Is the security community selling fear?

/in , , , , , , , , , , , /by

Robert Siciliano Identity Theft Expert

Cyber crime profits are running into the trillions.

Weekly, and often daily, I remind readers of how potentially screwed they are once they boot up their PCs and access the Internet. Identity theft is a real problem that messes up people’s lives. When someone’s PC is hacked and their passwords are compromised, account takeover can be financially devastating. Even though a financial institution may resolve the errors, victims still lose money.

Most are beginning to realize that the only secure PC is one that is powered off.

Many view these rants as selling “FUD”: fear, uncertainty and doubt. And selling fear is what gets people to buy your security product. Many have accused the Internet security companies of being fear mongers peddling their wares during the Conficker scare.

Fear-based selling has been going on since the beginning of time and will always be a part of the sales cycle. But am I really selling fear? Do those I work with sell fear? I don’t think so. But feel free to disagree with me.

The fact remains that there are scumbags out there, trying to figure out how to get you to part with your money in thousands of different ways, every day, all day. And if reminding readers of all these scams and then selling a solution to the problem is selling fear, then so be it. The question is, is the fear real or made up? Is there a legitimate scare that needs to be brought to light, and a solution that will fix it? Or is this just selling snake oil and false promises, and taking advantage of people?

Information Week states, “The computer security industry has failed computer users, and the Internet has become so unsafe that average users can’t protect themselves.” The Internet is not a safe place for everyday folk. The online world is like Iraq and Afghanistan (dangerous), the Taliban (criminals) are everywhere. Most people do not have the capacity to secure their networks or the technical know-how to surf safely. Studies show that 40% of web surfers haven’t updated their browser’s security, or their Windows-based computers don’t have their critical security patches updated.

The threats are real. The Washington Post reports that Senate lawmakers are advancing legislation to create mandatory computer security standards for government and private sector operators of critical infrastructure. This is legislation that will force standards in security,  ensuring that we keep the lights on, the fields plowed, the water clean, and the engines running.

If there was ever a time to be “fearful” and to make an investment in identity theft protection, Internet security software such as McAfee, or any other protective hardware or software as a result, now is that time.

Robert Siciliano Identity Theft Speaker discussing online security here

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.

Identity Theft Expert; Anatomy of a Hack

/in , , , , , , , , /by

Robert Siciliano Identity Theft Expert

There is a battle going on round the clock, between the bad hackers and the good hackers. Most of the time, the good guys lose. Here we have an example of the bad guy actually getting caught.

At age 19, an Israeli criminal hacker named Ehud Tenebaum made news as “The Analyzer,” (a great tag for a criminal hacker) after he cracked and penetrated the Pentagon, NASA and even Hamas computer networks.

He then went silent and is believed to have embarked on a 10 year long international conspiracy to hack networks of United States and Canadian banks and other financial institutions. Losses are estimated at $10-12 million.

The Analyzer’s hacking technique is believed to be “SQL injection,” a tactic that I’ve blogged about previously, which exploits vulnerabilities in software development.

A forensic analyst who investigated breaches in both countries found a common thread in each hack. Servers in Virginia owned by HopOne, an ISP, were used as a routing point, receiving their commands from another set of servers at a Dutch hosting company.

Here’s where Big Brother is watching, and in this case, for good reason.

Last spring, US investigators working with Dutch authorities requested that all data traffic from the Dutch servers on route to Virginia be intercepted through wiretapping and provided to authorities.

During this time, criminal hackers from all over the world used the stolen data to create ATM white cards and prepaid gift cards loaded with cash. They withdrew cash from ATMs on three continents to the tune of approximately $450,000.

According to Wired, the wiretapped traffic included email discussions between numerous criminal hackers, regarding their accomplishments. One email address, Analyzer22@hotmail.com, provided investigators with their smoking gun. The Hotmail address had Ehud Tenebaum’s name and age registered along with it. Not too smart, E.T.

Ehud Tenebaum owned and operated a Canadian computer security company called Internet Labs Secure. One of the IP addresses used to access the Hotmail account was registered to Tenebaum’s business. E.T. phoned home and got caught.

This is one example of high tech organized criminals taking advantage of numerous flaws in the technology we use every day.

Be warned, there are plenty more to take E.T.’s place. Chances are, someone moved right in where he left off.

Invest in identity theft protection. Install and update Internet security software such as McAfee. Check your bank and credit card statements online bi-weekly and make sure to refute unauthorized charges within a 30 to 60 day period.

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.

Identity Theft Speaker Robert Siciliano discussing credit card hacks here

Credit Card Hackers Target Small Business

/in , , , , , , , , , , , /by

Robert Siciliano Identity Theft Speaker

Up until now, identity thieves have been hunting elephants. But that may soon change.

According to this study, small to medium size businesses (SMB’s) are the criminal hackers next target. This should come as no surprise, as large enterprise networks have gradually become better at defending themselves.

Over the past few years, criminal hackers have acted like hornets, attacking and swarming unassuming enterprise networks. Big business has responded by allocated billions of dollars in funding for technology and talent to thwart their sting.

In 2009, enterprise defense is the best it has ever been. It’s still lax, but now the path of least resistance has become SMB’s. Your mom and pop shops simply don’t have the resources, including deep pockets, to keep up.

Studies by the International Council for Small Business show that one fifth of small businesses aren’t even equipped with basic defenses, such as McAfee security software. Furthermore, as many as 60% don’t even have wireless encryption activated. What is most disturbing, but not surprising to this security analyst, is two thirds don’t have any type of security plan in place.

According to poll responses, these same SMB’s overwhelmingly believe that they aren’t targets, that only big businesses need to worry. However, this same study shows that 85% of fraud related to criminal hacks occurs within this exact group.

The National Retail Federation stated that Level 3 businesses are only 60% compliant and Level 4’s are even less secure.

PCI Compliance, a Visa based organization that regulates merchants in order to prevent credit card fraud, recognizes retailers at different levels. Level 1 retailers process 6,000,000 Visa transactions per year, Level 2 retailers process 1,000,000 to 6,000,000, Level 3 retailers process 20,000 to 1,000,000, and Level 4 retailers process fewer than 20,000.

Many security issues stem from the SMB’s lack of resources, coupled with their shift to online transactions and the handling and storage of their own data.

Some say that the responsibility of handling these transactions should be shifted back to the banks.

One additional recommendation for these Level 3 and 4s is to adopt a strategy in which the merchant never handles the credit data at all. The merchant would have an online shopping cart, but the credit card transaction would be diverted to the bank server, without ever being touched by the merchant.

I’m one of those Level 4 merchants and this is the strategy that I use. All orders are taken online and nobody aside from the bank handles client credit card data. PCI compliance is a breeze – no hiccups.

While this is practical for some SMB’s, it doesn’t work for others, so those retailers need to get their act together immediately, because criminal hackers are watching.

See identity theft speaker Robert Siciliano discuss data breaches here.

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.

Recession Turns IT Workers Into Hackers

/in , , , , , , , , , , , , , /by

Robert Siciliano Identity Theft Expert

What a nasty headline for an article.

From ABCnews.com the journalist roasts IT professionals on a spit. And the comments were all inspiring.

As the recession rears its ugly head, disgruntled ex employees are in the best position to drop a bomb in the companies network or suck all the data out with a few terabyte drives.

A recent study by McAfee and Purdue University put the tally of fraud, data loss and damage done at 1 trillion dollars. A thousand billion sounds like a lot of money.

To paraphrase some of the comments;

No matter how you look at it, when heads start to roll, most people that are about to be let go feel unjust and express hostility towards the employer (often, rightly so). These are the same people who were loyal company employees for years. Unfortunately, these are no win-win situations when it comes to the downsizing and companies should take proper actions to address it.

Your system admin is the gate keeper. Anyone who has access to sensitive data can potentially abuse the privilege. The loan officer, the loan processor, the secretary, the human resources gal two cubes down the hall, the cleaning people that take out our trash at night… Without proper controls in place anybody can be the bad guy. On the other hand, with adequate management these issues can be avoided, even when it comes to IT employees.

Manage your end points, your USB devices, your computer ports, your printers… Segregate your system administration roles. Tools are there. And who is going to implement them? Your IT guy. (thank you Sashimi11)

With the incredible amount of layoffs occurring, companies are bound to layoff an employee who will exact some revenge. Some say “Companies whose knee-jerk response is to cut costs by canning employees deserve some wrath”. But, in the end, the wrath doesn’t get you your job back. (thank you Patches777)

Most are working individuals, doing what they do best. All the while staying under the radar, and afraid, just like everyone else, of the threat of layoffs. The latter doesn’t mean an internal flip is switched and they bug out and start stealing trade secrets. (thank you kyleratliff)

On another note, as budgets are cut and IT pros are let go, the show must go on.

Bill Lynch of RazorThreat said to me “We are encountering lots of very frustrated CIO’s who are caught on the horns of a dilemma…their IT budgets and headcount are being slashed but their CEO’s are simultaneously demanding that they reassure them and the Board of Directors that they are not vulnerable to the same kinds of cyber attacks that have plagued some big firms lately.

They know they cannot afford to buy complex, expensive and difficult to deploy new security software and the people to manage them and yet they have to stand before the Board and profess that their networks are secure”.

The fact is, data breaches will continue and IT will often be to blame. There is a light at the end of the tunnel. There are numerous technologies that won’t break the bank and will keep the BOD happy. Companies have to consider numerous threats of theft and mayhem. Review security policies and who has access to what and why. In the end make sure employees are let go with dignity and respect.

Robert Siciliano Identity Theft Speaker discussing Credit Card Fraud Here

Your Online Bank Account’; Criminal Hackers Hacking It

/in , , , , , , , , /by

Robert Siciliano Identity Theft Speaker Expert

Why hack your online bank? Because thats where the money is!

White Hat Hackers (good guys) probably never anticipated whats happening. There are more viruses out there than ever. Black Hat Hackers (bad guys) are in full force. Back in the year 2000 some have said the white hats were about a year ahead of the black hats in technology. Meaning it would take about a year for the bad guys to crack the white hats stuff.

Others research shows by 2004 the black hats were about 2 weeks behind the white hats. Here we are in 2009. In many cases the black hats are years ahead of the white hats. The good guys are losing. Badly.

Many of the new viruses sit on your hard drive dormant, waiting to be “woken up” when they are signaled. Many of these Trojans are designed to sniff out when you are banking online. They sit and wait, then stike when you log on.

Consider that in our own bodies we already have numerous viruses that come alive when our immune system is down or when its woken up by coming on contact with another. Your PC is no different, there’s often something lurking in there. We get viruses on our PC simply by visiting a website, clicking on a link or downloading a program we think is clean, and many many more ways.

Studies show the amount of viruses quadrupled from over 15,000 in 2007 to almost 60,000 in 2008. The problem is the technology of the criminal hacker has evolved and is further evolving faster than the white hats. This means you have to be on your game. Don’t let your guard down and stay informed.

Basic stuff, again – basic;

Run Windows Update; Or it may be called “Microsoft Update” on your PC. This is a free update to your operating system that Microsoft provides. There are two ways to access this. Either click “Start” then “All Programs”, scroll up the menu and look for the link “Windows Update or Microsoft Update”. Click on it. Your browser (Internet Explorer) by default will launch taking you right to Microsoft’s Windows Update web page and will begin the process of looking at your PC and checking to see what security patches you don’t have. Follow the prompts and click “Express” and let it lead you in the direction it wants. The goal here’s for XP is to end up with “Service Pack 3” installed. Or go to “Control Panel” and seek out “Security Center”. And click “Turn on Automatic Updates” and let Microsoft do this automatically. In Vista the process is similar and your goal is “Service Pack 1”

Install Anti-Virus; Most PCs come with bundled anti-virus that runs for free for 6 months to a year. Then you just re-up the license. If you don’t, then every day that the anti-virus isn’t updated, is another opportunity for criminal hackers to turn your PC into a Zombie that allows your computer to be a Slave sending out more viruses to other PCs and turning your PC into a Spambot selling Viagra. You can also install a different anti-virus program for a fee or free. McAfee is great, Symantec is loosening their grip on the “bloatware” and getting better. Avast is free and good, but free scares me. Free means you have to manually scan your PC and most people don’t do manual very well. Theres also a paid version.

Install Spyware Removal Software; Most anti-virus providers define spyware as a virus now. However it is best to run a spyware removal program monthly to make sure your PC is rid of software that may allow a criminal hacker to remotely monitor you’re keystrokes, websites visited and the data on your PC. I like Lavasofts Ad-Aware Free www.lavasoft.com. There are plenty of good ones.

Run Firefox or Chrome; Microsofts Internet Explorer is clunky and the most hacked software on the planet. Mozillas Firefox is less hacked and more secure. The jury is still out on Googles Chrome browser, but it’s sweet! Maintain the default settings keep the pop-up blockers and phishing filters on.

Secure Your Wireless; If you are running an unsecured wireless connection at home or the office, anyone can jump on your network from 300-500 feet away and access your files. Serious. The router has instruction on how to set up WEP or WPA security. WPA is more secure. If this is a foreign language to you, then hire someone or get your 15 year old to do it.

Install a Firewall; Microsoft’s operating system comes with a built in firewall. But it is not very secure. Go with a 3rd party firewall that is prepackaged with anti-virus software.

Use Strong Passwords; Little yellow stickys on your monitor with your passwords isn’t good. Use upper case, lower case, alpha-numeric passwords that you change up every 6 Months.

PLEASE, you other security dudes or dudets, chime in. We need your guidance too.

Robert Siciliano Identity Theft Expert discussing online banking Here

Bankers Warned; Massive Credit Card Processor Breached

/in , , , , , , , , , , /by

Robert Siciliano Identity Theft Expert

Hackers have breached another huge payment processor. Who? As of this writing they aren’t saying. A statement issued by the Community Bankers Association of Illinois states “Visa announced that an unnamed processor recently reported that it discovered a data breach. The processors name has been withheld pending completion of the forensic investigation” The Open Security Foundation posted a notice on its website Here

CBAI report here and highlights below

According to VISA officials, the breach affected all card brands. Evidence indicates that the account number, PAN and expiration dates were stolen. No cardholder Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers or other personal information were involved in the breach.

An increase in card-not-present fraud suggests some BIN number have been targeted by criminals.

VISA officials reported that while the number of accountholders affected is undetermined, it appears to be fewer than those affected by the recent Heartland Payment Systems breach, but a significant number nonetheless. And unlike the Heartland breach, where thieves also captured Track 2 data, officials reiterated that no personal information was taken in this most recent event.

The status of the processor’s PCI compliance is unknown at this time. Bankers. MORE TO COME….”

Why not go after processors, thats where all the data is!

Visa and MasterCard are in the process of notifying affected banks about what they say is a “major compromise”. So far this is not related to the Heartland Payment Systems breach where an expected 100 million cards have been compromised. Or it may be, we don’t know.

Initial reports say the criminal hackers planted malware, or malicious software on the processors servers. Malware of this type generally has some type of remote control component that allows a criminal hacker to remotely access the server and divert data underground.

Visa reached out to all affected banks on February 12th when they conducted a conference call disclosing the severity of the issue. Apparently the compromise occurred from February of 2008 till August 2008 the past few weeks.

At this point neither Visa or MasterCard haven’t disclosed which processor has been compromised nor have they disclosed the size of the breach.

Whether the unknown processor was compliant or not has also not been revealed.

Check your credit and banking statements carefully. Scrutinize every charge and refute any unauthorized charges within 30-60 days. Call your bank/credit card company immediately if you see any fraudulent activity.

Robert Siciliano Identity Theft Speaker Expert discussing another ugly data breach Here.

Recycle Your Phone? Sell it on eBay? Lose it? Still Have Your Data On It?

/in , , , , , , , , /by

Robert Siciliano Identity Theft Speaker – Expert

Cell phones are the invention of the 20th century. Its a computer and a phone. Its as cool as the invention of the wheel. Its the single most effective communication tool since the land line.

Millions of cell phones are sold every year. Many are lost, stolen, millions more end up on eBay, recycled or tossed in the trash. Many of these phones still have enough data on them to commit identity theft or, in the wrong hands, make your life miserable.

A study done in December by Regenersis, a UK based recycler, tested a sampling of 2000 cell phones. They learned 99% had personal identifying data such as banking info, credit card data, personal emails, contacts, text messages, pictures, music, videos, calendar entries, notes, mailing lists, to-do lists, automatic log-ins for Twitter, LinkedIn, Facebook and more.

Studies show cell phones are replaced on average of every 18 months. Over the past 4-5 years Blackberrys, iPhones and countless other smartphone/PDAs have flooded the market. All of these devices technologies are upgraded within 6 months and the user wants the latest and greatest.

What kind if data is on your phone today? If it fell in the wrong hands would someone have access to all your social network sites? Usernames and passwords? Customer data? Corporate secrets?

Someone recently bought a Blackberry off eBay and scored phone numbers for Hollywood producers, writers and movie stars Natalie Portman, Julianne Moore and Jude Law. Not a huge deal, but in the wrong hands problematic for the affected.

What if someone got the names, addresses and emails for everyone in your life? Not good.

Its not just cell phones that often contain data. Thumbdrives, MP3 players, are also problematic. Credant Technologies surveyed 500 dry cleaners who said they found numerous USB sticks during the course of a year. Multiplying that by the number of dry cleaners and got a figure of approximately 9000 USBs lost and found annually.

To protect yourself, consider some of the tips below, and this is not a complete list. Please feel free to add in comments.

Don’t store data that will be considered a “data breach” if lost, stolen, sold, recycled.

On phones have strong password protection. Lock it up.

Remove your sim card upon selling.

Reformat the phones operating system multiple times. This generally wipes off the data, but there are programs that do it more thoroughly. There is no universal way to reformat. It is different with every phone/manufacturer/operating system.

Robert Siciliano Identity Theft Expert discussing cell phone security Here

Nuclear Weapons, CyberSecurity and an Unlocked Door.

/in , , , , , , , , , , , , , , , , /by

Robert Siciliano Identity Theft Expert Speaker www.IDTheftSecurity.com

What happens when you have an unlocked door at the home of and employee at the top U.S. nuclear weapons laboratory? How about 3 stolen computers with yet to be disclosed data, that was said to be non-classified. We hope. Were the computers stolen to be resold for crack? Or for nuclear weapons secrets? We may never know. Or we may find out the hard way.

At the Los Alamos National Laboratory in Santa Fe New Mexico dozens more (67 total) systems are currently listed as missing. Officials are conducting a full review of the lab’s policies and procedures governing the use of official computers at employees’ homes.

Situations like this are common in every industry with every conceivable form of data. We just wish it wasn’t data from a nuclear weapons facility.

Its important to point out that the facility has as many as 40,000 computers including desktops, laptops, PDAs, printers and so on. Do the math, less than a .25 percent lost or stolen. The lab has been documented at a better than 99.5 accountability rate.

We know there is no such thing as 100% security whether protecting from hardware or data thieves. Security is an ongoing, never ending, consistent, on your toes, don’t let your guard down, vigilant process.

And its not just criminal hackers causing big problems, lowly burglars looking for their next bag of dope stole a laptop computer from the home of a government employee containing 26.5 million Social Security Numbers, a US primary identifier. This $500 laptop cost millions.

Can you say your organization has a 99.5% success rate?

What policies do you have in place to foster a security minded culture? Here are just a few bullets as examples for you to add too.

# Cover all organizational systems used for processing, storing or transmitting personal information.

# Security risks faced assessed in the development of the policy

# Cost-effective measures devised to reduce the risks to acceptable levels

# Monitored and periodically reviewed.

# Staff and management made aware of the protective security policies and how to implement them.

Robert Siciliano discussing another hack Here

Quarter Million Dollar Bounty for Criminal Hacker

/in , , , , , , , , , , /by

Robert Siciliano Identity Theft Speaker and Expert

In a Microsoft press release a global bounty has been offered for the arrest and prosecution of whoever has created and released the “conficker” virus.

Conficker was released in the last quarter of 2008 and has infected a wide estimate of 2 million to 10 million PCs. After issuing patches, Microsoft estimates approximately 3 million PCs globally are still compromised.

However none of the PCs infected with the conficker are displaying any of the characteristics generally exhibited by the recent spate of viruses offering a remote control component and often used to host spoofed websites and other malicious fraud related activities.

Although, this virus is designed to constantly ping some 250 different domains that were most likely controlled by the criminal hackers that created it. The virus acts like any software calling home looking for an update, checking time/dates stamps and what version is running.

It is widely believed that conficker is waiting for its next set of updates to unleash the endgame its writers had in mind. BRILLIANT!

Many who study conficker as it phones home have been monitoring the 250 domains looking for the next “update”.

Each of these top level domains include .com, .net and .org. All of which fall under Internet Corporation for Assigned Names and Numbers (ICANN), who heads up the domain registration industry. ICANNs rules prohibit such reserving of domains. ICANN then worked with registrars in heading off any future registration of conficker sought domains.

What has been out of the control of ICANN has been .ws and .cn (China) based domains and due to the ferocity of conficker and negocitions by ICANN, China and other global registrars have agreed to make it difficult for conficker to continue to control its 250 base domains or seek others along the string.

What we are seeing here is a global effort by international agency’s, security professionals from around the world and Microsoft working together to defeat an unknown attacker, that if left un-matched, could infect a significant portion of the worlds computers.

This story is not over.

Robert Siciliano Identity Theft Expert-Speaker video discussing rise in identity theft Here

Identity Theft Protection Expert and One You Security: Research Reveals That Usability of Social Security Numbers Enables Mortgage Fraudsters

/in , , , , , , , , , /by

(SARASOTA, Fla. – July 30, 2008 – One You Security) The results of a research investigation by the Federal Bureau of Investigation recently revealed an apparent, significant upward trend in the incidence of mortgage fraud. Furthermore, homeowners who have Home Equity Lines of Credit (HELOCs) are prime targets for financial fraud, suggested a related statement from the Identity Theft Assistance Center (ITAC). The best way to combat the threat is to transform Social Security numbers into something useless to thieves, who use these universal identifiers to obtain financial identities, said Robert Siciliano, widely televised and quoted identity theft protection expert and chief security analyst for One You Security, LLC.

"Social Security numbers’ de facto role as universal identifiers has fueled a massive increase in financial fraud—simply because these numbers allow criminals to assume others’ identities," said Siciliano. "Given the scope of financial fraud, which costs billions of dollars every year, consumers need a way to deprive thieves of the ability to gain access to someone else’s finances. They must implement measures that render those Social Security numbers useless to thieves."

Subscribers to One You Security receive newsletters and special alerts from Siciliano. Through these, they get the latest information on data breaches and learn more about identity theft prevention. Chief security analyst for One You Security and a member of the Bank Fraud & IT Security Report‘s editorial board, Siciliano regularly discusses data security and consumer protection on CNBC, on NBC’s "Today Show," FOX News Network and elsewhere.

Released in April of 2008, the FBI’s 2007 Mortgage Fraud Report found that "Suspicious Activity Reports (SARs) from financial institutions indicated an increase in mortgage fraud reporting" in 2007. The year-over-year increase in SARs was 31 percent, according to the report, which went on to note that there is no central repository for mortgage fraud complaints in the U.S. Additionally, the report revealed that the total dollar impact of mortgage fraud is unknown, but that the losses associated with just 7 percent of SARs in 2007 was $813 million.

A July 8th news release from ITAC noted the FBI report’s attention to an emerging, related crime: home equity credit fraud. Consumers with HELOCs should regularly check them for suspicious activity and unaccountable discrepancies in balances, according to ITAC, whose announcement was reported in The New York Times on July 27.

"How do thieves obtain credit?" asked Chris Harris, president and CEO of One You Security. "They do so by assuming the identity of another person, and it’s largely the utility of Social Security numbers that allows them to do so. Financial fraud related to identity theft is in fact dependent on this, but the effect of One You’s service functionally strips Social Security numbers of this utility, leaving criminals with nothing but a bunch of nine-digit numbers that no longer give them access to would-be victims’ financial identities."

Consumers who choose One You Security do so in part because the company strives to transform their Social Security numbers into meaningless strings of digits of no use to thieves. The firm backs all its offerings with a 100 percent service guarantee.

The YouTube video below shows Siciliano on FOX News Network, where he explains how the ubiquity of Social Security numbers as universal identifiers helps thieves online and off-line. A collection of videos at VideoJug features Siciliano sharing advice on how consumers can protect themselves from identity theft and fraud.

###

About One You Security, LLC

Sarasota, Fla.-based One You Security‘s mission is to eliminate the threat and consequences of identity theft. For just $10 per month, anyone can sign up for One You Security’s identity theft protection service, a proactive, preventative approach whereby the company activates and manages its customers’ fraud alerts with major credit bureaus. Subscribers also receive full access to ongoing education from identity theft protection expert Robert Siciliano, chief security analyst for One You Security, which backs up its promise to protect clients’ financial identities with a 100 percent service guarantee. To sign up for One You Security, dial 1-800-434-2010.

About IDTheftSecurity.com

Identity theft affects us all, and Robert Siciliano, CEO of IDTheftSecurity.com, chief security analyst for One You Security, and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients. Author of "The Safety Minute: 01" and leader of personal safety and security seminars nationwide, Siciliano has been featured on "The Today Show," CNN, MSNBC, CNBC, "FOX News," "The Suze Orman Show," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael," "The Howard Stern Show," and "Inside Edition." Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft protection. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Mademoiselle, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others. For more information, visit Siciliano’s Web site, blog, and YouTube page.

The media are encouraged to get in touch with any of the following individuals:

Chris Harris
President & CEO of One You Security
PHONE: 941-342-0500 (x231)
chris@oneyou.com
http://www.oneyou.com

Robert Siciliano
CEO of IDTheftSecurity.com
Chief Security Analyst for One You Security
PHONE: 888-SICILIANO (742-4542)
FAX: 877-2-FAX-NOW (232-9669)
Robert@IDTheftSecurity.com
http://www.idtheftsecurity.com

Brent W. Skinner
President & CEO of STETrevisions
PHONE: 617-875-4859
FAX: 866-663-6557
BrentSkinner@STETrevisions.com
http://www.STETrevisions.com
http://brentskinner.blogspot.com