Why mobile security is a must

/in /by

Smartphone use continues to increase. More than one third of Americans have dropped landlines and only use mobiles. It is very possible that within the next 10 years, the landline will be obsolete and we will all be wireless.

And when there’s a major transition in technology, the newness of it all creates a perfect storm for scammers to attack the new systems. Hackers are creating scams and viruses that are designed to spy on and collect our data the same way it’s done on a PC. (Keep in mind that what makes smartphones smart is the fact they are nothing less than small computers with the same power and reach as desktops or laptops. The only difference is they fit in your pocket.)

It is as essential to protect your mobile as it is to protect your PC. You need to make sure you protect yourself, as our mobile devices are our most personal of personal computers. Here are some things you should do to protect yourself:

  • Use a PIN code and set it to lock your device after one minute.
  • Download apps only from reputable app stores, and review the app permissions to make sure the app isn’t sharing more information than you’d prefer.
  • Don’t store sensitive information on your phone, like user names and passwords, and log out of apps that provide access to personal information.
  • If you use online banking and shopping sites, always log out and de-select any options to keep you logged in or your password saved.
  • Don’t access critical websites sites when using free WiFi connections unless you are using a virtual private network (VPN) application.
  • Review your mobile carrier accounts and app store accounts to check for any suspicious charges. If you do see charges you have not made, contact your service provider and credit card provider immediately.
  • Never respond to text, email or voicemail messages with personal information like credit card numbers or passwords.
  • Never click on a link in an email, text, social networking site or message from someone you do not know (or, in some cases, someone who poses as someone you know).

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Hackproof your facebook account

/in /by

With over one billion people connected to Facebook, we have to assume that many of them are criminals. (Criminals are people with friends too!) But the criminals we need to be concerned about are the ones who create all kinds of scams designed to do everything from getting us to open our wallets to clicking links so we enter our personal information that lets them infect our devices.

4DHere’s some insight as to what they may do to get access to you and your account:

Phishing: Emails coming into your inbox right now may in fact be coming from Facebook because by default, you allow that contact in your notifications settings. The problem is that at any time, scammers can duplicate these same emails and you may never know what’s real and what’s fake.

  • Never click links in Facebook emails. Instead, simply log in via your favorites menu or use a password manager. Anything you need to do is right there in your notifications menu.
  • Turn off email notifications. Do you really need 20 emails a day telling you that someone just liked or commented on what you posted? Seriously? Go feed the homeless if you have that much time on your hands.
  • Stay out of your spam folders. Most internet service providers and email providers to a pretty good job of filtering out spam and phishing emails. But if you go into spam and start clicking away, you’ll get yourself in trouble.

facebookInfected links: Criminals know how to get your attention to entice you to click links. They create copy that is supposed to elicit emotional responses that send you deep into their rabbit hole. This status update is a perfect example of someone who is now infected because the user probably clicked on this and is now sharing it with everyone else, just like a virus. Everything about this screams CLICK ME!

  • Don’t mindlessly click links simply because you need to know what they’re going to show you. Be conscious about scams and fraud, and know scammers are paying attention.
  • Keep your browsers up to date, as well as your antivirus, antispyware, antiphishing and a firewall.

Wireless hacks: Whenever using a free WiFi connection, there is always the possibility your device, its data and your accounts can be compromised. Free WiFi is not secure; it has no encryption, and your data is right there for criminals to sniff.

  • Set up encryption on your home or office router. At a minimum, use WPA or WPA2 encryption to secure your data.
  • Use a VPN (virtual private network) such as Hotspot Shield VPN that locks down and encrypts your wireless communications.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

5 Considerations Before Buying a Home Security System

/in , /by

There are numerous considerations to be made when investing in a home security system today. While the options for the type and scope of system have been narrowed down, it’s the nuances of price, service, contracts and if it’s a do-it-yourself (DIY) project, among other things, that can all make or break the long-term satisfaction rating you’ll have.
2H

  1. Costs: You get what you pay for. Bells and whistles add up to more fees up front and with monthly monitoring. Some alarms cost little up front and have larger monitoring fees. Others cost more up front and may be a DIY job, but with smaller monitoring fees. Do the math.
  2. Remote control: For a few bucks more, most systems are equipped with the ability to control them from your smartphone, tablet or PC. Straight up, it’s worth every penny.
  3. Invest in monitoring: An alarm system that triggers a breach always sets off a siren. And while noise is a good deterrent, it’s not nearly as effective as gun-wielding police being dispatched and showing up in your driveway. Spend the few extra bucks for the monitoring.
  4. Customer service: Alarms have many little parts that “brick.” Over time, they fail, parts break, things go wrong, and alarms need replacement parts or service. Check out the reviews of a company’s ability to service its customers before you sign on the dotted line. There’s nothing more frustrating than bad customer service.
  5. Installation: Are you a do-it-yourselfer? If so, you can often save lots of money in the long term. If you need hand holding and don’t know how two-sided tape works, then having an alarm company do the installation may be your best option. Keep in mind that with a DIY job, you do it on your own time. With an alarm company doing it, you will have as many as five service installers traipsing through your house for up to three days.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

12 biggest home security mistakes

/in /by

We all make mistakes; the key is to make them once or twice and learn from them. If you keep making them, bad things happen—and home security mistakes are not ones you want to repeat. Here are a dozen mistakes that you don’t want to make even the first time.

  1. Cheap locks. It’s easy to walk into the hardware store and see all the shiny locks and look at the prices and see considerable differences. With locks, like anything else, you get what you pay for. Schlage is my go-to, and I’ll never be cheap and make that mistake again.
  2. Unlocked doors. What’s the point of having locks if you aren’t going to lock them? Burglars walk up to doors all day, ring the bell, get no answer, jiggle the doorknob and walk right in. And people are surprised their home was chosen.
  3. Hide a key. Burglars know they are in or under the flowerpot, under the mat, in the mailbox, in that stupid fake-looking rock and in/under/behind whatever else is on your porch. Get Schlage’s Touchscreen Deadbolt; it is the best keyless lock out there.
  4. Ladders in yards. It’s a good thing I’m not a burglar, because I see ladders in yards every day. They boost a bad guy to the unlocked second-floor windows easily enough. Lock ’em up.
  5. Disabled alarms. You were smart enough to get the alarm, so be smart and activate it when you are home, sleeping and away—even for 10 minutes. Set it and forget it.
  6. Opened unlocked windows. Sure, you’re only going to the store and you’ll be right back…but the kid next door with his little crack problem knows your routine and as soon as you leave, your grandmother’s ring and your husband’s knife collection are his. Lock up.
  7. Unlocked garages. Just because the garage door is down and the side entrance is closed, doesn’t mean a burglar won’t just walk right in and through to a home that is attached. Lock up.
  8. Valuables in plain sight. Everyone in the neighborhood knows you just got a 70” LCD TV because it’s prominently displayed in your living room window. Put your shades down.
  9. Social media postings. When you let everyone know you are sipping a margarita in Cabo, you are also letting a burglar know you aren’t home. Be discreet.

10. Revealing trash boxes. That Dell computer box, the Sharp TV box and the Xbox box in your garbage tell bad guys to come into your home to do their shopping. Hide those boxes in a trash bag.

11. Dark house. When you are away and your mail and newspapers are piling up and your house looks abandoned, you make it easy for burglars to choose your house. Give it that lived-in look with timers, and have a trusted neighbor grab your stuff.

12. Dark yard. Burglars like to creep around in the dark. Put your lights on timers from dusk to dawn.

Robert Siciliano home security expert to Schlage discussinghome security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Socint: disseminating cybercrime through social intelligence

/in /by

People talk—A LOT. They can’t stop talking. Talking, getting something off your mind and out there feels good. Talking takes the pressure off one’s mind; our mouths are like relief valves for our heads. The problem has always been that people blurt out whatever is on their mind and say things that often get them in trouble. And yes, I’ve done it too.

But now people now post their thoughts online, which in many cases is even worse because it’s not one on one; it’s to the world. We’ve seen numerous kids, teachers, employees, officials, politicians, celebrities, and folks from just about every walk of life say or post something that has resulted in backlash and sometimes arrest.

The arrest part is very interesting. Law enforcement and government are paying close attention to social media and what is being said. A man in Toronto posts on Twitter he’s looking for a drug dealer, provides a location for where he is, and says, “I need a spliff”—slang for marijuana—and the Toronto police respond, “Awesome, can we come too?”

But it goes much deeper than that. NextGov.com reports, “Criminals, organized crime syndicates, gangs and terrorists also use social media. They post information and share photos and videos, and terrorist groups use the tools to recruit new members, disseminate propaganda and solicit funds.”

It seems the next stage to investigate and prevent crime is through social intelligence combined with social analytics, hence “Socint”. Continues NextGov.com: “Officials can use this type of social media-driven intelligence to gain insight, investigate, construct countermeasures and refocus resources.”

So what do YOU do? If you are doing anything illegal, stop…or just keep doing what you are doing and let’s just hope you get caught. For the rest of us who want a little more privacy or don’t want to get in trouble because we say stupid stuff, pay attention:

  • Know that everyone’s watching: What you say or post lasts forever, and it can and will bite you.
  • Lock down privacy settings: Each social site has its own privacy settings. They change often and they require your attention at least semiannually.
  • Update security settings: Criminals are creating viruses in record numbers for computers, mobiles and tablets. It is essential to updates your operating system’s critical security patches and antivirus, antispyware and antiphishing.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress –

Laptop theft leads to identity theft

/in /by

Ever lose a mobile device? Have one stolen? Know someone who has? Device loss and theft is a common issue when it comes to identity theft and results in data breaches. Some studies have shown as many as 2.5 million laptops are stolen annually, which equates to a laptop stolen every 12 seconds.

It used to be that laptops were stolen only because of their resale value. However, a laptop today can be purchased for under $500 and the resale value might be less than $100. Criminals know that depending on the data, a stolen laptop could be worth hundreds of thousands of dollars in the right hands.

For example: SecurityInfoWatch reports, “The health information of 729,000 patients was compromised when thieves stole two laptops from an administration building of a San Gabriel Valley-based hospital group, officials said. The thieves swiped the laptops from a video-monitored sixth-floor office on a medical campus that officials said is ‘gated and patrolled by security.’ The suspects broke into the office and stole two password-protected laptops, they said.

“According to the hospital group, the computers contained data, including patients’ names, Medicare/insurance identification numbers, diagnosis/procedure codes and insurance/patient payment records. Some of the files contained the Social Security numbers of Medicare patients, officials said.”

What officials didn’t say is that this kind of laptop theft can result in a data breach that is the equivalent of a crook hitting the jackpot.

Consumers are at a significant disadvantage in these situations. Due to no fault of their own, brazen thieves got access to their data, and there’s nothing they can do about it. More than likely, the hospital will be saddled with providing the victims with some form of credit monitoring that will cost the hospital millions.

Chances are good that at some point this year or in the future, your data will be on a laptop that is either lost or stolen—and you may never even hear about it. My suggestion is to always be proactive. Today, make an investment in identity theft protection and double up on your protection by getting a credit freeze.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

New app stores house or car keys online. Is it safe?

/in /by

Ever lock yourself out of your car or home? I’ve done each at least once this year; that’s about my average. After the last time I got stuck on the cold side of my front door, I decided to go with keyless locks for my home, specifically the Schlage Touchscreen deadbolt, and it has solved my problem. But then there’s still my vehicle to consider; while autos are now available with keyless door locks too, I haven’t graduated to that just yet.

Anyway, I was made aware in the comments of a post of an innovative startup called KeyMe, which is a smartphone app you use to take a photo/scan of the keys you want to have a virtual backup of. Once the backup is made, it’s stored online, and users can download instructions to provide to a locksmith who will be able to make a duplicate. KeyMe also offers kiosks, which are rolling out in certain cities as a test pilot. At the kiosk, you’d simply alert the kiosk via the app of the instructions to make you a new key. But one commenter was concerned of the safety and security of posting your keys online and then getting hacked.

So, is KeyMe safe?

Certainly, if your digital copies of home or auto keys ended up in the wrong hands, that would be an issue. Today, any site storing personal information has an obligation (and it’s in its best interest) to ensure a user’s security by encrypting the user’s data and adding multiple layers of protection in the form of hardware and software, as well as physical security at the server level.

So, at its face value, I’d say the data is safe. However, I’d recommend not posting any associated names or addresses with an account like this. Use an obscure username, and consider using an email not associated with your real name. And make sure your devices are password protected so if your device is lost or stolen, a criminal doesn’t have access to your house keys. Keep your devices’ antivirus up to date, and get a home security system because if all else fails, even keyed access will set off your alarm.

 And sign me up! I need this!

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

North carolinians scammed for millions dating online

/in /by

Linda was ripped off for $8,000 all because she believed Greg was whom he said he was. Linda, from North Carolina, was nabbed by an online crook who promised her love.

This year, 17 (possibly more) such victims have reported a dating scam that has cost them a combined $700,000, says the North Carolina Attorney General’s office. The typical victim is a woman in her early 60s. One victim sent her online Casanova nearly $1.3 million.

1F

How can people be so gullible?

Desperate for love, victims believe anything their love object tells them. Greg convinced Linda he was an Army lieutenant. After several weeks of texting, he told her he needed medical help for a gunshot injury. She sent him money. Greg asked for more money and Linda sent more. Eventually, Greg obtained her bank account information.

She continued sending him money for this and that, including a plane ticket home where he’d meet her for the first time. Of course, he never came “home.” And Linda is wiped out financially.

Lonely, older women are not the only victims.

Even lawyers, doctors and CEOs are getting scammed, sending out large amounts of money to these fake love interests.

Most of the scam artists come from Nigeria, says the state Attorney General’s office, and it’s a numbers game for them. Run enough numbers and eventually they’ll hit the bull’s eye. They steal photos of good-looking people off the Web to represent the fictitious love interest. The photo of “Greg” has even made a few other rounds.

Often, when the victim figures out what’s really going on, they are contacted by a private investigator or detective offering to find the scammer—for a fee—you guessed it; this, too, is part of the scam.

Solution

#1. Never under any circumstances send money to someone you meet online

#2. The moment they ask for money, it’s a scam

#3. Never share usernames, passwords or account information

#4. If you know someone who could fall for this, get involved now

Many dating sites have some security measures in place behind-the-scenes, to help educate and protect their members. Look on their site and often times you will find help videos of how to avoid being scammed and how to report suspicious behavior so that the dating site can take action. 

The more sophisticated sites also offer a defense-in-depth approach to keeping their site and members safe, by layering authentication, trust, and fraud detection tools to help with the early detection of bad actors.

Device reputation is one technology used by many dating sites that allows them to share fraud and abuse reports across businesses and geographies. Dating sites access Portland-based iovation Inc.’s device reputation service, ReputationManager 360, so that they can stop scammers before they get in the front door. iovation’s fraud prevention service contains over 7.6 million reports of dating scams, solicitations, phishing, account takeover attempts, identity theft, spam and other forms abuse. The service has stopped over 22 million online fraudulent or abusive attempts within online communities alone.

Stopping scams and abusive behavior upfront greatly helps online dating sites not only protect their brand reputation, but most importantly protect their active members.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

Standard door frames make burglary easy

/in /by

Stop what you are doing. Walk over to your front or back door. Open it. Look down at the doorjamb where the holes are—you know, where your doorknob and deadbolt locks (hopefully they are Schlage) go into the frame. Those 3/4-inch-ish holes are surrounded by what’s called a strike plate. The strike plate has two screws in it, and if you were to remove them they’d probably be smaller than 3/4-inch ones.

DoorFramesNow look back at the jamb. See the wood surrounding it? Look at the molding on the open side of the door. It’s also about 3/4 inch or so thick, right?

OK, now you see that a 3/4-inch hunk of thin pine and molding is all that separates a burglar from entering your home. Bad guys know that probably 95 percent of all front or back doors have this flimsy jamb with a strike plate separating them from entering your home.

And see this picture? This is my buddy’s shop last week. This is a steel solid-core door that has that flimsy jamb with a strike plate, BUT the jamb has 2.5-inch screws and an additional 1/4-inch steel plate behind it.

The damage is from burglars. This door was rammed with a 40 lb. oxygen cylinder over and over again…until the crooks gave up.

Most residential doors won’t take this kind of a beating. However, when installing a lock or retrofitting a lock to be more secure, it is advisable, at a minimum, to install 2.5-inch screws as replacements for the 3/4-inch screws that go into the strike plate (such as the screws that come packaged with the Schlage touchscreen deadbolt), and consider door reinforcement plates that beef up your door’s jamb or are mounted on the floor. Both are solid options, and I’d recommend both as multiple layers of security in addition to strong locks. In a future post, I’ll dissect door reinforcement technologies.

Robert Siciliano home security expert to Schlage discussinghome security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Mobile, wearable and now…implantable technology?

/in /by

It began with the laptop.

7DThe laptop was the first portable internet-connected device that freed up millions to create a mobile workforce. Next was the smartphone, which didn’t really take off until Apple opened it up to developers and allowed the creation of applications that made the smartphone what it is today. Apple did it again with the tablet, and now Android tablets and smartphones have an even bigger stake in the game than ever before.

Today we have wearable technology in the limited release of Google Glass, which is a wearable computer with an optical, head-mounted display in a smartphone-like, hands-free format that can interact with the internet via natural language voice commands.

Now we have smartwatches. Samsung has a smartwatch, and Google, Apple and Microsoft are buying up companies that have patented smartwatch technology or are hiring engineers to create it. Smartwatch technologies are supposed to work in tandem with mobile phones and computers to become the third leg of the “smart” ecosystem.

And with wearable fitness gadgets that sense heartbeat, pulse, the number of steps you take, and the quality and duration of your sleep, it’s just a matter of time before technology gets in your head…literally.

CNET reports, “Google has a plan. Eventually it wants to get into your brain. ‘When you think about something and don’t really know much about it, you will automatically get information,’ Google CEO Larry Page said in Steven Levy’s book, In the Plex: How Google Thinks, Works and Shapes Our Lives. ‘Eventually you’ll have an implant, where if you think about a fact, it will just tell you the answer.’”

WOW. We have had pacemakers for a while now, and there are chip implants similar to those in pets but now used to authenticate humans. But “Google brain”?

What do you think? Will you wear Glass? Do you have to have a smartwatch? Would you like to be able to think of something and have an implantable computer in your head to provide some additional resources to complete your thoughts? Technology is now “on” our bodies, and it’s looking more and more like technology is creeping “into” our bodies! Let’s hope our heads don’t get hacked!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.