8 Cyber Security Tips You Can Start Today to Keep Yourself Safe

These days, it seems like there is one data breach after another, and each time, they are being done by those who want to steal your identity. Thankfully, it is much easier than you probably think to keep your info safe. Here are some tips that you can start doing right now to put yourself in a position to fight this:
Cyber Security Tips
Take a Look at Your Accounts

Almost any account allows you to check the recent activity. Even Facebook, Google, and Twitter have this available. When you take a look at this, you can see every log in and authorization. If something looks strange, such as a log in from Nigeria, odds are good that you have been compromised. Most of these sites allow you to log out of every location, so you should definitely do that.

Take a Look at Your Computer

 You may not realize it, but at any time, there are a number of programs running on your computer. However, some of these might not be safe. So, it is always a smart idea to check to see what is running in the background. To do this, you can check Activity Monitor for Mac or Task Manager for Windows. If you don’t know what a program is, look on Google. It will tell you if it is good or bad. If it is not good, figure out how to uninstall or remove it.

Take a Look at Your Passwords

 Also, take a close look at your passwords. Do you think they are really safe? Every account should have its own password, and if you use the same passwords for more than one account, your chances of getting hacked rise exponentially. You also need to make sure you are changing your account passwords on a regular basis. You can use our FREE Email Checker and check your email address and passwords.

When you do this, you can check to see if your account has been compromised. If so, change your password immediately. You should also consider using a password manager.

Take a Look at Your Wi-Fi Connection

Are you paying attention to your Wi-Fi connection? Do you have a password protecting it? Do you have a WPA encryption? Do you have anyone piggybacking on your connection? You can install a program like Wireless Network Watcher. It is also very important that you are cautious when on public Wi-Fi. Only use a VPN, virtual private network, when connecting to public Wi-Fi.

Take a Look at Connected Apps

You also may not realize that you have given your social media accounts permission to connect to other apps. Though this isn’t extremely dangerous, they can result in account takeovers and data leaks. So, if you don’t use a specific app or service any longer, you should sever the connection.

Take a Look at Installed Apps

When you look at those connected apps, also take a look at what apps you have installed on your computer and your mobile device. You may have downloaded some type of malicious program that looks like a tool or game, but it could end up wrecking your system. If you have any weird apps, check Google to see if there were any vulnerabilities or flaws.

Update Everything

You also want to make sure you are updating your apps and OS regularly. These updates often contain security improvements in order to keep your devices safe. The newer the update, the safer your device. Also, don’t forget to check for updates on your browsers, routers, and even printers, as these can be manipulated, too.

Protect Your Identity

Finally, do everything you can to protect your identity. There are two ways to do this, especially when it comes to stopping someone from opening new lines of credit in your name. You should set up a credit freeze through every credit bureau. You should additionally set up an account that offers identity theft protection. This helps to watch your data, and it monitors your credit reports. If something goes wrong, when you have this type of protection, there are people standing by to fix things, and by doing this, you can minimize the damage that could occur.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Survival Tips When You are Lost in the Woods

It’s that time of the year again. And getting lost in the woods is NOT fun and sometimes deadly. But you have a chance if you are lucky and have a clue. A hiker from Hawaii, was found alive after being lost in the wilderness for 17 days. Though it might not seem likely that it could happen to you, it could really happen to anyone. So, it’s important that you know what you should do if you get lost in the woods. The Hawaii did a lot right, according to sources, and it saved her life. She was able to find fruit, like berries and guava, and only drank water when she could see that it was absolutely clear. On top of that, though she got a terrible sunburn and hurt her knee, she was able to nurse herself back to relative health.

If you are injured or lost, it is imperative that you know how to survive in the woods. Most people don’t understand that even though you should be waiting to be rescued, you have to keep yourself alive, too.

Here are some tips to help you survive if something has you lost in the wilderness:

First, Stop and Breathe

As soon as you realize that you are lost, remember to stop…and to STOP. This is a mnemonic term meaning:

  • Stop – stay where you are, sit down, and don’t panic.
  • Think – what the right thing to do might be depends on your situation and location. According to the US Forest Service, it is best to stay where you are until you absolutely need to move.
  • Observe – Look around and try to get some information about where you are. Think about supplies you might have like a map or a compass. Are there any signs that you are near a trail or an intersection?
  • Plan – Finally, make a plan about what your next course of action will be. You may want to move forward, you might want to backtrack, or you might think it’s best to stay right where you are.

Think Ahead

Now that your realize you are lost, it’s too late to make a plan on how not to get lost. However, since it’s very likely that you are not currently lost, (and if you are, and reading this, stop and call 911) take some time to consider the following:

  • Always tell people where you are going. If you are going on a hike, for instance, tell a friend or family member where you are planning on going.
  • Bring essential survival gear like sunscreen, bug spray, first-aid supplies, a flashlight, and even an emergency shelter.
  • Do everything you can to make sure you can communicate if you have an emergency. Go out with a fully charged cell phone, and if you can, bring a backup battery. If you go deep out into the wilderness, consider an emergency GPS beacon, too.

Understand How the Rescue Process Works

If you do need to be rescued, you should understand how the process works. Most people think it’s like the movies. Your loved ones call the police, and they immediately start to search. However, that’s not really the case.

Most often, the cops get a call from the person who is reporting you missing. They will then start gathering information as a lot of people simply run off.

If they do believe that you might be lost, only then will they start looking. If you have used your cell phone, they can try to use cell towers to pick up a signal. They can do that even if your phone is turned off. Authorities will also get a description of you, including where you might be and what you wore.

The good news is this: approximately 97 percent of those who get lost are eventually recovered within 24 hours of going missing. However, the odds of a better outcome go down the longer you are out there. So, make sure you are well-prepared.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Protecting Your Parents from ID Theft

When we look at statistics,most of the people who are victims of ID theft are 50 years old or older. Unfortunately, cyber criminals have no issue taking advantage of older adults and seniors, including your parents.

old parentsThese crooks violate their trust and take advantage of their ignorance of the online world. People over 50 also tend to have more money and savings including retirement funds.

Here are some scams that are commonly pulled on older adults and seniors…like your parents.

Common Scams Targeting Your Parents

  • They get an email that seems like it is coming from their bank, the FBI, IRS, etc. The email claims that there is an issue that needs to be taken care of ASAP. Typically, it’s financial, so the scammer asks for their bank account information, or it’s for information, and they ask for a Social Security number.
  • They get a call with a sad story…their kid/grandkid needs help, and they need money wired immediately.
  • They might also get a call, email, or letter concerning their mortgage. If a scammer can get access to information like your parents’ bank information, Social Security number, or even the deed to their home, they can refinance your parents’ mortgage and keep the equity they get back.
  • There are also retirement home scams. In these scams, scammers get a job at a retirement home, and then manipulate the residents to tell them personal information.

How to Prevent These Scams

Here are some ways that you can prevent scams like these:

  • Make yourself a guardian over the personal information of your parents. When they get some type of contact that seems suspicious, you should instruct them to get in touch with you. Any information, even your mother’s maiden name, can be used in an identity theft attempt. Tell your parents to never give their personal info to anyone over the phone or via email.
  • Make sure they know to never share any personal information on social media accounts.
  • Tell your parents to check their bank accounts and credit accounts regularly. You should work with them to sign up for alerts for suspicious transactions.
  • Give them a shredder so that they can get rid of things like bank statements safely. Anything with account information, a Social Security number, or other personal info should be shredded.
  • If your parent is using a Wi-Fi hotspot, you should install a VPN for them.
  • If your parent has recently passed away, make sure you don’t put too much unnecessary information in their obituary. These are hot zones for ID theft, so leave out any info an identity thief could use.
  • Show your parents that they should only put information into a website that starts with https://, NOT http://.
  • Also, talk to your parents about emailing safely. Phishing scams are very good, so tell them not to click on any link in an email.
  • Sign your parents up for the website OptOutPrescreen.com. This helps to cut out any unnecessary offers they might receive.

Keep an Eye Out for Scammers

Don’t let your parents become a victim. You can easily prevent it, and more importantly, your parents won’t have to go through the process of rebuilding their credit and recovering their identity. Taking action now is the best way to protect against ID theft. Knowing if your parents are doing something that is risky could definitely be in your favor, as you can help them figure out what is going on and stop it.

Protecting Their Identity

We are all pretty vulnerable when it comes to ID theft, but older people are much more vulnerable. You can’t totally protect yourself and your parents, but you can make it much less likely that something will happen if you take the advice above. It’s always also worth it to invest in ID theft protection for both you and your parents, and you also might even consider a credit freeze.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

The Signs to Look for When Looking at a Possible Phishing Attack

One of the common ways that hackers can trick their victims is through a phishing attack. They can do this by writing and sending an email that looks like it comes from a real source. This email might ask you for things like your username or password for a certain account, or it might have an attachment or link, which downloads malicious software to your network or computer. Some of these attacks even look like they are coming from a client, an employee, or your boss.

phishingHere are some signs that you might be the potential victim of a phishing attack.

You are Asked for Personal Info

 One of the signs that an email is a phishing email is if you are asked for personal info. Most of these emails look extremely real, and they seem like they are being sent from a trusted source, like your bank, a local hospital, or a site like PayPal. But they are scams. Think of it this way; your bank won’t ask for your bank account information. It already knows your account info, so if something seems weird, it’s probably a scam.

You are Asked for Money

 If you get an email asking for money, even if it looks legit, it is probably a scam. For instance, if a client emails you and asks for a wire transfer, call them up and ask if it’s real. What makes this such a good scam is that in most cases, the scammer has logged into the person’s account because they steal the credentials. So, you may actually be getting an email from the account of your company’s CEO…but it’s not the CEO who is writing the email.

You Sense Urgency

 If you get an email that has a sense of urgency, like an urgent transfer, it is probably a scam. As soon as you see that something is “urgent,” bells and whistles should go off in your head. Hackers like to cause panic because they know people are more likely to rush to do as asked. Let’s look at this example: you might get an email from your back saying that your bank account has been compromised, and it’s urgent that you go to a certain site, enter your account details, and confirm your account number. Well, guess what? If you do this, the scammer now has access to your bank account information.

The Website or Email Address Look Weird

 You might also get an email that has a weird looking address or website. In general, hackers try to put the name of a company you might recognize in the email address. But that doesn’t mean it’s real. For example, you might bank with Chase Bank. You get an email from @chasebank1.com but guess what? That’s not really Chase. All Chase emails will simply be from @chase.com.

Think About Your Relationship with the Company

 You also should think about the relationship you have with the company you are getting an email from. For example, any email you get from your bank or your health insurance company should come from the company’s system, not from a weird looking email address. Also, if you don’t even have an account with a company you are getting emails from, it’s certainly a scam.

You Get an Email from Yourself

Look at the email closely. Is it coming from…you? Technically, of course, it isn’t, but scammers do this trick a lot.

There are Many Emails in the “To:” Area of the Email

You also want to look at who the email is going to. If there are a lot of email addresses in the “To:” section, it is likely a scam.

Keep an Eye Out for Links

One of the ways that people fall for scams is because they click on the links that are found in emails. Some of these links will download malicious software to your computer and others might take you to a page where someone will try to trick you into giving personal information. Before clicking on a link, hover over it and take a look. If the address is weird, don’t click it.

Spelling or Grammar Errors

Most of these emails that are trying to scam you come from overseas, so it’s very common to see spelling or grammar errors in the email. If you see this, it’s very likely a scam.

Look for Attachments

Finally, if the email has an odd-looking attachment like a Zip file, a PDF, or Word doc, don’t ever open it. It is very likely that there is malware, or a virus, attached. If you believe the attachment could be real, scan it with your antivirus software to be safe.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Is Your Privacy a Concern with Biometrics?

When people started using biometric identifiers, many believed that it was all of the security that we needed. However, that was around 15 years ago, and we are still having security and privacy issues. As biometrics become even more common, the chances of hacks are becoming even more common!

Years ago, biometrics was used primarily to fingerprint criminals. Government agencies then started using biometrics to identify federal and state employees, and corporations soon followed. Now, everywhere we look, we can see the use of biometrics in action.

One of the ways that we commonly use biometrics is to access electronic devices, and many of us use biometrics to clock in at work. With all of this use, however, do we have something to worry about?

How Biometrics Have Grown

We are definitely expecting the use of biometrics to skyrocket over the next decade. In fact, estimates are that we could see more than 500 million new scanners being installed. Everywhere we look, there is some type of camera or scanner, but most consumers don’t seem concerned. In fact, a recent survey shows that around 80% of people are more confident in biometrics than they are with passwords…but this is a false sense of security that could pose a big problem.

You Are Not as Secure as You Might Think

 Think about this for a minute; if your password gets stolen, you get a notification that you need to change it. This can be done over and over again with a new password. However, with biometrics, if a hacker accesses your information, there is nothing you can do. They have it forever, and you can’t change your eye scan nor your fingerprint.

Attacks are Here

 Hackers are continuing to get smarter, and they are finding more ways to steal your info. There are more and more attacks that include biometric information, too. Just a couple of years ago, a report from the Office of Personnel Management showed something quite frightening.It reported that millions of government employees had their fingerprint scans stolen. I was actually a victim of that crime as a member of the US Coast Guard Auxiliary.  It is believed that the Chinese government was behind this, and it wasn’t a simple little attack. Many of these people had all 10 of their scans taken, and all of them are still vulnerable, today. Remember; you can’t just change your fingerprints! With this type of a hack, identity theft protection will not help here. But, it’s still good to have that type of protection.

How to Fight Back

Though there are plenty of people who don’t feel very secure with this, it is very important for those who choose to use a biometric scan to know that companies and government agencies must be held responsible with their biometric information. These organizations must do all they can to ensure that these scans remain secure.

Let’s look at Touch ID from Apple. Most people think that the image of your fingerprint is actually stored on your phone. This isn’t the case, though. Instead, it only stores a mathematical representation of your fingerprint. This means that it is totally impossible for someone to create a copy of your fingerprint from this representation. On top of this, there is a chip in these devices that include Secure Enclave, which is an advanced security concept, which protects fingerprint data and passcodes.

This is what companies and the government needs to do when using biometrics, too.

When there is any technology that requires biometrics, consumers must be sure that they are insisting that their information and scans are safe. You don’t have to be afraid, but you do need to be safe, just like you would be if you were doing online banking.

Now that you know all of this, do your loved ones a favor and share it with them. The more people who know, the more we, as a population, are educated and prepared.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Is Your Uber Driver a Criminal?

Do you ever Uber? If you do, you probably feel relatively safe when getting into a stranger’s car. However, you might not be as safe as it seems.

Most people believe that Uber does thorough background checks on its drivers, but that’s not totally the case. Recently, there have been a number of cases where Uber drivers, who have been accused of crimes when on the job, actually have a record and several run-ins with the cops.

Simply doing a quick Google search for “rideshare assault” provides way too many search results of recent stories of sexual assaults and otherwise, perpetrated by drivers. There’s simply no shortage of predators behind the wheel.

In South Carolina a college student got into a car she thought was her Uber, police say. She was found dead in a field. I was asked to discuss this on CNN. When you watch the video on rideshare murder, you will clearly see how upset I was, and frankly, still am.

CNN took a look at Uber, and its competitor, Lyft, and the report found that both of these companies approved the hire of thousands of drivers who have records. Uber did respond to this report, and it says that it knows that there were some hiring mistakes previously, but the company has worked hard to improve the way it hires. In 2017, the company claims, it rejected over 200,000 applicants because of issues found during a background check.

A number of state and local law enforcement organizations have pushed the ride-sharing companies to put more of a focus on who they are hiring. Right now, for example, they don’t fingerprint applicants, nor do they do any type of Federal background checks. Instead, Lyft and Uber both use third-party background check companies. It uses the Social Security number and name of potential drivers to check the national sex offender database, terrorist databases, and local court records. The goal is to get people on the road quickly, so not a ton of time is spent on this.

At this point in time, there are over 40 states that require screening for ridesharing services. But these laws don’t require the companies to screen in a certain way or to use a specific company. Instead, 42 states allow rideshare companies to take this on by themselves. Massachusetts is one state the requires an additional check in addition to the regular background check, and New York City requires that all drivers for ridesharing companies get their fingerprints taken.

It is also important to mention that just because a company does finger printing along with background checks, this isn’t foolproof. The FBI system that is accessed actually has an incomplete record system, and it really isn’t meant to be used like this.

If you use Uber, keep all of this on your mind before you take your next ride. Yes, there is a simple background check that is done, but that doesn’t mean your Uber driver isn’t a criminal.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

If Your Social Security Card is Stolen, This is What You Should Do

Back in the 1930s when Social Security numbers were first introduced, they were not meant to be used as we use them today. However, if you are like most people, you use your SS number constantly; it might be at the bank, the doctor’s office, or somewhere else. You need to use a SS number to get a job, to open a credit or bank account, and even to get married. Since we use this number so often, what happens if your card is stolen or lost? This is what to do:

Put a Fraud Alert on your Credit Report

First, you want to put a fraud alert on your credit report by contacting all three major credit bureaus. When you do this, lenders and creditors use very strict guidelines when they screen any application with your information on it. These alerts last for a year, but you can get an extension when that year has passed.

Freeze Your Credit

If you want to get even more secure, think about freezing your credit. When doing so, you cannot use your credit for things like refinancing or opening a new credit line until you lift the freeze, which is good, because neither can a criminal.

Consider ID Theft Protection

If you can afford a couple of hundred dollars a year, you should consider ID theft protection. This ensures that your credit is monitored 24/7 by a team of experts who can also help to restore your credit if someone steals it.

Watch Your Credit Report

Even if you freeze your credit or get a fraud alert, that doesn’t mean that you are all in the clear. Thieves can definitely steal your identity in alternative ways. So, it is very important that you watch your credit closely. You can get a free report online at AnnualCreditReport.com or with some identity theft protection plans you can get access to credit reports once a month.

Be Smart When Online

Finally, there are some tips and tricks out there that cybercriminals use that people fall for all of the time:

  • Don’t click on any link in email, even if you think it’s from someone you know. At least call them to see if the link is legit.
  • Don’t open emails that look sensational or have a subject with a sense of urgency.
  • Don’t go in and click around on emails in your spam folder.
  • If you can use two-factor authentication, do it.
  • Use an antivirus program on all of your computers.
  • Shred personal documents before you throw them out. This is especially the case if they have personal information like a Social Security number or account number.
  • Only use long-hard-to-guess passwords for all of your accounts.
  • Don’t give out your Social Security number unless it is totally necessary.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Two-Factor Authentication: What is It and How Does it Work?

There are many ways that you can protect yourself on the internet, and one of the things you can do is begin using two-factor authentication.

two-factor authentication

You have likely seen two-factor authentication even if you don’t totally know what it is. For example, if you do your banking online, your bank might send a code to you via text or email. Or when you try to change your password you might receive some form of a confirmation to make sure it’s you. This is exactly what two-factor authentication is…it’s an extra step you take that confirms you own the account. This makes it harder for a criminal hacker to get into your account. Not only does a hacker need a password to get into the account, but with two-factor authentication, they also need access to your email account, a keyfob or your smart phone.

Sites That Have Two-Factor Authentication

Most major websites offer two-factor authentication. You can find help setting these up, below:

Apple ID

You can set up two-factor authentication on your iPhone, iCloud, or iPad:

  • Click “Settings,” “Security,” and finally choose “Turn on two-factor authentication.”
  • Enter your phone number
  • Check your texts, and then enter the code. That’s it.

Facebook

  • Log into your Facebook account and then click “Settings” before clicking “Security and Login.”
  • Click on “Use two-factor authentication,” and then click on “edit.”
  • Choose the method. There are a number of options including apps, texts, and code generators.
  • Instructions will appear on screens
  • Click on “Enable.”

Gmail

You can also set up two-factor authentication for Google accounts, including Gmail.

  • Navigate to Google. Here, you can find two-factor authentication.
  • Click on “Get started.”
  • Follow the instructions that appear on screen to turn the feature on.

Yahoo

  • Sign into your Yahoo account
  • Click on “Account security.”
  • Check to make sure “two-step verification” is clicked to “On.”
  • Type in your phone number and choose phone call or text message
  • Input the code, and then click “Verify.”

Instagram

If you have an Instagram account, you can also set up two-factor authentication:

  • Log into your Instagram account.
  • Go to your profile and click on the operating system you use.
  • Scroll down until the “two-factor authentication” option appears.
  • Click “Require security code.”
  • Insert your phone number, and then click “Next.”
  • A code will be sent to your phone. Put it into Instagram, and then click “Next.”

Twitter

If you have Twitter, you can use two-factor authentication, too, but there are different steps to take depending on how you get onto your account. For instance, it’s different on a laptop when compared to an iPhone. You can check out the Help Center to learn more about seeing up two-factor authentication.

Here are some more sites that allow two-factor authentication. Click on the links for more information:

Amazon

Ebay

Linkedin

Paypal

With billions of records stolen, it is likely a criminal not only has your username for various accounts, which is often a simple email address, but they also might have your pass code for various accounts. Currently, the only real and true way to keep them out is with two factor authentication. And while some will debate that two factor authentication is far from full proof, it really is the best option that is easy to use and offers a comprehensive layer of defense.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Synthetic Identity Theft: What Is It?

You might know what identity theft is. It’s when someone takes someone else’s personal and private information so that they can get something out of it…namely, money. What you might not know is what synthetic identity theft is. The goal is the same, but it’s a little different.

Synthetic Identity Theft

In the case of synthetic identity theft, a person makes up a new and fake identity by mixing up information from a real person with information that they create. You might not immediately see that this is a bad thing, but it can be pretty devastating.

Here are three ways that hackers can create a synthetic identity:

They Can Create a New Credit Profile

By far, the most common way that the bad guys use a synthetic identity is to create a new credit profile. Basically, they use a valid Social Security number, which they take from the victim, and pair it with a made-up name. Then, they start applying for credit with this information. Typically, these applications will get denied, but during this process, a credit profile is created. Even with poor credit, there are companies that give credit to people with bad credit, so the hackers know they can get a few hundred dollars out of this which can turn into a few thousand dollars or more.

They Can Piggyback

Another thing that people do with synthetic identity is a practice known as the piggyback. At a basic level, they look for individuals with great credit, and then they access their account. When they do this, they add a fake person as an authorized user. However, they don’t use this account. Instead, they bide their time and let it sit. While they wait, the major credit card agencies create a report of this synthetic identity, and the criminal hacker can use this new, great credit profile to apply for loans and credit cards.

They Practice Data Furnishing

Finally, they might use data furnishing. This is an effective, sophisticated method, and it requires someone else to help. Basically, the hacker needs access to someone like a manager or a small business owner from an established business. The company is already well-known, and it is approved to offer info on their customers…which they give to the hackers. A setup like this takes several months to set up, but once it is established, it can make the thieves a lot of cash.

Currently, it’s difficult to pinpoint how much financial impact these synthetic identities have, although it is thought that it could be billions of dollars in losses. For someone who gets into the business of identity theft, this could mean billions of dollars. Thankfully, there are a number of things that you can do to protect yourself, including being careful about what type of information you are sharing, especially when it comes to social media. Also, consider a credit freeze and ID theft protection, and make sure that you check your credit report regularly.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Use Facebook or YouTube if You Want to be a Criminal

When you start thinking about a cybercriminal, you probably imagine a sleezy looking person in a dark room wearing a black hoodie, right? They are likely browsing the dark web and maybe surrounded by empty high energy drinks. However, that’s not how most cybercriminals look. Most look just like a normal person, and they are hiding in plain sight.

They are organized, they function like any profitable business, they have hierarchies, employees and even a business plan.

Criminals can easily create Facebook groups or YouTube channels, and then they start participating in cybercrimes, which include buying and selling information from credit cards, spamming/phishing tools, or even accessing logins and passwords. Some of these groups have thousands of members.

This might not sound like a lot, but it is. You also have to consider the fact that Facebook as approximately 2 billion people logging into the site every month. With that amount of people, it can be difficult for the company to deal with this type of infiltration.

Facebook removes these cybercriminals, but it tells us that the mega corporation is having a difficult time keeping bad behavior at bay. This is a game of whack a mole. They keep popping up like mushrooms or weeds. These groups also includes share false information, hate speech, and incite violence. It also shows how this behavior is amplified by Facebook’s or YouTubes algorithms.

Finding these groups or channels is easy. All you have to do is search for “spam” or ‘CVV,” “dumps”, “skimming” or search a variety of “white supremacy” terms and then join. Once you join these groups, the algorithms come into play and suggest even more groups that are similar. The truth is, these sites  don’t have a good way to catch these criminals, and it relies on user reports to police the bad behavior.

Since this is the case, tech companies have a long way to go before it can stop relying on user reports. There is also the fact that oftentimes, these reports are not taken seriously, so even valid reports can fall through the cracks.

One example of this is with the terrorist attack in Christchurch, New Zealand in 2019. The gunman actually streamed the attacks on Facebook Live. Though Facebook took the video down, eventually, thousands of people were able to see it before it disappeared. Facebook claims that there were no reports of the video, which is why it took so long to take it down…though that is difficult to believe.

The one bright spot is that Facebook has admitted that there is an issue, and it understands that these groups were in violation of its own policies. The company also said that it knows that more vigilance is required and that it is working on investigating more criminal activities that are reported.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.