Why go with a Wireless Security System?

One reason to go wireless is obvious: Who wants all sorts of wires built under their house, which requires more than just the abilities of a recreational DIY enthusiast, like the old fashioned home security systems required? Not only is this a hairy, time consuming installation project, but a crook could clip the wires (if he gets into your house).

4WBenefits of Wireless

  • Installs in minutes.
  • Someone with basic DIY skills can install it.
  • All sorts of plans for all budgets.

Beware, though, that if a wireless system is not installed correctly, a burglar could get past it and doesn’t even have to enter your house to disable it.

However, do not let this turn you away, because when installed right, a wireless system has many benefits:

  • Full remote access from your smartphone or any connected device.
  • Easy install and easy removal if you are an apartment dweller.
  • Wireless systems can be as robust as wired and include security cameras.

You may be a candidate for wireless if:

  • You want to feel safer checking on the status of your home before going inside after being out for a while.
  • You have kids and must be away when they return home from school and you want to check in on them.
  • An elderly relative lives with you and you want to make periodic realtime checks.

Three Types of Wireless Connections

  • Landline. A wireless system can run through a landline, which means they are not dependent upon the Internet or a cellphone signal. It will stay activated during a power outage. Landline is cheaper than cellular or broadband wireless.
  • Cellular. Signals go to a cell tower and are faster than with landline. Seconds count in an emergency, and the faster signal means faster help. Cellular offers remote capabilities, being able to monitor your home far away on your smartphone.
  • Broadband. Instead of the signal being directed to a cell tower, it goes though the broadband Internet connection. This type of system is comparable in price to the cellular, and the signal is much faster than that of a landline connection.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Case allows Employees to run amok on Social Media

Lesson learned: If you run a fast-food restaurant or any company for that matter, you’d better treat your employees right. After all, they have a legal right to tweet all they want about you.

14DA Chipotle Mexican Grill in Havertown, PA, had a ban in place: Employees are prohibited from using social media to spread “inaccurate information” or “disparaging, false or misleading statements.”

But the National Labor Relations Board recently deemed that this rule violates federal labor law, even though an employee, James Kennedy, had tweeted less-than-favorable information about working conditions and had also circulated a petition (that the franchise tried to ban).

Chipotle violated the NRLA, according to the administrative law judge, when it demanded that Kennedy cease tweeting and delete the other tweets.

Another violation on Chipotle’s part was the firing of Kennedy, who had refused to stop circulating a petition among coworkers after a manager ordered him to do so. Kennedy’s use of social media was a protected activity under the law, and so was his circulation of the petition. The establishment was ordered to reinstate Kennedy and pay him lost wages.

Just what exactly was Chipotle’s rule about circulating a petition? It barred employees from doing this even during non-working hours and within visual or hearing range of patrons.

Chipotle was ordered by the NLRB to reverse its rules pertaining to social media and solicitation of petitions. And believe it or not, Chipotle even had a policy in place that banned discussing politics on the job. This ban, too, was lifted, courtesy of NRLB’s order.

Chipotle corporate was also required to make sure that all of its employees in the U.S. would be made aware of these policy reversals.

As of August 19, neither Chipotle nor its legal team have responded to any requests to comment.

Frankly, as an employer, this ruling is scary. And knowing employees often blather on about anything and everything, this ruling may open a can of worms that can’t be put back in.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Pokemon Go a Network Malware Nightmare

Pokémon Go has taken the world by storm, even though it is nothing more than a silly little game that people play on their mobile device. And it is not just child’s play, either. Plenty of adults are hooked on Pokémon Go—including college degreed professionals who conduct business on company owned devices as well as mobile devices of their own that they bring to work.

6DPokémon Go is chockful of security risks, says the International Association of IT Asset Managers. If you run a company in which employees use your mobile devices, and/or you permit or know that employees conduct your company’s business on their personal phones, you’d better take this warning seriously.

Employer solution: ban the Pokémon Go application from mobile devices: those given to workers by the company, and those personally owned by the workers who bring them to the workplace.

Pokémon Go malware is on the upswing, and it poses a security threat to company e-mail. It also presents a possible malware threat to cloud storage.

Company decision makers must not be swayed by the popularity of this game, and instead, must see it for what it truly is: just a game. So yes, it just might be one of the smartest moves a company may make to outright prohibit this app for BYOD and company owned mobile phones. Or, at least, abolish it on just the company owned devices. But something needs to be done, urges the IAITAM.

Company decision makers can ask themselves a classic question: “Is my company better with Pokémon Go or without it?” Or, to put it another way, create a risk-benefit ratio. How can this game possibly benefit employees? How can this game harm the business? See which list is longer or has more compelling answers.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Computers perfectly forge Handwriting

Handwriting analysts really have their work cut out from them now, thanks to the development of new software that can forge—better than a human can—a person’s handwriting. So if you are worried about identity theft, add one more element to the kettle: a crook getting ahold of this software (developed at the University College London) and perfectly duplicating your signature.

Computer crime concept

Previous attempts to create computer generated forgery that looked real have flopped, a la, “This looks like a computer did it!”

A new algorithm has been invented that very much simulates the way a human creates handwriting. One of the tell-tale signs of computer generated signatures or other cursive is that it looks too perfect, particularly the linking of characters to each other.

The new algorithm captures the human qualities of penmanship, including:

  • The joining of the characters. Note that with those fancy fonts that look handwritten, the joining of each letter is so perfect that you can tell it is computer generated.
  • Varying degrees of thickness of the characters—which results from continuous changes of pressure that a person exerts on the writing implement, as well as varying flow of ink from the pen.
  • Horizontal and vertical spacing of characters.

These variations mimic the handwriting of a human, not robot. All the algorithm needs is one paragraph of someone’s handwriting to calculate and deliver the replication.

And you are probably wondering why this algorithm was developed, aside from maybe the researchers’ hunger for finally figuring out the puzzle to replicating handwriting with a computer. Obviously, this technology can get into the wrong hands, such as those of identity thieves, plaintiffs in personal injury lawsuits who want to forge a doctor’s signature, and other litigants in legal cases.

But this algorithm has a place in the world of good. For instance, for those whose ability to physically generate cursive is impaired can use this tool to create stylish handwriting or writing that looks like theirs used to.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Ransomware a $2.5 Million Service

One bitcoin = $590.

11DIf you’re sucked into a ransomware scam, you’ll likely be charged at least one bitcoin for the cyber key to unlock your computer’s files—that are being held hostage by hackers.

A report from Check Point Software Technologies and IntSights has discovered a gigantic ransomware-as-a-service (RaaS) ring, raking in $2.5 million yearly. Eight new scam campaigns are launched every day, with dozens of campaigns already in action, tricking people into allowing the ransomware software (namely Cerber) to take control of their computer.

Just in July, it is believed that victims were cleaned out of $200,000. Ransomware specialists have become quite sophisticated, having developed what is called bitcoin mixing: This prevents ransomware profits from being traced. Their technique bypasses even the blockchain, which is a database that records every Bitcoin transaction.

The crooks so not pool all of their profits into one “wallet,” but rather, they mix things up, splintering the profits into thousands of different wallets, creating a jumble that makes it impossible to track individual transactions or their origins.

Cerber is being sent out with automated tools that attack the unsuspecting in large masses; no longer is this ransomware software the weapon of only the highly skilled master hacker. In fact, the software can even be rented for malicious use, and a high level of tech savvy isn’t even required.

All a thief need do is get on the Dark Web and pay a hacker to commit the crime. Of course, the hacker will have to get a nice chunk of the pie. Though several other countries are getting hit harder with Cerber, the U.S. is in the fourth spot for the most targeted country.

Not surprisingly, the phishing e-mail is the scam of choice for ransomware specialists, with malicious attachments that recipients are tricked into opening—which then download the infection. The other way that Cerber takes control of computers is via the exploit kit-based campaign.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Jihadis using easy to get Privacy Software

Over the past two years, the media has tended to sensationalize jihadists’ rapid adoption and strategic use of social media. Despite perpetual news coverage on the issue, the public, by and large, continues to be relatively in the dark about the intricate ways in which many jihadists maintain robust yet secretive online presences.

To accomplish their goals — ranging from propaganda dissemination and recruitment to launching attacks — jihadists must skillfully leverage various digital technologies that are widely advertised and freely accessible online.

Just as smartphones and portable devices have transformed the way much of the world communicates and interacts, jihadists, too, have rapidly adopted and availed themselves of these technologies.

Their grasp of technology, which is quite savvy, yields one of the most frequently asked questions about the jihadists today: What is in their digital toolbox and how do they exploit these technologies to benefit their activities? This report explores these questions.

ISIS is no exception to the many entities out there, good and evil, who want a strong grasp on technical savvy, particularly software that can oppose surveillance. The Dark Web is abuzz with jihadist threads about how to beat surveillance systems. And they’re learning a lot, says a report from Flashpoint, a cybersecurity firm.

For instance, ISIS knows how to use Tor and Opera to scavenge the Web undetected. That’s just the beginning of their software knowledge. Jihadists also use:

In short, ISIS is very well keeping up with communications technology. Evil can be technologically savvy, too. Do not underestimate the technical prowess of jihadists, even though it seems as though some of them live rather primitively.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Man raises a Family on Dead Man’s Stolen Identity

Imagine you learn your husband (or wife) of 25 years is really a different person. That’s what happened to Mary Hickman—25 years after she married a man who had identified himself all those years back as Terry Jude Symansky. The Florida couple had a son and lead an uneventful life, with Symansky working different jobs and even acquiring a pilot’s license.

11DIn actuality, Symansky was really Richard Hoagland, who’d been married twice before, who had lived in Indiana and then mysteriously disappeared and was eventually presumed dead. He had stolen the real Terry Jude Symansky’s identity and got away with this for 25 years—until he was busted by Symansky’s nephew.

The nephew learned of the identity theft, something he never even suspected, via Ancestry.com. He reported this to the police, who then alerted Hickman.

Hickman subsequently came upon documents in the attic proving that her husband was an imposter of a man who had died in 1991 in a drowning accident. Hoagland, 63, was arrested.

So why had he vanished from Indiana? There, he’d had four kids with two wives. He had wanted to get away from one of the wives, so he up and left, though he told her it was because the FBI wanted him for the theft of millions of dollars—a claim that has yet to be substantiated.

How did Hoagland steal Symansky’s identity in the first place? It certainly helped that he had once been living with the dead man’s father, where he had found a copy of Symansky’s death certificate. He had used this document to get a birth certificate, and armed with that, he was on his way to assuming the identify of a man who had never even been married nor had any kids—which had made it even easier for Hoagland to pull off his caper.

We can probably thank those Ancestry.com commercials for causing the chain of events that led up to the crook’s arrest.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

What age is it OK to leave Kids home alone?

Sooner or later, you’ll need to leave your child home—unsupervised, alone—for an extended period. And even though you may have smart devices to keep a constant check on your child, this doesn’t mean you can instantly teleport home in the event your smart security system relays a realtime video of a kitchen fire.

12DIt’s one of the toughest challenges facing parents: At what age can they leave a child home alone without breaking the law, without endangering that child? Even if your child is older than the minimum age to be legally left alone, this doesn’t mean they’re ready to face this new chapter.

  • A very emotionally mature, 10-year-old child may be very small for their age, and a crook passing by the house may peer in and think that a seven-year-old is all alone inside—making a break-in tempting.
  • An eight-year-old may be the size of an 11-year-old, which could fool a prowler peering in, but having the mind of an eight-year-old won’t help in a crisis situation.
  • Your feisty but responsible nine-year-old may be begging to be left home alone, have passed a first-aid test and be a junior blackbelt.
  • Or, your skittish 13-year-old may be very bright, but…to put it succinctly, be a scaredy cat.
  • Is the neighborhood popular with burglars?
  • Is the child sick?

Laws are ambiguous. Just what is “adequate supervision” anyways? And is it redefined with different ages? Obviously, you don’t want to leave a nine-year-old alone for even one hour with the new, 95-pound rescue dog, or leave a young child home during a storm. A 12-year-old may seem old enough to be left home alone for a few hours, but not in charge of his two-year-old sibling.

The various U.S. states do not have clear explanations; it’s up to the parent to interpret each circumstance. And only three states specify the minimum age: Maryland is eight; Oregon is 10; and Illinois is 14 … even though many girls begin babysitting late into the night at age 11.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

The Switch to the Chip Card – One Year Later

The October anniversary of the liability shift has passed, and anniversaries are an excellent time to look back on progress…this is no exception. The U.S. EMV migration plan was set four years ago as a way to fight card fraud and to protect both consumers and merchants.

the-shift-to-chip-infographic-11-1-2016Back in the day, we had one choice when we wanted to purchase something, and that was cold, hard cash. However, a few decades ago, people began using credit cards for everyday purchases instead of for only big ticket items, such as refrigerators. Though this was certainly convenient, it also opened the door for the bad guys to not only access your credit card information, they could use this information to make purchases and even to learn more about you and steal your identity. Over the past couple of years, once again, we in the U.S. are changing things up when it comes to how we use credit and debit cards. Our new cards, the ‘chip cards,’ as in use in most other places in the world, are making it safer than ever before to make purchases.

Love ‘em or hate ‘em, these new chip cards and terminals are working to eliminate card fraud, and they are working very well. The way we pay in the U.S. needed a huge overhaul, and this security upgrade was an attempt to make things safer. Data and research confirms that this new technology has had a great impact on reducing card fraud.

Don’t get me wrong. This transformation has not been without a few headaches for merchants and consumers but believe me…things are improving, and they will continue to improve as businesses complete their shift to the chip. How much? Mastercard fraud data indicates that there was a 54 percent decrease associated with counterfeit fraud when comparing data from April 2016 to April 2015.

We Have a Strong Start, But There is Still Work to be Done

When considering everything, the U.S. is off to a solid start, but we still have work to do. When looking at the more than 150 world markets that use chips in cards, we know that more chip transactions must be done before we can see a significant drop in fraud. To do this, we will need about 60 percent of chip terminals interacting with a minimum of 60 percent of chip cards in market. If you have one or have seen chip cards, you likely know that we have gone well beyond that 60 percent mark on cards, but only about 30 percent of store terminals are set up to accept chips.

Another thing that we need to do is continue to speed up the certification process for merchants. The faster we can get chip terminals in stores, the faster we will see these card fraud levels drop.

We also need to increase the speed of which these transactions occur. If you have used a chip terminal, you know that it feels like a slower process than the ‘swipe’ we are used to. The payments industry is hard at work to address this issue, and new technologies are being created to speed up transaction times when using these payment methods. Remember, even though the process feels a bit slower right now, you are significantly safer when using a chip card.

Ultimately, if we can have a little bit of patience with the process and endure these short-term issues, we will all greatly benefit when it comes to payment security. We are already moving in the right direction, and if we keep adding terminals and encouraging the use of chip cards, we will definitely see even more improvement when we compare with next year. Before you know it, most forms of card fraud will be all but gone thanks to the switch to the chip.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

How prepared are You for your Long Distance Road Trip?

If you’re planning a lengthy road trip, there are many things you’d never think to bring with you that could get you out of a crisis situation. You need way more than just that blanket in the trunk, car jack and spare tire, umbrella, rainproof poncho, utility tool and fire extinguisher.

041Weather

  • Sunglasses, sunscreen, wide brimmed hat
  • Cold climate: thermal underwear, wool/hat/scarf/mittens, chemical heat packs, snow boots, windshield de-icer, cat litter (cheaper and lighter than sand, will give traction to a vehicle stuck in snow/ice)

Accident/Vehicle Breakdown

  • Flares, reflective warning triangles
  • “Call Police” sign. This goes against the rear window with the message facing motorists approaching from behind. If a predator sees a stranded female motorist, he’ll be tempted to stop and assault her. But if he sees the “Call Police” sign, he has no idea if another motorist called the police and the cops are only two minutes away.
  • Head lamp (will come in handy for changing a flat tire in the dark)
  • “LifeHammer” type tool: It slices through seatbelts and smashes through glass.
  • Paperwork: auto insurance card, medical card, list of important numbers, paper pad, pen
  • First aid kit
  • The auto emergency kit should include batteries, jumper cables, antifreeze, tire inflator, tire gauge, foam tire sealant, duct tape, flash light and glow sticks.

Self-Defense

  • Pepper spray
  • Ear horn, whistle

For Being Stranded

  • Spare water
  • Food designated for emergency use: nutrition or energy bars in a flavor you don’t like, and a few cans of dog food. Often, stranded motorists eat through their emergency food too quickly. This won’t happen if you’re looking at that gritty-tasting low carb bar or Liver Chunks dog food.
  • Small mirror (to reflect sunlight to search-and-rescue aircraft)
  • Toilet paper, sanitizing wipes, garbage bag, wire ties, urinal
  • Spare sneakers and socks

Miscellaneous

  • Car compatible phone charger, preferably solar and hand crank powered (in a separate article of mine, I discuss numerous great apps for your smartphone when driving long distance)
  • Often, before people embark on a long road trip, they have weeks, sometimes months of advance notice (such as for a move or vacation). During that time, you should commit to getting as physically fit as possible. You just never know what demands will be placed upon your body as a result of some mishap during your road trip. For example, a physically fit body can better withstand walking for long periods in the heat while carrying a toddler and rucksack than can a de-conditioned body.
  • Also during that time, take self-defense lessons.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.