2014 - Page 14 of 37

Healthcare High on Hackers’ Hitlist

August 20, 2014/in healthcare /by Robert Siciliano

If you think that retailers are the biggest target for cyber criminals, you have it more than a wee bit wrong. Hackers are really going after the healthcare and pharmaceutical industries. In fact, “Will Healthcare Be the Next Retail?” is the name of a recent report released by BitSight Technologies, a security ratings firm.

The report claims that not all victims of healthcare hacking report breaches, so figuring out the total number of these attacks is difficult. However, the Ponemon Institute released a report stating that hacking into healthcare and insurance companies has jumped 100 percent since 2010.

Why such a jump? It could be due to the fact that healthcare-type enterprises have gotten onto the BYOD (bring your own device) bandwagon. This is almost analogous to an employee infected with a stomach virus coming into the building and spreading the sickness.

Another dynamic: as more doctors use technology to stay connected to their patients, it won’t be surprising to see breaches become more common in the healthcare sector.

What distinguishes healthcare-industry hacking from retail hacking is that the retail hacker simply wants a credit card number. But the crook who cracks into medical records—that’s your patients’ individual profile chockfull of personal medical information.

Healthcare hackers may want to steal your patients’ identities to commit insurance fraud, so your records should be diligently monitored.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Beware of the Lottery Scam

August 19, 2014/in scams /by Robert Siciliano

“You have won!” Yippeeee! NOT! Let’s see if you’re in that percentage of the population who will fall for this lottery scam. The alert can be an e-mail, snail mail or phone call, claiming you won a bundle of money. But keep this alert a secret due to some “mix-up in names” and you must contact a “claims agent.” You then must pay “processing charges” or “transfer fees.” You then wait. And wait. And wait.

There’s one born every minute. Many scammers use the names of valid lottery organizations, but this doesn’t mean the legit entities are involved.

The latest con is to tell someone they won a Powerball jackpot while planning on stealing their identity. This happened to Jim Shella, a newsman from Indianapolis. From a random number he received several texts mentioning his name and saying he won.

Deputy Attorney General Terry Tolliver knew this was a scam. A text requested Shella’s Facebook screen name for confirmation. The requests for personal information, in these scams, will escalate. Shella texted back asking for identification. The answer: “This is Agent Paul, the delivery consultant for Powerball.” When Shella said he had no winning ticket, Agent Paul said that none were necessary to collect the $26,500.

Shella said he was a reporter and asked Agent Paul if he wanted to be in a story. Agent Paul asked if Shella wanted his winnings. Tolliver warns that these scammers will attempt to suck enough information out of you to steal your identity. Though Shella was playing head games with the crook, it’s best to delete the first text message you get like this and never respond.

How to recognize a lottery scam

You can’t win without a ticket. Period. So if someone claims you won, and you didn’t buy a ticket, it’s a scam.
You must pay a fee. Legitimate operations subtract fees and taxes from the winnings rather than demand you pay an amount in order to collect the prize.
Scams almost always originate from free e-mail accounts like Yahoo, Hotmail and Gmail.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Back to School Time Means Online Safety Time

August 18, 2014/in online safety /by Robert Siciliano

It’s August which for parents (and kids) means it is back to school time. It can be easy to reminisce about your school days—passing notes to the cute girl or boy in class, late-night study sessions with friends, or playing tag on the playground.

But your kids’ school experience is way different from when you were in school. Snapchat, Facebook, and text messaging have replaced those folded handwritten notes. Educational apps have replaced flash cards. A lot of your kids have their own smartphone or are probably asking for them.

Your kids are growing up as digital natives, with technology playing a part in almost every aspect of their lives. In a study conducted earlier this year, McAfee found that 54% of teens and tweens spend more than 10 hours online per week and over 60% use either Snapchat, YouTube or Instagram on a daily basis.

And while our kids may be digitally savvy, McAfee found that while 90% of tweens and teens believe their parents trust them to do what is right online, almost half (45%) would change their online behavior if they knew their parents were watching. So it’s critical that we stay one step ahead of our kids.

With all this technology available, there comes new responsibilities for us as parents. It’s important that we take the time to teach our children how to safely navigate the digital world. Here’s some ways to protect your kids online:

Turn off GPS services. Encourage your child to disable this option to keep their location invisible to strangers.
Enable privacy settings. This is something we should all do and the McAfee study found that over 1/3 of youth did not use these on their social networking profiles.
Discuss the reality of cyberbullying. In the McAfee study, 87% of kids have witnessed cyberbullying and 24% said they would not know what to do if they were cyberbullied.
Teach them what is appropriate to share. 50% of tweens and teens share their email address, while 30% post their phone number and a whopping 14% posted their home address.

To help keep our kids safe online, McAfee and HP have teamed together to promote online safety during the Back to School season —and give you a chance to win prizes. To learn more, go to www.BTStips.com to enter to win!

For more tips, like McAfee on Facebook or follow them on Twitter.

Cheers to a safe, fun school year!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Beware of 5 Summertime Scams

August 17, 2014/in scams /by Robert Siciliano

The Better Business Bureau says beware of big summertime scams: five in particular.

“Wow, it’s a steal!” No, that’s not necessarily from the customer; it’s from the crook who entices the consumer with an irresistible deal involving airfare and room and board. If you see a deal that seems too good to be true, do an online search of the associated phone number and address, whatever it takes to confirm legitimacy.

Seasonal jobs. Con artists like to target high school and college students especially. Be careful about job ads stating that no experience is needed, though these can be legit. However, be extra cautious if the company requires you to pay for training or to pay for a background check.

Concert tickets. Con artists will attempt to resell the same ticket over and over, as the ticket can be printed out when a concert venue sells it directly from their website. Be suspicious of someone giving you a sob story for why they must sell their ticket. Be leery of those who will take only a cash payment.

Movers. Planning on moving this summer? Beware of whom you hire, and take a second look at a price that seems like an outrageously good deal. A cost that’s quoted online or over the phone isn’t always carved out in stone. Don’t just hire without first checking them out, even if they were recommended by friends or a service person you recently hired and were pleased with.

Door to door sales. Don’t be swayed by someone at your door. Get everything in writing before you hire someone, be it for landscaping or a security system. Never sign a contract that lacks a start and finish date.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

The Role of Antivirus Software

August 16, 2014/in Anti-virus protection /by Robert Siciliano

https://safr.me/webinar/ | Robert Siciliano is the #1 Security Expert in the United States with over 25 years of experience! He is here to help you become more aware of the risks and strategies to help protect yourself, your family, your business, and your entire life. Robert brings identity theft, personal security, fraud prevention and cyber security to light so that criminals can no longer hide in the dark. You need to be smarter than criminals yesterday so that they don’t take advantage of you today! If you would like to learn more about Security Awareness, then sign up for Robert’s latest webinar!

_______

The purpose of antivirus (AV) software is to detect, neutralize or eradicate malware (malicious software).

AV software not only will identify and destroy the computer virus, but it’s also designed to fight off other kinds of threats such as phishing attacks, worms, Trojan horses, rootkits and more.

How does AV software work?

It will first scan (either on automatic timer that the user selects or manual) the computer’s files to seek out any viruses that fit the description that’s in a virus dictionary.
Using a method called heuristic analysis, it will also try to detect suspicious activity from any program that might seem to be infected.

Antivirus programs come in different flavors, but the common denominator is that they seek out viruses and other malware, and neutralize them.

The computer’s hard drive and external drives are also included in the scanning process.

What’s really important is that you make sure that your AV software is set for automatic updates—and on a daily basis at that—so that any new viruses or malware can be quickly pounced upon and rendered disabled.

Cybercrimes are more prevalent than ever, says the McAfee Threat Report. Check out some findings:

Fairly recently (first quarter of 2013) was a time that was the most active, ever, for the entire gamut of malicious software generation.
More than 14 million new samples were identified by McAfee.
Malware is evolving, becoming savvier. An example is the Zeus malware that gets spread when the user unintentionally downloads it (from being tricked into doing so), or, when the user opens an attachment in an e-mail, not knowing it’s poised to infect his computer. This malware is smart because it evades anti-spam software by presenting as graphics instead of text in the e-mails.
Every month means about six million new botnet infections.
Between the first and second halves of 2013, new phishing websites doubled in number.
Sixty percent of the leading Google search terms returned malicious sites just in the first 100 search results alone.

The key is simply to have antivirus installed, let it run its updates automatically and pay for the annual license. As long as you have it, it will prevent most infections.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Smart Home Security Tips

August 15, 2014/in home security tips /by Robert Siciliano

It’s well-worth your time and money to make a burglar’s job very difficult. Employ the following home security tips:

Lock up! How many times have you read about a home intruder who “entered through an unlocked window”? Keep your windows and doors locked as much as possible.

Deadbolts. A deadbolt makes an incredible difference. Even a “determined” thief wants a quick, easy job. A decent deadbolt is about $25; you’ll get what you pay for. Lock it when you’re at home, too.

Home security. You can even do this yourself. A cheap system will sound an alarm that no burglar will want to stick around for. You can install a basic system including a keypad and door sensors for $25 online. Add on features like wireless keyfobs, motion detectors, etc. However, if the money is there, invest in a monitored system. The monthly fee is cheaper than you think.

Use curtains/blinds. A potential burglar won’t be interested in your home if he can’t see in. When you’re gone during the day, close the curtains/blinds unless your plants need the light to survive. If you’re home and want to admire the view, at least close the curtains on windows through which you’re not admiring any view. Never leave them open once dusk hits.

Shrubbery. If you absolutely must have shrubs near entry points to your home, then make sure they’re thorny so that a burglar doesn’t hide in them. If what’s already there isn’t thorny, have it trimmed down so that a burglar can’t hide there.

Sliding door security. Place a wooden rod in the door track frame.

Be safe. With a safe, that is. A fireproof safe is less than $40. Until you get a safe, put your jewelry in a place a burglar would never look: like a covered Styrofoam cup next to the mouthwash bottle.

Don’t forget the garage. Keep the garage door closed at all times, even if you have an in-and-out lifestyle. You can buy a garage door timer for under $40 that automatically shuts the door after a predetermined time period. But if you want to keep it open, the device has a manual override.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

6 Survival Tips for Being Lost in the Woods

August 14, 2014/in safety tips, security /by Robert Siciliano

Some may remember the James Kim case out of Oregon in December 2006. Kim inadvertently chose an old logging road while driving home, getting lost in the woods. He left his wife and two young kids in the vehicle while he sought help, promising to return by early afternoon. He never did and his body was found in a creek. Based on snow tracks it was determined he walked practically in the same loop over and over for 16 miles. Awful.

Here are no-nonsense, easy tips for surviving mentally and physically if you ever become lost.

Once you realize you’re lost, assess for injuries or situations that interfere with life sustenance. This assessment is ongoing because it includes avoiding doing anything that could interfere with breathing, blood flow, consciousness, you know, life.

Next is think and observe. Where are you? What landmarks did you spot prior? How did you get here? Assess the environment: Hot? Cold soon? Darkness soon?

Get logical, not emotional. Admit you’re truly lost. If you have an idea from where you came, backtrack mentally for clues, e.g., if you see wet mud on the trail where you think you came, check if your shoes are muddy. Think before you wander.

Inspect your inventory. Maybe you have something that could help like a sharp tool, whistle, cellphone. And, how much water do you have? Sip in small amounts when thirsty, and limit exertion.

It’s time to plan. Once you decide to find your way back, leave trail markers. But don’t budge unless you’re 100 percent sure you know the way out. It’s safer to stay put in your lost spot and wait for rescue than do what James Kim did (rescuers eventually found his vehicle and his unharmed family).

What about food? Don’t panic (cavemen certainly didn’t; long fasts were a way of life). The body can go up to three weeks without food (but only two or three days without water; less in scorching heat).

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Before Getting Rid of Your Old Printer, Say “Goodbye” to Lingering Data

August 13, 2014/in security breach /by Robert Siciliano

https://safr.me/webinar/ | Robert Siciliano is the #1 Security Expert in the United States with over 25 years of experience! He is here to help you become more aware of the risks and strategies to help protect yourself, your family, your business, and your entire life. Robert brings identity theft, personal security, fraud prevention and cyber security to light so that criminals can no longer hide in the dark. You need to be smarter than criminals yesterday so that they don’t take advantage of you today! If you would like to learn more about Security Awareness, then sign up for Robert’s latest webinar!

_______

In the security business, there’s a lot of talk about protecting your smartphones and computers from malware and viruses, as well as loss and theft. It makes sense. Most of us use our smartphones and computers on a daily basis and keep important information on them like passwords, user names, and credit card numbers. But there are other devices that hold sensitive data that we don’t really talk about. For example, printers.

Some printers have internal hard drives or flash memory that store documents that have been scanned. This means that images of your pay stub, medical records, credit card statements, or any other sensitive documents you once scanned are stored in the printer’s memory and therefore retrievable by someone who knows where to look for it.

Because these hard drives are usually hard to find, they are usually not removed before a printer is resold or recycled. That can be bad news for you if your printer gets into the wrong hands.

If your printer is nearing the end or you are upgrading to a new printer, make sure you delete that important data off your old printer.

How do you get rid of your printer’s data? There are multiple ways.

Unplug your printer for a while. This will delete data if there’s no local storage. Check your printer’s user guide to see how long to leave your printer unplugged until the data is removed.
Clear the direct email function. If your printer has this feature, make sure to delete your password before getting rid of the printer.
Wipe the disk drive. If your printer has a disk drive feature, use the wipe disk to make sure your data is not accessible by others.
Destroy the hard drive. If you decide to trash a printer rather than reselling it, take it apart and find the hard drive. Remove it and hammer it. But remember, safety first. Make sure you wear those safety glasses.

Follow these tips and sell or recycle your printer with peace of mind, knowing that nobody will be able to retrieve your personal information.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Healthcare Providers Gaining Trust by Marketing Security

August 12, 2014/in healthcare /by Robert Siciliano

You’ve surely heard of “B2B” or business-to-business marketing. The new game plan is “B2C” – business to consumer marketing, particularly in the healthcare industry. The Affordable Care Act allows healthcare organizations to directly deal with consumers on a massive scale for the first time. However, this comes with some challenges, namely, how to effectively reach potential consumers and differentiate their organization from the competition.

Organizations must take notice that potential enrollees aren’t just concerned about cost and coverage, but two less apparent concerns: privacy and security.

Consumers want reassurance that their data is protected. They can’t get all the data breach fiascos out of their mind. According to the TRUSTe 2014 U.S. Consumer Privacy Report, 92 percent of U.S. Internet users are worried about their online privacy. Of these, 47 percent are frequently worried.

So even though a potential enrollee may have complete faith in your service and reputation, they may be unnerved by the pathways of information exchange: the Internet, mobiles, wireless networks, computers. They know that their personal health data is out there in “space,” up for grabs.

If you want strong enrollment numbers and loyal customers, you must put the consumer’s concern for the protection of their personal health information at the top of the priority list. No way around this. If consumers don’t get assurance from you, they won’t stick around for it; they’ll take their business elsewhere.

So what will you do to put consumers’ apprehension at ease? One way to accomplish this is to facilitate a security and privacy program to ease consumer anxiety.

AllClear ID provides the following guidelines for healthcare insurers and providers:

Continue to use state-of-the-art IT techniques to secure cloud services, access points, databases and mobile devices; and to better monitor systems for breaches.

Improve security of corporate devices and employees’ personal mobile devices used for work.

Enhance employee training at all levels to decrease errors, improve device security and ensure HIPAA compliance. Also train employees around how to comfortably talk to customers about how their data will be protected.

Institute an identity protection program for enrollees to make them feel safe signing up with you and reduce the pain if there is a breach.

Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures

Big ISP free Wi-Fi hazardous to your Data Health

August 11, 2014/in wifi, WiFi hacking /by Robert Siciliano

Beware of “Free Wi-Fi” or “Totally Free Internet,” as this probably IS too good to be true. These are likely set up by thieves to trick you into getting on a malicious website.

AT&T and Xfinity have provided many free hotspots for travelers to get free Wi-Fi: all over the country. Sounds great, right? However, these services make it a piece of cake for thieves to gain access to your online activities and snatch private information.

AT&T sets mobile devices to automatically connect to “attwifi” hotspots. The iPhone can switch this feature off. However, some Androids lack this option.

Cyber thugs can set up fake hotspots called “evil twins”, which they can call “attwifi,” that your smartphone may automatically connect to.

For Xfinity’s wireless hotspot, you log into their web page and input your account ID and password. Once you’ve connected to a particular hotspot, it will remember you if you want to connect again later in that day, at any “xfinitywifi” hotspot and automatically get you back on.

If someone creates a phony WiFi hotspot and calls it “xfinitywifi,” smartphones that have previously connected to the real Xfinity network could connect automatically to the phony hotspot—without the user knowing, without requiring a password.

None of this means that security is absent or weak with AT&T’s and Xfinity’s networks. There’s no intrinsic flaw. It’s just that they’re so common that they’ve become vehicles for crooks.

Smartphones and Wi-Fi generate probe requests. Turn on the device’s WiFi adapter. It will search for any network that you’ve ever been connected to—as long as you never “told” your device to disregard it. The hacker can set the attack access point to respond to every probe request.

Your device will then try to connect to every single WiFi network it was ever connected to, at least for that year. This raises privacy concerns because the SSIDs that are tied with these probe requests can be used to track the user’s movements.

An assault like this can occur at any public WiFi network. These attacks can force the user to lose their connection from their existing Wi-Fi and then get connected to the attacker’s network.

Two ways to protect yourself:

#1 Turn off “Automatically connect to WiFi” in your mobile device, if you have that option.

#2 the best way to protect and encrypt all your data in your laptop, tablet, or mobiule is via Hotspot Shields software to encrypt all your data even if you automatically connect to a free WiFi.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.