6 ways College Grads can Protect Online Reputations

/in /by

Here’s what you, the new college grad, can do to clean up and protect your reputation in the online world.

14DThese days, it’s crucial for college grads seeking jobs to have an online reputation that’s as clean as a whistle. I’m an online-security and ID theft expert, so trust me when I say that yes, employers DO take into account what you did at that party during your sophomore year.

How College Grads Can Clean up Their Online Reputation

A prospective employer will likely Google your name, then read the sites it’s on. And don’t assume that you’re protected by a “Joe Smith” kind of name. An astute employer will find the right Joe Smith.

One of the first things a new college grad should do, to prepare for a job interview, is to prepare for what the person hiring is likely to do (either before or after the interview): look you up online.

Find out what people are saying about you in cyberspace. Use a tool like Google Alerts, Tops, Social Mention and Sysmosys, among others. Monitor these on a daily basis.

If your own search turns up nothing bad about you on Facebook, Twitter, YouTube, LinkedIn and other biggies, this doesn’t mean nothing bad exists. Go deeper into the search results. Type in your middle name or just initial, or some associative fact like hometown name, to see if that alters results.

Cleaning up your online reputation, then, begins with seeing if it needs to be cleaned up in the first place. This is more important for a college grad than, say, getting that perfect manicure for job interviews or that perfect hair tinting job.

The prospective employer these days may be more interested in what your name pulls up in search engines than how perfectly coordinated your shoes are with your power suit.

Being digitally proactive keeps your online presence clean.

  1. Digital security is a must. We’ve all read about politicians, celebrities, news organizations and major corporations who’ve been hacked and negative stuff was posted from their accounts. Even when you regain control of your hacked account those unwanted posts can leave searchable breadcrumbs.  Make sure your devices are protected with antivirus, antispyware, antiphishing and a firewall. Secure free Wifi connections with Hotspot Shield VPN.
  2. New college grads should invest time picking apart their Facebook page and any other kind of social media where they have the ability to change what’s on it. Delete anything relating to drinking, sex, drugs, being tired all the time, political and religious views, use of offensive words, anything that fails to benefit your reputation online.
  3. Even a comment like “Old people are bad drivers” can kill your chances of landing a job. Think before you post.
  4. Unfortunately, if someone has posted something negative about you on their blog, there’s nothing you can do unless you want to pay something like $2,000 to hire a company to knock negative Google results deep into the search pages (a prospective employer probably will not go past a few pages deep once they locate information about you). But paying someone is a viable option you should consider.
  5. A college grad can protect their online reputation by never using their name when signing up for a forum board where they may make posts that, to a prospective employer, make the job seeker look bad. If you want to post on the comments page for Fox Sports, for instance, don’t use your real name.
  6. Don’t even use your real name for signing onto support sites for medical conditions, for that matter. You just never know what may rub a prospective employer the wrong way.

The college grad’s reputation needs to appear as perfect and “pure” as possible in the online world.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Heartbleed: Free Tool To Check if That Site is Safe

/in /by

I’m sure you’ve heard the news about Heartbleed by now (unless you’re in vacation wonderland and have taken a tech break). This is a serious vulnerability in the core of the Internet and is something we all should be concerned about.

heartbleedHeartbleed is a kink in encryption software, discovered by security researchers. It is a vulnerability in OpenSSL and could affect nearly two-thirds of websites online. If exploited, it can leak out your passwords and login names, thus putting your personal information at risk.

That’s why McAfee, part of Intel Security, is responding to the dangerous Heartbleed vulnerability by releasing a free tool to help consumers determine if a website they visit is safe or not. You can access the tool, here: http://tif.mcafee.com/heartbleedtest

McAfee’s Heartbleed Checker tool works by entering any website name to find out if the website is currently vulnerable to Heartbleed.

Steps to protect yourself:

  • Go to McAfee’s Heartbleed Checker tool http://tif.mcafee.com/heartbleedtest and enter any website URL to check if it’s vulnerable.
  • If the site is deemed safe your next step would be to change your password for that site. Remember, changing your password before a site is patched will not protect you and your information.
  • If the site is vulnerable, then your best bet is to monitor the activity on that account frequently looking for unauthorized activity.

Once a site has been patched so it’s no longer vulnerable to the Heartbleed bug, you should change your password. Here’s some tips to remember:

  • Use strong passwords that include a combination of letters, numbers and symbols and are longer than 8 characters in length – heck the longer the better. Below is a good animation on how to create a strong password.
  • Use a password manager, like McAfee SafeKey which is included with McAfee LiveSafe™ service that will help you create strong password and remember them for you.
  • Use two-factor authentication for increased security. You get a one-time code every time someone tries to log into the account, such as those for banks, social networks and email.

Heartbleed aside, passwords are more vulnerable than ever, and just in general, should be changed every 90 days for important accounts. And remember, if your information was exposed, this is a good time to watch out for phishing scams.

A phishing scam is a ploy that tricks you into entering sensitive data, like usernames, passwords and bank account information, by emulating a familiar website.  And if your information is compromised, even if it’s just your email address, scammers could use this to try and get your other sensitive information.

Remember, in this day and age, we all need to be vigilant about protecting ourselves online.

Stay safe!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

15 tips to Spring Clean Your Digital Security

/in /by

As a security analyst for both off-line and online activity, which is personal protection and information security, I’m constantly analyzing my own security situation. This means paying attention to my surroundings, systems in place, the security of my hardware, software and data. One way to get a closer look at all of this and to get refocused, is to remove the clutter, upgrade technologies, and do a Spring Clean. I heavily recommend that you perform the following 15 tasks for tightening up your digital security affecting your overall security position.

7WClean up and secure your digital life:

1. Do away with useless files. Go through all folders, including the recycle bin, and discard files that you no longer use.

2. Organize media. Put music, photos, etc., in appropriately labeled folders. Maybe create a master folder for different kinds of related media.

3. Consolidate desktop icons. Perhaps you can put a few icons into another one if the topic is related: Put the “Muffin” and “Rover” files in one file labeled “Pets.” A desktop cluttered with icons will slow boot-up time. Consider “removing” an icon you hardly use; this won’t delete the program, but will get rid of the shortcut.

4. Uninstall programs you’ll never use. This will speed things up and reduce potential malware targeted software.

5. Review passwords. Update as necessary, making them unique, never the same, and use different characters upper/lower case and numbers. Install a “password manager”. Google it.

6. Make backups of important data on a flash drive or use online storage. Ideally, make a backup of your prized data that exists outside your house. I backup on 3 local drives and in the cloud in two places.

7. Consider reinstalling your operating system. This means gathering all your software and backing up all your data. Do a search on your devices OS and seek out “How to reinstall operating system Windows/Mac (your version)”

8. Mop up your system’s registry. This will clean out temporary files you do not need that have been picked up by your system over time. An accumulation of these files will slow your computer and make it prone to malware infections. CCleaner is a free tool that will do this job.

9. Update Internet security software. Use antivirus, antispyware, antiphishing and a firewall. Get a VPN for when using free wireless internet. Hotspot Shield is perfect. Google it.

10. Defragment your hard drive. For Windows 8 go to Files, then “defrag.” For older systems go to Program Files, Accessories, then System Tools. For the iOS, run its built-in Disk Utility app.

11. Install program updates. Updates include critical security parches: very important. For Windows go to Go to Start, Control Panel, All Programs and Windows Update. Click on “Check for updates” to see if you are up to date. For the iOS, go to the app store, then Updates.

12. Do not forget your mobile device. Update your smartphone, including weeding out unneeded apps. Update your mobile OS to the latest version. Several companies offer security apps that will scan a mobile’s apps. Some apps have features like a remote lock/locate/wipe that will prevent a thief from using your device should you lose it.

13. Social setting cleanup. Have you locked down how your private information on Facebook can be shared? If not, go to Privacy Settings, then Apps, then click “edit” which is next to “Apps others use.” Delete all your “friends” who really aren’t your friends.

14. Home security system. Upgrade this if it is old technology. New wireless home alarms connect to your network and include home automation features too. This includes surveillance cameras, motion detectors, glass break sensors and controlling lights and temperature. Opt for remote monitoring from any device using apps on mobiles and tablets.

15. Declutter your e-mail files. These can get very messy over time. First start with your in-box. What’s been sitting there for ages that you’ll never open? Delete it. Next go to the sent/trash folders and weed out no-longer-needed emails. Also scour through any other e-mail folders. Delete folders you no longer need, and/or trim down ones you still use but contain messages that are now meaningless.

Follow these 15 tips to spring clean your digital security. A freshly cleaned-out digital life will give you peace of mind and enhance your personal security. Taking the time to clean up your digital life will be well-worth it, so do not put it off any longer!

Robert Siciliano is a personal security expert to SecurityOptions.com discussing home security and identity theft on TBS Movie and a Makeover. Disclosures.

Online Tax Time Scams: How to Avoid

/in /by

Filing your taxes online is convenient but also comes with some potential security problems. My job as an expert in all things online-security is to spell out what these online tax scam risks are and how to avoid them. As you get ready to file your taxes this year, here are some things you should know about.

9DThere were billions of fraudulent refunds that the IRS discovered for just 2012. Both consumers and business owners (small to medium) are being targeted by hackers during tax time. Following are tax time scams that are related to online filing:

  • Phishing: If you get an unsolicited email that seems to be from the IRS or similar, requesting personal information (especially bank account information, passwords or PINs) or claiming you’re being audited, it’s time to smell a big rotting phish. The IRS will never contact you via email, text message or social media. Make sure you don’t click on any links or open or download any attachments if you even suspect that the message is fake. Report any time of phishing to phishing@irs.gov.
  • The fake IRS agent: Crooks will pose as IRS agents and contact you by email or phone. They’ll already have a few details about you, probably lifted off your Facebook page, using this information to convince you they’re the real deal. If you sense a scam, go to IRS.gov/phishing.
  • The rogue tax preparer: It’s best to use a reputable tax return service, rather than an independent-type preparer. After all, some of these preparers have been known to charge extra high fees for getting you a bigger return, or steal some of your refund.

Additional Tips for Online Tax Time Scam Protection

  • Protect your data. From the moment they arrive in your mailbox, your personal information (financial institution numbers, investment records, Social Security numbers, etc.) must be secured. Don’t give personal information over the phone, through the mail or on the Internet unless you have initiated the contact and are sure of the recipient.
  • Chuck the papers. Opt for electronic statements to be received via email to eliminate paper statements coming into your mail box where thieves could get at them.
  • Check and monitor your statements. To ensure that you’re not a victim, the best thing to do is to monitor you monthly bank statements and do a credit report at least once a year.
  • Use a clean machine. Make sure that the computer you use is not infected or compromised. The operating system and browser should be updated. It should have comprehensive, up to date security software, like McAfee LiveSafe™ service, which protects all your devices, you data and your identity.

If you’re vigilant and follow these guidelines and you won’t have to deal with online (or offline) tax time scams. You can also watch this video from the IRS.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Cyber Insurance vs. General Liability

/in /by

One of the biggest data breaches of all time involved that of Sony Corp. The hackers stole confidential information from tens of millions of Sony PlayStation Network users. Despite this humongous breach, something surprising happened: New York Supreme Court Jeffrey Oing ruled that Mitsui Sumitomo Insurance Co. and Zurich American Insurance Co. owed NO defense coverage to Sony Corp. or Sony Computer Entertainment America LLC.

4HAnd why? Oing said that the coverage can’t be triggered through a third-party action: that by the hackers.

It seems, then, in order to get coverage, Sony itself would have to do the hacking. “They’re being held liable even though the wrongdoing was done by a third party,” explains Robin Cohen to Law360. Cohen heads a law firm that handles insurance recovery.

To determine coverage obligations, Zurich filed a lawsuit against Sony, which had to shut down its PlayStation Network for a month.

Oing’s ruling will likely motivate companies to obtain policies that specifically insure against data breach claims. However, many companies believe that such specific insurance is already built into their current general liability policy.

Insurers all across the nation are wanting to put language in their policies that exclude coverage of losses stemming from data breaches, which include loss of credit card information. However, courts have the final say-so in just how far these exclusions can go.

Companies need to seriously consider cyber insurance policies that specialize in coverage of data breach losses.

K&L Gates LLP partner Roberta Anderson told Law360, “Irrespective of whether the Sony trial court’s view is widely adopted, it’s ill-advised for policyholders to rely on general liability policies for data breaches.”

It’s expected that Sony, which has strong arguments for their appeal according to policyholder attorneys, will challenge Oing’s decision.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Beware of the One Ring Scam

/in /by

“The Ring” means more than just a dead girl crawling out of a well; it can also mean the one ring that you get on your cell phone that’s designed to get you to call back to find out who the caller was—only you’ll end up getting a charge on your next bill instead.

9DThe official name of this scam is the “one ring,” and here is how it works:

Your cell phone rings once. You may not get to the device in time to answer, and you don’t recognize the number and are curious, so you call back. You’re then connected to some chat line or international adult entertainment service.

If you answer the device while it’s still in ring mode, the “caller” will hang up, but you can still get charged simply for answering, even if you don’t call back. ($19.95 fee for an international call, and/or a $9 per minute charge).

The scam works via a computer that randomly sends out thousands of calls to cell phone numbers. And your number may be that lucky number. The Better Business Bureau warns that if your mobile rings once, don’t call back.

Apparently, this scam, committed by crooks called crammers, originates from the Caribbean Islands. If you think you’ve been crammed, contact the BBB as well as your mobile carrier. Review your bill closely for any unauthorized charges.

What if you want to answer your phone the moment it rings? If you see the following area codes from the incoming call, do not answer (remember, simply answering the call can net you a charge): Jamaica (876), Dominican Republic (809), British Virgin Islands (284), Antigua (268) and Grenada (473).

There have been thousands of reviewed complaints about this crime, according to the Federal Trade Commission and the Federal Communications Commission. And the crime of cramming is expected to get bigger.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Workplace Violence: 12 Signs Of A Dangerous Person

/in /by

Workplace violence is something everyone needs to be educated about. Know the warning signs to protect yourself and your employees.

7HThe Navy Yard shootings were a harsh reminder that, while studies show violence is down overall, workplace violence is a problem that doesn’t seem to be going away.

I appeared on CNBC to discuss the shootings, and addressed what can be done to prevent this from happening in the future. Everyone seems to be looking for a silver bullet to solve these problems, and many think technology will solve the problem. Interestingly, the anchor pointed out that if the NSA monitors people’s chatter online and in the social media sphere, then surely it should be able to step in and thwart a crime.

If it were that easy, there’d be no crime. (And the NSA might only look at less than 1 percent of the data it has access to.)

What can be done to prevent this from happening in the future? Those who study workplace violence know that there is a psychological profile of someone who is likely to commit an act of violence. Every business owner should know and understand the signs. A combination of a few (or more) of the following behaviors should be reason for concern.

  • Difficulty getting along with others: They are unreasonable and often make inappropriate remarks about others. They are never content with the status quo and are always upset by everyone and everything.
  • Controlling behaviors: In their minds, they are superior and everyone else is beneath them. They always force their opinion on others. They are control freaks and can’t deal with change.
  • Clinical paranoia: They may not yet be diagnosed, but they think others—including their friends, family, fellow employees and the government—are out to get them. They are conspiracy theorists.
  • Power obsession: They own firearms, are members of paramilitary groups, and subscribe to numerous military, law enforcement or underground military group chat communities or newsletters.
  • Victim attitudes: They never take responsibility for their behaviors, faults, mistakes or actions. They always blame others; it’s always someone else’s fault. They may have had trouble with the law, even just a minor incident, but it wasn’t their fault.
  • Litigious nature: Taking legal action against neighbors and employers and constantly filing grievances is their way of virtually controlling others. Everything is blown out of proportion.
  • Constant anger: Hate and anger are how they get through the day. Coworkers, family, friends and the government are all the reasons why they are mad, mad, mad.
  • Violent opinions: They see acts of violence in the media, such as shootings, mass murders, racial incidences, domestic violence and executions as reasons to celebrate. They say victims “got what they deserved.”
  • Vindictive references: They say things like, “He will get his someday,” or “What comes around goes around,” or “One of these days I’ll have my say.”
  • Odd behaviors: They might be good at their jobs but lack social skills. Their presence makes others feel uncomfortable. They have an edge to them that makes others not to want to be around them.
  • Unhealthy habits: Sleep disorders, always being tired, dramatic weight loss or gain, or numerous health-related problems issues plague them. They are often addicted to drugs, alcohol or numerous other substances or experiences.
  • Recent layoff: A combination of any of these traits that leads to job loss can set an ex-employee off. As a society, we introduce ourselves by our job description: “Hi, I’m Robert Siciliano, and I’m a personal security and identity theft expert.” But really, I’m also a dad, son, husband, etc.—and if any of these things are taken away, resulting in significant emotional despair, it can sometimes push people over the edge.

Knowing the warning signs is a good start to preventing the unimaginable from happening at your workplace, but you’ll also need to stay vigilant and educated. Preventing active shooters involves multiple layers of security. Make sure all your managers and employees know the warning signs. Workplace violence isn’t a technology problem that can be cured with a fence or a security camera. It’s a serious people problem that can only be fixed with intervention.

On CNBC, when I gave an example of a worker who demonstrated all these behaviors and the necessity of the fellow employees or even a family member to drop a dime, the anchor said, “Yes, but there’s always been a cultural resistance for fear of implicating the wrong person.” My response: “So what!?” My view is that it’s better to be safe than sorry. Take precautions to protect yourself, your employees and your business, and if something doesn’t feel right, speak up. It could save lives.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Burglars using Video to stake out Homes

/in /by

Yes, burglars do use video surveillance to case homes.

CAMSometimes burglars aren’t not so dumb, like the ones who use video to case homes.

A video camera the size of a matchstick has been discovered in the yards of several homes in North Texas’s upscale Dalworthington Gardens, where there have been break-ins.

According to the Dalworthington Gardens police, a homeowner presented them with the device, which was found near his driveway. Analysis revealed it was video surveillance for an ongoing burglary scheme.

So police established some counter-surveillance. Sure enough, next evening a man came to the home to retrieve the camera. The crook turned out to be a 21-year-old, Cain Santoyo, whose belongings in his car were the tools of burglars: lock picking instruments, a disguise, a stun gun/flash light and multiple surveillance cameras.

Also found was a motion detector that was rigged to a small radio transmitter, which seemed to serve the purpose of alerting a burglar inside a house that the homeowners have returned.

Inside Santoyo’s house, police discovered jewelry hidden in a crawlspace. They had reason to believe he was a burglar casing out homes with his tiny video cameras placed in yards.

Nevertheless, police concluded that this burglar had already sold many stolen items online. They expect that eventually, several burglary charges will be filed.

The police point out that it’s illegal for two parties to be recorded via audio without their knowledge, which equates to another charge!

Lesson learned: If a homeowner discovers an odd trinket, even if it resembles bark from a tree, in their yard, that just doesn’t seem to belong there (it’s the only thing like it in the yard, and its source is unknown), then remove it, and consider having the police examine it. It just might be a tiny video camera that a would-be burglar placed on your property.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Credit Card Fraud Security Bleak

/in /by

The U.S. is no Superpower when it comes to card payments: the card hacking headquarters of the world.

2CDon’t count on credit card fraud going away too soon. After all, Americans practically sleep, eat and breathe credit card use. And it’s those doggone magnetic strips on the cards that keep getting consumers, retailers, banks and the card companies in a fix. The strips make it so easy for hackers—and they know it.

It’s high time that the U.S. switch to encrypted chips in the cards—ready to be launched soon, but security experts aren’t breathing easy yet. The squabbling among banks, card companies and retailers over who’s responsible for protecting consumers isn’t helping, either.

Recently Congress demanded that the financial and retail industry leaders come up with plans for securing customer data. And they’d better act soon or consumer trust in these cards that drive the U.S. economy will take a big dive.

“This has the potential for people to question the viability of our payment system,” points out Venky Ganesan, venture capitalist with Menlo Ventures. Cards are the bread and butter of America, responsible for about 70 billion payments last year, worth $4 trillion (Nilson Report).

Only 11 percent of merchants are sufficiently compliant with the credit card security standards, says a study from Verizon Enterprise Solutions.

The magnetic strip, as innocuous as it appears to the typical consumer, stores that consumer’s personal financial information. Most other nations ditched this “antiquated” system years ago, using instead the EMV: based on chip technology, securing payment transactions.

The payments industry, however, has named 2015 as a deadline to get the chip technology going. But all things considered, that’s still a long ways off. And retailers are whining over the many billions of dollars it will take to replace point-of-sale technology.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Are You being followed on Foot or by Car? What to do

/in /by

One of the things I impress upon people is what never to do, and what TO do, if they suspect they’re being followed on foot or by car.

1SDDon’t be oblivious to your surroundings. Observe everything 50-100 feet around the perimeter of your body as you move from point A to point B.

Note anything that seems out of place, like a car that’s taking all the same turns you are. A pedestrian following you may veer off at a side street, then re-emerge to catch up with you.

Slow down. If you’re walking, stop and fiddle with a shoelace (while being aware). Who also slows down or suddenly stops? Speeding up might cause an amateur to also speed up, but a pro will not make this conspicuous change unless you’re about to make a blind turn.

Call the police. Let the police handle the situation. If you get off a main road, head to the nearest police station. If no-one is around, go to a people-filled public spot. Have a seat, have a soda, and observe your follower for any details.

Stay cool. Don’t speed or drive carelessly. If you’re being followed by a chain of pros, they’ll be all along your route, so speeding won’t help. If you suspect the follower is a road rager, stay on main roads, drive to a police station.

Confuse the follower. E.g., exit, then get back on the road you got off. If someone behind you duplicates this behavior, you know something’s not right. Or, make multiple turns in the same direction and see if your follower does the same.

Alter routes. Take different ways to drive home from work.

If you suspect you’re being followed, follow the above guidelines and make getting to a safe spot a priority.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.