Will The Rise Of Tablets Affect Security Measures In The Workplace?

With unit sales of smartphones and tablets eclipsing those of desktop and notebook PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues in the workplace.

The issues of “BYOD” or Bring Your Own Device to work is plaguing IT managers everywhere. While your company’s IT guy has a relative hold on all the work laptops and desktops, and even some of the mobiles, he is quickly losing control when you bring your new Droid and connect it to the corporate network.  Now he has to worry if that last app you downloaded will infect the network when you plug your device into the company’s PC to update or sync something.

A study by ESET/Harris Interactive shows less than 10% of people using their own tablets for work auto lock them and people were more security-savvy about their smartphones, with 25% using autolock.

McAfee Labs™ points out today’s tablets are more powerful than notebooks were just a few years ago. Although their lack of real keyboards makes them unsuitable for many tasks (editing texts, programming, and design), they are very suitable for browsing the Web, which today is a primary source of malware.

Tablets mainly differ in the size of the screen of a mobile phone, but they share the same software, operating systems, and processors so their security concerns are nearly identical. About the only difference is that some tablets can use USB devices, which increases the attack surface of such devices.

And because like our mobile phone, tablets tend to be portable and one of our most personal computing devices, you need to take steps to protect it. Many of the best practices you use on your computer can be transferred to your tablet.

To help ensure that your tablet is protected, you should:

  • Always password protect your device and set it to auto-lock after a certain period of time to increase your mobile security
  • Never leave your tablet unattended in a public place
  • Don’t click on links on emails and text messages from people you don’t know
  • Even if you know the company or person, use a browser to search for a link or use the company’s official app to navigate to the site
  • Always double-check the web address of a site when doing a search on your mobile phone.
  • If you use online banking and shopping sites, always log out and don’t select the “remember me” function
  • Before downloading a third-party app, check other users’ reviews to see if it is safe, and read the app’s privacy policy to make sure that it is not sharing your personal information

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

Holiday Shopping: Beware of Unethical Online Merchants

We have all encountered a sales clerk who was rude, a customer service representative who was incompetent and an online purchase that went south. Even I’ve been scammed out of an entire order and spent dozens of hours trying to get a return on another.

But when it comes to outrageous and shocking, including threats of violence and outright fraud, this story takes the cake.  An online merchant based in Brooklyn New York retailing designer sunglasses, some counterfeit and some real, thrives on bad customer service, over charging, making threats, stalking and abusing clients into giving up the fight over what’s right.

The merchant prides himself on getting negative feedback on consumer advocacy and review sites such as Get Satisfaction, ComplaintsBoard.comConsumerAffairs.com, RipoffReport.com, Yelp and Epinions.

He thrives on – for example “DO NOT ORDER ANYTHING FROM THIS COMPANY. This has been the most horrific experience EVER. I have extensive knowledge of website management and customer service, and they pretty much break every rule imagined. They are a total scam

The strategy of negativity gets this merchants website ranked high on search when listed with all the different opinion sites. Google and other search engines often rank a website to show on the first page of search based on how many links point to it from other prominent sites. So even though all the negative links are pointing to the unethical site from opinion sites, it still ranks on the first page of search helping its sales.

Beware of making purchases on any website based on how they rank in search. Even a first page organic hit can lead to a scammy company.

Learn from others bad experiences. ALWAYS search “Name Of Company” in Google before you make a purchase. The review sites almost always show on the first page of search when “Name Of Company” has been blacklisted.

More on THIS STORY.

Robert Siciliano personal security expert to Home Security Source discussing scammers and thieves on The Big Idea with Donnie Deutsch.

Researcher Proves Your Friend Isn’t Your Friend

I’ve said numerous times that there’s too much trust in the Facebook world. People have entirely dropped their sense of cynicism when logged on. Apparently, they see no reason to distrust. Generally, your “friends” are people who you “know, like and trust.” In this world, your guard is as down as it will ever be. You can be in the safety of your own home or office, hanging with people from all over the world, in big cities and little towns, and never feel that you have to watch your back.

Computerworld reports, “Hundreds of people in the information security, military and intelligence fields recently found themselves with egg on their faces after sharing personal information with a fictitious Navy cyberthreat analyst named ‘Robin Sage,’ whose profile on prominent social networking sites was created by a security researcher to illustrate the risks of social networking.”

Apparently, one of the easiest ways to gain acceptance as a trusted colleague is to be an attractive woman. I recently wrote about “Sandra Appiah,” a curvy lady who sent me a friend request. She had already friended two of my buddies, who accepted because they already had two friends in common. She had posted questionable photos of herself. Red flag? But my buds didn’t seem to see it the way I did.

The security researcher set up profiles on Facebook, LinkedIn and Twitter. “Then he established connections with some 300 men and women from the U.S. military, intelligence agencies, information security companies and government contractors.”

Steve Stasiukonis, another ethical hacker, took it to the next level. He used a similar technique and, with permission, infiltrated a company’s network to test their security. By creating a group on Facebook, he was able to access employees’ profiles.

He set up his own employee persona with a fake company badge, business cards, a shirt embroidered with the company logo, and a laptop. “Upon entering the building, he was immediately greeted by reception. Then displayed fake credentials and immediately began ranting about the perils of his journey and how important it was for him to get a place to check his email and use a restroom. Within in seconds, he was provided a place to sit, connection to the Internet, and a 24×7 card access key to the building.”

Social media can and is being used as a smokescreen. The idea behind social media is that we are social creatures that thrive in community and want to connect. The problem is that this ideal is based on the mindset that we are all sheep and there are no wolves.

When mama told you to not talk to strangers, there was wisdom in that advice. When you friend people who you don’t know, you are friending a stranger and going against moms advice.

Robert Siciliano, personal security and identity theft expert contributor to Just Ask Gemalto, discusses hackers hacking social media on Fox Boston. (Disclosures)

Privacy Laws for Kids Online

Numerous privacy groups are urging the FTC to update its Children’s Online Privacy Protection Act of 1998. The primary goal of the Children’s Online Privacy Protection Act, or COPPA, is to give parents control over what information is collected from their children online and how such information may be used.

Jeff Chester, Executive Director of the Center for Digital Democracy said, “The Commission should enact new rules for COPPA that draw upon its current investigations into behavioral marketing and other current digital advertising practices. It’s time for the FTC to do a better job of protecting the privacy of children online.”

The Internet today isn’t what is was in 1998. Back in the day, when dial up – the online equivalent of a horse and buggy – was the only means of getting around, the risks weren’t as great as they are now. The speed of technology has outpaced the security of information and the learning curve of users. Over time, many web operators conveniently forget the rules, chose to do things their own way, and then apologize when they are accused of doing something wrong.

The original COPPA was designed around websites that sell merchandise. Today, we have social media, Second Life, online gaming sites, and smartphones that can access the Internet anywhere, anytime.

The report states, “several start-ups…are experimenting with ways to use cell phones to bridge the digital and physical worlds and turn the tasks of everyday life, like buying coffee and running errands, into a game.” Many major companies are taking advantage of these applications for promotional purposes. A major fast food chain, for example, offers a soda and sandwich to people who “check in” three times. This company is also able to “use the data they collect from people’s cell phones to learn more about who their customers are and how they behave.”

Geolocation could pose a privacy threat. Information collected through geolocation is particularly sensitive, since it can allow a child to be physically contacted wherever he or she is, at any time. Parents need to be aware if there is misuse.

The descriptively named website PleaseRobMe.com aggregates real time location information that users have voluntarily shared on Twitter in order to bring attention to the potential problems with this type of sharing.

The risks are magnified for children, who will often fail to comprehend the significance of sharing personal information. And when a child’s location is collected automatically, neither the parent nor the child is aware that this information is being shared, nor are they given the opportunity to consent or refuse to consent to such data collection.

Kids are plugged in all day, which means it’s imperative that parents understand how these technologies are slowly infiltrating children’s’ lives in ways that we couldn’t possibly have imagined a decade ago. Hopefully, more transparency and oversight of the wild, wild web will keep new technologies in check, and your kids more secure. A great site to help educate you and your kids is www.WiredKids.org.

Robert Siciliano, personal security expert adviser to Just Ask Gemalto, discusses child predators online on Fox News. Disclosures

Keeping Kids Safe Online

It is no surprise that cybercriminals are taking advantage of the Internet and the people who use it. The Internet is like a bad neighborhood with bad guys around every corner. Any parent with an ounce of sensibility should recognize that when your child is on the wild wild web, they are at the same risk as they would be walking through the red light district in any big city.

I’m not saying this because I want to instill fear and panic, I’m bringing this up because sex offenders, pedophiles, criminal hackers and identity thieves treat the online world as if it was the physical world and use the anonymity of the web and the easiness of approach to seduce your children into doing things they wouldn’t normally do.

The Secret Online Lives of Teens, a survey conducted by McAfee, reveals that tweens and teens are relatively clueless about online privacy. The study sheds light on this generation’s tendency to use the Internet in ways that translate to danger in the real world.

There always has, is, and will be a predatory element out there. Generally, most people don’t want to think about that or even admit that it’s true. Instead of acknowledging the risks, most people completely discount this reality, telling themselves, “It can’t happen to me or my kids.”

The good news is you can do something about it. As soon as a family member becomes active online, it’s time to educate them—no matter what age they are—about cyber safety.

  • Set up the computer in a high-traffic family area and limit the number of hours your children spend on it.
  • Be sure you have computer security software with parental controls.
  • Decide exactly what is okay and what is not okay with regard to the kinds of web sites that are appropriate to visit
  • Use only appropriate monitored chat rooms
  • Never log in with user names that reveal true identity or that are provocative
  • Never reveal your passwords
  • Never reveal phone numbers or addresses
  • Never post information that reveals your identity
  • Never post inappropriate photos or ones that may reveal your identity (for example: city or school names on shirts)
  • Never share any information with strangers met online
  • Never meet face-to-face with strangers met online
  • Never open attachments from strangers

Once you have established the rules, make a poster listing them, and put it next to the computer.

Robert Siciliano personal security expert to ADT Home Security Source discussing Home Security and Identity Theft on TBS Movie and a Makeover. Disclosures.

Phishing Scam: Using the U.S. General Commander in Iraq as Phish Food

Fishing of course is the sport of tossing a tasty wormy baited hook connected to a fishing line and patiently waiting for a fish to take the bait.

Phishing is the sport of tossing a wormy baited tasty lie connected to a wormy human and the degenerate patiently waits for a naïve victim to take the bait.

A phisher can send thousands of phish emails a day and eventually someone will get hooked.

Phishing is a $9 billion business. Unlike the ongoing depleting of the oceans fisheries, there are PLENTY of people out there to phish. Many of them today are from developing nations like India and China who are just getting a broadband connection to the internet and are considered fresh meat to the bad guy.

The New York Times reports “if you get an Internet appeal from Gen. Ray Odierno, the senior American commander in Iraq, asking you to pay lots of money to get your son or daughter out of combat duty, don’t believe it. And certainly don’t send the $200,000. General Odierno acknowledged that he is but one more victim of a social networking scheme offering a big — but fake — benefit, if you send big amounts of real money.

“I’ve had several scam artists on Facebook use my Facebook page and then go out asking people for all kinds of money: ‘If you pay $200,000, your son can get sent home early,’” General Odierno said at a Pentagon news conference.

Criminals may seek out military families and target them one by one or send a blast to thousands at a time and use a ruse that pulls at the heart strings of unsuspecting families who simply want their loved-one back home.

The General posted a large warning on his social networking site. “I have this big thing on my Facebook that says, If anybody asks you for money in my name, don’t believe it,” he said. “But it’s a problem.”

Frankly, I don’t like the idea of an American General having a Facebook page. It weird’s me out. Hopefully the high commander isn’t uploading pictures of himself doing shots of tequila while driving a tank.

My guess is there is someone out there who has the money and is probably acutely unaware of this type of scam, then is probably capable of getting hooked.  But more than likely nobody will cough up $200,000. But the scammers know to start high and they will go low. They will take a $1000.00 when it comes down to it. But they also know that people won’t argue with a General and nobody will “discount” the value of their loved-ones life. So overall it’s a pretty good scam. Just don’t take the bait.

Robert Siciliano personal security expert to ADT Home Security Source discussing Facebook scams on CNN. Disclosures.

Online Dating Liar Liar is 5’4, not 5’10

But who cares? Apparently the dude with the 6 inch height difference did. And he figured the lady he was about to meet via chatting in an online dating service cared as well. Maybe she did, maybe she didn’t. Either way he started out in the relationship lying.

Many single people have been turning to the Internet for dating services. You can meet someone with the same interests, hobbies, and lifestyle. Dating services allow you to browse profile pages to shop for a potential mate while chatting it up with potential dates. In the process you are selling yourself as they are deciding whether to buy. And like a car on a “preowned” lot that was recovered from the waters of hurricane Katrina, the truth is often suppressed. .

But what happens when you decide to meet someone and you begin to discover little white lies? Realize that little white lies are often a front for big darker lies.

What else is this person hiding?   Are they married, have kids? Gone bankrupt, been arrested for violence? Or are they a registered sex offender? Are they unemployed when they said they have a job?

Sometimes the truth hurts and people innocently choose to adopt the “what they don’t know won’t hurt them” philosophy and simply don’t cough up the truth. Nothing good can come of this. This is why it is essential that you do your homework and find out as much about this person as possible to head off any potential heartaches.

Much of what you need to know about your new encounter can be found by doing a quick and easy background check. But don’t stop there. Google them, check out their Facebook page and dig as deep as you need to verify as much as possible to determine if their nose is growing.

Robert Siciliano is a Personal Security Expert and Adviser to Intelius.com. See him discussing Dating Security on E! True Hollywood Stories.

For more information see Intelius at Sex Offender Check and Date Check to reduce your chances of encountering a bad guy. (Disclosures)

Sex Offender Sets Up Facebook Page Looking For Love

A sex offender, who spent 11 years in a court-ordered treatment program to rehabilitate him, is looking for a relationship via Facebook.

Facebook is approaching the 500 million member mark worldwide. Chances are there are a few sex offenders in there somewhere. I’d guess anywhere between 1 and 3 percent have a penchant for violating another persons sanctity. Statistically out of the 300 million people in the U.S., there are 500,000 registered sex offenders. Of those registered, thousands more aren’t and many haven’t been caught. You do the math.

He’s 29, so he was in detention since he was 18. His mom must be proud. He was found guilty of sexually assaulting girls. If I was one of the girl’s dads I’d be “friending” this dude to know what he is up to.

He has now set up a Facebook page, with a picture of pop singer Pink, in a bid to date women. Sounds like a real interesting guy.

The Herald Sun pointed out that 3 of his 12 online friends have profile photographs on his page which include children. Just ducky.

Be careful who you friend. They really are out there. Living breathing whacky predators.

Robert Siciliano is a Personal Security Expert and Adviser to Intelius.com. See him discussing Sex Offenders on Fox Boston.

For more information see Intelius at Sex Offender Check and Date Check to reduce your chances of encountering a bad guy. (Disclosures)

Personal Security and Identity Theft Expert Speaker to Appear on E! Network’s ‘True Hollywood Stories Investigates’

(BOSTON, Mass. – June 5, 2008 – IDTheftSecurity.com) Robert Siciliano, a personal security and identity theft expert speaker and CEO of IDTheftSecurity.com, will appear in “THS Investigates: Dating Nightmares,” an episode of the series “E! True Hollywood Stories.” The episode will run on June 6. In it, Siciliano and others will share advice on how to avoid dangerous cyber relationships, Internet child predators, swindling suitors, psychopaths, stalkers, and more. Readers may view YouTube video of the show’s trailer. Information on show times is available at E! Online.

“This show is a must-see for any single in the dating game,” said Siciliano. “While singles have far more options than ever before to meet their match, the new ways of finding that special someone are also fraught with dangers. Anyone who’s dating, especially women and those who are dating online, must educate themselves.”

Member of the Bank Fraud & IT Security Report‘s editorial board, Siciliano leads Fortune 500 companies and their clients through consumer education workshops that explore security solutions for business and individuals. A longtime identity theft speaker, he has discussed data security and consumer protection on CNBC, on NBC’s “Today Show,” FOX News Network, and elsewhere.

“Parents must also pay specific attention as well,” said Siciliano. The show features children under the age of 18 who have become victims of Internet predators. “It is essential that concerned parents understand the risks their children face while on the computer. The days of simply telling your kids not to talk to strangers are over. Today, those strangers could be right in the child’s bedroom chatting online and even exchanging lewd photographs.”

“Another danger surrounding online dating is identity theft,” Siciliano continued. “Social engineers will often gain the trust of another through social media websites. These include dating sites. Those who date online must arm themselves with the knowledge they need to avoid criminals’ traps.”

Those wishing to learn how to protect themselves against identity theft may view video of Siciliano at VideoJug.

###

About IDTheftSecurity.com

Identity theft affects us all. Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients. A leader of personal safety and security seminars nationwide, Siciliano has been featured on “The Today Show,” CNN, MSNBC, CNBC, “FOX News,” “The Suze Orman Show,” “The Montel Williams Show,” “Maury Povich,” “Sally Jesse Raphael,” “The Howard Stern Show,” and “Inside Edition.” Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others. Visit Siciliano’s Web site, blog and YouTube page.

The media are encouraged to get in touch with Siciliano directly:

Robert Siciliano
Personal Security Expert
CEO of IDTheftSecurity.com
PHONE: 888-SICILIANO (742-4542)
FAX: 877-2-FAX-NOW (232-9669)
Robert@IDTheftSecurity.com
www.idtheftsecurity.com

The media may also contact:

Brent W. Skinner
President & CEO of STETrevisions
PHONE: 617-875-4859
FAX: 866-663-6557
BrentSkinner@STETrevisions.biz
www.STETrevisions.biz