Robert Siciliano on FOX Nation

/in /by

I recently had the opportunity to join a panel discussion on FOX Nation. We talked about the grid, and how cyber threats could be the next medium for global warfare. I was able to share opinions with fellow experts on privacy, information security and cybersecurity. Please watch and learn why it is so important to take control of your own security, and ultimately your life.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

WARNING: You or Your Members Could be Targets of List Scams

/in , /by

There are scammers out there targeting conference exhibitors and attendee. What are they looking for? Credit card numbers, money wires and personal information that they can use to steal identities. One of the ways that scammers get this information is by using invitation or list scams. Basically, if you are registered for a conference, speaking at a conference, a conference vendor or just “in the business”, you might get an email…or several emails…that invite you to a conference or offer to sell you a list of attendees, and their contact information, which may be beneficial to you…but is it too good to be true? Definitely.

Robert Siciliano, CSP, SAFR.ME

These Lists are Lies

Along with conference invitation scams, many associations are targets of list scams. A quick search of “Attendee List Sales Scam” pulls up numerous associations whose members and anyone interested in marketing to these members are being targeted by criminals to purchase non-existent lists.

Though it might sound great to get a list of all attendees of a conference, including their contact information, you might be surprised to know that these lists are lies. On top of that, getting this information might not even be legal.

Think about it for a second. When you signed up for a conference, did you choose to opt-in to have your personal information shared with others? Probably not, and that also means that most of the other attendees did not do this either.

To find out if the list is possibly legit, take a look at the show’s policies. Do they give information to third parties? Do they rent or sell lists of attendees? Is the name of the company that contacted you on the list of their third-party vendors? If this checks out, the list could be legitimate. If not, it’s probably a lie.

If you think you are dealing with a liar, the first thing you should do is plug the company that contacted you into the Better Business Bureau’s website. If it is a scam, you should certainly see information proving that. If not, but you aren’t interested, just unsubscribe. If you think that you are dealing with a scammer, don’t reply or even unsubscribe. Instead, just delete the email and don’t take any action. Many of these scammers are simply looking for active email addresses.

More Conference Invitation Scams

Another scam involves telling attendees about exhibitors that don’t even exist. This can push you into wanting to sign up for the conference, but in reality, the conference, itself, might not even exist, and in this case, you could just be giving your hard-earned money to a scammer.

So, if you find yourself in this situation, the first thing you want to do is research. One step is to look up the person who contacted you online, such as on LinkedIn, and see if they are who they say they are. Another thing to do is to contact the conference venue and ask if the event is being held there. You can also check the contract for refund or cancellation information. You also should do some research about the reputation of the contactor company. Finally, always make sure that you pay for any conference with a credit card. This way, with zero liability policy’s, you can get your money back, and every legitimate conference company is happy to accept credit cards. 

But Wait…There’s More

Another scam associated with trade shows and conferences is to contact attendees about hotel reservations, but once you pay…it’s all a scam. Usually, these scammers will contact the attendees and say that they represent the hotel for the conference. They will tell you that rates are significantly rising or that it is sold out, so you must act immediately…however, they will say that they need the full amount up front.

When in doubt about this type of scam, you should always contact the trade show organizers yourself, and then ask who the booking rep is. You should also give them the name of the company that you believe is scamming you so they can advise others of the scam.

Know Your Options

  • It is very important when you are signed up to present or attend a conference that you only engage with the company that is running the conference
  • If in doubt, confirm with the company that the offers from third-party claims are correct.
  • You can also get an official exhibitor list of official vendors.
  • Keep in mind that these legitimate companies might have your personal information, but they would not release your personal contact information with third-parties.
  • Some exhibitors might get the mailing address of attendees, which you can opt out of. Most of this is harmless, of course, but that doesn’t mean that all of these lists are.

Wi-Fi Hacks

Finally, you want to watch out for wi-fi hacking. This is a common scam for conference goers. When you attend a conference or trade show, you probably just expect that you will get free wi-fi, right? This allows you to take care of business and ensure that your booth runs smoothly. Hackers know this, of course, so they set up nearby and create fake networks. Once you connect to these networks, they can come into your device, take your information, and even watch everything you are doing online.

Keep in mind that these fake networks look remarkably similar to the legitimate networks set up by the conference. So, always double check before connecting, and if you are ever in doubt, make sure to ask one of the conference or trade show organizers. They can confirm that you are on the right network. There are always going to be scammers out there, especially when you are attending a trade show or conference. There are just too many opportunities for scams, and they can’t say no. Fortunately, by following the advice above and by reporting any suspicious activity, you can not only make sure that you, yourself aren’t falling for these scams, but also help others to not fall for this type of nefarious scheme.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Protect Your identity When Buying or Selling a Home

/in , , , , , /by

If you are in the process of buying or selling a home, at some point, you are going to have to disclose personal information when you go through the process. Because of this, a home buyer, especially, is much more likely to become a victim of identity theft.

Here are some ways to protect your identity when buying or selling a new home:

Ask if Communication is Secure

One thing to do is to make sure your mortgage and real estate professionals are using secure electronic communications. If they can’t articulate their security, such as they use two step verification, etc, then they aren’t generally secure. Otherwise, you should drop documents off in person.

Ask How Personal Info is Handled

Another thing to do is ask your lender how they will handle your personal info after the loan is complete. Are documents able to be stored securely? Will they be shredded when no longer needed?

Ask About Security Policies

You should also ask about the security policies of your lender and/or real estate professional. If they don’t have a security policy, they aren’t secure.

Get a Referral

Ask people you know for referrals for mortgage and real estate professionals. Verify that their licenses are current. Do business with those who others know, like and trust.

Choose a Real Estate Team That You Trust

Buying a new home takes a full team on both the sides of the buyer and the seller. So, you have to make sure that you trust them and that all of their credentials are up to date. You should also do your best to read reviews online.

Be Aware of Frauds

Fraudsters are always out there, and they take advantage of people looking to buy a home. For example, according to investigators, a California woman would offer to buy a home on behalf of the buyer because the buyer was under funded or an illegal immigrant. After the buyer provided the deposit, she would never be heard from again.So keep your eyes open as you go through the process.

Recognize Money Wire Scams

When looking at the home buying process, a report by the FBI’s Internet Crime Complaint Center said email fraud involving real estate transactions rose 1,110 percent in the years 2015 to 2017 and fraud dollars lost rose almost 2,200 percent.

Nearly 10,000 people reported being victims of this kind of fraud in When looking at the home buying process, a report by the FBI’s Internet Crime Complaint Center said email fraud involving real estate transactions rose 1,110 percent in the years 2015 to 2017 and fraud dollars lost rose almost 2,200 percent.

Nearly 10,000 people reported being victims of this kind of fraud in 2017 with losses over $56 million, the FBI report said. Real estate is only now tightening its belt and fighting back., the FBI report said. Real estate is only now tightening its belt and fighting back. The moment a wire transfer is requested via email, tell your agent or broker you want to meet them at the office to discuss. End of story.

Be Cautious on the Internet

During this process, you will be filling out a lot of forms and giving out a lot of your personal information. So, to help prevent any identity theft, you should only use a secure device on a secure network. You also have to make sure that you are using strong, varied passwords, and if you have to print out copies of documents, you should hide any account numbers or Social Security numbers.

Use Credit Monitoring or ID Theft Protection

When making a large purchase like a new home, you should make sure to have real time credit monitoring and identity theft protection.

Freeze or Lock Your Credit Until Making an Offer

You also might want to consider freezing or locking your credit until you are required to have your credit checked. Both options prevent a creditor from accessing your credit report, which stops a criminal from opening a new account.

Credit locks are available from consumer credit bureaus for a small fee, and you can lock or unlock your credit whenever you want. A credit freeze is free but slightly cumbersome. Go free and learn it.

Get a Copy of Your Credit Report

It’s also a good idea to get a credit report if you are going to finance a home. Checking this report will give you a good idea of what you can afford each month, and it will allow you to see if there are any mistakes or unusual behavior on the reports.

Stay Safe During the Closing Process Finally, remember that fraudsters are always out there, especially when people are using large sums of money. The Federal Trade Commission estimates that people lost about $1.48 billion to fraud last year, alone. So, it’s imperative that you keep yourself safe by avoiding things like phishing schemes, and if something sounds too good to be true, it probably is.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

The “Mother of All Data Breaches?” It Could Be Here…

/in /by

You have probably heard of one data breach after another these days, but this is one that you should really pay attention to: more than 772 million unique emails, along with more than 21 million unique passwords, have been exposed.

data breach

Troy Hunt, who runs the website “Have I Been Pwned,” first reported this breach, and he says that a huge file (87 GB) was uploaded to MEGA, a cloud service. This data was then sent to a popular hacking site, and now hackers have access to all of these passwords and email addresses.

This data breach, known as “Collection #1,” is very serious. However, it could just be the tip of the iceberg. There are claims that there are several more “collections” out there, and it could be as much as one full terabyte worth of data. This could be the newest “mother of all data breaches” if this is found to be true.

So, what does all of this mean for you? It not only means that your information could be part of this breach, but it also could mean that these password and email combinations could be used in a practice known as “credential stuffing.” What is this? It’s when a hacker uses known email and password combinations to hack into accounts. Basically, this could have an impact on anyone who has used an email/password combination on more than one site.

This, of course, is concerning because this particular breach has about 2.7 billion email/password combinations. On top of that, around 140 million of the emails, and 10 million of the passwords, were brand new to the hacking database, which gives the hackers even more ammunition to wreak havoc. The big lesson to be learned here is that you should always use good security practices when you create accounts online. You should never use passwords from one account to another, and you should definitely use two-factor authentication if it is available. If you don’t have a password manager, you might want to set that up, too.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video

Youra Sheethed: My Dalliance Scambaiting a Nigerian Con

/in /by

I put an ad on Craigslist to sell a refrigerator that I no longer need. Within a few minutes I’m happy to report Micheal responded to buy it!

SCAMMER:Hi am Micheal I like to ask if this item is till available for sale and what the present condition it.

ME:Still for sale, someone is interested tho, its like new, 5 months. 

SCAMMER:Thanks for the  information Joshua I am interested in buying and closing this deal before anybody else  the easiest mode of payment  for me is by sending you a cashier check directly from my bank account  to you overnight via USPS , Kindly send me your full name and address to send the check out if you are interested . I also promise to handle the shipping myself once you have the cash at hand 

ME: Awesome! Thank you Michael! Please send the check to:

Youra Sheethed

15 Deerfield St #15145

Boston MA 02215

Sincerely with love respect hugs and kisses

Youra Sheethed 🙂

SCAMMER:The check will be mailed ASAP,please note that the amount on the check will be shipping and handling charges inclusive so you will have more than $640on   the check from which you will deduct $640for  the payment , will counting on you make the rest available to my shipper because I have other things he will be picking up for Me , I will notify you once the check is sent.kindly confirm the name.YouraSheethed

ME: Yup, that is correct.  Youra Sheethed.  It has been a pleasure to do business with such a professional person as yourself.

Few days later…….

SCAMMER:The Usps man just confirmed to me the check has delivered now and The amount i wrote is $2340,As our agreement that i have promised that iwont cause you any financial problem regarding the shipment, The extra fee payment on the check is to cover the shippers fee pick up for your item and they have other items they are picking up for me , So that can cover all fee..

SCAMMER: Have you received/deposited the check already??

Hey, it’s me Robert, so the SCAMMER didn’t get an immediate reply from me because I was on an airplane. In the course of an hour, probably in a panic, Scammer then sent another 8 messages and called another 12 times every, 2 minutes.

ME when I got off the plane: You seem to have ants in your pants.  You should have that checked.  They can bite you know.  Especially the red ones.  One time that happened to me. I was VERY ITCHY.  Are you itchy?

SCAMMER: Excuse me ?

ME: Ants in your pants.  You called and texted like 20 times.  Maybe it’s me but that tells me you have ants in your pants.

SCAMMER:The USPS confirmed to me check already delivered,so I wanted to be sure you’re in procession of it..i apologize for the inconvenience and would like to proceed

ME: I deposited it.  It’s a lot of money!!!!! Thank you for the big tip.  Youra said she will use the extra money for her hemorrhoid surgery.  She’s very itchy.

Hey, it’s me Robert, so the SCAMMER didn’t respond to this message at all, I think maybe he caught on??!! So I messaged him 2 days later….

ME: When are the movers coming?

SCAMMER: I HAVE YOUR COMPLETE NAME AND ADDRESS,I WILL BE TAKING A SERIOUS LEGAL ACTION AGAINST YOU…. you will be hearing from my lawyer soon!

ME: Why? I thought we were friends? I like you.  We have lots in common. We both are itchy!

SCAMMER:Oloriburuku!

Hey, it’s me Robert, so I didn’t know what Oloriburiku was, so I googled it. And the Urban Dictionary provided this definition: “Oloriburiku; Direct translation to bastard head meaning someone stupid or crazy with mad thoughts don’t use it around Nigerian parent unless u want to die”

Apparently I’m not selling a refrigerator to Micheal. But at least I have a nice big fat check!

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video

Youth Suicide on the Rise…is Social Media to Blame?

/in /by

A startling new study shows that youth suicide is on the rise, and it has risen in dramatic fashion.

Data from the National Poison Data System shows that there were more than 1.6 million cases of kids from 10 to 24-years old attempting suicide by poison during the time between 2000 and 2018. A shocking 70 percent of these attempts were done by females. There was also a huge spike in the rate of attempts at suicide among those aged 10 to 15.

When we look at the individual years from 2000 to 2018, we can see that suicide rates were fairly steady…up until 2011. However, from 2011 and beyond, there has been a huge increase. In some cases, it is as much as 300 percent. So, we have to look at reasons for this.

During that time, there were several societal changes, which certainly could impact these numbers, specifically social media and smartphones becoming something that youth are using every day. There are several studies that can correlate this theory. In simple terms, these studies show an increase in suicide among youth aged 12 to 17 and an increase in social media screen time. However, this was no correlation between the two when looking at suicide rates among adults.

This author personally knows, or sadly knew many who have committed suicide and they range in ages from 10 years into adulthood. All had one thing in common, and insatiable appetite for social media use. There is article after article that links social media use with depression. When many of us are on social media, our inclination is to compare ourselves to others. A quote that rings true is “Comparison is the thief of joy” which is so sadly true.

This study does not totally nor unequivocally establish that social media use causes suicide, of course, but there is certainly a clear connection. When you are looking at more than a million kids who are at risk of suicide, it is important that parents understand this. Everyone has a tough time in their teen years, which parents understand, but what they don’t understand is being a teenager and totally connected to their peers via digital devices 24/7 with many of their peers being MEAN to them!  Doctors, who are supposed to help, don’t understand the digital aspect of this, either.

The findings of these studies are also in line with other research on suicide, which is the second leading cause of death for people from age 10 to 24. A tween or teen will full unfettered access to a smartphone and social media is the equivalent of handing them the keys to the car prior to knowing how to drive or even giving them a loaded gun.

A separate study as reported by HuffPo shows a great correlation to all of this, too. In this study, which looked at emergency room records, it was noted that suicide attempts as well as suicidal thoughts doubled from 2005 to 2017. More than 40 percent of these were for children from 5 to 12-years old.

All of these studies also show that parents are pretty clueless about this. In fact, research shows that about 50 percent of parents who have children who have considered suicide are totally in the dark about it.

Something has got to be done about this, of course, before it gets out of (actually it already is) control. Support and awareness about mental health is certainly a step in the right direction, but parents also must be aware of the great increase of suicide and attempted suicide rates among teens and realize that their child is just at risk of this as any other children. Parents can also do things like limiting their children’s access to medications in the home. It is also important for parents to learn the warning signs and understand that even young kids, who are not yet teenagers, can still have thoughts of suicide. Talking to your kids about it is always a good idea. Taking their phone away is a better idea. Adults too. Stop the madness!

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video

The Surveillance Seller: The Latest Concern for Real Estate Buyers and Agents

/in , /by

Imagine that you are looking for a new home with your spouse and children, and while at a showing, the agent gets a strange call. It’s her listing agent who informs her that the sellers are watching all of you on a camera, and they want to make sure your children are careful around the china cabinet…

What? This happens? It most certainly does, and it’s definitely freaky. Plus, it raises some legal and ethical questions, too. This has become more of an issue than ever before with real estate, and agents are really dealing with something they have never had to worry about before.

In general, there are laws out there about recording people without their knowledge, but these laws vary by state, and what is covered in one place might not be covered in another. On top of that, most real estate agents aren’t aware of what is legal and what is not. Some states, for example, only require that one person knows that the surveillance is happening, but in other states, both parties must be aware. Other states require that a notice is posted if recording is happening.

The majority of agents believe that they have an obligation to tell their clients if they know that there is recording equipment in a home, but at the same time, they might not know either. This can also, of course, cause some legal issues during a negotiation, as potential buyers might be discussing strategy during the showing, while a seller could be listening in, giving them the upper hand. Some agents have even told their clients that they shouldn’t talk about what they are thinking about a house until they are outside and away from any potential recording equipment.

On the other hand, some sellers believe that they have an absolute right to record in their own homes, and they very well may have that right. Again, in general, things are quite cloudy here, and they are only set to get cloudier as time goes on.

At this point, it’s not even just traditional surveillance cameras that homeowners are using. They also are using smart-home technology to keep an eye on their homes including video game consoles, smart door bells, and even devices like Amazon’s Alexa-enabled devices. Of course, there are also a number of privacy concern associated with these things, too. As these devices get cheaper than ever before, more and more homeowners are jumping on the surveillance bandwagon. So, if you are a in the market to buy or sell a home, make sure you talk to your realtor about this, especially if you are a seller who has these devices in the home.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Want to be a Cybercriminal? Try Facebook

/in , , , /by

When you think of a cybercriminal, you probably picture someone in a black hoodie in a dark room on the dark web, but most cybercriminals are out there in plain sight, including on Facebook.

facebook security

Talos, a cybersecurity firm, found that people can easily join Facebook groups, and then participate in cybercrime including buying and selling credit card info, obtaining spamming tools, or even getting account logins and passwords. All in all, these groups have almost 400,000 members.

Though that does sound like a lot, and it is a lot, you also have to remember that Facebook has about 2 billion users logging into the site each month. With that number of people, it is difficult for the social media giant to deal with these groups.

The failure of Facebook to remove these cybercriminals shows that it is struggling to keep bad online behavior at bay, and this also include hate speech, inciting violence, and sharing false information. This also, of course, show how this behavior can be amplified by the algorithms that Facebook uses.

These groups are easy to find on Facebook. All you have to do is type things like CVV or spam. Once you join one of these groups, Facebook’s algorithms come into play and suggest other groups that are similar in nature. Plus, Facebook doesn’t have a great way to catch these criminals, as it relies on reports from other users to stop this type of behavior.

Because of this, Facebook really has a long way to go before it stops relying on the reports of its users. It’s also true that these reports aren’t always taken seriously, and they often fall through the cracks.

One such example of this is with the recent terrorist attack in Christchurch, New Zealand. The gunman who was responsible for the attack streamed his murderous act on Facebook Live. Though Facebook eventually took the video down, it was seen by thousands of people. However, Facebook said that it had no report of the video during the attack, which is why it took so long to remove it.

Knowing all of this, Talos tried to take on some of these crybercrime groups through the reporting system at Facebook. Some of these groups were, indeed, removed from the platform, but others were not. Instead, only specific posts were removed, while the group itself was able to live another day. Talos kept reporting these groups, however, and eventually, most of them were removed. However, new groups are now popping up to take the removed groups’ places. Facebook has acknowledged that there is a problem, and it admits that these groups have violated its policies. It also said that it knows that more vigilance is required and that it is investigating all types of criminal activity on the platform.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

New Phone Scam Scares with Social Security Sham

/in /by

We all get scam phone calls, but the newest one is meant to scare. When you pick up the phone, you get a message that your Social Security number is suspended due to suspicious activity, and then prompts the victim to speak with an agent to get help.

The FTC makes something very clear: your Social Security number cannot be suspended for any reason, so any call that states your SSN is under suspension is a scam. What they are really trying to do is to trick you into giving them your actual Social Security number along with information such as your birthday and bank account number. 

This scam is just a tricky variation of a scammer’s trick that often works. In this case, they are trying to scare you first, and then offer to help…but in reality, these scammers are trying to steal your information.

Remember These Social Security Facts

If you get a call about your Social Security number, you should remember the following:

  • The Social Security Administration only calls from one number: 800-772-1213.
  • A Social Security Number cannot ever be suspended.
  • The Social Security Administration won’t ever threaten an arrest.
  • You will probably NEVER get a call from the SSA.

Also, of course, remember this: NEVER give your SSN to someone who contacts you that you don’t know.

The Scam

There are a few variations of this scam. The first is that they call and say that your SSN is suspended due to suspicious activity. They then say, if you want to know more about the case, press 1. When you do, of course, you are connected to an agent who is trained to get your information.

Another variation of this scam is a bit more aggressive. In this case, it states that law enforcement has suspended your Social Security number because of suspicious activity. You are advised to call a toll-free number immediately and verify your SSN. The scam also claims that if you do not call the number, an arrest warrant will be issued, and you, of course, would be arrested. Though not everyone will get one of these calls, if you do, you should definitely pay attention. Again, the SSA would never suspend a Social Security number, nor would it threaten to arrest you. It’s also good practice to never give you SSN to anyone who asks for it over the phone. Instead, hang up and go on with your day.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Second Hand USB’s Could Have Personal Info Still Inside

/in , , /by

An unsurprising study was recently released that found even when a portable USB drive is erased, not all of the documents and images are always removed. That, of course, is frightening.

Here’s how the research was done:

Researchers went online to sites like eBay, to second-hand shops, and even auction stores. They bought 200 used USB drives, half from the US and half from the UK. Almost 2/3 of the devices had data on them! This data was, for the most part, personal data, and it can also be used by cybercriminals to steal someone’s identity. On top of that, these USB drives can contain malware.

Removing All Data is Difficult

When someone tries to delete or remove data from a USB device, they rarely have success. In fact, of the 100 USB devices the researchers bought in the US, only 18 of them were totally wiped clean. The rest of them had data that had been deleted, but someone could certainly recover it. The UK devices were similar. What’s so surprising about this is that it is extremely easy…and free…for someone to fully delete their device. But most people just don’t put in the effort, and that could definitely hurt them in the future.

USB Devices Can Be Risky

Using these devices can be risky, not only for average people, but also for businesses. In 2017, for example, a USB device was lost, and it contained sensitive information about Heathrow Airport. The government investigated, and eventually fined the company. The information was not encrypted, nor password protected, and it was found on the street by a random passerby.

Because of these risks, some companies, like IBM, have banned the use of USB devices. Instead, employees must use the company’s cloud. Other companies still allow them, of course, but they could be going down a dangerous road. These devices are really cheap to buy, and people can save almost anything on them, but they are also very easy to lose.

There are other issues with USB devices too. First, of course, you have the data on these drives to deal with, but there is also the fact that potential malware could be on the devices. Most companies don’t have the same rules that IBM has, and most consumers don’t think of this at all. This makes people and small businesses very vulnerable. So, if you use USB drives, there is one very important step that you need to take: encrypt it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.