How Device Reputation Can Help Prevent Fraud in the Insurance Industry

Insurance companies, like banks and retailers, are forced to deal with a wide spectrum of fraud, which costs the industry and its customers billions of dollars each year. According to the Insurance Fraud Bureau, “Undetected general insurance claims fraud total £1.9billion a year adding on average £44 to the annual costs individual policyholders face, on average, each year.”

Savvy criminals who perpetrate insurance fraud have learned to mask their true identities when setting up policies online, regularly changing account information to circumvent conventional methods of fraud detection. Now, more than ever, insurance companies need to be wary of these schemes from the onset and deploy effective solutions to analyze information beyond that supplied by users.

By initiating the application process with a device reputation check provided by iovation Inc., insurance companies can stop fraud before it happens and avoid further checks and fees when a device is known to be associated with identity theft and other frauds.

The insurance industry has an opportunity to work in tandem with merchants, banks, and others to share data that helps pinpoint the devices responsible for fraudulent activity. Shared device reputation intelligence makes this possible for the first time.
The insurance industry can utilize the established reputations of over 800 million devices in iovation’s device reputation knowledge base. While a computer applying for insurance on a site may be new for the first time, it is rarely new to iovation’s global client base. By assessing risk based on the device in real-time, an insurance company can better determine whether a particular device is trustworthy before a transaction has been approved or an account has been opened.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft  in front of the National Speakers Association. (Disclosures)

Woman Scammed of 400K

Police are warning elderly and those who have elderly parents that not all scams are done online. Some are executed using good ole’ snail mail and the telephone.

An “80-year-old woman received a letter in the mail claiming she had been awarded a large amount of money, but was required to pay fees and complete paperwork before the money would be released. According to police, the woman, without the knowledge of her children, started sending money. She started receiving notices indicating she would be awarded more money, and the scam went on for about a year. She sent about $400,000, police said.”

Scams like these are extremely easy and very lucrative for criminals. Elderly or those in your life that may be considered naïve are often the target because of their gullible nature. But other times it’s the time and culture they were raised in. There are numerous ways in which criminals pull at the heart strings of their victims to get them to open their bank accounts. Often it’s the same people who are targeted over and over again.

The most effective way to prevent these crimes from happening to all those concerned is to get better control over the release of funds from any of their financial accounts. Meaning if they have a big bank account set it up so two signatures are required for a check to be written. If the person is concerned they don’t want to be inconvenienced with every check they write then set up two accounts. One with a little money and one account with more funds effectively locked down.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse on Fox News.

5 More Online Security Tips for Valentine’s Day

A scammer typically contacts a target and strives to project an image of someone who has it all together financially and socially, claiming to be a successful entrepreneur or something similar. Or scammers may claim to be facing adversity, claiming they are widowed, down on their luck, or, like many, simply lonely. This is a strategy that has worked in the past.

Follow these tips to prevent getting scammed:

#1 Unless this person becomes an actual significant other, never give out personal information like passwords, credit card numbers or Social Security numbers.

#2 Know that bad guys lie, a lot. And they will keep up the ruse until they have what they need or until you are in a vulnerable place. Pay attention to their intentions.

#3 Get their name, address, previous address, home phone, cell phone, place of birth, birth date, where they work, license plate and if you can squeeze it out of them, and I kid you not, get their Social Security number and do a background check.

#4 Go online and Google search every bit of information about them you have acquired. You want to know as much about this person as possible. Search name, phone, email and screen name. The goal is to look for truth and lies. If you see inconsistencies, or red flags that can’t be easily explained, run really fast.

#5 Never open attachments from anyone you don’t know well. And if you can avoid it, don’t click on links they send. Scammers will think nothing of sending you a virus to infect your PC and steal your identity.

Robert Siciliano personal and home security specialist toHome Security Source discussingInternet Predators on Fox Boston

Protect Privacy Shopping After Holiday Bargains

To my dismay, every time I buy something from a new online retailer, I have to register to create yet another user account, which means yet another password, and yet another company that may lose or sell my data or send me spam.

Fortunately, there are steps we can take in order to stay secure and protect our privacy:

1. Privatize your contact information by using a junk email address specifically for online purchases, and then forward purchase confirmations to your primary email. Use a Google Voice number when you don’t wish to give out your home or cell phone numbers.

2. Only provide personal information when absolutely essential, and provide the minimum of information needed to complete a transaction. When you do disclose this data, whether to make a purchase or for any other reason, first ensure that you know exactly who is requesting the information, and why they need it.

3. Create strong passwords using combinations of upper and lowercase letters, numbers, and symbols. Use long, strong, unique passwords for each individual account, and use a password manager to store those passwords in the cloud and allow access across various devices. Separate passwords for every account help to thwart cybercriminals. Never use the same password twice.

4. Own your online presence by setting any available privacy and security options according to your comfort level regarding information sharing. It’s okay to limit the information you share, and who you share it with. Keep an eye out for little boxes that need to be unchecked to avoid additional marketing communications.

5. Make an effort to keep yourself informed and current by checking trusted websites for the latest threats and newest ways to stay safe online. Encourage friends, family, and colleagues to be web-wise by sharing this information.

6. Think before you act. Be wary of communications that implore you to act immediately, offer something that sounds too good to be true, or ask for personal information.

Robert Siciliano personal and home security specialist to Home Security Source discussing identity theft on YouTube.

Basic Security Tips When Providing Free Wi-Fi at Your Business

Wi-Fi: freedom to connect wherever and whenever. And there is no better Wi-Fi than free Wi-Fi, unless we are talking “secure Wi-Fi” which usually isn’t free. Wi-Fi is great for bringing in customers and it’s a great promotional tool that creates customer loyalty. Merchants such as hotels, coffee shops, burger joints and just about anyplace with a store front, chairs and tables is offering free Wi-Fi.

But what about all the Wi-Fi security threats?

More and more internet savvy people realize that there is less and less anonymity on the web. This means that a criminal who operates from home or work can be detected via his IP address much easier. One way to avoid detection is to show up you’re your place of business and blend in with the connected crowd.

Criminals use free Wi-Fi for:

Pirating: Downloading stolen music, movies and software via Peer to Peer programs is big and costing the entertainment industry billions. The RIAA and MPAA don’t like this and will often crack down on whoever is connected to the IP address associated with the illegal downloading.

Child Porn: The long arm of the law is often spending time in chat rooms posing as the young and vulnerable and chatting it up with pedophiles who exchange in child pornography.  Wouldn’t be cool if the FBI to came knocking.

Hacking: Hackers will hack others on the free Wi-Fi network in order to steal usernames, passwords and account information.

Secure Wi-Fi

Creating a secure Wi-Fi that requires a user name and password to join. This may not prevent all kinds of e-crimes but it’s a start to improve your Wi-Fi network security. Charging even a dollar may get a credit card number on file and would mostly eliminate anonymity.

Web filtering: Your IT security vendor has tools similar to what a corporation may have in place that filters out known websites and prevents the sharing of Peer to Peer files.

Confirm you are on a business account: Many small businesses may set up under a personal account because it might be a bit cheaper. But that personal account doesn’t enjoy some of the protection and indemnities that a business account would.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

One in Three Massachusetts Residents’ Records Breached

Massachusetts has one of the most stringent data protection laws on the books. Businesses are required to disclose data breaches, and companies are now reporting when even a single individual’s information has been compromised.

Despite strict laws and security requirements, companies are continually being hacked in record numbers. And if major businesses still being hacked despite allocating significant resources to securing their data, you’re more than likely at least as vulnerable.

The Boston Globereports, “Personal information from nearly one out of three Massachusetts residents, from names and addresses to medical histories, has been compromised through data theft or loss since the beginning of 2010, according to statistics released yesterday by the office of Attorney General Martha Coakley.”

Facts:

  • Since January 2010, 1,166 data breach notices have been filed
  • 480 of those breaches occurred between January and August of 2011
  • 2.1 million residents were affected
  • 25% involved deliberate hacking of computer systems containing sensitive data

This is just Massachusetts. Every other state is experiencing the same thing. According to Juniper Research, in the past year, 90% of organizations have suffered from some form of data breach. Since the start of 2011, there have been 365 data loss incidents involving 126,727,474 records around the world.

Keeping PCs and Macs updated with antivirus and anti-spyware software is fundamental, as is updating all critical security patches. You should also have a two-way firewall monitoring incoming and outgoing traffic, and strong passwords that combine upper and lowercase letters, numbers, and preferably other characters.

Robert Siciliano personal and home security specialist to Home Security Source discussing identity theft on YouTube.

Ghosting Identity Theft Scams

There are generally 2 types of financial identity theft. New account fraud and account takeover.

New account fraud Identity theft can occur when someone opens a new credit card in your name, maxes it out, and doesn’t pay the bill.

Account takeover Identity theft can also occur when a bad guy gets your information, uses it to take over your existing credit or bank accounts, and drains your funds.

But then there is “ghosting”. ID fraud happens when new accounts are opened under names and identities that have been entirely fabricated when thieves easily create fake Social Security numbers.

Here’s how it works. Our system of credit requires a Social Security number as the first and foremost identifier. Lenders issue credit based entirely or almost entirely on the history associated with an applicant’s Social Security number.

When a creditor issues credit based on these invented numbers and reports that information to the credit bureaus, the Social Security numbers become active identifiers that other creditors will recognize in the future. The thieves, now equipped with functional Social Security numbers, can use them to open numerous new accounts.

That first creditor who issued credit to a ghost identity with a newly created Social Security number may have had someone on the inside of the credit issuing organization submitting fraudulent payment or loan information in order to legitimize the fake number.

Businesses who issue credit may unknowingly facilitate these scams if they have employees on the inside who manipulate the system. Never leave employees unsupervised without some form of redundant checks and balances system in place. At least run Social Security numbers through the Social Security Administrations Verification Service to prevent Identity theft. Business scams like these eat at the foundation of credit and cost companies and consumers billions a year.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

Do You Have A False Sense of Cybersecurity for Mobile?

Nearly three-quarters of Americans have never installed data protection applications or security software on their mobile devices to prevent data loss or defend against viruses and malware. 72% of us have unsecured smartphones, to be exact, even though we are using them more frequently in our digital lives.

A recent survey shows that 44% of Americans use smartphones to access the Internet, and 75% say they access the Internet more frequently on their device today than they did one year ago.

Digital research firm comScore found that close to 32.5 million Americans accessed banking information via mobile device at the end of the second quarter of 2011, a 21% increase from in the fourth quarter of 2010. Approximately 24% of consumers store computer or banking passwords on their mobile devices, according to Consumer Reports’ 2011 State of the Net Survey. More than half of smartphone users do not use any password protection to prevent unauthorized device access. And according to Gartner, 113 mobile phones are lost every minute in the U.S. alone.

With unit sales of smartphones and tablets eclipsing those of desktop and laptop PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues.

Protect yourself:

Use mobile security software and keep it current. Having complete mobile security protection like that offered in McAfee Mobile Security is a primary safety and security measure.

Automate software updates. Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.

Protect all devices that connect to the Internet. Along with computers, smartphones, gaming systems, and other web-enabled devices also need protection from viruses and malware.

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube.(Disclosures)

5 Online Security Tips For Valentines Day

For some, Valentines means they might be lonely. I’ve been there, and I know many who are there now. That loneliness can distort your perspective in a way that trumps common sense. This leads people to make badly considered decisions that only worsen their circumstances. Unfortunately, scammers use this raw emotion as leverage on online dating websites and social media.

These scammers are like loneliness relief valves. In a way, they provide a different perspective by making baseless promises that they never intend to fulfill. In the end, victims end up emptying their bank accounts.

The key to be safe and secure is awareness of yourself and your emotions and the intentions of others who contact you.

Don’t be an online dating statistic. Follow these tips:

#1 Look for red flags. If you are contacted online and they make no reference to you or your name, it may be a “broadcast” scam going to others.

#2  If they immediately start talking about marriage and love and showing immediate affection run really fast.

#3  Anyone asking for money for any reason is a con-man. Never under any circumstances wire money, send checks, cash etc.

#4 When communicating with someone online and it seems it takes days for them to respond, this may be a sign they are married.

#5 When communicating with a potential mate via online dating or even in the physical world, please do not give up any information to them until you are entirely sure they are “good”.

Robert Siciliano personal and home security specialist to ADT Home Security Source discussingGPS Dating Security on Good Morning America.

Barefoot Bandit Gets 7 Years

You may recall the story about Colton Harris Moore who as a teenager was busted for committing over 100 burglaries in the Pacific Northwest. He stole cars, speedboats and airplanes and is known as the “Barefoot Burglar” because he kicked off his shoes running from the police through the woods.

Last summer he signed a movie deal to make $1.3 million with 20th Century Fox. However he won’t earn any money from this, as all the funds will go to restitution.

After 2 years of running, he was busted in a chase that involved police, boats and bullets. Most of these stories usually end up in the perpetrator being dead. But this now 20 year old will live to tell another tale, from prison.  He was recently sentenced to 7 years in state prison and pleaded guilty to numerous charges including burglary and identity theft.

In sentencing the judge was quoted saying “This case is a tragedy in many ways, but it’s a triumph of the human spirit in other ways, I could have been reading about the history of a mass murderer. I could have been reading about a drug abusive, alcoholic young man. That is the triumph of Colton Harris-Moore: He has survived.”

He survived and left many victims behind. He destroyed thousands of dollars in cars, airplanes and boats. He stole everything from food to cash and jewelry, electronics and clothing. As “romantic” as his story is, the victims of his crimes will never feel the same way again in their own homes.

Lock your doors and windows

Install a monitored alarm system. Consider ADT Pulse.

Give your home that lived in look

Leave the TV on LOUD while you are gone

Install timers on your lights both indoor and outdoor

Close the shades to prevent peeping inside

Use defensive signage

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse on Fox News.