5 Reasons why You will get Hacked

/in /by

Don’t be part of the “I’ll never get hacked” camp. Do you really think it won’t happen to you? If so, it’s:

4DBecause you think no phishing e-mail could get past your radar. Just because you can spot a Nigerian scam doesn’t mean you can’t be tricked. Phishing campaigns today are ingenious and sophisticated, and include information about the recipients, fooling them into thinking these e-mails are from their friends or associates. These messages will blend right in with all your other legit messages as far as content and appearance, which include good spelling and grammar.

Because you think you’re not a target. You think you’re too little a fish in a sea of gargantuans for a hacker to be interested in you. However, every fish in the sea, including the tiniest, is a potential target. Sometimes, all a hacker wants is someone else’s e-mail from which to send spam.

Because you think deleting your cookies will keep you from getting targeted. This is like saying your house can’t get broken into because the second story windows are locked. But what if the first floor windows, and the front door, are open? Intruders will find other ways to cyber track you than cookies. For example, your IP address can identify you, which is why it’s always good to run Hotspot Shield to mask your IP address and protect your data on free WiFi. Second, your computer and browser have your unique fingerprint.

Because you think you’re invulnerable with firewall and antivirus software. Did you know that in some cases the best anti-malware detection, especially for larger business networks, spot only 45 percent of attacks? Keeping in mind you have to have antivirus, antiphishing, antispyware and a firewall as necessary layers of protection.

Because you think that avoiding Internet back alleys will keep you protected. Just like a mugging can occur in broad daylight in a busy mall parking lot, so can deposition of malware in that this is many times more likely to occur as a result of visiting popular online shopping sites and search engines, when compared to phony software sites. And if you spend a lot of time on porn sites, consider yourself infected.

Don’t Be a Myth Head

A smart, sophisticated cyber criminal will go after smart, sophisticated users, not just the dumb ones. Don’t let your guard down for a second. There’s always someone out there who’s smarter than you—or, at least—smart enough to trick you, if you become lax.

One step forward is to just commit to never, ever clicking on any links inside of e-mails. And when you receive an e-mail with an empty subject line, even if the sender is apparently your mother…don’t open it. Instead, send her an e-mail and ask her if she sent you one with a blank subject line. And even then, don’t open it, because you just never know. Protecting yourself takes a little more time, but remember, a stitch in time saves nine. Which frankly, I really don’t know what that means, but it sounds good right here.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

PC Hard Drive Maintenance 101

/in , /by

Keeping your hard drive in tip-top shape is key to a well-running computer. A crashed hard drive means smacking a big wet-one goodbye to all of your data.

7WEliminate Unnecessary Data

  • De-clutter the drive to make its workload easier.
  • One way of de-cluttering is to uninstall programs you never use (go to the control panel).
  • Review your files and folders and rid the ones you’re done using.
  • Store the ones that you rarely use but don’t want to delete on a flash drive.
  • Also use your computer’s disk clean-up program (go into “Computer,” right-click the hard drive, hit “Properties” and click “disk cleanup”) to help get rid of junk.

Keep the Drive Hopping

  • There are many freeware utilities that can help your hard drive provide you feedback of its integrity. You should use one of these, as they will tell you how your hard drives are performing—kind of like going to a doctor to get your cholesterol numbers—you want to nip any potential problems in the bud.
  • Go into “Computer,” then right-click the drive, and then hit “Properties.” Once here, click the “Tools” tab. You will see an option for checking errors. It is important for Windows to perform recurring checkups of your drive. So hit “Optimize” to get this task done.
  • Next up, go to the control panel. Click “Hardware and Sound” and hit “Power Options.” This choice will keep the hard drive feeling young.
  • Don’t let physical clutter engulf the perimeter of your computer; it needs room to breathe.
  • Make sure your computer doesn’t get too hot. One way this can happen is if you use it while in bed. You also don’t want your computer to get cold, either, but chances are, you won’t be doing computer work outside in 40 degree weather.

Reinstall your operating system

  • Google “How to reinstall Windows.. (your OS)” or same with Mac. This is not all that hard to do. I do this every 2-3 years and I know others that do it every year. This is the single best way yo keep your hard drive tight.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Removing Location data from Mobile Pics

/in , /by

Those cutesy photos in your phone of your puppy can reveal your location because the images leave footprints leading straight to your home. The trace data is called EXIF: exchangeable image file format. It may contain GPS coordinates of where you took the photos.

6WApple’s and Google’s smartphones ask owners if it’s okay to access their location. Click “okay,” and this means every photo you take gets tagged with GPS coordinates. Thieves look for this information, which remains with images that are uploaded to Flickr, Photobucket, etc. (Facebook strips EXIF.) Crooks or pervs can then use Google Maps to get your exact location.

Prevent Geotagging: Six Steps

  • For social media applications, turn off the location services.
  • For iPhone, go to Settings, Privacy, Location Services, and turn off the location services.
  • For Android, go to Settings, Location Services, and turn off the location services.
  • There are apps such as Pixelgarde that wipe geotags from existing online photos.
  • For computers, Windows can strip out the EXIF; just right click the image, click Properties, then in the “details” tab, hit the Remove Properties and Personal Information.
  • Mac users can use XnView, but this bulk-stripper works also for Windows.
  • Run Hotspot Shield which masks your IP address creating an incomplete profile of location data.

Many people don’t even know that photos store location information. You’re a walking map unless you take certain steps to protect your privacy. With those pictures you take with a smartphone camera, you also record all sorts of goodies like shutter speed, type of camera, date the image was taken, and of course…GPS coordinates. Here are the details for protecting your privacy:

Windows Phones

  • Select photos in Windows Explorer.
  • Right-click them, hit Properties.
  • Beneath the Details tab, click “Remove Properties and Personal Information.”
  • A window will pop up; hit Okay.
  • You’ll see a copy of each right-clicked photo in that same folder. The copied images are safe to upload.

Mac OS X

  • Use an app called SmallImage. Download the file.
  • Open the app; drag photos into its window.
  • Uncheck the box called “Recompress at quality.”
  • Click “Process,” and the copied photos will appear in the folder.
  • To replace the original photos rather than make duplicates, uncheck the “Add Suffix” box.

Linux

  • You’ll need a tool, EXIFTool. Install it on Ubuntu by running this command: sudo apt-get install libimage-exiftool-perl.
  • Next, to create clean copies of your photos, cd to their folder, then run: exiftool -all= *.jpg.
  • It will then generate copies of the photos

There exist a number of other programs for removing location data from your mobile phone, but the steps described here are among the easiest.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

8 Tips to Credit Card Security

/in , /by

Despite the fact that tens of millions of consumers were hit by the numerous big breaches, and tens of millions more by less sensationalized breaches, you can still take the reins and yield some protection for your credit cards.2C

  1. Make online payments with single-use or prepaid cards. What a great idea!
  2. If you have multiple recurring payments for ongoing services, use only one credit card for those.
  3. For shopping, use a one-time or prepaid card. Though the single-use credit card number is linked to your real card number, it will prevent the real number from becoming exposed should the site get hacked. Discover, Citibank and Bank of America offer single-use (disposable) card numbers.
  4. A prepaid card is different, in that it’s independent of your real card number. If the prepaid card gets stolen, you can replace it without this affecting your primary credit card account.
  5. If you have a debit card…don’t shop with it. Use it only to take funds out of a bank ATM. If a crook gets ahold of your debit card…the money will instantly be stolen from your bank account. If a thief gets your credit card, however, and makes unauthorized purchases, there’s a time lapse between when the purchases are made and when the money is actually withdrawn—enough time for you to file a dispute (if you regularly monitor your statements).
  6. Though you’ll get reimbursed for fraud that occurs with a debit card, this will happen after your bank account has been sucked dry. So avoid using a debit card at gas stations, casino machines and other such places where it’s easy for a crook to tamper with the card reader.
  7. Better yet, just limit its use to the bank ATM. Think of your debit card as an ATM card. This doesn’t mean that an ATM can’t be tampered with; be on the lookout for signs of tampering such as tiny cameras to capture PINs, or something odd about the card reader.
  8. Set up email or text notifications via your bank or credit card companies website to alert you to all charges. This way, whenever a charge comes in, you’ll know about it.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Tonight’s Special Guest: McAfee’s Most Dangerous Celebrity of 2014

/in , , /by

After a long day of hard work, there’s nothing like coming home, throwing on some PJs, and watching some good old late night television. I love catching up on all the latest news and watching celebrities like Kaley Cuoco-Sweetin discuss the celebrity photo hack (what can I say? I’m a security junkie).

Dangerous Celebrity of 2014It seems like we’ve always had a fascination with the lives of the rich and famous. In the 1700s, people gathered to watch the every move of the King of France, from getting out of bed to changing his underwear. Page Six, the gossip column, used to be the must-read page in the New York Post. Now, in the age of social media, following our favorite celebrities’ comings and goings is even easier. All we have to do is go on Twitter to get the latest about Jayoncé.

Unfortunately, our obsession with celebrities can get us into trouble on the Web. Cybercriminals love to take advantage of our interest in celebrities for malicious means. They use hot celebrity news, like updates on Ryan Gosling and Eva Mendes’ baby, along with the offer of free content to lure you to malicious sites that could steal your money or personal information or install malware.

There are some celebrities who are more likely to lead you to bad stuff than others. Today McAfee announced that Jimmy Kimmel, the host of Jimmy Kimmel Live!, is the 2014 Most Dangerous Celebrity™. McAfee found that searching for the latest Jimmy Kimmel videos and downloads yields more than a 19.4% chance of landing on a website that tested positive for online threats.

Here are the rest of the celebrities that round out this year’s Top 10 Most Dangerous Celebrities list.

 

History tells us we probably aren’t going to get over our fascination with celebrities anytime soon. But there are some things you can do now to stay safe online while you’re reading about your favorite personalities.

  • Be suspicious. If a search turns up a link to free content or too-good-to-be-true offers, be wary
  • Check the web address. Look for misspellings or other clues that the site you are going to may not be safe (for more on this, read my blog on typosquatting)
  • Search safely.Use a Web safety advisor, such as McAfee® SiteAdvisor® that displays a red, yellow, or green ratings in search results, alerting you to potential risky sites before you click on them
  • Protect yourself. Use comprehensive security software on all your devices, like McAfee LiveSafe™ service, to protect yourself against the latest threats

Help Spread the Word!
In order to continue to promote safe celebrity searching, McAfee will be running a sharing sweepstakes. Help others stay educated about staying safe online by sharing Most Dangerous Celebrities content and you could  win a Red Carpet Swag Bag that includes a Dell Venue™ 7 tablet, Beats Solo 2.0 HD headphones, a subscription to McAfee LiveSafe service along with other goodies. You must be 18 or older and reside in the United States in order to participate. Learn more here.

While it’s fine to get your fix of celebrity gossip , remember to be safe when doing so.

To learn more about Most Dangerous Celebrities, click here or read the press release, use the hashtag #RiskyCeleb on Twitter, follow @McAfeeConsumer or like McAfee on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Burglar Leaves Porn in Kid’s Bedroom

/in /by

Maybe you’ve heard of burglars stealing porn…but leaving it at the victim’s house? A man in Salem, Oregon, broke into a woman’s apartment, leaving behind a porn video in a seven-year-old girl’s bedroom. Police think the man broke in earlier and hid in the girl’s closet, then made his move soon after midnight, replacing the cartoon film in the DVD with a porn film. Three miles away another break-in occurred, but the man fled after the female resident screamed. Sounds like this could have been the same perpetrator.

2BIf you think putting porn in a little girl’s DVD player is low, you can’t sink lower than the roach who stole Pepper, a little poodle mix, during a robbery in New Jersey. Why didn’t this low life (or two?) leave the dog be and just steal the typical things? The thief got in, apparently, through an unlocked back door. Nevertheless, Pepper was soon after returned to the homeowner, Barbara August, and her husband.

Prevent Home Burglaries

  • Have an alarm system, and one that sounds an alert when doors and windows are opened, including when you’re home.
  • To avoid an empty look about your house, keep its exterior well-lit. When you’re gone, have indoor lights come on and off with timers.
  • Your security system should include surveillance cameras. The price has come down on them, and today’s cameras are easier than ever to install.
  • No matter how solid your security system, always keep your doors and windows locked, even if your family is always going out and in. Inspect all the windows and doors to make sure nothing is broken. Most burglars simply come into a house via unlocked entries.
  • Consider having wooden dowels installed on top of windows for extra protection. Special films can be put over the glass to prevent penetration. Install glass-break sensors.
  • Install heavy deadbolts on your doors, ones with 3-4 inch screws.
  • Waste no time putting in your security system or checking to make sure all the locks work, etc. Don’t delay!

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Robert Siciliano Joins Identity Theft Resource Center Board of Directors

/in /by

(San Diego, CA:  October 1, 2014) The Identity Theft Resource Center, a nationally recognized organization dedicated to the understanding of identity theft and related issues, announced today that Robert Siciliano, CEO of IDTheftSecurity.com, will serve on its Board of Directors.  Siciliano, with more than 30 years of experience in this field, will bring his vast knowledge to the ITRC Board and will help to heighten awareness on current trends and pro-active measures consumers and victims can take to protect themselves.

ITRCThe ITRC, founded in 1999, is a non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft.  It is the on-going mission of the ITRC to assist victims, educate consumers, research identity theft and increase public and corporate awareness about this problem and related issues.

“The ITRC is the single most comprehensive resource for victims dealing with identity theft,” said Siciliano. “For the past 15 years victims have been coming to me for help and my immediate response is to point them right to ITRC. There isn’t another non-profit on the planet that has as much experience in dealing with this horrible crime,” Siciliano added.

As an identity theft expert and frequent speaker, Siciliano is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His “tell it like it is” style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace.

“Robert’s expansive expertise in the areas of data security and online safety will help the ITRC in serving the thousands of consumers who reach out to the ITRC call center year after year,” said Julie Fergerson, ITRC Board Chair.  “His research efforts in these areas have allowed him to forge ahead as a nationally renowned industry leader in identity theft, internet best practices and technological advances being made in this space every day,” Fergerson added.

About the ITRC

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization which provides victim assistance and consumer education through its toll-free call center, website and highly visible social media efforts. It is the mission of the ITRC to: provide best-in-class victim assistance at no charge to consumers throughout the United States; educate consumers, corporations, government agencies, and other organizations on best practices for fraud and identity theft detection, reduction and mitigation; and, serve as a relevant national resource on consumer issues related to cybersecurity, data breaches, social media, fraud, scams, and other issues.

Contact:  Cristy Koebler
Communications & Media Manager 
Identity Theft Resource Center
Cristy@idtheftcenter.org|858-444-3287 (D)

How to see and boot off Someone using your WiFi

/in , /by

You were taught to share your toys as a young child, but this doesn’t apply to letting others use your Wi-Fi. The difference between sharing the plastic shovel and sharing the wireless connection is that with the latter, who’s to say that the “thief” won’t eventually crash in on your private information? And don’t forget that not only will this sharing possibly slow down your connection, but there could be legal repercussions if this moocher uses your connection for bad deeds.

2WHow can you spot a moocher?

  • Log into your computer’s router’s administrative console: Type its IP address straight into the browser address bar. Don’t know the router’s default address? Go to (Start > Run/Search for cmd) and then enter ipconfig.
  • The address you want will be next to Default Gateway, under Local Area Connection.
  • Mac users can locate the address by going to System Preferences, then beneath that, Network. If you’re using Ethernet it’ll be next to “Router:” and if you’re using Wi-Fi, click on “Advanced…” and go to “TCP/IP.”
  • Point browser to the address; enter your login details. If you’ve never changed the default settings, the login should be a combination of “password” and “admin” or blank fields.
  • Locate a section for wireless status or connected devices. Here you’ll find a table with details including the IP and MAC address of all devices currently connected to the router.
  • To find moochers, check that list against your gear.
  • To find the MAC/IP address of your computer, go to the Command Prompt and enter ipconfig /all. The MAC address will show as the physical address.

How to Help Prevent Mooching

  • Implement a strong password; use WPA2 or WPA, not WEP.
  • Turn off the SSID broadcast.
  • An alternative to the prior point is to set a filter up for blocked or allowed devices by MAC address.
  • Whenever on free public WiFi use Hotspot Shield to mask and encrypt all your data as it fly’s through the air.

If you want to find out just who is getting a free ride on your wireless, use MoocherHunter. This tool will locate the source within two meters of accuracy. Tracking down the culprit will prove handy if the moocher has been getting you in trouble by using your network for illegal activities.

On the other hand, if the lectures about sharing your toys still ring loud in your head, why not make lemonade out of this lemon by using a third-party firmware alternative to run a public hotspot? You can then offer for-pay Internet access points that come from your consumer router. Another option is to get a Fonera router. If you share some of your home WiFi, the Fonera router will grant you free roaming at Fon Spots all over the world.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

USB Drives have serious Security Flaws

/in /by

That little thing that you stick in your computer to store or transfer data can also mean very bad news.

3DThe USB device or “flash drive” can be reconfigured to work like a little thief, for instance, being made to mimic a keyboard and take instructions from the master thief to rip off data or install malware. It can be made to secrete a virus before the operating system boots up, or be programmed to alter the computer’s DNS setting to reroute traffic.

There’s no good defense for these kinds of attacks. The firmware on the USB devices can’t be detected by malware scanners. Biometrics are out because when the firmware changes, it simply passes as the user plugging in a new flash drive.

Cleaning up the aftermath is no picnic, either. Reinstalling the operating system doesn’t resolve the problem because the USB device, from which installation occurs, may already be infected. So may be other USB components inside one’s computer.

Whitelisting USB drives is pointless because not all have unique serial numbers. Plus, operating systems lack effective whitelisting mechanisms. Also, Malicious firmware can pass for legitimate firmware.

To prevent a bad USB from infesting a computer, the controller firmware must be locked down, unchangeable by an unauthorized user. USB storage devices must be able to prevent a cybercriminal from reading or altering the firmware. It must make sure that the firmware is digitally signed, so that in the event it does become altered, the device will not interface with the altered firmware.

  • Watch your USB drive – don’t set it down and make sure you keep track of it so it’s not lost or stolen.
  • Disable auto-run – Turn off auto-run on your computer so that if a USB drive has malware, then it won’t automatically be transferred to your machine.
  • Be careful who you share your USB drives with – Be careful what computers you place your USB drive in and who you let borrow your USB drive.
  • Use comprehensive security software – make sure your security software not only scans your computer for threats, but also any drives that are attached.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Beware These College-Related Scams

/in /by

The last group of college students has headed off to school for another semester of dorm rooms, late-night library sessions, and the occasional college party. For many students, college is the first time they’ve lived away from home. They are young, open to new things, and sometimes, naïve. These traits make them prime targets for scams.

9DHere are some of the most popular college scams:

  • Fake College Websites
    Here’s how this works. Scammers copy a college’s website but use a fictitious name on the site (in essence creating a spoofed site). They use this site to collect application fees and gather personal information. They even go so far as to send out rejection letters to applicants to try and “maintain” their credibility. But all this application will get you is financial loss and the potential to be victim for future phishing scams.
  • Diploma Mills
    These are unaccredited colleges or universities that provide illegal degrees and diplomas for money. Many spoofed college websites are also used as diploma mills. Though some diploma mills may require students to buy books, do homework and even take tests, the student will be passed no matter what. In some cases, users get a diploma simply by purchasing it. In any case, you’re out of money and have no valid diploma.
  • Fake Scholarships
    Let’s face it. College is not cheap. Therefore, many students look for scholarships to help ease the financial cost. Scammers profit on this need by creating fake scholarships, which require you to submit a fee when applying for the money. You never see a dime and you’ve lost that application fee as well as given up some of your personal info.
  • Wi-Fi Scams
    Computers are an essential part of the college experience and wi-fi connectivity is a necessity. So while you may not want to pay or can’t afford to pay for wi-fi connectivity, you need to be careful when using free wi-fi as hackers can easily intercept your communications.

So while college is a time to learn and experience new things, you also want to avoid getting scammed. So here’s some tips on how to make sure you don’t get taken by one of these scams:

  • To protect yourself, develop the habit of not giving personal information to strangers and double check the authenticity of the organization.
  • Before sending in any online application, double check the accreditation for any college or university. In the United States, you can do that on the Department of Education site.
  • Verify that a scholarship is valid, by checking with an organization like FinAid.org.
  • Avoid doing any sensitive transactions like shopping or banking when using free wi-fi connections.

Yes, there are plenty of scams out there. But with common sense and a willingness to double-check, students can avoid being lured in.

Have a great school year!

For more tips on how to stay safe online, follow McAfee on Twitter or like them on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.