This is Why We are Irrational In Times Like These

Though we, as humans, are supposed to be pretty smart, we do a lot of things that might not seem rational.

For example, we do things like text and drive, we don’t get flu shots that can stop us from getting sick, and we hoard things like toilet paper…Dan Ariely, a professor from Duke University, has some reasons for this.

Ariely has released a book called “Predictable Irrational,” and it takes a look at why we do these irrational things…especially in a time of crisis. One of the most mind-boggling things is why we have all become such toilet paper hoarders and why, when we see empty shelves, we start to panic.

According to Ariely, when we are in these situations, you are saying to yourself “This must be something I need to get very quickly and let me get a lot of it so I don’t run out.” But, in general, our responses to things like this are flawed.

On top of this, we don’t do a good job at thinking ahead. Ariely says, “We don’t pay much attention to things that will happen in the future, even if the future is two weeks from now.” He also says that we “don’t pay attention to things that are invisible like viruses.”

All of this is compounded even more as COVID-19 started to spread, and this led to a slow government response and the population’s collective apathy to the threat. Another thing that compounds it is that we, at our core, are also pretty selfish.

“We do what is selfishly good for us and not what’s good for other people,” Ariely says. This means that people who should be staying home because they are sick, go out anyway, and then they contaminate others. This is a normal impulse to defy the stay-at-home orders that many of us are under. And wearing a mask is NOT a sign of weakness, it’s a sign of caring for others than yourself.

Ariely says, “What’s interesting about public goods problems is, as long as everybody participates, everybody gets a lot of benefits, and when people start defecting or betraying the public good, lots of bad things happen. And in a situation like a pandemic, it’s enough that a small percentage of people don’t adhere to the rules and they can hurt everybody.”

Now, we also have the issue of some government officials and health experts being at odds with themselves. President Trump is pushing governors to open their states back up quickly, while public health experts are warning that doing this could quickly cause a huge uptick in cases.

What does Ariely say about this? He says, “The sad reality is that we’ve always had a tradeoff between money and saving lives. This is not something new.”

He also adds that the best thing we can do right now is make the best of our quarantine:

“It’s an opportunity to start new habits, new routines like exercise, eat better, spend time with your family,” he says. “It’s also an opportunity to start worse habits, like not exercising, overeating and developing addiction to social media and the news.”

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Protecting Your Company and Yourself from COVID-19 Hackers

Many people are asking how they can not only protect themselves, but also their organizations, from all of these COVID-19 hacks that are currently popping up.

As with any other phishing scam, vigilance is extremely important. We are certainly going to have to keep on our toes for months, or even years, as this fallout from the pandemic could be around for a long time.

You have to be suspicious of each and every unsolicited email, phone call, or text, especially if someone is looking for account or contact details, or they ask to share personal information. If you feel like information seekers are asking for too much, you should vet the email, dig deeper, do some web searches, and make sure its legitimate.

Don’t use any links or phone numbers within the email of based on the call until you do this. If you get a recorded message, make sure you don’t press any button when asked. If you do, you may be giving them some type of approval and you end up being a victim.

  • In response to ransomware, you should make sure that you are totally backing up your data on all of your devices.
  • For any online account you have, set up or turn on two-factor or multi-factor authentication when you can. This, at least, makes those accounts less likely to be breached, even if someone does get ahold of some of your information.

You might think this is a pain right now, but it definitely won’t be a pain if your information is breached and you start to lose money.

There are many organizations that are being forced to give their employees access to their networks from home…and in most cases, they never planned for that. This working from home increases the criminals attack surface. So, the network is probably more vulnerable, and in some cases, security policies and processes are even being bypassed to ensure all employees have access to it. This comes at a big risk, and with every employee who has access to the company network, there is an opportunity for a hacker to get inside.

Most cybercriminals who go for this type of hack want to get access to this so they can get sensitive information and turn it into cash. Other hackers want to go big time, and they will use the credentials that they are hacking to use in attacks like “password stuffing/spraying,” to access multiple critical user accounts. With a larger “attack surface”, these companies are definitely at risk and because of staff working from all over the place, any attempt to break into the network could go unnoticed until it is too late.

Corporate cybersecurity and IT teams are working hard, but they, too, are generally working from home. With even more workload and more remote information to go over, this also means that they don’t have the time to pay as close attention as they should. This makes things even more dangerous, so keep your eyes open.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Beware of these Pandemic Phishing Scams

These days, even though we are all, for the most part, stuck at home, trying to be safe from COVID-19, that doesn’t mean that we are safe from cybercrime. Cybercriminals continue to target victims, even in this environment, and many of these scams are related to COVID-19. This is pretty common when something like a crisis comes down, so you have to remain vigilant as you go through your daily life. Here are some of the things you should be looking for and being aware of:

phishing scamRelief Fund Scams

As we look towards our government officials for help, they have been sending out money to people who have lost their jobs or become impacted financially by the COVID-19 crisis. Criminals have started to create phishing scams that look identical to the correspondence that might come from the government. They do this to trick people into revealing their personal information. Currently, if you are in the UK, Australia, or the US, you are probably being targeted.

Infection Maps that are Malicious

Cybercriminals are also taking advantage of the public’s interest in COVID-19 infection maps. Organizations like Johns Hopkins are creating these maps, but cybercriminals are following close behind and releasing their own. All they have to do is set up their own websites, and then stick malware in them. They can do this for little to no money, and then they can make a huge profit thanks to ID theft and other dastardly deeds.

Impersonating Official Health Organizations

You also need to keep an eye out for cybercriminals who are impersonating official health organizations, including WHO – the World Health Organization, or the CDC – Centers for Disease Control. They are doing this by designing a number of different phishing scams. These started all the way back in February, and they are continuing to be sent. The criminals are setting up a sense of urgency, so that people are more apt to give up their information.

Scams with COVID-19 Testing Kits

There is also a lot of interest in COVID-19 testing kits, and as you might imagine…the bad guys are targeting these people, too. Not only are these scams spreading via email, according to the FCC, Federal Communications Commission, but also with robocalls, text smishing, and more. The FCC has even announced that it has found a big range of robocall scams that are associated with coronavirus, including things like debt consolidation, work at home opportunities, and even student loan repayment plans. There are also specific scams that are targeting small businesses.

Medical Supply Scams

Finally, we have medical supply scams. These are similar to the testing kit scams but the cybercriminals are using these medical supplies, like masks and gloves, as a lure to get people to give them money. There are more and more of these websites popping up with huge discounts on medical supplies. Many of these sites are offering limited-time sales and want Bitcoin for payment, which is a big sign that you could be getting scammed.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

Cybercriminals are Stealing from you by Using these COVID-19 Scams

It is estimated that COVID-19 fraud has cost Americans more than $13 million, and it is rising. This comes from the US government.

The US Federal Trade Commission has added up the costs of all of these scams. They are looking from those that started from the 1st of January to the current week. What are these numbers made of? Mostly vacation and travel scams, as these have added up to $4.7 million lost. Online shopping scams are also out there, but they have only added up to $1.4 million.

The global spread of coronavirus has forced people to change the way they live, work, and even socialize. This is going to be the case for some time to come, and because of this, the cybercriminals have jumped onto the bandwagon, and they know…if they are lucky…this could be a lucrative thing for them.

These COVID-19 scams are definitely playing on the fears of the general public, and the goal of these cyber criminals is to get their targets to give them their personal information. Then, the bad guys use this information to commit fraud. In other words, they take money directly out of the hands of the people who need it the most.

What are the Tactics that People are Using to Hack Their Victims

There are a number of COVID-19 tactics that are being used to trick people into giving away their personal information, and in some cases, their hard-earned money.

Most of the tactics are combining phishing texts and emails with fake sites. Here are some of the things that are commonly found in a number of different languages:

  • Malware that is sent by “official” feeds, which are not really official. These include things like real time COVID-19 maps, which are actually meant to spread malware.
  • Messages that are offering an iPhone 11…for free…to help pass the time at home.
  • Messages offering payday loans to help people who are having problems with money.
  • Scams advertising products that are supposedly “cures” for COVID-19.
  • Coronavirus-themed domain names that seem to offer official information about the virus, but instead, simply spread viruses.
  • Emails from sources that show they are from WHO, the CDC, or even local governments.
  • Emails that ask for donations for COVID-19 research
  • Emails that look like they are coming from the government that have fake links allowing you to claim a tax refund.
  • People from the UK have reported getting fake emails saying they are from the BBC and the person’s TV license is expired. Then, they are asked to go to a website and update their details.
  • Phone calls are coming that are recorded and telling people that their broadband access will be cut off within 24 hours thanks to “illegal activity,” and the user must “press 1” to speak with a person to fix it. Once you are connected, they do all they can to get personal information from you.
  • Emails from people claiming to be “company officials,” that contain and attachment with the names of people within the organization that have tested positive for COVID-19.

No person nor industry is immune to this, so keep your eyes open and stay safe.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

What are Coronavirus Contact Tracing Apps?

Two of the biggest tech companies, Google and Apple, are pairing up to build software that could tell people if they were recently in contact with someone with coronavirus. This tool is due out in a couple of months, and it will be built into iPhones and Androids. People would have to opt in to use the tool, and if they become infected, they must voluntarily report it.

coronavirusIt is pretty unusual to see these tech giants partnering up, since they are generally rivals who are constantly working to outperform the other. This shows us that the coronavirus is a pretty serious thing.

This software could be highly significant in regard to slowing down the spread of the virus. In fact, public health authorities have implied that better tracking of those stricken with coronavirus could absolutely slow the pandemic.

This all sounds well and good, but think about this, too. We can now see that two of the largest tech companies on the face of the Earth have a huge impact on our lives. A tool like this could raise some privacy issues, of course, and it won’t be the only solution, but it could help in the long run.

Tim Cook, the CEO of Apple, confirms that the goal of this software is to track the virus, but he also says that they are focused on respecting “transparency & consent.” The CEO of Google, Sundar Pichai said that the software has “strong controls and protections” in place for the privacy of the users.

With this tool, a person who has been infected with coronavirus would send a notification to an app, which would then send an alert to the phones of people who had been close to that person’s device. Sounds cool, but there is a catch; Google and Apple have to get public health authorities to agree to letting this information get accessed.

There are also a number of third-party tools already out there for contact tracing. This is why Apple and Google are stepping up and trying to reach more people. The companies also said that they would offer up the technology they were using to other apps, in order to make them even more reliable.

The goal, here, of course is to make us safer…we just have to make sure that our privacy isn’t being compromised in the process.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

Beware of IRS Stimulus Check Scams

The IRS has been urging taxpayers to be aware of calls and emails that might lead victims to give up their personal information to cyberthieves.

IRS Commissioner, Chuck Rettig, has been urging people to take more care during this time. He reminds taxpayers that the IRS won’t ever call to verify or collect financial information in order for you to get your refund faster. The IRS will also never email taxpayers asking for this information. Fraudulent text messages are also on the rise.

Cybercriminals have always taken advantage of times of trouble, and now that we are in the throes of coronavirus, they are continuing this. While people are waiting to get their stimulus payments and tax refunds, it is extremely important to remain vigilant.

Don’t Fall for These Scams

The IRS has definitely seen many more phishing schemes. In most cases, the IRS deposits these payments directly into the bank accounts of the taxpayer. Those who have previously filed, but have not provided direct deposit information, must provide this on the IRS.gov website. If they don’t do that, the IRS will mail a paper check to the taxpayer.

It is also important to mention that the IRS has reminded those who have retired and don’t have to file a tax return that they don’t have to do anything in order to receive their stimulus check. Cybercriminals tend to focus on seniors, and they may try to reach out by mail, phone, or email and ask for information such as Social Security numbers, bank account numbers or other identifying info. The IRS will not contact these people, so don’t give any info if you are in this group.

Other Information from the IRS

The IRS is also reminding taxpayers that there are signs that something is a scam. Here are some of them:

  • The official term of the payment is “economic impact payment.” If you see terms like “Stimulus Payment” or “Stimulus Check, it’s probably a scam.
  • It is a scam if someone asks you to sign over your check to them.
  • It’s a scam if they ask you to verify your personal or financial information via phone, text, social media, mail, or email.
  • If they suggest that you can get your money faster by supplying information, it is a scam.
  • If you get a check in the mail that seems a bit off, and then you are asked to verify information online, it is a scam.

Reporting These Scams

If you believe that you might be a target or victim of a scam like this, you should do your best to report it. If you get an email, for instance, you should forward it to phishing@irs.gov.

It is also recommended that you do not engage with potential scammers on the phone or internet. There are guidelines on how to deal with this on the IRS.gov website.

Official information about the IRS and how it is dealing with the COVID-19 pandemic is also available online at the Coronavirus Tax Relief page online.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

Protect Your Identity From Thieves

There are tried and true ways to protect yourself from identity theft—ways that you may not have even considered.

Evaluate your passwords. Does every online account have a different password or are you using the same one for multiple accounts? Fix this problem immediately by investing in a password manager software. Avoid using actual words or names, or keyboard sequences. Password managers facilitate the password creation process.

Never post anything personal on social media.This includes your pet’s name, name of your kids’ school or teacher, where you’re going on vacation, the town your parents live in, etc.

Ignore e-mails whose senders you don’t know. Never click links in e-mails or open attachments you’re not expecting.

Set your phone up with a password. If it’s lost or stolen, you’ll have no worries.

Shred everything. All your credit card offers, medical records and other personal information before tossing.

Never give it out your Social Security number unless it’s absolutely mandatory like a credit application. However, just because someone says they can’t process your request without your SSN doesn’t mean you must hand it over. The objective is to minimize how much your SSN is “out there.”

Request your free credit report every year from the three major credit reporting bureaus. Refute unauthorized accounts immediately.

Inspect your statements such as credit card and banking statements every month for suspicious activity.

Use a locking mailbox or have your mail delivered to the post office and pick up.

Stop mail delivery when taking long trips.

Get a credit freeze. This is a no brainer to protect you from new account fraud.

Invest in identity theft protection. There is no cure for identity theft. But with a protection plan in place, the restoration component will fix most of what goes wrong.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

How to Kick Your Mobile Phone Addiction

Most of us know about the tricks that advertisers play when trying to get our attention. What you might not realize, however, is that our mobile phone and other digital objects are doing something similar, and you are probably falling for it every time.

One thing that designers do is use the color red for notifications. Why? Because red triggers a natural emotional response, and that makes us want to swipe or click. This also can easily make us feel “attached” to our phones, and addiction to phones and things like social media, are very real. Don’t get caught up in this; here are some tips to help you kick your mobile phone addiction:

Turn Off Your App Notifications

Notifications are helpful, and sometimes, they are very important. However, most app notifications are not. These are the ones that are designed to get you to interact with your app. For instance, if you get a Facebook notification that someone posted something to your wall, you are likely going to check it immediately. Turn those off and check your apps when you have time.

Screen Time

In your Setting menu seek “Screen Time” and scroll through to see how much time you are spending on various apps. You can set tis up to be notified daily, but that’s also another distraction. If your Screen Time settings are telling you that you are excessively on social media, gaming, or activities that are simply mind numbing, unproductive, and might be considered addictive behaviors, stop.

Go Gray

As mentioned, color plays with our minds, and app developers know this. So, consider making your phone screen black and white, called Grayscale. On the iPhone, you can do this in the Settings app.

Clean Up Your Home Screen

You should also consider cleaning up your home screen. Only keep things you need like your calendar, map app, and email. Everything else should be moved to another screen.

Type, Don’t Tap

Also, try to get into the habit of typing in the search box for apps you want to open instead of tapping them. This gives you a second to consider if you really want to get involved with the app.

Remove Social Media Apps

You might want to take off the social media apps you have on your phone, too. You will be shocked by how much time you spend on those apps if you are like most people. You can always check later on a computer or by typing it into your browser.

Charge Your Phone Away from Your Bed

Most of us charge our phones overnight, and more often than not, we do it right on our nightstand. This makes it very easy and tempting to grab it and start using it. So, consider keeping it out of the bedroom at night.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Your Amazon Alexa Is a Spy

Digital assistants like Google Assistant and Alexa, from Amazon, have a secret: they are secretly learning everything about you. They can hear your conversations, they know the tone of your voice, and they are recording it all.

Confidential

Now, all of this is important, according to Google and Amazon, because once these devices learn these things about you, they will work even better. However, it’s causing issues with consumers. For instance, a family reported that their Echo began spontaneously laughing at them. Another family reported that their Alexa recorded and sent a conversation to a friend without them knowing about it. Amazon claims that it’s likely the devices misheard something in the conversations and thought they were commands.

Do you want to know what your Alexa device is hearing in your home? Here’s how:

First, open up the app for Alexa, and then open menu options. Click on “Settings,” and then “History.” You should see a list of all of the commands you have ever said to Alexa, and you can sort your results to see them more clearly. If you see a note that says “text not available,” and you click it, you can hear a recording of what it picked up.

If you don’t feel comfortable having a recording in your device’s history, it is possible to delete it. You can do this in one of two ways: you can delete it directly from the device’s app, or you can go to the Amazon.com website. There, you can choose the option called “Manage Your Content and Devices.” Here, you can totally delete the information. Amazon, of course, doesn’t actually want people do to this. They claim that it will “degrade” your experience when using Alexa.

Amazon does keep these recordings, and the company claims that they record and store them to help to personalize Alexa to better cater to your household. It then uses these recordings to create a model of your voice. The device keeps a voice profile for every use that it recognizes, but after three years, it deletes the model…it does not, however, automatically delete the conversations.

For people who use Alexa a lot, it could be a big job to go through these conversations and delete what they no longer want to keep. But, it might very well be worth your time to go through them, as you never know when Echo might send those conversations elsewhere due to a miscommunication.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Vault Apps Facilitate Lying Kids and Cheating Spouses

If you have a kid who uses a smartphone, or even a spouse who might not be totally honest with you, they might be using apps to keep things hidden from you. Basically, these apps offer space where people can hide things like photos, videos, and other files, and you would never know by looking at their phone.

appsKnown as vault apps, since they serve as a vault for storage, some examples are Ky-Calc, Calculator Percent, and Calculator Vault. When you open any of these, it looks like a calculator…you can even use them as a calculator. However, when a secret code is entered, the user can store “secrets.” Consider Ky-Calc. it has a folder for image storage, a secret internet browser, and even keeps a separate contact list.

Though you probably don’t want your kid hiding things from you, at the end of the day, that’s child’s play compared to the real danger that is hiding behind these apps. Yes, they are popular among teens and cheating spouses, but they are also popular among predators. These bad people will engage with teens or even younger children, online, and then ask them to download an app like this. They can easily communicate without you ever noticing.

Here is some more information about vault apps that every parent, or of course spouse, should know:

  • Vault apps aren’t as safe as someone using them might think. You can still take a screen shot and share it with someone else.
  • These apps look and act just like any similar app. Generally, they are calculators, and even work like calculators, but are ultimately unlocked with a secret code.
  • If you look at someone’s phone and you see more than one calculator app on it, there is probably something funny going on. All mobile smart phones come with a calculator.
  • These apps are very easy to find, and they are generally free. You can find them by searching “photo vault,” “ghost apps,” “hidden apps,” or more, in the App Store or Google Play Store.
  • You also might be surprised to hear that teens often compete amongst their peers to see what type of content they can hide on these apps.
  • Almost all teens who use mobile phones know about these apps. You shouldn’t be surprised if kids as young as 12, and sometimes even younger, are using them.

As a parent, and even as a spouse, you should be digging into your family’s phones. There should be open and honest discussions about this, and it should not be considered taboo, especially when it comes to a loved one. With children, they should not expect any privacy until the age of 18. With a spouse, trust is a fundamental requirement. And if there’s a lack of trust, it is generally because something is going on wrong.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.