Tips to destroy and shred

/in , , /by

You can’t be too neurotic about shredding sensitive documents to smithereens. For example, some people make a career out of “dumpster diving,” digging through trash in search of bank account information, credit card preapprovals, medical bills, mortgage statements, etc., and then they commit fraud, including creating new accounts with the found information—accounts in the victim’s name.

2PAnd by the way, anything with your signature can be a gem to the dumpster diver, as your signature can be forged.

Diving for Dollars

  • Dumpster diving is legal if the trash can is in a public spot including the big trash bin at your apartment complex.
  • Dumpster divers aren’t necessarily homeless men dressed in rags looking for discarded food. They may be professional identity thieves, and if they’re extra smart, they’ll dress like a vagrant to fool people into thinking they’re looking for food scraps.
  • Your trash can is a goldmine for an identity thief; think of what’s on all the paperwork you toss out, week after week—all sorts of tidbits about your life, from your favorite stores to your kids’ names.
  • A lot of personal details about you come simply from empty envelopes with their return addresses.

Shredding

  • Buy a shredder. There are different kinds that shred at differing dimensions as well as various strengths (some shredders will slice and dice CDs).
  • Don’t buy a “strip-cut” type, as the shreds could be reconstructed. The “micro-cut” shreds at the smallest dimensions.
  • Believe it or not, there are crooks who will take the time to put back together a shredded document, including with the help of Unshredder, a computer program.

Burning

  • Keep a cardboard box handy that you continually fill up with shreddables.
  • Just toss documents that are on deck for burning into this box as you go throughout the day. Then incinerate the box.
  • A large stack of documents will not completely burn, so don’t place these in a motley arrangement so they aren’t “thick”.

Miscellaneous

  • Don’t leave boxes that contained expensive merchandise in plain view at your curb; this is almost the equivalent of sticking a sign there with bright red letters stating: “I just purchased a giant flat screen TV; come on in and steal it.” Destroy/shred

Ask yourself this question: If someone “stole” your trash, would that be a problem? If you say yes, then you toss too much data. For me, I don’t care, nothing I toss is of any value to anyone.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Smartphones for Kids aren’t such a good Idea

/in , /by

Maybe you believe that kids should not have smartphones because the devices can tell a pedophile where a child is located. But there’s other reasons that perhaps you haven’t thought of: cyberbullying, violent porn, online drug purchases, you name it.

5WSmartphones give kids ongoing Internet access; they can’t live without this constant connection because it’s the normality that they’ve grown up with. Children and teens are a product of their technological times and can’t imagine getting through the day without constant connection to the cyber universe.

An article in The Telegraph features a perspective from child psychotherapist Julie Lynn Evans. She points out that the striking increase in youth suicides and youth emotional issues (e.g., anorexia nervosa, cutting) is the result of constant Internet access.

Evans has personally seen the correlation; the driving force of the mental problems gets traced back to cyberspace and the smartphone. Remember the good ‘ol days when the only access that kids had was at the family room’s computer or even the one in their bedroom? You can’t carry that thing around.

Evans’ voice is supported by the big rise in admissions to child psychiatric units, having doubled in the past four years. Self-harm is way up too.

Though many people assert that the smartphone is only a tool and should not be blamed for suicide attempts or self-harming behavior, and that family dynamics are the fuel behind it all, Evans makes clear that smartphones are a big part of the multifactorial process of depression and turmoil.

Smartphones have changed the world; is it such a leap that they can cause the rise in youth psychological problems? Especially when the bullies can follow their targets anywhere? And it’s not just bullying; there are websites that, for instance, give tips on being anorexic.

Kids under 16 can’t legally drive, but they’ll always have legal access to smartphones. It’s up to parents to set rules and have conversations. At the same time, parents must take some credit for bad outcomes: A 14-year-old girl from a stable homelife isn’t going to take advice on how to drop from 110 pounds to 70 pounds just because her smartphone can connect her to a “pro-ana” website.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Is your Website and Data secure?

/in , /by

Imagine a lifeguard at the beach sitting on his perch. His job is to patrol and monitor for signs of trouble. He sees a surfer being attacked by a shark. Wow, a lot of good it does that he’s in a completely helpless position; by the time he scrambles off his perch and runs towards the water, the victim has bled out. Ouch.

2DThis is the same concept behind cyber crime. By the time a business or everyday Internet user realizes they’ve been hacked…major damage has been done. We can’t just be reactive. We have to be preventive.

The damage can destroy a business, not to mention take down the everyday persons website who did not have their prized and sensitive data, blogs, or photos backed up.

Forbes points out that over 60 percent of small businesses, after a serious data breach, go belly-up within a year, cyber crime is a major threat to medium-size businesses as well.

Companies worry a lot about their product and service, but are slowly coming around to the idea that a potent draw to potential customers and clients is the advertising of powerful IT security to fight off data breaches.

Customers and clients (and potential) want to know what a company is doing for prevention, not just what it’ll do after the attack.

What if you can’t afford a top-flight IT team? There are still things you can do for your business’s safety as well as for your home computer’s safety.

  • First off, back up all of your data.
  • Use antivirus software and make sure it’s always updated.
  • Use antispyware, antiphishing and a firewall and make sure that’s always updated as well.
  • If you have a website, scan that with your antivirus/malware or have your host provider do it. A website and web applications can be attacked by hackers.
  • Update to the latest version of the sites primary software and plugins.
  • An unexplained spike in traffic to or from your network is a red flag.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

The High Performance Router for a Many-Device Home

/in /by

You will love the Tri-Band WiFi technology; it can connect all of your devices at the same time. The only router capable of this is the Netgear Nighthawk X6 AC3200 Tri-Band Wi-Fi Router (a.k.a. Netgear R8000).

NETGEARThis router provides three connections and has six wing-like antennas. Another feature is the ReadyShare USB. The user who’d really be interested in the Netgear R8000 is the one who has all sorts of electronics like a complete entertainment system, desktop PCs, a few laptops, game consoles, smartphones, etc.

But even if you have just five devices in your house, you may still wish to consider this high performance router to smooth out all of your connections and eliminate any hiccups. All of the gadgets can be connected, something that regular routers can’t do.

This high performing router has Broadcom’s Xstream platform, which can prioritize incoming traffic and prevents slow traffic from impeding fast traffic.

Some Key Specifications

  • Selects the fastest Internet connection for every device
  • Memory: 128 MB Flash and 256 MB RAM
  • WiFi Protected Access (WPA/WPA2—PSK)
  • WiFi Technology: 802.11ac Tri-Band Gigabit
  • WiFi Performance: AC3200 (600 + 1300 + 1300 Mbps)
  • The WiFi range works for very large households.
  • WiFi Band: Simultaneous Tri-Band WiFi – Tx/Rx 3×3 (2.4GHz) + 3×3 (5GHz) + 3×3 (5GHz)
  • Ethernet Ports: Five (5) 10/100/1000 (1 WAN and 4 LAN) Gigabit ethernet ports
  • VPN support for secure remote access
  • Denial-of-service (DoS) attack prevention
  • Double firewall protection (SPI and NAT)
  • System requirements: Microsoft Windows 7, 8, Vista, 2000, Mac OS, UNIX or Linux
    Microsoft Internet Explorer 5.0, Safari 1.4, Firefox 2.0 or Google Chrome 11.0 browsers or higher

Ready to set up the Netgear R8000?

  • Follow the instructions in the manual.
  • The instructions are not complicated.
  • After setting it up, go to routerlogin.net. The default password is “password” and the default username is “admin.” The setup wizard will get it installed for Internet access.
  • Once your connection is established, you can figure out what you’d like in your network.
  • The advanced menu will allow you to configure more features. Play around with the advanced menu to see what you might like.
  • Use the latest firmware.
  • Go to netgear.com/home/discover/apps/genie.aspx to download the Netgear Genie, an application that will monitor and control your new router and network. The Genie offers additional features like parental controls.

The manufacturer’s suggested retail price is $299, and that comes with a limited one-year warranty. But look around; you may find a sale price.

The Tri-Band feature really sets the Netgear R8000 apart from other routers. The one challenge with this router is its horizontal, rather than vertical, expansion. But that’s really just a minor little issue when you consider all that this router can do, like take on multiple connections simultaneously—without any glitches. Other outstanding features:

  • Will enable multiple use of electronics in the household without anyone experiencing compromised loading times or any other sluggishness; no congestion. So while one person watches YouTube, another downloads files and a third watches a show while also using a smartphone, nobody’s online experiences will be hampered.
  • Is ideal for a household with a lot of devices.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Trusting too much brings Trouble

/in , /by

There will always be the person who lives on the Equator to whom you can sell an electric heater. As they say, there is a sucker born every minute.

12DThis is why cyber criminals will always have a field day, like the crook who posed as a tax man who got an elderly couple to send $100,000 to an offshore bank account after he tricked them.

This was a fear-based scam. The other two categories are compassion and self-interest. And just because a person can’t be frightened doesn’t mean that their heart strings can’t be tugged by a charity scam.

Elderly people and those with low income are more likely to be tricked. Other people…well, you just have to wonder what’s between their ears.

For example, the popular Microsoft scam involves a person calling the victim to tell them that their computer has a virus. The caller is a crook who wants to convince the victim to allow him remote access to the computer. Don’t the victims ever wonder how the heck Microsoft would even know their computer had a virus? Red flag, anyone?

Some say ask the caller for their number so you can call back–they’ll probably hang up. Probably. The scammer may have a number in place just to cover this possibility. Really, just hang up. It’s a scam.

Some people will just keep giving money out, again and again, to the same scammer; it’s not always a flash-in-the-pan payout. What compels them to behave this way? Perhaps it’s to continually convince themselves that they’re not dumb enough to be scammed.

Another way cons trap people is by asking for small amounts of money first; this lowers the victim’s guard.

More Popular Scams

  • Charity. These can range from natural disaster relief to donations for made-up charities, or those with names very similar to well-known ones.
  • Rental. The crook sends the landlord an overpayment by check of the first month’s rent before living there, then tells the landlord to wire back the difference. The check bounces.
  • IRS: Always hang up on callers identifying themselves as tax people claiming you underpaid or are owed a refund, even if the caller ID says “IRS.”

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Risks of Public WiFi

/in /by

Wired internet or wireless WiFi, the warnings are out there: Don’t visit any websites that you have important accounts with when using a public computer (hotel, airport, café, etc.).

3WVisiting even a more trivial account, such as an online community for cheese lovers, could sink you—in that a cyber thief might get your username and password—which are the same ones you have for your bank account, PayPal and Facebook.

Why is public Wi-Fi such a bad thing for shopping and banking and other such activities?

Snooperama

  • As already touched on, a roving hacker could glean your username and password, or credit card number and its three-digit security code when you do online shopping, because the cyber communications of public Wi-Fi are not encrypted. They are not protected or scrambled up. The cybersnoop can thus see what everyone’s passwords, usernames and account information is.
  • Hackers can also see what sites you’re visiting and what you’re typing on those sites.

If you plan on using public Wi-Fi, make sure your device has full protective software including a firewall (and you should always have these anyways).

When connecting to public Wi-Fi, always choose the “public” network rather than the “home” or “work” options when using Windows. This will prevent Windows from sharing files.

If you absolutely must conduct work or personal business while on public Wi-Fi, then use a VPN: virtual private network; it scrambles communication into gibberish by encrypting it.

Malicious Locations for the Wi-Fi

Don’t assume that a hacker is far away when he snoops for something to steal. For instance, the “hotspot” to connect online may have been set up by a thief like a spider in a web waiting for flies. Additional ways a hotspot could be malicious:

  • HTTP connections can be hijacked by software called sslstrip. This software generates copycat links—a domain name that looks just like the authentic one, but appearances are deceiving because these imposter domain names use different characters.
  • Hackers can use the Wi-Fi Pineapple to set up the attacks mentioned above. The Pineapple is on the lookout for when a laptop is trying to connect to a network it recalls, barges in and claims the summoning. Pineapple is now in a position to perform additional attacks.

Hack Prevention

  • Avoid online activity using public Wi-Fi with important accounts. If their site has HTTPS with the padlock icon there is a degree of security here, however, the rule still stands: no public Wi-Fi for important accounts. The only exception to this hard rule is if you have the VPN.
  • Using a VPN will encrypt all of your online activities, freeing you to use public Wi-Fi for anything. Hotspot Shield is a VPN provider that’s compatible with iOS, Android, PC and Mac. It runs quietly in the background.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

3 More Ways Criminals use influence to steal

/in , , , /by

Criminals use six basic principles to influence and steal. In the first post we discussed:

  • Reciprocation: Do something nice for a person and they will feel obligated to return the favor.
  • Social Proof: This is the “It’s okay if everyone else does it” approach.
  • Commitment and Consistency: Get someone to verbally or in writing commit to something, and this will increase the chances they’ll follow through.

11DRobert Cialdini is a psychologist who studied influence for nearly 30 years, condensing his findings into six principles. In this post we will discuss 3 more principles of influences that tie it all together and make scammers experts at their craft.

Liking

  • If someone likes you they will more likely comply with you. Get more bees with honey as they say. We do business with those we know, like, and trust. When you see others rate a product high, you are more likely to buy it.
  • The liking could even result from noticing that you have a similar hairstyle or body mannerisms. This is why salespeople are taught to mimic the vocal patterns of their prospects.
  • A similar name, knowing the same people, finding common ground, a similar physical appearance, is all comforting.
  • Scammers do everything they can to appear as a likable trusted source. The scam email looks exactly like your bank because you must like your bank if you trust them with your money, so you click the link. This new person friends you on social and you see they are connected to 25 of your others friends and colleagues. They must be OK right? No.

Authority

  • Coming off with some authority increases one’s ability to influence people. This is why salespeople are taught to speak with downward inflections.
  • To seem more authoritative, wear dark clothing. Police officers and security guards dress in black or dark blue. So do ministers, judges and karate instructors. Attorneys in court, especially during closing arguments, usually wear dark. Imagine a cop in pink. Or SWAT in lavender.
  • But authority can also be white (doctor’s lab coat, nurse’s uniform). The bottom line is that when people perceive authority, they tend to comply.
  • This concept greatly pertains to social aggression: A man harassing a woman will usually back off if she suddenly squares up her shoulders, stares hard at him and speaks in a deep, primal voice, “Get out of my way, or else!” Dog are more effectively trained when the trainer uses a deeper voice.
  • Scammers pose as the government, law enforcement, the IRS, bill collectors, the security department from your credit card company, HR, accounting and more. Anytime an authoritive figure contacts you, be suspect.

Scarcity

  • Scarcity of an item makes it more appealing. Antique cars and rare old coins are worth more because there are few of them and a lot of people who want them.
  • This concept is used by marketers all the time. Ever hear “will soon be discontinued”? You suddenly buy a dozen of the product, even though you’ve hardly purchased it before. Ever hear “limited offer” and “but if you act now…”?
  • When there is a big storm/hurricane coming, people clear the shelves at the supermarket in fear they will not eat or drink.
  • Scammers understand scarcity is also associated with loss. They use the same principle when they tell you in a pop up if you don’t fix this, or in an email if you don’t act now, or over the phone if you don’t give up your username and password all your data/money etc will be gone, you won’t get paid next week etc. It’s limitless how they use scarcity.

I’ve said this before. Don’t be cattle. Don’t act like sheep. Most of the world functions based on the honor system. As long as everyone is honest, everything works seamlessly. The honor system is designed with the mindset that we are all sheep and there are no wolves. We know there are plenty of wolves.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

3 Ways Criminals influence to steal

/in , , /by

Criminals use six basic principles of Influence to steal. In this post we will discuss the first 3. The ability to influence boils down to science. By applying some science, anyone can learn to be more influential. It’s easy to influence sheep and cattle. It’s a bit more complicated to influence people. But many people can be influenced as easy as a cow. Criminals understand this the same way sales people do. The derivative of “confidence” is con. All influence in some way is designed to gain your confidence and in some cases to trick you. That’s where “confidence trick” comes from. Robert Cialdini is a psychologist who studied influence for nearly 30 years, condensing his findings into six principles. I’ll bet every crime syndicate out there read his books.

Reciprocation

  • Do something nice for a person and they will feel obligated to return the favor. This concept is seen in doctors who promote a particular drug—the pharmaceutical company has just given him free notepads, pens and a coffee mug.
  • Want your children to show you respect? Show them respect. They’ll feel obligated to treat you the same. Mostly.
  • Scammers use this by offering something free in an emailed link. You might have to reciprocate and give up an email address or simply click a link. Clicking on the link installs a virus. You get a call from a colleague in tech support. They say “I need your password to fix this server” and “I’ll be there for you someday when you need help”. We want to help, we want to return the favor.

Social Proof

  • This is the “It’s okay if everyone else does it” approach. People have a tendency to check out what other people are doing when they’re not sure what course to take. Stand on a street corner in a busy city and look up at a skyscraper, then watch the crowed gather to see what you are looking at.
  • Why does the new treadmill user at the gym hold onto the rails while walking? Because they see everyone else in the gym doing it. What made you decide to buy that kitchen gadget? Because the TV ad said, “They’re going fast, everyone’s buying it, so order now!”
  • This concept also applies to emergency situations, such as people lined up at a third story window of a burning building, afraid to jump—until one person leaps. Suddenly, everyone else leaps.
  • Scammers will use social proof to trick you in a Ponzi investment scheme. If all kinds of people you trust are making the same investment, then why wouldn’t you?

Commitment and Consistency

  • Get someone to verbally or in writing commit to something, and this will increase the chances they’ll follow through. They are committed. Signing a contract means you are committed. Anything that comes out of that contract is your responsibility.
  • People want to do things by the book, they want to be civilized and play by the rules. This plays off of social proof to conform like others.
  • Scammers recognize most people are committed to “doing the right thing”, or being appropriate. So if you get a call or an email saying there is an issue with your account, you want to do the right thing and fix it. Getting things right may mean giving your data to a criminal.

Don’t be cattle. Don’t act like sheep. Most of the world functions based on the honor system. As long as everyone is honest, everything works seamlessly. The honor system is designed with the mindset that we are all sheep and there are no wolves. We know there are plenty of wolves. Don’t be sheep.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

The most horrible Craigslist Killing ever

/in /by

Beware. This is tough to read. An expectant woman had spotted an ad on Craigslist asking for baby clothes, so she contacted the ad placer—a woman—then went to her Longmont, Colorado house alone.

2HThe woman stabbed the would-be seller and removed the seven-month-old fetus. The baby died but the victim survived.

When police arrived, the 26-year-old victim was there but the fetus was gone. The 34-year-old psycho supposedly did not know the victim. She had her husband drive her to the same hospital that the victim went to, claiming that the fetus, which she had with her, was a miscarriage.

Oddly, the stabber has two kids already, and her husband is not a suspect.

Six weeks prior, Craigslist got negative attention when an elderly couple was murdered after responding to an ad for a car.

It’s a novelty to point out that these ads were placed on Craigslist, but there is nothing inherent about this medium for advertising that makes it dangerous.

The root of the problem is that of meeting strangers alone in secluded or barren locations. Making this worse is when the ad responder is physically compromised, such as from elderly age or pregnancy. What on earth are they thinking?

One solution is the so-called safe zone, a designated trading spot where Craigslist sellers and buyers meet, out in the open, around other people, such as at a police station parking lot.

Currently there are safe zones in 22 states; they are listed on the Safe Trade Stations website.

If your state doesn’t have one, or if the one in your state is far away, then the next best thing is to arrange to meet the seller or buyer in a public spot full of people such as at a busy café, if the item they’re selling is small enough. And bring someone with you.

If it’s a car or other very large item for sale, this makes things more challenging as far as location of the meeting. Bring two people with you, and try to arrange the meeting in a public spot, if at all possible. If you can’t find anyone to accompany you, and the item for sale can’t be transported to a public spot, then pass up the deal.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Things You should and shouldn’t do on Public Wi-Fi

/in /by

Public Wi-Fi is the location where you can get online: airport, airplane, coffee house, hotel, motel and more. Many people don’t give this a second thought, unaware of how risky this really is.

4WPublic Wi-Fi is very non-secure, a goldmine for hackers who want to steal your identity and commit fraud, destroy your website, you name it. They can do this many ways, including intercepting your activity with an imposter website where you input login details—that the hacker then obtains.

But public Wi-Fi will always be risky as long as its proprietors, such as the coffee house, find that enabling security features hampers ease of use for patrons.

So even if you don’t do banking and shopping online, the wrong person can still see, word-for-word, your e-mail correspondence.

Do’s at a Public Wi-Fi

  • Make sure your devices are installed with antivirus, antimalware and a firewall, all updated.
  • Prior to when you anticipate using public Wi-Fi, consider the nature and amount of sensitive data on your device, maybe remove it (and back it up).
  • Make sure the hotspot is legitimate; speak to the proprietor. Cybercriminals could set up hotspots as “evil twins”.
  • Sit against a wall so that nobody can spy what’s on your screen.
  • If sitting against a wall is not possible, be aware of who’s around you. Cover your hand when typing in login information.
  • Use a privacy screen; this makes it impossible for a “shoulder surfer” to see what’s on your screen while they peak over your shoulder or from the side.
  • Use a VPN: virtual private network. It will encrypt all of your online transactions, making them impossible to decipher by cyber criminals, whether it’s login information, usernames, passwords or e-mail correspondence. Even your IP address will be concealed. Hotspot Shield is a VPN provider, and it’s compatible with Mac, PC, iOS and Android, quietly running in the background after it’s installed.

Don’t’s at a Public Wi-Fi

  • Don’t let your device connect with the first network that “takes.” Instead, select it.
  • Do not keep your wireless card on if you’re not using it.
  • Do not keep your file sharing on.
  • Can you not wait till you’re in a secure location to do banking and other business transactions? No matter how bored you are waiting at the airport or wherever, do not do banking and other sensitive activities.
  • Don’t engage in any serious or sensitive e-mail communications.
  • Never leave your devices unattended for a single second. Not only can someone walk off with them, but a thief can insert a keylogger that records keystrokes.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.