Mobile Provider Data Breaches: Know Your Risks

Last week, AT&T reported the latest in a series of high-profile data breaches. The company announced that approximately 9 million customer records, including names, email addresses, phone numbers and account numbers, were stolen from a third-party marketing firm that had been given access to the data by AT&T.

How do these large-scale data breaches happen?

In several recent cases, criminals targeted marketing firms that provide advertising to mobile carriers or that develop campaigns for mobile users. In the AT&T case, it was noted that the stolen data included eligibility for phone upgrades, making it reasonable to assume that the data breach was related to customer marketing. AT&T gave its customer data to a marketing firm to sell upgrades. The marketing firm was breached.

In other cases, companies that display ads on mobile devices have suffered significant data breaches exposing millions of customer records. In all of these cases, criminals did not target the mobile provider itself, but the third-party agency. Mobile providers typically have strong cyber security practices; the third parties they share your data with may not, making you vulnerable.

What are the risks from mobile data breaches?

Mobile data breaches can carry a particular risk for customers. As reported by Axios, criminals can use personal data from these breaches to launch SIM-swapping attacks, where a criminal clones a SIM card and then uses it to steal multifactor authentication codes. Ordinarily, a criminal who steals your username and password cannot access your accounts if you have two-factor authentication that sends a confirmation code to your phone. If the criminal can clone your phone number with information stolen from a data breach, they can then get the code and access your accounts.

In other words, criminals can defeat two-factor authentication, log in to your accounts and steal or wreak havoc at will. If you see authentication code requests that you did not initiate, log in to the affected accounts immediately and change your password, because it could mean someone is trying to gain access.

A lower level of risk comes from the exposure of phone numbers and email addresses. These will be sold to criminals for spam emails and phishing attempts. If you are a high-value target for hackers, you need to change your passwords and your multifactor authentication method.

What should I do to protect myself from criminal misuse of my data?

Assume that some of your personal data has been compromised. More than 74 million personal records have been posted to the Dark Web so far in 2023, according to Cyble. Next, think like a criminal.

Criminals gather several types of personal information to carry out hacks and phishing attacks. They need your name, address, email and phone number to start. Any additional information they can gather, including passwords or usernames, makes it easier for them to launch an attack.

The best defense is to change your passwords frequently and to be vigilant. Set up two-factor authentication with immediate alerts to your mobile device. The safest way to do this is to have a separate email that you use only for authentication that you never share or use for any other purpose. Have alerts sent to you whenever there is an authentication request sent, rather than having text alerts sent directly to your phone. In many cases, this thwarts SIM swapping.

If you have significant concerns, you may need to get a new phone number, which renders information stolen from data breaches useless. This poses a significant challenge for most people. Acquiring a low-cost second phone that you use solely for authentication can solve the problem without requiring you to change your primary number.

Whenever you can, opt out of data-sharing programs with your mobile provider. They will attempt to discourage this, but doing so removes one avenue that criminals can use to compromise your cyber security.

Are you vigilant with your personal data? Are you vigilant with data on the job? Would you be able to stop a phishing attack launched by a phone call from a criminal? Explore our CSI Protection Certification to develop the skills you need to stop cyber criminals at home and on the job.

Data Privacy Week Is a Time to Consider What You Share

This is Data Privacy Week, when everyone who uses the Web is encouraged to think about, and limit, the amount of personal data they share online. We often think of data privacy and data breaches in terms of someone stealing information we have shared. During this week, that thinking should be reversed: Ask what you share, where you share it and whether sharing is even necessary.

Data Privacy Begins with You

Thieves cannot steal what you do not share. If you never give your credit card number, name, address or phone number to any website, you have zero data privacy risk. This is impractical if you want to shop online or use services such as email and social media. Most people get so used to sharing personal information to do things online that they share freely in all spaces online, making them targets for data theft and phishing attacks. Some sites, such as Linkedin and Facebook, encourage a level of sharing that creates significant risks to your personal information. Companies may share more than necessary if they try to market their employees, as detailed in Is Your Website a Bait Shop for Phishing Attacks?

Cyber crime would be much lower if everyone followed the rule taught to all children: Do not talk to strangers. Do not tell them your name, where you live or the route you take home. Do not share where you went to high school and college, what you studied, or your employment history. Never give them your mother’s maiden name, your pet’s name, your birthday, the name of your prom date, the name of your favorite teacher, or your favorite grocery items.

By now you should have a window into all the ways you deliberately (social profiles) and casually (social media quizzes) surrender your digital privacy. While sharing online can feel normal, it invites predators. Cyber criminals will gather as much information as they can about potential victims through your posts and profiles. They then use this information to target attacks against you or people you know.

Easy Ways to Improve Data Privacy

Data privacy should be protected on two fronts: Limit what you share initially, then limit how long it remains online. “Online” includes both publicly available information and information you share with others to shop or use services.

  • Use guest checkout. Nearly every shopping site now offers a guest checkout option. When you choose this instead of setting up an account, the business should not build a profile about you or store your information permanently. Use this feature whenever you buy something online for the first time. If you come back, consider opening the account. If you never come back, you will have less risk if that business suffers a breach.
  • Never respond to online quizzes. Facebook has significant, ongoing problems with data-harvesting scams masquerading as quizzes. Because Facebook requires people to give their real names when they sign up, even the most innocent-looking quizzes can yield meaningful data. Criminals often look for clues to passwords or try to fill gaps in an individual’s data profile, or get information they can use to commit fraud. In one example, an image shows several food staples, such as eggs, milk, cereal, orange juice and bacon, then asks which one you dislike the most. Choose eggs and a criminal now knows not to buy eggs when they try your stolen credit card number at the grocery store.
  • Skip the optional fields when you sign up. Whenever you sign up for a service, your goal should be to give as little personal information as possible. This can be challenging if your browser automatically fills in all of your data, or if you fill out forms without looking to see what is actually required. Be wary of businesses that ask for credit card information for a “free” trial, or that want your email, phone and mailing address for services that do not require physical mail.
  • Only post recent, relevant information on social sites. No one needs to know your entire work history, or that you got a Masters Degree from Harvard unless that experience is highly relevant to your current work. This is challenging for thought leaders and those with specialized skills who market their abilities based on experience. Consider using less-specific descriptions, such as “Ivy League educated” instead of “Harvard Class of ’92.” Criminals need specific data points for social engineering fraud. The more you provide, the easier you make it for them.
  • Never post your personal email or phone number. Many small businesses believe posting emails and phone numbers increases the number of contacts they receive. There is no real data to support this. Contact information on a website should go to a generic inbox, such as “info@mysite.com,” and phone numbers should forward to an unpublished office line. One of the leading scams right now harvests personal phone numbers, matches them with company email addresses, then targets employees with texts that appear to come from senior executives, often asking for gift cards or passwords. This scam exploits the abundance of seemingly innocent information that individuals share.
  • Never post photos or videos from your workplace. If you or your company must Instagram what it does, set up a location in the lobby and only allow photos and videos to be shot there. Photos and videos should never be allowed in work areas for any business, because they can give away private or proprietary information. Criminals can learn about your security procedures and your workplace layout, and sometimes find passwords on notes or white boards in the background. Those who work in health care have an additional duty to protect patient privacy, as well as their own.
  • Remove anything personal in the background of your video conferencing space. The rise of video calls and videoconferencing has encouraged people to treat their home office like a television set, with strategically placed books, awards and mementos, information that is valuable to criminals. Another risk, once again, is the whiteboard or bulletin board with sensitive information. Something as simple as a diploma or family photo can be the hook a criminal uses in a targeted attack. Keep anything identifiable out of frame, or use a generated background for your calls.
  • Close all outdated accounts and subscriptions, then ask for your data to be removed. This one is last because it is a little harder. If you have ever canceled a Netflix subscription, you know how easy it seems. They turn off your service and stop billing, but they keep your information by default. Under data privacy laws in the United States, you have the right to have that information removed, which is what you must do to protect your personal data. Every online business has a process for this, and you may need to hunt for it in their Terms of Use or Privacy Policy statements. Get in the habit of reviewing and removing unused accounts at least once a year.

If you maintain strong data privacy, you will be at a far lower risk from breaches and targeted attacks. This is part of the personal approach to data protection that Protect Now promotes through its CSI Protection Certification program, which boosts cyber security by teaching employees the importance of personal as well as professional data privacy. To learn more, contact us online or call us at 1-800-658-8311.

Erase the Data on Your Devices: The Secure Way

With the holidays here, many of us will be receiving new digital devices. And many of those devices may end up on Facebook marketplace or eBay in a secondhand market. And I will buy them so I can find out what data you have left on them. I didn’t study not too long ago where I bought about 30 devices and ran forensics tests on them and found sensitive information on 17 of 30. Enough to steal lots and lots of identities.

data securityHave you sold or recycled an old phone or other device after you got a brand new one? What about an old laptop? Did you sell them to someone else or recycle them? If you have done any of the previous actions, it is likely that you have put yourself at risk.

A study from the National Association for Information Destruction discovered that approximately 40 percent of electronic devices that are sold second-hand still has personal information on them. This includes phones, tablets, and computers.

The data that was discovered on these devices include usernames, passwords, tax information, and credit card information. To make things even worse, the info was collected by using very simple methods; methods that almost anyone with a bit of computer knowledge can use.

Thankfully, there are things you can do to securely erase your device, including the following.

Correctly Prepare Your Device

It doesn’t matter if you are going to throw your device away (which you shouldn’t because that’s horrible for the environment) or sell it, you have to make sure that it is prepared correctly. First, you want to back up the data, and then you can erase the drive.

If you have a Mac, it is easy to do this by using the OS X Disk Utility, and if you have a PC, you can use software like Active KillDisk. If you are trying to do this with a smartphone, you can use software like SafeWiper for Android and then do a factory reset and remove the phone’s SIM card. Also, if you are throwing it away, smash it with a hammer before doing so. Yes, that’s a bit dramatic, but it ensures that people can’t get information on it.

Format the Drives

If you are getting rid of a hard drive or flash drive, or you have recently bought one, you should make sure to format them to get rid of any software that is left on them. Here’s how to do it:

Windows: 

  • Connect the device to your computer.
  • Open up Windows Explorer and find the drive on your system.
  • Right-click the drive and choose the “Format” option.
  • Choose the type of file system you want, and then under “Volume Label,” click “Quick Format” and then “Start.”

Mac 

  • Go to your computer’s Finder, and then click Applications/Utilities, then “Disk Utility.”
  • Click on the drive and choose “Erase.”
  • Next, click “Format,” choose the file system, and then create a name for the drive.
  • Click on “Erase.”

Formatting a Hard Drive on a Computer

To go about formatting a hard drive, you will find that it is a little more complex. To begin, you need a USB drive or a CD, and the goal is to completely erase the drive. Once you do this, you then have to re-install the operating system with the USB drive or the CD. Also, don’t forget to back up your data before you begin, or you will lose everything you have.

When doing this with a Mac, you should select the option on the computer to install from scratch. This will erase the drive. For Windows, you have to use the Windows Installer, and then choose “Drive Options.” Choose “Format,” “Next,” and then install Windows.

Even when this is all done, it is still possible for someone who has the knowledge to get data from your device. This is why it’s so important to educate yourself via security awareness training and remain vigilant.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

What the Equifax Data Breach Can Teach Us About Security Fatigue

If you buy anything, anywhere, you are at risk of a cyber threat. Though you probably know that cyber threats exist, if you are like most of us, you don’t’ know what to do when it comes to being safe online, and if you become a victim, you really don’t know what to do. This is all important as we prepare for the next big breach like the one that happened with Equifax. If you use credit, you are a potential victim here.

According to Equifax, more than 147 million people were affected by the breach, and most of us had or have no idea what we can do about it, or how it might affect us in the future. On top of this, when we look at statistics, we can see that almost 27 billion…not million, but billion…additional records were exposed due to data breaches in 2020, and things are only going to get worse.

The issue is that people are frustrated, scared, and confused, and because these cyber-attacks are so common now, people are just getting apathetic about it. Of course, this is very dangerous. Additionally, there are other issues, too, specifically “security fatigue.”

What does this mean? It means that people just want nothing to do with worrying about computer security at all, and they get annoyed when they hear all of the rhetoric that comes from security experts like “keep an eye out for blah, blah, blah.”

Cyber Attacks are More Common Now Than Ever in the Past

It should be no surprise that cyber attacks are more common today than they were in the past. That also means that the chances of becoming a victim of identity theft are higher. Internet fraud is playing a big role in this, but it’s not just human error and bad passwords that are causing this. Instead, it’s the lack of people doing anything to stop it. And here’s the thing…if you think it can’t happen to you, you are wrong.

Tips for Protecting Yourself Online

It is not difficult to protect yourself online. Here are seven tips to keep yourself safe:

  • Download a program for your browser that tells you if a site you are going to go to is dangerous. These can be seen right from your browser, and if a site is safe, you will immediately know. A full suite of antivirus should include a browser plug-in to serve this purpose.
  • Keep your passwords safe with a password manager. It is very important to use a different password for every account.
  • Get some type of ID theft coverage through your employer, your bank, or other business. It’s not easy to 100% fully protect your identity, but using something like this can make things much, much easier.
  • Set up two-factor authentication and text alerts for sensitive accounts like bank accounts, email, and social media.
  • Freeze your credit. This way, a scammer can’t open any new accounts in your name.
  • Learn more about common internet scams. You should understand what ransomware is, phishing, scareware, and more.

One of the biggest things you should take away from this is to understand that if you become a victim of something like this, it doesn’t just affect you; it also can affect your family, friends, co-workers, and more. Yes, it might be annoying to some to have to take these steps, but it could be the difference between staying safe and becoming a victim.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Second Hand USB’s Could Have Personal Info Still Inside

An unsurprising study was recently released that found even when a portable USB drive is erased, not all of the documents and images are always removed. That, of course, is frightening.

Here’s how the research was done:

Researchers went online to sites like eBay, to second-hand shops, and even auction stores. They bought 200 used USB drives, half from the US and half from the UK. Almost 2/3 of the devices had data on them! This data was, for the most part, personal data, and it can also be used by cybercriminals to steal someone’s identity. On top of that, these USB drives can contain malware.

Removing All Data is Difficult

When someone tries to delete or remove data from a USB device, they rarely have success. In fact, of the 100 USB devices the researchers bought in the US, only 18 of them were totally wiped clean. The rest of them had data that had been deleted, but someone could certainly recover it. The UK devices were similar. What’s so surprising about this is that it is extremely easy…and free…for someone to fully delete their device. But most people just don’t put in the effort, and that could definitely hurt them in the future.

USB Devices Can Be Risky

Using these devices can be risky, not only for average people, but also for businesses. In 2017, for example, a USB device was lost, and it contained sensitive information about Heathrow Airport. The government investigated, and eventually fined the company. The information was not encrypted, nor password protected, and it was found on the street by a random passerby.

Because of these risks, some companies, like IBM, have banned the use of USB devices. Instead, employees must use the company’s cloud. Other companies still allow them, of course, but they could be going down a dangerous road. These devices are really cheap to buy, and people can save almost anything on them, but they are also very easy to lose.

There are other issues with USB devices too. First, of course, you have the data on these drives to deal with, but there is also the fact that potential malware could be on the devices. Most companies don’t have the same rules that IBM has, and most consumers don’t think of this at all. This makes people and small businesses very vulnerable. So, if you use USB drives, there is one very important step that you need to take: encrypt it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Protect Fortnite Accounts

If you have tweens or teens, you are probably aware of the popular game Fortnite. Though it might say that it’s free, playing Fortnite can actually be quite expensive, and it could put player’s accounts at risk due to a security flaw.

A bug was recently discovered that allows hackers to obtain the login credentials of Fortnite users if they clicked on a link in a fake email. The company responsible for Fortnite, Epic Games, has acknowledged the bug but won’t say how many people were affected.

Not only could a hacker access a user’s Fortnite account, they could make in-game purchases using the person’s credit card, which is connected to the account. Hackers could also listen in to private chats!

How it Happens

You might wonder how players would actually click on these fake email links. Well, it happens all of the time. In this case, the users clicked on a link that took them to a site that promised to give them “V-Bucks,” which are the in-game currency for Fortnite. Once the players enter their information in, sometimes even asking for credit card information, the hackers have all they need.

Most games like this have an in-game currency, and Fortnite is no exception. Players can buy things like outfits for their players, better weapons, and even bonus items. So, even kids who don’t have their own credit cards will often sweet talk their parents into giving their credit cards, and once that info is in the game, you can use it whenever you want to make purchases.

Fortnite for Money Laundering

Hackers also known as “carders,” who specialize in stealing and selling stolen credit card numbers, are using Fortnite as a bank. They are using stolen credit card numbers to make V-Buck purchases and selling them to other players at a discount. When playing Fortnite in Battle Royale mode and earning “Photons” (a new form of cryptocurrency), it seems the hackers can set up a crypto wallet connected to their account to withdraw the stolen funds.

Protecting Your Card

 If you have given your kids permission to use your credit card for Fortnite, you are not alone, but you should take steps to protect it.

safr.me

Do your kids make digital purchases with you money?

The first thing you should do is set up a passcode, one that your kids can’t guess. This means they cannot buy anything in the game unless you approve it. You will have to do this on the gaming console you use. Xbox, for instance, allows you to set a code for the following actions:

  • Signing in when the console is turned on
  • Updating device settings
  • Making a purchase

Microsoft also advises its users against putting a credit card into the Xbox account of any child or other family member who you don’t want making any in-game purchases. This way, you can keep your family safe, and keep your money safe.

Beware of Phishing

Make sure your kid isn’t providing email addresses (theirs or yours) to anyone on Fortnite. If they do, there’s a strong possibility they might provide it to a criminal phisher. Once this happens, tricky phishing emails that look like they are coming from Fortnite designed to steal passwords are likely to hit your inbox.

Set up Two-Factor Authentication

Any and every account that is considered “critical,” which means it contains personal or sensitive information, should have two-step or two-factor authentication.

Fortnite provides this, and parents MUST enable it. Go to Logins, and open account settings at your username in the top right corner. Then, select password security. At the bottom, click on “two-factor” sign in.

Foreign Bad Actors Hacked Marriott

You have probably heard about the latest major data breach, right? The Starwood hotel chain, which is owned by Marriott, was hacked. More than 500 million people were affected by it, and now, we have learned that a hostile, foreign intelligence service is likely behind it.

Most of the data that was compromised is unsurprising, such as emails and names, but other information that was accessed is a bit puzzling. This includes passport information and where people traveled. A U.S. intelligence official, who does not want to be identified, has said that this breach fits the mold of China being behind it.

Though there is nothing specific to point the finger at China, the techniques, tools and procedures that were used are commonly being used by hackers who work for the Chinese government. However, it is important to keep in mind that other hackers would also have access to these tools.

For now, the investigation is continuing into the data breach, and nothing official has been released. The FBI continues to remain on the case, and Marriott has said that it has no idea who or what is behind this hack. At this point, they are choosing not to speculate.

Robert Siciliano Marriott

The hotel chain has both internal and external teams working on exposing the hackers, and the main clue they are focusing on is the type of data that was accessed, such as passport numbers and the times and dates that people checked in and checked out of the hotel. This information could be very valuable to foreign countries, including China, who might want to create counterfeit passports. The State Department, however, has told NBC News that a new passport could not be made by using passport numbers alone.

This hack is part of a series of hacks that have plagued businesses over the past few years and recent months. In fact, this hack went on for four years before Starwood even realized that it was getting hacked! This is a pretty long time when you consider that the average hack goes on for 101 days before it’s discovered. What’s even more disturbing is the fact that the company knew about this hack since September, but it didn’t announce it until the beginning of December.

Marriott has responded to this. It says that it is improving the way it deals with cyber security, and, in addition to working out what happened in this hack, it is analyzing how it can improve the way it deals with customer data.

Protect Yourself From Gift Card Scams

So maybe Christmas now means the very predictable gift card swap, but hey, who can’t use a gift card? But beware, there are a ton of scams. This includes physical, not just digital, gift cards.

Regardless of who gave you the card, you should always practice security measures. Below are two common ways that fraudsters operate.

Transform Gift Card to Cash Twice.

If someone gives you a $200 gift card to an electronics store and then it’s stolen, you technically have lost money, as this is the same as someone stealing a wad of cash from your pocket.

Nevertheless, you’ll feel the loss just as much. Crooks who steal gift cards have numerous ways of using them.

  • Joe Thief has plans on buying a $200 item with your stolen gift card from your gym locker.
  • But first he places an ad for the card online, pricing it at a big discount of $130 saying he doesn’t need anything, he just needs money.
  • Someone out there spots this deal and sends Joe the money via PayPal or Venmo.
  • Joe then uses the $200 gift card to buy an item and sells it on eBay
  • And he just netted $130 on selling a stolen gift card that he never shipped.

Infiltration of Online Gift Card Accounts

Joe Thief might also use a computer program called a botnet to get into an online gift card account.

  • You must log into your gift card account with characters.
  • Botnets also log into these accounts. Botnets are sent by Joe Thief to randomly guess your login characters with a brute force attack: a computerized creation of different permutations of numbers and letters – by the millions in a single attack.
  • The botnet just might get a hit – yours.

Here’s How to Protect Yourself

  • Be leery of deals posted online, in magazines or in person that seem too good to be true and are not advertised by reputable retailers.
  • Buy gift cards straight from the source.
  • Don’t buy gift cards at high traffic locations, at which it’s easier for Joe to conceal his tampering.
  • Change the card’s security code.
  • Create long and jumbled usernames and passwords to lessen the chance of a brute force hit.
  • The moment you suspect fraudulent activity, report it to the retailer.
  • Spend the card right away.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

2017 Was the Worst year for Data Breaches EVER!

It seems like 2017 broke records for all the wrong reasons…one of them being the worst year for data breaches in history.

According to reports, hacking was the most common way to collect this data, but almost 70% of exposures occurred due to accidental leaks or human error. This came down to more than 5 billion records. There were several well-known public leaks, too, including the Amazon Web Services misconfiguration. More than half of the businesses using this service were affected, including companies like Verizon, Accenture, and Booz Allen Hamilton. The scariest part of this, however, is the fact that the number of breaches and the number of exposed records were both more than 24% higher than in 2016.

Big Breaches of Big Data

Another interesting thing to note is that eight of the big breaches that occurred in 2017 were in the Top 20 list of the largest breaches of all time. The top five biggest breaches in 2017 exposed almost 6 billion records.

Part of the reason for the big numbers is because huge amounts of data were exposed from huge companies, like Equifax. There was also a huge breach at Sabre, a travel systems provider, and the full extent of the breach isn’t even known at this point. All we do know is that it was big.

When looking at all of the known 2017 data breaches, almost 40% of the breaches involved businesses. About 8% involved medical companies, 7.2% involved government entities, and just over 5% were educational entities. In the US, there were more than 2,300 breaches. The UK had only 184, while Canada had only 116. However, until now, companies in Europe were not forced to report breaches, so things could change now that reporting is mandatory.

What were the biggest breaches of all time?  Here they are, in order:

  • Yahoo (US company) – 3 billion records
  • DU Caller Group (Chinese company) – 2 billion records
  • River City Media (US company) – 1.3 billion records
  • NetEase (Chinese company) – 1.2 billion records
  • Undisclosed Dutch company – 711 million records

Though none of this is great news, there is a silver lining here: none of the breaches of 2017 were more severe than any other breach in history, and overall, the occurrence of breaches dropped in the fourth quarter.

Because of so many breaches occurring due to human error, it’s very important that businesses of all sizes enact security awareness training, including helping staff understand what makes a business a target and what type of info the hackers want.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Mainstream Email and Data Services Might Be Spying on You

The Internet nowadays flourishes on personal data. Many of the world’s largest companies rely on this intangible commodity that users have been too willing ‘donating’ as an exchange for a ‘free’ service.

As data replaces oil as the new premium commodity, buying and selling data is big business. While some companies do it legitimately, some entities do it illicit.

Let’s look at some stats:

  • Every day, there are more than 10 million hacker attacks
  • Every hour, more than 228,000 data records are lost or stolen
  • In 2017, thousands of data breaches exposed most everything from log-in names and passwords to Social Security numbers

But what is even more alarming, mainstream email and data services collect and then sell the data, such as: location, Internet search history, photos, files, and of course, more sensitive personal information. Sometimes they are compelled to give this information to the authorities without informing the owner of the data.

So, everyone is at risk of being monitored and lose valuable personal data.

However, there are ways to protect your data online.  One of the ways of doing it is by using Secure Swiss Data free encrypted email. This company has created easy-to-use secure email which has the following benefits:

  • End-to-end encryption – data is always encrypted, encryption is happening on a user’s device and data is stored encrypted on the Secure Swiss Data servers.
  • Swiss protection of the data – The servers are located in Switzerland under 320m of granite in the Swiss Alps. In addition, users’ data is protected by Swiss laws. In fact, Switzerland has some of the most stringent privacy laws in the world.
  • No Ads – another benefit is that they never display ads. This means the company has no reason to collect your data. They are not able to reador scan emails nor tracks any location information.
  • Privacy by Design – They use this approach which ensures that privacy is considered throughout the engineering process.

You can download Secure Swiss Data an Android or iOS app, and register a FREE account. With all the updates, so far, you can:

  • Send encrypted emails with attachmentsnot only to Secure Swiss Data users, but also to other third party email users.
  • Set expiration timer for emails so that they are automatically deleted from your and your recipients’ mailboxes after a set period of time.

One system to protect communications online with integrated blockchain

However, it seems that Secure Swiss Data team don’t want to stop there. They want to do more to secure communications and protect privacy online. At the same time they don’t want to depend on any third party or government investment. So, they are now starting a crowdfunding campaign:

To provide the world with a unique single encrypted communications and collaboration system that will include the following features: end-to-end encrypted email, calendar, notes, tasks, file storage, collaboration in encrypted files, and end-to-end encrypted messenger. 

On top of the end-to-end encryption, the Secure Swiss Data team will integrate blockchain in the system and therefore add another layer of security, which would increase customer convenience and quality of data protection online.

The cause – Take control over your data, and protect your Online Privacy

One of the best parts of using the Secure Swiss Data services is that you know where the company stands. They have clearly stated that they believe in privacy as a human right and civil liberty. User’s data should be kept private, and no one should be able to get into those personal accounts unsolicited.

Furthermore, they say: “Privacy is not about having something to hide, it’s about the right to control what you want to share and what you want to keep to yourself.”

So, have an opportunity to make the decision on what to share and what not.

And using services like the one from Secure Swiss Data, you can do just that: have control over your online data and communications.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.