10 Tips to Better Password Security

Now that Apple has rolled out its new “Touch ID” fingerprint biometric technology, none of us ever has to enter a password ever again….NOT. While biometrics is certainly an option for authentication and a fingerprint is the most likely method of password deployment, it will be a long time until (if ever) a fingerprint is the sole way in which we are identified. I do, however, believe fingerprinting is a good thing, and with science and technology working together, someday we might perfect biometrics—and it will not be considered an invasion of one’s privacy, either.

In the meantime, here’s how to improve your password security:

Use different passwords. At least use different passwords for each of your accounts. Using the same ones gets you in trouble with others when one account is hacked.

Cover the keyboard. Use your other hand to cover the keys as you type and be sure no one watches when you.

Log off. Log off when you leave your device, even if it’s just for a minute. Open accounts allow password resets.

Antivirus that thing. No matter your device’s age, use security software and keep it up to date to avoid malware.

Only use your devices. Never enter passwords on computers such as at internet cafés or library PCs, which may have malware.

Use a VPN. When entering passwords on unsecured WiFi connections at an airport or coffee shop, hackers can intercept your data. But with a virtual private network, you eliminate that risk.

Don’t share passwords. Your buddy/mate may not be your buddy/mate forever.  People change. And they become vindictive sometimes.

Change your passwords regularly. Change your passwords semi-annually and avoid reusing passwords.

Beef up your passwords. Use at least eight lowercase and uppercase letters, numbers, characters or symbols in your password.

Use a password manager. Google “password manager” and get one. It can create and store passwords on all your devices and browsers.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

What is Synthetic Identity Theft?

Identity theft is first and foremost a problem because we rely on numerical identifiers that attach humans to credit and a variety of services. Once a criminal gets hold of those identifiers, he can simply be you. But when that thief takes on those numerical identifiers and attaches another name or date of birth, he confuses the already broken system further and creates what is called synthetic identity theft.

Synthetic identity theft happens when a person’s identity is partially or entirely fabricated in some way. What defines it as synthetic is when a criminal uses a real Social Security number with another person’s (or fake person, i.e. synthetic) and combines it with a name and date of birth that’s not associated with the number via the credit bureaus or anywhere else. This is a hard type of fraud to discover because the fraud rarely appears on the victim’s credit report or on the perpetrator’s credit report because it’s a fake person. With synthetic identity theft, the criminal often succeeds in creating a new credit file—or, in some cases, a subfile—that may end up on the victim’s credit.

Synthetic identity theft is a problem for victims, of course, but creditors take an even bigger hit. Creditors that grant credit based on fake records and fake people have little recourse. But it also complicates things for individual victims if their names become associated with synthetic identities, like when credit scores are negatively affected because of information in a fraud-based subfile.

Identity theft protection might pick up your SSN with a different name when it’s used for credit. But if it doesn’t catch it, then the restoration component may also help to clean up the mess.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Home Invasion Ends in Gun Battle

So a recent Bay Area home invasion ended in a gun battle. You know why? Because it’s a home invasion. That’s often what happens when a person’s home is invaded. If the homeowner has a gun and can get to it, he pulls it out and starts shooting. But chances are the home invader has a gun too. Next thing you know, it’s like the O.K. Corral and bullets are flying all over the place. Not cool.

NBC reports: “Three suspects had entered the home and confronted a total of four people inside at the time. According to police, a gun battle broke out between the suspects and a 24-year-old man. When they arrived at the home, police said they found the 24-year-old with a gunshot wound. His wound is not considered life threatening. Police found guns, bullet holes and blood at the scene. They believe two of the suspects were shot during the exchange of gunfire. Some shots were fired outside of the home.”

This is what happens in small towns and big cities everywhere. Home invasions aren’t isolated incidents that occur out of the blue; they are planned by bad people who have bad intentions, and they are violent and often end in death. Some home invasions happen when the victim is known to the perpetrators, while others are complete strangers.

The best way to protect yourself from a home invasion is to layer your home with multiple layers of security, including:

  • A monitored home security system that is on when you’re home, gone and sleeping.
  • Motion-activated security cameras connected to a DVR recording 24/7/365.
  • Reinforced steel solid-core doors.
  • Door reinforcement technologies that beef up the frame, hinges, locks and jamb.
  • Strong locks that can’t be easily picked or broken off.
  • Shatterproof window film that prevents glass breaks.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

What is Encryption?

Encryption is the science of encoding and decoding secret messages.  It began as cryptography—the ancient Greeks used it to protect sensitive information that might fall into the hands of their enemies. More recently, governments have used encryption for military purposes, but these days the term if often used in reference to online security.

Encryption is important because it allows technology providers such as website owners to convert sensitive information, such as your credit card number, passwords and other financial details, into a code that cannot be read by cybercriminals or other unauthorized third parties. As an Internet user you should be aware of when encryption is being used, and when it is not, since it can help protect your personal information when doing sensitive transactions.

So, when you’re doing online banking or online shopping, or registering with a site that requires your personal information, look to see that the website address begins with “https:” instead of just “http:” since this indicates that this site is using encryption. You can also look for the lock symbol, since this is another indication that the site offers improved security.

In addition to online shopping and banking destinations, other sites have started offering the option of switching to a secure “https:” page.  Facebook, Twitter, and LinkedIn, for example, now offer encryption since their users are sharing so much of their personal information. Keep in mind, however, that not all websites need this kind of security. Don’t be alarmed if you are on a news site, for example, that doesn’t offer encryption since you generally read content on these sites but do not send or share personal details.

Knowing about encryption and how it can protect you is important, so remember to follow these tips to protect yourself online:

Look for “https:” and the lock symbol when making sensitive transactions online

Always be careful about how much personal information you share online

If you use social networking sites, check your privacy settings to make sure that your information stays private

Use comprehensive security that protects your identity, data and all your devices, like McAfee LiveSafe™ service

Encryption may sound complicated but it is just a high-tech way of creating a code to protect your information, just as the Greeks did long ago. Now that you know what encryption is, be on the lookout for secure sites that can increase your Internet security.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Medical Identity Theft: Ins and Outs

Medical identity theft is the deadliest form of identity theft—and I say this without hyperbole or exaggeration. When financial gain is the general motivation for stealing medical information, insurance cards, records, etc., the crime is a form of account takeover fraud. Medical identity theft—the real kind—occurs when the thief’s motivation is obtaining medical procedures or healthcare.

Insurance cards allow access to a hospital or doctor’s office. When requests for additional forms of identity are requested, the thief produces fake IDs. Often, the thief conspires with an employee at the facility who “sweethearts” the transaction so the thief can get medical services.

Insurance cards are just paper or plastic and can easily be counterfeited. Many are often lost or stolen, and simply possessing an insurance card allows a thief access. Hospitals rely on the honor system, believing patients are who they say they are—but people lie. And while most of the administrators are doing their jobs ethically, some lie too.

When a thief steals a medical ID to procure medical care, the thief’s medical condition and diagnosis are added to the victim’s medical record. Ouch. This may end up as a misdiagnosis, and the introduction of data that might conflict with the victim’s medical history or conditions. Such would-be contraindications as allergies, drugs the victim may be allergic to, and other health issues may not be considered. Finally, getting misinformation or fraud removed from a victim’s medical record can be extremely difficult and sometimes impossible.

To protect yourself from medical identity theft:

  • Install a locking mailbox. This helps prevent mail from being stolen.
  • Never carry insurance or medical cards on your person unless you have an actual appointment.
  • Protect medical information documents in locking file cabinets or encrypted files. Shred all throwaway documents.
  • Get identity theft protection. When a thief can’t steal your financial ID, your medical ID will be less attractive.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

11 Types of Grey Charges

Grey charges: “Deceptive and unwanted credit and debit card charges that occur as a result of misleading sales and billing practices.” Technically, grey charges aren’t considered fraud because the legalese spells it all out, and trusting consumers sign on the dotted line. Merchants know levying grey charges is legal, but they also know it’s unethical, and they don’t seem to care.

Free-to-Paid. Consumer receives goods free for a trial period. After the trial period, the seller automatically charges a fee unless the consumer affirmatively cancels or returns the goods or services within the obscure return period.

Phantom. Consumer completes a primary transaction and receives an additional product from the seller or a third party that is distinct from the party offering the initial product.

Service and Luxury Fees. Charges paid to acquire luxury items and for the privilege of having a bank account, special card, processing a special request, etc.

Zombie. A subscription or membership that doesn’t end even after it has been canceled.

Unintended Subscription. Consumer completes a one-time transaction that turns into an unwanted and ongoing subscription.

Misleading Advertising. Occurs when a consumer is presented with an advertisement containing false promises, unsubstantiated claims, incomplete descriptions, false testimonials or comparisons, partial disclosures, visual distortion of the product being purchased, or qualifications presented in small-print.

Membership. Consumer joins a discount club. In exchange, the consumer agrees to receive merchandise periodically unless the club is notified not to send it. If the consumer takes no action on time, the seller charges the consumer and sends the goods.

Unwanted Auto-renewal. Consumer enters into an annual agreement to purchase goods or services. If the consumer does not cancel the arrangement prior to the cancellation deadline, the seller automatically renews the subscription for another term and bills the consumer the requisite fee without formal notice.

Unintended Purchase. Misleading information during a sign-up process leads to an unintended purchase.

Hidden Fee. Extra charges that were either non-disclosed or deceptively disclosed that were added to the price originally agreed to by the consumer.

Other. Includes charges that the consumer finds deceptive. However, they aren’t considered fraudulent and don’t clearly fall into one of the other categories.

Don’t get taken! Here’s how to outwit the grey chargers:

  • Scrutinize your statements carefully,
  • Demand refunds when grey charges occur,
  • Threaten a “chargeback”, which is a transaction in which a bank pulls money back out of a merchant’s account, and

Robert Siciliano is a personal security expert & and is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

5 Myths and Misconceptions About Home Security

Security is one of those topics we’d rather not discuss because it requires us to acknowledge the fact that we are vulnerable to miscreants bent on doing harm. Sorry, but this is Real Life 101 here—which, unfortunately, means most people don’t do anything about their security proactively; hence, so many people are victimized and end up in complete disbelief about how that could possibly have happened.

Here are 5 things I hear as to reasons why people don’t think they need security:

The “can’t happen to me” syndrome seems to be an American thing. I find in my travels that Americans, more than any other culture, simply don’t believe they can be a victim of a crime such as a burglary or home invasion. But believe me, it happens often—every day, as a matter of fact. The FBI says a home is burgled every 15 seconds. Seriously.

“I live in a safe neighborhood.” Your neighborhood is safe…until one of your neighbor’s kids decides to start doing meth or a sex offender decides to move in because he thinks he’ll go undetected. Safe neighborhoods are a myth.

If they want to get in, they will get in.” There’s some truth there, but it’s misguided. Sure, burglars can ram a truck through your front door, but the attention they get will prevent them from going too far. Having multiple layers of security, alarms, monitoring, etc. decreases the chances of your home being chosen and increases the bad guy’s chances of being caught.

“I have nothing of value, so know one will break into my home.” You might not have much, but the act of breaking into a family’s home at 3:00 a.m. and pulling them out of bed and torturing them for fun is appealing to many. A break-in isn’t always for profit.

“I don’t want to live paranoid, so no alarm for me.” Did you really just say that? Are you an idiot? Do you really think having a security system meant to prevent a predator from assaulting your babies while they sleep makes you mentally ill? Paranoia is what you get after the assault; it’s an effect of post-traumatic stress. It makes you question the safety, security, stability, structure and protection of everything around you all day.

Stop the nonsense. Get an alarm system.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

How the Average Consumer Can Keep Their Smartphone Secure and Private, a Conversation with Identity Theft Expert, Robert Siciliano

By David Geer (bio: http://www.linkedin.com/in/daviddgeer)

“A mobile phone is lost every 3.5 seconds. More than half of those devices are smartphones. 40% are not password protected.” – Identity Theft Expert, Robert Siciliano

Smartphones outnumber PCs. Though the devices are more personal than “personal” computers, they can certainly be less secure. Malware (mal = bad, ware = software) such as viruses, apps that are not secure or that funnel out private information, and the loss or theft of unprotected devices are all threats that lay in wait for unprepared users.

I spoke with Identity Theft Expert, Robert Siciliano for a Q&A about consumers’ top smartphone security and privacy concerns. Genuinely concerned and personally involved, Robert details how the average consumer can keep their smartphone safe.

David Geer: What are the average consumer’s smartphone security concerns?

Robert Siciliano: We are hearing a lot about malware. We are hearing a lot about privacy issues with the apps people download. There are apps that violate user privacy by communicating information the user may not want to communicate (without their knowledge). Though the vendors often state in the TOS (Terms of Service) what these apps will do, some apps share personal information despite what their TOS say. There are also issues with lost or stolen phones, especially when the user has not password protected their device.

There are thousands of examples of malware targeting mobile devices. But while consumers are more concerned about that, the loss or theft of their phone is a larger issue. A mobile phone is lost every 3.5 seconds and more than half of those devices are smart phones. Forty percent of phones are not password protected. An overwhelming number of phones are lost with no password protection.

Then there are the issues we have seen with people stealing people’s phones. I think the biggest concern should be password protecting your phone as opposed to worrying about malware. That is not to say you should not be concerned with malware.

DG: What are some real-world cases of smartphone threats occurring?

RS: A woman contacted me saying, “Robert, I was at a concert last night and I lost my phone.” When she got home, she logged on to her Facebook page and someone had posted all of her naked photos from her phone to her Facebook page.

There are two issues here. One is the fact that her phone was not password protected. The other is that she and many, many starlets are taking nude photos and storing them on their phones. That is a big detail. I have read a half dozen stories in the past year about young, successful actresses that had nudes on their devices and these have ended up on the web because the device was hacked or stolen. These starlets are giving other women the green light to go ahead and do the same thing. We have an entire culture that is engaged in this behavior and not doing much if anything to protect their data.

Our digital devices store our most private information: usernames, passwords and access to private accounts including banking and social accounts. Exposing all the intimate details of our lives because of a lost, stolen or hacked phone is serious business.

McAfee studied password sharing with ex-spouses. A significant number of people surveyed said that they have or would expose their former significant other’s most private photos and videos in the event of a bad breakup. They had access to the passwords and had the same data on their own devices because they took it from their significant other’s phone.

G: Most smartphone users have no interest in becoming technical gurus. What are some things any consumer can do to protect their devices and themselves from these concerns?

RS: It boils down to common sense in recognizing the risks. It is common sense to password protect your device. Beyond that, users should have lock, locate and wipe software whether the vendor built it into the phone or users download it. (This enables the user to lock the phone against access, find the phone or completely wipe all sensitive data from the phone remotely). Then the user should have anti-virus software on the phone.

Do not root or jailbreak your phone. This breaks down the defenses the OS software developer put in place. There is only one store where you can download safe, secure apps for the iOS (Apple) and one where you can download them for Android. When you jailbreak the phone to gain access to the hundreds of other stores and their downloads, neither Apple nor Google have tested these apps.

Jailbreaking is what gets the user and their employer who offers bring-your-own-device options into trouble.

DG: Are there any smartphone settings that can help without frustrating the consumer technically?

RS: Yeah. Turning off Bluetooth, especially when not in use will help. Turning off your location-based services will, too. You have options on what to do in the event that someone does try to access the password. So, for example, if they try to enter the password more than 10 times, then the device will wipe. That is something that you can turn on or off.

DG: Are there any free or modestly priced software solutions that can help without frustrating the consumer technically?

RS: I am a McAfee spokesperson, so I always recommend McAfee’s line of mobile security products. Some are free; some require a small fee. All are very user friendly. Other than that, there is whatever software is already on the device.

DG: If all this is still too much, where can a consumer go for help?

RS: You have heard the term, “Google is your friend”. There generally is not an issue where someone did not ask a question and someone else did not answer with respect to technology. Do a search and find a variety of forums where people have asked the same question you have and someone has answered it. It is a matter of knowing how to ask the right question. Beyond that, your device’s manufacturer or service provider is good places to start.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

Keeping Tabs on Your Kids From the Office

Look, I hear this all the time: “I want to respect my children’s privacy, but I also want to keep tabs on them.” OK, I get it. Kids need their privacy. But at what age does that start? In my mind, they can have their privacy at 18 years of age—because up until that time, a parent is 100 percent legally responsible for what those kids say and do. So if you condition your children early on that there is no privacy until 18, then to a degree it is at least understood that their life is an open book to Mom and Dad. Plus—let face it—as teens, we didn’t always make the right choices. Today, those choices can be made very public with social media. So for many reasons, you want to keep tabs on your kids.

You might be at work eight to 10 hours a day and when the kids get home, it’d be nice to know they are safe…and not having a keg party. There are many technology offerings to keep you in tune, from mobile apps to home security cameras. The key is to balance functionality with cost and keep basic privacy in mind.

Security cameras: Want to see the kids getting home? How liberating would it be to discreetly glance down at your smartphone during a meeting and see exactly what’s going on in your living room? You can—Nexia™ Home Intelligence has teamed with Schlage Home Indoor Cameras to create convenient scenarios like this, and more. Today’s wireless home security cameras are easy to install, connect to the internet, and can be viewed on a PC/Mac browser, smartphone app or tablet. Cameras are so cost effective and provide such peace of mind, I have 16 of them.

Mobile phone spy software: There’s no mistaking what Stealth Genie does. The company says it has the most powerful cell phone spy and tracking software anywhere that lets you monitor ALL the activities of any jailbroken iPhone, BlackBerry or Android phone. It starts uploading the monitored phone’s usage information and exact location instantly, which then can be viewed by logging in to your StealthGenie user area from any computer in the world within minutes.

Life360 app: This is pretty cool. You may want to wring their necks sometimes, but you’d do anything to keep your family safe. Everything Life360 does is designed to help you manage the chaos that is daily family life. From seeing where everyone is on a map to letting them know you’ll be five minutes late, Life360 is designed to make things a lot easier and help you keep tabs.

Canary: This is a mobile phone safe driving application that keeps you in tune with your kids’ driving speeds and talking/text habits to end distracted driving. This is a no-brainer that keeps you abreast of potentially dangerous activity when they are on the roads.

Know your kids’ passwords: You bought the phone and the computer, you pay the phone bill and you own the devices. Your kid basically uses your electronics. All the passwords for the phone and its apps have to be provided to you as a condition of its use. Simple as that.

Friend them: If your kids are on Facebook, then they need to friend you. Keep in mind they may have more than one profile, which is when spyware and having access to their (your) devices comes in handy.

Robert Siciliano home security expert to Schlage discussing home security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Why Home Security Matters

Your home is your castle, as they say. This means it’s supposed to be a place of safety, security and respite. But what happens when it’s burglarized and it’s no longer that safe haven? I’ll tell you: people move. And they are never the same after.

Let’s face it—people are crazy. Some studies have shown as much as 50 percent of all people are mentally ill in some way. That’s a lot of nuttiness going on. As a result, there’s drug abuse, kidnapping, assaults, rapes, robberies and just plain murder for fun. Crazy often means violent—and crazy combined with violent means no safety or security.

As a species, we require security. Note these words from Abraham Maslow about safety needs, published in his 1943 paper, “A Theory of Human Motivation”:

With their physical needs relatively satisfied, the individual’s safety needs take precedence and dominate behavior. In the absence of physical safety—due to war, natural disaster, family violencechildhood abuse, etc.—people may (re-) experience post-traumatic stress disorder or transgenerational trauma.

That’s serious stuff, but think of it like this: If your child experiences some form of trauma at school, like bullying, he or she will most likely not want to go back. And in some cases, the child even takes his or her life because of that trauma. And if your home is ransacked, you will be traumatized too.

But frankly, don’t worry about it. I don’t. But you should DO something about it. I have systems in place that work to keep my family and me safe. Home security isn’t something that you or I should take for granted, because when the “security” of your home is taken away, life becomes a struggle.

Peace of mind can come from locking your doors, having a home alarm, and putting additional systems in place that allow you to rest comfortably, knowing your home is being watched over.

Take control over your domain. Let’s face it—we all require a degree of control over our lives, and by investing in home security you are taking necessary steps in gaining that control.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.