If You Want To Be an Identity Thief, Go To Jail

/in , , /by

Robert Siciliano Identity Theft Expert

Willie Sutton a famous thief when asked why he robbed banks he was quoted saying, Because that’s where the money is.” Where’s the money today? Identity Theft! What’s a great way to commit identity theft? Go to jail.  Prisons in eight states let convicts work in jobs that give them access to Social Security numbers and other personal information for the public, despite years of warnings that the practice should end, a federal audit finds.

In a related story all sex offenders convicted of pedophilia will be made swimming coaches at summer camps.

“Although we recognize there may be benefits in allowing prisoners to work while incarcerated, we question whether prisoners have a need to know other individuals’ Social Security numbers,” the audit says. “Allowing prisoners access to Social Security numbers increases the risk that individuals may improperly obtain and misuse (the data).”

States where prisoners have direct access to Social Security numbers: Alabama, Arkansas, Kansas, Nebraska, Oklahoma, South Dakota, Tennessee and West Virginia.

“In Kansas, where five prisons allow inmates to hold jobs processing data with personal identifying information, a prisoner was found last year to have stolen names, birth dates, and Social Security numbers while in a job making digital images of public records, the audit says. The data was found in a routine search of inmates when their shift is over”.

What we’ve got here is a failure to communicate. Some men you just can’t reach. And I’m not talking about the prisoners. Any government agency head that sees fit to put a felon in charge of personal identifying information that can lead to identity theft needs to be put on a chain gang himself. With incompetence like this its no wonder 10-12 million people are victims of identity theft every year.

Protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Social Security numbers on Fox News.

Kickball is DEAD, 1 in 4 Children Hack

/in , , /by

Robert Siciliano Identity Theft Expert

 A few months ago I interviewed a criminal hacker who hacks out of a hut in Ghana stealing data all over the world. He has children ages 9 and 12 and he stated “they hacked all over the world man.” He teaches his kids to hack. It’s not just a lifestyle, it’s an occupation. He and his kids are the most famous in their village.

 It comes as no surprise to me, but it may be to you that a survey has found that one in four school children have attempted some level of hacking.

SC Reports “Despite 78 per cent agreeing that it is wrong, a quarter have tried to surreptitiously use a victims’ password, with almost half saying that they were doing it ‘for fun’. However 21 per cent aimed to cause disruption and 20 per cent thought they could generate an income from the activity. Five per cent said that they would consider it as a career move.

Of those who had tried hacking, a quarter had targeted Facebook accounts, 18 per cent went for a friend’s email, seven per cent for online shopping sites, six per cent for their parent’s email and five per cent breached the school website. A bold three per cent had honed their skills enough to aim much higher with corporate websites under their belts.”

Children’s hacking is kids playing. Hacking is replacing dodge ball. Kids today don’t know what it means not to have the Internet. I see more articles talking about how to get your kid outside and away from the computer. Part of the problem is kickball got out a lot of the childhood angst and pent up energy out of their systems. Now they funnel that energy into using technology. For good and for bad. Kids are mischievous too. And given the opportunity will break, steal or deface whatever is in their path. I was 15 once too; but I was an Angel.

Protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Criminal Hackers on Fox News

Cold, Dumb and Drunk Intruder Crawls in Dudes Bed

/in , /by

This is precious. An intoxicated 33 year old Pennsylvania man had 2 too many. An apartment resident was sleeping when he felt someone crawl into bed next to him. Thinking it was his girlfriend he called out her name, something like “Honey is that you?” The drunk dude says in a deep male voice “No it’s not. 

OMG! CAN YOU IMAGINE???!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

 The resident quickly jumped out of bed and grabbed his trusty aluminum bat until the police arrived. WOW! 

When I read stories like this I cringe. I understand what it means to be drunk and do stupid things, (I saw it in a movie once.) But to actually go into someone’s house and seek out their bed and crawl into it with someone else in it!!!!!!!

 What makes me cringe even more than the drunken guy is the baseball bat swinging resident that DOESN’T LOCK HIS DOORS.  Do you see the hypocrisy in not locking your doors, but having a bat near your bed? And the irony of not locking your doors and a guy crawling into your bed. The whole story stinks of dumb.  

Lock your doors. Require a peep hole on your door. In an apartment ask if you have permission to install an in-apartment home security system with motion detectors. Require it. Wireless home security systems are non-invasive and not expensive.

Robert Siciliano personal security expert to Home Security Source discussing Home Security on NBC Boston.

Report 1.8 Billion Cyber Attacks Per Month

/in , , , , , /by

You read that right. While the US government sits high on its perch, snipers are taking aim 60 million times a day. The Senate Security Operations Center alone receives 13.9 million of those attempts per day.

The US National Security Agency is probably the most sophisticated group of security hackers in the world. Many will argue this point. The fact is, without NSA, US STRATCOM, which directs the operation and defense of the military’s Global Information Grid, and US CERT, attacks on our critical infrastructures would be successful. We’d be living in the dark, telephones wouldn’t work, food wouldn’t be delivered to your supermarket and your toilet wouldn’t flush.

“Like in the rest of the world, the attacks are increasingly targeted and using application flaws, including Office and Acrobat. “In the last five months of 2009, 87 Senate offices, 13 Senate committees and seven other offices were attacked by spear-phishing attacks, which appeared as e-mail messages to staffers, urging them to open infected attachments or click on bad links.” No matter how good their defenses are, nothing’s 100% effective. Some attacks get through.”

The Adobe Reader and Acrobat is a cross platform application that opens and its the Portable Document Format (PDF) ubiquitous on most PCs. Criminal hackers discovered a flaw that allows for an injection of hostile code into unprotected systems.  Studies show in the last quarter of 2009 as many as 80% of all web-based attacks were directed at PDFs.

Adobe Flash is also vulnerable software becoming standard on most PCs where multimedia is present. The Register reports Adobe advises users to upgrade to Acrobat version 9.3.1 and Reader version 9.3.1, as explained in a bulletin here.

Run Windows Update, Install Anti-Virus, Install Spyware Removal Software, Run Firefox, Secure Your Wireless, Install a Firewall, Use Strong Passwords.

Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

Invest in anti-virus and keep it auto-updated and check out my spyware killer IDTheftSecurty HERE

With your iPhone get my book as an App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Identity Theft Ring Busted on MSNBC

How to Spend More Money on Home Security

/in , , , , , /by

Lets face it, if you had it you’d spend it, and what better way than on your families security! In today’s high tech connected world a networked and remotely monitored home security system is the way to go.

Keyless Access: Door locks that require a pincode make it easier to access without fumbling for keys. Many keyless locks are smart and can be set to allow contractors limited one time PIN access.

Remote Control Alarms: For a few extra bucks you can add remote controls to an alarm system that allow you to activate or deactivate from the driveway or online.

Robot Cameras: New and very expensive robotic camera equipped technologies will roam your property taking full day and night video.

Remote Monitoring: Having someone monitor a video surveillance system 24/7/365 is close to having feet on the ground. These same systems come equipped with speakers used to yell at the trespassers.

Bullet Proof: If you’re especially concerned about flying bullets then installing bullet proof glass, doors and shoring up your walls with bullet proof steal is a must.

Panic or Safe Rooms: A safe room provides a space where you can survive a tornado, hurricane or home invasion with little or no injury.  Residents can hide out in a relatively bullet proof, well stocked room equipped with wireless communications and wait for law enforcement to show up.

16 or 32 Camera Surveillance System: Once you go beyond 8 cameras prices start to rise. However 16 or even 32 cameras will provide you with a birds eye view of every single nook and cranny of your home extending into your neighborhood.

Robert Siciliano personal security expert to Home Security Source discussing Self Defense on Fox Boston

Copy Machines Can Store Your Private Info

/in , , , , /by

Robert Siciliano Identity Theft Expert

Today, copy machines, fax machines and many printers are just like computers; they’re smart and they have hard drives or flash drives and can store data that can be extracted. Peripherals in the olden days, just like when dot-com was a significant part of a person’s stock portfolio, were dumb.

Because of the increased demand of networked technologies, manufacturers of all these peripherals met the demand and built them so they can be easily accessed by everyone in the office.  These same peripherals are often wireless too.

The issue here is that these devices, sometimes, but aren’t always treated with the same considerations as a computer would have.  PCs are often locked down, access is limited and the data might be encrypted. Worse, when someone upgrades to a new PC, the old PC’s data is supposed to be removed, reformatted etc. This procedure is often overlooked on a copier/printer/fax.

Consider what kind of data is copied at your doctors, banks, mortgage broker and accountants office. Generally, there might be personal identifying information that can be used to create a new accounts or take over exiting accounts.

Where do old peripherals go? Many of them head to warehouses to be resold. Others end up on eBay. A quick search on eBay results in 7845 copiers for sale and 1130 used ones. If I can buy an ATM off Craigslist with over 1000 credit and debit card numbers on it, how much data do you think we can get from used copiers?

All the more reason to protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in anti-virus and keep it auto-updated and check out my spyware killer IDTheftSecurty HERE

3. With your iPhone get my book as an App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

4. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing copy machine scams on CBS Boston

Is a Protection Dog Right for You?

/in , , , , /by

As mentioned in a previous post I’m a big believer in furry beasts as a layer of protection. My 60lb German shepherd last fall is now a 75lb GSD due to a lazy winter and a busy Daddy who hasn’t taken her out enough.

“Lola” the furriest of all beasts is all bark, love and very territorial. When anyone walks within 100 yards of the property she’s barking. If the door bell rings or someone knocks on the door forget it. All mayhem breaks out. If I or anyone enters through a door and she is even a little surprised she goes nuts.

In the event a bad guy was to walk through my door my feeling is he’d end up “sausage. A dog is another home alarm system. It’s an extra video security system too. They often see and hear what you can’t day and night. Whenever my dog starts barking the first thing I do is check the video surveillance system monitor to see what she’s cracking about.

In the Boston area, it is reported that a German Shepherd thwarted a home invasion.

The key to getting a protection dog is to understand what a protection dog is and isn’t. First and foremost a protection dog doesn’t mean that the dog is a non stop-snarling-growling-aggressive-ready to pounce-rabid animal. Most protection dogs are relatively sublime, but aware. They respond to the call of duty when they sense a reason to.

A real protection dog is one that is trained for such a purpose. Certain breeds are more trainable and often go through a technique called “schutzhund. German Shepherds, Malinois and Dobermans are breeds that come to mind. Generally, these dogs have whats called “prey drive.Prey drive is the instinctive behavior of a carnivore to pursue and capture prey.

Without prey drive the dog doesn’t have much motivation to do much, never mind put themselves in harms way.

My neighbors have these 2 little “Toto” dogs that think they are 125lbs Rottweilers. And frankly, I don’t get to close to them because they act the part too. They snarl and hiss and bark when their “Mom” walks them and they have razor sharp teeth. It’s not the size of the dog in the fight; it’s the size of the fight in the dog.

Ultimately you want a dog that is safe around you and children. Just as important the dog needs to be safe around strangers too. The dog needs to be sensitive to who or what is good, and when there is a threat. A dog that bites for no reason isn’t a protection dog; it’s a lawsuit and a burden.

Do your research to determine what’s best for you and your family. No matter what dog you get, show them respect and they will watch your back.

Robert Siciliano personal security expert to Home Security Source discussing Home Security on Fox Boston

She Said WHAT? On Facebook?

/in , , , /by

Robert Siciliano Identity Theft Expert

I don’t know about you, but high school was a nightmare for me. I spent a lot of my time in the assistant principal’s office for fighting. My taste for GQ style clothing along with slicked back greasy hair made me a target. My forked tongue didn’t help me any either. Not much has changed.

In Melrose, Massachusetts a woman was run down by a pack of teenagers in a car because of a dispute that started amongst high school kids on Facebook. If there was Facebook when I was in high school I would have definitely made the paper.

The feud started because of a “she saidshe said” dispute that involved a boy between 2 girls.  I always fought boys because I wasn’t tough enough to fight girls. Girls hit you with their car.

The woman hit was the mother of one of the girls in the Facebook/cat/car fight and spent the night in Mass General Hospital after she did an endo, that’s when your “end” goes over your head then over the windshield.

This same diarrhea of the mouth on Facebook is happening with employees at small to large businesses. It might not end up as violent, but it’s certainly damaging corporate brands. People are saying mean things, blabbering about how they hate their jobs, their fellow employees, their bosses or even their clients. It’s never good when an employee publicly says bad things about the company they work for.

Just as bad they are leaking sensitive information about products coming to market, product specs or new and potential clients that gives the competition an edge. This kind of transparency is causing a tremendous stir and hurting many.

People mistakenly believe that what they say around the water cooler, to a friend or spouse or even on an IM in private can be said in public on Facebook or Twitter.  They couldn’t be more wrong.

The Wall Street Journal reports to nab violators, some business owners frequently conduct Web searches of their companies’ names. Others make a habit of checking employees’ social-media profiles if they’re open to the public or they’ve been granted access. They say such strategies can be helpful for quickly doing damage control, as well as for digging up digital dirt on employees and prospective recruits.

As an employer, you must have a written policy as to appropriate and inappropriate behaviors in social media. Just because you may block access at work, doesn’t mean they are saying stuff when they get off work. As an employee, don’t be stupid. Shut up and don’t act like an idiot pack of teenage high schoolers.

Protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in anti-virus and keep it auto-updated and check out my spyware killer IDTheftSecurty HERE

3. With your iPhone get my book as an App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

4. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Facebook Scams on CNN

Bridal Scam Shows How Vulnerable We Are

/in , , , , /by

Robert Siciliano Identity Theft Expert

There are few more nuttier earthlings than the Bridezillas. Lovely women who go bonkers within 365 days of a wedding date. I blame the whole thing on Walt Disney.  The groom to-be generally wants it over as soon as possible more so because he can’t believe how much it costs. Then the entire wedding industry preys upon the delirious couple and sucks them dry of what amounts to the sum of a nice, nice car.

Been there done that. Luckily my Bride didn’t go all Zilla on me. But that didn’t stop us from spending what could’ve been a West Coast Chopper in me garage.  Pause….I’m nauseous….OK, I’m fine.  I remember the day we went for “food tasting. We ended up spending 5 figures on food. The single most expensive meal I’ll ever have. And we went out to eat after.

In Boston Mass, thousands of people were scammed by someone who modeled themselves after the weddings industry. They did exactly what the weddings industry does, but better.

Scammers set up a website advertising a bridal show luring brides and grooms to be and all potential vendors to sell them high priced stuff and services they don’t need.  The event was supposed to be held at one of the largest convention centers in Boston.

Scammers answered the phone, took orders, set up a Paypal account and even had preliminary discusssions with the function facility.

In the end 6000 people were bilked for hundreds of thousands of dollars. The beauty of this scam is that it was all done online with no exchange of tickets or anything tangible. The scammers were ghosts operating virtually using legitimate life events as the ruse, going so far as to market and sell the event and just decided not to show up the day of.

I can see if you are a couple and spend 20 bucks for tickets online and then get stiffed. I’d probably get bilked in the same scam. But if you were a vendor and had to drop 3 grand for booth space, print out custom brochures, order plane tickets, book a hotel etc.; that would hurt.

In the least it would be to the benefit of the potential vendor to vet out the event production company to make a determination as to their credibility. A website presence isn’t the sole determining factor. Are they a member of the Better Business Bureau? Have they laid down a deposit with the function facility? How many events have they already done and where?  Who else have they done business with in previous events? Before you go laying down hard cash, question authority. How much do you want to bet the scammer is a real wedding planner?

Protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in anti-virus and keep it auto-updated and check out my spyware killer IDTheftSecurty HERE

3. Get my book as an iPhone App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

4. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Scamming the Scammers on Fox Boston.

Social Media Security in a Corporate Setting

/in , , , /by

Robert Siciliano Identity Theft Expert

The load isn’t getting any lighter for the IT manager.  While corporations are still trying to figure out the  long term marketing benefits of social media, the security issues faced are a right now a problem.

Many companies restrict internal access. Others prevent employees from discussing or mentioning the company in social media during private time.

All of a sudden we’ve gone from print media, radio, television, Internet and now social media. This isn’t a fad or craze that will go away like Beanie Babies or talking Elmo. Social media is the 5th media that encompasses all forms of media and it can all be accessed on a mobile phone. The interconnectedness is in everything and deserves the marketing department’s attention and freaks out IT.

Part of the issue is social medias allure. We’ve been hearing more and more about internet addictions. Well, social media is part of that. Then there’s the disconnect between generations. Baby-boomers see the 9-5 day as work, work, work and there shouldn’t be any distractions i.e. fun. Younger generations are connected and don’t know how not to be.

Companies who eliminate access to social media open themselves up to other security issues. Employees who are bent on getting access, often skirt security making the network vulnerable.

Computerworld reports “Part of the problem is that people’s comfort level with Facebook, Twitter and MySpace makes them easy marks for cybercriminals, who are jumping on social networking sites with gusto, dumping spam, launching phishing attacks, stealing identities and installing malware. The same people who have learned to be very wary of phishing attacks, enticing links and sales pitches for cheap Viagra in their inboxes allow themselves to be seduced on Facebook and Twitter.”

There is a serious disconnect between secure online behaviors and the playfulness of social media. Facebook is the adult version of Chuck E Cheeses, and who doesn’t lose their mind at Chucks? The problem is Timmy is five and likes to eat at Chuck E. Cheese. George is thirty-five and likes to eat there too. But George is a freak.

Bad guys are in social media and you CANNOT let your guard down.

Implement policies. Social media is a great platform for connecting with existing and potential clients. However, without some type of policy in place that regulates employee access and guidelines for appropriate behavior, social media may eventually be completely banned from every corporate network. Teach effective use by provide training on proper use and especially what not do too.

Encourage URL decoding. Before clicking on shortened URLs, find out where they lead by pasting them into a URL lengthening service like TinyURL Decoder or Untiny.

Limit social networks. In my own research, I’ve found 300-400 operable social networks serving numerous uses from music to movies, from friending to fornicating. Some are more or less appropriate and others even less secure. Knowem has a mind blowing list of 4600 as of this writing.

Train IT personnel. Effective policies begin from the top down. Those responsible for managing technology need to be fully up to speed.

Maintain updated security. Whether hardware or software, anti-virus or critical security patches, make sure you are up to date.

Lock down settings. Most social networks have privacy settings that need to be administered to the highest level. Default settings generally leave the networks wide open for attack.

Register company name and all your officers at every social media site. You can do this manually or by using a very cost effective service called Knowem.com.

Protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in anti-virus and keep it auto-updated and check out my spyware killer IDTheftSecurty HERE

3. Get my book as an iPhone App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

4. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Social Media on Fox Boston.