Company proves why you shouldn’t post Kids’ Pics online

/in /by

What if you knew there existed a possibility that some company, without your knowledge, grabbed a photo of your child and put it on their product and then put their product online for sale?

2PKoppie Koppie sells coffee mugs with photos of kids on them—and YOUR child could be one. Though this begs the question, who on earth would want a coffee mug with a photo of a stranger’s child on it, there’s actually a market for this.

Koppie Koppie has taken photos of kids from Flickr. Koppie Koppie is actually more of a social experiment, says the duo who run the site at koppie-koppie.biz. The pair claim that the drive was to raise awareness of privacy issues, yet at the same time, insist that they haven’t done anything wrong because they haven’t violated Flickr’s rules.

The images that Koppie’s founders use come with the Creative Commons licensing rights: Commercial re-use is not restricted.

Though what Koppie Koppie has done is actually legal, it still counts as a violation of the rights of the parents of those kids.

Writers use these photos for their articles, for instance, an article about parent-child relationships, but with professional child models, the parents of the young models know this. So is taking the use of the photos up a notch (or two or three?) by putting them on mugs as a display crossing the line or is to create awareness that maybe you shouldn’t be positng pictures of your children online?

These guys found a loophole and slithered through it, since the privacy policies of social media fall short with explaining the context of how images can be shared online. But they make a good point.

Going further down the continuum, we may have a company sooner or later selling T-shirts with YOUR child’s face on them—without your knowledge.

Koppie Koppie says it will take down a mug of your child within two weeks of your complaint. But think of how many parents will never read this article and know what Koppie Koppie has been up to or anyone else for that matter.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

1 Billion Records hacked

/in , , /by

Billions and billions—it’s only a matter of time before this becomes the number of hacking incidents in a single year, because just in 2014, over one billion records were hacked out of 1,500 different hacking incidents, says a recent report.

4DSome other findings from the report:

  • A little over half the breaches involved credit card numbers, Social Security numbers and other personal information.
  • Most hacking incidents occurred in the U.S.
  • 55 percent of the incidents involved retailers, primarily affecting point of sale systems that lack encryption technology.
  • The private sector, combined with the government, took up 17 percent of the hits.

The government has had it; the White House plans on devoting an office entirely to figuring out how to stay ahead of cyber crime. Let’s hope that the White House really dissects cyber attack technology.

What can consumers, the private sector, retailers, banks and the governments do to make it difficult for hackers to cause mayhem?

  • Go through all of their passwords and replace the weak ones with strong ones. A weak password is less than eight characters (some experts advise that it be at least 12), contains actual words or names, contains keyboard sequences and has limited character variety.

    Keep in mind that an eight-character password such as $39#ikPw is strong and superior to the 12-character 123qwertyTom. But maximize the strength by making the password at least 12 characters and a jumble of character gibberish. A password manager can do this all for you.

  • Install antivirus software. This means antivirus, anti-spyware, anti-phishing and a firewall. Then make sure they are always updated. This software should also be installed on your smartphone and tablet.
  • If you’re still using windows XP because you don’t want to part from your comfort zone, get out of it immediately, because it won’t be so comfy when your system gets dismantled by a hacker. Windows XP is no longer subject to security patches and updates by Microsoft. You need a version, such as MS Win 7, that receives regular updates.
  • Your router has a password that’s been set by the manufacturer. Hackers know these passwords. Therefore, you should change it. Next, turn your WPA or WPA2 encryption on. If you don’t know how to do these things, contact the router’s manufacturer or google it. And unless you have encryption while using public Wi-Fi, consider yourself a lone zebra wandering around in the African savanna where prides of hungry lions are watching you. Get a VPN. Google it.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. Disclosures.

Strengthen Your Digital Defenses with the 5 Habits of Practically Unhackable People

/in , , /by

At the start of the year, we all made our resolutions for 2015. Now it’s March—how are you doing on your resolutions? If you’ve already broken a few, no worries; New Year’s doesn’t have the monopoly on making goals to better yourself. This is especially true with digital safety. At a time when there are so many security breaches, it’s important to commit to strengthening your digital defenses year-round.

1DWhen making goals, it’s important to emulate people who have already mastered what you’re trying to learn. So in this case, what do super secure people do to stay safe online? Intel Security has the answer—here are the 5 habits of practically unhackable people:

  1. Think before they click. We click hundreds of times a day, but do we really pay attention to what we click on? According to the Cyber Security Intelligence Index, 95% of hacks in 2013 were the result of users clicking on a bad link. Avoid unnecessary digital drama, check the URL before you click and don’t click on links from people you don’t know.
  2. Use HTTPS where it matters. Make sure that sites use “https” rather than “http” if you’re entering any personal information on the site. What’s the difference? The extra “S” means that the site is encrypted to protect your information. This is critical when you are entering usernames and passwords or financial information.
  3. Manage passwords. Practically unhackable people use long, strong passwords that are a combination of upper and lower case letters, numbers, and symbols. Yet, unhackable people don’t always memorize their passwords; instead, they use a password manager. A password manager remembers your passwords and enters them for you. Convenient, right? Check out True Key™ by Intel Security, the password manager that uses biometrics to unlock your digital life. With True Key, you are the password.
  4. Use 2-factor authentication (2FA) all day, every day. When it comes to authentication, two is always better than one. 2FA adds another layer of security to your accounts to protect it from the bad guys so if you have the option to use 2FA, choose it. In fact Intel Security True Key uses multiple factors of authentication.
  5. Know when to VPN. A VPN, or virtual private network, encrypts your information, which is especially important when using public Wi-Fi. Practically unhackable people know that they don’t always need a VPN, but know when to use one.

To learn more about the 5 habits of practically unhackable people, go here. Like what you see? Share the five habits on Twitter for a chance to win one of five prize packs including a $100 gift card to Cotopaxi or Hotels.com.*

You don’t need to wait for another New Year to resolve to become a digital safety rock star – start today!

*Sweepstakes is valid in the U.S. only and ends May 16, 2015. For more information see the terms and conditions at intel.com/5habits.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Watch Out for Tax Scams!

/in /by

Spring is here (at least in some parts of the world in the northern hemisphere)! The bees are buzzing, the flowers are blooming, and the accountants are working late because for those in the U.S., it’s tax season! Scammers love tax season—there is a lot of money moving around as people pay taxes and receive tax refunds. And they have developed many ways to take advantage of that and steal your hard-earned money.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813The Internal Revenue Service (IRS) maintains a list of the scams that they call the Dirty Dozen and have published this again for 2015. It’s a good idea for all of us to familiarize ourselves with these. Here’s the top three.

  • Phone scams. Your phone rings—it’s the IRS stating that you owe money and you must pay it NOW! It can be disconcerting but, never fear, this is a scam. Keep in mind that if you do owe the IRS, they will first contact with you via snail mail before calling. This is the number one scam that criminals are using during tax season so don’t answer your phone (just kidding…just be aware of this).
  • Phishing Hackers imitate the IRS and send an email that asks you to update your e-file immediately. The link then directs you to a bogus website. If you enter your information, the hacker collects any information you enter on the site. Remember, the IRS generally does not send emails, text messages or social media posts to request personal or financial information. If you receive any unsolicited communication that appears to be from the IRS, report it to phishing@irs.gov.
  • Identity Theft. If a cybercriminal gets access to your Social Security number (SSN), they can pose as you and file a tax return under your name, but have the refund sent to them. When you file your tax return, you’ll get a notice from the IRS stating that more than one tax return was filed for you. If you think you are a victim of identity theft or have been in the past, make sure to contact the IRS as they can issue you an identity theft PIN that will be used in addition to your SSN.  Make sure to protect your SSN and do not share it unless absolutely necessary.

Stolen tax returns and tax scams have been growing consistently, leaving many identity theft victims struggling to recoup their lost refunds and identities. To help you, here are some tips to protect yourself this tax season.

  • Protect your data.Store sensitive documents in a fire-proof safe. If you plan to receive documents with sensitive information like your financial information in the mail, make sure you have a mail box with a lock.
  • Shred non-essential paperwork.Check with your accountant to determine what you need and what you don’t. Use a cross-cut shredder to destroy unneeded documents.
  • File early.The earlier you file, the more quickly you thwart any criminal’s attempt to file on your behalf and collect your refund.
  • Be cautious when clicking. Don’t click on any links or email attachments from emails that appear to be from the IRS. Be suspicious of strange emails and websites instead of clicking on links navigate to IRS.gov on your browser directly
  • Protect your devices. Install comprehensive software like McAfee LiveSafe™ service that protects all your PCs, Macs, smartphones and tablets and make sure to keep it updated.

Here’s a great video from the IRS about tax scams and additional information on how to report IRS phishing scams.

Hope you have a safe tax season!

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

What is a Potentially Unwanted Program (PUP)?

/in , /by

Whether you’re an animal person or not, you have to admit that puppies are pretty darn cute. So cute that there are YouTube Channels, Facebook accounts, and Buzzfeed newsletters devoted to the subject. Unfortunately, there’s a not so cute PUP out in the world, and it wants access to your device. What I’m talking about is a potentially unwanted program (PUP). What is an unwanted program? It’s software or an app that you don’t explicitly want on your device. PUPs usually are bundled with freeware and often installs without your permission.

1SNote: PUPs are not malware. The main difference is that you give consent to download the PUP, even though you might not know about it if you don’t read the agreements or installation process thoroughly.

So if PUPs aren’t malware, why are they bad? Some PUPs contain spyware including keyloggers, dialers, and other software to gather your information which could lead to identity theft. Others may display annoying advertisements on your device. Even if the PUP doesn’t have any malicious content, too many PUPs can slow down your device by taking up space on your device and it can weaker your device’s security, making you vulnerable to malware.

Companies or hackers use several techniques to get you to download PUPs. One technique is offering multiple installation options. Although the standard or default options may be highly recommended by the company or hacker, it is usually the custom or advanced option that is PUP-free. Another trick is automatically including PUPs in the installation. You have to uncheck the boxes to opt-out of the PUP. Sometimes they will gray the opt-out option so it looks like you can’t get out of downloading a PUP. Other companies will sneak clauses about PUPs into the end user license agreement. This means when you click to agree with their user terms, you also agree to download PUPs.

Here’s some tips on how to make sure you don’t get a PUP.

  • Be picky. Hesitate before downloading any freeware. Do you really need that Guardian of the Galaxy wallpaper for your laptop? Be vigilant and only download from trusted sites.
  • Customize. When downloading a program, it may be tempting to use the standard or default installation, but this version usually includes downloading programs you don’t need. Choose the custom installation.
  • Opt out. Instead of asking you to opt in to PUPs, companies will automatically include the PUPs in the installation; it’s up to you to say no. For example, a freeware program might recommend that you install a free browser add-on andbelow this statement will be a box that is checked that indicates you want to install the add-on. If you don’t uncheck the box, you can potentially download a PUP you may know very little about.
  • Read the fine print. Read the End User License Agreement before you accept it. There may be a clause about PUPs.
  • Have comprehensive security software. Install security software that works for all of your devices, like McAfee LiveSafe™ service. McAfee LiveSafe can detect PUPs and remove them from your device.

Remember it’s much more fun to snuggle with furry pups rather than the computer code kind.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.