How sharing Files puts You at risk

Okay, so you were taught to share your toys in the sandbox, but little did your parents know that years later, sharing your files could result in disaster.

11DPeople share personal and business files all the time on their computers without realizing the security risks. Not all data breaches occur due to malicious events. An annual Ponemon study reveals that 35 percent of leaked data results from unintentional carelessness of the user and 29 percent from network malfunctions.

Workers and consumers alike, quite frankly, are clueless about safe practices and are using practices that are not approved by their company’s IT department. Let’s look at the specifics.

Tunnel vision. Often, users don’t see the grander scheme of things when sharing files. They have tunnel vision and go for the most convenient, cheapest route without considering security. This is how sensitive material gets put at risk. Such users may also end up getting their personal information cluttered up with other family members data or even co-workers data when bringing your own devices to work.

Public sharing settings. Before you share its important you know what you are doing. Years ago I had uploaded a file to a cloud based storage portal and the default settings at the time were “public”, which I didn’t recognize. Shortly after I connected a social site to this service and definitely didn’t realize that document which had personal information was being shared publicly on the social site. When I realized this I felt stupid, and sick.

P2P file sharing. Sharing files over peer networks, such as pirated music etc. creates a hacking risk. The P2P software is a welcome mat to cyber criminals who want to steal information like credit card numbers and information on secret documents. It’s not surprising that P2P software is often in a system that’s been hacked.

The solution is to avoid having P2P software installed at all, including on any BYOD devices. You don’t want to be “that” employee. Along the same lines, make sure that devices are set so that installation of new software cannot occur without the decision maker’s knowledge.

Using just any cloud services. The typical cloud storage is designed for consumers, not businesses, and unless you look at all the settings they can be a risky way of sharing files. Always insist on a higher-grade type of security and storage rather than settling for the run-of-the-mill file sharing service. Look at what security and encryption they have in place, whether you can manually and easily delete files or if they have an expiration date.

Using e-mail to share files. If you send an important document via e-mail, a troublemaker could “see” it while it’s in transmission unless it’s encrypted. By default the email should read HttpS in the address bar when logged in. And of course if you are on free WiFi encrypt that data with Hotspot Shield to prevent WiFi data sniffers.

Flash drives. Think of these little tools as a syringe injecting a virus into your blood. You stick one of these into your computer, and if the drive has been seasoned with malware, your computer will get infected. Anti-virus software, however, can scan a flash drive and its files and knock out any malware.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Hackers and Banks win, Clients lose

Don’t blame the hackers; don’t blame the bank; apparently it’s the victim’s fault that a Missouri escrow firm was robbed of $440,000 in a cybercrime, says a report on computerworld.com.

11DThe attack occurred in 2010, but the appeals court’s March 2013 ruling declared that the firm, Choice Escrow and Title LLC, can’t hold its bank accountable. The victimized firm might even have to pay the bank’s attorney fees. The court says that the firm failed to abide by the bank’s recommended security procedures.

BancorpSouth Bank was sued by Choice Escrow following a cyber assault in which the password and username to the firm’s online bank account was stolen.

The victim asserted that the bank failed to implement sufficient security measures, allowing the attack to take place. The firm also insisted that the bank should have detected that the wire transfer of the money to Cyprus was fraudulent because it was initiated outside the U.S.—an unprecedented type of transaction.

BancorpSouth’s defense was that Choice Escrow failed to instill the security precautions for wire transfers that the bank recommended.

At first it seems like the bank here is bucking culpability, but according to the bank:

  • It had controls in place for Choice Escrow to use.
  • The bank requested that the firm use a dual-control process for wire transfer requests that would require two people to sign.
  • The bank asked the firm to enforce an upper limit on wire transfers.
  • Choice failed to follow these two recommendations.

The bank also points out that the wire transfer was started by someone who used the firm’s legitimate banking credentials, along with a computer that seemed to belong to the company. Had the company followed the bank’s recommendations, the crime may not have occurred.

Stealing legitimate banking credentials and using them to initiate criminal wire transfers to overseas accounts is nothing new to cyber criminals. This crime causes disputes between banks and their customers and heightens awareness over how much responsibility each entity should carry.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Use an ePrivacy Filter to prevent Visual Hacking

In an average year I’ll tally 75,000 airline miles. In an average week while waiting for the plane to board or while in flight I’ll see multiple laptop screens flipped open with an over the shoulder view of emails being sent and received, PowerPoint presentations being tweaked, proposals being written and various client and employee records being crawled through. The fact is, I’m a good guy with no bad intentions, but I can’t help seeing what I see, it’s distracting. The screens are bright and propped right in my face. If I was a bad guy, this would be considered “visual hacking”.

2PHacking can be done without viruses: with just one’s eyes. The visual hacker prowls the public, seeking out computer screens displaying sensitive data. The company 3M now offers the ePrivacy Filter. This software, when paired with a traditional 3M Privacy Filter, which blacks out content that can be viewed from side angles where hackers can lurk, alerts the user to snoops peering over their shoulders from just about every angle. I’m seeing more and more of these in flight. Which frankly, is nice, and less distracting.

More people will merely state that they prize visual privacy than will actually do something to protect this, according to a recent 3M study. The study revealed that 80 percent of the professionals who responded believed that prying eyes posed at least some threat to their employers.

Strangely, most of these workers opted not to give their visual privacy any protection when they were accessing information with an unprotected computer in a public location of high traffic.

Employees have a funny way of asserting a belief but acting otherwise. This shows that businesses need to educate employees on the risks of data leaking out to visual hackers.

The fact is employees more mobile than ever. And with corporate secrets being Wikileaked, “Snowdened”, and just plain hacked, customers require more assurance than ever that their data is protected.

An ePrivacy Filter, coupled with a laptop or desktop privacy filter helps protect visual privacy from virtually every angle. Compatible with devices that use Windows operating systems, the ePrivacy Filter will alert the user to an over-the-shoulder snooper with a pop-up image of his or her face, identifying the privacy offender. However, you don’t have to worry about your data if you step or look away briefly. The screen will be blurred and will only unlock when you return thanks to its intelligent facial recognition feature.

Please, stop hijacking my attention and get a privacy filter.

Robert Siciliano is a Privacy Consultant to 3M discussing Identity Theft and Privacy on YouTube. Disclosures.

10 ways to Secure your Home for Guests and Parties

The holiday season means an upsurge in home-based parties, and some parties can seem extremely innocent, like a Christmas tree decorating party. These events can get out of hand, even if you know all your guests. But sometimes your guests bring guests that are shady. It’s awful to even acknowledge this, but even people you know can steal. I can tell you firsthand, there are people who have come to my home that I personally would have never invited. And when something goes missing, it’s an absolutely horrible feeling. So here are a few tips for securing your home while you’re actually in it.5H

  1. The presence of liquor drives up the risk of criminal activity. Drunk people lose their inhibitions, do stupid things and if they’re predisposed to stealing, they’ll be even more tempted when their guard is down. Consider only serving beer and wine and leave the liquor in the cabinet.
  2. Put as many of your valuables such as jewelry and electronics in a locked safe and conceal the safe. Better “safe” than sorry.
  3. If there are presents under the tree days before Christmas, then hide the small gifts that a house guest can easily slip into their purse or pocket. Sad, but happens.
  4. If you keep stacks of cash around and you plan on doing a lot of holiday entertaining, consider moving money to your bank for the holidays.
  5. Lock off rooms during the party that you won’t need to use.
  6. Place a Piper home security, video monitoring and automation device at your front door in plain view. It has a 180-degree fish eye camera that can capture a video clip if there’s any unusual activity, and you can view it on your iOS or Android mobile device. Piper also comes with a sticker to post on your front door alerting to the presence of a security system.
  7. Do your best not to leave young children unattended with people they just met, including teenagers. This won’t be easy, but a little vigilance can make a difference. You have more control over your young children than other peoples’, so at least instruct your own kids never to go alone into any rooms with guests they don’t know or hardly know.
  8. Hide all keys and key chains so they aren’t accidentally or purposely taken.
  9. Make sure to lock all doors and windows at the conclusion of your event.
  10. Have fun, don’t worry about any of this, but definitely DO something to prevent it!

Robert Siciliano, personal and home security specialist for Piper, the All-In-One Home Security, Video Monitoring and Automation Device, discussing burglar proofing your home on Fox Boston. Disclosures.

How your Webcam may be spying on You

Remember that song from 1984, “Somebody’s watching me?” It was a great foreshadowing of things to come: These days, people really CAN watch you while you go about your business at home…through your computer. So if someone confides in you that “they’re spying on me through my computer,” don’t be too quick to assume your friend went off his meds.

2WWebcam technology can enable a hacker to view you via your computer. The technology is called RAT: remote access Trojans. It can record keystrokes and obtain all of your files. And you’ll probably not know someone’s watching you. And how does a computer become a portal through which someone can spy on you? Numerous ways, including installing a “lost” thumb drive you found and clicking on links in e-mails or pop-up ads.

Just think of what all this can mean:

  • Nobody will have to imagine what you look like in your underwear.
  • The government may be spying on you. Your boss may be, too.
  • Your face, captured via your Webcam, can be compared to a face in a crowd. Doesn’t sound like a big deal unless you don’t want anyone to know you were in that crowd, such as a war protest.
  • Your headshot may end up on a selling list—like your phone number and home address surely already have—and these lists can get sold all over the place.
  • Will you ever be truly alone when getting intimate with your partner?
  • Criminals are hacking webcams and holding the footage for ransom.
  • Do you want anyone to know about that secret, disgusting habit you have?
  • Put a piece of masking tape over the Webcam camera.
  • Equip your device with the latest antivirus, antiphishing, antispyware and a firewall.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Security is Everyone’s responsibility

In the movies, the good guys always get the bad guys. In cyber reality, no such thing exists.

1DA survey of 5,000 IT security professionals turns up the following:

  • 63% doubt they can stop data breaches.
  • 69% think threats slip through the cracks of their security systems.
  • 57% believe their company lacks protection from advanced attacks.
  • 80% think their company’s leaders fail to connect the dots between a data breach and potential profit loss.

A survey of customers shows:

  • 59% are quite concerned about credit and debit card information theft.
  • 57% are very concerned about ID theft.
  • About 60% believe that a data breach involving their credit card or personal details would make them less likely to conduct business at a store or bank they usually use.

That last point leads to reputation smearing and loss of customer trust. But what about customer responsibility when it comes to security breaches? The “blame the customer” mentality seems more appropriate in the workplace when employees bring to work their own devices to assist in their jobs. This lets the data-breach cat out of the bag.

Though a significant percentage of employees have admitted (in surveys) to having a security problem with their device, a remarkably small percentage of these users felt compelled to report this to their boss. A very statistically significant number of employees who bring their devices to work haven’t even signed a formal contract that outlines security procedures. The bottom line is that taking security seriously is a rare find among employees who do the BYOD thing.

Another survey turned up an unsettling result: 76% of the 700+ consumers (who were affected by a breach) who were surveyed experienced stress from the event—but more than half didn’t even take steps to prevent ID theft afterwards.

Maybe this complacency can be in part explained by the fact that the losses from breaches are mostly absorbed by the companies involved.

The consumer, customer and employee need to step up to the plate and do their fair share of taking security measures seriously, rather than sitting back and letting businesses and banks take the entire burden.

It’s like getting attacked by a shark. Is the shark entirely to blame if the swimmer jumped into water near a sign that says “Beware of Sharks”? Then again, someone has to take the responsibility of putting the sign there in the first place…

All entities must pull together, stop finger pointing and accusing, and try to get a step ahead of the real villains.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Swatting is potentially deadly

No, not deadly to a fly that you swat at, but to the homeowners who are subjected to aggressive police searches after the police receive a 911 call that someone was shot at the house. But the call is a hoax.

7HThis happened to Jesse Vanremortel at 3:30 am, says an article at theoaklandpress.com. He and his girlfriend were jarred awake by noises, then next thing they knew, lights were shining under the bedroom door. A police officer crashed through, pointing an assault rifle at Vanremortel, 28. Police searched his house, and of course, found nothing, because this was a “swatting call” incident; the third in one week’s time in Oakland County.

The phony 911 call was by a woman claiming that shots had been fired inside a house on the street. Then she hung up. Thus far, police believe there’s a connection between the callers and the targeted victims. Strangely, Vanremortel says he doesn’t know the woman whom the police are investigating as a suspect.

It doesn’t help when the house’s occupant slept with the doors unlocked. Oddly, the teacher, on summer break, never awakened to a ringing phone shortly before the police entered the house—the call was from the police. So maybe the second lesson to learn is to put your radar on when you go to bed so that you don’t sleep through a ringing phone. My phones on, always, this is essential. If you don’t want to be awakened by a ringing phone, put it on mute, but not advised. But for Pete’s sake, lock up the house!

Vanremortel’s girlfriend and two roommates were held at gunpoint while the house was searched. You can see how swatting can turn deadly.

In other incidents, a caller said he shot his wife and rigged his home with explosives, then said he shot his neighbor. In another, a caller said he shot his mother.

At a minimum a home alarm in these situations would make law enforcement aware the property was in “secure” mode which may send a flag to approaching officers that the 911 dispatch might be fraud.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Finally: a Proactive Layer for your Home Security System

Any complete security system requires proactive and reactive components.  Until now, no one had ever focused on the proactive side.  BeON has arrived to update this product category, and they have done it in a simple and elegant way that gives you security without the stress while you’re away…and also yields safety while you’re at home.

BeOnThere’s “smart” everything these days, including light bulbs. But the “smart” light bulb you’re probably familiar with is smart only in terms of convenience. It’s a dunce in terms of security.

But now, there finally is a truly intelligent light bulb: BeON Home’s smart lighting system, which is designed to repel home intruders. It’s one thing to detect crime in progress. But it’s a whole new animal when crime is prevented. The BeON Burglar Deterrent deters burglars.

BeON’s product goes in like any ordinary light bulb, but these special bulbs will then actually “learn” your home’s pattern of light usage. So if you then leave the house for a long time, BeON will replicate this pattern. If anyone’s been casing your house and observing your lights-on, lights-off schedule, they will be fooled into thinking you’re home when BeON replays the pattern while you’re out.

But there’s more. We all know about the light above the garage that suddenly goes on when a criminal walks up the driveway. He’ll have to be mighty dense to think that this light was flipped on by the homeowner’s fingers.

However, the BeON interior bulbs will be triggered at the sound of a doorbell (many intruders first ring the bell). The bulbs will flip on lights in a sequential manner, mimicking human-controlled use. This will make the would-be intruder think someone’s home. Even if there’s a power outage, these bulbs will work.

The bulbs include a rechargeable battery and all the fixin’s for top-flight security technology including connection to Bluetooth. The bulbs produce normal-looking light (similar to what a regular 60W bulb would emit).

BeON’s bulbs, though, talk to each other about your light-use behaviors. So if you habitually flip the kitchen light on at 2 a.m. for your middle-of-the-night ice cream splurge, these bulbs will learn this and go on at this time when you’re on your two-week vacation.

In addition to detecting the doorbell ringing, BeON will sense other alarms such as for smoke. Your lights will flare on so that you can escape the fire without having to fumble around for light switches.

The investment (reasonable) for these security light bulbs is well worth it, and shipments will commence April of 2015.

Support BeOn on Kickstarter so they can can continue to develop new security deterrents. I love this!!!!!!!!!!

Robert Siciliano personal and home security specialist to BeOn Home Security discussing burglar proofing your home on Fox Boston. Disclosures.

14 home security tips before you pack up for the Holidays

The holidays are just about here, and so is your not-so-friendly neighborhood burglar. Burglars know that during the holidays, there are just more goodies to steal, and not only that, but there’s a lot of traveling away from home. During this time of year, homeowners need to be extra vigilant about protecting their property, and that includes making potential intruders think you’re home rather than away for the holidays.

5HThere are many ways to spruce up the security outside and inside your house:

  1. Most burglars get in through the front door, so equip this with a heavy duty deadbolt/lock system. Look for one that even has a built-in alarm and can be remotely controlled and activated. Nexia™ Home Intelligence is the brains behind remote locking, unlocking and more. This home automation system allows you to control locks, thermostats, lights, cameras and even the new Linear Z-Wave Garage Door Controller, from wherever you and the internet happen to be. Lock or unlock your door from anywhere with your mobile device and receive text or email alerts when an alarm triggers or when specific codes provided to your kids or visitors are entered at the lock.
  2. Intruders occasionally do get through windows, especially if they realize you’re not home and a window is open. A veteran burglar can slip through a window and steal some jewelry faster than you can walk your dog down the street and back.
  3. Keep your lawn manicured. Overgrown grass tells a thief you haven’t been in town for a while. And if you do leave town, arrange for someone to mow your lawn and rake leaves. If snow is expected, arrange to have someone shovel it. These tasks will make it appear you’re not on vacation.
  4. A light that never turns off is a sign you’re not home. Manage your lighting by scheduling it based on time such as sunrise or sunset or activate them remotely with Nexia Home Intelligence.
  5. Have the post office and newspaper delivery do a vacation hold for your mail and paper, respectively.
  6. How many times have you seen in some TV show a family loading up the top of their station wagon, in broad daylight smack in the middle of the driveway, for a vacation? Leave this to TV, and in real life, pack your vehicle inside the garage with the door closed or in the cover of dark, so that casing burglars don’t connect the dots.
  7. Arrange to have someone leave their car in your driveway while you’re gone.
  8. Lock up all your valuables. And even when you’re home, make sure that any piles of holiday presents are not visible from the outside.
  9. It’s a no-brainer, but people actually disregard this golden rule: Lock all possible entries to your house.
  10. Don’t blab on social media about your vacation until after you’ve returned.
  11. Do not reset your voicemail to say something like, “Hi! We’re enjoying the sun and surf in Tahiti for a few weeks, but we’ll be back soon!” Clean out your voicemail mailbox so that it doesn’t say “full.”
  12. If you don’t have one now, invest in a monitored home security system so you can fully relax on that white sandy beach.
  13. Install security cameras that can be remotely viewed on your mobile, tablet or PC through a self-monitored system like Nexia Home Intelligence.
  14. Put “Beware of Dog” signs in a conspicuous place even if you don’t have a dog.

Travel is supposed to be fun and stress free. And it’s always better when you know your home is safe and sound while you are away. Take the time to implement these tips and have a happy holiday season!

Robert Siciliano personal and home security specialist to Nexia Home Intelligence discussing burglar proofing your home on Fox Boston. Disclosures.

Sociopath: Someone who breaks into your Home

What is a Sociopath?

A sociopath, technically, is not a psychopath. These are actual psychiatric terms, and to say they’re one and the same is like saying that eczema and psoriasis are one and the same.

2BThough a sociopath and psychopath will often commit the same crimes, like breaking into a home, these are two different psychiatric conditions. Both fall under the category of antisocial personality disorder. They have in common the propensity for violence, lack of conscience and disregard towards ethics and laws.

The psychopath is clean cut, dresses impeccably, drives a Jaguar, is well-read and knows his wines, and is married with children. The sociopath is a drifter, disheveled, with needle marks up his arms, can’t hold a job and never graduated from high school. Both, generally speaking of course. Both these individuals are capable of the same heious crimes, but for different reasons. Example: A woman is assaulted; the first guy did it for fun after breaking into her home. The second guy broke in and did it as punishment after she refused to give him money.

Sociopathy

  • Obvious issues interacting with people; shows anger management problems and edginess.
  • People think he or she “has problems”; they lack cunning and charm.
  • People aren’t surprised when he’s arrested for murder.
  • Capable of emotionally bonding with humans, but this is limited.
  • Capture by the police is easy; they’re sloppy with their crimes.

Psychopathy

  • Calm, cool, collected, suave, may even be the life of the party, well-respected in the community.
  • Carefully plans crimes and when caught, it’s usually after they got away with many crimes.
  • Despite often having a spouse and kids, the psychopath is not capable of emotionally bonding with humans.
  • Skilled at manipulating and tricking people with their charm and high intelligence.
  • Capture by the police is difficult.

The psychiatric establishment’s position is that sociopathy is the result of childhood environment, whereas psychopathy is primarily the result of faulty brain wiring. If you had to be stuck on a dark island with a sociopath or psychopath—opt for the sociopath. You have a small chance of tapping into what little empathy he’s capable of.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.