Beware every time the Phone rings

/in , /by

Don’t assume you’ll never be targeted by phone scammers just because you don’t have a cell phone; they continue to feast on landline users, especially those over 50.

9D“This is the IRS…”

  • Drill this into your head: The IRS never calls to collect back taxes. NEVER.
  • A common ploy is to threaten that the listener will go to prison if they don’t pay up immediately.
  • If you really do owe taxes, the IRS will contact you alright—but via snail mail, not a phone call, text or e-mail.
  • Scam calls may also sound professional with no threats, and may be a pre-recorded woman’s voice.
  • Scammers can make the caller ID show “IRS.”

Charities and Fundraisers

  • A call comes from the fraudster, claiming he represents a charity and wants your donation. The con artist may even say he’s with the local police department.
  • Want to help mankind? Hang up on the caller and give to a reputable foundation or give out homemade sack lunches to the homeless.
  • Go online and search the organization in question to verify they’re legit.
  • If the call has an automated message, hang up immediately.
  • A legitimate organization will not request your Social Security number or personal financial information.

“You’ve won a prize!”

  • No, you haven’t. These are scams; hang up.

Tech support never calls you…

  • You must call them first. So if you get a call from “tech support” asking for personal information, it’s a scam. Geek squads don’t just up and call people.
  • A call about installing an update is a scam.
  • Scammers can make the caller ID show “Microsoft.”

“Hi Grandma, it’s your favorite grandson!”

  • If relatives call asking for money, hang up and call them to verify that said caller is really your relative.

Avoiding Scam Calls

  • Must you answer the phone every time it rings? It’s perfectly legal to ignore a ringing phone.
  • If your phone has caller block, input numbers from suspected scammers. Next time they call, there’ll be barely one ring, then the caller will be blocked.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

3 Ways We are Tricked into Cyber Attacks

/in , , , , , /by

So just how are hackers able to penetrate all these huge businesses? Look no further than employee behavior—not an inside job, but innocent employees being tricked by the hacker.

9Drecent survey commissioned by Intel Security reveals that five of the top seven reasons that a company gets hacked are due to employee actions.

One of the things that make it easy to trick employees into giving up critical information is the information employees share on social media about their company.

People just freely post things and tweet all day long about company matters or other details that can be used by a hacker to compromise the company. What seems like innocuous information, such as referring to a company big wig by their nickname, could lead to social engineering (tricking users into believing the request is legitimate so the user gives up sensitive information).

Between social media and the golden nuggets of information on Facebook, Twitter, LinkedIn and other platforms, hackers have a goldmine right under their nose—and they know it.

3 Key Pathways to Getting Hacked

  1. Ignorance. This word has negative connotations, but the truth is, most employees are just plain ignorant of cybersecurity 101. The survey mentioned above revealed that 38% of IT professionals name this as a big problem.
    1. Do not click on links inside emails, regardless of the sender.
    2. Never open an attachment or download files from senders you don’t know or only know a little.
    3. Never visit a website on the job that you’d never visit in public. These sites are often riddled with malware.
  2. Gullibility. This is an extension of the first pathway. The more gullible, naive person is more apt to click on a link inside an email or do other risky tings that compromise their company’s security.
    1. It’s called phishing(sending a trick email, designed to lure the unsuspecting recipient into visiting a malicious website or opening a malicious attachment. Even executives in high places could be fooled as phishing masters are truly masters at their craft.
    2. Phishing is one of the hacker’s preferred tools, since the trick is directed towards humans, not computers.
    3. To  check if a link is going to a phishing site, hover your cursor over the link to see its actual destination. Keep in mind that hackers can still make a link look like a legitimate destination, so watch our for misspellings and bad grammar.
  3. Oversharing. Malicious links are like pollen—they get transported all over the place by the winds of social media. Not only can a malicious link be shared without the sharer knowing it’s a bad seed, but hackers themselves have a blast spreading their nasty goods—and one way of doing this is to pose as someone else.
    1. Be leery of social media posts from your “friends” that don’t seem like things they would normally post about. It could be a hacker who is using your friend’s profile to spread malware. Really think…is it like your prude sister-in-law to send you a link to the latest gossip on a sex scandal?
    2. Don’t friend people online that you don’t know in real life. Hackers often create fake profiles to friend you and then use their network of “friends” to spread their dirty wares.
    3. Take care about what you post online. Even if your privacy settings are set to high, you should think that when you post on the Internet, it’s like writing in permanent ink—it’s forever. Because did we all really need to know that time you saw Kanye from afar?

All of us must be coached and trained to keep ourselves and our workplaces safe, and that starts with practicing good cyber hygiene both at home and at work.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

6 Tips for Protecting Your Social Media Accounts

/in , /by

10 years ago, many of us were hearing about social media for the first time. Now, social media plays a giant role in our lives, allowing us to share pictures, connect with family and friends, and get updated news. Through social media, we can express ourselves to our inner circle and the world.

14DSo how devastating would it be if someone got a hold of your social media accounts?

They could really wreak some havoc, like sending dirty links to all of your followers on Twitter. Or worse, take personal information in order to steal your identity, which could take years to fix. Sadly, breaking into your social media account can be easy—just one wrong click on a phishing scam or using a weak password that is easy to guess

Luckily, there are a few things you can do to protect your social media accounts from hackers. Here are my tips:

  1. Discard unused applications. Take inventory of your social media accounts to see if there are any third-party applications that have access to your personal social data. Delete the ones you don’t use or don’t need. And make sure you are ok with what information they are accessing from your social profile/account as these can be gateways to your account for hackers.
  2. Be careful who you friend online. Only accept friend requests from people you know in real life. Often hackers will send requests so they can see the information you are sharing to help them take advantage of
  3. Sharing is not always caring. Double check your privacy settings to control who sees your posts. Also, be careful what you share online—think of what you post online as being there forever, even if you have privacy setting enabled. For example, sharing that you’re away on vacation could inform a thief that you’re not home and indicate to them it’s a good time to rob you.
  4. Use strong passwords. Using “password” as a password isn’t going to cut it. The strongest passwords are at least eight characters in length, preferably 12; contain a combination of upper and lower case letters, symbols and numbers, and are unique to each account. For more information on how to create strong passwords, go to passwordday.org. And don’t forget to join us to celebrate World Password Day on May 7th. If you have trouble remembering and keeping track of all your user names and passwords, a safe option is to use a password manager. I like, which allows you to log into sites and apps using multiple factors that are unique to you, like your face and fingerprints and the devices you own.
  5. Multi-factor authentication. Imagine a hacker has your password, username and email and even knows the answer to your secret question. He can get into your account. But if you’ve enabled multi-factor authentication, the hacker will need another factor to truly access your account. So without your phone, fingerprint, face or whatever factor you’ve set up, the game’s over for him. With True Key, you have to keep you safe online.
  6. Use security software. Of course, keep all your devices updated with comprehensive security software like McAfee LiveSafe™ service.

Don’t let hackers hack into your digital life! For other tips, check out @IntelSec_Home on Twitter or like them on Facebook!

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

What is Spam?

/in , /by

Everyone’s heard of spam as it pertains to emails. Spam isn’t necessarily a malicious message designed to trick you into revealing your credit card number or PayPal login information.

emailBut spam is an unsolicited message, sometimes referred to as junk mail. Spam can be very annoying and relentless in nature, often attempting to convince you to buy something. Sometimes these messages are untruthful, such as those advertising human growth hormone pills (when they actually contain nothing of the sort). Spam also includes phishing which are messages designed to trick you into giving up personal information. Other messages can be legitimate advertisements—nevertheless, you did NOT ask for these solicitations.

Spam arrives in the form of emails, instant messages, and text messages—and it can also affect smartphones.

Spammers buy lists from brokers that continuously harvest email addresses from the web. They also run dictionary attacks, throwing billions of combinations of words and numbers at an email database to find valid address combinations.

Though some emails are obvious spam, such as ones with particular keywords like Viagra, sex lifeprescription drug discounts and fast weight loss, other spammy messages are not so obvious; they may appear legitimate or show a sender address of a family member, friend or business associate.

For instance, the sender may appear to be from your bank), with a subject line warning you to urgently update your account information. Similarly, the subject line may not be threatening, such as one referencing “your recent order from Amazon” or “your shipment from DHL,” yet it is not legitimate.

Spammers have found that if enough of these go out all at once, they’ll reach a statistically significant percentage of recipients who will have placed an order from Amazons within the previous 48 hours, or are expecting a delivery from DHL any day.

Here are some tips on how you can fight spam:

  • Be careful with your email address. Don’t supply your email address to sites you’re not sure about, and never post it in a public place.
  • Verify. If you’re not sure if an email is valid, even though it appears to be from your bank, medical carrier, employer, etc., don’t respond to the email. Contact the company or business by phone to verify the email’s validity.
  • Think before you click. Don’t click blindly. Never click on links in unsolicited emails. If you think the email is real, check the link URL to make sure you are being directed to a legitimate site.
  • Open with care. Think twice open attachments that you’re not expecting or from someone who normally wouldn’t send you an attachment.
  • Be cautious. Don’t be fooled by sensational subject lines. Another type of fraud is a subject line claiming you won a prize or are owed money.
  • Ignore it. If the email shows up in your spam or junk folder, chances are it’s spam, so LEAVE IT ALONE!

It’s simple: Never reply to spam.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

What kind of Home Security System is right for Me

/in /by

Burglars don’t usually depend upon the light of the moon to break into homes; they depend on the daylight—because that’s when they know most homes are empty! The kids are in school, the adults are at jobs or shopping…duhhh, even a halfwit burglar knows this is an opportune time!

4HTherefore, you should get a home security system that’s designed to repel robbers in both the dead of day, not just night. This includes while you’re home. And when you are home, a burglary turns into a “home Invasion” which often turns deadly.

  • You may be sick in bed.
  • You may be home telecommuting.
  • Or maybe you have a weekday off.
  • Maybe you work a night shift and you’re home during the day.
  • Are your kids home by themselves after school?
  • Is Gramps there by himself?
  • Do you travel frequently?
  • Figure it all out and then investigate which home security system fits your lifestyle.

A home security system isn’t just the alarm that shrieks when someone tries to break in. It can be a pendant that Gramps wears in case he falls. It could be remote monitoring of your latchkey kids.

A representative from a reputable home security company can answer all of your questions, such as how to make access to the control panel easy for kids and the elderly, while remaining hard to find by an intruder.

You’ll probably learn a lot of what the most state-of-the-art system can do—things you wouldn’t necessarily know that a security system is capable of, such as a text message triggered by the system’s sensors—indicating that something anomalous is occurring at your house, such as a window being broken or a gas or water leak.

You’ll also learn how to be smart about your system, such as making windows exceedingly difficult for an intruder to get through, including those you’d think were too small to matter.

If you have a garage, that requires yet another layer of security. An intruder may get in via a window, then get into the garage from the internal door that connects it to the house. He opens the garage and begins loading his van which is parked in the driveway, whistling nonchalantly while neighbors don’t suspect a thing.

For optimizing your security options, you should consult with experts from well-known companies and read reviews from current customers to determine which options, features, benefits, bells and whistles are most appropriate for you.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Protect Yourself from Online Fraud

/in , , , /by

Yes, it’s possible: preventing fraudsters from getting you via online trickery and other stealthy actions. Yes, it’s possible to be thinking one step ahead of cyber criminals. Let’s begin with e-mails—the conduit through which so many cyber crimes like ID theft occur. 9D

  • Imagine snail-mailing vital information like your SSN, bank account number, a duplicate of your driver’s license and your credit card number. At some point in the delivery process, someone opens the letter and see the contents. Electronic messages are not entirely private. Recognize this risk before sending knowing that in transmission there is a chance your information can be seen. Sometimes the telephone is a better option.
  • Ignore sensationalistic offers in your in-box like some ridiculously low price on the same kind of prescription drug you pay out of pocket for; it’s likely a scam.
  • Ever get an e-mail from a familiar sender, and all that’s in it is a link? Don’t click on it; it may trigger a viral attack. As for the sender, it’s a crook compromised your friends email and who figured out a way to make it look like the e-mail is from someone you know.
  • In line with the above, never open an attachment from an unfamiliar sender; otherwise you may let in a virus.
  • If someone you know sends you an unexpected attachment, e-mail or call that person for verification before opening it.
  • Enable your e-mail’s filtering software to help weed out malicious e-mails.
  • Ignore e-mails asking for “verification” of account information. Duh.

Passwords

  • Don’t put your passwords on stickies and then tape them to your computer.
  • Do a password inventory and make sure all of them contain a mix of letters, numbers and characters, even if this means you must replace all of them. They also should not include actual words or names. Bad password: 789Jeff; good password: 0$8huQP#. Resist the temptation to use a pet’s name or hobby in your password.
  • Every one of your accounts gets a different password and change them often.

General

  • Make sure your computer and smartphone are protected with antivirus/anti-malware and a firewall. And keep these updated!
  • Your Wi-Fi router has a default password; change it because cyber thieves know what they are.
  • When purchasing online, patronize only well-established merchants.
  • Try to limit online transactions to only sites that have an “https” rather than “http.” A secure site also has a padlock icon before the https.
  • Make sure you never make a typo when typing into the URL; some con artists have created phony sites that reflect typos, and once you’re on and begin entering your account information, a crook will have it in his hands.
  • Access your financial or medical accounts only on your computer, never a public one.
  • Ignore e-mails or pop-ups that ask for account or personal information.
  • When you’re done using a financial site, log out.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Trolls get Dose of Reality

/in /by

Well, you know that old saying: The viciousness of an online bully’s attack is inversely proportional to the size of his (you fill in the blank), I was thinking ego.

12DMany online bullies are female, but in the case of former Red Sox pitcher Curt Schilling’s daughter, the trolls are collectively male.

Recently Schilling tweeted how proud he was that his daughter, Gabby, will be playing softball as a pitcher for Salve Regina University. Schilling got a lot of responses. And some were disgusting, including one that mentioned assault (yeah, I’d like to see the dude who posted that try to mess with a collegiate pitcher—these young women aren’t to be messed with).

Other repulsive acts and terminology came up in the comments. Sometimes, as Schilling set out to prove, it’s not best to just ignore the bullies, thinking they’ll go away.

In the case with 17-year-old Gabby, the “bullies” are more like pond scum idiots who, in real life, would probably scurry like a mouse if a woman got in their face.

Schilling quickly tracked down the names and schools, plus some other details, of the bullys. As a result, says the athlete, nine of these maggots have been either fired from their jobs or kicked off their sports teams. The Twitter accounts of two of the trolls have been deactivated.

Schilling received apologies from them, but only after the fact. Too late. And why did these young men make the posts in the first place? They don’t even know Gabby. Do they have a teen or young adult sister? How would they feel if their teen sister were the subject of such vile posts? Some of the trolls told Schilling to chill. Would they themselves chill if their sister, girlfriend or mother were the object of vulgar comments?

Hopefully, Gabby is internally stable enough not to take extreme measures as a result of the online bullying, like the many kids who have taken their own lives. But still…internal stability or not…nobody, especially a proud dad, should have to receive vulgar posts about themselves when they’ve done nothing wrong.

If you still think this is no big deal, remember: Once you post something, it’ll probably be out there for all time—waiting to smear your reputation, or hurt someone, real real bad.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

5 Online Security Tips You need to know

/in /by

It’s up to the potential victim—the user—YOU—to make your computer or smartphone very difficult for Joe Hackster to infiltrate.

7WPasswords

  • Being that cyber crime has been a fixture of modern living for over a decade, you’d think that everyone and his brother would know to use strong, long passwords, and a different password for each account. But people—including those who’ve been around for a long time—continue using the same password and ridiculously weak passwords, like password1 and princess.
  • A very strong password will go a long way in preventing hacking incidents. It should be at least 12 characters and a mixed salad at that: different cases, numbers and symbols, and no words.
  • Every single account should have a different password.
  • Learn which accounts offer two-factor authentication, then activate it. This way, if someone gets your password they still can’t get into your account unless they have your smartphone.

The cloud is cool but not 100 percent secure

  • Sounds funky: “cloud storage.” But the vulnerabilities aren’t necessarily in the cloud service, but in your device security. If your device is vulnerable, if you don’t have security software or update your operating system, you become the criminals path to the cloud service.
  • Because the cloud is such a huge vault for holding all kinds of data, more things just simply can go wrong. The user must decide who’s better at protecting his data: a system with more resources (the cloud), or the user himself?

New doesn’t mean safe.

  • A brand-new computer or mobile device may come with preinstalled “back doors” for hackers. This is legal so that law enforcement can more easily track the bad guys in life. These back doors are vulnerabilities that can let in hackers. Do your research when making an investment in technology and install antivirus immediately.

No software is perfect.

  • Think of antivirus and antimalware as the “exterminator” who comes to your house to get rid of bugs. There’s a reason that pest control companies no longer refer to themselves as exterminators. This term implies they can kill every last bug and its eggs. They can’t. There will always be a bug somewhere, but the pest control technician can at least prevent infestations and swarms. Likewise, protective software is not 100 percent infallible, but it goes a long way in preventing computer infections.
  • So even though it’s not perfect, you absolutely must use protective software.

Mind the software update messages.

  • Don’t get annoyed by these; allow them to take place. Don’t hit “remind me later,” because chances are this will become a habit. You don’t want to delay the updates. They mean a security hole was detected, and now it can be patched. Don’t wait till later! Better yet, set all security software to automatically update.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. Disclosures.

Town sees Big Spike in Burglaries

/in /by

Why are so many burglaries hounding the town of Los Altos in California? There were 79 reported in 2013, but 118 for 2014. This past January and February there were 36. At that rate, by Christmas 2015, it’s unthinkable what the total number of burglaries will be.

1HIn a report on mercurynews.com, the Los Altos police chief, Tuck Younis, is quoted as saying, “It sickens me, as the one who is responsible to keep the city safe, that’s occurring. It sickens every member of our department that’s occurring, especially at the volume that is occurring in our city.”

He spoke this to an assembly of over 200 town residents. Chief Younis added that the number of burglaries is “unprecedented.” In fact, the cities of Sunnyvale and Mountainview—neighbors to Los Altos—have also been stung. And not just by local thieves, but thieves from all over.

Chief Younis speculates that a prison realignment is responsible for the spike in burglaries; convicts are getting released sooner.

And these burglars are going after hard-to-trace loot like jewelry and cash, rather than iPhones and video games. And they’ve been hitting homes both during the day and in the middle of the night.

The police have reassured residents that they are doing everything possible to break this spike up, and that there’s even been some arrests. Nevertheless, residents were instructed to be extra alert and not to hold back from reporting any suspicious activity.

Residents should also beef up their home security as well as take non-techy measures to make their homes unappealing to burglars. Being aware of the little things will make a difference, such as not letting newspapers collect in the driveway because you haven’t felt like getting the paper for a few days and not letting the lawn become overgrown—signs to a burglar that nobody’s been home for a while.

Keeping windows and doors locked at all times, using a deadbolt on doors and Charlie bars on windows, and keeping lights on will also help repel burglars. You can even get semi-techy by installing a fake video camera above the front door that a thief won’t miss—this is a good deterrent to the bad guys.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Paralyzed Home Invasion Victim speaks

/in /by

If a home invasion doesn’t leave you dead, it might leave you permanently paralyzed, like it did Richard Potorski, who was shot two years ago and can’t move from the chest down.

On January 8, 2013, Potorski went to his Maine home for lunch after work. Moments later he saw a gun pointing at him; it went off. He played dead—which wasn’t hard to do because his spinal cord had been severed—until his wife found him 90 minutes later.

Potorski says he doesn’t know the shooter, and even though he has a misdemeanor drug charge on his record, he was not involved with any drug deals with the shooter—Ronald Bauer, who received a 30-year prison sentence.

It’s a myth that most burglaries occur at night. Gee, night is when most people are home. Most people are gone during the day at work. Burglars know that. What if Potorski had had a security system on that fateful day? This isn’t a blame-the-victim mentality; it’s a very fair question.

Imagine Bauer trying to gain entrance and a screaming alarm sounds. He would have fled like a bat out of hell. Or suppose there was no alarm system, but the door had a top-of-the-line deadbolt and reinforcement system, and the locked windows all had Charlie bars and penetration-proof film. Bauer wanted to get in quick without attracting attention. Why would a burglar want to be seen spending 20 minutes trying to break into a house? Yep, it’s a very fair question.

Evaluate your lifestyle so that you can have an idea of what kind of security system will best suit you. For example, if you’re away a lot, or even only from 8:00 to 5:00, you’ll need a remote monitoring system.

Today’s systems are really cool in that you can even receive e-mails and texts about variables that the system detects. You can even see what’s going on with real-time surveillance transmitted to your phone.

Imagine that someone breaks in while you’re exiting your worksite to go home for lunch, and you get the alert on your phone. You connect and see some druggie trashing your place looking for cash. You won’t get shot by him. We live in a cruel world and need to be prepared.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.