Are Your Employees Putting Your Company at Risk? Here’s How to Find Out!

Even if you have the best security on your computer network, you might have noticed that you still seem to get hacked…or worse. Ask Equifax. Why is this happening? It’s probably because a member of your staff has made it easy for cyber criminals to get inside. It’s really important that you find out who this person is, and keep in mind…it might be more than just one. And it may not even involve security technology.

Part of the problem here, is that employees who “open the door” for these criminals probably don’t even realize they are doing it. These criminals are smart, and they make themselves look really authentic. Sometimes, these crooks even disguise themselves as people your staff know. So, how do you find out who’s letting the bad guys in? Here are some things to try:

Phishing simulation:

  • Set up a fake website, and then create a fake email campaign. Send these out to your staff members from a fake address, or better, a real looking address similar to your corporate domain, and see how many people take the bait. You might have to work with someone on your IT staff to spoof the sender’s email address. Make sure it looks legitimate or they will see right through it.
  • Though this might take some time and effort to do, it is a good way to find out where your worries might lie in regards to the cyber security knowledge of your staff.
  • You can also hire a security expert to do this for you. They will create, run, and track your campaign. However, these experts are not cheap, and the campaign isn’t just a one-time thing. Instead, it’s ongoing.
  • There are also many phishing simulation security awareness vendors offering free trials just to see how vulnerable you may be.
  • It only takes a single click to cause a data breach. So, your main goal with this experiment is to find out who that clicker is. Or, who ALL those clickers are.
  • You should send out several fake emails, which ask your staff to click a link. Make sure, however, that they are very random. They shouldn’t be on any type of schedule.
  • Remember, you want to make it look like these are coming from a trusted source. Like a charity, existing vendor, coworker, company officer etc.
  • When you find out who is prone to clicking, you should take them aside and fill them in on the campaign. Don’t lecture them or discipline them. Instead, show them what they did wrong and fill them in on the consequences.
  • Some phishing simulation security awareness vendors offer ongoing computer based training specializing in bringing these clickers up to speed and changing their behavior.
  • Now that you know who the clickers are, send them other staged emails a couple of times a month. See if they click again.
  • You may choose to make sure they know that the random fake emails are coming. This helps to keep them alert to this issue. Or, not and see how that affects their behavior.
  • By using this approach, you can help your staff slow down a bit, and really think about what they are doing when they get an email with a link.
  • You can also create a company policy: Do NOT click on any links in emails on company computers. This helps to stop the need for that employee analysis and will make your staff question each email that comes through.
  • Even with this policy in place, continue to send fake emails to see if someone is disregarding the new rules.

Criminals use fundamental principles of influence and the basics in the psychology of persuasion. There is a science to their process no different than how advertisers, sales and marketers get us to buy stuff. Getting snared isn’t difficult. Being smart and cautious isn’t difficult either. It just requires a little training and reprogramming.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

10 Internet Security Myths that Small Businesses Should Be Aware Of

Most small businesses don’t put as much focus on internet security as they probably should. If you are a small business owner or manager, not focusing on internet security could put you in a bad spot. Are you believing the myths about internet security or are you already using best practices? Here’s a few of the most common myths…take a look to see where you truly stand:

Myth – All You Need is a Good Antivirus Program

Do you have a good antivirus program on your small business network? Do you think that’s enough? Unfortunately, it’s not. Though an antivirus program is great to have, there is a lot more that you have to do. Also, keep in mind that more people than ever are working remotely, and odds are good that they are working on a network that is not secured.

Myth – If You Have a Good Password, Your Data is Safe

Yes, a strong password is essential to keeping your information safe, but that alone is not going to do much if a hacker is able to get it somehow. Instead, setting up two-factor authentication is essential. This is much safer. Also make sure that your team doesn’t write their passwords down and keep them close to the computer or worse, use the same passwords across multiple critical accounts.

Myth – Hackers Only Target Large Businesses, So I Don’t Have to Worry

Unfortunately, many small business owners believe that hackers won’t target them because they only go after big businesses. This isn’t true, either. No one is immune to the wrath of hackers, and even if you are the only employee, you are a target.

Myth – Your IT Person Can Solve All of Your Issues

Small business owners also believe that if they have a good IT person, they don’t have to worry about cybercrime. This, too, unfortunately, is a myth. Though having a good IT person on your team is a great idea, you still won’t be fully protected. Enlist outside “penetration testers” who are white-hat hackers that seek out vulnerabilities in your networks before the criminals do.

Myth – Insurance Will Protect You from Cybercrime

Wrong! While there are actually several insurance companies that offer policies that “protect” businesses from cybercrimes, they don’t proactively protect your networks, but will provide relief in the event you are hacked. But read the fine print. Because if you are severely negligent, then all bets may be off. In fact, it is one of the strongest growing policy types in the industry.

Myth – Cyber Crimes are Overrated

Though it would certainly be nice if this was false, it’s simply not. These crimes are very real and could be very dangerous to your company. Your business is always at risk. Reports show as many as 4 billion records were stolen in 2016.

Myth – My Business is Safe as Long as I Have a Firewall

This goes along with the antivirus myth. Yes, it’s great to have a good firewall, but it won’t fully protect your company. You should have one, as they do offer a good level of protection, but you need much more to get full protection.

Myth – Cybercriminals are Always People You Don’t Know

Unfortunately, this, too, is not true. Even if it is an accident, many instances of cybercrimes can be traced back to someone on your staff. It could be an employee who is angry about something or even an innocent mistake. But, it only takes a single click to open up your network to the bad guys.

Myth – Millennials are Very Cautious About Internet Security

We often believe that Millennials are very tech-savvy; even more tech-savvy than the rest of us. Thus, we also believe that they are more cautious when it comes to security. This isn’t true, though. A Millennial is just as likely to put your business at risk than any other employee.

Myth – My Company Can Combat Cyber Criminals

You might have a false bravado about your ability to combat cybercrime. The truth is, you are probably far from prepared if you are like the majority.

These myths run rampant in the business world, so it is very important to make sure that you are fully prepared to handle cybercrime.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Creating a “Plan B” for Survival

What do you do if you have a “Plan A” for survival, but you realize that it’s a bad plan. Do you have a “Plan B?”

Forget about doing things like running to the grocery store right before the snow storm of the century hits. Everyone else in your town or city will do the same.

The convenience stores are supermarkets are the prime places where panicked people will go for water and food. While they are doing that, however, you can get your supplies at places no one else will ever think to look.

Before the next major disaster hits, locate all of the companies and sources of water within two miles of your house. When making this list, don’t assume that a business you see won’t have something valuable. When the list is done, take your time and go through it to determine if they might have something valuable to you.

For instance, a business that you might not consider as a source for water, such as a dental office, absolutely has water. So do gyms and beauty spas. Speaking of gyms, they often sell food, too. Also, don’t forget the local hobby shop. It likely has twine and wood. Bookstores often have sandwiches, pastries, and bottled beverages available, and office supply stores often have things like candy, crackers, and other snacks.

It’s probably best if you use a bicycle to get to these places, because a car might not be able to get through. Also, don’t wait until the main event to see if your bike works. Test it out beforehand. Additionally, get yourself familiar with the different routes to get to these places. In a disaster situation, your normal route might be blocked. Finally, start “training” for this by riding your bike for a few miles a couple of times a week. Carry a heavy duffel bag with you, too. Doing this with no practice can be quite difficult.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Freezing Your Child’s Credit: What You Need to Know

You might not think about this, but identity thieves really want your child’s Social Security number. If they get this number, they can do a lot, including buying a car, renting an apartment, opening a credit card account, or getting a mortgage. The Social Security numbers of children are great for the bad guys for several reasons:

  • Generally, children have a clean record
  • Crooks can use these numbers to obtain credit
  • Kids usually don’t check out their credit reports until they go to college or buy a car or home. So, the crook can get away with it for years.

As a parent, you should think about putting a freeze on your child’s credit report. Why a freeze? Because credit monitoring isn’t enough. That doesn’t always stop a criminal from opening an account using your child’s Social Security number, but a freeze does.

Experian

  • Required by law to freeze a child’s credit no matter what state they live in.
  • Parent gets a free copy of the child’s existing credit report.
  • Could be a small fee unless the parent can prove the child’s identity was compromised.

Equifax

  • This is free to parents if they want to get the freeze.
  • The child doesn’t have to already be a victim of identity theft.
  • To request a security freeze with Equifax, you can contact them online or via phone at 1-888-298-0045

Trans Union

  • Required by law to freeze a child’s credit no matter what state they live in.
  • Parents can check to see if their child has a credit file.
  • Only some states allow credit freezes, and some fees might apply.

Innovis (A fourth credit reporting agency)

  • Required by law to freeze a child’s credit no matter what state they live in.

The laws have changed and now allow parents to freeze their child’s credit no matter what state they live in. It’s important that you find out what your particular state’s requirements are. Watch for these signs that someone could be using your child’s credit:

  • You get a notice from the IRS that your child hasn’t paid income taxes.
  • You get a notice from the IRS that your child’s SSN was used to file a tax return.
  • You get collection notices in your child’s name for things they (or you) didn’t purchase.
  • Government benefits are rejected because they are going into another account associated with your child’s Social Security number.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Secret Self-Defense Weapons You Might Not Know About

Do you have a secret self-defense weapon on hand that you don’t even know about?

Here’s a few:

Canes. Might seem obvious…but…

Your first instinct would probably be to swing the cane like a baseball bat. However, this isn’t the best way. An attacker can easily grab it, dodge it, or deflect it. Instead, take a class to learn how to correctly yield your cane.

  • If you use a cane, consider taking a “cane-fu” class.
  • The best cane to use is one with a strong handle.
  • Don’t think that you can’t fight with your cane because you need it to walk.
  • Avoid any cane that has a hidden sword or knife unless you have training with a blade.

Magazines

Trying to hit someone with a magazine that is not rolled up is worthless. Even if you swat with a rolled magazine, you might not get too far. Why? Because aimless swats are NOT the way to use a magazine as your weapon.

  • The best way to use a magazine as a weapon is to use it like you would use a hammer. Think of it this way: your arm is the handle of the hammer, and the rolled-up magazine is the head. Basically, the end of the magazine roll gets struck into the attacker, and it should be perpendicular to whatever it is striking. This gives it a big impact into a small area. Try to aim at the nose, neck, groin, or temple. This stops an assailant long enough for you to escape.
  • Consider carrying around a pre-rolled magazine that is closed with large rubber bands. That way, it’s easy to grab if needed.
  • Magazines are plentiful on airplanes. Just saying.

Flashlights

Some flashlights are designed specifically for self defense with a point bottom end. Others have a grip handle and are weighted specifically as a blunt instrument.

  • You can use a flashlight in the same way that you use up a rolled-up magazine.
  • Since a flashlight is more solid than a magazine, however, it is more effective.
  • The light pointed in someones face can be a temporary blinding deterrent.

Pens

Self defense pens are also known as tactical pens and are designed specifically to debilitate another human. The beauty of a pen is its non-threatening when carried in your hand and doesn’t look like a weapon.

  • You probably think the best place to sick a pen is the eye. It’s great, but there are other places, too.
  • You can also stab a pen into the nose, temple, or neck. Any of these places willdisable your attacker.
  • If you jam the pen into the collarbone, it can also stop someone in their tracks.
  • You can also aim for the cheek, groin, ear, or top of the hand.
  • Just keep jabbing until you can get away from the attacker.

Belts

A leather or nylon belt has more self defense uses than you’d think. You can also purchase a belt with a built in knife. But you really need to know what you are doing to fight with a knife.

  • A belt with a heavy buckle is best
  • The key to using a belt as a weapon is to easily pull it out of your pant belt loops.
  • Once it’s free, you can whip the belt at your assailant. Make sure to use the end with the buckle to strike. Don’t attempt to strangle the attacker with your belt; that only works in a movie.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Protect Your Company with This Social Media Security Advice

Social media is an excellent tool for small businesses, yet, the use of social media by small business staff can definitely put the company in danger. Many small business owners and managers don’t realize this.

Recently, I was talking to employees of a credit union about what to do in a robbery. Before this presentation, police officers had staged a robbery in the same credit union. The fake robbery was so real, some of the tellers were brought to tears, thinking they were really getting robbed.

After they were filled in on what was happening, everyone on the team discussed it. One of the most telling moments is when one of the tellers shared her story. During the mock robbery, one of the “robbers” handed a teller a note. It said this: “Your husband works at Pine Street Motors. We kidnapped him this morning. He is being held at another location. If you hit the alarm and notify police, he’s going to be killed.”

How did the bad guys know that her husband worked at Pine Street Motors? They simply looked online. They found the name of the bank, and then found out that the teller was listed as working at the bank on social media. Her social media account was connected to her husband’s, and his account said that he worked at Pine Street Motors.

Yes, it was that easy.

Here are some tips for social media that you might want to share with your staff:

Don’t Tell the Internet Where You Work

Tell employees that it’s not a good idea to share too many details about their work on social media pages. Though you can’t stop them from adding their employer on Facebook, you can tell them how this information can be used against them and the company. Make sure that they understand that this information could backfire and harm everyone involved.

Teach Your Staff How to Use Privacy Settings

You should also teach staff how to manage their social media privacy settings. Ideally, they should have maximum protection on every account. The default settings are lacking, and those put them at risk for hacking. You should also tell them that even the highest settings that social media sites have won’t keep everyone out. However, this level of protection is better than nothing.

Create a Workplace Policy for Social Media Use

Set up a policy in your workplace for social media use. Make sure this policy covers what employees associated with your company can say and what is totally prohibited.

Stop Banning the Use of Social Media in the Office

The moment you ban the use of social media at work, that’s the moment that someone will sneak around and do it anyway. This, of course, leads to dangerous things, as they can try getting around the firewall and other things that make your network vulnerable.

Train Your IT Team

Finally, make sure that your IT team is up to date on the latest ways to combat online-security issues. These teams must also know about the security risks that your business faces due to social media.

Additionally, the policy for employee social media use should be examined and updated quite regularly, and make sure to enforce it, too. Invest in anti-virus protection and make sure that all operating systems and browsers are always kept up to date when updates become available.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Mobile Phone Numbers Are as Sensitive as Your Social Security Number

All of us have cell phones these days, and if you are like the vast majority of the population, you access everything from social media to banking information right from your mobile phone. However, if you do this, which everyone does, you are putting yourself in the position to get hacked. With only your mobile phone number and a couple other pieces of information, a hacker can get into these accounts and your life could drastically change.

How does this work? If a hacker already has your mobile phone number, they can get other information, such as you address, birthday, or even the last four digits of your Social Security number, through social engineering schemes via email or on social. Once they have this information, it’s like handing your phone over to them and letting them do as they please, including accessing your accounts.

The scam may not even begin with you, it may begin with the mobile phone companies themselves. There have been many incidents where the carriers are scammed into handing over troves of personal identifying information to scammers posing as the victim. In many cases the phone companies are even allowing the scammers to get phones with the actual victims phone number by transferring everything to a new phone the perpetrator charges to the victims account.

Here are some things that you can do to keep your mobile phone number safe:

Use Your Passcode – You can and should put a passcode on your phone, you should definitely do it. This isn’t totally foolproof, but does give you an extra level of protection.

Add a Passcode – Your mobile carriers online account should have an additional second passcode to make any changes to your account. This additional passcodes works with both the web and calling customer service. Nothing happens unless this additional passcode is presented.

Disable Online Access to Any Mobile Phone Account – This is frustrating, of course, but it certainly can protect you. If you need to change your account, you should go to the store or call your provider.

Use Google Voice – Google Voice is an excellent choice for many, and you can even forward your current number to your Google Voice number. This helps to mask any call you make, which means no one can have access to your real number.

Access Your Cell Phone Account with a Carrier-Specific Email Address – Most of us use our email addresses and phone numbers to access our online accounts. However, you should really have three separate emails. One should be your primary email address, one should be only for sensitive accounts, like your bank or social media accounts, and one for your mobile phone carrier. This means, even if your main email is hacked, the hackers cannot get into your other accounts.

Talk to Your Carrier – Consider asking your carrier to make a note in your account to require a photo ID and special passcode before any changes are made. Though it’s possible that a hacker could pose as you with a fake ID, the chances are quite low that this would happen.

Use Complex Passwords – One of the best ways to protect online accounts is to use complex passwords. Or at least a different password for every account. You should also use a password manager. If you don’t, make sure your passwords are very random and very difficult to guess like “58&hg#Sr4.”

Do Not Be Truthful – You also might want to lie when answering your security questions. These are easy to guess or discover. For instance, it’s probably easy to find out your mother’s maiden name. So, make it up…just make sure you remember it!

Don’t Use Your Phone Number for Important Accounts – Also, make sure that you aren’t using your phone number for any important account. Instead, use that Google Voice number. 

Use a Password Generator – This is part of two factor authentication. Protect yourself by using a one time password generator, as part of a two-factor authentication process. It may be your mobile or they look like keyfobs and produce a new password very frequently. The only way to get the password is to access the generator or your mobile.

Use a Physical Security Key – You should also think about using a physical security key. To use one, you must enter your password into the computer, and then enter a device into the computer’s USB port. This proves that you are the account owner. So, even if a hacker gets your password, they must also have the physical security key to access the account.

Think About Biometrics – Finally, to really protect your accounts, when available, use biometrics. You can buy biometric scanners that read your fingerprints, your iris, or even recognize your voice. When you use these, you cannot access any account until you scan your finger, eye, or speak.

Yes, it’s true that some of these seem time consuming, it is much more time consuming to have to deal with getting hacked or a stolen identity. So, take these steps to remain as safe as possible.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Self- Defense Options You Might Not Know About

If you are like most people, you probably haven’t done a lot of thinking about what you would do in a situation involving physical assault. Why would you? I mean, it’s unpleasant and scary. Further, depending on your physical makeup, you may think you’d probably lose anyway. However, you don’t have to have an MMA fighter’s body to defend yourself.

Attackers often look for targets who are unsuspecting. One of attackers “tools of the trade” is the element of surprise. So, live like your heads on a swivel which means be aware and do things like park your car or walk only in areas that are well-lit. You should also avoid parking next to a large truck or van where an attacker might pull you in

When you are in a parking lot, keep your largest house or car key poking out between two of your fingers. This makes a good weapon. If a bad guy approaches you and asks for your purse or wallet, give it to them. Your life isn’t worth whatever is in your wallet or purse.

If the attacker grabs you, scream as loud as you can. Tell him to “Get the F— away” as loud and angrily as possible. Profanities are fundamentally offensive and color the way we are viewed by others. This is no time for niceties; you should sound like a thug. This will alert anyone around that you need help.

Running away to a safe place should be your first choice when possible. Otherwise if you are backed into a corner, Do what is necessary to escape. That may mean fight like an alley cat or a junk yard dog.

You should push him, bite, knee, poke, gouge and whatever is necessary to inflict not just pain, but debilitating pain and continue screaming. You should make sure it hurts, so go for the ears, neck, nose, eyes, legs, and of course, his groin.

Don’t move any closer to your attacker unless you have no choice. Try to aim at a place where you can hurt them, but don’t have to get close. For instance, kick him in the knee instead of stepping close to poke him in the eye. If aiming at the upper body, use your hands; the lower body, use your feet.

Here are some specific areas to focus on:

Eyes

  • Gouge, poke, dig, or stab the eyes with your fingers or nails. This is disabling for several moments, especially if you do it several times.

Nose

  • Use your palm, elbow, forearm to push the nose upward, and use all of your body weight.
  • If the attacker is behind you, use your elbows and aim for the nasal bone.

Neck

  • Try to focus on the side of the neck where the body’s major blood vessels are located. If you hit the side of the neck with your hand or elbow, you can even knock someone out.

Throat

  • Blunt force trauma to the larynx or digging into the trachea makes it very difficult for the attacker to breath.

Knee

  • Even the largest, most burley men can be brought down by kicking him in the knees. Try to drive the foot into the side of his knee, which forces him to lose his balance and possibly tear an ACL.

Groin

  • Try to hit the groin with anything you can. Your hands, knees, elbows, feet, or even your head. Do it as hard as you can and do it as often as you can.

Normal people aren’t interested in fighting, for any reason. But in the unlikely event you are confronted by what turns out to be a dangerous person, fight like your life, or the life of a loved one depends on it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

The Term “Identity Theft Protection” is Often a Lie

If you are working for an IT security company, I have a message for you: the term “identity theft protection” is way overused and even abused as a marketing term. We know that this term is used to sell services and products, but does it really protect a user from being the victim of identity theft? No.

This is no different than labeling a food as “natural,” even though it is not actually “organic.” At best, this is incorrect information. At worst, it’s a total lie.

Every company with security solutions out there claims that they can protect identities. But, a firewall does nothing to protect a person from getting their identity stolen. The same goes with an encrypted thumb drive, antivirus software, or even phishing alerts.

Only true identity theft protection services monitor your identity. They do this by checking your credit report and scanning the internet for any sensitive personal info. It also looks for information such as the Social Security number, and if there is an issue, the service helps you solve the problem.

If you have identity theft protection right now, you might get an email like this each month:

We have been monitoring your credit reports from Equifax, Experian, and Trans Union, and we are pleased to inform you that we did not notice any new activity. As a user of our services, we will continue to check your credit report each day for your protection. We help to protect you from any financial losses and hassles that are associated with identity theft. You can log into our website and review your status at any time. Please click here and enter your username and password to get started. As always, our staff is standing by to assist if you notice any suspicious activity.

This is what you should get when you opt for identity theft protection. Don’t fall for the fancy marketing that security solutions companies throw at you.

At its basic level, this is what identity theft protection looks like:

  • Monitoring: continuous monitoring of your identity, privacy, and credit
  • Alerts: warning system rapidly notifying you when your personal information is at risk
  • Recovery: experts providing comprehensive, 24/7 recovery services taking care of paperwork, calls, and every detail to restore your identity

Do your research and don’t believe everything you see or read. Take the time to understand what you are spending your hard earned money on.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Do You Know How to Use a Knife for Survival?

Using a knife in a survival situation is a skill that can mean the difference between life and death. But, you have to know how to use the knife. Here is some information:

Knife Safety:

  • Carry a fixed-blade knife if you are going outdoors. It is less likely to get broken
  • Always keep a knife in its sheath. If you trip, it could cut or stab you if it is not contained.
  • Practice pulling the knife from the sheath, so that you don’t get cut. You might need to draw it very quickly.
  • Drawing the knife is a two-step process: first, hold the handle with one hand to loosen the blade. While doing this, push against the knife’s sheath with the thumb. Next, wrap your thumb around the knife’s handle and pull the knife away from the body.
  • When handling a knife, always use slow movements.
  • When handing the knife over to someone, use your forehand grip. Rotate the knife between your thumb and your forefinger. The knife’s handle should face the person you are giving it to, and the edge should point up. Don’t release the knife until the other person is holding it securely.
  • A sharp blade is much safer than a dull one because it requires less force.

Gripping Your Knife 

  • For most uses, handle a knife with a forehand grip. The knife is inside of your fist with the edge of the blade facing the first finger.
  • When buying a knife, make sure that you can fully close your fist around the knife’s handle.
  • If cutting a cord, use a reverse grip. In this case, the edge of the knife is towards your thumb. When using the knife like this, pull with your torso or shoulder for the best result.
  • The chest lever grip is when you hold the blade with its edge pointed in the opposite direction of the forehand grip, which is up towards your hand’s knuckles.

The Uses of a Knife

  • Wood Chopping – Hold the knife in a forehand grip and use it against the wood. Use a wooden object to “hammer” the blade into the wood you want to cut.
  • Wood Splitting – With the forehand grip, place the blade of the knife over the wood. Then, use a baton to push it through the wood in the grain’s direction.
  • Slicing with a Knife – You have certainly sliced with a knife. In a survival situation, use a forehand grip to slice like you do at home.
  • Power Cutting – To power cut, use a chest lever grip. While doing this, hold the object you wish to cut. Using your back muscles, draw the blade through the object…HARD.
  • Controlled Cutting – Using the chest lever grip, work your way slowly around the object you wish to cut.
  • Drilling with a Knife – Place the knife’s tip onto the object, and then twist left and right. Don’t use too much force, as your hand can easily slip.

With all knife grips, make sure that there is no other body part in the path of the knife.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.