Posting Kids’ Photos online is illegal?

In France, anything is possible. Like getting tossed in jail for posting your children’s photos on Facebook.

12DYes indeed, it’s true. People in France might be put behind bars for putting their kids’ pictures on Facebook. Or, they may face heavy fines. This is because the French authorities deem posting kids’ photos online threatens their security.

Parents are being warned about the consequences of this violation. The authorities believe that posting images of one’s kids online can lead to some pretty nasty things:

  • Photo-napping, particularly by pedophiles
  • Stealing the images and posting them on adoption sites
  • Kids, when grown, suing their parents for emotional damage that they think resulted from photos of their younger selves being posted online
  • Parents may even sue each other if photos of their kids go up after a divorce.

France’s privacy laws are a force to be reckoned with. How does a year in prison and a fine of almost $50,000 sound for posting children’s photos? Wow, French parents really better watch out when posting that photo of the family reunion or company picnic with kids in the background.

If you’re poo-pooing France right now, save your poo-poos for Germany as well. German police are urging parents to stop posting their kids’ images—especially because a lot of people are putting up images of their kids naked in the context of water activities.

Maybe if fewer parents got off on posting pictures of their naked toddlers and even older children (one can only guess what these parents are hoping to accomplish), the police wouldn’t be so rigid.

Still think the police are over-reacting? And maybe they are, but consider this: According to The Parent Zone, the average person posts nearly 1,000 images of their child online by the time that child blows on five birthday candles. Now maybe The Parent Zone isn’t the gospel, but we all know people who seem to have 8,000 pictures up of their children on social media.

What’s even more staggering, says The Parent Zone, is that 17 percent of these parents have never bothered to set their Facebook privacy settings. And 46 percent checked the settings only one or two times. This all means that these parents absolutely are in denial that some weirdo isn’t drooling over their naked preschooler in the backyard baby pool.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Protect Yourself from Online Dating Scams

$200 million: The amount people were ripped off by online dating scams in a year.

1FDUI: dating while under the influence…of the quest for love…is costly to countless people.

A nytimes.com article notes that this quest impairs judgment, making it easy for con artists to bilk lonely people. Or are some people just plain stupid? But many victims are highly educated.

It all begins with a phony profile that grabs the victim’s attention. The nytimes.com report points out that the scamster uses attractive photos stolen off of other sites.

INTERRUPTION: If he/she is too gorgeous to be true, right-click the image to see where else it appears online! Is “Emilene McKenna” whom she says she is?

These scammers come from anywhere on the globe.

  • They prey upon loneliness, greed and desire.
  • Overseas scam rings
  • Solitary scammers working at home late at night
  • Women, not just men
  • They almost always profess to be in a glamorous or exciting line of work, though occasionally, they’ll pose as a more common person (perhaps to appear less suspicious).
  • People of all ages and walks of life, plus sexual orientations, are targeted.
  • The common denominator is a request for money.
  • Reasons for money requests run the gamut but usually focus on medical bills, legal fees or fees relating to a planned trip to meet the victim (which never occurs).

The nytimes.com article quotes victim specialist Debbie Deem that these con artists are skilled at mirroring the victim’s needs and creating “a sense of intimacy very quickly.” The victim soon becomes convinced that this is their soulmate—and thinks nothing of sending them the requested money.

However, the scammer may reveal their true colors after luring the victim into posing for raunchy photos or videos: The crook threatens to expose these unless the victim sends them money.

Other Facts

  • Being offered a spouse is a growing ruse.
  • Some victims have lost over $400,000.
  • Significant contact from the scammer lauding the victim.

How to Protect Yourself

  • If you haven’t already figured that out after reading this article…I’m very worried.
  • In addition to right-clicking the photo, copy and paste the profile’s narrative into a search engine and see if it shows up anywhere else like on an unrelated person’s blog or another dating profile under a different name.
  • NEVER SEND MONEY! Think: They’ve gotten this far in life without your financial help; they’ll survive without it.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Products to keep Kids safe online

Some people believe that monitoring your kids’ online activities crosses the line of privacy or trust. But monitoring and controlling online activities is, essentially, no different than controlling access to the cookie jar or TV or even locking a liquor cabinet.

Which brings me to a way that parents can always know exactly what their kids are doing in cyberspace. And control when, too. This is possible due to a type of software known as “parental control” that monitors the goings-on of any connected device in the home network, in concert with a mobile app.

Parental control software is very important to most parents, and they’re always looking for the latest technology. The Pew Research Center’s recent report says that 95% and 93% of U.S. parents have spoken to their teenager about sharing-safety and appropriate online behavior, respectively.

Gadgets like this include Circle and KoalaSafe (easy setup, $99 each). With these, you can even set certain activities to be off limits when you apply filters. When you see your teen daughter’s activity going to a “pro-ana” site, you can bar her from getting on.

Circle

  • Scans all traffic on your home’s network.
  • Traffic data is not stored on Circle’s servers.

KoalaSafe

  • Provides a Wi-Fi just for kids and tracks only that.
  • Uses cloud servers for monitoring.

From your mobile you can watch what your kids are up to in cyberspace, but these gadgets can’t monitor or control 100% their activities (such as Snapchat)—but will do enough for you to know that the cookie jar, figuratively speaking, is bolted shut with a good lock.

Even if your child is a goody two shoes, they may still accidentally get on a site you’d never want to show your grandmother. Circle and KoalaSafe will help control this scenario. This software can also track how much time kids spend with certain activities such as being on Facebook, and you can set time limits.

But remember, parental control software, no matter how good it is, should be seen as an adjunct to one-on-one communication with your kids, not the replacement of it. Parental software isn’t just for “bad” kids, but serves as an extra tool for parents that keeps up with today’s technology.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Can the cloud be trusted?

Most people have heard of storing information in “the cloud,” but do you know what this means, and if it is even safe?

4HA cloud is basically a network of servers that offer different functions. Some of these servers allow you to store data while others provide various services. The cloud is made of millions of servers across the globe and most are owned by private or public corporations. Many of those corporations are diligent about security, and you are likely using the cloud whether you know it or not.

Most customers using cloud services have faith that their information will remain safe. But there are some precautions you need to take. Here are some questions to ask any cloud service provider before relying on them to store your business data:

  • How often do you clean out dormant accounts?
  • What type of authentication is used?
  • Who can access and see my data?
  • Where is the data physically kept?
  • What level of encryption is in place?
  • How is the data backed up?
  • What’s in place for physical security?
  • Are private keys shared between others if data encryption is being used?

Keeping your company data safe

Over time, a company surely will accumulate data that seems irrelevant, but you shouldn’t be so quick to dispose of this data, especially if it is sensitive. This might include data such as customer or client information, employee information, product information or even old employee records.

The truth is, you just never know when you may or may not need this information, so it is best that you keep it. Digital data should be backed up in the cloud. If it’s paper, convert it to digital and store it offsite. Here are some things to remember when doing this:

  • All data, even if old or irrelevant, should be backed up.
  • Data retention policies should always include an “expiration date” for when this data is no longer useful to you.
  • Companies that want to delete old data should understand that deleting files and emptying the recycle bin, or reformatting a drive may not enough to get files off of your computer. Hackers may still be able to access this data.

If you actually want to remove all of the data on a disk, literally break or smash it. To truly delete a file, you must physically destroy the hard drive.

Consultant Robert Siciliano is an expert in personal privacy, security and identity theft prevention. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses. Disclosures.

11 Ways to Mitigate Insider Security Threats

Companies are constantly attacked by hackers, but what if those attacks come from the inside? More companies than ever before are dealing with insider security threats.Here are 11 steps that all organizations should take to mitigate these threats and protect important company data:11D

  1. Always encrypt your data If you want to minimize the impact of an insider threat, always encrypt data. Not all employees need access to all data and encryption adds another layer of protection.
  2. Know the different types of insider threatsThere are different types of insider threats. Some are malicious, and some are simply due to negligence. Malicious threats may be identified by employee behavior, such as attempting to hoard data. In this case, additional security controls can be an effective solution.
  3. Do background checks before hiringBefore you hire a new employee, make sure you are doing background checks. Not only will this show any suspicious history, it can stop you from hiring any criminals or those associated with your competitors. Personality tests can also red flag the propensity for malicious behavior.
  4. Educate your staffEducating your staff on best practices for network security is imperative. It is much easier for employees to use this information if they are aware of the consequences of negligent behavior.
  5. Use monitoring solutionsThere are monitoring solutions that you can use, such as application, identity and device data, which can be an invaluable resource for tracking down the source of any insider attack.
  6. Use proper termination practicesJust as you want to be careful when hiring new employees, when terminating employees, you also must use proper practices. This includes revoking access to networks and paying attention to employee actions on the network in the days before they leave.
  7. Go beyond the IT departmentThough your IT department is a valuable resource, it cannot be your only defense against insider threats. Make sure you are using a number of programs and several departments to form a team against the possibility of threats.
  8. Consider access controlsAccess controls may help to deter both malicious and negligent threats. This also makes it more difficult to access data.
  9. Have checks and balances for all staff and systemsIt is also important to ensure there are checks and balances in place, i.e. having more than one person with access to a system, tracking that usage and banning shared usernames and passwords.
  10. Analyze network logsYou should collect, store and regularly analyze all of your network logs, and make sure it’s known that you do this. This will show the staff that you are watching what they are doing, making them less likely to attempt an insider attack.
  11. Back up your data Employees may be malicious or more likely they make big mistakes. And when they do, you’d sleep better at night knowing you have redundant, secure cloud based backup to keep your business up and running.

Robert Siciliano is an expert in personal privacy, security and identity theft. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses. See him discussing identity theft prevention.Disclosures.

How to recycle Old Devices

When it comes to tossing into the rubbish your old computer device, out of sight means out of mind, right? Well yeah, maybe to the user. But let’s tack something onto that well-known mantra: Out of site, out of mind, into criminal’s hands.

7WYour discarded smartphone, laptop or what-have-you contains a goldmine for thieves—because the device’s memory card and hard drive contain valuable information about you.

Maybe your Social Security number is in there somewhere, along with credit card information, checking account numbers, passwords…the whole kit and caboodle. And thieves know how to extract this sensitive data.

Even if you sell your device, don’t assume that the information stored on it will get wiped. The buyer may use it for fraudulent purposes, or, he may resell to a fraudster.

Only 25 states have e-waste recycling laws. And only some e-waste recyclers protect customer data. And this gets cut down further when you consider that the device goes to a recycling plant at all vs. a trash can. Thieves pan for gold in dumpsters, seeking out that discarded device.

Few people, including those who are very aware of phishing scams and other online tricks by hackers, actually realize the gravity of discarding or reselling devices without wiping them of their data. The delete key and in some cases the “factory reset” setting is worthless.

To verify this widespread lack of insight, I collected 30 used devices like smartphones, laptops and desktops, getting them off of Craigslist and eBay. They came with assurance they were cleared of the previous user’s data.

I then gave them to a friend who’s skilled in data forensics, and he uncovered a boatload of personal data from the previous users of 17 of these devices. It was enough data to create identity theft. I’m talking Social Security numbers, passwords, usernames, home addresses, the works. People don’t know what “clear data” really means.

The delete button makes a file disappear and go into the recycle bin, where you can delete it again. Out of sight, out of mind…but not out of existence.

What to Do

  • If you want to resell, then wipe the data off the hard drive—and make sure you know how to do this right. There are a few ways of accomplishing this:

Search the name of your device and terms such as “factory reset”, “completely wipe data”, reinstall operating system” etc and look for various device specific tutorials and in some cases 3rd party software to accomplish this.

  • If you want to junk it, then you must physically destroy it. Remove the drive, thate are numerous online tutorials here too. Get some safety glasses, put a hammer to it or find an industrial shredder.
  • Or send it to a reputable recycling service for purging.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Protect Your Family Online With WOT

The web is a dangerous place. Malware, scams and privacy dangers are around every corner, and children can easily find themselves face to face with sites that are not suitable. What can a parent do? One option is to try WOT, Web of Trust, a free browser add-on.

WOT rates each site on the Internet for reliability, privacy, trustworthiness and child safety. When searching a website with WOT, you will see a colored icon, red for bad and green for good, which indicates if a user should proceed. You can also use the WOT rating for every site and read reviews from those who have been on the site.

wot1

WOT offers other features, too. For instance, when visiting a “red site” a large warning appears on the screen. This allows people to choose if they go through or surf away. Additionally, you can also click the WOT button in the browser, and you can see information about the rating of the site, too.

When performing an Internet search and you come across a link that looks fishy, WOT places a red icon next to it. You may also see a yellow icon, which indicates the site may or may not be safe, and gray icons indicate the site is unrated. Hovering over each icon will give you more details about the website, as well as ratings and reviews from users.

WOT2

The latest version of WOT has four levels of safety included. Lite, the lowest level, only shows icons for dangerous websites. The highest level, Parental Control, not only blocks dangerous websites, it also blocks any sites that are not suitable for kids.

Web of Trust is available as a browser add-in for Firefox, Google Chrome, Opera, Internet Explorer and Safari.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video. This is a review opportunity via BlogsRelease. Disclosures.

How to unsend or cancel an E-mail

If the person you are sending an e-mail to pretty much instantaneously receives it, how on earth can you unsend or cancel it? Well, you have several options.

emailCriptext

  • This is a browser plug-in that works for Chrome and Safari.
  • Your message including attachments will be encrypted.
  • You will know when it’s been opened.
  • You can recall messages and assign them expiration times. The recall, of course, comes after the recipient has possibly opened the message, but if they’re, for instance, away from their computer when it comes in, and you recall the e-mail, they will never know it was there. Or maybe they will have seen it and decided to open it later, and when that time comes, they see that it has vanished and think they’re going crazy.

UnSend.it

  • Like Criptext, this plug-in will let you know when messages have been opened. In addition, it allows you to recall them and also set expiration times.
  • Missing, however, is the encryption feature.
  • It’s compatible with more browsers than is Criptext.

What about Gmail users?

  • Enable the “Undo Send” feature as follows.
  • In the upper right is a gear icon; click on it.
  • Select Settings to bring up the “General” tab.
  • Scroll to Undo Send.
  • Click checkbox for Enable Undo Send.
  • You can choose a cancellation time of five, 10, 20 or 30 seconds. A grace period of only five or 10 seconds doesn’t make much sense, so you may as well choose 30 seconds unless you routinely need recipients to receive your messages less than 30 seconds after you send them.
  • Hit Save Changes.

Virtru

  • This plug-in is compatible with Chrome and Firefox.
  • Those with Yahoo, Gmail or Outlook accounts can use it.
  • For $2/month, you can have message recall and self-destruction, along with message forwarding.
  • The free version does not offer any kind of recall or cancellation features, only secure messaging.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Keep Accountant happy and Thieves out

Are you a shredder? I hope so. No identity thief on this planet is going to want to attempt to reconstruct cross-shredded documents.

Computer crime conceptSo what, then, should you make a habit of shredding?

  • All financial documents and information, including financial information you’ve jotted on a Post-it note.
  • Credit card receipts unless you want to file these away for end-of-month calculations, but ultimately, you have your monthly statements so you will not have use for them anyways.
  • Old property tax statements (keep the most current one). But any other tax documents you should retain.
  • Voided checks.
  • Most things with your Social Security number on it that aren’t tax related.
  • Any other piece of paper that has your or a family member’s personal information on it, including envelopes with your address. Never assume “that’s not enough” for a skilled identity thief to use.
  • Ask your accountant what they think.

Now, what kind of shredder should you get for your home or office? There are all kinds of makes and models out there.

  • Do not buy a “strip” shredder that simply slices thin strips in one direction. Identity thieves will actually take the time to reconstruct these.
  • Buy a “cross-cut” shredder. The pieces are sliced and diced too small for an identity thief to want to struggle to tape back together.
  • We can go one step further, in case you are wondering if anyone would actually take the time to lay out all those cross-cut fragments and reassemble them: Buy a micro-cut device. The pieces, as the name suggests, are tiny.
  • Read the features for that micro-shredder, as some models are more heavy-duty than others.
  • You may not want to purchase a machine online; at least you will want to see the various makes and models in person first.
  • But if you can’t locate the type of shredder that you’d like from a brick-and-mortar retailer, then of course, there are plenty online to choose from.

So get yourself a shredder on your next shopping trip; you will be so glad you did.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Career Criminal goes down

A sharp nine-year-old girl has a biting message to a 51-year-old man, according to an article on myfoxboston.com:

1G“You deserve to stay in jail because you break into peoples houses. Stop breaking into peoples houses and do something with your life.”

This advice was directed to Pedro Gomez, whom police are labeling a career criminal. According to investigators, he attempted to break into over a dozen houses—all within the span of hours.

One of the failed attempts occurred to a house where the nine-year-old was at at the time. Gomez’s floundering break-in attempts occurred in Shrewsbury, Mass. I’m not so sure he’s a true “career criminal,” because he certainly didn’t do things like a prolific burglar would. This sounds more like random, haphazard, desperate, non-calculated attempts to bust into the nearest homes.

Pedro even apparently stacked patio furniture up against windows in one of his break-in attempts.

There are different kinds of robbers, and one of them is that of the unskilled kind who breaks into homes to get whatever cash or small sellable items he could get his hands on to support his next drug fix. This could very well be the type of criminal that Gomez is.

Gomez tripped an alarm when he tried to get in through a slider type of door, continues the myfoxboston.com article. It was there that the police caught up with him. The report says that he had already broken into houses in three other towns.

Though he didn’t exactly hang his head upon being arrested, he will have plenty of time in prison to reflect upon the advice of the nine-year-old girl.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.