The American Red Cross is the most known and credible organization on the planet for helping out those in despair. Give now and give as much as you can.

Never give out credit card numbers via an unsolicited email.

Never give out PIN or account numbers to anyone for any reason

Robert Siciliano personal and home security specialist to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover.

Mobile Payment is Coming

Near Field Communications, or NFC, is the exchange of information between two devices via wireless signal. For example, a wireless signal emitting from your cell phone can act as a credit card when making a purchase.

This year, over 70 million mobile phones will be manufactured and sold with NFC built in.

NFC can be used in other ways beyond credit card transactions. It can integrate with hardware, such as your car, to unlock a door. It can activate software.

Soon enough, using your phone as a credit card will be commonplace. Mobile contactless payments, in which you pay by holding your phone near the payment reader at the register, are expected to increase by 1,077% by 2015.

According to a study by Boston-based research firm Aite Group, “The gross dollar volume of U.S. mobile payments is estimated to grow 68 percent between 2010 and 2015, but the mobile payments will continue to represent only a ‘tiny portion’ of U.S. consumer spending for many years.”

Mobile payment is still in the testing phase in the United States, Canada, and other countries around the world.

Security is paramount. A new type of smartcard-based SIM is at the core of mobile payment security. It contains a small computer with its own software designed to protect the payment account information. Your credit card provider will make sure that mobile payment is fully secure, or it will not happen.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses identity theft in front of the National Speakers Association. Disclosures

Washington Man Steals Over 1000 Identities

While we often hear about international criminal hackers compromising databases and stealing credit card information, identity theft is often committed locally, by someone with access to sensitive paperwork.

In one such case, a suspected identity thief was recently arrested in Washington, after driver’s licenses, credit cards, and Social Security numbers were stolen from more than a thousand victims across the state.

Detectives believe the documents were stolen from cars and homes and used to open fraudulent bank accounts in victims’ names. Seized evidence includes bags of driver’s licenses, credit cards, credit card swipers, Social Security cards, and a list of thousands of names and Social Security numbers. It is difficult to estimate the total financial loss as the investigation is still underway, but so far the number is into the high thousands, and sure to increase.

According to court documents, the suspect admits being involved in identity theft in order to support his drug habit.

It is important to observe basic security precautions to protect your identity, like using a locked mailbox and checking your online statements often. But while you can store paperwork containing personal information in a locked safe and refrain from keeping sensitive documents in your car, there’s little you can do to ensure the safety of your personal information when it’s stored by corporations and government agencies.

Consumers should consider an identity theft protection product that offers daily credit monitoring, proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on their accounts. McAfee Identity Protection includes all these features, as well as immediate assistance from fraud resolution agents if your identity is ever compromised. For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him explain how a person becomes an identity theft victim on CounterIdentityTheft.com (Disclosures)

Should Dating Sites Require Background Checks?

It’s no secret that there are kooky people in the world, and those kooky people seem to gravitate to the Internet. My theory is that those with ulterior motives relish the anonymity of the web, which allows them to lure in their victims more easily. I can see why they’d appreciate that. It’s easier to lie online.

There’s no body language, no intonation in one’s voice, and no emotional connection to the other person. It’s harder for a person’s sixth sense to connect with an avatar.

The Internet provides a great cover for predators.

In Connecticut, State Representative Mae Flexer introduced a bill designed to make online dating safer. “Sexual predators now have a new tool to find victims — Internet dating websites,” she told the General Law Committee.

And in Texas, State Representative Diane Patrick, is proposing that online dating sites be required to disclose to members whether or not background checks are done, which she believes would make online dating safer.

Online dating sites argue that people should use common sense, and point out that not all background checks are entirely accurate. What if the person’s profile is made from stolen information in the first place? The fact is, online dating sites are selling a lot more than an opportunity to connect. They market to the public, inviting them to find love using their website. And they give users an air of legitimacy by default. Posting a profile on a mainstream dating site implies a certain level of credibility.

Background checks would be a good start, and can often provide someone with all they need to make an informed decision. But they may also create a false sense of security and cannot be relied upon completely, especially when people lie about their identity.

Dating sites could incorporate another layer of protection, such as checking the computer used to create the profile in the first place. Device reputation spots online evildoers in a fraction of a second, by examining the computer, smartphone, or tablet used to connect to the dating website or social network. If a device is associated with unwanted behavior, such as spam, online scams, fake profiles, bullying or predatory behavior, the website can reject the new account or transaction. If the computer or smart phone passes the first test of not being associated with unwanted behavior, further identity and background checks would be performed. If the device does not pass, there is no need to pay for further checks.

According to Jon Karl, Vice President of Marketing at iovation Inc., “We stop 150,000 online fraudulent activities every single day. At one of our international dating clients’ websites, one out of five profiles created are found to be fraudulent. We help protect their brand and keep their members safe by identifying the bad actors upfront before they have a chance to come in contact with legitimate members.”

That being said, it would be a good and prudent practice for any online dating site to further vet and screen users. It won’t keep all the bad apples out, but it will significantly reduce those who are currently using the system for no good.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses Safe Personal Dating on Tyra. (Disclosures)

Banks Need You To Be Responsibly Secure

Our culture deemphasizes individual responsibility. In my mind, life begins when you begin taking responsibility for everything in your life. Personal security is fundamentally your own responsibility and, while you may not be responsible for a crime happening to you, you are the one in the best position to prevent it.

In the last decade, as much as 80% of all banking has taken place online, a major change after hundreds of years of traditional banking. Online banking is all about convenience. It has become apparent that these conveniences of technology have outpaced consumers’ security intelligence. It is possible to secure systems in a way that will defeat most online criminal activity, but that level of security comes with inconveniences that the consumer may not be equipped to handle.

Doug Johnson, the American Bankers Association VP of risk-management policy, explains, “The banking industry wants consumers to monitor their online accounts for unauthorized transactions on a continuous, almost daily, basis. That’s because PCs and smartphones have become the online bank branch for a lot of individuals. The customer needs to really recognize that security is most effective when they work in partnership with their financial institution.”

While banks are fighting their own battles to combat fraud and account takeover, it is imperative that the banks’ customers adhere to security fundamentals.

  • Set your computer’s operating system to update critical security patches automatically.
  • Make sure your firewall is turned on and protecting traffic from both directions.
  • Always run antivirus software, and set it to update virus definitions automatically.
  • Use a protected wireless network.
  • Never click links within the body of an email. Instead, go to your favorites menu or type the address into the address bar.
  • Check your online bank statements frequently.

McAfee Identity Protection includes proactive identity surveillance to monitor subscribers’ credit and personal information, as well as access to live fraud resolution agents. For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss online banking security on CBS Boston. (Disclosures)

Child Abduction Awareness For Parents

When a true stranger steals a child, the child often doesn’t survive beyond 3 hours. Protecting yourself and children begins with understanding basic security. Today most helicopter parents won’t take their eyes off their kids, and I don’t see that as a bad thing.

Always have recent photos and videos of your child for police. Invest in a fingerprint or DNA kit to help investigators.

In the event that a child is approached, the best defense is a good offense. Resistance has often been a proven tactic for removing oneself from a dangerous situation.

Running, screaming, biting, hitting and kicking feel unnatural to teach your kids, but are natural traits they possess (My 2 year old proves this). I say if they are good at it now, train them to do it better!

As soon as your child is at an age where they can comprehend this issue, it’s time to discuss it. Age 4 they have a pretty good grasp, but age five they seem to be on solid footing.

Role play with your kids. This is a delicate balance of awareness and play. Intellectually introduce scenarios for them to respond to. See how they articulate a response. Let them figure it out on their own. Then if they don’t give you the answer you were looking for, work with them to understand the nature of their choice and its negative impact.

Discuss the Internet and online predators. This is an entire future post. But in the meantime, do your research and know what risks they face. Take control of their access to PC’s and monitor everything they do.

Most importantly, this kind of education is about empowerment. It’s about taking control. It’s a gentle awareness that can save their lives. Don’t guilt them into making the right decisions and make them feel bad about not understanding the issue. If they aren’t ready to comprehend the issue then back off.

Robert Siciliano personal and home security specialist to Home Security Source discussing Child Abductions on MSNBC.

Craigslist Scammers Use Emotional Lures

At the moment, I have no less than six different tabs open in my browser, each searching Craigslist for different items I need this spring: trailers, boats, patio furniture, musical instruments, and exercise equipment. Every day I refresh my search results, looking for the best deal. I’m confident that I’ll find what I’m looking for. Patience is the key.

Millions are doing the same thing. And unfortunately, many of them are being scammed out of their money as sellers provide explanations as to why an item is being sold, ranging from “not needed” to “my son died.”

A North Carolina woman and her mother were looking for a used car on Craigslist and found an “amazing, like, this can’t be true, deal.” The daughter contacted the seller, who replied with, “Automatic transmission. It’s in perfect condition. Exterior no scratches. Interior no rips, tears, stains.” The seller asked for $3,900, and added that the car had belonged to her son, who had died in a bike accident, and she wanted to sell the car quickly because it brought back difficult memories.

Meanwhile, the mother found a similar deal on a different car, and the seller had a nearly identical story. This raised red flags and both mother and daughter cut off communications with the scammers. They were lucky.

This type of scam works because people can relate to the awful story and are more inclined to help when someone seems to be in distress.

Craigslist could prevent the majority of these scams easily by leveraging device reputation management. Many Craigslist scammers are based in Ghana, Nigeria, Romania, Korea, Israel, Columbia, Argentina, Philippines and Malaysia. These countries breed scammers who spend their days targeting consumers in the developed world. But real-time device reputation checks such as those offered by iovation can detect computers that have been used for auction fraud (and expose all of the accounts the device or group of devices is associated with) providing the ability to shut down sophisticated fraud rings and thousands of accounts immediately

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses another databreach on Fox News. Disclosures

If A Robber Wants Your Money, Give It To Them

When a robber walks in to a place of business the general advice given is to give them what monetary request they make and let them leave. Fighting for materials items is never a good idea. There isn’t a dollar amount one can put on a life or on a box cutter across the face.

But in recent weeks, 2 Boston area store clerks fought off robbers. One man used a pepper spray and a woman used a metal rod. Both situations could have easily gone wrong, but these two clerks decided to fight. Mind you, I’m no pacifist.

The Boston Globe reported “The man leaned over the counter, said “Hi,’’ and, with a knife in his right hand, calmly warned the clerk to stay away from any alarm buttons, according to a surveillance video that captured the encounter. “Give me the money in the register now. No buttons. Put the phone down.’’ Then he turned his head. And that was when the clerk swung a 4-foot, 15-pound iron rod from behind the counter and brought it crashing down on his wrist.

“He had the knife, and I had something prepared, too,’’ she said, holding the rod that knocked the knife from the man’s hand.”

Video http://www.boston.com/news/local/breaking_news/2011/03/lynn_storeowner.html

Congratulations to the clerk. It’s always nice to hear when good conquers evil. This situation could have gone very wrong if she missed. History proves when a drugged up animal wants your money, they will often take the money and run.

It is true offering resistance has been proven to stop an attack situation more than 80% of the time. But, I only recommend someone offer resistance when their personal security is at risk. You can argue that this woman’s personal security was at stake, but robbery response 101 is to give the money up and let them leave. If they want your money, wallet, purse, just toss it in one direction and run screaming on the other.

Robert Siciliano personal and home security specialist to Home Security Source discussing Home Security on NBC Boston.

Tax Related Identity Theft Scams Up 300%

Cases of stolen tax returns have surged over the past five years, leaving many identity theft victims struggling to recoup their lost refunds.

Approximately 155 million tax forms are filed annually. This provides identity thieves with an opportunity to come out of the woodwork and steal from Americans who are just trying to pay their taxes correctly.

A recent Scripps Howard News Service investigation analyzed more than 1.4 million ID theft records from the U.S. Federal Trade Commission from 2005 through early 2010.  In it they found that fraud complaints about stolen tax return-related identity theft jumped from 11,010 complaints in 2005 to 33,774 in 2009.  That’s nearly 300 percent.

Thieves may steal victims’ refunds, trick them into disclosing Social Security or credit card numbers, or even pose as the IRS. Below is more information for those common and lesser-known tax scams to watch out for.

Employment Identity Theft Scams: If you ever receive documentation in the mail indicating earned income that you are not aware of, it may mean that someone else has used your Social Security number to gain employment.

Account Takeover Scams: If, when filing your tax return, you receive a letter from the IRS saying that you have already filed, it it likely that someone else has filed a fraudulent return on your behalf, in order to steal your refund.

Tax Preparer Scams: In an old scam that’s still in play, tax preparers tell clients they must pay back stimulus payments, and then pocket the money. Ads are also placed by scammers posing as accountants to get your returns. Make sure you do research and choose your tax preparer wisely.

Late Payment Scam: As people fall behind on their taxes, lists are created and are printed in the local paper as public record. Thieves can use these lists to call unassuming people and pose as collectors.

Internet Phishing Scams: The IRS doesn’t send emails. Phony IRS emails that try to lure taxpayers into giving out personal information are a common scam. The messages are generally intended to convince recipients to provide personal or financial information that enables the perpetrators to commit credit card or bank fraud, or other forms of identity theft. Unless you are actively engaged in dialogue with an IRS agent, do not respond to emails or phone calls supposedly coming from the IRS.

IRS Scams: If a scammer posing as an IRS agent ever contacts you, they may already have some of your personal information, which they can use to try to convince you that they are actually from the IRS. This data could come from public records or even your trash. The scammer will often put pressure on you to comply with their request, or even offer you a tax refund.

Here are some suggestions to protect yourself and make sure that you get your return:

1. Protect yourself by filing early. It seems crazy to think that someone would fraudulently file taxes in your name, but it’s being done. Once they find a few W2s or other tax-related documents, they can file in your name and claim your refund before you’ve even begun the process. File before they do.

2. Secure your mail with a locking mailbox. Mail is stolen every day, and tax forms tend to include Social Security numbers, making them especially valuable to a thief. Don’t send out your tax return by sticking it in your home mailbox. Instead, take it to the post office or use a big blue post office drop box.

3. Protect your PC. Whether or not you file online, securing your PCs is essential. Make sure you have updated antivirus software, a two-way firewall, that you run spyware removal software regularly, and that your wireless Internet connection is protected with a network key.

If you are ever a victim of a scam involving the IRS, you may be disappointed by the way it is handled by government agencies. They simply don’t allocate the resources to fix this problem proactively, nor are they adept at responding once it has occurred. The biggest issue is the thief’s privacy. Even if you think you know who is responsible, neither the IRS nor any other government agency will release that information. All you can do is follow the IRS’s instructions for resolving the issue. Be patient, as rectifying it may take many hours, days, or weeks. If you subscribe to an identity theft protection service, a fraud resolution agent may be able to help.

McAfee Identity Protection includes proactive identity surveillance to monitor subscribers’ credit and personal information, as well as live access to fraud resolution agents. For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him explain how a person becomes an identity theft victim on CounterIdentityTheft.com (Disclosures)

Security Cameras Capture Vandal

Back when man was scraping his knuckles on the ground security cameras were the size of mail boxes and were only affordable to businesses.  Banks, retail and convenience stores were the primary consumers of “Closed Circuit TV”.

Today security cameras are as small as a dime and some don’t cost much more. Everyone is installing cameras today and for good reason: They see more than you can, and they see it when you can’t.

WOWT reports a family had their ADT security system installed a little over a year and it has already solved a vandalism problem and given them peace of mind.

“The family’s husband would see a neighbor boy damage their property but every time he called the sheriff’s department he would get the same answer, without proof deputies couldn’t do a thing. The husband said, “I can’t do a thing about it unless you have proof. My camcorder didn’t help that much, you can’t catch them at night or anytime but this (his security cameras) is what captured somebody doing something to the house.”

“One time the siding was damaged, another time the mailbox was knocked over; someone even threw chemicals on their lawn, burning the grass. The security cameras provided pictures for deputies to identify the vandal. It was the next door neighbor kid. There was never another incident of vandalism.”

I have 16 security cameras in and around my home. Seven cameras are inside the home and are connected to my ADT Pulse™ System and I can access them on the internet and with my iPhone.

Recently In my yard a spotlight was broke off its mount. My immediate suspicion was a particular neighborhood kid. I reviewed the video footage from that past week and saw that it was a tree branch that knocked it down. That camera saved me from yelling at someone and looking like a jerk!

Besides the uber cool factor when I whip out my security camera apps at a party, the peace of mind is fantastic.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse™ on Fox News.