2011 - Page 17 of 38

Woman Bites Off Attackers Tongue

June 28, 2011/in ADT Home Security systems /by Robert Siciliano

Years ago my childhood hero was this Chicago cop named JJ Bittenbinder. He would say “If all else fails, let them kiss you, then bite down on their lips until your teeth meet.”

The Boston Globe reports a woman was attacked in an alley and her attacker lost a big chunk of his tongue. The cops found it on the ground in an alley near a church after she defended herself. Maybe she read my book.

The guy fled and ended up in a clinic where police had already sent a bulletin.

It is important to understand that in any attack situation the victim actually has a lot of control over the outcome if they react within the first 30-60 seconds. What the victim does in that initial time frame can allow them to gain control over the direction of the attack. The attacker generally goes into the attack thinking the victim will be submissive but when the victim is confrontational the attacker is usually not prepared for that.

Offering resistance has been proven to stop an attack situation more than 80% of the time.

In addition to installing a home security system, it is essential that kids, women and men take hardcore self defense classes. The best program is known as Impact Model Mugging which utilizes a technique called “adrenal stress training”. Look them up and take any class within driving distance.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse™ on Fox News Live. Disclosures

Data Breaches Up, Lost Records Down

June 27, 2011/in mcafee /by Robert Siciliano

According to a recent report from Verizon, data breaches are on the rise. There were 760 data breaches recorded in 2010, compared to 140 breaches in 2009. However, there were approximately four million records stolen in 2010, as opposed to 144 million stolen in 2009.

This means there were fewer large-scale data breaches compromised of multimillions of records, and many more data breaches that compromised fewer records at a time.

Criminals have shifted their focus away from large corporations that have implemented multilayered security measures to protect mass amounts of data, and are now targeting smaller companies with smaller databases, who have yet to implement strong security measures.

Verizon’s study further shows that in 2010, 92% of data breaches were external hack attacks, a 22% increase from 2009. Nearly 80% of the stolen data was accessed via malware that gave attackers back door computer access.

This shift from bigger to smaller breaches may also indicate that hackers are realizing that big breaches get more attention, and therefore increase their chances of being caught. Furthermore, a breach of 100 million credit card numbers might be discovered quickly, and all those credit numbers would immediately be cancelled. A breach of just 10,000 credit card numbers would be more likely to stay under the radar, meaning those cards would remain active for longer.

There are now multiple breach lists, and not all define a data breach the same way. According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers, and 26% involved credit or debit card data.

The ITRC elaborated, “Other than breaches reported by the media and a few progressive state websites, there is little or no information available on many data breach events that occur. It is clear that without a mandatory national reporting requirement, many data breaches will continue to be unreported, or under-reported.”

Identity theft can happen to anyone. McAfee Identity Protection, offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. McAfee Identity Protection puts victims first and provides live access to fraud resolution agents who work with the victim to help restore their identity even from past theft events. For additional tips, please visit http://www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft on YouTube. (Disclosures)

Most Unwanted Criminals: Phishers, Shoulder Surfers and Keyloggers

June 25, 2011/in mcafee /by Robert Siciliano

McAfee’s most unwanted criminals have included pickpockets, Trojan viruses, and ATM skimmers, dumpster divers, spies, and wireless hackers and now phishers, shoulder surfers, and keyloggers. Identity theft can happen online or on the ground to anyone with a pulse, and even to the deceased.

The key is awareness, vigilance, and investing in products and services that are designed to protect you.

Tony “Big Phish” Morgan sends emails that appear to come from a trusted source, soliciting login credentials or sending recipients to spoofed websites. Either way, he wants to take over existing accounts and gain access to more data on the server or your PC. Phishing emails may look like a legitimate monthly statements or obvious Nigerian 419 scams laced with scammer grammar. Phishers have stolen over a quarter billion from victims and counting.

The first rule for protecting yourself from phishing is never click on links in emails. Use your bookmarks menu or manually type in the address of the website you’re looking for. McAfee Site Advisor software provides risk ratings for websites that come up when you do a search.

“Wandering Eyes” Willie is a shoulder surfer, using his eyes, binoculars, hidden cameras, or more likely, a phone with video capabilities to peer over shoulders in Internet cafes or checkout lines, capturing account data and PINs. If you are standing in a checkout line and someone nearby seems to be looking at his phone, which happens to be a camera phone pointed in the direction of your credit or debit card, he may be shoulder surfing.

Watch out for “wandering eyes.” Cover your phone’s keypad when entering usernames or passwords. In an Internet café, choose a seat with your back to the wall. Use complicated passwords that are harder to crack.

Francis Scott Keylogger can smoothly infect your computer and track all your online activity, recording every username and password you type. An outdated browser is more vulnerable to picking up keylogging software when surfing an infected website.

Keyloggers can hide in hardware or software, so run antivirus and anti-spyware programs to eliminate viruses, but also check the back of your PC for devices that may be piggybacking on your keyboard.

To ensure peace of mind and have a fraud resolution agent assist in identity theft restoration, —subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. For additional tips, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft on YouTube. (Disclosures)

Grandmother Taken for $5400 in Online Dating Scam

June 25, 2011/in iovation /by Robert Siciliano

All my life, I’ve been waiting for someone to give me a million dollars in diamonds, which have been willed to me by my long-lost Somalian stepfather, who’s supposedly the third generation dictator under the humble Mr. George Kinneus the Third. Or something like that.

If you receive an offer resembling that one, run for the hills.

This is what happened to the 55-year-old grandmother in New Zealand, who was simply looking for love online. She was checking out her prospects on Match.com, the most popular dating site. The grandmother got a “wink,” which is like a “poke” on Facebook, from “kiwibloke25.” According to his profile, “kiwibloke25” was a 55-year-old man seeking a serious relationship with a woman between 49 and 68 years old.

In his first message, he told the grandmother that she “[seemed] to be the type of person he [was] looking for,” and gave her his personal email address. Soon they were exchanging emails and talking on the phone. The man shared numerous intimate details about his life.

Exchanges like these lure unsuspecting victims into scammers’ traps. In this case, “kiwibloke25” claimed to have been robbed by Somalian gangsters while traveling through Dubai, and asked his victim for $5400 to cover the duty on some diamonds he had supposedly purchased. She wired him the money but became suspicious when he asked for more, to pay for a company to securely transfer the diamonds back to New Zealand. She then discovered that “kiwibloke25,” as she thought she knew him, never existed at all.

If you use an online dating service, be on guard for scams. Stick to legitimate, well-known websites, and get referrals from friends who have successfully met romantic partners online. But never let your guard down.

When creating your dating profile, never post personal information, including your middle name, full address, phone number or entire birth date.

To vet potential dates, look for information about them elsewhere online, and confirm that it matches the information in their online dating profiles.

If a potential date asks for a loan or any financial information, report them to the dating website immediately.

Dating sites could protect users by incorporating device identification, device reputation and risk profiling services to keep scammers out. Oregon-based iovation Inc. offers the world’s leading device reputation service, called ReputationManager 360. It has been recognized over the past few years for “Best New Technology” used by the internet dating industry. This service is established and has protected over 2 billion online dating activities for its clients and has flagged 2.7 million of those identified as scams and solicitations, spam, identity mining/phishing, profile representation and other abuses. Stopping scams and abusive behavior upfront greatly helps online dating sites not only protect their brand reputation, but most importantly protect their active members.

According to Industry Consultant, Mark Brooks, “The dating industry uses three lines of defense against scammers and abuse: automated software defense, user flagging and customer/abuse teams. iovation’s technology has enabled many dating sites to work together to beat scammers.”

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses dating security on E! True Hollywood Stories. (Disclosures)

Woman Hit With Frying Pan In Home Invasion

June 23, 2011/in ADT Home Security systems /by Robert Siciliano

We’ve gone over this at least a thousand times, lock your doors at night while you sleep, lock your windows and install a home security alarm.

Why? Because strange men who have murdered in the past and have been incarcerated as a teenager eventually get out of jail and then invade a person’s home at 3 am and hit the home owners daughter in the head with a cast iron pan. That’s why.

In Portland at 15 years old this guy pleaded no contest to murder. He eventually got out in 2006. Then at 26 years old he decides to break into someone’s house and fracture their skull. I have a cast iron frying pan and they are fantastic to make blackened fish and fajitas. And I can see how one to the skull could do some damage. His dad says drugs aren’t the problem but his son might have mental health issues. I’m no doctor, but I’d have to agree.

What he was after and why he broke in is not known. He didn’t have much time to steal anything because the father of the girl stabbed the home invader multiple time as the criminal was running out the door.

Understand that there always have been criminals, there are criminals now and there will always be criminals. And you Harry Homeowner need to recognize this and take steps to prevent becoming a criminal’s target.

Frankly, all that blood all over the house makes quite a mess and is just so unnecessary. A simple screaming home alarm in many cases could prevent the whole stabbing, frying pan, home invasion and waking up at 3 am thing from happening in the first place.

Robert Siciliano personal and home security specialist to Home Security Source discussing Home Invasions on Montel Williams. Disclosures

Consumer Fraud No Longer Shocking

June 23, 2011/in iovation /by Robert Siciliano

The depth, breadth, creativity, and depravity of scams and the scammers that perpetrate them no longer shock or offend. From grandmother scams to online dating scams, identity theft, data breaches, and any form of phishing or advanced fee scams, when you’ve seen one, you’ve seen them all. But the bad guys continue to find new ways to skin a cat.

The Better Business Bureau and the Consumer Sentinel Network received 725,000 consumer complaints of fraud in 2010. The defrauded consumers who reported fraud last year lost $1.7 billion.

Beware of the following scams.

Auction Scams: This ruse involves fake profiles advertising goods and accepting payments, with no intention of ever shipping any items. Scammers often contact potential victims within an auction website, but then bring communications to outside email or phone. Once the target engages with the scammer, social engineering commences.

Craigslist Scams: A scammer responds to a seller, claiming he wishes to purchase an item. He mails the seller a fake check for an amount in excess of the purchase price, with extra money included for shipping, and requests that the buyer deposit the check and then wire the payment to the shippers from the buyer’s own account. By the time the check bounces, the scammer has already received the seller’s money.

Dating Scams: Criminals pose as lovesick Romeos or Juliets, looking to sweep their victims off their feet while emptying their bank accounts. Marriage is often discussed within the first week of communications, and the word love is used as frequently as the victims’ names, which coincidently are two of the most important words a person can hear.

For consumers, education and awareness is key. For platforms on which the scams proliferate, one risk mitigation solution employed by auction sites, retailers, and dating sites is device reputation management. This not only keeps known bad computers or mobile devices from creating more fake accounts, but it also protects businesses against brand new devices that are behaving similarly to cyber criminals.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses Scambaiting on Fox News. (Disclosures)

Facebook Commenting Only Keeps the Honest, Honest

June 22, 2011/in ADT Home Security systems /by Robert Siciliano

You’re probably familiar with the comments sections of blogs and online newspapers. It’s where people write nice, harmonious, agreeable comments about the article, the article’s author, and the President. No, wait that must have been a dream I had.

I have always felt that a lack of accountability in the commenting process unfortunately brings out the worst in people. Today, anonymous Internet commentary is similar to prank phone calls prior to the introduction of caller ID.

Of course, what is or is not appropriate depends on one’s political, social, and economic perspective, and in many cases, anonymous comments can influence the direction of an online dialogue. Some commenters rely on their anonymity to avoid angering their employers. But most do so in order to freely post awful comments, because they themselves are not so nice. Writers put themselves out there every day, exposing themselves to the world, subject to every person’s inner mean side, cloaked in cowardly anonymity.

Facebook has rolled out a tool that allows any website to attach faces to comments, which would create a certain degree of accountability.

According to InfoWorld, “TechCrunch, which implemented Facebook Comments as an experiment, reports that while the total volume of comments is down significantly, the comment nastiness quotient is approaching zero – except, apparently, for nasty comments about their new commenting system.”

I see this as a positive. There is enough nastiness in the world and we all need to tone it down. Do your research on this issue. There are plenty of colorful opinions on what Facebook Commenting may mean. Many are for it, and many more are against.

Robert Siciliano personal and home security specialist to Home Security Source discussing social media identity theft on Fox Boston. Disclosures.

Home Alarm System Aids Tornado Victims

June 21, 2011/in ADT Home Security systems /by Robert Siciliano

The ADT Pulse alarm system I have has a “Panic” button in case we are in an emergency situation where we need help. I’ve always visualized situations such as home invasion or maybe medical or fire emergency as its intended function.

Well one ADT customer Jarod Stice and his fiancé Jessica Bennett — along with their dog – were huddled under two sheets of plywood and a tarp in the basement of their new Joplin, MO home, while one of the deadliest tornados in U.S. history wreaked havoc overhead.

After emerging from the rubble where his home once stood and uninjured, Jarod climbed up the basement stairs reaching for the control panel of the ADT Pulse home alarm system mounted on one of the few remaining walls. He pushed the emergency button knowing that the system –which uses cell-phone technology – would dial out automatically and relay the need for help to an operator at one of ADT’s Customer Monitoring Centers. The signal was immediately received by Customer Care Representative.

Within minutes help was on the way. Jarod credits ADT for helping to get emergency aid quickly to several seriously injured people whom he and other neighbors had pulled from the rubble and shepherded into his basement for safety.

“The EMTs were able to get within three houses of our home,” he said. “They had to be responding to the alarm because there’s no other reason they would come this close. We were one of the first in the neighborhood to get help.”

Thanks to the quick response from the paramedics, all of those hurt survived the injuries. According to Jared, no one in his immediate neighborhood was among the more than 130 people killed by the tornado.

Become familiar with your alarm control panels panic button. It may save your life or the life of a loved one.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse™ on Fox News. Disclosures

Canadian Charged in Ticket Scams – Auction Sites Need to Step Up Fraud Prevention Techniques

June 21, 2011/in iovation /by Robert Siciliano

Online classified advertising site scams are typically conducted by scammers in countries such as Ghana, Nigeria, Romania, Korea, Israel, Columbia, Argentina, the Philippines, or Malaysia, who spend their days targeting consumers in the developed world.

Scammer grammar and general awkwardness make these scams relatively easy to detect. But when a scammer is local, the ruse becomes more insidious and effective.

The Toronto Sun reports that a man in Hamilton, Ontario faces “60 charges for allegedly selling thousands of dollars worth of non-existent tickets to concerts and sporting events, mostly at venues in Toronto.” The suspect “allegedly used Craigslist to sell tickets to pop concerts like Lady Gaga, Taylor Swift and Justin Bieber, or sporting events like Wrestlemania.”

As in most Craigslist scams, the perpetrator had the victims wire money to him, and in this case it was to a local account, which reduced suspicions. He told victims they would get a shipping confirmation number once the money was received, but of course, this was entirely bogus.

At the top of every post, Craigslist reminds you, “Avoid scams and fraud by dealing locally!” But they may not consider that scammers can deal locally, too. My suggestion is to always meet the seller with cash in hand, or simply buy tickets directly from the venue or venue’s website.

Craigslist and auction sites could better protect end users and prevent the majority of these scams by using readily available and proven fraud detection tools on the market. They could easily round up accounts opened by scammers by tracking them back to the computers, tablets and smart phones that opened them up in the first place by using device reputation management. And when those computers try to open more accounts under more stolen identities, the accounts are automatically denied upfront—at the “account creation” stage.

Craigslist could easily employ customized business rules to identify high-risk activity such as those offered by iovation’s ReputationManager 360 anti-fraud service. For example, if someone posted a local offer, iovation could expose to the business when users are hiding behind proxies to make them appear as if they were in the local region. If they are selling a used car supposedly in Irvine, California and they are going through the work to mask their IP and make it “look” like they are in Irvine, but their real IP is exposing that they are in Ghana, wouldn’t that be a red flag? When this happens, the business could automatically deny the attempt in a fraction of a second, or at a minimum send it to a review queue so that fraud analysts can take a closer look before exposing a scammers’ offer to the public.

In general, with today’s sophisticated fraud prevention technologies and techniques, scammer accounts could and should easily be stopped at the front door (while attempting to set up a new account) — before ads are placed, before ads are read by the public, and before tens to hundreds of visitors act on the ad by engaging in conversation with a cyber criminal who wants to steal their money.

Imagine the scale of bad accounts that could be shut down instantly. Sophisticated fraud rings could be identified within the business’s network and thousands of fraudulent accounts shut down, making Craigslist and other auction sites a much safer place for the public to look for desired products and services.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses scambaiting on Fox News. (Disclosures)

3 Incredible Reasons Why Security Cameras Rock

June 17, 2011/in ADT Home Security systems /by Robert Siciliano

Reason 1: In Pittsfield Massachusetts a minor league baseball team was reeling after continual theft from the team’s locker room. And to help solve the problem they I installed a single video surveillance camera.

The 42 year old thief was recently caught on camera and arrested for stealing cash from the lockers of the team during a ball game. He of course pleaded not guilty. The video states otherwise. Video doesn’t lie. In this scenario the team players should have locked the locker room up or at least locked their lockers.

Reason 2: A guy named Eddie was labeled a geek by his home invaders who believed he wouldn’t put up a fight. The where right, he is a geek and didn’t put up a fight. Geeks, in general, are smart though, so he installed a security camera. The thieves broke into his home and stole money and vowing to not let that happen again he went out and bought a surveillance camera.

The next day young teens came to his unlocked home and held him at knife and gun point and robbed him, all caught on tape. All 4 teens were caught and now face prosecution.

Eddie should lock his doors and get a home security system.

Reason 3: This story doesn’t have a happy ending, but hopefully it will. In Oakland California a woman was robbed but then sexually assaulted. Amazingly she caught the whole burglary part on tape on her mobile phone.

The video is clear and crisp and will hopefully bring this man to justice.

In the future I’d recommend NOT busting out your mobile video but instead using that same phone to call 911 as you run out of the home to safety. There are many things wrong with this situation but manly that the victim didn’t need to be a victim.

I’m a big fan of video, but a bigger fan of RUNNING.