10 Holiday home security checklist tips

/in , , /by

You can have peace of mind while away from home during the holidays by implementing the following home security tips.

  1. 1SHome vacation checks. Arrange with your local police department to periodically cruise by your house when you’re out of town.
  2. Alert your neighborhood watch group. Inform the group of your vacation plans so they can be extra alert to suspicious activity about your house. If there’s no formal watch group, ask a friend or neighbor to check up on your residence. This includes having them remove any packages on your doorstep or accumulated newspapers.
  3. Police inspection. Schedule a police officer to assess your residence for security ideas.
  4. Update the burglar alarm. Inform the alarm company you’ll be out of town; provide them a phone number where you can be contacted. Give the alarm company the phone number of anyone checking up on your residence. If the alarm is tripped, the company will be speaking to you or your friend, rather than the burglar in the house when he picks up the phone.
  5. Inspect motion detectors. Make sure that motion detectors cannot be set off by billowing curtains or pets.
  6. Secure all portals. Make sure all the locks work. Repair any cracks in doors or windows. Set the pin lock on your garage if it opens by remote. Sliding doors should have bars that prevent giggling them open.
  7. Conceal valuables. Keep valuable items out of sight from peepers outside the house. Don’t keep spare keys in places obvious to burglars such as under a flower pot or fake rock. Remove valuable items from sight in your car, if parked in the driveway, and put a lock on the steering wheel.
  8. Stop mail and newspaper delivery. Arrange with the post office and newspaper service to have your mail and newspaper on vacation hold.
  9. A lived-in look. Mow your lawn just before you leave for a long trip so that it looks recently cared for. Use automatic light timers for holiday lights if your house is decorated with these to fool burglars that you’re home.
  10. Discard any signs you have expensive items in the house. Examples might be empty computer containers or flat screen TV boxes lying around outside. Store bikes, toys, etc., in the garage.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

11 Ways to prevent your Email from getting hacked

/in /by

#1. Whenever possible, configure your Internet connection to always use HTTPS. This is the “https” that appears before the “www” in a Web address, and the https is preceded by a padlock icon.

3DFor Gmail, this works by clicking Settings in the top right; select the General tab, then hit Always use HTTPS, then save this setting. This option is not available for those who access email via Hotmail.

#2. Do not open unfamiliar emails. If you open one you think is from someone you know but realize it’s not, delete immediately. Do not click any links in the message or send the sender personal or banking information. Once you open that link, your computer could become infected by a phishing scam and your information stolen.

#3. Install anti-virus, anti-spyware and firewall on your computer and keep them updated. Automated updates are the ideal choice.

#4. Do not log into your accounts from an untrusted computer (e.g., at the coffee house, library), or one that you don’t maintain (e.g., friends’ and family’s). Even if you trust your friends and family, their computer could be infected from spyware.

#5. Make sure your passwords, plus security questions and answers are strong. Every six months, change your passwords. Never use the same password for different accounts. A strong password has upper and lower case letters plus numbers and punctuation, forming a non-English word.

For questions and answers, they don’t have to be true; false information cannot be researched or discovered on your Facebook page, such as the name of “your first pet” when you never had a pet: “Fuzzie-Glow” – who’s ever going to figure that out?

#6. Find out just how secure your passwords are. Some setups indicate strength with a rating of “weak” to “strong.” Always choose “strong.” If there’s no rating, go to How Secure Is My Password to see how fast your account can be hacked.

On the “How Secure” site, don’t type in your actual password if you’re skittish about doing that (even though the site is secure and will never release it anywhere), but type in something similar. So if your password is “catlover,” type in “horselover” and see what happens.

#7. Your password should not be on the list of the most popular passwords. Here is the full list. If yours is there, change it immediately, even if you must give up an easy-to-type sequence.

#8. Enable 2-step verification if you use Google for any activity. The 2-step adds additional security to a Google account. After entering your username and password, you’ll then enter in a code that Google sends out via voicemail or text when you sign in. This will make it harder for someone to guess a password.

#9. Use a password manager. This service eliminates the need to type in a password at log-in; log in with one click. A master password eliminates having to remember all your different passwords.

#10. You may think your password is unique because it’s a jumble of characters, but it may not be very strong simply because it’s not long enough. The longer that uniqueness, the more uncrackable the password will be.
#11 Use a virtual private network software to encrypt any wireless communications. A virtual private network (VPN) is a network set up to communicate privately over a public network. For example: You occasionally want to or need to work from home and your employer knows that if you do, the data that travels between your PC and an office PC needs to be protected.

Another example is when you use public WiFi, knowing your wireless data can be sniffed out by criminals. Using a VPN solves that problem.

Hotspot Shield VPN service is a great option that protects your entire web surfing session, securing your connection on both your home internet network and public internet networks (both wired and wireless). 

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Oversharing on Social Media Common Amongst 50+

/in , /by

Thanks to social media, societal norms have undergone a seismic shift in the past five years. What was once considered private or even taboo is not only fair game, it’s expected. But this can have serious consequences from the ending of friendships to exposure to physical harm.

I’ve talked about the concept of TMI or too much information and how social networking and mobile devices have made sharing so much easier and faster than ever before. But we all need to seriously think about some hard consequences of sharing too much personal information. Thinks about it…is that friend really a friend if you haven’t seen them in 25 years?

McAfee’s Fifty Plus Booms Online study found despite the fact that social networks have a reputation among the younger generation as a hub for drama among friends, this is also the case among other demographics—even in the 50-and-over age group. According to respondents, 16% of those who are active on social networks have had a negative experience, with almost 20% of those resulting in ending a friendship.

Further, the study finds that even though 88% consider themselves tech-savvy, they are still engaging in dangerous online behavior, such as sharing personal information with people they have never met in person. Even though 75% of them believe that social networks can expose them to risks such as fraud and identity theft, 52% have shared their email address, 27% their mobile phone number and 26% their home address. All things that open them up to possible exploitation and even physical harm.

They are also using their mobile devices to share information. Nearly one in four (24%) mobile users have used their device to send personal or intimate text messages, emails or photos to someone and yet over 30% do not have basic password protection on their mobile devices and almost half do not have any security software on their mobile devices.

financial-fraud

And because these boomers (and all of us) are spending more time online─with 97% of them going online daily and spending an average of 5 hours a day online─ we all must be aware of the concerns that exist with the increased use of mobile devices for everyday tasks and social networking and what information we may be sharing.

Here’s some tips to help us stay protected:

  • Remember the Internet is forever—Even if you have the highest privacy settings, it’s good practice to consider anything you do on the Internet as public knowledge, so be careful what you share online or via your mobile device.
  • Don’t reveal personal information—Seriously consider why it’s needed before you post your address, phone number, Social Security number, or other personal information online.
  • Put a PIN on it—Make sure you have your smartphone and tablet set to auto-lock after a certain time of unused and make sure it requires a PIN or passcode to unlock it. This is especially helpful to protect any information you do not want seen should your device be lost or stolen.
  • Manage your privacy settings—At most, only friends you know in real life should be able to see details of your profile.
  • Change your passwords frequently—In addition to choosing passwords that are difficult to guess (try to make them at least eight characters long and a combination of letters, numbers, and symbols), remember to regularly change your passwords.
  • Turn off the GPS (Global Positioning Service) function on your smartphone camera—If you are going to be sharing your images online, you don’t want people to know the exact location of where you are.
  • Use comprehensive security on all your device Enjoy a safe online experience no matter what you do or where you are. McAfee LiveSafe™ service protects all your PCs, Macs, smartphones and tablets and can help you secure your data and keep your identity private with its many different features, including a secure data vault, password manager, and protection from phishing scams and malware.

So…really, please, come on now, can we all just tone it down a notch? And one more thing: Please protect your devices—I mean ALL your devices.

Follow @McAfeeConsumer for live online safety updates and tips and use hashtag #BabyBoomers to join the discussion on Twitter or like McAfee on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

10 Christmas tree safety tips

/in /by

My friends at Schlage want you to have a safe holiday season. Did you know that Christmas trees can kill? Not by falling on you, but by burning down your house. Between 2006 and 2010, about 230 home fires per year were responded to by U.S. fire departments, killing an average of four people each year and injuring many more.

6HThough not common, Christmas tree fires usually cause serious and costly damage. Eighteen percent of these fires were caused by a heat source too close to the tree. Improper disposal of the tree is also implicated as a cause. Here are tips to prevent this very preventable type of residential fire.

  1. Choose fresh over cheap and dry. The fresher the tree, the less likely it will pose a fire hazard. Look for flexible needles that don’t break, and a trunk with sap.
  2. Keep the water coming. The tree stand should contain a continuous source of water and be sturdy enough to resist toppling by kids or pets.
  3. Don’t choke the cord. Attach only three maximum strings of lights to any one extension cord, then place cords along walls to prevent a tripping hazard. Never run them under rugs or carpets.
  4. Trees don’t need warmth. Keep the tree away from heat sources such as fireplaces, candles and even a TV.
  5. Not any lights will do. Use low energy, safe lighting that’s been certified by a safety testing lab. Don’t use damaged or frayed cords.
  6. Shut the lights.Never leave the lights on overnight. Same goes for any appliances not in use when you are home or away.
  7. Don’t keep a dry tree around. Dispose of it at this point properly. Don’t even keep it in the garage.
  8. Artificial tree safety awareness. Artificial trees should be flame resistant and have a seal for an approved safety testing laboratory if the tree contains a built-in lighting set.
  9. Death by artificial tree. If the tree is metal, never use electric lights, as they can charge the tree and lead to electrocution.
  10. Keep a fire extinguisher nearby. Make sure everyone knows its location and how to use it.

Robert Siciliano home security expert to Schlage discussing home security and identity theft on TBS Movie and a Makeover Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

8 Tips to prevent post Holiday Credit Card Fraud

/in /by

With your cards being used online, over the phone and in person it’s easy to lose track of purchases. The key is keep good records and be diligent about your security. Here are eight great tips that will go a super long way in preventing post holiday account takeover in the form of credit card fraud.

2C#1. To ensure your best chances of escaping fraudulent activity involving your credit card (which can occur even if the card isn’t stolen), follow these tips:

  • Go over every transaction online and account for it. Inquire about unfamiliar purchases with family members who are permitted to use your card.
  • Immediately phone the card issuer if you spot a suspicious transaction.

#2. Document order confirmations. Screenshot the final confirmation page of your purchase, and save the confirmation e-mail.

#3. Personal information protection. Before you buy online, review the website’s privacy policy regarding personal information requests and how this will be used. Consider it a red flag if you can’t find this information.

#4. Online purchase security. A secure website will have an icon of a padlock, followed by https:// before the website address in the URL. There are also many toolbars that offer a greet/red color code this is usually a feature in most browsers.

#5. Phishing scams. If any e-mails come your way requesting your personal or financial information, don’t click the malicious link inside; delete immediately. Some scam e-mails try to convince you there’s a problem with your order. Contact directly the site of purchase to verify whether or not there’s an issue with your order. Do not investigate this through the e-mail message.

#6. Beware of skimming. Carefully observe employees whom you hand your credit card to for purchases. A crooked employee may scan the card to obtain your number.

#7. Always take the credit card receipt, no matter how small the purchase.

#8. If you think your identity has been stolen in regards to new account fraud then you need to step it up.

  • If you suspect fraud, contact Equifax, Experian and TransUnion to issue a fraud alert on your credit reports.
  • Pull your credit reports from these three bureaus to check for any suspicious accounts in your name. Check your credit reports again in six months.
  • Pull your credit reports for inspection (it’s free) every 12 months as a smart measure.
  • Get a credit freeze
  • Invest in identity theft protection.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Technology that verifies MOOC test takers on the spot

/in /by

8DEver hear of MOOCs? The acronym stands for massive open online courses: the free online courses taught by professors at leading universities.

MOOC business model problems

  • Cheating: Professors can’t tell just how much students rely on Google for help during an exam. A proposed solution has been that students take exams at regional testing centers, but barriers to this include: access to these centers especially in multiple countries, cost and convenience – after all these are free courses.
  • Student identity: Who’s to say the person taking the test isn’t an imposter and not the person who will actually get the grade?
  • Completion rate: Even something as simple as having skin in the game can make students feel more engaged. Most MOOCs are free, so students don’t feel a financial bite if they drop a course or perform poorly.

Many prominent schools, such as MIT, are investing significant resources in MOOCs; however, the viability and success of MOOCs will be ultimately be determined by the legitimacy of the degrees received—and that goes back to the legitimacy of the identities of the people who study the courses and take the final exams.

Remote proctoring

Just like sitting in a classroom under the supervision of a teacher, students need to be monitored as they are sitting in front of their PC, phone or tablet to ensure that they in fact are the ones that took the test.

How does remote proctoring work?

One proctor can monitor via webcams a maximum of six students simultaneously, keeping on the alert for suspicious behaviors such as suddenly wandering eyes.

Human monitors can track students via screen sharing and webcams, even monitoring students’ typing styles to possibly identify test-taking imposters. Newer technologies can remotely track test takers’ mouse clicks and even keystrokes. What these proctors don’t do is verify the identity of the test taker, read on.

Why webcams and keystrokes fail

It’s possible for a test taker to be a different person than the one who enrolled. One technology to nab this problem matches photo IDs to webcam photos.

The obvious flaw here is that if the test-taking imposter resembles (either naturally or artificially) the enrollee, the scam may work. However, a software program analyzes typing rhythm or keystroke dynamics of the enrollee, which is then compared to typing done during a test—but one of the major problems that keystroke dynamics runs into is that a person’s typing varies substantially during a day and between different days. People may get tired, or angry, or have a beer, or switch computers, or move their keyboard tray to a new location, or use a virtual keyboard, or be pasting in information from another source (cut-and-paste), or working with a voice-to-text converter.

Additionally, many tests/exams use multiple choice questions so keystroke analysis is not useful. The student also needs to enroll their typing pattern initially, so this pattern can be compared to subsequent log ins, adding an extra layer of cost. Additionally, any biometric capture of typing rhythm must be independently tested by a third party lab to prove acceptable (NIST) levels of false positives/negatives. At least one study I know suggests that keystroke analysis did not achieve minimum levels of security making this technology un-acceptable as a true means of verifying identity.

Maybe combining photo matching with typing analysis seems like foolproof technology—but webcams are often grainy, not everyone has one, IDs can be forged and things like makeup, hair dye, hairstyles, glasses and facial hair can all obscure the truth.

Technology will continue to be refined, and as it does it will soon get ahead of the imposters; likewise, more educational institutions will implement this technology, which isn’t airtight yet. However with MOOC’s the need to verify student identity exists and may make a large difference in how well they evolve in the marketplace. We need technology that can snuff out cheaters and identity fraudsters, and will work toward verifying the legitimacy of test takers.

Biometric signature IDs (BioSig-ID) argument:

One of the MOOC’s business models is to have students pay for a “verification” certificate that will establish that the student did attend/take exams/complete gradable events or generally was present for other course content. Personal investment in the process seems to work: Research has found that students who pay to be identified and verified to have taken a course and passed are substantially more likely to finish the course.

However, the MOOC’s typical methods of student verification fall short and don’t sit well with security experts. Different methods of verification are needed in order for the business model to succeed. Employers, to consider whether a “verified ID” certificate has any meaning in the workplace need more confidence that the student was “there” and learned the material- not just they signed up for the course.  To be successful, students need to be “identity proofed” at inception and at various times before accessing gradable events like tests, quizzes, interactive chats etc…Throwing up a photo ID and using keystroke analysis with their obvious limitations described above are just not acceptable in todays’ security world.

Some Biometrics like BioSig-ID use gestures such as length, speed, direction angle, and height of each stroke to define one’s unique pattern and can positively identify users as they log in from any PC, mobile or tablet.

These patterns are unique, and BioSig-ID software can distinguish the user from all others. Only a user who has successfully authenticated himself or herself against a previously created enrollment profile can access the device, exam, bank account, health information or other digital asset. What’s more they have created a robust audit trail that captures and compares the IP addresses and other history of behaviors over time. This forensic tool has even been helpful in catching student cheaters.

BioSig-ID’s “Missing Link” creation is patented software-only biometric that complies with the new gold standard for identity verification required by the Reauthorization of the Higher Education Act. It’s the strongest form of identity verification on the market today.

And there’s a twist: No additional hardware is required. This software biometric measures the unique way a user moves his or her mouse, finger or stylus when logging in with a password (consisting of a few simple strokes) created with BioSig-ID.

The BioSig-ID technology already used in over 55 countries for student verification, must have something going for it as it was chosen for the White House based initiative -National Strategy for Trusted Identities in Cyberspace (NSTIC) to create a new solution to verify user identity over the Internet before they can access a digital asset. Check them out at www.biosig-id.com.

Robert Siciliano, personal security and identity theft expert and BioSid-ID advisory board member. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures.

Identifying Devices can stop Mortgage Fraud

/in /by

What is mortgage fraud? The act of intentionally facilitating the use of, or using, any misrepresentation, misstatement or omission in a deliberate manner, being aware of the same to contain such, during a mortgage lending process, with the aim that the mortgage lender, borrower or any other participant to the mortgage lending process relies upon it.

8DSometimes mortgage fraud involves identity theft. This means consumers must be leery of people who may purchase a house in their name. Today’s lending standards are much more lax than they were three decades ago, creating more opportunities for scams.

First time home buyers, low income buyers, naïve buyers and illegal immigrants are often targets of predatory lenders.

Be aware of lenders who:

  • Target poor neighborhoods
  • Offer financial incentives for providing employment records
  • Offer financial incentives to find purchasers
  • Practice double closings: The buyer signs several mortgages on the same home which quickly settle, thus preventing lenders from catching wind of the fraud.

“Demand for consumer financing in the U.S. is growing at more than 5 percent per year, challenging lenders to adapt to rapid customer acquisition and an ever-changing environment,” points out iovation Director of Business Development Steve Hanson. He adds: “Therefore it’s essential that lenders stay apprised of the latest industry developments and regulations so they can develop customized strategies that benefit their clients and business.”

A giant step in putting a plug in mortgage fraud is to identify the devices responsible for committing fraud.

With a combination of advanced device identification, real-time risk evaluation and shared device reputation, iovation provides protection from fraud to online businesses and their end users.

iovation’s device reputation databases is the largest in the world, protecting over 10 million transactions, halting an average of 200,000 fraudulent activities on a daily basis.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

10 common sense holiday home security tips

/in /by

It’s that time of year where burglars are casing out homes to rob, so at a minimum make sure you have strong quality door locks such as Schlage’s Touchscreen Deadbolt.   Sounds crazy but burglars have families too, and they’d rather steal than pay for gifts to give to them. Here’s how to protect your home.

5H#1. If you have an alarm system, make sure that its stickers or lawn signs are clearly visible to any potential unwelcome visitor.

#2. Make your house look occupied when you’re not there by using automatic timers for various lights, and leaving a TV on.

#3. It’s best to ignore solicitors at your door; they can be a crook wanting to case your home (interior and exterior) for a possible return later to burglarize.

#4.When purchasing items to be delivered to your house, arrange delivery to coincide with your presence. A big package left on a stoop is very enticing to thieves.

#5. Rethink making a pile of gifts under the Christmas tree visible to people outside; a burglar casing your house will be very tempted to break in.

#6.To conceal your ownership of new, high price items such as a large flat screen TV, break down the boxes these items came in so that they can be hidden inside your trash container.

#7. Instruct your kids never to reveal your travel plans with their friends, including online. In fact, refrain from sharing your travel plans yourself in cyberspace.

#8. Put your mail and newspaper delivery on vacation hold. Have a trusted friend watch out for your house however they can, such as parking their car in the driveway.

#9. Inform the local police you’ll be absent; give them the contact information for the friend who’ll be looking out for your house.

#10. Have a dog? Rather than kennel it, arrange to have someone come by often enough to pet sit, so that if a prowler comes by, the dog will be there to bark.

Robert Siciliano home security expert to Schlage discussing home security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Child Identities need more Legal Protection

/in /by

Identity theft can involve children. In fact, it’s a growing problem. The thief takes a child’s Social Security number and either uses their name or assigns it to a different name and always changes the date of birth. So 2 year old Sally is now 22 and has a Benz. The thief then uses this new identity for job applications, loans or government benefits.

1DThe unique disaster is that child identity theft could persist for years before the parents or victim when older figure it out. This delay makes it harder to restore the victim’s good name. Tens of thousands of children are victims of identity theft every year across the U.S.

In Florida, it’s estimated that 50,000 child identity theft cases occur every year. Florida Agriculture Commissioner Adam Putnam and state Sen. Nancy Detert have proposed legislation to help prevent victimization.

A bill (SB 242) will permit parents to freeze a child’s credit records until they’re old enough to use them: the Keeping IDs Safe (KIDS) Act.

A broad coalition of groups (e.g., bankers, law enforcement and children’s advocates) backs this legislation. This includes the Florida Police Chiefs Association, Children’s Home Society and school superintendents.

The KIDS Act may protect up to 10,000 Florida kids from identity theft every year.

How it works:

Parents of kids under 16 or who are guardians of disabled adults can request that a credit agency create the credit record; then freeze it until the child/adult can use it. A fee of up to $10 can be charged by the agencies.

Though adults have already been able to freeze their credit records, they need to realize that child identity theft is a real and growing problem, and that freezing their records is a very viable guard against this crime.

Meanwhile identity theft protection in many cases will help prevent child identity theft. However not all services offer this option. The good news is that child identity theft protection is generally less than $50.00 a year per child when the parent invests in a family plan.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Holidays increase Risk of Online Scams

/in /by

The holidays mean a surge in online purchases done with laptops, cell phones, tablets and desktops.

4DOne way to be scammed is via pop-ups (on legitimate sites, but that are not connected to the site) that ask for a survey. After you complete it, you’re offered what seems like a free product. You then unknowingly set yourself up to be enrolled in a program to purchase more products—after giving your credit card information.

It’s easy to get sidetracked by pop-ups, says iovation’s Jon Karl, VP of Corporate Development in Portland. But he asks: “Who is that business on the other end of the line; do you know them? Because there’s lots of opportunities to spend your money with somebody you don’t know.” iovation is one of the biggest online fraud protection companies in the world.

“You have to be really careful when you’re clicking on offers that are coming to you,” he adds. Shoppers should be skeptical and limit how much personal information they give out. “You really should only have to give them the data that’s necessary to get a product to you. So, your name, your address and the information for your credit card.”

Avoid doing business with any retailer that requests your Social Security number or even birthdate.

Another tip from Karl is to online shop only with a credit card (not debit card or electronic check), as this offers protection for purchases gone awry.

More Tips

  • Do business only with companies you’re familiar with.
  • If you’re not sure about a company, seek out some reviews.
  • Ignore pop-up advertisements.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247