Coming up, Your Phone contains your Driver’s License

/in /by

Gone are the days of the fat wallet bursting at the seems, since smartphones can now contain most anything that a wallet does—except the driver’s license. But don’t write that possibility off just yet.

5WForbes.com reports on a story from the Des Moines Register that the Iowa Department of Motor Vehicles is hot on the trail of getting driver’s licenses into smartphones: an app that would contain all the applicable data, a scannable bar code and a two-step verification which would include a biometric.

The technology isn’t quite with us, but we all know it will be here soon enough. And needless to say, the smart driver’s license will bring with it security concerns.

The Forbes article points out that a digital identity expert sees the glass half full. In other words, today’s security features are reliable enough to go ahead with confidence in developing the technology to get a driver’s license into a mobile phone. “I believe all the technologies to make this a high-security operation are already in play,” the expert states, “and just need to be orchestrated effectively.”

If anything, perhaps the driver’s license inside the smartphone will reduce the potential for fraud involving driver’s licenses.

Thus far, digital driver’s licenses are used at airports, and the feeling is that policies regarding the digital driver’s license are more important than figuring out a way to perfect the technology.

A good start for Iowa would be to get things rolling with the private sector, says the Forbes article, by letting it use digital licenses for minimal transactions such as age verification when purchasing liquor.

Let’s first see how these smaller-scale transactions go over, is the thinking, before diving head first into using cyber licenses for full-scale transactions such as “showing” it to the police officer who pulls you over for speeding, or using it for making a large purchase with a check.

Nevertheless, it’s not probable that cyber technology will replace all hardcopy/physical documents, especially since there will always be that segment of the population who insists on doing things “the old-fashioned way.” The power of paper.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to prevent being tracked

/in , , /by

You worry about being hacked, but what about being tracked? Yes, there are hackers and then there are trackers.

8DInternet tracking namely refers to the user’s browsing habits being followed. But there are ways to make the trackers harder to tag behind you.

  • Duhh, a fake name. What an innovative idea! It’s amazing how many people have their real name splashed all over cyberspace. Sure, you should use it for LinkedIn, and also Facebook if you want your childhood classmates to find you. But do you really need to use it for accounts like Disqus that allow you to post comments to articles? If you want to provide feedback to a site, must you use your real full name?
  • Use a virtual private network (VPN), as this will mask your IP address and others from tracking you. A VPN will encrypt your activities on open WiFi too. Hotspot Shield is a VPN provider; it’s compatible with iOS, Android, Mac and PC.
  • Now you may think, “What’s so bad about being tracked? So what if cookies know I keep clicking on all the Miley Cyrus articles?” Well true, so what.
  • But what if cookies also find that you’ve been clicking on an awful lot of articles about heavy weight training? You’ve been doing research for an article you want to write for your latest magazine assignment or maybe your son is interested in weightlifting. What if this timeline coincides with when you’re suing someone for smashing into your car while you were in it, causing back injury? The defendant’s attorney may uncover you’ve been researching heavy weight training, and this doesn’t look good for someone claiming a bad back.
  • Before you begin browsing, make sure you’re logged out of social networks. This means finding the “logout” or “sign-out” tab and clicking its options, rather than just closing out the site tab. Otherwise, more tracking.
  • Make sure your cookies are cleared before and after browsing.
  • If you use Twitter, go to the basic account settings to a box called “Tailor Twitter based on my recent website visits,” and make sure it’s unchecked.
  • Have JavaScript blocked when filling out forms. An extension called NoScript will block companies from using JavaScript for tracking you when you fill out their forms. However, think hard before you do this, because there are so many additional uses for JavaScript, and if you have a browser add-on that blocks it, it will probably slow loading times. Techy people will know how to set up the add-on so that it blocks JavaScript only for certain companies.
  • Disposable e-mail address. You can be tracked with your e-mail address—unless it’s a disposable one. Some services provide addresses that dissipate after a few minutes, while others provide addresses for longer use. Your e-mail carrier may also provide the option of creating additional e-mail addresses by adding characters to your name in the primary e-mail, so that these additional e-mails can be used and forwarded to the original.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

How to Avoid Bad Apps

/in , /by

If you think there’s like a million apps out there, that’s not exactly an exaggeration. For sure, there are more than you can imagine, which makes it easy to conceive that many certainly come with security problems.

In fact, out of the top 25 most popular apps, 18 of them bombed on a security test from McAfee Labs recently.

Creators of apps put convenience and allure ahead of security. This is why so many apps don’t have secure connections—creating welcome mats for hackers; they get into your smartphone and get your passwords, usernames and other sensitive information.

Joe Hacker knows all about this pervasive weakness in the app world. You can count on hackers using tool kits to aid in their quest to hack into your mobile device. The tool kit approach is called a man-in-the-middle attack.

The “man” gets your passwords, credit card number, Facebook login information, etc. Once the hacker gets all this information, he could do just about anything, including obtaining a credit line in your name and maxing it out, or altering your Facebook information.

You probably didn’t know that smartphone hacks are becoming increasingly widespread.

bad-apps

So what can you do?

  • Stay current – Know that mobile malware is growing and is transmitted via malicious apps.
  • Do your homework – Research apps, read reviews, and check app ratings before you download.
  • Check your sources – Only download apps from well-known, reputable app stores.
  • Watch the permissions – Check what info each app is accessing on your mobile devices and make sure you are comfortable with that.
  • Protect your phone – Install comprehensive security on your mobile devices to keep them protected from harmful apps.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

Be Cautious When Using Wi-Fi

/in , /by

The proliferation of mobile devices means that we can work or play online from almost anywhere, so it’s no surprise that public Wi-Fi networks have become more common. From hotels and coffee shops, to universities and city centers, Wi-Fi is widely available, but is connecting to these networks safe?

4WIf you were carrying on a highly sensitive conversation on a park bench with your closest friend, would you want everyone in the immediate area to gather around and eavesdrop?

That’s essentially what happens—or what could happen—when you communicate online using public Wi-Fi, such as at coffee houses, hotels and airports.

Non-secured public Wi-Fi makes it easy for hackers to read your email correspondence and the information you type to get into your critical accounts.

Of course, with a VPN, your online activities will be unintelligible to eavesdroppers. A virtual private network will encrypt everything you do so that hackers can’t make sense of it. A VPN is a service you can use when accessing public Wi-Fi. A VPN will also prevent exposing your IP address.

So, if you are going to connect to public Wi-Fi, make sure that you take some steps to keep your device and information safe.

Follow these tips to stay protected:

  • Turn off sharing—Keep others from accessing your computer and files by turning off sharing when you are on a public network. This can be accomplished by visiting your computer’s control panel (on Windows), or System Preferences (Mac OS X).
  • Use a “Virtual Private Network”—If you frequently use public Wi-Fi, it might be a good idea to use a Virtual Private Network (VPN). A VPN is like your own private network you can access from anywhere. You can subscribe to VPN services for a low monthly fee.
  • Avoid information-sensitive sites—When using public Wi-Fi, try to avoid logging in to banking and shopping sites where you share your personal and financial information. Only do these transactions from a trusted connection, such as your protected home network.
  • Use sites that start with “https”—Sites that begin with “https” instead of just “http” use encryption to protect the information you send. Look for this level of security on sites where you plan to enter login and other personal information.
  • Use multi-factor authentication – Find out which of your accounts offer two-factor authentication. This would make it next to impossible for a hacker, who has your username and password, to bust into your account—unless he had your phone in his hand—the phone that the two-factor is set up with.
  • Always log out – Don’t just click or close out the tab of the account when you’re done; log off first, then close the tab
  • Avoid automatically connecting to hotspots—Keep your computer or device from automatically connecting to available Wi-Fi hotspots to reduce the chances of connecting to a malicious hotspot set up to steal information. Make sure your device is set up so that it doesn’t automatically reconnect to that WiFi when within range. For example, your home WiFi may be called “Netgear” and will reconnect to “Netgear” anywhere, which might be a hackers connection who can snoop on your data traffic.

PC:
For Windows
Make sure no “Connect Automatically” boxes are checked.
Or, go to the control panel, then network sharing center, then click the network name
Hit wireless properties.
Uncheck “Connect automatically when this network is in range.

For Mac:
Go to system preferences, then network
Under the Wi-Fi section hit the advanced button.
Uncheck “Remember networks this computer has joined.”

Mobile:
For iOS:
Go to settings, select the Wi-Fi network, then hit forget this network.
For Android:
Get into your Wi-Fi network list, hit the network name and select forget network.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

Your Stolen Data around the World in 2 Weeks

/in , /by

Ever wonder just what happens to the data in a data breach incident? Does it go into some kind of wormhole in cyberspace, out through the other end? Well, the answer is pretty much so, when you consider that hacked data makes its rounds on a global scale, taking only 14 days to land in 22 countries spanning five continents—according to an experiment by Bitglass.

4HBitglass, a cloud access security broker, did some research, generating over 1,500 fake names, credit card numbers, SSNs and other data that were saved in an Excel spreadsheet.

Then the spreadsheet, which was tagged, was sent out into cyberspace, including to several Darknet sites. The watermark tag sent a signal (which included information like IP addresses) to the researchers every time the document was opened.

This experiment simulated a data breach and provided an idea into just where real stolen data actually goes. This research points fingers at Russia and Nigeria as far as being the location of closely related major hacking rings.

Not only did this spreadsheet make international rounds, but it was opened over 1,200 times within the two weeks. Need it be mentioned that the countries most notorious for hacking rings (e.g., Russia, Nigeria and China) did most of the opening. Other access points included the U.S., Germany, Finland, New Zealand and Italy.

This is sobering information for company leaders who fear a data breach. Bitglass points out that the average data breach takes 205 days to be detected. Wow, just how many access points would there had been in 205 days? Would it be a linear increase or an exponential increase?

Consumers are at a serious disadvantage due to the fact most of the data breaches occur with data out of their immediate control. Fret not however. The best thing a consumer can do is pay close attention to their statements and look for unauthorized activity or invest in identity theft protection which will often make your Social Security number less attractive to a thief.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Tips to being anonymous Online

/in , /by

One of mankind’s greatest inventions (besides the wheel) is the Internet.

10DUnfortunately, with this marvelous invention comes the drawback of privacy—or shall we say, lack of.

The Internet is a wonderful tool, but users must fight to remain as anonymous as possible, because getting too much of yourself “out there” could lead to trouble. In fact, it’s a big business all in itself: tracking users’ data and selling it to advertisers. Now this may sound rather benign, because no matter how much or how little of you is “out there,” you’re always going to see ads anyways.

But it’s the idea that other entities are tracking you, and also the idea that you don’t know who. All the time, information about you is being swooped up without your knowledge.

  • IP tracking. The “IP address” of your computer stands for Internet protocol. The IP address is issued by your Internet service provider and is unique to every user. An IP address can be tracked, revealing the user’s home address. Law enforcement will track an IP address of, for example, someone making threats via e-mail to bomb a school.
  • ISPs insist they don’t track IP addresses. But there are cases that make this hard to believe, such as when someone downloads a copy of a new movie. Not long after, they get a letter warning they’ve violated copyright law. This means their browsing habits were shared with a private company.
  • Cookies. Visit a site. It has cookies or data pieces that will record that you visited it. This is why when you visit the site again a week later, you’re automatically taken to the page you were last on. Cookies can also build a pattern of your web habits, so that before you know it, ads are popping up everywhere relating to sites you’ve visited.
  • Social media. Sites like Facebook will track your browsing habits with cookies, leading to the targeted advertising.

So how can you remain as anonymous as possible?

  • Open new links in an incognito window. When you right-click, a selection box will appear; choose “open in incognito window.” The incognito window means you will not leave behind cookies or browsing history. However, this doesn’t mean you’ll be the Invisible Man. But at least it’s a way of cutting down on how much of your browsing habits are revealed and shared.
  • You can download Hotspot Shield. It will put a stop to third-party tracking and encrypt data that you share with sites. You may also want it even more for its ability to mask your IP address. There is a free version and a premium version that costs $29 bucks.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Top 12 Scams Happening NOW

/in /by

Scamerama is here to stay! Scams are as old as time, and evolve as inventions and technology evolve. Top scams, according to a report on FraudAvengers.com, are as follows:9D

  1. Scammer “accidentally” overpays you for an item you sold online; you cash the crook’s phony check and wire back the difference. You’re out cold.
  2. You order something online and it’s not delivered or version arrives that’s nothing like in the advertisement.
  3. You prequalify for a credit line or loan that seems too good to be true. It requires upfront fees and sensitive information—and you end up never hearing from them again.
  4. You “win” a prize or gift card and, to receive it, must give out sensitive information and/or pay a fee. This scam occurs also via phone, and sometimes the scammer uses well-known brand names.
  5. Calls from people claiming to be IRS reps warning you that you owe money—or that you’re owed money—and that you must pay up immediately or go to jail, or pay a fee to get your refund.
  6. Crooks harp on the vulnerability of confused people seeking health care coverage every fall during open enrollments.
  7. You purchase the puppy in the online photo, pay fees for shots, crating, etc., and the puppy never arrives.
  8. “Human Resources” e-mails that make you think they’re from your employer; you provide critical information that allows the scammer to hijack your direct deposit setup.
  9. The fraudster’s “service” helps recover unclaimed property or funds, but there’s no recovery—even after you’ve paid a fee or given out sensitive information.
  10. An online job offer looks great: no experience required, start immediately, full-time—after you pay a training fee and/or give up your SSN online.
  11. A medical plan that seems too good to be true—because it’s not coverage; it’s just a discount plan.
  12. For a fee, the thief claims to be able to help you get out of debt or recover from recent identity theft or some kind of fraud, playing on your vulnerable state.

Seriously, none of these scams would happen to you if you just paid attention. Please, beware, be careful and be smart.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to plan for Digital Disasters

/in /by

In this day and age, we should never hear someone proclaim, “Oh my God, my computer crashed! I lost everything!” You can’t lose something that’s been properly backed up.

11DSo many people, including ones with businesses that rely upon cyber communication, continue to avoid backing up their digital data.

Nobody is exempt from the No. 1 rule of backing up your data. Anything could happen:

  • Hard drive crash
  • Accidental deletion
  • Water damage
  • Fire
  • Theft (offline)
  • Ransomware

The planning for digital disasters begins with first going through all of your files to clear out any “junk” or data that you know for sure you no longer need. Then delete it.

Next, make sure all of your files are organized, not scattered haphazardly, and properly labeled. See if you can consolidate some files.

You then must commit to regular backups, and this may be every day for some files. There are programs that can make the hassle of backing up much easier. They will automatically perform backups on everything, keeping a spare copy of all your files.

But what if your computer is physically stolen? A lot of good the prior-mentioned backups will do. And carrying around with you a flash drive is cumbersome and you may forget it at home—the day your computer is stolen—along with the flash drive.

This same principle applies to fire or water damage. The flash drive could be destroyed or lost. Furthermore, it’s not realistic to think you would place your computer in a fireproof safe every time you log off, though maybe every time you go out, that’s more realistic.

You could keep your computer located in a safe place that’s least likely to be damaged by a flood or fire, but that’s a thin layer of protection.

It may seem that the obvious tactic is to back your data up in a cloud service. And you’re right; this would be part of a multi-layer plan. A cloud service may also offer incremental backups.

As for that flash drive, it will sure help to make it a habit to back everything up every day—just the files you changed for that day. What are the odds that your flash drive will get stolen or burned to a crisp?

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

What is a Cache?

/in , , /by

Perhaps someone has told you that you need to “clear your cache,” but what does this mean and why should you do it? A cache is a folder of recently visited webpages, which is stored on your computer’s hard drive, and maintained by your Internet browser.

1DThe purpose of a cache is to speed up the loading of webpages. Your computer’s hard drive collects data from websites that you visit, so that when you visit them again, certain aspects of the previously visited pages (such as graphics) don’t have to be reloaded the next time, and this makes the loading time a little bit shorter.

But the space your cache has on your hard drive is limited, and over time, it can get congested. Data that hasn’t been accessed for a while gets tossed out to make room for new data from the new pages that you visit.

And sometimes, the cache process doesn’t work properly. The result is an incompletely loaded page, or a page that looks odd because it’s supposed to load new content but it’s showing old content. (Sometimes, page loading problems aren’t caused by a faulty cache, but this is such a common cause that you’ve probably heard people say, “You need to clear your browser’s cache.”)

So, now you know what a cache is, here are some specific steps to clear it on different browsers:

How to clear your cache in Chrome:

  • In the upper right of the browser click the little icon that says “Customize and control Google Chrome” when you hover over it with your cursor
  • Click History
  • Click “Clear browsing data”

How to clear your cache in Internet Explorer:

  • In the upper right of Internet Explorer, click the gear icon or “Tools”
  • Click Internet Options
  • Under “Browsing History” you’ll see a delete button; click that.

If you use another browser, and there are a few, search online for instructions on how to clear your cache.

Another option you have is to use software (free or paid) designed to clean the clutter from your computer and devices. These programs often work well, but sometimes they work too well and clean more than they are supposed to. It’s always a good idea to backup your information before cleaning your computer.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

A Quarter of all Underage Kids Will Meet with Complete Strangers

/in /by

According to a new Intel Security study, more than 2,000 American parents and kids ages 8-16 were surveyed to unveil some interesting things.12D

  • 79% of the juvenile respondents learned online safety from their parents.
  • 35% of them said they’ve been a cyberbully.
  • 27% of them said they have met, or would meet, a person in real life who they initially met online.

Technology is often blamed for all of this. But what drives these behaviors is the same force that drives the schoolyard bully to trip the bookworm and steal his lunch, or the lonely girl to get into a stranger’s car after school: parenting!

Parents need to get more involved and bone-up on their cyber smarts! Because, according to our kids, 79% of them learn online safety from you —the parent

  • Your kids want a social media account? Great—you get to have their password in exchange. Leave no other deal on the table.
  • Did you know it’s legal for parents to use monitoring software on their kids’ devices? Monitoring isn’t a break in trust. It’s simply an exercise in smart parenting.
  • Parents think because they are on Facebook with their kids, that they are “informed” about their kids’ activities. Facebook is like going out to dinner with a tween. They tolerate it, but are embarrassed by you. And while they behave in public, they may not be so well-behaved when unsupervised.
  • Apps such as Kik, Snapchat, Instagram and many others are potential platforms where risky business can take place. And these are some of the sites parents are less familiar with. Which is why you should be there.
  • Discuss with your kids the sites you do not want them visiting —including “pro-ana” sites that give tips on how to waste down to skin and bones, and other sites that give advice on how to cheat on tests. If you’re not familiar with these sites, search for them.
  • Tell them they should never reveal their password to a friend any more than they would give that friend the key to their diary (if they had a diary, of course).
  • Reinforce with your kids that anything they post online will outlive the galaxy. Digital is forever.
  • Make sure your kids are made to feel at ease approaching you about online worries or concerns. Never make them feel they’ll be judged, criticized or blown off over any questions or comments. Don’t set yourself up to be a “Why didn’t she come to ME about this?” type of parent.
  • Cover your bases: Educate your kids about common hacking scams, install parental control software and make sure your entire family’s devices have security software installed and that it’s always updated.

Digital lives are no different than physical lives and need to be treated with the same care and concern. While parents may think they have a handle on their kids’ online lives, they probably don’t. It takes a bit of denial to function as a parent because if a parent actually thought through all the horrors a kid can get into, they’d cease to function. As a result, some parents go the complete other direction and fool themselves into thinking everything’s just peachy.

Understand this: It’s not the same today as when we were kids. We know this. But the big difference is when kids fall today, they fall harder and it’s on a national and sometimes international scale that can impact the whole family.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!