Question: Should You worry about Kids on Social Media?

With all the increased news coverage of kids running off with adults they met online, and kids dying by suicide supposedly due to online bullying, many parents are wondering if their worries about their kids being online are justified.

14DWe hardly hear about how social media has benefited kids. There’s nothing inherent about electronic communications or electronic media that makes it bad for kids. There will always be bad people out there—online and offline.

An article on commonsensemedia.org lists multiple ways good things can come to kids who use social media.

  • Makes friendships stronger. The site did a study called Social Media, Social Life: How Teens View Their Digital Lives. More than half the participants said that social media has benefited their friendships. Only four percent said it hurt them. And 29 percent reported social media made them feel more extroverted, while just five percent said it made them feel more introverted.
  • Creates a sense of belonging. The article points out a study from Griffith University and the University of Queensland in Australia that concluded that teens today are less lonely than they were in past decades. The ease of being connected makes kids less isolated.
  • Online community support. Online communities exist for just about everything, so that even the most geekiest, nerdiest outcast can find a group who accepts him or her. This includes support groups for kids whose parents are divorced and kids who are cutters.
  • Expressing themselves. And this doesn’t just mean venting, but social media allows kids to put up their creative work and learn how to become more skilled.

Being helpful. Instead of thinking that social media is bad for kids, consider that kids can be good for social media. Think of how many opportunities exist for kids to do something good, to help a person out—by posting uplifting messages and artwork, to name a few ways.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to keep a Clean Online Presence

At any given time, someone, somewhere, is probably googling you. This could be a former classmate, a neighbor, someone you’re trying to do business with, a relative, who knows?

1PAre you confident that whatever they find will be information that’s truly representative of you? Maybe if you have a really common name, it may be lost in cyber muddle, but the more unusual your name is (or how the first name is spelled), the easier it will be to find you. If you want a clean online presence, there are things you can do.

  • Search yourself on Facebook, Twitter, LinkedIn, etc.
  • Google yourself and see what comes up within the first two pages of results. Make sure you’re logged out of Google or other browser you’re searching on. The results can be different vs being logged in.
  • Log back in and search your name again to see how the results look.

But how do you get rid of negative information and make yourself look better?

If you’re the creator of negative information, it’s a cinch. Just go into your Facebook account or wherever the unflattering information is, and delete it. Also adjust the settings for privacy, such as limiting post or image visibility to select visitors.

  • Search engines. Ask the search engine to remove the page result. For Google go here. For Bing go here.
  • Google+. Hide what you don’t want others to see. Check out the privacy settings.
  • LinkedIn. Make sure your profile is updated.
  • Twitter. Make the account private to prevent retweets. If you’re new to Twitter, think very carefully before you tweet, as tweets really do get around.
  • In addition to these tactics, try online reputation management firms. They aren’t cheap, but they work, mostly.
  • Go through all of your account profiles and upgrade them. Make them crisp, clear and free of fluff or anything that doesn’t flatter you. Add information that makes you more impressive. And use a good photo for your profile or avatar. Really, some Facebook profile pictures are ridiculous and unflattering, some not even making any sense.
  • Replace racy or otherwise negative images of you with more respectable ones. Or just delete them, period, like endless selfies that shout, “Ooh, look at me in this one!”
  • Be very careful what photos you put up on Facebook and Instagram. If you’re soliciting for donations, don’t have a photo of you eating lobster.
  • Sign up with a nameplate site like about.me, seelio or flavors.me where you can say good things about yourself and list your skills.
  • Get your own domain, even if you think your name is taken (use a variation), then use a reliable hosting company and put up your work.
  • Link all of these accounts so that visitors to one will be driven to the others.
  • Sign up with services to show your skills such as YouTube and Vimeo. See what’s out there for your various talents (e.g., Flickr for photographers).
  • Follow the cardinal rule: Don’t put anything in cyberspace that you wouldn’t want to reveal to 50,000 people at the coliseum.
  • Oh, drinking and posting don’t mix. Just don’t. Stop it. Really.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Is It Fraud or are You just Crazy?

What would you rather have happen to you? A Russian ring of hackers has infiltrated your computer and smartphone and is hell-bent on taking control of your finances, social media life, even the smart gadgets in your house…OR…you’ve just been diagnosed with paranoid psychosis, and in fact, nobody’s out to harm you at all.

12DIn a day and age where it’s become increasingly easy for hackers to hijack your credit card and bank accounts, spy on your baby by hacking into the baby-cam and spy on you via your laptop’s camera … the line between paranoia and real-life spying has become very muddled.

Unfortunately, there isn’t a day that goes by that someone contacts me completely convinced they are being spied on. Maybe they are, most likely they are not. Especially when they begin to explain how every device they own and seems to know everything about them and so on. The likelihood of a hacker having control over their TV is pretty small.

For example, 30 years ago if someone said, “Someone is watching me through my computer,” we’d just assume that person was delusional and needed some medication. Nowadays, we’re apt to immediately think, “Put tape on your laptop’s camera hole!”

So how can we weed out the crazies from the true victims? Just because your laptop has a camera hole doesn’t mean you can’t be imagining that your ex-spouse is spying on you through it.

Many claims of fraud or victimization are real, and many are deliberately made up for financial gain (e.g., faking back pain after a fender bender) or are the result of mental illness.

Sometimes, it’s obvious when the claim is fraudulent or the result of being “crazy.” In fact, the tip-offs that it’s mental illness at play are more obvious than when it’s fraud, since the con artist can be quite skilled.

A general rule of thumb is to look at the simplicity—or lack thereof—of the case. Is the claimed cause simple or convoluted?

For example, you hear a crash, race into the living room and see that your favorite vase—which is located near the bottom of the staircase—has been broken to smithereens. Near the vase is a basketball. At the top of the staircase are your two young sons with scared looks on their faces.

They cough up an explanation: “We were in the living room reading. The basketball was on the floor. A gust of wind blew through the window so hard that it tossed the basketball into the vase. We thought you’d blame us so we ran up the stairs.”

Common sense must be used in determining the most probable cause of an event. This holds for parents, claims adjustors, detectives and juries at a trial. The best judge views things through the lens of simplicity.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Phishing 101: How Not to Get Hooked

You’d think that it would be as easy as pie to avoid getting reeled in by a phishing scam. After all, all you need to do is avoid clicking on a link inside an email or text message. How easy is that?

A phishing scam is a message sent by a cybercriminal to get you to click on a link or open an attachment. Clicking on the link or attachment downloads a virus, or takes you to a malicious website (that often looks like real site).

You are then tricked into entering user names, passwords and other sensitive account information on the website that the scammer then uses to take your money, steal your identity or impersonate you.

Intel Security recently designed a quiz to help people identify a phishing email. Sometimes they’re so obvious; for example, they say “Dear Customer” instead of your actual name, and there are typos in the message. Another tip-off is an unrealistic “threat” of action, such as closing down your account simply because you didn’t update your information. Some scammers are more sophisticated than others and their emails look like the real thing: no typos, perfect grammar, and company logos.

The quiz showed ten actual emails to see if all of us could spot the phishing ones.

  • Out of the 19,000 respondents, only 3% correctly identified every email.
  • 80% thought at least one phishing email was legitimate.
  • On average, participants missed one in four fraudulent emails.

image001

The biggest issue may not be how to spot a phishing scam as much as it is to simply obey that simple rule: Don’t click links inside emails from unknown senders! And don’t download or click on attachments. Now if you’re expecting your aunt to send you vacation photos and her email arrives, it’s probably from her.

But as for emails claiming to be from banks, health plan carriers, etc.…DON’T click on anything! In fact, you shouldn’t even open the message in the first place.

And I can’t say this enough: Sorry, but you aren’t special enough to be the one person to be chosen as the recipient of some prince’s lofty inheritance. And nobody wins a prize out of the blue and is emailed about it.

A few more things to keep in mind:

  • An email that includes your name can still be a phishing scam.
  • Don’t fret about not opening a legitimate message. If it is, they’ll call you or send a snail mail.
  • You can also contact the company directly to see if they emailed you anything.

Want to see how your phishing skills stack up? Take the Intel Security quiz, here.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Identity Fraud Victim every two Seconds

Yes, identity fraud is SO common that someone becomes a victim every two seconds. The 2014 Identity Fraud Study, as reported on javelinstrategy.com, turned up some alarming results.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Though the dollar amount stolen had decreased over the year preceding the study, the number of victims had increased. People at highest risk were ages 35 to 44.

Account takeover—when the thief takes over a pre-existing account—made up 28 percent of ID fraud losses in 2013. But the greatest risk factor for becoming a victim of identity fraud is the data breach. In that year, 30 percent of people who were notified of a data breach became an ID fraud victim.

Identity fraud is associated with credit cards, but this type of crime can also involve hijacking someone’s PayPal account, or account on Amazon and eBay.

How to Protect Yourself

Javelin Strategy & Research, who conducted the study, recommends the following:

  • Never use public Wi-Fi (at least use a VPN)
  • Shred old sensitive documents.
  • Change the passwords on all of your accounts often.
  • See which accounts offer two-factor authentication, then set it up. This way you’ll know if an unauthorized person is trying to access your account.
  • Use anti-virus and anti-malware software for all of your devices.
  • Monitor your accounts every week. Use mobile apps to stay on top of them.
  • Use direct deposit for payroll checks.
  • Don’t permit your Social Security Number to be used as an authenticating factor, because it can’t be changed, like a username or password can. Ninety-six percent of major credit card issuers and 80 percent of the top 25 banks will permit access to an account via the SSN. You should inform the institution to notate that you will never provide this number to verify your identity.
  • Arrange for your financial institutions to send you alerts (e-mail, text, phone call) when anomalous activity occurs, such as a purchase made in two countries only a few hours apart, or any purchase over a certain amount. Ask about additional forms of fraud detection as well.
  • If you suspect fraud, immediately report it.

If you receive notification of a data breach, you’re at higher risk for fraud; crack down on monitoring your accounts.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

What is the Cloud?

You’ve probably heard of people storing information in “the cloud,” but what does that really mean, and is it safe to put your data there?

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294The cloud is best described as a network of servers offering different functions. Some servers allow you to store and access data, while others provide an online service. You may be familiar with “cloud services” offered by companies such as Google and Adobe.

The term “cloud” comes from cloud computing, which is essentially using a group of computer resources to maximize their effectiveness.

The cloud is now comprised of millions of servers worldwide, and chances are you access it on a regular basis. For instance, you may have uploaded a picture from your smartphone to Instagram, which stores images in the cloud, or you could be using cloud storage service.

Because the cloud allows you to upload and access data and services from any Internet-connected device, it’s certainly convenient, but that doesn’t mean that it’s always safe.

Many worry about hackers getting into clouds, especially ones in which the services do not offer two-factor authentication. (This is when you need two different components to gain access to an account, such a something you know, like a password, and something you have, like a unique fingerprint.) Another potential vulnerability is that hackers might intercept data as it’s being sent to the cloud, especially if that data isn’t encrypted, or scrambled, to keep it from being read by unauthorized third parties.

Cloud customers must have faith that the service provider is doing all it can protect their prized data.

Not all cloud providers operate the same way, with the same security, but there are minimum standards, which they must meet. It’s important to know about the different levels of security, so you can make the right choices about your service providers.

A few cloud service providers:

  • Windows Live
  • iCloud
  • Google
  • Amazon Cloud Drive
  • Dropbox

Lots of storage can be obtained for free. Rates vary and getting cheaper by the day.

Cloud providers have everything to lose and nothing to gain be being insecure. It is well known that poor security can damage a brand. However, cloud security generally begins with the user and not the cloud itself. If your devices are old, outdated, poorly utilized, or don’t have the proper security, you could be the weak link.

So, make sure that your devices and security software are up-to-date and look for cloud providers that offer advanced security options such as encryption and two-factor authentication. And, if you really want your sensitive information to stay secure (such as tax returns and other financial and personal information), you might consider saving those files on a backup hard drive rather than putting it in the cloud.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Dude hacked Lottery Computers

Who needs psychics to reveal future lottery numbers when you can hack into the state lottery association and tamper with it? That apparently was the reasoning of Eddie Raymond Tipton, 51.

9DProsecutors believe Tipton inserted a thumb drive into a computer—the one that spits out random numbers for the lottery, says an article in the Des Moines Register, according to a report at arstechnica.com.

At the time of this purported crime, Tipton was head of security for the Multi-State Lottery Association. Surveillance caught him buying a ticket that was worth $14.3 million (not smart enough to wear a disguise, eh?).

Coincidence? Not according to the prosecutors, who say he programmed computers that generate the numbers. This shouldn’t even be possible.

Supposedly on November 20 of 2010, Tipton went into the “draw room” where he altered the time on the computers. The settings of the room’s camera were changed, so that Tipton’s activity inside the room would not be recorded.

Prosecutors say that of the five people who are capable of changing the camera’s settings, four said they did not change them. Of course, the fifth person is Tipton. What a sly duck: resetting the camera so that it recorded only one second out of every minute, to miss detecting him inserting the thumb drive.

But he pled not guilty, even though he was identified as the man in the surveillance purchasing the golden ticket. Even if there’d been no tampering, Tipton would be barred from receiving the prize because employees of the association are banned from claiming lottery prizes.

For about a year, this particular ticket went unclaimed. But through a New York attorney, a company in Belize tried to claim the ticket at the last minute.

Somehow, authorities smelled a rat and focused on Tipton. Prosecutors also say that he had a fascination with root kits, which is in line with quickly installing the thumb drive. A root kit can be installed fast, carry out its orders, then self-destruct without leaving a trace.

The scales of justice are not tipped in Tipton’s favor especially because a witness plans on testifying that shortly before December 2010, Tipton told him he had a rootkit—a self-destructing one.

The trial is set for July 13.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

How to Burglar Proof your Doors

Burglars love doors; they frequently gain entry by kicking them down and even using less aggression to get into a house—and that includes simply opening the door because it’s not locked.

2HDon’t believe that if a burglar wants to rob you badly enough, he’ll figure out a way to get in. While there is no such thing as 100% secure, in many cases, you CAN prevent a burglary. Since when do burglars enjoy the possibility of being seen messing around with someone’s front door for 20 minutes? Make it hard for them, make your house a tough target and they will move on.

  • Burglar proofing your door begins with making sure you have a decent door to start with, then building up from there. But first, let’s briefly discuss USING the lock that’s there. Often, burglars and home invaders get in by, as already mentioned, simply opening an unlocked door. If the occupant isn’t home, it’s a burglary. If they’re home, it’s a home invasion. If you’re home, even in the middle of the day, have all doors LOCKED. This costs you no time, muscle or brainstorming to pull off.
  • A locked door will stop many burglars, but not all. A hollow door is no good. If your door is hollow, you’ll need to replace it. If the door sounds hollow when you knock on it, it probably is.
  • To make a door kick-down proof, get a door that opens outward, towards someone standing outside of it. And as impossible as it seems to bust through a door like this, that’s not enough, however. A door should not have windows that could be broke and the locks accessed. Forget the décor and think security.
  • Many people don’t like the idea of a door that opens outward, which is all the more reason that more layers of security are needed besides having a solid wood door or a metal fire retardant door with no windows. And that begins with a deadbolt. The deadbolt does not replace the regular lock; it’s an addition. If you already have a deadbolt, look at it. Can you see screws on the outside? If so, replace it with one with screws only on the inside. The throw bolt should be at least one inch.
  • Install a peephole. Opening the door to see who’s there defeats the purpose of whatever deadbolt or reinforcements you have; once the door’s open, you’re game. Don’t think for a second that a determined intruder can’t bust one of those chain thingies that connect the door to the frame. The peephole should allow for a wide-angle view and have a cover so that an outsider can’t reverse the view with a reverse peephole viewer.
  • Do you know what a lock cylinder is? It’s where you stick the key in. Burglars can work these off. A metal guard plate can be installed around the cylinder to prevent removal.
  • Look at the door’s hinges. They should not be on the outside unless the door open out. If they are, they can be secured with non-removable hinge pins. For hinges on the inside, secure them with three-four-inch screws.
  • Examine the strike plate—the metal plate that’s around the door’s lock-set screwed into the door jamb. The strike plate should be heavy duty metal but the “stock” one you have is insufficient. The door jamb itself is made up of weak ½ inch pine and can easily be kicked in. Beef that puppy up with “door reinforcement” such as the Door Devil Door Reinforcement Kit. Not having reinforcement makes you an easy target.
  • What about the door frame? This counts, too. A weak door frame can be pried with a crowbar. The frame should be secured to the wall with several three-inch screws that reach the wall stud.

Robert Siciliano is a home and personal security expert to DoorDevil.com discussing Anti-Kick door reinforcement on YouTube. Disclosures.