The Smart Parent Guide to Digital Literacy

/0 Comments/in , /by

If you are the parent of a child or teen who uses the internet, here are some stats you need to know:

Stats About Teens and the Internet

  • Teens think that the internet is mostly private
  • They also think that they can make the best decisions for their life online
  • They believe they are safe online and that people are who they say they are
  • They don’t feel at risk if “friending” perfect strangers
  • They feel like since they are probably better at understanding technology, they can make better decisions than their parents about what’s best practice for online behavior

These are obviously naïve views of the digital world and if parents don’t fully explain why these views aren’t just wrong, but dangerous, then the parent is setting up their child for failure.

Make sure that you are keeping the lines of communication open with your kids about their internet use. Explain the risks involved and share stories of other teens who have found trouble online.

Internet Rules that Parents Should Consider

It is recommended by experts that parents set up rules for their kids in regards to internet use. Here are some:

  • Know every password that your kid has and use those passwords to check on their accounts.
  • Don’t let kids use social media, text friends, or chat online until they are in 9th or 10th grade, and never let kids use apps or sites that allow for anonymous communication.
  • There is NO reason why your 13 year old needs to be head deep in Snapchat or TikTok. NONE. Nothing good will come from it.
  • Give your kids a time limit for internet use
  • Don’t allow your kids to respond to messages from strangers, and never “friend” strangers.
  • Never give out any personal information, such as address or phone number, online.
  • Always be respectful and kind to others online; bullying should NEVER be allowed.
  • Do not allow your children to know your passwords.
  • Do not allow kids to use have access to their devices at all times. Have family time with no screens. i.e. game night, a walk to the local park, etc.
  • No phones in the bedroom. Buy laptops, not desktops. Laptops shouldn’t be allowed in the bedroom after homework is done.
  • No photos should be posted to an internet site without permission of parents.
  • Always check text messages, chat logs, or any other communication online, and make sure that kids understand that there will be consequences if they delete the messages.
  • Don’t allow kids to download any apps or software without your permission.

Don’t Make These Mistakes

  • Don’t give your child a traditional smart phone before 9th You can give them a feature-phone, that you have full access to, however.
  • Don’t give your child internet access that is unmonitored.
  • Don’t allow your kids to use the internet in closed rooms or in areas where you can’t see what they are doing.
  • Don’t allow them to play online games where chat is enabled, as these are common targets for sexual predators.

Just because other families are breaking most of these rules, doesn’t mean your family needs to. Don’t be cattle or sheep. Lead by example.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Teen Tragic Love: Lesson for Parents?

/2 Comments/in , , /by

This story is kinda dark. Recently the ID Channel ran an episode called “Forbidden: Dying for Love — Together Forever, Forever Together.”

The 19-year-old was Tony Holt. Let’s call his 15-year-old girlfriend Kristen.

Kristen, 14, Falls Hard for Tony, 18

She met him when he was working at a grocery store. But he also happened to be a senior at her new high school. Prior to meeting him, Kristen knew her mother wouldn’t allow dating till she was 16.

Kristen’s mother eventually learned of the secret relationship and forbad it. The girl and Tony kept seeing each other on the sly. Mama learned of this and again, forbad it. Kristen then pretended the relationship was over and even talked of how she now hated Tony. Her mother was thrilled.

Meanwhile the teens kept sneaking around.

Forbidden love can be funner! Anyway, Mama found out again, stormed into the grocery store and angrily announced to Tony that if he ever went near her daughter again, she’d have him arrested for statutory rape. Which, is in fact statutory rape in many states.

The threat had him really scared about going to prison. He appeared at Mama’s house soon after and apologized for upsetting her and said that he and Kristen were going to cool it and just be friends.

But they continued seeing each other, and Mama discovered photos in Kristen’s bedroom of the two making out. More furious than ever, she forbad any contact. (Kristen’s father was out of the picture.)

Not long after, she got a call at work to come to the house. The police were there. Tony and Kristen were both dead from a gunshot wound to their heads.

A suicide note left by Kristen explained that the only way they could be together was to die and go to heaven where they could live happily ever after. Kristen had also left a suicide message on the answering machine, apologizing for the suicide pact. I’ll bet you didn’t see that one coming. Neither did I.

Questions to Wonder About

  • Why didn’t the teens decide to just avoid sex for three years, after which they could then marry and have up to 70 years of glory together? Abstinence is hardly an extreme move when you pit it against a murder-suicide.
  • What if Kristen’s mother permitted the relationship and even had Tony over every week for dinner? But what if, at the same time, she expressed her disapproval over their sexual relations?
  • What if she had said, “If you get pregnant, you’ll be grounded – by your baby. I won’t report statutory rape, but I also won’t help you out with the baby, either.”

That last warning may sound harsh, but it’s a crapshoot type of warning: It just might work.

Lessons Learned

  • You can’t stop two love-struck teens from seeing each other, so you may as well be civil to the unapproved young man.
  • While it’s important to stand your ground as a parent, there also comes a time when a sweet spot needs to be figured out. After all, not only might there be a suicide pact, but there are quite a few documentaries in which the forbidden young man murdered his girlfriend’s disapproving parents.
  • It’s never too early to teach your children the virtues of delayed gratification.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

“Choking Game” Killing Kids, and Authorities Have to Step Up

/0 Comments/in /by

It only took a minute for 12-year old Erik Robinson to die while playing a macabre game called the “Choking Game.” His mother desperately tried to save her son when she found him with a Boy Scout rope around his neck, but it was too late. Erik was brain dead due to lack of oxygen, and mom had to make the choice to remove her son from life support.

Sadly, she is not alone. The only viable statistics run between 1995 and 2007, where 82 kids have died while playing the “Choking Game,” an act where people cut off their own air supply in an effort to feel the euphoria that comes when they begin breathing again. But a 2015 study by the University of Wisconsin looked at 419 choking game videos, that had been viewed 22 million times, and the conclusion the researchers reached was social media has “normalized” the behavior and increased the likelihood that viewers will follow suit.For many years, people would spread info about this “game” by word of mouth, but these days, it’s very easy for teens to find out how to asphyxiate themselves online. In fact, there are more than 36 million results for “pass out game” on YouTube, and over half a million results for “how to play choking game.”

As more kids fall victim to this game, their parents are banding together and warning others about the dangers of this game and the ease of finding out how to play it. However, they are hitting a lot of road blocks as schools aren’t willing to raise awareness about it and coroners aren’t trained to recognize it. In fact, many times they misclassify deaths due to the “Choking Game” as suicide. Sites like YouTube and Facebook are taking the videos down, but they aren’t taking them down quickly enough.

Most teens who play the “Choking Game” don’t see it as dangerous or realize that they could permanently damage their brains. Not everyone who plays the “Choking Game” dies, of course but plenty are left brain dead as in this video.  Brain cells begin dying off in a matter of minutes if they don’t get oxygen, and the more you do it, the more the risk of permanent damage grows. There is also the fact that this feeling of euphoria can become addictive, which means some teens will do it over and over again. There is a push for more awareness about this dangerous act, and videos and presentations are being shared with school districts about how this game can quickly go wrong. Advocates are also pressing the CDC to research this game more, and the injuries and death that come from it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Young Kids Getting Sexually Exploited Online More Than Ever Before

/0 Comments/in , , , /by

An alarming new study is out, and if you are a parent, you should take note…children as young as 8-years old are being sexually exploited via social media. This is a definite downturn from past research, and it seems like one thing is to blame: live streaming.

Robert Siciliano Quora Breach

YouTube serves up videos of kids, in clothing, that pedophiles consume and share as if it is child porn. It’s gotten so bad that YouTube has had to disable the comments sections of videos with kids in them.

Apps like TikTok are very popular with younger kids, and they are also becoming more popular for the sexual predators who seek out those kids. These apps are difficult to moderate, and since it happens in real time, you have a situation that is almost perfectly set up for exploitation.

Last year, a survey found that approximately 57 percent of 12-year olds and 28% of 10-year olds are accessing live-streaming content. However, legally, the nature of much of this content should not be accessed by children under the age of 13. To make matters worse, about 25 percent of these children have seen something while watching a live stream that they and their parents regretted them seeing

Protecting Your Children

Any child can become a victim here, but as a parent, there are some things you can do to protect your kids. First, you should ask yourself the following questions:

  • Are you posting pictures or video of your children online? Do you allow your kids to do the same? A simple video of your child by the pool has become pedophile porn.
  • Do you have some type of protection in place for your kids when they go online?
  • Have you talked to your children about the dangers of sharing passwords or account information?
  • Do your kids understand what type of behavior is appropriate when online?
  • Do you personally know, or do your kids personally know, the people they interact with online?
  • Can your kids identify questions from others that might be red flags, such as “where do you live?” “What are your parents names?” “Where do you go to school?”
  • Do your kids feel safe coming to you to talk about things that make them feel uncomfortable?

It is also important that you, as a parent, look for red flags in your children’s behavior. Here are some of those signs:

  • Your kid gets angry if you don’t let them go online.
  • Your child become secretive about what they do online, such as hiding their phone when you walk into the room.
  • Your kid withdraws from friends or family to spend time online.

It might sound like the perfect solution is to “turn off the internet” at home, but remember, your kids can access the internet in other ways, including at school and at the homes of their friends. It would be great to build a wall around your kids to keep them safe, but that’s not practical, nor is it in their best interest. Instead, talk to your child about online safety and make sure the entire family understands the dangers that are out there.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video

Who Has Access to Your Personal Info? The Answer Might Surprise You

/0 Comments/in , /by

Are you aware that many people probably have access to your personal info? If you have ever gotten an apartment, have insurance, or applied for a job, someone has done a background check on you, and you might be shocked by what’s in there, including your debts, income, loan payments, and more. On top of this, there are also companies collecting information on you including:

  • Lenders
  • Employers
  • Government agencies
  • Volunteer organizations
  • Landlords
  • Banks/credit unions
  • Insurance companies
  • Debt collectors
  • Utility companies…and more

Thanks to the Fair Credit Reporting Act (FCRA), you can get a copy of these reports every year for a small fee, and they are free if there has been any type of adverse action against you. You can also get this information from certain organizations including the following:

Credit Agencies

Most people know the main credit reporting bureaus, Experian, TransUnion, and Equifax. The reports that these companies give you can include your loan and credit card payment history, how much credit you have, info from debt collectors, and other information.

Employment Screening

If you have applied for a job, you might have gone through employee screening. These employers have access to things like your salary history, credit history, education, and even criminal history.

Housing/Tenant Screening

If you have ever rented an apartment or home, your landlord might have done a background check, too. This might include prior evictions and other negative information.

Banking and Check Screening

Your bank also might have information on you, which could include your banking history, such as negative balances on your checking account or unpaid bills.

Medical Insurance

Finally, if you have medical insurance, your insurance company has probably also done a background check on you. These policies include life insurance, health insurance, long-term care insurance, critical illness insurance, or disability insurance.

Lifehacker and the Consumer Financial Protection Bureau’s 2019 report compiled a pretty amazing list below. Check it out.

The nice thing about these things, however, is that you have a right to access all of these reports, too. In most cases, these reports are free. You can ask these organizations what background check companies they are using, and then you might be able to request a free report. Again, if there is any negative information on these reports that cause you to, for instance, not be hired by an employer, you will automatically get a free copy of this report so you can see the derogatory information for yourself, and then take any steps you can to change it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Access that Old Email Account

/0 Comments/in , , /by

Have you ever wondered if you could access your old email accounts? You might want to look for some old files, or maybe need information about an old contact. Whatever the reason, there is good and bad news when it comes to accessing old email accounts.

The best thing that you can do is to use the provider to find the old email account or old messages. All of the major providers, including Outlook, Gmail, Yahoo, and AOL, have recovery tools available. If the email address is from a lesser player in the email game, again, you might be out of luck.

First, Know the Protocol

Frankly, the next 3 paragraphs might be confusing. If they don’t make sense to you jump to Do You Remember the Service or Email Address?

The first thing you have to do is know the protocol your provider uses. There are two different protocols to consider when trying to access old messages: POP3 or IMAP.

POP3 protocols essentially download messages from a server to a device. IMAP just syncs your messages between your device and the server. Most email services default to an IMAP protocol, but it’s very possible that an older email account would have been set up to use POP3. If this is the case, and the provider deletes the messages off the servers when downloaded via POP3, this is not good news…those messages are gone. Even if you eventually get access to these accounts, if you have downloaded the messages to a computer or smartphone, they are gone from the server.

There is better news if you used IMAP…though, again, this is assuming nothing has been deleted. Some providers will delete accounts that are inactive for a certain amount of time. If the account is deleted, those messages are gone. Check the account deletion policy of the email provider to see if your account might still be active, and ultimately, accessible.

Do You Remember the Service or Email Address?

If you remember the email address and not the password, try the password reset link and if, and only if, you set up a backup email for recovery, then you’re on Golden Pond.

Now, what happens if you can’t remember what service you used or even the email address you used? There is still hope.

First, search for your name in the email account you use now. You might have sent something to yourself from an old account. Another option is this: if you remember the old provider, you can also search for that. You also might want to search your computer to see if there are old documents with your old email in there. You also might have set up a recovery email address or phone number that you can use to access the account.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How To Determine a Fake Website

/0 Comments/in , , , /by

There are a lot of scammers out there, and one of the things they do is create fake websites to try to trick you into giving them personal information. Here are some ways that you can determine if a website is fake or not:

How Did I Get Here?

Ask yourself how you got to the site. Did you click a link in an email? Email is the most effective ways scammers direct their victims to fake sites. Same thing goes with links from social media sites, Danger Will Robinson! Don’t click these links. Instead, go to websites via a search through Google or use your bookmarks, or go old school and type it in.

Are There Grammar or Spelling Issues?

Many fake sites are created by foreign entities using “scammer grammar”. So their English is usually broken, and they often make grammar and spelling mistakes. And when they use a translating software, it may not translate two vs too or their vs there etc.

Are There Endorsements?

Endorsements are often seen as safe, but just because you see them on a site doesn’t mean they are real. A fake website might say that the product was featured by multiple news outlets, for instance, but that doesn’t mean it really was. The same goes for trust or authenticating badges. Click on these badges. Most valid ones lead to a legitimate site explaining what the badge means.

Look at the Website Address

A common scam is to come up with a relatively similar website URL to legitimate sites. Ths also known as typosquatting or cybersquatting. For instance, you might want to shop at https://www.Coach.com for a new purse. That is the real site for Coach purses. However, a scammer might create a website like //www.C0ach.com, or //www.coachpurse.com.  Both of these are fake. Also, look for secure sites that have HTTPS, not HTTP. You can also go to Google and search “is www.C0ach.com legit”, which may pull up sites debunking the legitimacy of the URL.

Can You Buy With a Credit Card? 

Most valid websites take credit cards. Credit cards give you some protection, too. If they don’t take plastic, and only want a check, or a wire transfer, be suspect, or really don’t bother.

Are the Prices Amazing?

Is it too good to be true? If the cost of the items on a particular page seem much lower than you have found elsewhere, it’s probably a scam. For instance, if you are still looking for a Coach purse and find the one you want for $100 less than you have seen on other valid sites, you probably shouldn’t buy it.

Check Consumer Reviews

Finally, check out consumer reviews. Also, take a look at the Better Business Bureau listing for the company. The BBB has a scam tracker, too, that you can use if you think something seems amiss. Also, consider options like SiteJabber.com, which is a site that collects online reviews for websites. Just keep in mind that some reviews might be fake, so you really have to take a broad view when determining if a site is legit or one to quit.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Protect your USPS Mail from Getting Stolen

/0 Comments/in , , /by

USPSID stands for U.S. Postal Service Informed Delivery. It is a good thing to sign up for because it informs you of your expected deliveries.

But there’s a problem: Someone ELSE could pose as you and sign up for this service, getting your mail before you have a chance to.

In fact, it has already happened. Crooks have signed up as other address owners and collected their mail.

This can lead to credit card fraud if some of that mail includes new credit cards or credit card applications.

And what if the mail includes a check? The thief could find a way to get it cashed. What a thief could do with your mail is limited only by his or her imagination.

Krebsonsecurity.com reports that seven crooks in Michigan used the USPS to, not surprisingly, apply for credit cards via those applications that we all get.

Then they waited for the new cards to arrive. They knew just when they’d arrive, too, and planned to raid the owner’s mailbox on that date. Of course, the owners never even knew that the cards were applied for.

The crooks obtained the cards and spent a total of about $400,000. Needless to say, they didn’t bother stealing the bills.

Though a key on your mailbox will surely help, you can add an extra layer of protection by emailing eSafe@usps.gov to opt out of the service. This will prevent anyone from using it in your name.

KrebsOnSecurity reports that this email address may be inactive. So at least have your mailbox fashioned with a lock – even if you do get a response from that email address.

Another thing you can do is get a credit freeze, though this doesn’t guarantee 100 percent that a thief won’t be able to sign up your address with the USPS, but the freeze will prevent new credit cards being opened in your name.

What Else Can You Do?

  • Check your existing credit card statements every month for any odd or unfamiliar charges and report them immediately even if the amount is small.
  • Contact credit reporting agencies (Equifax, Experian and TransUnion) and sign up for alerts to any changes in your credit report.
  • Can’t be said enough: Get a locking mailbox, there’s simply too much sensitive information not to.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

 

Black Hat 2017 was an Amazing Event

/0 Comments/in /by

In July, more than 15,000 security pros, hackers, hobbyists, and researchers met in Las Vegas for the Black Hat Conference 2017 at Mandalay Bay in Las Vegas. This was the 20th year that the security conference was held, and both black and white hat hackers joined together to discuss security.

For two decades, Black Hat has gained a reputation for demonstrations of some of the most cutting-edge research in information security as well as development and industry trends. The event has also had its share of controversy – sometimes enough to cause last-minute cancelations.

Launched in 1997 as a single conference in Las Vegas, Black Hat has gone international with annual events in the U.S., Europe and Asia.

Black Hat 2017 was almost a full week of everything having to do with IT security. There were hands-on training sessions, a full business hall where vendors gathered with swag and products, and of course, parties. I hit 5 parties in 3 nights. I’m totally spent.

This is a conference that attracted some of the brightest people in the world of security, and has a reputation for bringing together all types of professionals and amateurs interested in hacking, security, or the latest in encryption.

What’s interesting about Black Hat 2017 is that there is something for everyone. From hackers trying to hack hackers to remaining “off the grid,” you never know what you might find. In fact, most people who attended this conference decided to stay away from electronic communication all together. Let’s just say leaving devices in airplane mode, shutting off Wi-Fi, using VPNs, and always utilizing two-factor authentication for critical accounts is the norm during the conference for veteran attendees.

One of the most popular parts of Black Hat 2017 was the briefing on business protection. It’s important to note that many companies have employees that simply don’t comply with security policies. Additionally, these policies aren’t governed enough, and it is costing millions. In her presentation Governance, Compliance and Security: Three Keys to Protecting Your Business, the speaker from HP, Sr Security Advisor, Dr. Kimberlee Brannock, during her 16-year tenure at HP, Dr. Kimberlee Brannock has used her extensive education and experience in compliance and governance to shape HP’s security standards. shared why it’s not always enough to secure business networks and why governance and compliance really matters. With 25 billion connect devices by 2020, maintaining proper network and data security compliance is an important concern for any business, as noncompliance costs businesses an average $9.5 million annually through fines, lost business and lawsuits.

Another very popular briefing at Black Hat 2017 was Staying One Step Ahead of Evolving Threats demonstrated on average, an organization has more than 600 security alerts each week, and over 27,000 endpoints leading to 71% of data breaches starting from the endpoint.

Most put in thousands of hours, and dollars, for that matter, on securing servers, laptops, and data centers, but many companies are ignoring other areas of security vulnerability. One of the best things about this briefing was that the leader, Michael Howard from HP, Chief Security Advisor, as Worldwide Security Practice Lead, Mr Howard is responsible for evolving the strategy for security solutions and services in Managed Services. He gave a lot of information on printer security, something that most businesses fail to address. He used real-world examples of how some of the most secure organizations are still lagging in their print security and share how he uses a proven framework to secure the print infrastructure.

Overall, Black Hat 2017 was an eye-opening experience, and with the world of network security changing all of the time, all in attendance surely learned something new. I met a ton of very cool characters, partied hard, drank too much, ate too much, slept none and to keep my data secure, I’m considering moving off grid to a cave in the Outback of Australia.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Getting Owned or Pwned SUCKS!

/in /by

A well done New York Times article recently re-introduced this topic to the masses. Being “owned” isn’t new, but the term is not becoming part of popular culture. If you use the internet or are often on social media, odds are good that you have been OWNED. Whether you are called out for a misspelling on your latest Facebook post, or you were proven wrong after sharing a “fact” or post from another site…you have probably been owned.

The word “owned” comes from the hacker world, and real “ownage” is not just about proving you wrong. You might also see it as “pwned,” which is pronounced “poned.” It is actually about stealing your private information, and then shaming you or diminishing your worth as a person. The best at “owning” can actually control your virtual presence.

Take a look at the email hacking scandal that Hillary Clinton went through during the 2016 presidential campaign. Though there was nothing of consequence found in those emails, the act of being hacked, or owned, alone, could have been the reason she lost the election.

Take a look at President Trump, too. You have surely noticed that he is doing his best to own as many people and even foreign governments as he can. Owning is a form of “one upping” and it can get nasty.

Getting owned is nothing new. In fact, Aristotle even talked about similar acts. Today, we just do it virtually.

In the case of hacking, when a hacker owns someone, they are showing that they have superior abilities. The word is also used in the gaming community to describe the act of mastering game play or besting opponents. Of course, we also use the word owned in the real world, when we drop a well-timed joke or have the opportunity to prove another person wrong. You might have even owned someone yourself.

Ownage equals power, and the concept of ownage is constantly evolving. The most successful owns are those that target the know-it-all; people who think they know more than they actually do. However, if you start owning, you simply set yourself up to be owned…and that really SUCKS.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.