App Tells Who’s Digging into Your Personal Data

/in , , , /by

Did you know that sometimes, the apps you use for your smartphone have access to your personal information and are capable of sharing it? Are you aware that your privacy can be invaded across the network board? That includes Twitter, Facebook, Instagram, LinkedIn, Google+ and more.

1PAnd how can you tell which applications can do this? MyPermissions can tell you. Once you load this and do some setting up, you’ll see which apps on your device has access to your information.

For instance, it’s not just a matter of who can get your information, but how often and just what, such as your contact list, photos and more. The more apps you use, the more likely your personal information is getting “shared,” i.e., leaked into cyberspace without your knowledge.

MyPermissions will alert you when an application barges into your sensitive information. It will give you control over who gets access to your data.

Without MyPermissions, it’s like walking through a crowded area and dropping one copy after another of your driver’s license, bank statement, credit card and family contacts.

So let’s suppose you’d like to start with Facebook. You tell MyPermissions you’d like a scan. MyPermissions will use your FB account to look for external connections. You’ll have a dashboard to see who’s getting into your information and you’ll be directed in how to stop this.

Worried if MyPermissions will share your data? Don’t. It will never collect, store or use any of your private information.

A similar application is that of Online Privacy Shield (free from Google Play Store). It will tell you which of your apps are nosing around in your private files and what they’re getting. And you could control who gets what.

Instagram, Twitter, Facebook, LinkedIn, etc., all have different ways for terminating access to your privacy, so bear with that—don’t expect all to terminate with one simple click just because one particular service has a one-click termination.

Be prepared for a shock: Hundreds of apps may have access to your sensitive data. You’ll need to embrace and appreciate the time required to get all of this straightened out. But when all is said and done, you’ll be glad you took that time.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

How to sign out of all Google Accounts

/in , /by

Let’s cut to the chase (never mind how you misplaced your phone): There are several ways to sign out of your Google accounts remotely. It takes three steps, and you’ll need the desktop version of Google. gg

  • On a mobile use a browser opposed to the Gmail/Google app and sign in at gmail.com.
  • Seek out “Desktop version” at the bottom of the window/browser. Click it. You may need to login again.
  • At the very bottom you will see “Recent Activity” in the right corner. Look below that to see “Details.” Click that.
  • A window will pop up giving you information about your account.
  • Look at the top of the page for a button, “Sign out all other sessions.” Click that.
  • And that’s it! Do this now to test it out.

You just signed out of your Google account. What this means is that anyone who might be in your account gets signed out or anyone who gets ahold of your lost or stolen phone/laptop etc will not be able to gain access, because they will need your password (which hopefully isn’t something dopey like 123password or password1, being that these are among the most commonly used passwords and thus very easy to guess at).

Keep in mind that Google has a device location tool. It works only when you’re signed in on the said device. So if you just signed out of all of your Google accounts, this location feature will be of no use. But if you happen to know precisely where your “lost” phone is, then it makes sense to sign out on all Google accounts.

Sounds odd, because chances are, if you know exactly where the phone is…it’s probably not in the hands of a crooked or nosy person. But you just never know.

For example, you may discover your phone is missing after you’ve returned from the gym. So you call the gym and sure enough, your phone was found in the locker room and turned in to the front desk. Thus, you know precisely where it is. However, who’s to say that a bored employee won’t tinker around with it?

If you know where the phone is, don’t delay in retrieving it.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

Managing Your Online Reputation

/in , /by

You’ve been “Googled.” No matter how small a speck you think you are in this universe, you have without a doubt created an online footprint that is attached to your name. Chances are high that someone out there has followed this footprint of yours via a Google search.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294Whether by a business colleague, family member or even a significant other, it’s reasonable to assume that your name will be “searched” online for personal information about you. But, what are the results of these searches? Are you comfortable with what they might have discovered?

Online reputations are a part of everyday life that should not be taken for granted; they can be key factors in finding (and keeping) a job, not to mention personal and professional relationships.

Make sure your online reputation isn’t tarnishing your personal image. First step: search yourself! You can use any or all of the popular search engines, such as Bing and Google. You will want to make sure to view the search results when you’re logged in and out of your browser, as this can alter the outcome. Results can be different depending on many factors including the type of web browser, geographic location, web history or data center that is serving up the search results. You may be surprised to find that there is negative information you’ll want to get rid of.

If this is the case, and you want to remove some damaging results, you can use this link for Google and this link for Bing to request the removal of particular search results.

Use these tips to ensure your online reputation isn’t susceptible to generating negative search results:

  • Set your social media accounts to private to prevent unwanted retweets, shares, likes and posts (and think before you post).
  • Review the privacy settings for your social media accounts so that people aren’t seeing things you don’t want them to see.
  • Review all of your avatars. They are the world’s first impression of you, even if it’s obviously not you (e.g., an image of an evil dictator).
  • Review photos of yourself. Duck-face mirror selfies and party pictures are a major red flag. Remove any other unfavorable pictures that may lead to negative search results.
  • Remove any insulting or otherwise negative comments you may have made.
  • Now add in some information that elevates you.
  • Never drink while posting. While PUI’s are legal, you could regret it.

There are also ways to build up your online reputation:

  • Check out online portfolio sites such as meAbout.me and Seelio. These can help you to build your digital identity through a single website that showcases all of the positive information from your varying social media accounts.
  • Signing up with services such as Youtube or Flickr where you can promote your skills can also be a big reputation boost.
  • Another option is to create your own personal website domain, where you can represent yourself or your brand in whatever light you choose.
  • Look into online reputation management companies. Expect to pay some dough, but there’s nothing like having all that bad stuff swept under the rug.

Whether it is through posts, updates, or even mobile phones tracking location, just about every part of your daily life is somehow tied to your online profiles. This influx of time spent connected makes managing your online reputation a clear necessity to ensure the face-to-face image that you project into the world, matches the one linked to you online.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

Time to tighten up Google Privacy Settings

/in , /by

There is good news for the tech-unsavvy out there: Google has made their privacy settings easier to work with. This day has not come a moment too soon. “My Account” is Google’s new dashboard.

ggWhen you use any Google account, the giant company collects information on you. The new dashboard will reveal what information this is. My Account also has other privacy related features; check it out first chance that you get. It has the following three sections.

Security

  • If you get locked out of your Google account, Google will contact you via the phone number and e-mail address you’ll see in this section, and you can change them, too.
  • You can look over a list of apps, websites and more that have access to your Google account info. You can place restrictions on permissions.
  • Lists devices that have connected to your Google account.
  • You can change your password.

Privacy

  • Google collects information on you including what you watch on YouTube; this section reveals which information on you is saved.
  • This section controls what phone numbers people can reach you on Hangouts.
  • Additionally you can adjust your public likes and subscriptions on YouTube.
  • Third, you can alter the information that you share on Google+.

Account Preferences

  • Here you can select the language for your Google accounts.
  • Here you can delete your entire account or some of it.
  • You can adjust the accessibility features.

Think of how great it would be to view a list of all the information that Google has collected from your computer, tablet or smartphone…and then delete whichever items you choose. You now no longer have to use the excuse, “It’s too techy for me,” to avoid delving into the privacy settings and making adjustments to your liking. You have a right to know what Google gets on you and what everyone else on the planet can see, too.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

Catphishing is a Heartless Scam

/in , /by

When someone online presents as a different person than their true self, this is called catphishing, and it occurs on online dating sites.
heartbleed

  • Google the name of the object of your interest. Obviously, “Kelly Smith” and “John Miller” won’t get you far, but “Jaycina McArthur” just might. What comes up?
  • See if they have social media accounts, as these suggest they’re a real person. But the absence doesn’t prove they’re a phony, either. Not every legitimate person is into the social media thing.

Here are warning signs:

  • More than one profile on a social media site.
  • Few friends or followers on social media (but then again…this doesn’t prove they’re a catphisher. Remember, Hitler had a million followers, and Christ had only 12!).
  • Photos don’t include other people.
  • Photos are headshots rather than of activities.
  • They find a way to contact you other than through the matchmaking service.
  • They quickly show neediness and request money.
  • They quickly proclaim “you’re the one” despite never having met you in person.

Additional Steps

  • Right click their photos to see where else they are online. Is it them on other sites or some model’s or real estate agent’s picture?
  • Copy and paste excerpts from their profiles and see if they show up elsewhere.
  • It may seem counterintuitive, but if you’re interested, ask for a face-to-face correspondence early on in the relationship (like a week or so into it) so that you don’t waste time getting dragged down by what ultimately turns out to be a catphisher.
  • If the person doesn’t use Skype, ask for a local meeting in a crowded public spot (assuming it’s a local person).
  • If they back down from a face-to-face meeting, be suspicious. They’re not necessarily after your money, but that 6-2, 180pound stud might actually be a 5-7, 240 pound guy who’s 10 years older than what his profile says.
  • Don’t reveal private information like where you work. Make sure there’s nothing revealing about your location on your social media profiles. A catphisher will want this information.
  • Be highly suspicious of someone who wants to know a heck of a lot about you—like if your parents live in town, what kind of home you live in, how much you earn, etc.

Trust your gut. If he or she sounds too perfect, they’re probably fakes.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

How to prevent being tracked

/in , , /by

You worry about being hacked, but what about being tracked? Yes, there are hackers and then there are trackers.

8DInternet tracking namely refers to the user’s browsing habits being followed. But there are ways to make the trackers harder to tag behind you.

  • Duhh, a fake name. What an innovative idea! It’s amazing how many people have their real name splashed all over cyberspace. Sure, you should use it for LinkedIn, and also Facebook if you want your childhood classmates to find you. But do you really need to use it for accounts like Disqus that allow you to post comments to articles? If you want to provide feedback to a site, must you use your real full name?
  • Use a virtual private network (VPN), as this will mask your IP address and others from tracking you. A VPN will encrypt your activities on open WiFi too. Hotspot Shield is a VPN provider; it’s compatible with iOS, Android, Mac and PC.
  • Now you may think, “What’s so bad about being tracked? So what if cookies know I keep clicking on all the Miley Cyrus articles?” Well true, so what.
  • But what if cookies also find that you’ve been clicking on an awful lot of articles about heavy weight training? You’ve been doing research for an article you want to write for your latest magazine assignment or maybe your son is interested in weightlifting. What if this timeline coincides with when you’re suing someone for smashing into your car while you were in it, causing back injury? The defendant’s attorney may uncover you’ve been researching heavy weight training, and this doesn’t look good for someone claiming a bad back.
  • Before you begin browsing, make sure you’re logged out of social networks. This means finding the “logout” or “sign-out” tab and clicking its options, rather than just closing out the site tab. Otherwise, more tracking.
  • Make sure your cookies are cleared before and after browsing.
  • If you use Twitter, go to the basic account settings to a box called “Tailor Twitter based on my recent website visits,” and make sure it’s unchecked.
  • Have JavaScript blocked when filling out forms. An extension called NoScript will block companies from using JavaScript for tracking you when you fill out their forms. However, think hard before you do this, because there are so many additional uses for JavaScript, and if you have a browser add-on that blocks it, it will probably slow loading times. Techy people will know how to set up the add-on so that it blocks JavaScript only for certain companies.
  • Disposable e-mail address. You can be tracked with your e-mail address—unless it’s a disposable one. Some services provide addresses that dissipate after a few minutes, while others provide addresses for longer use. Your e-mail carrier may also provide the option of creating additional e-mail addresses by adding characters to your name in the primary e-mail, so that these additional e-mails can be used and forwarded to the original.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Tips to being anonymous Online

/in , /by

One of mankind’s greatest inventions (besides the wheel) is the Internet.

10DUnfortunately, with this marvelous invention comes the drawback of privacy—or shall we say, lack of.

The Internet is a wonderful tool, but users must fight to remain as anonymous as possible, because getting too much of yourself “out there” could lead to trouble. In fact, it’s a big business all in itself: tracking users’ data and selling it to advertisers. Now this may sound rather benign, because no matter how much or how little of you is “out there,” you’re always going to see ads anyways.

But it’s the idea that other entities are tracking you, and also the idea that you don’t know who. All the time, information about you is being swooped up without your knowledge.

  • IP tracking. The “IP address” of your computer stands for Internet protocol. The IP address is issued by your Internet service provider and is unique to every user. An IP address can be tracked, revealing the user’s home address. Law enforcement will track an IP address of, for example, someone making threats via e-mail to bomb a school.
  • ISPs insist they don’t track IP addresses. But there are cases that make this hard to believe, such as when someone downloads a copy of a new movie. Not long after, they get a letter warning they’ve violated copyright law. This means their browsing habits were shared with a private company.
  • Cookies. Visit a site. It has cookies or data pieces that will record that you visited it. This is why when you visit the site again a week later, you’re automatically taken to the page you were last on. Cookies can also build a pattern of your web habits, so that before you know it, ads are popping up everywhere relating to sites you’ve visited.
  • Social media. Sites like Facebook will track your browsing habits with cookies, leading to the targeted advertising.

So how can you remain as anonymous as possible?

  • Open new links in an incognito window. When you right-click, a selection box will appear; choose “open in incognito window.” The incognito window means you will not leave behind cookies or browsing history. However, this doesn’t mean you’ll be the Invisible Man. But at least it’s a way of cutting down on how much of your browsing habits are revealed and shared.
  • You can download Hotspot Shield. It will put a stop to third-party tracking and encrypt data that you share with sites. You may also want it even more for its ability to mask your IP address. There is a free version and a premium version that costs $29 bucks.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

How to keep a Clean Online Presence

/in , /by

At any given time, someone, somewhere, is probably googling you. This could be a former classmate, a neighbor, someone you’re trying to do business with, a relative, who knows?

1PAre you confident that whatever they find will be information that’s truly representative of you? Maybe if you have a really common name, it may be lost in cyber muddle, but the more unusual your name is (or how the first name is spelled), the easier it will be to find you. If you want a clean online presence, there are things you can do.

  • Search yourself on Facebook, Twitter, LinkedIn, etc.
  • Google yourself and see what comes up within the first two pages of results. Make sure you’re logged out of Google or other browser you’re searching on. The results can be different vs being logged in.
  • Log back in and search your name again to see how the results look.

But how do you get rid of negative information and make yourself look better?

If you’re the creator of negative information, it’s a cinch. Just go into your Facebook account or wherever the unflattering information is, and delete it. Also adjust the settings for privacy, such as limiting post or image visibility to select visitors.

  • Search engines. Ask the search engine to remove the page result. For Google go here. For Bing go here.
  • Google+. Hide what you don’t want others to see. Check out the privacy settings.
  • LinkedIn. Make sure your profile is updated.
  • Twitter. Make the account private to prevent retweets. If you’re new to Twitter, think very carefully before you tweet, as tweets really do get around.
  • In addition to these tactics, try online reputation management firms. They aren’t cheap, but they work, mostly.
  • Go through all of your account profiles and upgrade them. Make them crisp, clear and free of fluff or anything that doesn’t flatter you. Add information that makes you more impressive. And use a good photo for your profile or avatar. Really, some Facebook profile pictures are ridiculous and unflattering, some not even making any sense.
  • Replace racy or otherwise negative images of you with more respectable ones. Or just delete them, period, like endless selfies that shout, “Ooh, look at me in this one!”
  • Be very careful what photos you put up on Facebook and Instagram. If you’re soliciting for donations, don’t have a photo of you eating lobster.
  • Sign up with a nameplate site like about.me, seelio or flavors.me where you can say good things about yourself and list your skills.
  • Get your own domain, even if you think your name is taken (use a variation), then use a reliable hosting company and put up your work.
  • Link all of these accounts so that visitors to one will be driven to the others.
  • Sign up with services to show your skills such as YouTube and Vimeo. See what’s out there for your various talents (e.g., Flickr for photographers).
  • Follow the cardinal rule: Don’t put anything in cyberspace that you wouldn’t want to reveal to 50,000 people at the coliseum.
  • Oh, drinking and posting don’t mix. Just don’t. Stop it. Really.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

What is the Cloud?

/in , /by

You’ve probably heard of people storing information in “the cloud,” but what does that really mean, and is it safe to put your data there?

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294The cloud is best described as a network of servers offering different functions. Some servers allow you to store and access data, while others provide an online service. You may be familiar with “cloud services” offered by companies such as Google and Adobe.

The term “cloud” comes from cloud computing, which is essentially using a group of computer resources to maximize their effectiveness.

The cloud is now comprised of millions of servers worldwide, and chances are you access it on a regular basis. For instance, you may have uploaded a picture from your smartphone to Instagram, which stores images in the cloud, or you could be using cloud storage service.

Because the cloud allows you to upload and access data and services from any Internet-connected device, it’s certainly convenient, but that doesn’t mean that it’s always safe.

Many worry about hackers getting into clouds, especially ones in which the services do not offer two-factor authentication. (This is when you need two different components to gain access to an account, such a something you know, like a password, and something you have, like a unique fingerprint.) Another potential vulnerability is that hackers might intercept data as it’s being sent to the cloud, especially if that data isn’t encrypted, or scrambled, to keep it from being read by unauthorized third parties.

Cloud customers must have faith that the service provider is doing all it can protect their prized data.

Not all cloud providers operate the same way, with the same security, but there are minimum standards, which they must meet. It’s important to know about the different levels of security, so you can make the right choices about your service providers.

A few cloud service providers:

  • Windows Live
  • iCloud
  • Google
  • Amazon Cloud Drive
  • Dropbox

Lots of storage can be obtained for free. Rates vary and getting cheaper by the day.

Cloud providers have everything to lose and nothing to gain be being insecure. It is well known that poor security can damage a brand. However, cloud security generally begins with the user and not the cloud itself. If your devices are old, outdated, poorly utilized, or don’t have the proper security, you could be the weak link.

So, make sure that your devices and security software are up-to-date and look for cloud providers that offer advanced security options such as encryption and two-factor authentication. And, if you really want your sensitive information to stay secure (such as tax returns and other financial and personal information), you might consider saving those files on a backup hard drive rather than putting it in the cloud.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

What is Shoulder Surfing?

/in , /by

The next time you’re in a public place and glued to your smartphone or tablet — whether it’s at the gym, a coffee house, the airport, or just a park bench— know that someone might be peering over your shoulder to see what you’re doing. The snooper could just be curious, or they could be trying to capture your login information so they can use it to access your accounts impersonating you later on.

4DThis behavior is called “shoulder surfing”, but it doesn’t always mean that someone is literally looking over your shoulder. It can also be done from far away, using binoculars or even a small telescope.

That’s why you should always work with your back tightly against a wall. If that’s not possible, be aware of who’s around you, or behind you, and try to shield your screen. Of course, shoulder surfing can also occur at the workplace where giant computer screens are facing outward for anyone walking by to see.

And it isn’t just the screen contents that the thief wants. A skilled thief can watch the user’s finger movements to pick up on passwords and login information.

Shoulder surfing can be completely concealed in settings where people are normally packed together, such as on public transportation, airplanes, concert halls, or even a busy emergency room.

Think of how easy it would be for you to watch what the person next to you is typing, especially if they’re wearing a headset and oblivious to their surroundings.

The fact that this is an easy way to steal information is what makes it so common. A study of commuters in the UK found that 72 percent shoulder surfed—mostly out of boredom rather than for fraudulent intent, but that just goes to show how easy it really is.

Here’s some simple ways to protect yourself from should surfing when entering or accessing personal data on your devices:

  • Look for an area where your back is against a wall.
  • Be aware of your surroundings at all times, not just people but also video cameras.
  • Consider using a screen protector to obscure the visibility of the display.
  • Save your personal, business and financial matters for when you are in the privacy of your own home.

So whether you’re just surfing social media sites at a coffeehouse, or an executive trying to catch up on work on a plane, make sure that you keep an eye out for anyone whose eyes are glued to your screen.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.