Dumb and Dead Criminals making news

/in /by

Crime doesn’t pay—especially when you can’t read. A man in Chicago spent seven minutes disabling a lock on a local bars door, then kept trying to pull the door open even though a sticker on it said “PUSH.” Now that’s a dumb criminal, because even if he couldn’t read or didn’t notice the sticker, you’d think he’d try pushing at some point, no?

1GThe dumb crook was concealed by a temporary cover that was in front of the bar for cold weather. Even people jogging by didn’t notice the brilliant work in progress.

But video surveillance picked everything up. He even got as far as removing the door stopper. Unfortunately, something stopped his brain from working at that point and he didn’t think to push the door open. There was damage done to the door, and apparently, the would-be burglar is still at large.

Sometimes, the stupidity of criminals can be fatal, not just funny as in the case above. In San Francisco, a 16-year-old robbery suspect was killed accidentally by his accomplice’s ricocheting bullet. Now don’t get me wrong, there’s nothing about a 16 year old dying that makes me happy. But here we have two 16 year olds who would shoot someone to death for an iPhone. Somehow the world seems less violent for the moment.

The teen and other thugs had surrounded a victim at night, demanding his cellphone. One of the hoods pulled out a gun, while the others ransacked the victim’s belongings. Nevertheless, the kid with the gun fired a shot at him anyways. Incredibly, the bullet bounced off the victim’s face and struck one of the other muggers, killing him onsite.

The tough guys immediately fled, leaving behind the wounded mugging victim and dying thug.

Fortunately, the suspected shooter, also 16, has been arrested.

This story sounds like good karma, but it would have been sweeter had the deflected bullet struck the shooter, don’t you think?

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Skimming Big Business targeting Big Business

/in /by

Skimming means more than just cutting fat off steak; it’s also when a thief obtains data from that magnetic strip on the back of your credit card (or debit or ATM card).

2CThe thief records and copies this data with a counterfeit card reader onto a blank card’s strip, and then makes purchases or cash withdrawals with this fraudulent card—in the account holder’s name.

Skimming takes place at ATMs, taxis, gas stations, restaurants, retail stores—any place where an employee will swipe your card to make your purchase. A credit/debit/ATM card reader can be fitted with a skimmer by the thief. Or, the thief can skim your card using a handheld skimming device.

Next time you hand your card to a clerk, watch it very carefully. At one gas station, two attendants skimmed dozens of customers’ cards with a square-shaped device the size of a dime, then sold the stolen information.

There are several ways to skim this cat:

  • An employee skims a card, then sells the stolen data, usually online on illegal “carding sites.”
  • The skimming or scanning device can be tiny, hidden in the hand.
  • Other skimming devices are superimposed on an ATM’s “mouth” to collect information when customers insert their cards. Thieves can then transfer the data via Bluetooth.
  • Sometimes a scanning-overlay is placed on the keyboard to capture PINs.
  • A less sophisticated approach is to record via tiny camera the customer entering the PIN.
  • Thieves with only half a brain know to wear concealing attire when they collect these devices. They do it quickly since they know that banks can catch on quickly.
  • These devices are also placed inside gas station pumps.
  • Some of these crimes are perpetrated by organized groups, and the gas station ones usually come from Europe.

Make It harder for Thieves

Always use the same ATMs so that you might detect a subtle difference one day.

Use indoor ATMs.

Keep your eyes on your card after giving it to an employee, though this isn’t always possible when the employee disappears into an employee-only area.

Cover the PIN pad with your other hand when entering your PIN.

Finally, routinely check your credit card and bank statements for any unauthorized charges.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Connected Home Security is Smart

/in /by

How would you like to carry on a conversation with your home while you’re away? Get the latest scoop is on its safety and security? Schlage, America’s most trusted lock brand, wants you to get connected to your home.

1H With today’s home security technology, the internet and your smartphone, you can do just that. Don’t assume you have to hassle with a dozen apps to be able to check in on your home while away. Using portable devices, you can monitor your house with an all-in-one app.

The monthly fee for the all-in-one application can be free to upwards of $30 to $50 depending on the scope of a home security and automation system, but it’s well worth it. With a central app, you’ll be able to receive alerts regarding sounds, motions, smoke, carbon monoxide, power outages, break-ins, just about everything that pertains to the smooth operation of your home and property.

The Automated Home

In addition to monitoring your home for safety status, you can also use the app for controlling features like lighting (switching on and off, dimming), raising the thermostat, etc. All this will help you save on your utility bills.

Imagine: You’re in the middle of an event somewhere and you just realized you forgot to lock the front door. No problem; whip out your smartphone and do it right there in your seat.

And don’t forget about key codes that you can give to people who need to enter your house such as dog walkers or service technicians. The Touchscreen Deadbolt from Schlage offers the latest technology.

How much does all of this cost each year in the U.S.? More and more people are using this technology, so it’s not surprising that the combination of installations, the equipment and the recurring fees amount to up to $10 billion. However, over the next 10 years, expect this cost to double, because the projection is that 30 percent of homes will be set up with smart security.

Robert Siciliano home security expert to Schlage discussing home security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

7 Laptop Security tips for the Traveler

/in , /by

Here are nine ways you can add a lot of security to your laptop when traveling.
8D

  1. Bag it. Keep the laptop in a sturdy bag that’s specially designed for laptops. The sleeve should be well-padded and the bag TSA-compliant. The bag should be collapsible and expandable (depending on contents), and easy to wear near your body for extended periods.
  2. Don’t part with it. Pretend your laptop is a baby. In public, you wouldn’t leave your baby unattended while you went to the restroom or moved around in your location. Likewise, take your laptop with you wherever you go in public, even if it’s just one aisle over.
  3. Hang the “Do Not Disturb” sign. If you must leave your laptop in your hotel room when you’re out, put up the “Do Not Disturb” sign. The fewer people in your room, the less likely your laptop will be stolen. You can also put the laptop in the hotel’s safe, though that’s no guarantee of security, either.
  4. Use a cable lock. Though a persistent thief won’t be deterred by this in a setting where nobody will notice him, it can indeed keep him at bay if the laptop is in a busy public place. Find out if your company provides cable locks. Otherwise, you can purchase them online.
  5. Software leash. A stolen or misplaced laptop can be located with software. For best results in the event your laptop gets stolen or lost, register with one of these anti theft tracking services prior to your trip. MyLaptopGPS is good.
  6. Don’t be nice. Yes, don’t be nice enough to let a stranger use your laptop.
  7. Use a VPN. VPN stands for virtual private network, and it’s very effective at providing data security when you use a laptop in public (airport, coffee house, hotel) where the network is open season all season for hackers. You’ll be protected when you’re on any site. Ask if your company can give you a VPN when you travel. Use Hotspot Shield.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

The Definitive Guide to Facebook Security

/in /by

Facebook Security

Social media is permeating every facet of our lives. It is extremely important to understand security and privacy settings with so much personal information becoming so accessible. Here is the definitive guide to security on Facebook:

Step One

Logging In

Social Authentication: Facebook uses social authentication to verify your account. This system asks you to identify your friends based on pictures. This is information that makes it incredibly hard for a hacker to hack and gain access to your account. It also helps you access your account  more easily without having to remember, yet another, password.

ID Verification: Every new user must create a security question and answer for their account. For added security, users can add their mobile number to enable them to verify their identity through a text message.

One Time Passwords: You can opt to receive a one time password by sending a text to 22605

Tip: Did you know that Facebook employs 300 full-time staff solely focused on security and safety?

Login Approvals: If a user logs onto your account using a new or unrecognized device,  a required code will be sent to your mobile device. The user will then be prompted to verify the login on their next attempt.

Tip: Did you know that all logins on Facebook are done through a secure connection? You can enable HTTPS for your entire Facebook experience from the Account Settings page.

Session Classifier: This system uses location, device, and other account details to verify every login (e.g. a Wyoming user suddenly accessing their account from Jamaica)

Fun Fact: Facebook has dedicated millions-of-dollars to build a supreme security infrastructure.

Step Two

Online

User Action Classifier: The user action classifier identifies when users are acting maliciously or spammy.

Link Scanner: All links are compared against Facebook’s and other internet security company’s databases of known spammy and malicious links. Facebook scans over 1 trillion links per day.

Photo DNA: Facebook maintains a blacklist database from federal, state and international law enforcement agencies of explicative images. Each one of the 300 million photos uploaded to the site each day is checked against this list.

Clickjacking Domain Reputation System: You see a link to an “outrageous video” off-site, but once you click it, it automatically publishes the fake link to your wall. This behavior is a result of a browser bug, but Facebook is doing more to prevent this from occurring by taking steps to verify suspected bad links before they’re posted.

Application Classifier: The application classifier analyzes application behavior and tries to decide if they are acting maliciously.

Step Three

Log Out

Suspected Hacking: Users can manually shut down Facebook sessions and reset their passwords if an unauthorized login is detected.

Remote Logout: User who have forgotten to log out can check their login status and log themselves out remotely.

Guardian Angels: If you lose access to your account or have problems logging in, a code can be sent to your friends to help you get back into your account. You can pre-select these friends from the account settings page.

Login Notifications: Users get to approve the devices from which they log in. As an added measure of security a notification can be sent if they have logged in from an unapproved device.

Roadblock: If your account is compromised by malicious software, Facebook will temporarily lock your profile and scan it with security software until your account is certified to be clean.

Some important things to know:

  • 89% of email is spam and less than 4% of content shared on Facebook is spam.
  • Ony .06% of over 1 billion logins per day are compromised.
  • Less than .5% of Facebook users experience spam on any given day.
  • People spend over 700 billion minutes per month on Facebook.
  • The average user has 130 friends.

Sources: Facebook.com

Evaluating Physical and Information Security Risks

/in /by

When it comes to protecting an organization’s information, flaws with this can involve either implementing strong technology to protect too much trivial data, or inadequate protection of important and sensitive data.

7WIn short, not enough attention is cast upon a company’s most important information; there’s a gap between the IT department and the operational units of the business.

A thorough risk assessment is warranted in these cases. Once all the risks are identified, strategies can be created by personnel to prioritize risk minimization. This is risk management.

Risk has several components: assets, threats and weaknesses. Businesses must address (risk-assess) all components—internally, rather than externally by outsourcing.

A risk assessment identifies all potential risks, then analyzes what might happen in the event of a hazard.

A BIA (business impact analysis) is the process by which potential impacts are determined that result from the impediment of critical business activities. With a BIA, the results of disrupted business processes (which can include losses or delayed deliveries, among many others) are predicted; information is collected to come up with recovery strategies.

The objective is to maximize cost/benefit: identify the most relevant risks and reduce them with minimal investment.

The strategy is to determine what risks this company may face in a given year (e.g., digitized information, reputation, paper documents, employee safety).

Next is to formulate a list of possible sources of threats (employees, hackers, customers and competitors, to name some) based on the experiences of many in the organization. There are also risk assessment plan guidelines online.

Then next is a risk assessment chart. A list of assets must be compiled (e.g., employees, machinery/equipment, IT, raw materials, etc.) in a left column. Then opposite each asset, put down its associated hazards that could yield an impact. Each hazard is broken down into high probability-low impact and low probability-high impact.

Review the impacts for vulnerabilities that may make the asset prone to a loss. Here you’ll find opportunities for threat prevention or mitigation. Probability of occurrence can be specified with L for low, M for medium, H for high.

Information from the BIA would go towards rating the impact on “Operations.” Make an “entity” column for estimations of potential impacts (e.g., financial, brand/reputation, contractual). “Overall Hazard Rating” combines “probability of occurrence” and the highest scoring that impacts operations, employees, property, etc.

A worst case scenario? Do nothing. After all, a failure to plan is a planned failure.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Stepfather kills Daughter, thinks she is a burglar

/in , /by

In the wee hours of the morning in Colorado Springs, a 14 year old girl was shot dead by her father as she climbed through a window because he mistook her for an intruder. She died at the hospital from gunshot wounds.

5HWhen the news broke of this story, it brought the gun advocates and gun opponents out of the woodwork. Guns spelled backwards is snug; some people get too snug with their guns, as was the case of the girl’s father, who was not arrested according to the report.

In the right hands, guns can be an enjoyable part of target shooting. The purpose of a gun should be that of protection, but at the same time, the person who wants to protect himself also needs to add some mental stability and smart thinking to the equation. The man who killed his daughter wasn’t what you’d call unstable (in a corrupt, immoral sense), but he certainly wasn’t thinking clearly, either.

Guns have been proven to protect the good guys from the bad guys, especially those in high risk professions. But what’s frightening is that some gun owners just aren’t savvy or informed enough to properly handle a gun in the face of threat or perceived threat.

Too many family members are being shot to death by another family member in their own homes—not because of an argument gone bad, but because of mistaken identity. Would that girl have been shot had the house been equipped with an alarm system?

It’s all about common sense. In the hands of a person with common sense (and a regard for life), guns usually are not a problem.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

7 Small Business Social Media Risks

/in /by

Many executives are concerned about social media related risks (e.g., data security and ID theft), but far fewer actually have any social media training.

4DA recent survey of executives puts the concerns into four categories: disclosure of confidential information; damaged brand reputation; ID theft; and legal and compliance violations.

Another feature that the survey unveiled was that 71 percent of the participants believed that their company was worried about potential risks, but they also thought these risks could be avoided or resolved.

Over half the respondents said that their company lacked any social media risk assessment strategy.

Here’s another striking finding: 33 percent of businesses had a social media policy; 27 percent of participants reported no such policy; and the remaining 40 percent consisted of an even split: those who said their company was planning on creating such a policy, and those who said their organization had some other related policy.

Solutions

While social media can bring benefits to businesses, namely in the realm of marketing exposure, they can also bring in lots of trouble as far as security issues.

How can companies find the right balance in between the two extremes of either banning social media altogether and allowing free reign of social media? Below are some solutions.

#1. Ban the ban. First of all, don’t outright ban access to social media. Otherwise, this can lead to other security issues. Furthermore, an employee who really wants to gain access to social media will dodge security, making the organization more susceptible.

#2. Execute policies. Do implement some kind of structure that regulates employee activity regarding social media. Employees need guidelines for proper use, which would also include what not to do.

#3. Social networks should be limited. There are hundreds of social networks—many uses are served, ranging from movies to music. But there are other uses that are not so innocent and less secure. Learn about these and make sure employees know not to go near them.

#4. No default settings. Default settings typically leave networks very vulnerable to attack. Settings should be locked down; most social networks do provide privacy settings and these must be managed at the highest level.

#5. URL lengthening service. Employees should never click on a shortened URL without first decoding it to see where it leads to. Shortened URLs can be pasted into an URL lengthening service.

#6. Train IT personnel. Don’t effectuate policies from the bottom up, but rather, from the top on down. Those in charge of managing technology need to be fully geared up with the risks of social media.

#7. Keep security updated. A business network always needs to be up to date with its security.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

11 Tips to Hotel Safety and Security

/in , , /by

Can you name 11 tips for hotel safety and security? How about just five?

4HHave you ever walked down the hallway of a hotel and passed by rooms with doors left wide-open by cleaning staff? Ever thought of how easy it would be to enter and pretend the room is yours? Imagine what you could steal.

This is why a hotel that takes security seriously will be very strict about whom is issued an electronic key to rooms, and will issue regulations regarding housekeeping tasks. In more remote hotels or those in less developed countries, the hotel staff itself may be the thieves.

Nevertheless, whether you’re in the ritziest hotel or the shoddiest dump, Schlage locks wants you to know there’s a baseline of precautions you should take.

#1. Never leave valuables in your room unless you’re present. If you must, use the hotel safe and be sure to get a receipt.

#2. When in the room, keep the door locked, including the chain feature.

#3. Always use the peephole before opening the door.

#4. If you anticipate the door won’t have a lock (such as in a foreign country), bring along a traveler’s door lock, a motion detector that you hang on the knob that sounds when the door opens, and/or a doorstop alarm—it wedges against the door’s base.

#5. Don’t open the door to strangers.

#6. If the “stranger” claims to be a hotel service person, call the front desk for verification first.

#7. Consider have all food deliveries made to the lobby. This isn’t convenient, but it’s safer. You never know if the delivery person is actually a predator looking for a target. Men should also practice this procedure; men can be targeted for violent crimes too. The delivery person may also case you as a potential target later on.

#8. Be mindful of what you leave outside your door. E.g., what appears to be leftovers from one person’s meal, indicates you’re alone.

#9. Before going to bed, double check all possible entry points.

#10. Make people think you’re there when you’re not: Place the “do not disturb” sign on the door—after you put the TV on loud. But first make sure this won’t coincide with maid service.

#11. If your hotel wants you to turn your key in when you go out, keep the key so that nobody knows you’re out.

Robert Siciliano home security expert to Schlage discussinghome security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

10 Lifesaving Smoke Alarm Safety Tips

/in /by

One minute or less…

6H…is all the time you may have to escape a fire in your home. Schlage, which is dedicated to keeping homes and families safe, sound and secure, and I ask: “Do you have a smoke alarm?” It can double your chances of escaping death. Home smoke detectors have cut fire fatalities in half since they came on the market in the early 1970s.

Nevertheless, fires kill about 3,000 people a year in the U.S. Forty percent of these deaths occur in homes that lack working smoke alarms (40 percent!)

  • If you don’t have a smoke alarm, get one or as many as you need—today.
  • Never deactivate them while cooking.

Did you know that most fire deaths are from smoke inhalation, rather than being burned to death, even though the dead body often becomes burned to a crisp (yes, TMI, but seriously)…? An escape route can be blocked by thick, dangerous smoke, not plumes of fire. A smoke detector can get you responding sooner and thus avoid fatal smoke inhalation.

  • Exit the building when the alarm sounds.
  • Then stay out. (Have a post-escape family meeting place pre-determined.)
  • From a neighbor’s house call 9-1-1.

Smoke alarms can also signal a flashing light for the hearing impaired. Alarms are also available that trigger a vibration under your sleeping pillow.

The Importance of Drills

Plan an escape route, then run fire drills. If possible, figure out two ways to exit every room, even if that means out a window. Make sure everyone in the household understands and can run through the escape route. The practice should include the post-exit meeting place outside.

  • Practice drills during less-than-desirable times: in the middle of the night, in very cold weather, etc., as well as under more ideal circumstances.
  • Tweak the plan as necessary. Who may be capable of actually sleeping through the alarm? This should be addressed. Make sure that an escape plan is in place for physically disabled occupants, babies and pets.
  • Purchas a folding ladder in case an escape through an upper window is necessary.

Maintenance

  • Every month (or at least every 6), clean dust from the alarms and push the test button.
  • Never paint the alarm.
  • Change the batteries every time you change your clocks.

10-Year Lifespan

An alarm that’s over 10 years old needs to be replaced. If you’re not sure how old they are, replace them.

Leave Quickly

Some door handles are fussy when you try and open them. Make sure your home is equipped with door handles that unlock then the door is opened from the inside, like the Schlage F51A. This lock allows homeowners to leave quickly and conveniently in an emergency.

Robert Siciliano home security expert to Schlage discussinghome security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.