Beware of these 10 Nasty Scams

/in /by

Let’s look at the top 10 scams (random order).

9DCharity

  • A fraudster claims to represent a charitable organization.
  • Such scams can operate ring-style, such as one out in Colorado some years ago in which women wearing crisp white dresses that resembled the dresses nurses used to wear, and also wearing white caps (like a nurse), solicited motorists for money by walking around at stoplights holding out tin cans that had a label on them like “Help Fight Drugs.” Many people were fooled by the white outfits and labeled cans.
  • Check out the legitimacy of the organization at bbb.org or charitynavigator.org.

E-mail

  • You receive an e-mail that seems to be from a legitimate company, like your bank, the IRS, UPS, etc. In the message is a link that you click. You just downloaded a virus.
  • Never click links inside e-mails. Contact the company by phone.

Cell Phone

  • Your cell phone rings once. You don’t recognize the number. You call back. You then get charged about $20. Whatever happens after a connection is made, you’ll also be charged a high fee per minute.
  • Ignore one-ring calls. If it’s important they’ll call back.

Credit Card Fraud

  • Ever see a tiny charge on your credit card but have no idea what it was for? It’s probably by a crook.
  • Always report even the smallest charges if they’re unfamiliar.

Sob Story

  • You get an e-mail that seems to be from someone you know. They’re overseas, got mugged, sob sob…and need you to wire them money.
  • Don’t send them a penny; it’s a scam.

Sweepstakes and Lottery

  • “You’ve Won!” shouts your new e-mail. So you click the link in the e-mail to claim your prize—which is a nice fat virus that infects your computer.
  • Run like the wind if the message tells you that you need to pay a fee to claim your winnings.

Jury Duty

  • Your phone rings. You answer. The caller tells you that you’ll be subject to fines because you didn’t show up for jury duty. But relax, you can avoid the fines by providing personal information or paying a fee.
  • Courts have better things to do than to call people who missed jury duty (do you realize how many calls that would be?!).
  • Though failing to report for jury duty does have consequences, the action is never initiated via phone.

Computer Lockout

  • You turn on your computer and see a message stating the device is locked.
  • To unlock it, you’re told to provide sensitive information.
  • Contact your security software provider or a local geek.

WiFi Hacking

  • You connect to free WiFi thinking your secure. But waiting in the wings is a hacker to sniff out your data.
  • Always use a VPN such as Hotspot Shield to encrypt your data over free WiFi.

Home Improvement

  • Someone appears at your door wearing a workman’s outfit and offers to do a job for a dirt cheap fee. They want the money upfront and will return later to do the work, or some variant of this.
  • Stick with bonded, insured, reputable companies. Refer to Angie’s List or the BBB.

Health Care

  • Someone calls you offering to help you sign up for health care.
  • Hang up; it’s a crook because government officials don’t do this.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Hacker isn’t a bad Word

/in /by

Did you know that the original meaning of hacker, as far as computers, was that of a person who built codes into computers? In fact, the bad guy was called a “cracker.” Somehow, “cracker” didn’t catch on. But the mainstream folk out there hears “hacker,” and right away, they think of a digital thief, often someone who breaks into governmental computer systems or Russian “hacking rings” that steal credit card numbers.

4DAn article at motherboard.vice.com mentions that Richard Stallman gets the credit for cracker. Stallman, creator of the GNU operating system, is quoted as saying, “I coined the term ‘cracker’ in the early ‘80s when I saw journalists were equating ‘hacker’ with ‘security breaker.’”

The news media began noticing hackers around 1980. Some hackers were security breakers. Security breaking is one thin slice of the pie, but the media jumped on this, creating the impression that hackers were bad guys.

The article also notes something that Biella Coleman explains. She’s a hacker expert and is quoted as stating that the American government “has tended to criminalize hacking under all circumstances, unwilling to differentiate between criminal activities, playful pursuits, and political causes.”

The reality is, is that a security breaker is no more a hacker than a home burglar is an architect.

In the 1990s were movies that portrayed hackers as cyber villains, and all along, the real hackers were trying to get the word out that “crackers” was the term of choice. But it just didn’t take.

Maybe one reason is because the word “hacker” has more of a novel sound to it. When you hear “cracker,” several possible things come to mind, including a detective who cracks a case, and something you put in your soup. But “hacker”? Wow – it has more punch. It conveys more action.

But how did innocent code writers get to be called “hackers” in the first place? Perhaps it’s because writing code is such an imperfect science—more of an art, full of bugs and crimps. Code writers must hack their way through muddle to get it right.

At this point, however, hacker is here to stay to refer to the bad guy, whether a teenager with too much time on his hands breaking into some company’s network, or an intricate Chinese cyber criminal organization that cracks into the U.S. government’s system.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

How to deal with difficult people

/in /by

It’s been said that nobody can make you feel bad about yourself without your permission. Well bah! Some people don’t wait for your permission to denigrate you. They are toxic. Lifehacker.com offers some ways to deal with such people.

10DLove Yourself

If someone’s words have made you feel bad about yourself, then spend some time giving yourself pats on the back and positive labels. Make this a habit.

Empathy and Compassion

Towards the offender? Yes. Like Madonna says in her song, “Oh Father,” You didn’t mean to be cruel; somebody hurt you too.

Talk to the Offender

This part takes place after you can feel some compassion for them. See if you can connect with this person. Admit that making a connection is trying, and you want their support. Arrange ahead of time with yourself that you will not feel defeated if this effort does not yield favorable results.

Talk to Others

Find someone you trust, and share with that person how the toxic individual makes you feel. This is not a sign of weakness. You certainly won’t feel worse after you’ve vented a little. And if the listener offers advice, be a good sport and graciously accept it.

You Are Whom You Associate With

It’s been said that we are the composite of the five people we hang out with the most. Ooh, that is scary, isn’t it? Maybe not; depends whom you always hang out with. But anyways, make sure you associate only with positive, upbeat people. They share your attitudes; they believe in the same important things that you do.

Don’t Mimic Their Behavior

If someone’s being toxic and you get mad, realize that your hostile reaction may escalate the situation (though I’d be lying if I said that reacting with some serious feistiness never makes them retreat).

Snip the Ties

If all else fails, you may have to sever the relationship, or at least, minimize contact. Do what you feel like doing…and don’t do what you don’t feel like doing. So if you don’t feel like visiting them when they invite you to their place, then simply don’t. If a toxic person is in town and you don’t feel like visiting, then don’t. Keep things simple. No elaborate explanations are required.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Passwords in Real Life: Don’t be Lazy

/in /by

It’s tough being responsible sometimes. And managing responsibilities for what is precious in your life usually takes a little extra thought.  Let’s say you’ve just welcomed a beautiful set of triplets into the world.  Lucky you . . . and lots to managed! But, you wouldn’t give all these babies the same name simply to make it easier to remember, right?

5DConsider this same concept as you manage other precious aspects of life, like your on line accounts. It may seem convenient – and easier to remember — to use the same password for all accounts.

But a single password across all accounts can also make it convenient for hackers to access your valuable information on these accounts.

Most of us have a number of accounts that require us to use and remember different passwords, which brings us to the question, “If we can’t use the same password for all of our accounts, how do you expect us to remember all of them?” The solution is easy.

You need a password manager.

A password manager will help you create an un-crackable password, and it will even give you a “master” password that will be able to get you into all of your accounts. That way you really will have only have one password to remember.

Password managers eliminate the need to reset passwords, and improve the security of your online accounts that contain your pertinent information. A password manager allows you to log into sites and apps using multiple factors that are unique to you, like your face and fingerprints and the devices you own.

Here are some useful tips for making strong and protected passwords:

  • Make sure your passwords are at least eight characters long and include numbers, letters and characters that don’t spell anything.
  • Use different passwords for separate accounts, especially for banking and other high-value websites.
  • Change your passwords frequently.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

Stay Safe While Traveling this Summer

/in , /by

So, when you think about summer travel safety, what comes to mind? Which beach you’ll be lounging on? Sunburns? Shark attacks? While sunburns and vacation plans are rational concerns most have when traveling during the summer, shark attacks are a new one.

4WWith all of the news of recent shark attacks, people are now anxious about wading into the waters, despite the fact that the chances of getting mauled by a shark are a whopping one in 3.7 million. No guarantees, of course, but your odds are looking pretty good.

Conversely, the odds of getting your identity stolen or your other valuable information compromised while on or planning for these fun summer trips with the family are much higher. So instead of worrying about sharks this summer, let’s worry about the real predators out there —online hackers and phishing scammers.

In order to ensure you and your family’s online safety while on vacation, you first have to find an ideal and preferably well-rated vacation spot to travel. The Web is replete with scam sites touting glorious vacation spots for bargain prices. Be wary because a lot of these locations are fictitious or are actual pictures of someone’s home “stolen” from, for instance, someone’s family blog or social media profile. The thief will then put up a fraudulent ad for renters and will request a wired upfront payment.

Book travel plans only via legitimate, reputable sites. McAfee® WebAdvisor is a tool you can use that will help to warn you of most unsafe web pages. Make sure to check reviews of any private lodgings and use legitimate, well-known travel review sites.

We all love to share what we’re doing on social media, especially kids, but avoid using location services when possible. According to the recent Intel Security study : Realities of Cyber Parenting , one in three children who are active on social media turn on location services for some or all of their social media accounts which can alert thieves that you are not home, making you vulnerable to break-ins.

Many users are unaware of these features, but the service is available, and probably enabled on almost all of your most used apps, such as Facebook, Twitter, Instagram, etc. In order to fully protect your online data, when your computer devices are not in use, the Wi-Fi, location services and Bluetooth all should be turned off. Educate your kids to disable these services and not to download apps that request this information to run.

Additional Safety Measures You Can Take:

  • Lock your luggage
  • Do not post your travel plans online
  • If you’re taking any computer devices along, back up all their data first
  • Power down, password-protect, and lock these devices prior to travel
  • The person next to you on the plane can visually eavesdrop while you type in login information—beware. Better yet, avoid computer use while on the plane, and watch movies instead
  • Never use public Wi-Fi, at least for important transactions including purchases. Not only can thieves snatch data out of the air, but cybercriminals can also install public computers with data-stealing gadgets. If you must use public Wi-Fi for sensitive communications, use a virtual private network (VPN), which will scramble your data

Even after taking all of these precautions before and during your trip, your job is not done! Once you return home from your trip, it is vital that you make sure all of your information and charges are accurate. Make sure to immediately check your online credit card statements for unauthorized charges—before you invest time posting all about your trip on social media. Credit card fraud or identity theft can occur in well under 24 hours, so don’t put off checking your card status when you come home.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

Private Investigator faces Jail for Hacking

/in /by

What a disgrace: A private investigator, Eric Saldarriaga, 41, got nailed for hacking into peoples’ e-mails. He may get six months in the can. Is six months reasonable for this, though?

4DA recent online New York Times article quotes a prosecutor who points out that hackers could be deterred by the threat of harsh penalties—because the mind of a hacker operates with a lot of thinking, vs. the mind of someone who impulsively pulls out a gun or knife.

So what did Saldarriaga do exactly? He paid an overseas company to get the login information for e-mail accounts: a hacker-for-hire deal. His clients included lawyers and other private investigators. He was known for gaining access to e-mail accounts without the user’s knowledge, so this is why he got some of his cases in the first place.

Breaking into e-mails is a serious crime because it can involve the accounts of big companies, revealing their trade secrets and other classified information.

One of Saldarriaga’s victims was journalist Tony Ortega, who has spent about 20 years writing about Scientology. Ortega believes that this controversial church’s reps hired Saldarriaga to get information about Ortega.

Ortega, as well as possibly most of the other victims, are adamant about learning just who hired Saldarriaga to conduct his dirty deed. One of the other victims is a professional gambler who secretly donates to charity. The Times article quotes the gambler: “For this one guy, to be sentenced today for a crime he did for other people would be a miscarriage of justice.”

Why aren’t the people who hired Saldarriaga also facing justice?

Saldarriaga’s lawyer, Peter Brill, gunned for just a three-year probationary sentence for his client because he was remorseful. In fact, his crime got him only $5,000.

Saldarriaga himself even pleaded with the judge who’s overseeing the case that he deserves some concessions because one of his actions, he claims, may have spared a woman from harm.

But that doesn’t nullify the reality that Saldarriaga intruded upon peoples’ privacy without their knowledge. And got paid for it.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

A look into Cyber Weapons of the Future

/in , , /by

Remember the good ‘ol days when you thought of a finger pushing a button that launched a Russian missile that then sped at seven miles per second towards the U.S. to blow it up?

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294Little did we know back then what would one day be a way for the Superpowers to war on each other: cyber technology!

A new book is out called Ghost Fleet: A Novel of the Next World War, written by Peter W. Singer and August Cole. WWIII certainly won’t be wrought with speeding missiles and hand-to-hand combat in the trenches—at least not the bulk of it.

An article on vice.com notes that the Third World War will take place in cyberspace (in addition to land, sea and air).

Vice.com contacted Singer about his novel. One of the villains is China, even though much of the attention has been on the Middle East and so-called terrorist attacks by radical Muslims.

To write the novel, the authors met with a wide assortment of people who, if WWIII were to come about, would likely be involved. This includes Chinese generals, anonymous hackers and fighter pilots. This gives the story authenticity, realism…a foreshadowing.

Singer explains that his novel is so realistic that it’s already influencing Pentagon officials in their tactics.

The Third World War will probably not require so much the ability to do pull-ups, slither under barbed wire and rappel down buildings, but the mastering of cyberspace and outer space: It’s likely that the winner of this war will be king beyond land, sea and air: lord over the digital world and the blackness beyond our planet’s atmosphere.

Projected Weapons of WWIII

  • A kite-shaped Chinese drone, massive enough to take out stealth planes and ships
  • Drones that, from high altitude, could get an instant genetic readout of an individual
  • Smart rings that replace computer mouses
  • Brain-machine interfaces. This already exists in the form of paralyzed people using their thoughts (hooked up to a computer) to move a limb (their own or robotic). This technology has applications in torturing the enemy.

That old saying, “What the mind can conceive and believe, can be achieved,” seems to be becoming more truer by the second. Imagine being able to wipe out the enemy by plugging your thoughts into a computer and imagining them having heart attacks.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

44 Tips to protecting your home from danger

/in , , /by

There are enough tips on how to protect your home to make a professional burglar dizzy. In no particular order, check them out: 6H

  • Get a peephole.
  • If you don’t have a large dog, make it look like you do, but don’t be obvious. A worn, large leash draped over an outdoor chair would be more convincing than a large food bowl near your door.
  • Put a beware of dog sign in the back (front is too obvious a ploy).
  • If there’s not a man in the house, leave out an old pair of men’s work boots or tool box on the front stoop.
  • Keep doors locked at all times.
  • Never leave the garage door open unless you must pass under it.
  • Never leave a ladder outside.
  • Place a real or fake video surveillance camera above the front door where anyone can easily see it.
  • Get a security system that includes motion detecting lights at all entry points.
  • Make sure no shrubs conceal windows. Plant thorny bushes by windows.
  • Stash what valuables you can in a sock inside your child’s bureau (burglars rarely check children’s rooms).
  • For other valuables, store in a fireproof safe.
  • Use Charlie bars or stoppers on the tracks of your windows.
  • Cover your windows with penetration-proof film.
  • Use deadbolts.
  • Keep your shades down and curtains drawn at night.
  • Make sure no valuables are visible through any windows.
  • Before you leave for vacation, arrange to have someone mow your lawn and park their car in your driveway.
  • Before you leave for travel, put a vacation hold on your mail and newspaper delivery.
  • Use an automatic timed lighting system for when you’re away.
  • Make sure all the screens in your windows are in excellent condition.
  • Make sure all the locks on your windows work—and keep your windows locked overnight!
  • Have a smoke detector and carbon monoxide detector on each floor.
  • Conduct staged fire escape drills for the entire family.
  • Never post vacation plans or even evening plans on social media.
  • Put your home security’s sign in the front and back yards.
  • Put their decals on your front door and windows.
  • Don’t allow dried-up leaves or brush to collect on your property.
  • Have a “secret room” built.
  • Don’t answer the door unless you’re expecting someone.
  • Always check your windows after a service person has left the house (they may have unlocked one as an entry point for a later burglary).
  • Never reveal to service people, salespeople, survey takers, preachers or anyone else at your door of your travel plans.
  • Make sure your voice mail recording doesn’t say, “We’re not home now…”
  • Make sure your house’s address numbers are big and easily viewable.
  • If you can’t quit smoking, then rinse the butts before discarding.
  • Keep all flammable material away from the house.
  • Give a spare house key to a trusted neighbor; never leave it under a welcome mat, flower pot or plastic rock.
  • Never step outside the house while the fireplace or a candle is burning.
  • Never leave hot things plugged in unless you’re using them.
  • Install high-grade door reinforcement technology. Door Devil, is the door jamb reinforcement I use.
  • Before leaving the house, turn your phone’s ringer to silent so prowlers don’t hear unanswered ringing.
  • Never have packages sitting outside your door; use a sign-for service.
  • Keep a phone at your bedside.
  • Assume the man at your door claiming to represent your alarm company, whom you’re not expecting, wants to rob you.

Robert Siciliano is a home and personal security expert to DoorDevil.com discussing Anti-Kick door reinforcement on YouTube. Disclosures.

App Tells Who’s Digging into Your Personal Data

/in , , , /by

Did you know that sometimes, the apps you use for your smartphone have access to your personal information and are capable of sharing it? Are you aware that your privacy can be invaded across the network board? That includes Twitter, Facebook, Instagram, LinkedIn, Google+ and more.

1PAnd how can you tell which applications can do this? MyPermissions can tell you. Once you load this and do some setting up, you’ll see which apps on your device has access to your information.

For instance, it’s not just a matter of who can get your information, but how often and just what, such as your contact list, photos and more. The more apps you use, the more likely your personal information is getting “shared,” i.e., leaked into cyberspace without your knowledge.

MyPermissions will alert you when an application barges into your sensitive information. It will give you control over who gets access to your data.

Without MyPermissions, it’s like walking through a crowded area and dropping one copy after another of your driver’s license, bank statement, credit card and family contacts.

So let’s suppose you’d like to start with Facebook. You tell MyPermissions you’d like a scan. MyPermissions will use your FB account to look for external connections. You’ll have a dashboard to see who’s getting into your information and you’ll be directed in how to stop this.

Worried if MyPermissions will share your data? Don’t. It will never collect, store or use any of your private information.

A similar application is that of Online Privacy Shield (free from Google Play Store). It will tell you which of your apps are nosing around in your private files and what they’re getting. And you could control who gets what.

Instagram, Twitter, Facebook, LinkedIn, etc., all have different ways for terminating access to your privacy, so bear with that—don’t expect all to terminate with one simple click just because one particular service has a one-click termination.

Be prepared for a shock: Hundreds of apps may have access to your sensitive data. You’ll need to embrace and appreciate the time required to get all of this straightened out. But when all is said and done, you’ll be glad you took that time.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

Things to tell your Kids about Privacy Online

/in /by

Those were the days when all parents had to worry about was the creepy guy lurking near the playground. Now parents have to worry about creeps all over the world reaching their kids via computer. And there’s more to worry about. Here’s what to teach your kids: 2P

  • Screen names should not be revealing about location, age or even gender. Never use the full name. Choose a name that would never outright point to the user, such as “Chris J,” when everyone knows the user as Tina Jones. “Chris” can make Tina (Christina) still feel connected to the screen name. And “sweetcheeks” isn’t a good screen name for anyone, especially a kid.
  • Before posting anything, make sure the answer would be “yes” if asked if your grandmother would approve.
  • Deleting an image or comment doesn’t mean it’s removed from cyberspace. While it was up, it could have been shared and recirculated. The No. 1 rule is: Once it’s online, it’s permanently there, no matter what you do with it afterwards.
  • Don’t assume that just because the privacy settings are high, that only a very limited audience will view the posting. Somehow, some way, there’s always a way for something to “get out.” An example would be an authorized viewer sharing the image or posting.
  • Racy images and offensive posts may seem harmless now, but down the road can return to haunt the user when they apply for college, a job or are in a lawsuit.
  • Never impersonate anyone.
  • Discourage sharing personal things online; it’s better to just yak about it in person or over the phone. As for things like address and Social Security number, this information should never be given out unless for a job or school application.
  • Be polite online. “Speak” coherently, use punctuation, don’t ramble, don’t swear and don’t use all caps. Use spell check when possible.
  • Avoid sex talk online at all costs. A predator can pose as anyone and win the trust of kids.

Parents should learn about how privacy settings work so that their kids aren’t left to figure it out themselves. Otherwise, uninformed kids might just let it go and not bother. This approach will let the whole world see what they’re posting. Privacy settings for all accounts should be high, including chat and e-mail accounts.

  • Keep the lines of communication open with your kids.
  • Peruse the social networking sites your kids use to see if they’re posting anything risky or inappropriate, such as announcing vacation plans (something that burglars search for).
  • Tell your kids to report anything suspicious online, just as they’d report to you if someone was hiding in the bushes outside your house.
  • Review the friends list of your kids.
  • Install Hotspot Shield VPN. This is security software which, in addition to antivirus/phishing software and a firewall, will help prevent hacking.
  • Make the non-negotiable rule that you can check your kids’ devices at will, and that any online “friend” your child wishes to meet must meet you first.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.