Beware of Home Security Scams

/in /by

Will the home security scams ever stop? The latest scam has fraudsters going door to door, posing as sales reps for “Trio Alarm.” They first make sure that the houses they visit already have a security system (e.g., security decals on windows), then tell the occupant that the company for that security system has gone belly up. (Yeah, right, ADT has gone belly up!)

1SBut there’s one born every minute, right? The scammer tries to get the resident to sign a five year contract for “Trio Alarm.”

The alleged Trio Alarm company doesn’t even have a business license in the city of Huntington, West Virginia, where these scams have been occurring. There really is a Trio Alarm company, but it’s not known if the scammers are associated with them.

At any rate, if someone shows up at your door and says your alarm company has gone under, are you really naïve enough to take their word for it and sign a five year contract on the spot, rather than simply thanking that person, taking their business card, closing (and locking) the door, and then calling your alarm company to verify what you just learned?

Contact the attorney general’s office if you feel that a sales rep at your door was a con artist. And though Trio Alarm really exists, their D-minus rating with the BBB also exists.

Preventing Home Security Scams

  • If you have a home security system, and you receive a call from someone claiming to be from that company, requesting personal information for an update or whatever…don’t give out this information; tell them you’ll call back. Then call the company to see if the call was a scam.
  • Beware of the door-to-door home security “sales rep.” If you don’t have an alarm system and tell them “no thank you,” and they leave…that might not be the end of them; they may break into your home in the future, knowing you lack a security system.
  • Never give out any private information to anyone at your door! A company that really needs this information won’t send someone out in person to ring your doorbell to get it. And really, no company needs this information.
  • You’ll be a lot safer in life if you worry more about you and your family’s safety than hurting the feelings of a stranger at the front door. If the “sales rep” is persistent, including insisting he come inside because it’s hot out, or he needs to show you some papers, etc., do not give in! SAY NO, and do it through the door, don’t even open the door. If he’s legit, he’ll forget about your “rudeness” by the time he gets to the next doorbell!

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Russian Hackers getting rich from your Identity

/in /by

Where’s the $$$ at? Selling credit card data. Have you heard of the Russian hacking ring that raked in two and a half billion dollars? Check it out: 4D

  • Phishing attacks are lucrative for these cybercriminals.
  • ATM hacks continue to increase, in part due to targeted attacks and new software.
  • Smartphone attacks are on the upswing.

There are three ways criminals obtain credit card data, and selling it is enormous business. And data breaching at the point of sale has been a big issue for the past few years. POS attacks are conducted with skimming tactics or by using Trojans. Unless significant changes are made, look for POS attacks to swell up, not shrivel up.

Selling credit card information is such big business that there exist professional wholesalers who specialize in this. Ukrainian, Russiona and many in eastern Europe are some of the largest brokers of and the main suppliers of stolen card data. But the wholesalers who purchase his acquired data are also rolling in the dough.

More on the Russian Hacking Empire

  • Lots of DDoS attacks
  • Over a quarter of a billion dollars in the sale of nefarious products
  • Spam, spam and more spam: an $841 million goldmine
  • A rise in the number of crime rings, the result of the development of new ways to commit theft off of users of smartphones.
  • In fact, several new crime rings have emerged this year that center on bank theft of mobile device users.

There’s currently just no end in sight for the Russian hackers, and there perhaps never will be, especially since geography is a barrier to prosecution.

6 ways to watch your statements.

  1. Monitor your paper statements monthly
  2. Monitor your e-statments when they come in
  3. Login to your credi card company’s website as often as you can
  4. Download your credit card company’s smartphone app and check often
  5. Sign up for Mint or BillGuards credit card alerts
  6. Go to your credit card company’s website and sign up for text and email alerts for every transaction.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

What we can learn from Celebrity Stalkers

/in /by

Rihanna was basically discovered on YouTube. Had she stayed there, her psycho stalker would have never had any interest in her. People are just plain insane. But she’s famous, so Kevin McGlynn decided to send her threatening letters and lurk outside her home, says an article at reuters.com. He was committed to a mental facility. McGlynn, 54, has orders not to contact Rihanna in any way.

1SDJudge Orlando Marrazzo says that this guy believes that Rihanna and other stars have used his material for their songs. The judge says that McGlynn may be capable of killing Rihanna and anyone else in the way.

Not surprisingly, this guys lawyers won’t respond to comment requests. Maybe if McGlynn heard Rihanna’s cover of “Hero” when she was 15 years old, he’d instantly lose interest in her (no autotune!). But then maybe he’ll simply latch his obsession onto another celebrity.

Just how well is Rihanna’s mansion protected? With all the money she has, she can easily afford the world’s best security system: all the layers, inside and out. This would include shatter proof glass for every window and a team of 24-hour security guards. She can have barriers to her grounds created to prevent stalkers from lurking on the premises.

Of course, many “ordinary” people are victims of stalking, such as by ex-boyfriends. Even women commit stalking. The stalker could be a coworker, former spouse, secret admirer, anyone. How do you get rid of a stalker? Well, one thing’s for sure: If the stalker has nothing to fear from his victim, he’ll keep stalking.

First off, find out if you’re being stalked. Be acutely aware of your environment. Know who’s around you when shopping. Take note of cars behind you when driving. Pursue martial arts. Trade the crunch machine at the gym for the heavy bag (ever see avid heavy bag users who didn’t have great abs?).

Though a left hook or inside crescent kick won’t stop a bullet fired from 10 feet away, you can easily take out an unarmed stalker if you’re trained and he or she is not. Even if the stalker rushes you with a 2 x 4, you have an excellent chance of being victorious if you have enough self-defense training.

If you’re being stalked or suspect it, don’t waste another second with getting a complete home security system.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Chip and PIN vs. Chip and Signature Cards

/in /by

The planet’s most powerful nation is sure backwards when it comes to the payment card industry: Why has America been using 1970s technology as of the posting date of this article? That magnetic strip on credit and debit cards has GOT to go already! And thank goodness, the transition to chip technology is more imminent than ever.

1CFor those of you out of the loop, the stripe makes it ridiculously easy for cyber thieves to commit all sorts of crimes. (Remember Target?) The chip in most cases will trip them up on this.

Chip-and-PIN technology is better than chip-and-signature. However, the chip-and-signature is taking a much stronger root in America than the PIN version. The signature version’s most obvious drawback is that it’s useless in all the other nations where PIN technology rules.

Additional Problems with Chip ‘n Signature

  • A signature can be forged.
  • The card can be intercepted prior to transaction completion.
  • Will be very costly to convert the current stripe technology to signature—but the investment will not offset the cost due to the inherent weaknesses in signature-based technology.
  • Consumers, thinking that the “chip” part of the signature version means great security, will be miffed once they realize how vulnerable signature actually is.

Benefits of Chip ‘n PIN

  • The card issuer must assign the personal identification number prior to mailing the card to the user; the user must reset the PIN at a branch. Just like a debit card. Easy.
  • Makes it really difficult for criminals to use a person’s credit or debit card in a fraudulent way. A most obvious example is that if a thief steals or finds a lost credit card…and tries to make a purchase…he’ll come to a dead end when it’s time to enter the PIN.

Drawbacks of Chip ‘n PIN

  • Will cost an arm and a leg to implement on a universal scale, and unfortunately, funds are already being diverted to switch over to the signature technology rather than the chip.

Solutions to the Signature Problem

  • To nab or prevent imposters from making that signature, certain technologies like geo-location can be implemented to determine if the customer is the real owner of the card. There’d be multiple technologies in place for verifying ownership.
  • The transaction can require voice biometrics with a smartphone: The system will approve the purchase only when the card user’s voice is identified as that of the real owner.
  • The second point here would be contingent on authenticating the smartphone.

But all that seems a little complicated an unnecessary. We really should just use the Chip and Signature. Or how about we just use Apple Pay!

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

It’s Beginning to Look a Lot Like the Holiday Shopping Season

/in , /by

The holiday season is in full force. Not only is it time to bring out the tinsel while jamming out to holiday music, it’s also time to buckle down on your holiday shopping. Have you made your holiday shopping list yet? Luckily, in the U.S., the biggest shopping days of the year are coming up meaning lots of shopping deals at stores on and offline to help you complete your holiday shopping list.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294There are people out there who are really gung-ho about Black Friday—camping outside a department store the night before and fighting the masses for the half-price widescreen tv. That’s not really my style; I’m more of a Cyber Monday kind of guy. I just fire up my computer or tablet and start clicking and then boxes magically arrive at my house…well maybe not magically.

Online shopping is convenient for the holiday shopper. No lines, no braving the sometimes nasty winter weather, no crowds—you can buy almost anything and never leave your couch. Although online shopping is a great way to complete your holiday shopping list, you should take a couple precautions while online to keep your personal and financial information safe from hackers.  Along with avoiding the 12 Scams of the Holidays, here are the top 5 tips to help you stay safe while shopping online this holiday season.

  • Be wary of deals. Does that 90% off blowout sale of iPhones sounds too good to be true? It probably is. Any offer you see online that has an unbelievable price shouldn’t be believable. Beware of spam emails with links to awesome deals, as it’s particularly dangerous to buy on a site advertised in a spam email. I recommend using web protection, like McAfee® SiteAdvisor® provides easy to results to protect you from going to a malicious website.
  • Use credit cards rather than debit cards. If the site turns out to be fraudulent, your credit card company will usually reimburse you for the purchase; and in the case of credit card fraud, the law should protect you. With debit cards, it can be more difficult to get your money back and you don’t want your account to be drained while you’re sorting things out with your bank. Another option savvy shoppers sometimes use is a one-time use credit card, which includes a randomly generated number that can be used for one transaction only. If the number is stolen it cannot be used again. Using this type of credit card also ensures that a thief does not have access to your real credit card number.
  • Review the company’s policies. Look to see how the merchant uses your personal information and check to make sure that it will not be shared with third parties. You should only disclose facts necessary to complete your purchase and not any additional information about yourself. Also, check the website’s shipping policy and make sure it seems reasonable to you. You want to make sure that you understand all your shipping options and how they will affect your total cost of your online purchase.
  • Check that the site is secure. Find out if a company’s website is secure by looking for a security seal, like the McAfee SECURE™ trustmark, which indicates that the site will protect you from identity theft, credit card fraud, spam and other malicious threats. Make sure the site uses encryption—or scrambling—when transmitting information over the Internet by looking for a lock symbol on the page and checking to make sure that the web address starts with httpS://.
  • Only use secure devices and connections.  If you are using a public computer, information such as your browsing history and even your login information may be accessible to strangers who use the computer after you. Also, never shop using an unsecured wireless network because hackers can access your payment information if the network is not protected.  To protect yourself, do all of your online shopping from your secure home computer. When shopping at home, make sure all your devices are protected with comprehensive security like McAfee LiveSafe™ service which protects all your PCs, tablets and smartphones.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Identity Theft of the Dead affects the Living

/in /by

You don’t have to be living to have your identity stolen. Every year in America there’s 2.5 million cases of ID theft involving the deceased. And while your first reaction might be “So what, I’ll be dead and I won’t care”, you need to keep in mind that identity theft of the dead often significantly affects the living. How can this be prevented or at least, minimized?

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Shut Down Social Media

Though it’s hard to do, closing down the decedent’s Facebook page will contribute to preventing ID theft.

Contact the Social Security Administration

This agency has a “death master file” of the SS numbers of deceased people that should be rendered inactive. This way a thief can’t use the number. Don’t wait for a funeral director to do this (though that’s their job); do it yourself for faster results.

Obits

When composing an obituary, people should post very little information. Crooks actually read these in search of a possible ID theft victim. The information to leave out includes names of survivors, complete addresses and professional history.

Receiving Bills

If a decedent’s identity has been hijacked, a survivor may begin receiving bills in that person’s name…and eventually, calls from collection agencies. “The problem isn’t so much financial — it’s emotional,” says Maria Cordeiro with the Chubb Group of Insurance Companies in an article from business-news.thestreet.com. You may have to be dragged through the pain of proving that your deceased loved-one is, in fact, no longer around.

How do you fix this problem?

  • Get all the needed documentation together, because you’ll need to send it out to any entity that requires it for proof.
  • Obtain a credit report prior to the person’s death. Of course, this works in cases of a diagnosed terminal condition versus accident. Once you have the person’s credit report, then six months after death, obtain another for comparison, says Cordeiro. The decedent’s name and SSN, six months later, should be in the death master file.
  • Do some credit monitoring. This is easier than obtaining a credit report for someone who’s dead.
  • Do a credit freeze. For a small fee, the credit report gets frozen shut, preventing a thief from opening a new account.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

11 ways to Let Santa in and keep Bad Guys out

/in /by

You’ve heard of “dumb criminals,” right? Well…unfortunately, there’s at least as many dimwitted homeowners as there are criminals. Be a smart homeowner and use smart technology along with smart security tips and smarten up!2B

  1. The holiday season has arrived. Are you going to display a huge Christmas tree in your biggest window, shades up, so that thieves casing the neighborhood can see all the presents piled under it? “Those people have valuables,” they’ll think.
  2. Get a home security, video monitoring and automation system like Piper that allows you to get alerts on your iOS and Android mobile devices when activities occur and gives you full access to your home via a 180-degree, panoramic camera.The Piper + Z-Wave Pack comes with window and door sensors along with a smart warning sticker.
  3. Get more signage.“Beware of Dog”, “This home is Alarmed” “Video Surveillance in use” etc. Find out where you can get the signs; eBay, hardware stores etc.Thieves don’t like to take chances that you’re bluffing.
  4. Don’t underestimate thieves who case neighborhoods. Though some criminals are truly dumb, many are smart enough to cleverly case houses before breaking in, such as wandering around dressed like the water meter man, carrying a clipboard, posing as an inspector when instead he’s looking to see whose homes he could easily get into. They knock on doors, and if no-one answers, they jiggle the door knobs. They’ve even been known to put reflective stickers on the homes front door so they remember which house is unlocked.
  5. And back to that Piper home security, video monitoring and automation system. Set it to send you notifications or call you when events occur in your home, like when doors are opened or rooms are entered. You can even set Piper to capture a video clip of the event when it happens, so you always know what’s going on when you’re not home.
  6. Keep your doors locked at all times until you must go through them. There’s always enough time to lock a door after you use it. My doors are locked all day. It’s not about being “paranoid,” it’s about being in control of your families security.
  7. Ask yourself if there’s any logical reason why your shades must be up when it’s dark outside—when anyone could look in and see what you have or how vulnerable you may be—then make a habit of shutting the view before it gets dark. Ideally, keep curtains and blinds/shades down during the day, too, at least in rooms where you don’t have to have the light coming in from outside.
  8. Just went Christmas or Chanukah shopping? Close the garage before you unload all the expensive goodies from your car so nobody can see.
  9. Never post in social media your vacation plans or information about recent purchases of things that thieves love. Does someone you barely know who lives 400 miles away need to see your new diamond earrings?
  10. Make sure your social media pages don’t contain personal information like your e-mail address or phone numbers.
  11. Be careful about the inane things you post, such as “I’m sitting here at the car dealership all day while my car is being fixed.” You never know who might read this and decide to rob your home.

Robert Siciliano, personal and home security specialist for Piper, the All-In-One Home Security, Video Monitoring and Automation Device, discussing burglar proofing your home on Fox Boston. Disclosures.

How to win the War on Phishing

/in , /by

A phishing attack is a trick e-mail sent randomly to perhaps a million recipients, and the thief counts on the numbers game aspect: Out of any given huge number of people, a significant percentage will fall for the trick.

13DThe trick is that the e-mail contains certain information or is worded in such a way as to get the recipient to click on the link in the message. Clicking on the link brings the user to a website that then downloads malware.

Or, the website is made to look like it’s from the user’s bank or some other major account, asking for their account number and other pertinent information like passwords and usernames; they type it in (and it goes straight to the thief). Sometimes this information is requested straight in the e-mail’s message, and the user sends the information in a direct reply.

The Google Online Security Blog did some analysis of phishing e-mails and came up with the following:

Malicious websites really do work: 45 percent of the time. As for getting users to actually type in their personal information, this happened 14 percent of the time. Even very fake looking sites went over the heads of three percent. Three percent sounds like peanuts, but what’s three percent of one million?

Hasty hackers. Once the hacker gets the login information, he’s into the victim’s account within 30 minutes 20 percent of the time. They may spend a lot of time roaming around in the account, which often includes changing the password to keep the victim out.

Those strange e-mails. Ever get an e-mail in which the sender is a very familiar person, but the message was also cc’d to a hundred other people? And the body message only says, “Hi there!” and then there’s a link? This is likely an e-mail from the victim’s e-mail account (which the hacker knows how to get into), and the thief copied everyone in the victim’s address book. Recipients of these phishing attacks are 36 percent more likely to fall for the ruse than if the attack comes as a single message from an unfamiliar sender.

Fast adaption. Phishing specialists are good at quickly changing their strategies to keep up with changes in security.

The Google Online Security Blog recommends:

  • Not all “spam blockers” block 100 percent of all the phishing e-mails. Some will always slip through to your in-box. Never send personal information back to the sender of e-mails requesting personal information. Never visit the site through the link in the e-mail.
  • Use two-step verification whenever an account setup offers it. This will make it difficult for the hacker to get into your account.
  • Make sure your accounts have a backup e-mail address and phone number.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Father nabs Daughter’s Kidnapper

/in /by

So if your family goes to bed, and a sociopath walks in at 4:30 in the morning (because you left a door unlocked!), and grabs your child while you’re asleep …you’d better hope your guardian angel is on steroids.

2BAn Associated Press article reports that a Utah man managed to rescue his 5-year-old daughter as an intruder was carrying her across the lawn after kidnapping her at 4:30 am.

The parents left a door unlocked! The father never heard screams, but was a light enough sleeper that he heard the front door opening, then heard the child talking.

The time lapse between when the front door opened and when the father caught the intruder outside is not clear. But there was enough time for the sociopath to get into the girl’s basement bedroom, pick her up, exit the house, and make it partway across the front lawn before dad came out and demanded he hand her over to him. The intruder did so, then fled. If dad had been a few seconds delayed…this could have been another “missing child’s body found” story.

The intruder is Troy Morley, 48. He was stupid enough to break into another house shortly after this incident, just a few blocks away, entering through a doggie door. Good thing he wasn’t bright enough to figure that a doggie door means a dog lives there and will start bark its head off at his presence.

And yes, that’s how the house’s owner knew he was there; the dogs barked. By this time, police were already nearby searching for the scumbag, and a police dog bit him in the shoulder after the house’s occupants called out for help.

Police said that the attempted abduction was random and still don’t know if Morley knew ahead of time a little girl lived there, or if he decided to kidnap her on a whim upon discovering her bedroom while looking for things to steal.

Though one account says that the little girl was “talking,” a neighbor says that her younger sibling heard screams. The girl’s family is keeping a low profile and trying to get on with their life as normally as possible. No doubt, the parents will never go to bed with an unlocked door ever again.

It took this incident to inspire a couple down the street to consider a home security system. April Parry has three kids and says in the AP article, “That is your biggest fear as a parent.” But don’t wait till someone tries to abduct a child down the street to get an alarm system! Get one NOW. Sociopaths aren’t waiting for you to get smart.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

How to survive off the Grid for 2 Weeks

/in /by

What with today’s technology being so integrated into everyone’s life, could YOU survive for two weeks “without anything”? Do you even have an emergency plan in place? Maybe you don’t ever have to worry about hurricanes and earthquakes where you live, but what if this Ebola thing really does get out of hand and you want to stay safe inside your house for weeks? What about a massive power outage?

What You Need for Two Weeks

  • Canned items: proteins, meals, vegetables, fruits, beans…so many kinds of foods come in cans.
  • Dairy in powdered form; canned evaporated form
  • Other canned and cupped goods like Ensure, instant oatmeal, instant soup
  • Packaged foods like chips, meal replacement bars, etc.
  • As for how much food? Depends on your and your family’s eating habits; there’s no one-size-fits-all, but the idea is to get adequate sustenance, not feast like a king. Feel free to stock up on all sorts of condiments, but for two weeks, is it really necessary to make sure you have bouillon and pickle relish?
  • Manual can opener
  • Sterno stove, though food to stay alive and healthy while two weeks off the grid need not be heated.
  • Each person needs a gallon a day; buy it bottled to eliminate risk of contamination or hassle of decontaminating it.
  • Garbage bags, plastic eating utensils, paper plates/cups, wet wipes and even an N95 mask will prove very useful.
  • Thermal underwear, gloves, hats, ear muffs, boots, blankets, walking shoes, umbrella, sunscreen, toilet paper, women’s sanitary items etc.
  • First aid kit, surplus refills of prescription drugs, OTCs, etc.
  • Flashlights, other battery operated tools like radios, and extra batteries
  • Back up your computers’ data daily if possible. Keep a photo record of all of your vital documents and personal possessions. Keep the negatives of important non-digital photos. Send duplicates of your backups to a trusted individual who lives distantly.
  • Establish a contact person who lives distantly. Each family member should have this person’s contact information (ideally memorized).
  • If your community or neighborhood ever has any emergency prep meetings, attend. If not, speak to people about emergency preparedness. Get ideas brewing.