Grand Jury: TSA Employee Stole Identities

Identity Theft Expert Robert Siciliano

A Lynn Massachusetts couple was accused of selling the identities of at least 16 Transportation Security Administration workers at Logan International Airport.

Lynn was then and is now known as “Lynn Lynn the City of Sin, you don’t go out the way you come in.”

Fox News reports A federal grand jury accused the couple of stealing personal information including the Social Security numbers of TSA workers at Boston’s Logan International Airport. There was no indication the private information of the security screeners was given to militant groups, Reuters reported, but the case suggests federal officials may be vulnerable to identity theft.

The grand jury alleged that the couple used the stolen information to obtain cable television and utilities for themselves and for others, whom they charged as customers. The two will face charges of conspiracy and aggravated identity theft.

To steal the ID of a TSA worker gives one access to the airport then to luggage and more. There needs to be a tighter system that prevent this. We need effective identification that makes another’s identity useless to the thief.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing hacked email on Fox News.

Facebooks New (and only) Security Feature

Identity Theft Expert Robert Siciliano

So maybe you used a public PC to log into your Facebook account and you hit a button that saved your login credentials. Or maybe you received an email from what you thought was Facebook and you plugged in your username and password and got phished. Now someone other than you has your account information and they are logging in to torture you or steak from your friends.

Wouldn’t it be nice to have a degree of control over that?

Facebook just introduced a security setting that sends you an email telling you someone has just logged into your account.

The feature doesn’t protect you from being stupid and giving your credentials away, but it does give you an opportunity to log into your account and change the password and thereby block the bad guy from getting back in. But the bad guy can change your log in information too. All they have to do is change your email address. Once they do they receive an email at the new address and hit a confirm link. At the same time you will also get an email to the original login email gving you the opportunity to dispute the new account number. So if this ever happens, act quickly.

To set up and enable notifications

1. go to “Account” upper right hand corner

2. in the drop down menu to “Account Settings”

3. in the main menu go to “Account Security”

4. click “Yes” next to “Would you like to receive notifications from new devices”

5. the same can be done with text messages if you have your mobile plugged into Facebook. But don’t have your mobile displayed on your page publically.

6. Log out then log back in and it will ask you to identify the computer.

I did this on 2 PCs and a phone. It didn’t ask me to identify the phone, but it did send me an email:

Your Facebook account was accessed using Facebook (Today at 8:36am).

If this happened without your permission, please change your password immediately.

If this was an authorized login, please ignore this email.

To change your password:

1. Log in to your Facebook account.
2. Click the Account tab at the top of the screen and select “Account Settings” from the drop-down menu.
3. Scroll to the Password section of the Account Settings page.
4. Click the “change” link on the right and follow the instructions.

Thanks,
The Facebook Team

Hey Facebook, after 400 million users you are just getting around to this? It’s a start.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Facebook Hackers on CNN.

Ten Things to Look for When Choosing a Monitored Home Security Company

Once you’ve made the decision to purchase a monitored home security system, begin researching security companies in your area.  Below is a list of questions you should ask when narrowing your search.

Do some research into the home security company you choose. What is their reputation and history?  How large is the company?  How many current customers do they have?  Is it a local company or nationwide?  Additionally, find out if home security is their primary business and their level of experience.  Check with the Better Business Bureau if you’re unsure.

How “new”is the home security product you are installing? Today’s home security systems are far more superior to those available in past years.  Make sure you are getting the most recent product available.

Does the home security company offer central station monitoring? A security system is only as good as the company that is monitoring it.  A reputable home security company should provide its own central station monitoring instead of having another company monitor for them.

Does the home security company’s monitoring facility have back-up systems and are those facilities UL-listed?

Does the home security company’s monitoring facility have back-up systems in case of power failures? Find out if the monitoring facility has gas or electric-powered generators – as well as battery back-up to ensure that monitoring continues despite power failures.  Monitoring facilities should have at least two types of back-up power supplies.

Spend time thinking about the “amount”of security you need. The size and layout of your home and property must be taken into consideration when designing a security system.  However, the basic elements of a standard system include a key pad, a control panel, a siren, an inside motion detector, at least two door contacts, as well as connection to a central monitoring station for around the clock coverage.

Secure your home from “hidden”household dangers, too. Don’t forget to equip your home with effective smoke, fire, carbon monoxide and flood detection systems as these are hidden dangers to your home and family.  Be sure to also equip your home with fire extinguishers and develop a fire escape plan and route that is familiar to all household occupants.

Ease-of-use and convenience of the home security system ensure a high level of usage. Many homeowners admit that they don’t use their home security systems to the full extent because they are inconvenient or “scary” to use.  When choosing a home security system, be sure to choose something that can be armed and disarmed easily by all family members.

Make sure the system you install has a battery back-up unit. A security system is only useful when it’s active and working – even when there is a power failure.  Make sure the system you install has a battery back-up unit so home monitoring and protection is continuous. Monitoring facilities that have a UL rating (Underwriters Laboratory rating) have gone the extra step to ensure that they have reliable systems that will not fail.

What other benefits does the company offer besides installation and monitoring? Check to see what other benefits the home security company offers, including:
A money-back service guarantee in case you are not satisfied – including a full refund of your installation price and any monitoring fees paid?

Any guarantee against theft protection – if your home is being monitored by their service and is still burglarized, with the home security company contribute money towards your insurance deductible?

Are you a customer for life?  Does the home security company offer a relocation package so a new security system is installed in case you move?

What kind of customer service do they provide?  Is there a Web site that provides customer information and care?

Once you have selected a reputable monitored home security company, be sure to spend time with your security specialist to develop a security plan and system that meets you and your family’s specific needs.

Robert Siciliano personal security expert to Home Security Source discussing home invasions on the Gordon Elliot Show. Disclosures

Reality Actor Jailed Six Months For Burglarizing Orlando Bloom’s Home

Orlando Bloom’s break-in is one of several robberies linked to Hollywood’s “Bling Ring,” teenage gang of celebrity-obsessed wannabes who allegedly stole from Paris Hilton, Lindsey Lohan, Megan Fox and others.

Their methods were simple. They tracked their victims by using social media, Facebook and Twitter. They knew when they were home and when they were away. They even used Google Earth to scope out their homes.

Police estimated that from October 2008 to August 2009, the “Bling Ring” stole more than $3 million in jewelry and high-end designer brands.

A star of the E! show “Pretty Wild” about growing up in the fast lane, the young woman was caught on security tape as she broke into Bloom’s house last summer with two other hooded females. “The women ransacked the house and made off with more than $500,000 in watches, cash and other booty, authorities said. Bloom collects rare watches, and his prized Rolex Milgauss from the 1950s is worth $250,000 alone, according to a Manhattan-based watch dealer.”

It’s painfully obvious that the victims in these crimes didn’t do enough to protect themselves. Some locked their doors and others didn’t. Some had security cameras and others didn’t. But NONE had a home alarm system that activated when the home was broken into. A home alarm system would have prevented most of these crimes.

Bloom had security cameras and my guess is he has an alarm but chose not to set it. I can’t imagine having a net-worth like he does and not have sufficient security. My insurance company requires me to have a monitored alarm system along with a safe in order to protect certain insured items. Without these systems in place, a homeowner may never recover their losses.


Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston.

10 Ways To Prevent Phishing

Identity Theft Expert Robert Siciliano

The Anti Phishing Working Group published a new report seeking to understand such trends by quantifying the scope of the global phishing problem, especially by examining domain name usage and phishing site uptimes. Phishing has always been attractive to criminals because it has low start-up costs and few barriers to entry. But by mid-2009, phishing was dominated by one player as never before—the ―Avalanche‖ phishing operation. This criminal entity is one of the most sophisticated and damaging on the Internet, and perfected a mass-production system for deploying phishing sites and ―crimeware – malware designed specifically to automate identity theft and facilitate unauthorized transactions from consumer bank accounts. Avalanche was responsible for two-thirds (66%) of all phishing attacks launched in the second half of 2009, and was responsible for the overall increase in phishing attacks recorded across the Internet.

There were 126,697 phishing attacks during the second half of 2009, more than double the number in the first half of the year or from July through December of 2008, the APWG report said. Avalanche, which was first identified in December of 2008, was responsible for 24 percent of phishing attacks in the first half of 2009 and for 66 percent in the second half. From July through the end of the year, Avalanche targeted the more than 40 major financial institutions, online services, and job search providers.

Adapted from APWG

1. Be suspicious of any email with urgent requests for personal financial information. Call the bank if they need anything from you.

2. Spot a Phish: Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately

3. They typically ask for information such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc.

4. Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t know the sender or user’s handle

5. Avoid filling out forms in email messages that ask for personal financial information in emails

6. Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web sites and will alert you.

7. The newer version of Internet Explorer version 7 and 8 includes this tool bar as does FireFox version 2

8. Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate

9. If anything is suspicious or you don’t recognize the transaction, contact your bank and all card issuers

10. Ensure that your browser is up to date and security patches applied

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Burglars Burgle the House Then Burn It

Desperate people do desperate things. A home burglary is a desperate act. And when the burglar wants to absolutely, positively cover his tracks, he may torch the house.

It’s a troubling crime pattern and Syracuse Police are asking for the public’s help. In the past two weeks there have seven burglaries near the Syracuse University area. In two cases, after the homes were ransacked the burglar set them on fire. No one was inside the two homes at the time of the fires.

When a home is broken into the burglars almost always steal something. Sometimes they break in just to “party” or need a place to hang out or crash for the night. Other times it’s for vandalism and they generally do a pretty good job of destroying the property when they set their minds to it. With home invasions it’s often to torture the residents and make them miserable. This is certainly the worst case scenario for the homeowner.

But breaking in and burning it is probably the most destructive of all tactics. When a person’s home is entered without authorization, people generally feel a sense of violation they don’t easily get over. For a dozen reasons a person should make certain their home is as secure as possible. To prevent any of the above acts, one needs to invest in their home security.

Home security tips:

Timed and/or motion activated lights, inside and out. This burglar stated lights turned on made him nervous and he would go to a home that didn’t pose a threat of getting caught.

Trim bushes and shrubs. Anything covering doors and windows that give a burglar cover is an invitation to a thief. I also recommend defensive shrubbery with lots of thorns.

Encourage your neighbors to report any suspicious activity around your home while you are gone or even while you are home.

Install a home security system. It’s not enough to just lock your doors. A home alarm is an effective deterrent while you are away and while you are home. Even home alarm decals and signage is a layer of protection.

Dogs big and small. A dog need not be an attack dog to be an effective deterrent. Barking dogs bring attention to the home they are protecting.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston.

Dumb Bungling Home Burglar Jailed

Yeah, one for the good guys! A taxi driver would pick people up at their homes then drop them off somewhere, and then he would then go back to that person’s house and break into it. I’ve often thought that’s what would happen when I get dropped off at the airport.

So, whenever they ask me where I’m going and when I will be back, I always say “Hold on, I need to make a quick call.” Then I get on the phone and call nobody and say “Hey Jimmy listen, the dog bit another guy who came to the house to deliver a package, there was blood everywhere, Killer shredded him real good, don’t let the beast out of the house. I’ll be back home early tonight. Make sure you set the home security system if you go out and activate the home security cameras as well. And tell our roommate Rocco the police were at the house looking for him in regards to that kid he pummeled the other night, if he doesn’t smarten up he will be going back to prison.”

Then back to the taxi driver “What were you saying?” And the conversation usually goes somewhere else.

The burglar would break into the homes and steal credit and debit cards. Then go to the same ATM more than 50 times – to try and guess the PIN numbers of bank cards he had stolen. He thought he might strike lucky if he kept on putting in random sets of four numbers into the ATM machine. But with the odds of correctly guessing a card’s PIN number ranked at one in 10,000. He never managed to make a single withdrawal. His repeated failed attempts at the same ATM only served to arouse suspicion and he was filmed by police on a CCTV camera.

You can always get creative with your home security. But you need to do all the fundamental things like locking your doors and invest in home security systems.

Robert Siciliano personal security expert to Home Security Source discussing Home Security on NBC Boston. Disclosures.

Mobile Phone Becoming Bigger Target For Hackers

Identity Theft Expert Robert Siciliano

Mobile Internet access and mobile service usage is growing rapidly and cyber criminals are expected to pay more attention to this sector. Mobile device platforms compete for innovation created by application developers and other content creators who are increasingly demanding more device access. As their requests grow in numbers and they distribute their products more widely, security breaches will be inevitable.

Mobile phones used to be bulky and cumbersome; they had to be carried in bags or briefcases. Then they became chunky, heavy bricks. Clearly, cell phones have evolved. Today’s mobile phone is a compute, that rivals many desktops and laptops being manufactured today. I’m continually blown away at the capabilities of my iPhone.

What makes Mobile phones vulnerable is the speed and advancement of technology and businesses continued demand for products and services that work on a phone. In other countries almost all banking is done on a phone.

Complicating matters is spyware. Spyware was created as a legitimate technology for PCs. Spyware tracks and records social network activities, online searches, chats, instant messages, emails sent and received, websites visited, keystrokes typed and programs launched. It can be the equivalent of digital surveillance, revealing every stroke of the user’s mouse and keyboard. As a virus, spyware on a PC or phone is an immediate compromise of that phone’s data.

When anti-virus vendors like McAfee introduce anti-malware solution to secure Android-based smartphones, then you know mobile phone hacking has gone mainstream. The McAfee® VirusScan® Mobile technology is available now for users of Android and Windows Mobile-based smartphones providers.

The scary part is mobile phone spying software is affordable and very powerful. I worked with Good Morning America (GMA) on this issue.

GMA found thousands of sites promoting cell phone spying software, boasting products to “catch cheating spouses,” “bug meeting rooms” or “track your kids.” Basic cell phone spying software costs as little as $50.“ Someone can easily install a spyware program on your phone that allows them to see every single thing you do all day long, via the phone’s video camera. GMA spent $350 to get the features that remotely activate speaker phones, intercept live calls and instantly notify you every time a call is made.

Not all spyware is bad. Certainly if you install spyware on your 12 year old daughters phone, it’s to monitor and protect her, but when installed unknowingly on a phone that’s used for mCommerce, or business applications, then there is cause to be concerned.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Home Security: People Are Being Very Disappointing

I don’t mean to be Debbie Downer here, I just need to point out some things and hope people will shake up their fellow man and gather some perspective. As a person of planet earth, I can tell you straight out I often get disappointed in my fellow humans. For example, a bunch of smart people who know how to suck oil out of the ocean floor are in the process of polluting that same ocean. Very disappointing.

In Boston, a 10 foot diameter water pipe broke and another pipe had to be used to divert water.  So while the water was in the temporary pipe officials suggested people boil their water for a minute to kill any potential bacteria. In response, people flocked to all the supermarkets and cleaned out all the water off the shelves. Some people punched each other and wrestled over the last case of water. Someone paid $100.00 for a case of water. Then the National Guard brought in cases of water to distribute and people lined up in their cars for miles to get a free case of water and chastised officials when it ran out.  I boiled water. It was easy. What did people do before water came in a bottle? Very disappointing.

In Georgia, more people seem to be fabricating tales of assaults and robberies these days, and police have become more aggressive in proving the lies and bringing the pretenders to justice.  People invent crimes for lots of reasons, like to hide spending from spouses or to keep embarrassing secrets. People invent crimes for lots of reasons, like to hide spending from spouses or to keep embarrassing secrets. Very disappointing.

Police across Western Washington are searching for four suspects wanted in a fatal home invasion robbery in Pierce County that started with a Craigslist posting. The homeowner was shot and killed, and his wife and sons were assaulted. Beyond very disappointing.

I’ve stopped using for this reason.  There are too many whackos and to many risks.

No matter what you are selling or buying you must know who you are dealing with on Craigslist. When we were young, our parents told us not to talk to strangers. Strangers are not yet part of our trusted circle. So don’t trust them!

Whenever possible, deal locally and meet in a populated area or even in front of the police department! People who cannot meet you in your town are more likely to be scammers. And even when you do meet in person, you should be wary.

Never engage in online transactions involving credit cards, cashier’s checks, money orders, personal checks, Western Union, MoneyGram or cash that require you to send money to a stranger in response to money they have sent you. This is an advance fee scam.

Home security tips: If you have to meet someone at your home consider keeping the meeting outside. If you have to meet inside then have someone standing next to the home security alarm ready to press the panic button or have a remote control for your wireless security alarm that will also ring the panic button.

Robert Siciliano personal security expert to Home Security Source discussing Home Invasions on Montel Williams.

Want Privacy? On Facebook? Shut Up!

Identity Theft Expert Robert Siciliano

There seems to be a groundswell of people who are anti-Facebook today.

Google “Facebook” and “Privacy” and 761,000,000, that’s seven hundred and sixty-one million results come up in a quarter second. WHY? BECAUSE THERE IS AN OBVIOUS ISSUE WITH FACEBOOK AND PRIVACY. The major issue here is not that Facebook isn’t private, it’s that some people want it to be private and its not and they can’t have their cake and eat it too. Privacy has always been a hotbed media grabbing issue that sells news too, so the few privacy pundits that there are, get all this attention by pointing the finger.

Mark Zuckerberg, Facebooks head dude said “people have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people.Then he went on to say “that social norm is just something that has evolved over time.”

Nick Bilton a New York Times writer interviewed a Facebook employee and shortly after tweetedOff record chat w/ Facebook employee. Me: How does Zuck feel about privacy? Response: [laughter] He doesn’t believe in it.”

So if the head of an organization is telling you straight out, privacy isn’t really a concern, then why expect anything different? If you are about to book a cruise and you are told the captain of the ship likes to drink ALOT and he has a habit of hitting icebergs, would you get on the ship? If you don’t like the way things are done at Facebook either shut up or delete your profile.

I personally have no hard feelings towards Facebook, I also don’t share intimate details of my life and I understand the implications of the service. My angst is towards its users who say and do things that make themselves vulnerable to crime and online reputational disasters. Like Howard Stern’s dad used to say to him “I told you not to be stupid you moron.

And now that politicians are stepping in and making a fuss, Facebook is now the new privacy battle ground. These same politicians won’t do anything or accomplish anything. They just love the attention. And with 400 million people on board, I think privacy is deader than dead, a rotting corpse that just smells bad and we will complain as long as the stink lingers. Openness and transparency along with sharing too much information is the norm. But that doesn’t exclude you from at least understanding the risks, taking some responsibility and being smart about how to use it.

Protect yourself:

Use URL decoding. Before clicking on shortened URLs, find out where they lead by pasting them into a URL lengthening service like TinyURL Decoder or Untiny.

Maintain updated security. Whether hardware or software, anti-virus or critical security patches, make sure you are up to date.

Lock down settings. Most social networks have privacy settings that need to be administered to the highest level. Default settings generally leave your networks wide open for attack.

Register company name and all your officers at every social media site. You can do this manually or by using a very cost effective service called Knowem.com.

Protect your identity.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Social Media on Fox Boston.