Apple Releases a New ‘Personal Safety User Guide’ to Help with AirTag Stalking

Over the years, Apple has attracted all types of users thanks to its relatively safe and secure devices and software when compared to other products. However, with the release of AirTags, this has changed a bit, as they can fairly easily be manipulated by people to track others. This has put a lot more focus on Apple products and safety, and it has ultimately led Apple to release a new Personal Safety User Guide, which was created to keep customers safe.

airtagMost of the suggestions and tips that are found in the guide aren’t things that are foreign to people who use Apple products, but there is a new section in the guide all about AirTags. In the guide, Apple explains the numerous features it has applied to AirTags, which were created to stop any unwanted tracking or stalking. It also shares information on what to do if there is an AirTag alert that doesn’t belong to them.

Apple has described this new guide as a resource for anyone who has concerns about harassment, abuse, or stalking through technology. Those who are experiencing this type of harassment or abuse can look at the guide and see step-by-step directions on how to remove access to their information as well as a guide on what they can do to improve their own safety. Though this guide doesn’t technically introduce any new features, it is a good start for people who are looking for a resource to help in these situations.

In this guide, Apple offers a full bulleted list of 13 different tasks that people can use to improve their security. The guide also shares three different checklists, which all provide directions to help people change their settings if they believe that someone might have access to their accounts. Additionally, there are tips on how to stop sharing information with other people.

Meanwhile, AirTags are being used by travelers to locate their lost luggage. Check out our post Be Aware of These Safe Travel Security Tips for more info.

When AirTags were first introduced, the main concern was that people could use the devices to stalk or follow and track other people. As more people have begun to use them, this has turned those concerns into a reality, as there are many reports of people using AirTags to follow others.

To help alleviate some of these issues, Apple introduced a new update that would make the AirTags beep if not near the owner’s phone for a set period of time. There is also a new app that Apple released, called Tracker Detect, which allows Android users to scan for these connections, too.

In addition to stalking, car thieves have also been using AirTags to track down, and eventually steal, expensive vehicles. There is also the fact that parents or partners can use the devices to track their children or significant others, which may bring up some moral issues.

Of course, not all AirTag use is bad. In fact, they can be very useful for things like finding your car in a crowded parking lot, finding your luggage when traveling, or even knowing where your pet is at any time. People also use these tags for much simpler things, like finding their keys in their apartment. Other people report using AirTags for good reasons, too, including tracking where their belongings are during a cross country move.

If you ever have concerns about being tracked with an unwanted AirTag, there are some things you can do to protect yourself. First, any AirTag that is not near its owner will cause an alert to appear on your Apple device. This tells you that an AirTag tracker is close by. They also put out a little alarm if they are away from the owner’s device for too long. Finally, if you are an Android user, you can also download and use the app Track Detect to make sure there are no AirTags nearby.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Protecting Your Accounts from Russian – or Any — Cyberattacks

No matter when you look at the news, there is probably a story about Russian hackers…and if there is not a story about hackers from Russia, there is likely a story about hackers from China or a place like Turkey. There is definitely a chance that any hacker or hacking group could launch an attack against the US, and the government has even briefed companies about what to do if they believe they are at risk.

hacker chest

Just because you are an individual, it doesn’t mean that you are not at risk of a cyberattack, just like a company is. You may be wondering how you can protect yourself, since this is the case. This is a great time to learn more about how to stay safe from cyberattacks – no matter where they come from.

Many cybersecurity threats are coming from what is known as a “Distributed Denial of Service” (DDOS) attack, which is often launched against a website or a financial network. Basically, the hackers push so much traffic to a network or site that it totally crashes, which disrupts business. At this point, the IT team has to focus on getting the network or site back up, which opens a window for a hacker to move in right under their noses.

These attacks can happen at any time, and they can be quite far reaching. Back in 2012, a group of Iranian activists attacked more than a dozen banks in the US, which disrupted all of their sites.

So, what can you do to make sure this doesn’t happen to you? Here are some tips:

In addition to below, check out our post: Russian Hackers: 14 Ways to Protect Yourself and Your Business

  • CASH, YES Cash: Try to keep a little cash available, especially if you are going out of town. This way, you will have money in case a banking network or ATM is not working due to a DDOS.
  • For every banking or financial account you have, make sure you have a strong and unique password. Don’t reuse any passwords, and do not use any social media password for any banking site.
  • Always watch your financial accounts for unusual activity. Check your bank account online or via phone at least once a week, and if you can, every day or two. If there is a problem, it is always best to find it as early as possible.
  • Russian hackers often try phishing scams on social media or via email in order to get access to corporate networks. Never, ever click a link in an email or on social media from someone you do not know. They also use text messages to try to get people to respond with information that will allow them into accounts. Even if it seems like it’s coming from a company you are familiar with or even do business with…confirm everything before you click or give information.
  • Sign up for email or text alerts for all of your financial accounts. This way, if there is a weird transaction, you will be notified immediately.
  • You should also consider signing up for multi-factor authentication for any financial account. When you do, and someone tried to sign into your account…even yourself…the bank or other company will send you a code to the email or phone number they have on file. Even if you put the correct username or password in, you cannot get into the account without that code.
  • Always update all of your apps and software on every device, including phones, tablets, and computers. To make it easy, set these updates to occur automatically, and then you don’t have to worry about it.
  • Don’t believe everything you see online. There are a lot of scams out there, and there is a lot of “news” out there that is not real nor correct. Use common sense before doing anything.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Be Aware of These Safe Travel Security Tips

Covid seems to be on the downswing (hopefully). Airlines are reporting record-breaking bookings. There are a number of travel security considerations to be made when traveling domestically and even more when internationally.

Rental Cars

Be Aware of These Safe Travel Security TipsIf you are planning an upcoming vacation or a business trip, you might be thinking about renting a car. “Smart Cars” are all the rage, and they connect to the internet. You get Bluetooth, navigation, hands-free calling, live-streaming, and much more. In fact, if you have a fairly new car, yourself, you probably already have some access to these features. You probably connect your devices to your car, too, so that you can stream music, text, make phone calls, etc. This is no issue because it’s your own car, and only you and your family are using it.

Now, think of this. You have your devices, you are on vacation, and you have a rental car. So, you connect, just as you do at home. But what you don’t realize is that your personal information is now on the car, and the next person who rents it might be able to access it.

I travel a lot, and I rent a lot of cars. There has not been one car that I can think of that hasn’t had information about previous renters in it, and that’s pretty scary. I could even access their address book information in some cases.

Even if all you want to do is listen to Pandora or something, connecting to the rental car might still store data onto the car, including where you are driving. This might not seem like a huge deal if you are on vacation, but what if you have a rental car at home? The person who rents the car next can access your home address, your workplace, where you shop, etc.

The vehicle can also store your phone number and your text logs, too. Again, this can get into the hands of the wrong people unless you know how to delete them.

As you can see, there is more to auto safety than simply putting on your seat belt and refraining from texting and driving. If you are connecting to a smart car, the person who drives it next could learn so much from you; information that you certainly don’t want people to know.

Do This, Not That 

Here are some tips you can use the next time you rent a car:

  • Don’t use the USB port on a rental car to charge your phone. It can transfer data to the car. Instead, buy a cheap adapter and use the cigarette lighter.
  • Check up on the permission settings of your devices. If the infotainment system allows you to choose what is sent, only give access to things that are necessary.
  • Before you turn the car on, make sure to delete your phone from the car’s system.

Will your identity get stolen as soon as you connect your phone to a smart rental car? Probably not, but by connecting it and not deleting the data, you could run into some security and privacy issues down the road, including identity theft. Be smart, and don’t put yourself in a situation where someone else might get access to your personal information.

Everything Else

Some thieves specialize in hanging around tourist spots to spot the tourists and make them victims of hands-on crimes such as purse snatching or a mugging. But don’t wait till you’re aimlessly wandering the piazza with your face buried in a huge map to take precautions against less violent forms of crime.

  1. Before traveling, make copies of your driver’s license, medical insurance card, etc., and give these to a trusted adult. Have another set of copies in your home. Scan them and email them to yourself.
  2. Never post your travel plans on social media until you return. You never know who’s reading about you.
  3. Before departing from home, make sure your credit card company and bank know of your travel plans.
  4. Clear your smartphone or other devices of personal data that’s not essential for your trip.
  5. Travel on a light wallet. Take two credit cards with you in case one is lost or stolen. Have with you the phone numbers for your bank and credit card company, just in case.
  6. Avoid using Wi-Fi in coffee houses, airports, and other public areas other than just catching up on the news. Use a VPN. Google it.
  7. When traveling internationally, read up on the safety of food and water and get whatever shots you may need.
  8. Never give your credit card number to the hotel staff (or at least, anyone identifying themselves as hotel staff) over the phone in your hotel room. The call could be coming from a thief posing as hotel staff telling you they need your number again.
  9. Never leave anything out in your hotel room that reveals personal information, such as a credit card receipt, passport, checkbook, medical insurance card, etc. If the room does not have a safe, then have these items on you at all times.
  10. Use only an ATM that’s inside a bank, never a free-standing one outdoors somewhere. Cover the keypad with your other hand as you enter the PIN to thwart ATM skimmers.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Wi-Fi Hackers Snoop on Your Phone and Laptop: Here’s How They Do It

Wi-Fi is inherently flawed. Wi-Fi was born convenient, not secure. It is likely that you have heard about how dangerous it is to use an unsecured public Wi-Fi connection, and one reason is because a scammer can easily snoop. It is easier than you might think for a person to hack into your device when it is connected to a public Wi-Fi connection. In some cases they may be able to read your emails and messages, access your passwords, or even get personal information like your bank account number.

wiIt’s possible that your router or any router you connect to has been hacked and you won’t know it. A known tactic called DNS (Domain Name Server) hacking or hijacking, skilled hackers, (both black-hat and white-hat) can crack the security of a business or your home Wi‑Fi resulting in a breach. From there, if they are savvy, they’d set up a spoofed website (like a bank, or ecommerce site) and redirect you there.  From here the goal is to collect login credentials or even monitor or spy on your transaction’s on any website.

Think about this too; you are sitting in a local coffee shop working on your laptop while connected to the shops Wi-Fi. Someone sitting near you could easily download a free wireless network analyzer, and with some inexpensive hardware and software (google “Wifi Pineapple”), they can see exactly what you are doing online…unless your device is protected. They can read emails that you are sending and receiving, and they can do the same with texts.

Using a Wi-Fi Hotspot Safely: Tips

 Knowing what can happen when you are connecting to a public Wi-Fi spot, you want to know how to use them securely. Here are some ideas:

  • Don’t automatically connect to Wi-Fi networks. When initially connecting to a wireless network, we are often faced with a checkbox or option to “automatically connect” to the network in the future. Uncheck this and always manually connect. For example, if your home network is “Netgear” and you are somewhere and your device sees another network named “Netgear,” your device may connect to its namesake—which may not necessarily be as safe, potentially leaving your device vulnerable to anyone monitoring that new network.
  • When setting up a wireless router, there are a few different security protocol options. The basics are WiFi Protected Access (WPA and WPA2) is a certification program that was created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP), was introduced in 1997.
  • Confirm the network you are connecting to. Granted, this is easier said than done. There are rogue networks called “evil twins” that criminals set up; they are designed to lure you into connecting by spoofing the name of a legitimate network. For example, you may use what you see as “Starbucks Wi-Fi” to connect while you’re sipping your latte, but you may also see a listing for “FREE Starbucks Wi-Fi.” Or “ATT WIFI” might be real, but a hacker might have “Free ATT WIFI” as a fake network. Which one—if either—is for real? Such setups are designed to lure you in—and once connected, your data might get filtered through a criminal’s device. If you don’t know if a network is safe or not, feel free to ask.
  • This is a bit 101, but when you log into any website, make sure the connection is encrypted. The URL should start with HTTPS, not HTTP. Most sites today encrypt your session automatically.
  • Use a VPN when you connect to a public Wi-Fi connection. A VPN is a technology that creates a secure connection over an unsecured network. It’s important to use because a scammer can potentially “see” your login information on an unsecured network. For instance, when you log in to your bank account, the hacker may be able to record your information, and even take money from your account. VPNs are free to a monthly/annual fee or a lifetime license.
  • If you are using a private network, make sure that you understand that they, too, are vulnerable. Anyone who has some knowledge can use these networks for evil. Always use a secure connection, and seriously, consider a VPN.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Threats to Be Aware of If You Use a Gmail Account

If you have a Gmail account, you should be concerned. Why? Because there are millions of malicious emails that are sent to users of Gmail every day.

gmailNow while Google upsets many people for many reasons, they do a pretty good job at keeping your email account secure. And they provide a number of tools to accomplish that task. The problem is not usually Google, the problem is usually in the “seat” and that’s you buddy. All of you fools using the same password across multiple accounts are potential victims of “credential stuffing” and those of you using the same pass code across multiple accounts are just, well dumb. No offense. But really, it’s just stupid.

If you want to know if your email address and it’s associated password have been included in any of the 12+ billion stolen records we have access to, head over to my company’s website ProtectNowLLC.com and plug your email address and any associated passwords in to see if you have been breached. And don’t worry, we don’t have access to any of your data nor do we store your information.

If you want to engage in best practices regarding your Google account, head over to Googles Security Checkup and run through your security settings. You’re crazy (or lazy) if you don’t.

Google is pretty secure, though, and many of these scammy emails are stopped right in their tracks. However, not all of them are, and if you use a corporate Gmail account, you could be more at risk than others. Here are some statistics for you to take a look at:

  • Scammers send more than 4 times the number of malware emails to corporate Gmail accounts than they do to personal Gmail accounts.
  • Scammers send more than 6 times the number of phishing emails to corporate Gmail accounts than they do to personal Gmail accounts.
  • Scammers send more than 4 times the number of spam emails to corporate Gmail accounts than they do to personal Gmail accounts.

Focusing on Threats to Corporate Gmail Accounts

You may be shocked to know that scammers like to focus on certain Gmail corporate accounts than others. For instance, when you think of all the corporate email addresses out there, educational entities and non-profits are more than two times more likely to be attacked with malware than others.

Google is Doing Its Best to Stop the Scammers

Google is well aware of these threats, and it has taken some big steps to stop the hacks. First, the company has installed an email classifier, which has an almost 100 percent accuracy rate when detecting scammy emails. Google also can send alerts to people who want to visit websites that are known for phishing or malware.

On top of that, Google offers two-step verification when users want to access their accounts, and the company also uses a hosted S/MIME feature, which

is helping to ensure that content of any email is secure and safe when it’s sent.

Finally, Google uses a TLS encryption indicator, which, when used, means that only the person you send the email to can read it.

Identifying a Phishing Email

Though Google has done a great job at stopping these threats, you may still find them getting into your email box. Here are some tips:

  • Expect the Unexpected – Most of the phishing emails out there look remarkably like legitimate emails. Thoroughly examine any email before you download files or click on links.
  • See Who Sent It – If you don’t know the sender’s name, be cautious, especially if the email asks for account information, including passwords.
  • Don’t Click on Links – Additionally, you should make sure that you are not clicking on links that appear in emails. If you must go to the site, type the address into the browser manually.
  • Look at Grammar – You also want to take a look at the grammar in emails. A lot of typos or bad grammar is a sure sign of a scam.
  • Notice Threatening Language – Finally, if you notice any threats in the email, it is probably a scam. A great example of this is “your account has been compromised.”

This is definitely not a full list of scams, but it does give you a good idea of what you might be up against. If something looks like a scam, it probably is.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

This GUN Website is a Fraud. How to Determine if a Website is Fake or Real

There are many scammers out there, and one of the things they like to do is to create fake sites that are meant to trick people into giving them personal information, commit identity theft or wire fraud or they’re designed to facilitate a P2P payment like Venmo or PayPal or they’re designed to siphon money via a wire transfer.

One such site is https://empiregunshop.com/ Empire Gun Shop is set up specifically to scam users via a wire transfer. I stumbled upon the site via a Google search looking for a specific part for an old firearm that was provided to me. Google index’s the site, which is scary, and people are being scammed every day. The site has been in operation since March 2020. They also have a Yelp and a Yellow Pages listing which furthers their “legitimate” presence. What also makes this site so effective, beyond the quality web development, is the fact that the URL has HTTPS meaning the “S” designates it is a “secure site” but that doesn’t mean it’s safe.

The site also has a “Live chat” feature that allows visitors to immediately connect with a live operator. And if you do, and feel free to try it, they will respond directly to you. And what is likely to occur is they will set up a wire transfer either via email or via chat. All communications with the scammers are done via a Google voice phone number. I’ve talked to them, engaged in email communications and text. Based on their thick heavy accents and they’re utter brazen attitudes, it’s likely they are from West Africa or Nigeria etc.

Their “Contact us” page provides both a phone number and an email address. And as soon as you contact them they will respond. They will convince you that they have your product in stock, and they will work with you to set up a wire transfer or a peer to peer payment. And once you do, that’s it it’s over Johnny, you lose that money.

When I engaged them to purchase a part, I became immediately suspicious when they were unable to answer a single question that I had asked. Firearms are a certain specialty, and there is a specific language that one needs to speak in order to understand the world of guns. These scammers have no idea what they’re talking about. And if you’re a new gun enthusiast and don’t understand the language of firearms you are likely to get scammed. And that is their edge. Newbies are their mark.

So for laughs, I engaged them via text. I asked if I could buy a “Bazooka” which if you didn’t already know, a Bazooka is a common name for a man-portable recoilless anti-tank rocket launcher weapon, widely deployed by the United States Army. It’s a grenade launcher.

And I told them that my intent was “I am declaring jihad against the infidels.”  Which for any normal company would set off red flags. But not these guys. They’re all about the jihad! And they asked for the FFL which is the Federal Firearms License. And I provided  “Youra Sheethed” Get it? You’re a Shithead. He He.

And I gave them the physical address of the ATF and Boston. And they responded with their PayPal identification number. Feel free to send them some money. Or report them to Paypal. Whatever you wanna do.

Once I started to see this was a scam, I quickly researched the name of the company and found numerous online forums that enforced my belief that it was fraud. Here are those links below:

https://www.bbb.org/us/pa/danville/profile/gun-shop/empire-gun-shop-0241-236059607/complaints

https://www.scam-detector.com/validator/empiregunshop-com-review/

https://www.glocktalk.com/threads/empire-gun-shop-anyone.1883574/

https://www.ar15.com/forums/hometown/Is-Empire-Gun-Shop-in-Danville-legitimate-/14-652483/

https://www.yelp.com/biz/empire-gun-shop-danville

https://www.yellowpages.com/danville-pa/mip/empire-gun-shop-6086596

Here are some of the ways that you can determine if a site is real or fake:

You Aren’t Sure How You Got to the Site

 Have you found yourself on a site and you don’t know how you got there? Did you click on an email link? This is one of the most effective methods that a scammer uses to get a victim to go to a fake site. This is also the case with links on social media sites. Whatever you do, do not click these links. Instead, if you know you want to go to a site, either use a bookmark or type it directly into your browser.

Do You See Spelling or Grammar issues?

 Another sign that a site might be fake is a lot of grammar and/or spelling issues. Many of these fake sites are created by non-native English speakers, and they often make mistakes with spelling and grammar. Some also use translation software, which is notorious for making mistakes like using “there” instead of “their.”

Is the Site Endorsed?

If you see that a site is endorsed, you might believe that it’s totally safe, but just because you see an icon that looks like an endorsement, it doesn’t mean it’s real. A person creating a fake website can add information saying, for instance, that it is endorsed by a news outlet, but that doesn’t mean it actually was. The same can be said for authenticating badges. You should be able to click on these badges and be directed to a site explaining what it means. If you can’t click it, it’s probably a fake.

Look at the Address

Another sign that a site is a scam is if the website address is incorrect. For example, let’s say you want to do some online shopping, and you get an email coupon from Kohl’s. You click on the link, but instead of going to Kohls.com, it takes you to K0hls.com. This is a fake site. You also want to pay attention to the beginning of the address, too. You should only be doing shopping or entering information at a site beginning with HTTPS, not HTTP.

How to Make a Purchase

Almost every website out there takes credit cards. This is a good thing, because a credit card gives you protection. If a site doesn’t take cards, and it only wants a check or wire transfer, you should be suspicious. Empire Gun Shop doesn’t take credit cards.

Are the Prices Too Good to Be True?

Are the prices on a site too good to be true? If the prices are much lower than other prices, this could be a sign of a scam. For example, if you want to buy a new designer purse, and every other site has them for $400, but this one has it for $100, this is a red flag.

Read Reviews

Finally, you can determine if a site is real or not by looking at reviews. You can do this by searching on Google, or you can look at the Better Business Bureau listing. There is also a scam tracker on the BBB website, too. And as I did above, seek out the name of the company and its domain on various forums that specialize in that product or service. Keep in mind, however, that some of these reviews might still be fake, so spend a little time on this and don’t always give these landing pages or splash pages too much credibility.

And hey, feel free to mess with those scumbags at Empire Gun Shop and make their life hell.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Are Your Devices Spying on You? Here’s How to Stop It

Though you might not realize it, your electronic devices are probably spying on you. These things, like your cell phone, know everything from what you are reading to where you are at any given time. How do they know it? Well, many times, you actually give the device and its apps permission to collect the information. . And while some of the following instructions are somewhat “limited”, setting up privacy requires a little bit of digging. So, dig in ! Here’s how to stop it:

Stop Your Laptop from Spying

Windows

Do you use Windows? If you do, you can limit what you share by going to “Settings” and clicking “Privacy.” Here, you can enable or disable settings for the apps you have on your laptop. You have to do this each time you install a new app.

Macs

Are you using a Mac? If so, you can definitely limit how much information you send to Apple by clicking on the Apple menu, choosing System Preferences, and then Security & Privacy. In the “Privacy” tab, you can see information on what apps can share. When you click “Analytics,” you can see more. Keep in mind that if you install a new app, you need to do this again.

Chromebook

Google is well known for its love of collecting data, so if you have a Chromebook, you should really pay attention. Go to “My Activity,” and then delete anything you want. You can also stop some of the devices data collection by choosing “Manage Your Google Activity,” and then clicking “Go to Activity Controls.”

Phones

As with laptops, you can do the same with a cell phone.

Android

If you own an Android phone, choose “Google,” and then choose “Personal Info & Privacy.” Then choose “Activity Controls.” There, you can choose what to share. As with the laptops, you have to update this each time you install a new app.

iOS

If you own an iPhone, you can find a Privacy setting when you look at the Settings menu. Open this, and then click on “Analytics.” This allows you to see what you are sharing with Apple. You can easily toggle it all off if you like. For every app, you can go back to the “Privacy” settings, and then check these settings for every app you have on your phone.

Fitness Trackers

You might be surprised to know that your fitness tracker could also be spying on you. Apps like FitBit and Strava are controlled through the Privacy and Settings options on your phone, but there is more you can do, too.

FitBit

On the FitBit app, you can tap on your profile, and then the account name. Tap on “Personal Stats,” and then “Settings” and “Privacy.”

Strava

On the Strava app, click on “Menu” or “More,” depending on what type of device you have. Then, choose “Settings” followed by “Privacy Controls.”

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Your Photos Are Displaying Your GPS Info!

During the holiday season, people are constantly posting family photos online, especially photos that contain kids. Sure, you think your kids are the most adorable out there, but do you really want the entire world to have access to these pictures? Do you want everyone to know where you live? …and did you know this? When you put photos like this online, pedophiles and predators can get your GPS coordinates.

You might want to put up a photo of your kids and dog opening their gifts on Christmas morning or you and your spouse toasting the New Year, but creeps can easily access the exact location each of these photos were taken, and it’s easier to do than you might think.

How is something like this possible? Each time you take a photo with a digital camera or a smart phone, it creates data called EXIF, of “exchangeable image file format.” This data essentially geotags your photo with the GPS coordinates of where you took the image.

If you remove this data, however, the bad guys can’t see where you are located. However, you have to do this for each and every new photo you want to post online.

How to Remove the EXIF Data

Here are the steps that you should take to remove the EXIF data:

 iPhone:

  1. Locate the picture on your iPhone.
  2. Open it, and tap the Share button.
  3. Tap on Options and in the next pane (up top), toggle off Location and/or All Photos Data.

Android:

From Google Play download the free app Photo Metadata Remover

Windows:

  1. First, right click on the image.
  2. Choose “Properties” to see the data, which should include the time and date that the image was taken.
  3. Click “Details.”
  4. Click “Remove Properties and Personal Information.” This is where you delete the EXIF data.
  5. You might be confused because you don’t see longitude and latitude here, but rest assured, it’s there. All you have to do to see it is to download an EXIF reader.
  6. You can make a copy of the image, which will remove data, or you can manually delete the data.

Mac

Download and run ImageOptim software for Mac

Remember, you have to delete this before you post the photo on the internet. You also might want to consider going back and doing this for all of the photos you have posted.

Obviously, doing this before you post a photo is the easiest way to go about protecting your information, and it will make you much more selective on what you put on social media, as you probably don’t want to have to go through these steps each and every time you post.

Here are some additional tips:

  • Turn off the GPS option on your camera
  • Check out the privacy settings on your social media accounts. Who can see it? Can a stranger?
  • Also, remember, that if you post on one network, like Instagram, the photo might also appear on another network, like Facebook, which has different settings.

This is one of those things that people just don’t even realize is happening. Don’t worry but do something about it now. If you have a lot of photos online, you might be panicking. It’s probably okay, but make sure you change your habits going forward. Also, if you know anyone who posts a lot of personal photos online, make sure they know about this, too.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

How to Protect Your Email from Hackers

It is easier than you might think to secure your email from hackers. The number one thing you can do is set up two step verification. Even if your username and password is compromised, bad guys will still need your mobile phone to access your account. And of course, never ever click on any links that come through your email unless you are positive it’s coming from a trusted sender. Not clicking on those links is easier said, than done, and even though is sometimes not enough.

Hackers have a saying – “Own the email, and you’ll own the person.” If you get hacked, the scammers will now have access to many, if not all, of the accounts that are associated with your email address.

How do they get access? Well, they send phishing emails, which look very much like real messages from a source you trust like UPS, PayPal, the IRS, your bank, a friend, your mom, etc.

Even people who seem smart or those who are in leadership positions can get tricked into clicking links in emails. Even John Podesta, who was the campaign chairman when Hillary Clinton, fell for a hack like this. He clicked on a link that seemed like it was from Google, but really it was a hacker…and that hacker got into his entire email account.

Don’t Let a Hacker Get Into Your Email Account

If you see a link and you want to or are supposed to click it, there are a few things you should do:

  • Hover your mouse over the URL to see if it looks strange. If the email says it’s coming from Chase Bank, but the URL looks like a bunch of nonsense, it’s probably not safe to click.
  • Many times, however, the URL can look very legitimate. So, you want to look for some other signs.
  • Look at the email for things like misspellings, grammar mistakes, or other odd things.
  • When in doubt, contact the sender via telephone

Additional Tips

  • If you see some type of urgency in the email, such as your account being compromised or your account being suspended, don’t be so quick to click.
  • There might also be some good, unexpected news in the email that you want to click…but again, be smart and only click if you are absolutely sure.
  • Is the message telling you that you must re-set your password? Be careful here. It’s likely a scam.

Emails from UPS, the IRS, PayPal, a major retailer, or your bank could also be suspicious, so again, don’t click until you are totally sure the link is safe.

Tips for Protecting Your Account

Here are some final tips that you can use to protect your account:

  • Employers need to engage security awareness training in the form of phishing simulation training.
  • Use strong passwords that are long and difficult to guess. They should be mixed with letters, numbers, and symbols.
  • Use two-factor authentication for all accounts, including your email account.
  • Don’t click on attachments unless you know exactly what they are.

When you really think about it, protecting your email account is one of the most important things that you can do to keep your information safe. Everything here is simple to do and understand, and it can make a big difference in your life, especially when you consider how easy it is to get hacked.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Avoiding Online Dating Romance Scams

Not too long ago, I heard from a friend, and he told me his mom was scammed. I was immediately intrigued. He goes on to tell me that since his dad died last year, his mom had signed up for online dating. My friend told his mom that online dating can be dangerous, but she blew it off. Soon, she met a man. He was a Sergeant in the US military and stationed in Afghanistan. They exchanged a lot of messages, and soon became close. One day, she got a message from him saying that he had found a large sum of money and he needed help getting it back to the US…and in only three months, he scammed her out of $242,000. Then…he disappeared.

Online DatingThis is only one of the thousands of stories out there. Scammers know that people looking for love, especially women, can be more vulnerable than others. Another guy I know of was meeting women on social media. He was charming them after sending them messages via their inbox, and ultimately tricking them into giving up their personal info. With this, the guy was able to open new lines of credit in the names of his victims.

Preventing Romance Scams

 Here are some tips to stay safe if you are going to date online:

  • Be suspicious of anyone who tries to impress you with romantic or statements that seem cliché.
  • Once they start talking love and marriage and achy breaky hearts and wanting to be with you and I love you this and I love you that, chances are it’s a scammer.
  • Remember, women can be scammers, too.
  • Be wary if the guy you met online keeps showering you with too many complements. He’s trying to be charming but might not have the best of intentions.
  • If you meet someone on a dating site, and they immediately want to exchange numbers after the first message, be cautious.
  • If someone you are newly dating asks for money, run.
  • If they want to come visit you, but then ask you to pay, it’s probably a scam.
  • Don’t talk about how much money you make or have. If he or she keeps asking, tell them you are on a very tight budget.

Who are these scammers?

Well, they might be part of scamming rings, or they might be working on their own. They are probably from a foreign country, and they almost always portray that they have some type of prestigious or exotic job, and in some way, this job is often connected to the scam. If the person says that they have a normal job, don’t get too comfortable. They still could be a scammer. They then will make up an illness or an injury and tell you that they need money.

Protecting Yourself

 Now that you have read this, you should know how to protect yourself from these types of scams. If you don’t, read this article again. Finally, here is one more trick. Right click on the person’s photo, and then click “Search Google for this Image.” If you see the image on another person’s Facebook profile, or if it’s a stock image, you should run for the hills.

None of this is difficult to understand, and it’s all common sense. But, as stated before, common sense can go right out the window when romance is concerned. So, try to have some smarts as you begin a relationship with anyone. Ask questions, don’t take anything at face value, and most of all, share this post to help other people become aware of these scams.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.