Mortgage Brokers put Client Data at risk

/in /by

Your private information may not be safe with your own mortgage lender, even a small one, says cybersecurity firm HALOCK Security Labs. The leak may occur when data goes from applicant to lender.

4DSeventy percent of the 63 U.S. mortgage lenders that HALOCK investigated allowed applicants to send private and financial data (like tax documents) as e-mail attachments—over unencrypted e-mail. Seventy percent also promote faxing sensitive data—not nearly as secure as encryption.

While more than 40 percent provided a snail mail option, only 12 percent offered encryption. Several survey participants, when the subjects were asked why they didn’t offer a secure e-mail portal, replied it was an issue of what the applicant was “most comfortable with.” (Certainly, who’d be comfortable with a leak of their most private information?)

While lenders place customer comfort ahead of security, they fail to realize that customers have been steadily losing confidence in their banks’ commitment to privacy.

Another consideration is whose comfort is really at issue? In a study, one former mortgage lender stated that it was a time hassle to explain to customers about secure portals; unprotected e-mail was quick and convenient.

But it’s well-worth the time to hassle with this, says security expert Graham Cluley. Regular e-mail, by definition, is non-secure.

There’s no shortage of methods to send e-mail securely. It’s just that they’re underutilized by organizations. Decision makers want to make things easy for customers, but this doesn’t have to be at the expense of their security.

Security measures that are customer-friendly exist. Bank customers are more demanding than ever for security, even though they usually do not understand about encryption. What bank wants a weak link in the form of a gaping hole through which customer data can leak? An ounce of prevention (secure portal log-in) is worth a pound of cure (identity theft).

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

10 Easy Ways to hide from spies

/in , /by

Who would have ever thought that that marvelous invention, the smartphone, as well as your tablet and PC, would give you cause for concern about hiding from spies? And when I say spies I mean anyone who has a vested interest in your information whether that is governments foreign or domestic or a spouse, employer, marketer or just some freaky weirdo.

11D Today’s technological conveniences also act as portals through which the spies can gain access to your personal information. As a security analyst, I’ve come up with the following:

Easy Ways You Can Hide Your Data from the spies

  1. Use a VPN (virtual private network) such as Hotspot Shield VPN when online. This way your data traffic is encrypted—and thus difficult to detect by spies or any hackers, whether you use a phone, computer or tablet. Data transmission may still occur due to ads, but the VPN will put a stifling effect on it.
  1. Use Tor. You can hide from mass and corporate surveillance with a Tor installation—which the National Security Agency does not like—because it works.
  1. While playing games put your mobile device into airplane mode (which suspends data transmission). You don’t need to be online to play all games. Being offline means your personal data can’t be transmitted.
  1. HTTPS! Install HTTPS Everywhere, a browser plugin for Chrome, Firefox and Opera. It’s free, though currently not available for smartphones. HTTPS means security on the visited web site.
  1. Post on social media only when you’re connected with your password-protected, secure workplace or home Wi-Fi. And in some cases you may need to post via computer, not your smartphone!
  1. Hard drive encryption. A person who uses your computer or mobile will not be able to copy its data if you have an encrypted hard drive. Local storage can be encrypted on the latest versions of Windows, Macs, iOS and Android.
  1. Turn off cellular data connections. Unless you absolutely must know every single e-mail that’s coming in when you’re out and about, switch off the cellular data. Check your e-mail only when you’re on a secure network.
  1. Turn off the GPS and Wi-Fi on your mobile device. GPS, Wi-Fi and geolocation can pinpoint your location fast. Keep them off unless you need them (lost in the wilderness?). To turn off geolocation, start with your apps that take photos, then do the rest. Then you won’t have to worry about government agents finding you.
  1. Dumb down. Your phone, that is. If you’re really concerned about privacy, ditch the smartphone and use a “dumb” phone also known as a “feature phone”. Though even a simple cellphone can be used as a tracking device, it makes it hard for anyone to get your location and data since you can’t get on social media or play online games with a dumb phone.
  1. Never open e-mails with a blank subject line. Though your spacey friend may neglect to type into the subject line, a blank subject field can also mean a virus waiting to make its move. If the sender is familiar, send them a newly created message asking if they just sent you something with a blank subject line.

So there you have it: 10 ways that pretty much work to keep hidden from the spies and all other snoops.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

DIY Home Security Automation is easy

/in /by

Take home security seriously—before the break-in. If you’re up for a great DIY project, get going with home security.

3HReinforce doors. What you see in cops and robbers TV shows is true: Doors really can be kicked in. But not if they’re reinforced with easy screw-on upgrades that can resist even a kung fu master. Start with a door guard plate. Next, a door jam reinforcement will replace the weak pine door frame with a steel inset. Of course, replacing a wooden door with a steel door would really add security. For an added layer of protection, install the Schlage Touchscreen Deadbolt to your front door. It is the only Z-Wave compatible lock to feature a built-in alarm system, producing warning alerts to homeowners prior to their home being breached.

Strengthen windows. A window with a smash-proof coating will repel a thrown brick or whacking pipe. The coating is a film that’s applied like a big sticker. A determined burglar may be able to crack the window, but the film will hold the pane in place, preventing entry.

Landscaping. Though shrubs can deter intruders, they can also shield them from neighbors if overgrown. Make sure that branches are trimmed. To add security, illuminate areas around bushes and trees with flood lights.

Garage. Never leave the garage door opener in your car exposed because thieves can get into your car if it’s parked outside…and you know the rest. One solution is a Wi-Fi garage door opener so you can control the door with your phone.

Surveillance cameras. The latest technology allows you to remotely view your premises. Your phone will receive an alert from these cameras when they detect motion or sound nearby; you’ll be able to see what’s going on in real-time.

Locks. It can take only 15 minutes to replace an old lock with a keyless one such as the Schlage Touchscreen Deadbolt. Its features ensure that your house is locked, and unlocking is a snap, all via a number code. Just assemble the lock and put it in. It’s rare to have to drill more holes.

Robert Siciliano home security expert to Schlage discussing home security and identity theft on TBS Movie and a Makeover. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.