Vault Apps Facilitate Lying Kids and Cheating Spouses

If you have a kid who uses a smartphone, or even a spouse who might not be totally honest with you, they might be using apps to keep things hidden from you. Basically, these apps offer space where people can hide things like photos, videos, and other files, and you would never know by looking at their phone.

appsKnown as vault apps, since they serve as a vault for storage, some examples are Ky-Calc, Calculator Percent, and Calculator Vault. When you open any of these, it looks like a calculator…you can even use them as a calculator. However, when a secret code is entered, the user can store “secrets.” Consider Ky-Calc. it has a folder for image storage, a secret internet browser, and even keeps a separate contact list.

Though you probably don’t want your kid hiding things from you, at the end of the day, that’s child’s play compared to the real danger that is hiding behind these apps. Yes, they are popular among teens and cheating spouses, but they are also popular among predators. These bad people will engage with teens or even younger children, online, and then ask them to download an app like this. They can easily communicate without you ever noticing.

Here is some more information about vault apps that every parent, or of course spouse, should know:

  • Vault apps aren’t as safe as someone using them might think. You can still take a screen shot and share it with someone else.
  • These apps look and act just like any similar app. Generally, they are calculators, and even work like calculators, but are ultimately unlocked with a secret code.
  • If you look at someone’s phone and you see more than one calculator app on it, there is probably something funny going on. All mobile smart phones come with a calculator.
  • These apps are very easy to find, and they are generally free. You can find them by searching “photo vault,” “ghost apps,” “hidden apps,” or more, in the App Store or Google Play Store.
  • You also might be surprised to hear that teens often compete amongst their peers to see what type of content they can hide on these apps.
  • Almost all teens who use mobile phones know about these apps. You shouldn’t be surprised if kids as young as 12, and sometimes even younger, are using them.

As a parent, and even as a spouse, you should be digging into your family’s phones. There should be open and honest discussions about this, and it should not be considered taboo, especially when it comes to a loved one. With children, they should not expect any privacy until the age of 18. With a spouse, trust is a fundamental requirement. And if there’s a lack of trust, it is generally because something is going on wrong.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Covid-19 Remote Desktop Has Significant Risks

Are you newly working from home? Or are you an old pro? Either way, it is likely you are using some form of remote desktop protocol. Those of us who have been working home as our primary means of earning a living, know these tools very well and are accustomed to eliminating the various distractions in our home environment in order to get the job done. There are some precautions to be aware of.

None of us think that we are going to get hacked, even though we have seen time and time again that it is very possible. Even the largest companies in existence have been hacked, and small businesses are even more at risk. You can add even more to this risk if you use a software called Remote Desktop.

Basically, Remote Desktop allows you to access computers remotely in your home or office and give network access to employees who are working remotely. However, when you give or have this access, you are opening up your network to hackers. Thousands of companies and individuals have fallen victim to this, and just one successful hack can be devastating to a small business.

Remote Desktop: What is It?

Remote Desktop, or RDP, is a very common software. In fact, if you have Microsoft Windows, you probably have this software and don’t even realize it. Though it is a very powerful tool for businesses, it is also not very secure.

Criminals know this, of course, and they have created a huge variety of tools to hack into this software. When they get access to the network, criminals can access company information and then take things like log-ins and passwords. Once they have this, they can buy and sell them so that other criminals can use them to access your network. Once they are in, they can do almost anything.

Are You at Risk?

There are estimates that there are over three million companies that theoretically have access to Remote Desktop. Most of them are small businesses and many manage their own IT services in house. If you are a small business and you have an in-house IT department, you could definitely fit into this category. What’s more is that hackers tend to target these businesses, too. Any company that has RDP access enabled is a target of hackers.

What Can You Do About It?

Hopefully at this point you are wondering what you can do to protect your business from hackers who like to access networks through RDP.

  • If you aren’t using remote desktop, then the first thing you should do is to remove Remote Desktop from your network.
  • Make sure to update your operating systems critical security patches which will inevitably update any software around remote desktop protocol.
  • Update all software that could allow remote desktop to be vulnerable
  • Make sure your wireless connections are encrypted which generally means password-protected.
  • If you have a good reason for keeping it, you can also choose to restrict access by setting up a virtual private network, or VPN.
  • Additionally, you can create a firewall to restrict its access
  • Setting up multi-factor authentication is also a good idea if you want to keep this software.
  • Just be aware that none of these solutions are fool proof except totally deleting the software.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Creating an Effective Business Continuity Plan

Most of us have no idea when a disaster is about to strike, and even if we do have a little warning, it’s very possible that things can go very wrong.

This is where you can put a business continuity plan to good use. What does this do? It gives your business the best odds of success during any disaster.

What Exactly is Business Continuity?

Business continuity, or BC, generally refers to the act of maintaining the function of a business as quickly as possible after a disaster. This might be a fire, a flood, or even a cyber-attack. With this plan in place, you can refer to it for specific instructions and procedures that need to be done following these disasters.

Some people believe that a disaster recovery, or DR, plan is the same as a BC plan, but that’s not the case. A DR plan focuses specifically on the IT side of things. In fact, the DR plan is one part of a full BC plan.

Think of your own organization. Do you have a plan in place to get sales up and running immediately? What about HR? Manufacturing? Customer service? If your physical business was leveled in a tornado, how would your CS reps handle calls from customers? If you have no idea, you probably need to think about a BC plan.

Why Having a BC Plan Matters

It doesn’t matter if you have a small business or large corporation, it’s very important that you remain competitive. It is imperative that you keep your current customers while also bringing in new ones…and there is no better test for you than a disaster.

Making sure that your IT capabilities are restored is critical, and there are a number of solutions available. You can certainly rely on your IT team to do this, but what about the rest of the company functions? The future of your company depends on you getting back on track quickly. If not, you can see your value plummet and customer confidence tumble.

Your company can also experience losses. These include financial losses, but also legal losses, and, of course, your company’s reputation.

The Parts of a BC Plan

If your business doesn’t have any type of BC plan in place, you should start by assessing all of your business processes. Take a look at and point out all of the vulnerable areas, and what your losses might be if you lose function in those areas for a day…a couple of days…a week, or even more.

Next, you want to start developing a course of action. There are six steps here, in general, including:

  • Step #1 – Identify what you need to do with this plan
  • Step #2 –Choose your key areas to focus on
  • Step #3 – Pick what functions are critical
  • Step #4 – Look for dependencies between different areas and functions of your business
  • Step #5 – Calculate how much downtime is acceptable for all critical functions
  • Step #6 – Make a plan to keep your company going

One of the best tools that you can have for a BC plan is a checklist that includes all of your equipment and supplies, the location of all of your backups, who should have the plan, and any contact information regarding emergency contacts, important personnel, and backup providers.

Remember, a disaster recovery plan is only one part of the BC plan, so if you don’t have a DR plan, this is a perfect time to do it. If you already have a DR plan, don’t assume that it’s going to work in with your BC plan. You need to make sure that all parts align together.

As you work to create this plan, think about meeting with people who have successfully gone through a disaster with success. They can give you some great insight and valuable information.

You Need to Test Your BC Plan

It is very important that you make sure your plan works before a disaster strikes, and the only way to do that is to test it. The best test, of course, is a real incident, but you can also create a controlled environment and test your plan.

You want to make sure that your BC plan is totally complete and that it will meet your needs in the event of a disaster. You don’t want to take the easy way out, either. Any testing you do should be a challenge for the plan. You also have to make sure that the objectives you have are able to be measured. If you just try to “get away with it,” you will have a weak plan and no success when a disaster strikes.

It is recommended that you test your BC plan a few times a year, especially if there have been any changes, such as a change in key personnel or new equipment. Doing things like walk-throughs and simulations can help everyone on your team practice, and make sure you are all ready should a disaster hit.

Always Review and Improve Your BC Plan

The efforts your put into testing your BC plan cannot be stressed enough. Once that is done, some organizations leave it and focus on other tasks. However, this is when things get stale.

Evolution is happening all of the time with both your personnel and your technology, so it’s imperative that your plan is updated to reflect that. So, you should, at least annually, bring your key personnel together to review the plan and point out any areas that might need modification. You also might want to get some feedback from your staff, too, which you can add to your plan. If you have different branches, make sure to include them in this, too.

Ensuring Your BC Plan is Supported

Having a casual attitude towards your BC plan is a sure-fire way to have it fail. Every BC plan must have the support of all staff from the CEO on down. Senior management, especially, must take a role in supporting the plan, as they can delegate to their teams. Additionally, the plan has better odds of staying fresh in the mid of everyone when it is a priority for management.

Finally, it is also very important that senior management promotes user awareness of the BC plan. After all, if your staff doesn’t know about it, how can they act during a disaster when every second of action counts? Plan distribution and training can help here, too, so consider some type of HR-led initiative to bring all employees onboard with it. This way, your staff will know how important a plan like this is, plus you make sure that they see it as a credible part of the business.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

The Smart Parent Guide to Digital Literacy

If you are the parent of a child or teen who uses the internet, here are some stats you need to know:

Stats About Teens and the Internet

  • Teens think that the internet is mostly private
  • They also think that they can make the best decisions for their life online
  • They believe they are safe online and that people are who they say they are
  • They don’t feel at risk if “friending” perfect strangers
  • They feel like since they are probably better at understanding technology, they can make better decisions than their parents about what’s best practice for online behavior

These are obviously naïve views of the digital world and if parents don’t fully explain why these views aren’t just wrong, but dangerous, then the parent is setting up their child for failure.

Make sure that you are keeping the lines of communication open with your kids about their internet use. Explain the risks involved and share stories of other teens who have found trouble online.

Internet Rules that Parents Should Consider

It is recommended by experts that parents set up rules for their kids in regards to internet use. Here are some:

  • Know every password that your kid has and use those passwords to check on their accounts.
  • Don’t let kids use social media, text friends, or chat online until they are in 9th or 10th grade, and never let kids use apps or sites that allow for anonymous communication.
  • There is NO reason why your 13 year old needs to be head deep in Snapchat or TikTok. NONE. Nothing good will come from it.
  • Give your kids a time limit for internet use
  • Don’t allow your kids to respond to messages from strangers, and never “friend” strangers.
  • Never give out any personal information, such as address or phone number, online.
  • Always be respectful and kind to others online; bullying should NEVER be allowed.
  • Do not allow your children to know your passwords.
  • Do not allow kids to use have access to their devices at all times. Have family time with no screens. i.e. game night, a walk to the local park, etc.
  • No phones in the bedroom. Buy laptops, not desktops. Laptops shouldn’t be allowed in the bedroom after homework is done.
  • No photos should be posted to an internet site without permission of parents.
  • Always check text messages, chat logs, or any other communication online, and make sure that kids understand that there will be consequences if they delete the messages.
  • Don’t allow kids to download any apps or software without your permission.

Don’t Make These Mistakes

  • Don’t give your child a traditional smart phone before 9th You can give them a feature-phone, that you have full access to, however.
  • Don’t give your child internet access that is unmonitored.
  • Don’t allow your kids to use the internet in closed rooms or in areas where you can’t see what they are doing.
  • Don’t allow them to play online games where chat is enabled, as these are common targets for sexual predators.

Just because other families are breaking most of these rules, doesn’t mean your family needs to. Don’t be cattle or sheep. Lead by example.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Teen Tragic Love: Lesson for Parents?

This story is kinda dark. Recently the ID Channel ran an episode called “Forbidden: Dying for Love — Together Forever, Forever Together.”

The 19-year-old was Tony Holt. Let’s call his 15-year-old girlfriend Kristen.

Kristen, 14, Falls Hard for Tony, 18

She met him when he was working at a grocery store. But he also happened to be a senior at her new high school. Prior to meeting him, Kristen knew her mother wouldn’t allow dating till she was 16.

Kristen’s mother eventually learned of the secret relationship and forbad it. The girl and Tony kept seeing each other on the sly. Mama learned of this and again, forbad it. Kristen then pretended the relationship was over and even talked of how she now hated Tony. Her mother was thrilled.

Meanwhile the teens kept sneaking around.

Forbidden love can be funner! Anyway, Mama found out again, stormed into the grocery store and angrily announced to Tony that if he ever went near her daughter again, she’d have him arrested for statutory rape. Which, is in fact statutory rape in many states.

The threat had him really scared about going to prison. He appeared at Mama’s house soon after and apologized for upsetting her and said that he and Kristen were going to cool it and just be friends.

But they continued seeing each other, and Mama discovered photos in Kristen’s bedroom of the two making out. More furious than ever, she forbad any contact. (Kristen’s father was out of the picture.)

Not long after, she got a call at work to come to the house. The police were there. Tony and Kristen were both dead from a gunshot wound to their heads.

A suicide note left by Kristen explained that the only way they could be together was to die and go to heaven where they could live happily ever after. Kristen had also left a suicide message on the answering machine, apologizing for the suicide pact. I’ll bet you didn’t see that one coming. Neither did I.

Questions to Wonder About

  • Why didn’t the teens decide to just avoid sex for three years, after which they could then marry and have up to 70 years of glory together? Abstinence is hardly an extreme move when you pit it against a murder-suicide.
  • What if Kristen’s mother permitted the relationship and even had Tony over every week for dinner? But what if, at the same time, she expressed her disapproval over their sexual relations?
  • What if she had said, “If you get pregnant, you’ll be grounded – by your baby. I won’t report statutory rape, but I also won’t help you out with the baby, either.”

That last warning may sound harsh, but it’s a crapshoot type of warning: It just might work.

Lessons Learned

  • You can’t stop two love-struck teens from seeing each other, so you may as well be civil to the unapproved young man.
  • While it’s important to stand your ground as a parent, there also comes a time when a sweet spot needs to be figured out. After all, not only might there be a suicide pact, but there are quite a few documentaries in which the forbidden young man murdered his girlfriend’s disapproving parents.
  • It’s never too early to teach your children the virtues of delayed gratification.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

“Choking Game” Killing Kids, and Authorities Have to Step Up

It only took a minute for 12-year old Erik Robinson to die while playing a macabre game called the “Choking Game.” His mother desperately tried to save her son when she found him with a Boy Scout rope around his neck, but it was too late. Erik was brain dead due to lack of oxygen, and mom had to make the choice to remove her son from life support.

Sadly, she is not alone. The only viable statistics run between 1995 and 2007, where 82 kids have died while playing the “Choking Game,” an act where people cut off their own air supply in an effort to feel the euphoria that comes when they begin breathing again. But a 2015 study by the University of Wisconsin looked at 419 choking game videos, that had been viewed 22 million times, and the conclusion the researchers reached was social media has “normalized” the behavior and increased the likelihood that viewers will follow suit.For many years, people would spread info about this “game” by word of mouth, but these days, it’s very easy for teens to find out how to asphyxiate themselves online. In fact, there are more than 36 million results for “pass out game” on YouTube, and over half a million results for “how to play choking game.”

As more kids fall victim to this game, their parents are banding together and warning others about the dangers of this game and the ease of finding out how to play it. However, they are hitting a lot of road blocks as schools aren’t willing to raise awareness about it and coroners aren’t trained to recognize it. In fact, many times they misclassify deaths due to the “Choking Game” as suicide. Sites like YouTube and Facebook are taking the videos down, but they aren’t taking them down quickly enough.

Most teens who play the “Choking Game” don’t see it as dangerous or realize that they could permanently damage their brains. Not everyone who plays the “Choking Game” dies, of course but plenty are left brain dead as in this video.  Brain cells begin dying off in a matter of minutes if they don’t get oxygen, and the more you do it, the more the risk of permanent damage grows. There is also the fact that this feeling of euphoria can become addictive, which means some teens will do it over and over again. There is a push for more awareness about this dangerous act, and videos and presentations are being shared with school districts about how this game can quickly go wrong. Advocates are also pressing the CDC to research this game more, and the injuries and death that come from it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Young Kids Getting Sexually Exploited Online More Than Ever Before

An alarming new study is out, and if you are a parent, you should take note…children as young as 8-years old are being sexually exploited via social media. This is a definite downturn from past research, and it seems like one thing is to blame: live streaming.

Robert Siciliano Quora Breach

YouTube serves up videos of kids, in clothing, that pedophiles consume and share as if it is child porn. It’s gotten so bad that YouTube has had to disable the comments sections of videos with kids in them.

Apps like TikTok are very popular with younger kids, and they are also becoming more popular for the sexual predators who seek out those kids. These apps are difficult to moderate, and since it happens in real time, you have a situation that is almost perfectly set up for exploitation.

Last year, a survey found that approximately 57 percent of 12-year olds and 28% of 10-year olds are accessing live-streaming content. However, legally, the nature of much of this content should not be accessed by children under the age of 13. To make matters worse, about 25 percent of these children have seen something while watching a live stream that they and their parents regretted them seeing

Protecting Your Children

Any child can become a victim here, but as a parent, there are some things you can do to protect your kids. First, you should ask yourself the following questions:

  • Are you posting pictures or video of your children online? Do you allow your kids to do the same? A simple video of your child by the pool has become pedophile porn.
  • Do you have some type of protection in place for your kids when they go online?
  • Have you talked to your children about the dangers of sharing passwords or account information?
  • Do your kids understand what type of behavior is appropriate when online?
  • Do you personally know, or do your kids personally know, the people they interact with online?
  • Can your kids identify questions from others that might be red flags, such as “where do you live?” “What are your parents names?” “Where do you go to school?”
  • Do your kids feel safe coming to you to talk about things that make them feel uncomfortable?

It is also important that you, as a parent, look for red flags in your children’s behavior. Here are some of those signs:

  • Your kid gets angry if you don’t let them go online.
  • Your child become secretive about what they do online, such as hiding their phone when you walk into the room.
  • Your kid withdraws from friends or family to spend time online.

It might sound like the perfect solution is to “turn off the internet” at home, but remember, your kids can access the internet in other ways, including at school and at the homes of their friends. It would be great to build a wall around your kids to keep them safe, but that’s not practical, nor is it in their best interest. Instead, talk to your child about online safety and make sure the entire family understands the dangers that are out there.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video

Who Has Access to Your Personal Info? The Answer Might Surprise You

Are you aware that many people probably have access to your personal info? If you have ever gotten an apartment, have insurance, or applied for a job, someone has done a background check on you, and you might be shocked by what’s in there, including your debts, income, loan payments, and more. On top of this, there are also companies collecting information on you including:

  • Lenders
  • Employers
  • Government agencies
  • Volunteer organizations
  • Landlords
  • Banks/credit unions
  • Insurance companies
  • Debt collectors
  • Utility companies…and more

Thanks to the Fair Credit Reporting Act (FCRA), you can get a copy of these reports every year for a small fee, and they are free if there has been any type of adverse action against you. You can also get this information from certain organizations including the following:

Credit Agencies

Most people know the main credit reporting bureaus, Experian, TransUnion, and Equifax. The reports that these companies give you can include your loan and credit card payment history, how much credit you have, info from debt collectors, and other information.

Employment Screening

If you have applied for a job, you might have gone through employee screening. These employers have access to things like your salary history, credit history, education, and even criminal history.

Housing/Tenant Screening

If you have ever rented an apartment or home, your landlord might have done a background check, too. This might include prior evictions and other negative information.

Banking and Check Screening

Your bank also might have information on you, which could include your banking history, such as negative balances on your checking account or unpaid bills.

Medical Insurance

Finally, if you have medical insurance, your insurance company has probably also done a background check on you. These policies include life insurance, health insurance, long-term care insurance, critical illness insurance, or disability insurance.

Lifehacker and the Consumer Financial Protection Bureau’s 2019 report compiled a pretty amazing list below. Check it out.

The nice thing about these things, however, is that you have a right to access all of these reports, too. In most cases, these reports are free. You can ask these organizations what background check companies they are using, and then you might be able to request a free report. Again, if there is any negative information on these reports that cause you to, for instance, not be hired by an employer, you will automatically get a free copy of this report so you can see the derogatory information for yourself, and then take any steps you can to change it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Access that Old Email Account

Have you ever wondered if you could access your old email accounts? You might want to look for some old files, or maybe need information about an old contact. Whatever the reason, there is good and bad news when it comes to accessing old email accounts.

The best thing that you can do is to use the provider to find the old email account or old messages. All of the major providers, including Outlook, Gmail, Yahoo, and AOL, have recovery tools available. If the email address is from a lesser player in the email game, again, you might be out of luck.

First, Know the Protocol

Frankly, the next 3 paragraphs might be confusing. If they don’t make sense to you jump to Do You Remember the Service or Email Address?

The first thing you have to do is know the protocol your provider uses. There are two different protocols to consider when trying to access old messages: POP3 or IMAP.

POP3 protocols essentially download messages from a server to a device. IMAP just syncs your messages between your device and the server. Most email services default to an IMAP protocol, but it’s very possible that an older email account would have been set up to use POP3. If this is the case, and the provider deletes the messages off the servers when downloaded via POP3, this is not good news…those messages are gone. Even if you eventually get access to these accounts, if you have downloaded the messages to a computer or smartphone, they are gone from the server.

There is better news if you used IMAP…though, again, this is assuming nothing has been deleted. Some providers will delete accounts that are inactive for a certain amount of time. If the account is deleted, those messages are gone. Check the account deletion policy of the email provider to see if your account might still be active, and ultimately, accessible.

Do You Remember the Service or Email Address?

If you remember the email address and not the password, try the password reset link and if, and only if, you set up a backup email for recovery, then you’re on Golden Pond.

Now, what happens if you can’t remember what service you used or even the email address you used? There is still hope.

First, search for your name in the email account you use now. You might have sent something to yourself from an old account. Another option is this: if you remember the old provider, you can also search for that. You also might want to search your computer to see if there are old documents with your old email in there. You also might have set up a recovery email address or phone number that you can use to access the account.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How To Determine a Fake Website

There are a lot of scammers out there, and one of the things they do is create fake websites to try to trick you into giving them personal information. Here are some ways that you can determine if a website is fake or not:

How Did I Get Here?

Ask yourself how you got to the site. Did you click a link in an email? Email is the most effective ways scammers direct their victims to fake sites. Same thing goes with links from social media sites, Danger Will Robinson! Don’t click these links. Instead, go to websites via a search through Google or use your bookmarks, or go old school and type it in.

Are There Grammar or Spelling Issues?

Many fake sites are created by foreign entities using “scammer grammar”. So their English is usually broken, and they often make grammar and spelling mistakes. And when they use a translating software, it may not translate two vs too or their vs there etc.

Are There Endorsements?

Endorsements are often seen as safe, but just because you see them on a site doesn’t mean they are real. A fake website might say that the product was featured by multiple news outlets, for instance, but that doesn’t mean it really was. The same goes for trust or authenticating badges. Click on these badges. Most valid ones lead to a legitimate site explaining what the badge means.

Look at the Website Address

A common scam is to come up with a relatively similar website URL to legitimate sites. Ths also known as typosquatting or cybersquatting. For instance, you might want to shop at https://www.Coach.com for a new purse. That is the real site for Coach purses. However, a scammer might create a website like //www.C0ach.com, or //www.coachpurse.com.  Both of these are fake. Also, look for secure sites that have HTTPS, not HTTP. You can also go to Google and search “is www.C0ach.com legit”, which may pull up sites debunking the legitimacy of the URL.

Can You Buy With a Credit Card? 

Most valid websites take credit cards. Credit cards give you some protection, too. If they don’t take plastic, and only want a check, or a wire transfer, be suspect, or really don’t bother.

Are the Prices Amazing?

Is it too good to be true? If the cost of the items on a particular page seem much lower than you have found elsewhere, it’s probably a scam. For instance, if you are still looking for a Coach purse and find the one you want for $100 less than you have seen on other valid sites, you probably shouldn’t buy it.

Check Consumer Reviews

Finally, check out consumer reviews. Also, take a look at the Better Business Bureau listing for the company. The BBB has a scam tracker, too, that you can use if you think something seems amiss. Also, consider options like SiteJabber.com, which is a site that collects online reviews for websites. Just keep in mind that some reviews might be fake, so you really have to take a broad view when determining if a site is legit or one to quit.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.