Healthcare Workers Indicted for Identity Theft

A wise man once said, “Beware of false prophets, which come to you in sheep’s clothing, but inwardly they are ravening wolves.” The wolf in sheep’s clothing refers to someone in a role contrary to his or her character and with whom contact is dangerous. In other words, sometimes it’s the people we trust the most that commit the worst crimes. And it’s often the people who are the most vulnerable that are victimized.

In Virginia, reports, “Two former health care nurse’s aides were indicted on charges of stealing the identities of at least a dozen patients as part of an elaborate scheme that netted more than $116,000 in fraudulent tax refunds. The men would take names, birth dates and Social Security numbers and give them to other people. Those accomplices, not identified in the indictment, would file false income tax returns collect refunds. Those refunds ranged from about $999 to $7,300, the indictment said.”

The boss of the alleged thieves stated, “We take the protection of patient information entrusted to us very seriously and have safeguards in place.” He added that “every employee is required to sign a pledge each year promising to protect patient information.”

This is hardly a new phenomenon. When I was in my early 20s, I knew a guy who worked as a home healthcare clinician and did this to his elderly patients. He had a cocaine problem and was just a nasty human being to begin with.

If you or anyone in your family is under the care of “professionals” who are put in a position of trust, know that trust is no more than a signed pledge away from being broken.

The best protection against identity theft is a combination of credit freezing and identity theft protection. Tax-related identity theft can’t be protected by either; however, the restorative component of an identity theft protection service may assist you in cleaning up the mess. Before making an investment, ask what is offered and if the service will do anything to prevent or fix tax-related identity theft.

Robert Siciliano is an identity theft expert to discussing identity theft prevention. For Robert’s FREE ebook, text SECURE Your@emailaddress to 411247.

Do You Know Who’s Spying on You?

There have multiple revelations about government agencies spying on their citizens, which, frankly, should come as no surprise. But there are also several others who are also spying on you, and often you’ve given them permission to do so.

  • Hackers: Routers can be hacked if not properly secured. Spyware can be installed if your PC doesn’t have antivirus, antispyware, antiphishing and a firewall.
  • Internet service providers: The company that provides you your internet connection collects data about you that is stored on its servers and is available to law enforcement with a warrant or corporations that feel you violated copyright.
  • Employers: Like it or not, your employer owns the devices it provides you, and in some cases can access the devices you own if they are used for company communications.
  • Identity thieves: Criminals set up shop looking for potential victims of their multitude of scams. They check you out via social media or simply pick you at random via a phishing email. But once they connect with you, they research your IP address—and everything else they can find about you—to make their scam more believable.
  • Websites: Sites install cookies in your browser to track where you go and what you click. The purpose of this is to send you targeted ads and sell you stuff.

Prevent spying:

  1. Lock down your wireless router using its built-in security settings that have WPA2 encryption. Your router’s wizard will walk you through the process.
  2. Update your browser, OS-critical security patches, antivirus, antispyware, antiphishing and firewall.
  3. Set your browser to clear your cache daily.
  4. At work, just work. No playing online.
  5. Lock down your social profiles and say little. Keep it professional.
  6. Use a VPN (i.e Hotspot Shield VPN) to mask your IP address and protect your internet traffic from snoops.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

15 Tips to Prevent Identity Theft

There at least 99 things to know about how to prevent identity theft. Below is a good starting point.


  1. Watch your bank accounts online and examine your statements frequently.
  2. Opt out of preapproved credit cards. Go to to get started.
  3. Check your credit for free at You can do this up to three times a year.
  4. Dispute unauthorized credit accounts with the issuing lender.
  5. Don’t leave keys, purses, wallets, mobiles or laptops in your car or unlocked gym locker. Keep your stuff with you, or at least lock it up and hide it.
  6. Keep purses and wallets close. When you aren’t looking, thieves will steal a credit card from your open purse and you might not know it for days.
  7. Watch your credit card statements as closely as your bank statements, especially after you use your card.
  8. Watch clerks at checkout to make sure they aren’t double-swiping your credit card and skimming your information off the magnetic strip.
  9. Beware of ATM skimmers. Poke around the card slot and make sure there isn’t an extra façade that can be pulled off.

10. Check fraud happens when criminals get hold of your check routing and account numbers at the bottom of the check. Again, watch your bank statements.

11. Put your mail in a blue post office-issued mailbox or at the post office—not in your own mailbox with the flag up.

12. Never wire money to strangers online. If you are buying something off classifieds or receive an email or phone call from someone, even a family member in distress, it is probably a scam.

13. Lock down your PC with antivirus, antispyware, antiphishing and a firewall.

14. Update your digital devices’ operating systems critical security patches.

15. Invest in identity theft protection. You can and should do all of the above, but you still can be victimized because some big company gets hacked.


Security Measures for the Wealthy vs. for the Rest of Us

“Wealthy,” by some standards, might mean being in the top one percent of earners today in the US, which is $370,000 a year. Otherwise, the “bottom” 95 percent is making less than $150,000 a year, and then 75 percent of the population makes less than $66,000 a year. Depressed? Sorry; the point of this post is to provide you with options that the wealthy might use for security vs. what everyone else considers affordable.

  • Home security: Alarm systems today can cost from under a hundred dollars to several thousand. Celebs and CEOs often invest heavily in all the bells and whistles, whereas all we of more modest means really need is a simple system to protect our doors and windows that also comes with a siren and is possibly connected to a monitoring station at the price of a dollar a day. Even cheapo stickers and signs on eBay offer a layer of protection.
  • Auto security: You could ride like Kanye West in an armored car costing several hundred thousand dollars…or you could install some tinted windows, take a defensive driving course and toss in a kill switch for a few bucks.
  • Personal security: If your name is Larry Ellison (CEO of Oracle), you might drop $1.7 million on bodyguards and everything else. Otherwise, take a self-defense course utilizing adrenal stress training.
  • Information security: Budgeting for information security is often relative to the amount and kind of data that needs protecting. So a big company should be spending big bucks, whereas for $49.95 you should be renewing your antivirus every year.
  • Identity theft security: For 10 bucks a month, anyone can protect his or her identity with identity theft protection. For almost free, everyone should get a credit freeze. I do both and recommend you do the same.
  • Wireless security: The beauty here is that protecting a wireless connection can be free via a free VPN service from Hotspot Shield. And for another few bucks, you can get a paid version that’s ad-free and faster—and you don’t need to be wealthy to afford it.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

Contactless Challenge Revisited: Final Thoughts

The Gemalto Contactless Challenge kicked off in the United States June 10th, with two bloggers from Austin, Texas and Salt Lake City, Utah, respectively, putting contactless payment infrastructure to the test.

The Isis Consortium of AT&T, T-Mobile and Verizon Wireless chose Austin and Salt Lake City to pilot its mobile wallet using near field communication (NFC) technology because both cities are innovative and tech savvy and have systems in place that accept NFC.

The Contactless Challenge was designed to show how anyone with basic tech skills can ditch his or her leather wallet and use a so-called digital wallet. One blogger used an Android phone that had NFC built in. But, like me, he owns an iPhone 5, which does not support NFC. My understanding is that there are plans to produce a snap-on case that supports the capabilities and features required to make NFC work on the iPhone—which would be essential for Contactless to work, as iPhones are almost 50 percent market share.

During the Challenge, one of the challenges was that contactless payments weren’t offered, or the payments failed at the point of sale, which frankly is a bit disappointing. As a society we are stuck on card technology, and the major card issuers haven’t really made it a priority to require merchants to accept contactless payments just yet. It will happen eventually; I just want it NOW!

As Josh Kerr, one of the bloggers in the Challenge, points out: “This technology is ready for mainstream. In fact, the only real thing holding it back is that not all merchants accept it. I see that changing over time as merchants upgrade their credit card terminals to ones that support wireless forms of payment. This will happen automatically, but it could take a while before it is ubiquitous.”

Agreed, Josh, agreed!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

Your Government Can’t Protect You From Identity Theft

I’ve always marveled at the law enforcement motto, “To Serve and Protect.” While honorable, it’s essentially a slogan that presents our government representatives’ best intentions because in reality they can’t proactively 100 percent protect us the way we believe or expect them to do so. “Where’s a cop when you need one?” people say.

But it’s really not law enforcement’s job to protect everyone, everywhere, all day. We’d need a cop in every driveway all day long to really protect us. And even our government at its highest levels can’t effectively do the job in fully protecting us.

The ParamusPost does a fine job summing it up by pointing out, “The US federal government is taking steps to help consumers protect their identities. In 2006, the President’s Task Force on Identity Theft was created. This organization is tasked with the job of improving law enforcement abilities, improving consumer education, and setting governmental safeguards to protect against identity theft. Additionally, the Fair Credit Reporting Act provides consumers with access to information contained on credit reports, which were once off-limits to the average consumer. This law also puts requirements in place for accuracy in reporting, such as the ability for a consumer to report inaccuracies and potential identity theft to the credit bureaus. While this is a good start, it is ultimately up to the consumer to take actions to prevent the loss of personal identity.”

Yes, ultimately this is your problem.

Here’s what I suggest:

  1. Shred. If it’s got your name, account numbers or address, don’t throw it away—destroy it.
  2. Lock your mailbox. Buy a locking mailbox so your mail is safe from theft.
  3. Antivirus. Protect your PC with all the software necessary to prevent spyware.
  4. Identity theft protection. Invest in services that will monitor your identity and restore it in the event it’s stolen.

Robert Siciliano is an identity theft expert to discussing identity theft prevention. For Robert’s FREE ebook, text SECURE Your@emailaddress to 411247. Disclosures.

Caller ID Spoofing Effective in Identity Theft

Caller ID spoofing is when a telephone’s caller ID displays a number that does not belong to the person calling. The telephone network is tricked into displaying this spoofed number as a result of flaws in caller ID technology. Caller ID spoofing can look like the call is coming from any phone number. People inherently trust caller ID simply because they are unaware that caller ID spoofing exists.

WKYC in Ohio reports, “Police want residents to be aware that scammers are using caller ID spoofing in an attempt to trick them into thinking they are talking to a police officer.” Recently an elderly resident contacted police to report a possible scam. According to the report, “She said she was contacted by someone claiming to be an FBI agent who wanted personal information in order to award a $600,000 sweepstakes. He told her she could call her local police department to confirm it was not a scam. As an officer was speaking with the resident, she received another call that came up on caller ID with the name and phone number of a North Canton police detective.”

Pretty scary and very effective. Most people, including me, rely on caller ID for most or all calls. When the name or number of a familiar person appears, I’m likely to say “Hello John” and expect John’s voice. But by trusting this technology, we open ourselves up to scams like the one above.

To avoid this scam, simply recognize it exists, and be on guard in situations where you don’t recognize the voice or the caller is offering a reward, winnings or anything that seems out of place, too good to be true or in some way shape or form surprises you.

Hang up the phone on scammers—especially when they keep calling back. Eventually they will stop when they realize you’re not an idiot. Identity theft protection can’t protect you here, but being savvy will.

Robert Siciliano is an identity theft expert to discussing identity theft prevention. For Robert’s FREE ebook, text SECURE Your@emailaddress to 411247. Disclosures.

Will Obamacare Lead to Identity Theft?

The fear mongers and Obamacare haters make a scary point and want you to know that as soon as the Patient Protection and Affordable Care Act goes live, your identity will be at risk and, more than likely, stolen. Forbes reports in regard to what’s called the Obamacare-mandated “data hub” in which personal records are exchanged among seven different agencies—the Internal Revenue Service, the Social Security Administration, the Department of Homeland Security, the Veterans Health Administration, the Department of Defense, the Office of Personnel Management and the Peace Corps.”

Obamacare is required to protect our data under the National Institute of Standards and Technology guidelines. However, naysayers believe the administration will open the system without proper security certification because Obama will offer a waiver.

It is scary enough that seven different agencies will have the data on file—and scarier still that the possibility of a waiver being granted is very possible due to the enormity of the project.

Right now, pre-Obamacare, your personal identifying information is being shared or stored amongst dozens or potentially hundreds of organizations that you have interacted with since birth. So what’s the big deal with another seven? Unfortunately, it’s another touch-point where your information can be viewed, hacked and stolen.

My suggestion: Don’t worry about it. Seriously, don’t worry about it. However, you must DO something about it and I have two suggestions:

  1. Get a credit freeze. Search “credit freeze” and the name of all three credit bureaus separately. Freeze your credit. But that’s not enough.
  2. Get identity theft protection. I have a credit freeze and identity theft protection. With these multiple layers of protection, my data is next to useless to a thief.

Robert Siciliano is an identity theft expert to discussing identity theft prevention. For Robert’s FREE ebook, text SECURE Your@emailaddress to 411247. Disclosures.

10 Ways to Protect Your Twitter Account From Getting Hacked

Recent news of Twitter accounts being hacked has slowed a bit, partly due to Twitter implementing two-factor authentication. When you sign in to, there’s an option in “Settings” under “Account security” for a second check to require a verification code to make sure it’s really you. You’ll be asked to register a verified phone number and a confirmed email address. To get started, follow these steps:

  • Visit your account settings page.
  • Select “Require a verification code when I sign in.”
  • Click on the link to “add a phone” and follow the prompts.
  • After you enroll in login verification, you’ll be asked to enter a six-digit code that Twitter will send to your phone via SMS each time you sign in to

In cases where more than one person accesses the same Twitter account, Twitter’s two-factor authentication is less effective. Create an open dialog with fellow account holders and share second-factor authenticating identifiers via text.

Some more tips:

  1. Limit the number of people that have access to your account.
  2. Use a strong password.
  3. Use Twitters login verification.
  4. Watch out for suspicious links, and always make sure you’re actually on before you enter your login information.
  5. Never give your username and password out to untrusted third parties, especially those promising to get you followers or make you money.
  6. Make sure your computer and operating system is up to date with the most recent patches, upgrades and anti-virus software.
  7. Beware of phishing. Phishing is when someone tries to trick you into giving up your Twitter or email username and password, usually so they can send out spam to all your followers from your account. Often, they’ll try to trick you with a link that goes to a fake login page.
  8. Beware of typosquatting or cybersquatting. Typosquatting, which is also known as URL hijacking, is a form of cybersquatting that targets internet users who accidentally type a website address into their web browser incorrectly. When users make a typographical error while entering the website address, they may be led to an alternative website owned by a cybersquatter.
  9. Beware of short urls. Before you click on shortened URLs, find out where they lead by pasting them into a URL lengthening service, such as URL Expanders for Internet Explorer and URL Expanders for Firefox.

10. Use aVPN (Virtual Private Network). Protect your private information and sensitive data from snoopers and hackers while surfing the web at WiFi hotspots, hotels, airports and corporate offices with Hotspot Shield VPN’s WiFi security feature.


Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning AmericaDisclosures.

Getting Cybersmart and Staying Dutifully Employed

Knowing what I know today, if a 15-year-old asked me what she should be when she grows up, I’d say cybersecurity professional. The unfortunate fact is that bad guys are everywhere—and if you are in the security industry, bad guys are good for business.

There are many ways and resources for people, especially young adults, to become cybersmart. It’s more than a trend; it’s an up-and-coming career area. USA Today reports, “For younger people, there are a growing number of cybereducational opportunities, starting even before the college level, which can make them particularly effective at thwarting cyberattacks and may spark their desire to pursue cybersecurity careers.”

Resources to become a cybersecurity professional.

CyberPatriot: This is the premier national high school cyberdefense competition. It was created by the Air Force Association to inspire high school students toward careers in cybersecurity or other science, technology, engineering and mathematics (STEM) disciplines critical to our nation’s future.

Maryland Cybersecurity Center (MC2): By targeting students as early as middle and high school, MC2 is stimulating early interest in the field of cybersecurity, providing students with the knowledge and preparation they need to be successful in their future post-secondary studies and eventual careers.

Center for Cybersecurity Education at the University of Dallas: This educational program has been designated by the National Security Agency (NSA) and Department of Homeland Security (DHS) as a National Center of Academic Excellence in Information Assurance.

Champlain College: This Vermont college provides a foundation for understanding how computers and networks communicate securely. It also builds on that foundation with courses designed to help students understand the nature and impact of cyberthreats, as well as how to prevent them.

Bellevue University Center for Cybersecurity: This Nebraska college’s center brings together the best cybersecurity education programs with highly qualified faculty who possess the kind of real-world experiences.

So do you have what it takes to be a chief security officer (CSO)? I believe CSOs are the future of technology, because without them, bad guys will take over technology and we will devolve into chaos.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures