5 Ways to Browse the Web Privately

You’ve probably never even thought that “browsing the web privately” was something that you needed to take extra steps to do. Most people think all web surfing is relatively private and nobody is really paying any attention. Unfortunately, there are many people, particularly in the form of marketers and advertisers, who watch almost every website you visit and record almost every click. Then there is your government. It may or may not be happening in your country, but many oppressive governments watch every move their citizens make.

But browsing privately may mean a few different things. Are cookies being installed on the device? Is the user’s IP address visible? Can someone see the data you are transmitting? Fortunately, there are a bunch of things you can do to reduce the potential for Big Brother surveillance to happen on your PC.

#1 Use your browser’s “anonymous” or “incognito” tab. Chrome definitely offers a private browsing option that leaves no cookies or cache behind. This is generally used when a PC is shared amongst many people and a user doesn’t want others peeking at his or her history.

#2 Remove cookies. Each browser has its own setting for removing cookies. For example, in Internet Explorer, hit Ctrl-Shift-Delete and a dialog box will pop up that will allow you to delete whatever you want in your history. More browsers are listed here.

#3 Install a free tool called CCleaner. CCleaner cleans your Windows PC of all the stuff that you don’t want on there. Added bonus: It makes your computer faster, too.

#4 Checkout PrivacyChoice, which is also free. PrivacyChoice is a browser extension that instantly checks your privacy settings across websites and companies collecting your data.

#5 Use free Hotspot Shield VPN. Out of all the above options, Hotspot Shield VPN provides the most privacy by proactively protecting your IP address by assigning an IP address of its own. Used in combination with an incognito or anonymous browser, Hotspot Shield VPN will make you pretty close to invisible on the internet.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

2013 Boston Marathon: My Best Worst Day Ever

UPDATE: April 15th, 2019. Today marks the 122nd Boston Marathon. As many of my followers know, I have ran the marathon seven times, and I look forward to it every year. My charity is The Boston’s Children Hospital, and I have raised upwards of $70,000.

Training for a marathon is a taxing, physical, emotional and expensive process. For me personally, that means five cortisone shots, almost a hundred physical therapy appointments and a few arguments with my wife. Why do it? Why climb a mountain? Why be a police officer? Why be an emergency room nurse? Why detonate a bomb in a crowd of innocent people? Not sure. We all make choices others wouldn’t and we justify our decisions based on our interests, options and perspective.

Shortly after the bombings, evacuating the city, carrying my 40lb child after running 26 miles. Hurt, angered, saddened and grateful to get to my family.

Shortly after the bombings, evacuating the city, carrying my 40lb child after running 26 miles. Hurt, angered, saddened and grateful to get to my family.

For me, I just wanted to lose weight, get fit and finally give back to a charity; killing two birds with one stone, so to speak. When you’re 50 with a young family and your health and marriage are good, bills are paid and life is settled, words like “health,” “gratitude” and “grace” begin to have more meaning. And when you become a runner, you join a special club of conscious people who understand our time is limited.

So I’ve spent the past two years raising money for Boston Children’s Hospital and disciplining myself to eat better and get in the best shape I can – I want to be of value to my family in 20 years. (Plus, “abs” has been on my bucket list.)

In 2012, there was the 86-degree heat and my awful 5:32 time, but in 2013 I was on my way to run about a 4:10 (my best time ever), but was stopped at mile 26 due to some a couple terrorists’ agenda.

During the 2013 Boston Marathon, my improved time put me on Boylston Street shortly after the blasts. There were two loud bangs, and as I rounded the corner I saw the finish line through dissipating smoke. Boston police immediately corralled runners from going any farther down Boylston because it was now a volatile area and potential crime scene. At 2:52 PM I called my wife, who was at the finish line, and got no answer. A minute later, I got my dad on the phone; he was with my wife and the kids and he confirmed they were OK. I instructed him to leave ASAP, as another bomb could go off any moment. I told him to “walk down the center of the street and avoid any cars!”

But nothing was going to keep me away from them; I couldn’t just sit there and wait. In my mind, there were bombs going off between my family and myself. As a father, son and husband, the instinctual need to get your family to safety overpowers every sense of reason. I dodged a couple of police officers and ran down Boylston, the only runner on the field, putting myself in jeopardy and now also causing law enforcement to chase after me. At the 26-mile mark, I saw people on the ground, bloody and getting medical attention from the few paramedics that were on hand to take care of runners expected to be injured in more predictable, less violent ways. I made a decision to keep going. Which still doesn’t sit well. It felt like a 3D movie where the scene was pushing me back in my chair, but the sound was off. I know the scene was loud with sirens and screams, but I heard nothing.

Then I heard an angry cop (rightly so) blasting his voice in my ear before he wrestled me off the course. Eluding further apprehension, I hopped a fence and ran down a back alley behind the restaurants, bars and shops that were evacuating people through their back doors. What I saw was people—many victims who must have made their way on their own or with the assistance of others—screaming, crying and making frantic phone calls…and there was blood. Some victims I saw lost anywhere from pints to gallons; I don’t know. I just remember not wanting to run in it.

Here is a screen shot my friend took from BAA’s website of me on Boylston running on the street then onto the sidewalk near Atlantic Fish, near mile 26 and closer to the second blast. Further down I made it into the alley.

2013 finishline05102013_0000

I ended up behind the finish line and found a way to cross Boylston. I made my way to the Weston Hotel, where I found my family, scooped up my four-year-old and hiked another half mile to my vehicle. Leaving behind two vehicles, we piled nine adults and children into my Yukon and evacuated.

Out of relative danger, our attention now turned to our two children and damage control. To gauge my seven-year-old’s feelings, I calmly asked her, “Did you have fun today?” She said, “Yes, today was awesome! Until the bombs went off!” Knowing she was shaken, the radio stayed off and adults did what they could to speak in code. Note to adults who may try this: It doesn’t fool a seven-year-old.


By this time my phone was going nuts, Facebook and Twitter were buzzing and my mother, who couldn’t get in touch with us, was in complete meltdown.

Once I got home and got the kids situated, we ordered a bunch of pizza because that’s what you do when a bomb goes off. People need to feel normal.

My mom showed up at our home shortly after we got there. She was a total mess, and after the kids saw her emotional state, they understood the gravity of the situation. Today, they are showing a tremendous amount of affection and gratitude, which seems to be a side effect of their trauma.

I posted a brief note on Facebook: “Im OK, I was on Boylston St. when it happened. I saw smoke, I saw blood and people on the ground. My family was 300 yards away, waiting for me and I got to them and evacuated from the city. More later.” And the comments and “likes” poured in.

Shortly after, I provided an update: “I was right there, bomb went off. Boston police removed everyone, I kept running toward the bombs because my family was at the finish line. Police got me off the road, I resisted then another cop almost tackled me (rightly so). I ran in the back alleys, people spilling into the alleys from the explosion, screaming, crying, blood, got my dad to get my wife and kids out of there concerned for another explosion. I’m telling it to Dr. Drew on CNN between 9:15ish and 9:30ish tonight.”

Again, comments and “likes” on my page like never before. People offering an outpouring of help and support. I never knew I had that many real friends.

I feel I have to explain the part about Dr. Drew and CNN. It may seem opportunistic, but frankly, for me, it’s therapy. I do lots of media as the expert. My network is “the media.” So when I send a blast email to raise money for charity, my network knows I’m running the Boston Marathon. When I logged into Facebook and email, the requests came in from CNN, Extra and Canadian TV, along with a few radio shows too. So I spent the evening after the run as an eyewitness. And, because it’s who I am, I gave security tips too.

My cousin, who is an Iraq and Afghanistan soldier with all kinds of rank and medals, reached out to me via Facebook and said, “I think your situation was much worse than any Middle East situation.” Which I thought odd because he’s had his best buddy blown up right next to him. Then he said, “When I deploy I’m armed, geared up and expecting to fight. You were at a peaceful gathering around families and innocent civilians, not expecting bombs. That makes it much worse.”

We accept the possibility of death and destruction when we sign our contracts. I’m sure no one who signed up for the marathon expected this.

This completely messed me up, putting into perspective just how awful this situation is.

I only slept three hours that night, on edge, emotional and fragile. The next day, I headed to the media compound near Boylston to meet with Maria Menounos from Extra, who is a Boston girl. I connected with Maria, and within two minutes we were both crying. She started talking about how she loves Boston so much, then I started crying, then she started crying…which completely messed me up. I tell you this because she told me people should know this is real and they can’t forget. She was professional, but she was real. She put me at ease and we got through the interview.

Since then I’ve done more media on this than I wished, including the Boston Globe,  Dr. Drew, Extra, Current TV, Canadian TVagain and again, Fox Boston and some radio.

In early May after the blasts, I was asked to speak to the North Eastern Massachusetts Law Enforcement Council on the benefits of social media to law enforcement and how social can help get the word out in a tragedy. When I walked into the room to speak, everyone was in uniform. What I didn’t know was many of the men and women attending were the first responders saving lives at the finish line, and others who were involved in the capture of the bombers.

That was a very emotional speech for me. Check out the Huffington Posts blog on how the Boston Police did a stellar job using Twitter during the bombing.

At this point, my family and I are safe, like most of America. Emotions are still high for some. We are sad and angry. Our hearts are heavy, knowing lives were lost, and that so many will never be the same. We are not at ease, and we all want answers. We wonder, sadly, whether this celebratory event will forever be marked by the visual of a plume of smoke that symbolized the evil intent of misguided people that do not value human life and have no regard for our freedoms.

Safr.me We caught the bastards and while there are no answers yet, and we may never get them. We must keep in mind the immediate needs of the victims and their families. On behalf of my Boston, we also must declare that we are proud of our city, its first responders and its people, who showed the true measure of the human spirit through powerful acts of kindness and displays of citizen courage. We are strong as a city, undivided as a country and unbowed by this attack. No terrorist will be allowed to alter our nation’s course.

Please like my Facebook Page to stay in touch with my marathon progress, see you at the finish line!

Beware of Credit Card Micro Charges

Micro charges are charges ranging from 20 cents to $10 and either are fraudulent, legitimate or fall into the category of “grey charges,” which describe sneaky recurring or unwanted charges.

These charges often go undetected because they are so small. Nine out of 10 credit card holders don’t scrutinize their statements carefully, allowing these scammers to get away with it.  In 2010, the Federal Trade Commission filed a lawsuit describing a criminal enterprise responsible for millions of dollars of micro charges.

In micro charges operations, scammers set up websites with toll-free numbers, which creates a “legitimate” web presence. With this facade, the websites are often granted merchant status, allowing them to process credit card orders.

The victims of this scam see the fictional merchant’s name and toll-free number on their credit card statements. If they attempt to dispute a charge, the toll-free numbers go to voicemail or get disconnected. Most frustrated consumers may not bother to take the additional step of disputing a 20-cent charge with the credit card company.

While 20 cents may not seem worth the bother, these seemingly minor charges only enrich the scammers. If you fail to recognize and dispute unauthorized transactions on your credit card statements, you take responsibility for the scammy charges.

Taking a moment to scrutinize your charges can save you money and headaches.

  • Pay attention to your statements. Micro charges are a red flag.
  • Monitor your purchases. Know what you’re getting into.
  • Check statements weekly or biweekly. Look for grey charges.

Sign up for BillGuard to watch your statements. It’s free, easy and effective. Robert Siciliano is a personal security expert & advisor to BillGuard and is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video. Disclosures.

How Can I Ensure My Social Network Interactions are Secure on Wireless?

Privacy on social networks seems a little oxymoronic to me. We tell the world about our lives, but we don’t want everyone to knoweverything. I know many people who only want some people to share in their experiences, but those same people often friend people they don’t know. See what I mean? Anyway, it is still a good idea to lock down all your privacy settings and avoid friending people you don’t really know.

But what about security?

When using WiFi, the information that travels from your device to the wireless router can be seen/read (or “sniffed”) if a hacker has the right tools. Keep in mind that not all hackers are criminals; some are what are called “penetration testers” who use software specifically designed for seeking out vulnerabilities in wireless networks or in websites themselves. The problem here is some of the tools penetration testers use can also be accessed by criminals, making your information vulnerable to a bad guy.

Back in 2010, a (non-malicious) “white hat” hacker created a tool called Firesheep. Firesheep is an extension for the Firefox web browser that uses a packet sniffer to intercept unencrypted cookies from websites such as Facebook and Twitter. As cookies are transmitted over networks, packet sniffing is used to discover identities on a sidebar displayed in the browser, allowing the user to instantly take on the login credentials of the unsuspecting Firefox user by double-clicking on the victim’s name.

Since then, social media sites have done a much better job of securing their sites with SSL, which is short for Secure Sockets Layer, a security protocol that provides communication security over the internet. However, many sites that exchange personal or private information still use HTTP without the SSL, and numerous tools for auditing (hacking) WiFi or wired Ethernet connections exist.

To protect yourself, do the following:

  • When sharing data, always login via sites that encrypt user data using SSL, which is designated in the address bar as HTTPS.
  • Use a secure virtual private network (VPN).Hotspot Shield VPN free proxy protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads, etc.) are secured through HTTPS.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen  See him discussing internet and wireless security on Good Morning America. Disclosures.

What Exactly is a VPN?

A Virtual Private Network (VPN) is a network set up to communicate privately over a public network. For example: You occasionally want to or need to work from home and your employer knows that if you do, the data that travels between your PC and an office PC needs to be protected. So your employer installs a program on his server and you install one on your computer that allows your computer to connect to the work computers privately.

Another example is remote access VPN tools. Whether you’re a road warrior or simply own multiple PCs and want access to all your data from anywhere, there are a few easy ways to do it. A quick search on “remote access” pulls up numerous options. But many of these programs are a little slow and sometimes clunky.

Most of these VPN tools have their own version of encryption. But when surfing the web on your local computer on a free, unprotected public network in a hotel, airport or coffee shop, your data is vulnerable to “sniffers.” That’s where another form of VPN comes in to protect your data between your laptop, iPad, iPhone or Android and an internet gateway. This kind of VPN creates an impenetrable tunnel to prevent snoopers, hackers and ISPs from viewing your web-browsing activities, instant messages, downloads, credit card information or anything else you send over the network.

Hotspot Shield VPN is a great option that protects your entire web surfing session, securing your connection at both your home Internet network and public internet networks (both wired and wireless). Hotspot Shield’s free proxy protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads, etc.) are secured through HTTPS—the protected internet protocol.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen   See him discussing internet and wireless security on Good Morning America. Disclosures.

How Hackers Use Our Information Against Us

We hear an awful lot about hackers breaking into systems and taking down networks or stealing millions of data records. The general understanding we have for hacking is bad guys want to disrupt things to make a point or to make money. But how do they really use our personal information against us?

Whether you realize it or not, you expose a lot of your personal information online and even through the technologies you use. From information posted to social networking sites to data sent over unsecured wireless networks, you reveal bits of information that hackers can piece together to either scam or impersonate you.

This information is currency to hackers because it allows them to get what they want—your money. Or worse, a criminal can take your information and make you look really bad and completely tarnish your good name.

With your Social security number they can open various lines of credit under your name and never pay the bills, thus damaging your credit rating and creating a lot of work to for you to clear your name.

If they hack in to your devices and get your usernames and passwords then they can wreak some serious havoc. Banks accounts can be emptied, social media and email accounts can be used to scam your friends or disparage you or your loved ones, and if they access your medical accounts or history, you could be denied services when you need them most.

What all this means is you have to protect your devices and protect your personal information to avoid this from happening. To help protect yourself you should:

Use a firewall – Firewalls filter information from the Internet to your network or computer, providing an important first line of defense. If you have a home wireless network, make sure that the firewall on your router is enabled, and use a software firewall to protect your computer.

Use comprehensive computer security – Because there are a variety of ways in which hackers can access your information, you need to make sure that you employ a comprehensive security solution like McAfee® All Access to safeguard all of your devices.

Educate yourself – Keep up to date about the latest scams and tricks cybercriminals use to grab your information so you can avoid potential attacks.

Use common sense – Follow the old caveats about not clicking on links in emails and instant messages from people you don’t know, and always exercise caution when it comes to sharing any sensitive information.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)


Steps to Take When Connecting to WiFi at the Coffee Shop

Consumers are oblivious to the dangers of connecting in a free wireless environment. If they actually knew how vulnerable they are, all that coffee shops would do is sell coffee.Nobody would stick around and connect to the internet.

Everyone—and I mean everyone—always asks me if they should connect to public WiFi. The short answer is yes, but you need to install virtual private network software to encrypt your connection. More on that in a bit.

There’s plenty to know and a few things you can do to protect yourself. Here are some terms you should know:

Router encryption: The router you hop onto at the coffee shop will most likely have no encryption at all. Encryption is the process of encoding messages or information in such a way that eavesdroppers or hackers cannot read them, but that authorized parties can. Routers are built with software options to turn on encryption, but the coffee shop typically doesn’t turn it on because that would mean every person coming in would need a password. And even in that scenario, that doesn’t necessarily mean your data will be secure.

Wired Equivalent Privacy (WEP) encryption: WEP is 15 years old and offers minimal security; WiFi Protected Access (WPA) encryption is better than its predecessor, WEP. WPA is a certification program that was created in response to several serious weaknesses researchers found in WEP. WPA and WPA2 (a subsequent version) are tougher to crack, but not impossible.

Protect yourself when using WiFi:

  • Use the most updated and secure version of your browser.
  • Consider only sharing data with sites with HTTPS in the address bar; the S signifies that the website itself is encrypted.
  • Turn off file sharing. If you share files at home, turn file sharing off in public.
  • Turn on your firewall. It should be on by default, but depending on the age of your computers or by accident, it could be off.
  • Use a VPN. AVirtual Private Network (VPN) is a network set up with encryption to protect your data from unauthorized access.Hotspot Shield VPN is a good one to use. It’s secure, free to you (supported by ads) and available for PC, Mac, iPhone and Android.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen.  See him discussing internet and wireless security on Good Morning America. Disclosures.

How NOT to Dispute a Credit Card Charge

My wife was searching online for a specialist to take care of a minor medical condition. While browsing, a certain ad caught her eye, so she checked out its website and made a phone call to get more information.

The receptionist was warm and friendly and gave her all kinds of advice and direction over the phone. Toward the end of the call, the receptionist recommended my wife come into the office to sit down with the doctor to discuss her options to take care of her issues. Great. The appointment was made and the doctor’s office called a few days before to confirm.

So my wife went to the appointment, had a consult and learned her options…options that basically equated to a sales consultation of all the different procedures this doctor would perform for several thousands of dollars.

At the conclusion of the appointment on the way out the receptionist said, “That will be $125.00 please.” This was a little surprising to my wife because in the two phone calls she had with the doctor’s office, there was no mention of a fee—and when she arrived, there was no mention of a fee or signage stating a fee. My wife had also filled out a tremendous amount of paperwork when she got to the office and at no point in the documentation was there any mention of a fee.

She figured that when she’s going to an appointment to be sold on several thousands of dollars in procedures, there wouldn’t be a charge—after all, you’d be paying to be sold something! Imagine if you test drove a car at a dealership and when you were done the dealer said,“OK, $125.00 please.”

When my wife hesitated to pay and questioned the fee, the receptionist and then the doctor began to belittle and degrade her, saying things like, “What would make you think this is free?” and “Do you not think the doctor’s time is worth anything?” And so on. Feeling overwhelmed, she gave them her credit card. Then she called me from the office.

When I got on the phone and questioned the billing manager, she pulled the same negative tactics on me as she did my wife. This, of course, got my Italian blood boiling as I began to tell her all the ways I was going to expose the doctor’s shady practices on social media and how I was going to write a blog post a day with the doctor’s name in it until all Google’s search bots would see was his name associated with my scathing blogs on the first 10 pages of search.

The billing manager apologized and immediately credited my wife’s card.

Honestly, that’s not how I like to do things. And it shouldn’t be how you do things either. Reduce your aggravation by trying these things first.

#1: Always check the fine print before you make any decisions. Ask the right questions and make sure there are no unwanted charges ahead.

#2: Know what you are buying. Whenever you cough up a credit card number to any retailer, whether in person, online or over the phone, make sure you are getting what you are paying for—nothing more,nothing less.

#3: Be aware of “grey charges.” Sleazy, scheming merchants tack on unwanted subscriptions or recurring charges capitalizing on the fact that we don’t pay attention to the fine print and often do not pay much attention to our statements.

#4: Sign up for BillGuard to watch your statements. It’s free, easy and effective.

Robert Siciliano is a personal security expert & advisor to BillGuard and is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video. Disclosures.

What is a “Drive-By” Download?

Gone are the days when you had to click to “accept” a download or install a software update in order to become infected. Now, just opening a compromised web page could allow dangerous code to install on your device.

You just need to visit or “drive by” a web page, without stopping to click or accept any software, and the malicious code can download in the background to your device. A drive-by download refers to the unintentional download of a virus or malicious software (malware) onto your computer or mobile device.

A drive-by download will usually take advantage of (or “exploit”) a browser, app, or operating system that is out of date and has a security flaw. This initial code that is downloaded is often very small (so you probably wouldn’t notice it), since its job is often simply to contact another computer where it can pull down the rest of the code on to your smartphone, tablet, or computer. Often, a web page will contain several different types of malicious code, in hopes that one of them will match a weakness on your computer.

These downloads may be placed on otherwise innocent and normal-looking websites. You might receive a link in an email, text message, or social media post that tells you to look at something interesting on a site. When you open the page, while you are enjoying the article or cartoon, the download is installing on your computer.

Security researchers detect drive-by downloads by keeping track of web addresses that they know have a history of malicious or suspicious behavior, and by using crawlers to wander the Web and visit different pages. If a web page initiates a download on a test computer, the site is given a risky reputation. Links in spam messages and other communications can also be used as source lists for these tests.

The best advice I can share about avoiding drive-by downloads is to avoid visiting websites that could be considered dangerous or malicious. This includes adult content, and file-sharing websites.  Some other tips to stay protected include:

Keep your Internet browser, and operating system up to date

Use a safe search tool that warns you when you navigate to a malicious site

Use comprehensive security software on all your devices, like McAfee All Access, and keep it up to date

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

10 Tips to Secure Online Banking

Online banking or mobile banking reduces expenses by allowing customers to review transactions, transfer funds, pay bills and check balances without having to walk into a bank branch or make phone calls to a bank’s customer service call center.

Mobile banking, m-banking or SMS banking refers to online banking that occurs via mobile phone or smartphone rather than with a PC. The earliest mobile banking services were offered over SMS, but with the introduction of smartphones and Apple iOS, mobile banking is being offered primarily through applications as opposed to over text messages or a mobile browser.

As convenient as this is, you still need to consider security.

  1. Set a passlock that times out in one minute to access your mobile.
  2. Set your computer’s and mobile’s operating systems to automatically update critical security patches.
  3. Make sure your PC’s firewall is turned on and protecting two-way traffic.
  4. Always run antivirus software on your PC and mobile, and set it to update virus definitions automatically.
  5. Run a protected wireless network. Don’t bank with your mobile on a public Wi-Fi network. Use a free service such as Hotspot Shield VPN.
  6. Never click on links within the body of an email. Instead, go to your favorites menu or type familiar addresses into the address bar.
  7. Beware of SMiShing, which is like phishing but in the form of malicious text messages instead.
  8. Download your bank’s mobile application so you can be sure you are visiting the real bank every time and not a copycat site. Do not check the box offering to remember your login information.
  9. Check your online bank statements frequently.

10. Use strong passwords with numbers and uppercase/lowercase letters and characters.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures