A Look Ahead: What Challenges Might We Face with Cyber Security in the Next Year?

/0 Comments/in , /by

I was recently talking to a friend. She called me because there was a big issue at work: a ransomware attack. Basically, a hacker installed software that locked down the entire network, and then demanded that her boss pay $8500. Ultimately, against my recommendations, the only choice they determined they had was to pay the money, and in the process, they learned a very valuable lesson about the importance of backing up company data.

This is only one of the things that we are going to be facing in the upcoming year. Here are some more that everyone should be aware of:

More Ransomware

We are definitely going to be seeing more ransomware attacks. These cyber criminals are getting even more greedy and they know that the data they are holding for ransom is very valuable. So, expect even higher priced demands.

More Built-In Security

For those in the security industry, there is going to be a lot of work ahead. There are new challenges coming up all of the time, and there are still the old issues that haven’t been solved. People in the industry will have to go way beyond home computers and cell phones. With so many products connecting to the internet, there are millions of ways for cyber criminals to launch an attack.

Intelligence-Based Security

We also can expect to see more artificial intelligence-based security approaches, since the technology we have now just isn’t doing the job. There needs to be more advanced analytics and monitoring, and this will help to prevent more identity theft incidents than ever before. Artificial intelligence just keeps on getting more prominent, and we are seeing computers actually learning without any help from humans. If these computers start to learn enough, they can start helping criminal hackers too.

A More Vulnerable Internet of Things

It’s also a huge possibility that there are going to be big issues in regard to the Internet of Things. Often called “end points” more devices than ever before are connecting to the internet, and more people are using them. This makes us more vulnerable to attacks, so we need to lock this down. Before you buy anything that connects to the internet, you must do your research.

More Phishing, Too

We can also expect more phishing attacks. Hackers are certainly planning more of this, and honestly, these attacks are easy to pull off. Why would they stop?

Credential Theft is Here to Stay

Attacks that occur for the purpose of stealing banking credentials and payment cards will also continue. Don’t ever click on a link in emails, and don’t open any attachment before you open them.

Credential Stuffing

There are billions of stolen credentials floating around the Internet ready for the taking and hackers are plugging this data into well-known websites and gaining access to email, ecommerce, banking, financial, you name it. Change up your passwords.

Security with Smartwear

We are also seeing new threats in regard to wearable devices. These can be bad news for consumers and businesses because they can easily be portals for infecting a home network. Keep these devices updated and change the passwords from the default if you can.

Governments Could be Targets

Cyber-attacks on governments will surely continue, too. These might be inside jobs, or they could be from foreign sources. Even if you think your devices and data is secure, the government might not be. This is another reason you need to have ID theft protection.

Smarter Cars

We also are going to see smarter cars; cars that are more connected than we have ever seen. There are close to 100 ECUs, electronic control units, in cars these days. Some of these are connected to the internet, too, so think of what this might mean. Technically, a hacker could do things like control the car’s brakes. Thankfully, manufacturers are adding more security, but consumers really have to do their homework, too, and understand their cars’ capabilities.

DDoS Attacks

Distributed denial of service attacks, or DDoS attacks, is when manipulation occurs to make something unavailable to people, like a website. We will certainly see more of this.

Disinformation Proliferation

There has never been a time when dis-information was so easily spread by so many, for so many reasons. When government officials at the very top become the primary spreaders of this information, such as dictators in Banana Republic’s and even those in the USA, you know we have a significant problem. Get your facts straight, publications like the New York Times or the Wall Street Journal have no reason to lie. Fact check before you share and spread misinformation.

Conclusion

Here’s the situation; we cannot fully protect ourselves from all of the fraud and scams that are out there, no matter how hard we try. With so many devices that are connecting to the internet, hackers have a ton of opportunity to take advantage of their victims. We need better security and more awareness, so as we move into the new year, keep all of this in mind.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

The Ultimate Guide to Spotting Fake News

/0 Comments/in , /by

Do you know when something is “fake news?” If you have half a brain, you should. However, when someone in authority makes a claim, the masses who elected that person into that authoritative position, automatically trust what has been said and spread that fake news. That needs to stop. My mother one said believe nothing of what you hear and half of what you see. And today no matter what, don’t automatically believe what you read.

fake newsThere has been a lot of talk about fake news since the 2016 presidential election, and a lot of controversy from those who spread fake stories for the purpose of influencing hearts and minds and of course the outcome of the election. This is dangerous for dozens of reasons, many of which threaten our democracy and in many cases can lead to people getting killed which has happened many times this year.

Keep in mind that not all people who spread or start fake news stories are propagandists, some are thieves and even more are advertisers. Some people just want you to come to their website so they can get clicks and traffic. Advertisers use fake news, as a way to get more clicks. This isn’t really dangerous to you, but someone is getting money because you are clicking on their site.

Other people use fake news, too, including those who want to facilitate identity theft. There are fake news sites that you click on, and then when you visit the site, you get a virus. From there, a hacker can get access to your personal information including your logins and passwords, bank account information, or even your Social Security number.

Here are some things to look out for:

  • Use common sense when looking at fake news stories. If it sounds too sensational, it probably is fake.
  • If a story is an obvious parody, it’s also obviously a fake news story.
  • If you already know some of the facts of the story, and something seems weird about the story you are reading, it’s very possible that the news is fake.
  • Look at the URL where the story is found. If it looks strange, the story is likely fake. For example, if you see a URL ending with “.com.co,” it’s a website from Colombia.
  • If there is a photo and the photo looks fake, the story is likely fake, too. But, this isn’t always the case.
  • Don’t just automatically trust.
  • The main stream media has been vilified over the past four years. And while their news is often “biased”, it’s not fake. It’s based on fact, but again those facts may be slanted in favor of the readership. Fake and biased are definitely not the same thing.

Look Closer at the Photos

Many fake news stories have photos that accompany them. Here’s how to test if a realistic photo is accompanying a fake news story.

  • Take a screenshot of the photo, making sure to exclude any graphics that are not relevant.
  • Open Google Images.
  • Upload or drag the screen shot to the search area in Google Images.
  • You will then see information about the “best guess” for the image. If the information doesn’t correlate to the story, you are probably reading a fake news story.

You can use this trick in other ways, too. For instance, if you do online dating, you can see if the person you are talking to is actually who they say they are. If not, they are a faker.

Additionally, you can do this with any image that you have. If the Google Image search gives you information that doesn’t correlate with what you think it does, it is likely a scam. Keep in mind that crooks like identity thieves often steal images and use them as their own.

When you are in doubt, it is always best to do a search on the item to see if other news sources are reporting on it, too. If the only place the story is seen is on a no-name site, you should suspect that it’s fake. If it’s not also being reported by the New York Times or Wall Street Journal, it’s probably fake.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

12 Tips to Safe Shopping Online

/0 Comments/in /by

These days, shopping online isn’t a risky, crazy or scary task, but with all of the cyber criminals out and about, you might want to think twice before clicking “submit payment.”

If you are going to be shopping online, there are some things that you can do to keep yourself safe. Here are some tips:

Tips for Avoiding Online Shopping Scams

  1. Think about this; if you were a cybercriminal, how would you lure a victim? You might put an ad on social media, for instance, sharing an amazing deal. If you see a deal that looks too good to be true, it probably is.
  2. What if you want to look at the deal? It doesn’t hurt to look, right? Wrong. Sometimes even clicking on the ad can download a virus onto your computer.
  3. Back up your computer regularly, especially before you start shopping online.
  4. You can be protected if you use security software like firewall software, antivirus software, antispyware, and antiphishing, even if you go to a malicious site.
  5. Don’t use a debit card if you can help it. If you pay with a debit card and a scammer takes your money, you might never get it back.
  6. It’s much safer to use a credit card. If you pay with a credit card, you can dispute the charge, and the credit card company will work with you and reverse the charges.
  7. Also, if you use a credit card, contact the company to find out if they have a “one-time use number” for the card. This way, if you do make a purchase to the scammer, they can’t use that number again.
  8. If you are shopping for common, everyday items, only buy them from reputable, big-name retailers. All of the URLs should have a padlock symbol next to them, and they should say “https” not “http.”
  9. If you are buying from a merchant you are not familiar with, familiarize yourself with the site’s reputation. Do some research to find out if anyone has had issues with the site in the past.
  10. Take a look at the merchant’s privacy policy and see what the limits are.
  11. Keep in mind that a merchant doesn’t need any more information than your name/address, credit card info, and shipping info. If they ask for other information, like a birthday or Social Security number, do not give it. It is probably a scam. Do not give retailers like this any information about you.
  12. Don’t shop online when you are connected to public Wi-Fi. If you don’t have a choice, you can use a VPN, virtual private network, to make sure all of your information is encrypted.

Consider identity theft protection as an additional layer to protect your identity from various scams. No one is immune from fraud or all scams, but identity theft protection services are there to watch your back and assist in case something goes wrong.

Online shopping should be a very worry-free process, but there are some things you can do, as listed above, to reduce your risk of danger. By making these practices a habit, you can stay safe now and in the future.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Be Aware of These IRS Stimulus Check Scam Tactics

/0 Comments/in , , /by

The IRS has taken the step of urging taxpayers to be aware of emails and calls that can lead to people giving up their personal info to cybercriminals.

The IRS has been telling taxpayers to take more care than before during this time. They has also reminded people that the IRS does not call taxpayers to collect or verify financial information in order to get a faster refund. The IRS also will never email nor text you asking for any information.

Cyberthieves have been taking advantage of people in times of trouble, and now that we are literally in the middle of a global pandemic, these scams are definitely on the rise.

Don’t Fall for It!

The IRS has seen many more phishing scams than ever before. It is easier for scammers to get money than you might think. All they have to do is give the IRS fake bank information. In most cases these days, the IRS will direct deposit payments right into the bank accounts of taxpayers. If you have never provided this, you can go online and do it…but so can scammers. If the IRS doesn’t get this information, it begins mailing checks, and of course, these can be intercepted by a scammer.

It is also important that you realize that people who have retired and don’t have to file a tax return simply get a check. They don’t have to do anything, and this makes retirees common targets for cybercriminals. The bad guys often reach out to older people by phone, mail, or email and ask for information such as their bank account number or Social Security number in order to verify their check. But remember…the IRS will never contact taxpayers via phone.

Additional Information

There are a number of signs that something could be a scam, and the IRS wants to remind people of this. Here are some of those signs:

  • In the case of the stimulus checks, the official name is the “Economic Impact Payment.” If you see other terms, like “Stimulus Check” or “Stimulus Payment,” it is probably a fake.
  • If you are asked to sign over a check to someone, it is definitely a scam.
  • If you are asked to verify your financial or personal information via text, mail, phone, or social media, it is a scam.
  • If the check you receive doesn’t look right, it is a scam.
  • If someone contacts you and says you can get your check faster if you give them more information, it is a scam.

How to Report an IRS Scam

If you think you are a victim of this type of scam, you should report it. If you get a fishy email, you should forward it to phishing@irs.gov. Experts also recommend that you don’t engage with cybercriminals on the internet or the phone. You can read more about this on the IRS website.

If you have questions about how the IRS is dealing with the coronavirus pandemic, you can look at the agencies Coronavirus Tax Relief page on the internet.

Finally, consider identity theft protection services. While none of these services will prevent tax related identity theft, there are expert restoration agents on the ready to work with potential victims of this type of crime.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Is Freezing Your Credit Enough?

/0 Comments/in /by

You might think that freezing your credit is enough to keep you safe. In fact, freezing your credit was actually a smart thing to do in order to prevent fraud and stop yourself from becoming a victim of ID theft. It is free to freeze your credit whether or not you are a victim of ID theft, and the FTC (Federal Trade Commission) recommends that people do this in order to protect themselves. But what if it doesn’t work?

credit freezeLet’s talk about Chuck. Chuck is a guy who contacted the Consumerist with a story about his mother. She was a victim of ID theft and froze her credit because that’s what the FTC suggested. However, one of the three major credit bureaus, TransUnion, allowed the hack who had stolen his mother’s ID in the first place, actually lift the freeze! How could something like this happen? Well, it’s much easier than you might think.

These credit bureaus give people a PIN when they freeze their credit. So, to life the freeze, the person must provide the PIN again. However, a PIN is pretty easy to forget, so the companies have created other ways to lift the freeze. For instance, with TransUnion, you must answer a series of personal questions such as “Which of the following phone numbers have ever belonged to you?” or “Which of the following streets have you lived on.” The problem is, this information is extremely easy for a scammer to access.

Of course, this isn’t extremely common, but it can happen, and Chuck’s mother is a good example of it.

TransUnion says that there is an extra layer of protection that it offers to people who cannot remember the PIN they were given. The company sends a written confirmation. This means that they would expect to hear from the consumer if they did not need a new PIN or ask for the account to be unfrozen.

On the surface, this sounds pretty safe, but not everyone constantly checks their email, and many people only check a few times a week. On top of that, it could be a few days before a person knows that their account has been compromised. If this happens, the damage has likely been done.

When you look at security, you should see that it is built up of several layers of protection. This means that if one layer fails, another comes in to bring security. The more layers that are there, the more secure your account information is. This is why experts like me recommend a combination of a credit freeze, ID theft protection, and credit report monitoring. Though nothing can offer a 100% fool-proof method, all of this can greatly increase your chances of not becoming a victim.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Gift Card Scams: What You Need to Know

/0 Comments/in /by

You might not realize it, but hackers are making a ton of money thanks to phishing attacks, and now they have started to focus on gift cards. Scarlet Widow, which is a notorious scam group out of Nigeria, has really been boosting its efforts to romance scam people and using gift cards. The group is typically focused on people in the US and UK, and is also well known for tax scams, and rental scams.

Gift Card ScamsAre you a person who is at risk of being scammed by a group like Scarlet Widow? The group generally focuses on large or medium sized businesses including non-profits, such as the Boy Scouts of America, the United Way, and the YMCA. The scammers work by sending staff members emails, and though most people notice immediately that these emails are actually scams, it only takes one email to put a company at risk.

Common Targets

From around November of 2017 to today, Scarlet Widow has been targeting thousands of people and non-profits. It is also targeting the tax and education industries. Remember, the group only wins if they get access to email addresses from these organization, and they might put malware into the systems or use phishing links. Honestly, it doesn’t matter what method the hackers use, once they are in, the scam begins.

What is the Scam? 

So, what is the scam? Scarlet Widow tends to use traditional scams, but these days, the group has started using gift card scams. When we look at data from late 2018, we see that more than 25% of people who were scammed during that year said that they were victims of gift card scams.

The thing is, scammers really love this type of scam because they have fast access to cash, they can do it all anonymously, and once the scam is done, it is very hard to fix. Basically, all the scammer has to do is sweet talk their way into having someone buy a gift car, taking a photo of it, and they now have the money that was on it.

Typically, Scarlet Widow asked for iTunes or Google Play cards, but they have also been known to ask for gift cards from place like Walgreens, Target, or CVS. You might think it’s a bit strange that these people could actually con others to pay for services like cell phone service with a Visa gift card but remember…these are experts at manipulating people.

They often come up with a story about a sense of urgency, like this amazing deal will expire in three hours, and people actually fall for it. One example of this is an administrator from a financial advisory company I’ve worked with actually sent a scammer $1500 in iTunes gift cards. Why did she do it? She was duped into thinking the email was coming from the head of the finance department in the company she worked for.

One way to get a hold on this is to set up some type of security awareness training, but I even know someone in the industry who fell for it. It was an assistant of a security awareness trainer. She got an email that she believed was from her boss. It asked for five $500 Apple gift cards, which were going to be sent to their top five clients. So, the assistant went to Walgreens, bought five cards, and then, just as the email said, she scratched them to reveal the codes, took photos, and sent them back to her boss.  Except, it wasn’t her boss…it was a scammer who was now $2500 richer.

There are some limits to what scammers can do with gift cards, but they will do anything they can to get more money coming into their pockets. So, if you ever get a request for a gift card, be smart and use a ton of caution.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

10 Ways to Keep Yourself Safe from Shopping Scams During the Holidays

/0 Comments/in , /by

The winter holidays are a time for friends, family, and fun…and also fraud. Here are 10 ways that you can protect yourself from shopping scams this holiday season:

Gift Card Scams

Don’t ever give anyone your credit card information to claim a gift card that you hear about via email.

Shop Smart

Online shopping? Don’t do it while connected to a public Wi-Fi connection. These are not secure, and anyone can get access to your bank account, credit card, or log in information. Instead, use a VPN or your home network.

Be Careful with Coupons

Coupons can be great deals, but if they look too good to be true, you should assume that it is

Protect Your Passwords

Make sure you change passwords regularly for all sensitive accounts. Also, make sure that you don’t repeat passwords from account to account. When you create your passwords, you should randomly make them a mixture of both upper- and lower-case letters along with symbols and numbers. Make it at least 12 characters. You can use a password manager to help you remember it.

Set Up Two Step Verification

Consider setting up two step verification. Once you log into an account, you will receive a numerical code via text, which serves as a second verification for your account. This stops people from logging into an account unless they have both your log in information and your phone.

Think Before Clicking

Don’t click on links that come into your email, even if you think it’s from someone or a company you know. Big companies like Walmart, Kohl’s, Macy’s, etc, usually do not send links like this in email, so if you see one, ignore it. Scammers create these links in the hope that you will click it. If you do click one, it may download a virus to your computer or take you to a fake site, where you might be tricked into entering your credit card information.

Keep Your Bank and Credit Card Secure

Look into the type of security measures that your bank uses, and then use them. You also might consider setting up push notifications or push alerts through your credit card company so you get an email or text message with every charge.

Employment Scams

You are likely to see ads during this time a year that advertises for jobs that pay way more than they should. $50 an hour for filling out surveys? Skip it.

Review Your Financial Health

Each month take some time to review all of your financial accounts to see if there is any activity that seems suspicious. Even a small charge can be very suspicious. Often, a scammer will make a small transaction to test things out.

HTTP vs. HTTPS

When you see an “S” at the end of the HTTP portion of the URL, it means that the site is secure. Only do shopping on sites with that “S.” Finally, make sure you update your browser before you shop.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Election Civil Unrest: Plan Ahead for Turbulent Times

/0 Comments/in /by

We all know that the election could lead to turbulent times, and there are going to be risks out there. What can you do if you come across some type of violence or protesting? Let’s start with some general tips to keep yourself safe:

  • Don’t wear candidate-specific clothing. You are only bringing attention to yourself.
  • Stay away from areas where there are demonstrations
  • Check out the situation before you head out
  • Things can change very quickly so have a plan to get out of violent situations.
  • Keep up with local news
  • Don’t go near large gatherings
  • Stay home if you hear about demonstrations in your area
  • If you come upon a protest, leave the area as quickly as possible.
  • If you have to go where there are protests, bring a friend and stay together.
  • If you see police trying to settle a situation, leave.

Protests and Demonstrations – Safety Tips

If you want to participate in a protest or demonstration, here are some tips:

  • Don’t get involved if civil unrest breaks out. You could get jailed, hurt, or even killed.
  • Don’t take videos or photos. Law enforcement might see it as threatening.
  • Leave if things get violent.

Unexpected Civil Unrest – Safety Tips

If you find yourself in the middle of unexpected civil unrest, here are some tips:

  • If things get violent, do your best to get out quickly. Try to find a safe, public place like a museum, hospital, church, or hotel.
  • Plan a few routes out of the area. Keep in mind that roads could be closed.
  • Curfews might be imposed, and it’s best to follow them.
  • Try to get to the edge of the crowd, and as soon as you can get away, you should.
  • Walk and try not to run. Running can bring unwanted attention
  • If you get arrested, don’t resist, even if you are totally innocent. You can work it out later.
  • Stay away from glass windows and try to move with the flow of the crowd.
  • Avoid banks, fast food places, government buildings and police stations, as they are often targets during uprisings.
  • If you get into a tight spot, grab your wrists and push your elbows out. This will give you a bit of air.
  • If you are pushed or fall to the ground, try to get close to a wall and roll into a ball. Cover your head.
  • If shots ring out, drop to the ground and cover your neck and head.
  • Don’t try to drive a car through a crowd.
  • If you do end up in a crowd while driving, turn down the nearest side street, turn around, or reverse.
  • If you can’t move, park, lock it, and leave the car. If you can’t get out, turn off the engine and lock the doors.

Stuck in a Hotel or Your Home – Safety Tips

If you are home or in a hotel when violence occurs, here are some tips:

  • Stay inside and don’t leave
  • Reach out to your family and police to let them know where you are.
  • Stay away from windows, draw the blinds, and lock all windows and doors.
  • Find a place to sleep in the center of the home or hotel room.

Following Civil Unrest – Safety Tips

Once things have settled down, keep the following in mind:

  • Stay where you are safe until you know it’s okay to leave.
  • If you are hurt, get medical attention
  • Report damage to police
  • Reach out to family to let them know where you are
  • Report damage to your insurance company

Shut Downs – Tips

Shut downs can happen during times of unrest. Keep the following on hand:

  • Cash
  • Water
  • Food
  • Medication
  • First aid kits
  • Baby and pet supplies
  • Radios and batteries
  • Flash lights
  • Gas in your vehicle
  • Phones, laptops, and chargers
  • A bag with a couple of days of clothes for everyone in your family
  • Essential documents
  • Emergency contacts

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Is Two Factor Authentication a Good Thing to Use?

/0 Comments/in /by

“TechWorld” has some interesting information, such as a story on a report from the National Institute of Standards and Technology. And while you may not see this as being “fun”, it is at a minimum interesting. I’m here to break it down for you.

two factor authenticationIn this report, the public was advised to stop using two factor authentication. However, other people suggest that this is the very best way to prevent identity theft. So, which is it? Let’s take a look.

When you get a message from someone, you surely want to make sure that they are who they say they are. In fact, many of us rely on tools like Caller ID. However, you might want to stop doing that, as caller ID can be faked. As hackers start using this more, they are finding ways to also fake SMS, too, which means technically, they could be faking two-factor or two step authorization/verification which heavily relies on text messaging. So, it is very important to stay vigilant about protecting your information and being careful about what you respond to via text

Why Authorization is Important

When it comes to the importance of authorization in transactions, it’s imperative that you are confident that you can access your info. We now know that it is very easy for a criminal, if they know what they are doing, to get into your accounts by using your password and username. But just a username and a password isn’t enough.

How Two-Factor Authentication Works

When you choose to use two-factor authentication, after entering your password online, you will receive an SMS, one-time use code, which you then use to fully log into your account. For this to work, the following must occur:

  • You must have a mobile device
  • You must know how to access the device (PIN or biometrics)
  • You must have a username and password to an online account
  • You must have the one-time use code, which will be sent to the device

Unless all four of these things are present, the account cannot be accessed. So, even if a hacker has your username and password, if you have two-factor authentication set up, they would also need your device to access the account. This makes it much more difficult to illegally access an account and helps your account to be much safer.

How Hackers are Being Smarter than Two-Factor Authentication

Though it is more difficult for a hacker to get into your account that has two-factor authentication, it is not impossible. Here are some ways that hackers are able to get around it:

Man in the Middle Attack:

  • The hacker gets access to your username and password
  • The hacker tries to login and is denied because you have two-factor authentication set up.
  • The hacker contacts you via social media, email, or phone with some type of trick to get your one-time code.

Phone Cloning:

  • The hacker will go into a brick and mortar cell phone carrier store and pretend they are you. They get a new phone with your number.

Changing the Number

  • The hacker creates a fake website, and you enter your number into it. They then take your number and change it, and then they keep your original number. This sounds more complicated than it is.

There is a Lot of Confidence About SMS Two-Factor Authentication

When you use SMS two-factor authentication, you don’t’ have to worry or have concern if your password gets into the wrong hands. Remember, the criminal who has your password still needs your one-time code…and unless they have your phone, they can’t access it.

Companies that offer two-factor authentication give their customers more confidence, and there is an increased interest in the company’s products and services because transactions are more secure.

So, should you be nervous about SMS two-factor authentication? No, you don’t need to. You really do have an extra level of protection, but remember, it isn’t totally fool proof. There are still ways that a hacker can access your accounts, though it is quite difficult.

You can have confidence in two things – First, that banks continue to come up with easy and friendly way to keep all of us safe with an alternative to two-factor authentication, and second, that you are already a step ahead of hackers thanks to your new-found knowledge from reading this article.

One simple way to engage and activate two factor authentication for all critical websites is to simply do a Google search for “two factor” and then the name of the site. And example would be “two factor Amazon. ”You’ll definitely find plenty of options to enable to factor authentication on every critical website your visit.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Have You Heard of a “Credit Profile Number?” It’s a Fake Social Security Number

/0 Comments/in /by

Cyber criminals are always trying to keep one step ahead of the crowd, and now there is another scam that you should be aware of. It’s called “synthetic identity theft,” and it is when a bad guy takes some of a victim’s personal information, and then they make up the rest. These people also will use fake Social Security numbers, which are known as “credit profile numbers,” or CPN.

Thanks to this type of identity theft, however, we can see that our credit system is very vulnerable. Essentially, it tells us that it is very easy to create a credit file by using this information, and once they do, they can get a loan or credit card with the information of their victims.

Of course, this practice is illegal, but cyber criminals don’t care, and there is really no way of distinguishing a fake Social Security number from a real one. Social Security numbers are randomly generated, and it makes it very difficult for a lender to notice when a fake one comes in. Technically, these lenders could contact the Social Security Administration, SSA, but most of them don’t take that step. Why? Because the SSA requires a signature from the owner of the SSN, and lenders are too lazy to do this.

A better idea would be to create a way to allow lenders to check to see if a Social Security number is real, but as of now, without the lender making significant financial investments in additional fraud prevention technologies, this is not a possibility. Lenders do, however, have their own tools for fraud-detection, but these fakes still fall through the cracks way more often than they should.

This practice has also made the job of a fraudster easier because they know that this is a system that is very vulnerable. It’s simply a numbers game, the more synthetic identities or CPNs submitted in applications for credit, the more likely they are to get approved. It is true that most lenders don’t accept credit applications from people who don’t have a credit history, which would be the case of a “credit profile number, but some do, and the more often they try to apply for credit or a loan, the better the odds are that they will be successful. Though the lender probably won’t give the applicant a lot of credit, this number can rise the more often it is used.

If there is one takeaway here, it is that you should be aware of any and all scams that are targeting your finances and identity. Take steps now to keep your personal and private information safe.

At a minimum, get yourself a credit freeze and consider investing in identity protection services. These layers of protection make you a tougher target.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.