The Natural Predatory Nature of Humans

A study published in Nature shows us that both evolution and genetics have made a big impact on the behavior of humans…including in the case of murder. However, as we have become more civilized, these instincts have been muted.

Scientists have looked at the rate of homicide in more than 1,000 species, and they noticed something interesting: The rates of these lethal acts are similar, which means that evolution of each species can give us a good idea of how violent each species really is.

This study states that humans are part of a violent group of similar mammals. These mammals all evolved at the same time, together. Plus, all of these mammals have murderous and violent pasts. So, what does this mean for us? It means that we are violent today because our ancestors were violent.

When you look at all mammals, about three in 1,000 are murderers. However, when you specifically look at humans, the average over time is about 20 in 1,000. Furthermore, when you examine certain time periods, such as the medieval period, this rate rose to about 120 murderers in 1,000. These numbers have fortunately fallen, however, and today, it stands at about 13 murderers per 1,000 people.

So, we are killing each other much less frequently today than we used to 1,000 years ago. However, we are still not as peaceful as other mammals. For instance, killer whales, which we believe to be quite violent, have a murder rate of almost zero against their own species.

We are much more violent than whales, but when we compare our murder rates to those of cougars, baboons, or lemurs, we are less violent. All of these animals have a murder rate of about 100 per 1,000.

Since this research looked at violence by comparing species that are closely related, it is not surprising that these species are similarly violent. It is also interesting that the more closely related a species is, the more similar their instances of violence.

It’s quite difficult to actually calculate the rates of violence among our ancestors, but we are able to get a good idea thanks to archaeological evidence. It was found that by looking at these sites, that violence rates were lower among people who had some type of government or culture. This also suggests that murder rates among a species can be reversed. In fact, this evidence shows that it can decrease or increase based on ecological, cultural, or social factors. This evidence is similar to what was found in a study done at Harvard, which specifically looked at violent crimes including rape and murder.

When looking at these facts, we find that humans are territorial and social, but also naturally violent. As we have developed over time and found more civilized activities, our rates of violence have gotten lower. What’s even more interesting is that most mammals aren’t murderers towards their own species…but some, such as lions, wolves, and primates, which includes humans, engage in violent actions.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Study Shows Millennials Choose Convenience Over Security

To those of us consider Tom Cruise the movie star of our day or even Grunge as the music we grew up with, looking at millennials, and the way they view life, is fascinating. These “kids” or young adults, many are brilliant. They really do define “disruption”.

However, that doesn’t mean that this tech savvy generation is always right. In fact, a new study shows just the opposite when it comes to internet safety. Though, they can also teach us a few things and are definitely up to speed on the value of “authentication” (which leads to accountability).

Anyway…South by Southwest, or SXSW, is a festival and conference that is held each year in Austin, TX. This year, a survey was done with some good AND scary results. The company that did the survey, SureID, found that 83% of millennials that were asked believed that convenience is more important than safety. That’s not good. But this is not the only interesting finding, however. On a positive note, the study also found the following:

  • About 96% want to have the ability to verify their identity online, which would ensure it was safe from hackers.
  • About 60% put more value on time than they do their money or safety.
  • 79% are less likely to buy something from a person who can’t prove their identity.
  • 70% feel more comfortable interacting with a person online if they can verify that other person’s identity.
  • 91% say they believe that companies “definitely” or “maybe” do background checks on those who work for them. These include on-demand food delivery and ridesharing. However, most companies do not do this.

What does this information tell us? It says that we are very close to seeing a shift in the way millennials are viewing their identities, as well as how they view the people and businesses they interact with.

Millennials have a need to want to better verify another person’s identity. To support this, just look at dating apps. Approximately 88% of people using them find the idea of verifying the identity of the people they might see offsite as appealing. It’s similar with ride sharing, where about 75% of millennials want to know, without a doubt, who is driving them around.

We live in a world today that is more connected than ever before. These days, as much as 30% of the population is working as freelancers, or in another type of independent work. In many cases, this work is evolving from small gigs to large and efficient marketplaces. Thus, the need for extra security and transparency is extremely important. Sometimes, technology helps us act too comfortably with people we don’t really know, and the study shows that having people prove whom they are will help to create higher levels of trust.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

How to Digitally Secure The Remote Teleworker

If you employ remote workers, your IT staff has a unique challenge keeping your organization safe. Fortunately, using a combination of best practices for cybersecurity, user awareness campaigns, and a strong policy will help to keep data safe.

New advances in mobile technology and networking have given remote workforces a boost, and while policies for most remote workers generally depend on manager or company preferences, most businesses must accommodate a mobile workforce on some level…and here’s where the challenge lies.

Things such as emails, vulnerable software programs and work documents are all tools that cybercriminals can use to infiltrate your company’s network. These remote workers, no matter how convenient they might be, are the weak link in any company’s security plan. Cybercriminals know this, which is why they often focus on these workers. So, what do you do to find a balance between the convenience of remote workers and the importance of network security? Here are eight way that you can secure your remote workforce:

  1. Use Cloud-Based Storage – One way to make your remote workers safer is to use cloud services that use two factor authentication. These often have a higher level of encryption, so any data that your workforce uses is not only accessible, but also protected.
  2. Encrypt Devices When You Can – When giving mobile devices, including laptops, to your remove workforce, make sure that the hard drives are encrypted to protect the data on the machine. However, not all security programs will work with devices that are encrypted, so make sure that you double check all the tech specs before loading them up.
  3. Set Up Automatic Updates – You can also take the steps to automate any software updates, which means as soon as an update is released, your remote workforce will get the software on their devices. This can also be done via Mobile Device Management software.
  4. Use Best Practices for Passwords – You should also make sure that you are implementing good practices with passwords. You should, for instance, safeguard against stolen or lost devices by requiring that all employees use strong, complex passwords. You should also request that your team puts a password on their phones and laptops, since these items are easily stolen.
  5. Create Secure Network Connections – Also, ensure that your remote employees are connecting to your network by using a VPN connection. Encourage your IT staff to only allow your remote workers to connect to the VPN if their system is set up and patched correctly. Also, make sure that they are not connecting if their security software is not updated.
  6. Increase Awareness – Instead of attempting to restrict personal use of the internet, you should instead encourage education about internet use. Create and enact a cybersecurity policy, ensuring that it covers concepts such as phishing, scams, and social engineering tactics.
  7. Use Encrypted Email Software – Checking business email offsite is quite common, even among those who work on-site. Thus, it is extremely important to use a secure program for email.
  8. Use an Endpoint Security Program – Finally, if you haven’t already, implement an endpoint security program. These programs can be remotely launched and managed from one location. This software should also include components to keep unpatched programs, safe.

Yes, remote workers can be a challenge for your IT staff to manage, but when you use a strong policy, good practices in response to cybersecurity, and a comprehensive campaign for user awareness, you and your staff can keep all of your data safe.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Jihadis using easy to get Privacy Software

Over the past two years, the media has tended to sensationalize jihadists’ rapid adoption and strategic use of social media. Despite perpetual news coverage on the issue, the public, by and large, continues to be relatively in the dark about the intricate ways in which many jihadists maintain robust yet secretive online presences.

To accomplish their goals — ranging from propaganda dissemination and recruitment to launching attacks — jihadists must skillfully leverage various digital technologies that are widely advertised and freely accessible online.

Just as smartphones and portable devices have transformed the way much of the world communicates and interacts, jihadists, too, have rapidly adopted and availed themselves of these technologies.

Their grasp of technology, which is quite savvy, yields one of the most frequently asked questions about the jihadists today: What is in their digital toolbox and how do they exploit these technologies to benefit their activities? This report explores these questions.

ISIS is no exception to the many entities out there, good and evil, who want a strong grasp on technical savvy, particularly software that can oppose surveillance. The Dark Web is abuzz with jihadist threads about how to beat surveillance systems. And they’re learning a lot, says a report from Flashpoint, a cybersecurity firm.

For instance, ISIS knows how to use Tor and Opera to scavenge the Web undetected. That’s just the beginning of their software knowledge. Jihadists also use:

In short, ISIS is very well keeping up with communications technology. Evil can be technologically savvy, too. Do not underestimate the technical prowess of jihadists, even though it seems as though some of them live rather primitively.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Protect your Privacy on your iPhone

If you have an iOS device, you may be leaking personal information about yourself—without even knowing it—because you’re not familiar with the privacy settings.

1PApps have “permissions,” meaning, they can access private information such as your social calendar stored on the phone, appointments, anything. Go to the privacy menu under “settings” to learn which apps can gain this access and deactivate it. And there’s so much more to know…

Ads

  • The Limited Ad Tracking option controls how targeted the ads are to your habits, not the amount of ads you see.
  • This feature does not apply to ads across the Internet; only the iAds that are built into apps.

Location

  • At the screen top is a Location Services entry.
  • Explore the options.
  • Shut down everything not needed beyond maps or “Find My iPhone”

Safari, Privacy

  • Check out the Allow from Current Website Only option; it will prevent outside entities from watching your online habits.
  • You can limit how much Safari tracks your habits (by activating Do Not Track requests).
  • You can also disable cookies, but you won’t prevent 100 percent of the data collection on you.
  • Want all cookies and browsing history deleted? Choose the Clear History and Website Data option.
  • In the Settings app, go to Safari, then Search Engine to change the default search engine if you feel the current one is collecting too much data on you.

Miscellaneous

  • Every app has its own privacy settings. For every app on your device, you should explore the options in every privacy menu.
  • Set up a time-based auto-lock so that your phone automatically shuts off after a given time if you’re not using it.
  • The fewer apps you have, the less overwhelmed you’ll be about setting your privacy settings. Why not go through every app to see if you really need it, and if not, get rid of it?

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

TeamViewer Clients Victims of other Hack Attacks

Get an account with TeamViewer, and you will have a software package that enables remote control, online meetings, desktop sharing and other functions between computers.

9DBut recently, customers of TeamViewer have reported remote takedowns of their computers that resulted in different forms of monetary theft, such as bank accounts being cleaned out.

The cyber thieves controlled the victims’ computers via their TeamViewer accounts. Customers would witness their mouse arrow suddenly moving beyond their control.

The infiltration, though, did not occur on TeamViewer’s end, insists the company. Instead, the software company called users “careless” because they reused their TeamViewer passwords on other sites like LinkedIn, reports an article at theregister.co.uk. The company has since apologized. Frankly, I agree with TeamViewer. Careless password reuse is one of the main reasons why so much fraud is occurring.

The stream of support tickets from customers prompted TeamViewer to implement two new security checks which will warn customers via e-mail of suspicious login attempts to their TeamViewer account and ask their permission to allow this or not.

Another safeguard newly in place will be that of the company checking the GPS of login attempts, plus requiring a password reset when anybody tries to log in from a new location.

Some customers have been critical that the release of these new security features took too long, since the reports of the hacking began a few weeks prior to the finalization of these new features.

As mentioned, the origin of these hacks is apparently the reuse of TeamViewer passwords on other sites that were then hacked. TeamViewer managed to get ahold of the leaked passwords, and also leaked e-mail addresses, that were all the cyber crooks needed to remotely hijack the computers.

However, some victims reported that they never reused their password and even had two-factor authentication. Further, some victims are placing blame on the company for the breaches.

The company is taking the breach seriously and wants its affected customers to upload their log files. TeamViewer especially wants to hear from customers with two-factor authentication who were compromised.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Can Two-Factor Authentication actually fail?

You’ve probably read many times that two-factor authentication is a superb extra layer of protection against a thief hacking into your accounts, because gaining access requires entering a One Time Passcode (OTP)—sent via text or voice—into a login field. In other words, no phone, no access.

7WBut CAN a hacker get the phone? Ask Deray McKesson, an activist with Black Lives Matter. Hackers got his phone.

Now, this doesn’t mean they busted into his home while he was napping and took his phone. Rather, the thief took control of his mobile account.

The thief rerouted McKesson’s text messages – to a different SIM card that the mobile carrier, Verizon, had issued to the thief. This is how the criminal got the two-factor code. Next thing, the imposter was in McKesson’s Twitter and e-mail accounts.

So though two-factor is a pretty well-padded extra layer of protection, it can be circumvented.

“Someone called Verizon impersonating me,” tweeted McKesson on June 10. The crook got a different SIM this way. The flaw isn’t the two-factor system. In this case it was Verizon, allowing this to happen just too easily.

“Today I learned that it is rather easy for someone to call the provider & change your SIM,” says a subsequent tweet. Though Verizon does require the last four digits of the user’s SSN to get a new SIM card, this isn’t enough to filter out imposters, as we see here. McKesson further tweeted he was “not sure” how the imposter knew those last four digits, but that “they knew it.”

Verizon has since implemented additional safeguards.

So what really happened? How did someone get McKesson’s SSN? Did he reveal it somewhere where he didn’t have to? And then the wrong person saw it? Was he tricked into revealing it through a phishing e-mail?

Nevertheless, here’s what to do:

  • Set up a secondary code on your phone’s account.
  • This is a personal identification number that an imposter would have to reveal before any changes were made to the account—even if he gave out your entire SSN to the mobile company rep.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Before you die, do This

“Nobody likes to do it, but it has to be done.” You’ve heard that before. This time, it applies to 26 documents that you should have all bundled up in a folder that trusted family members have access to (someplace where fire and water won’t damage them). But first let’s go over some details about what should be in that bundle.

1PEssential Documents

  • Your will: Some say not a copy, but the original, accompanied by instructions. Supplying everyone in your will a copy is also advised by others.
  • A completed power of attorney form that your benefactors have access to, should you become rendered impaired.
  • Complete list of loans you’ve made to others, and debts.
  • Proof of ownership of the following if you have them: owned property/housing, vehicles, cemetery plots, savings bonds, stock certificates, brokerage/escrow mortgage accounts and partnership/corporate operating agreements.
  • Last three years’ of tax returns might seem excessive, but if you can, do it.

Bank Accounts

  • Name of bank and phone number, account numbers, online login information
  • Register a family member or spouse’s name with the bank; have them sign the registration document to allow them access to your accounts.
  • A list of safe deposit boxes if you have them

Retirement List

  • Pensions
  • Annuities
  • IRAs
  • 401ks

Medical

  • Power of attorney form. If you become incapacited, who will make medical care decisions for you? This should also be IN your will.
  • Choose your POA attorney while you’re of sound mind.
  • Have it spelled out how you’d like to be treated in the event of incapacitation (and this includes what should be done if you end up in a persistent vegetative state). Who pulls the plug?

Marriage & Divorce

  • Does your spouse know where your marriage license is?
  • If you’re divorced, make sure there are documents spelling out child support, alimony and any property settlements and financial divisions. To avoid disputes, include bank account numbers for the appropriate settlements.
  • Keep copies of life insurance documents.
  • Last but not least is the qualified domestic-relations order, that can prove your spouse got a share of your retirement accounts.

Life Insurance

  • Family members should have copies of life insurance documents and contact information for the carrier.

In a Nutshell, the Top 26

  1. Marriage license
  2. Divorce papers
  3. Living will (what should be done if you’re alive but incapacitated)
  4. Personal/family medical history
  5. Authorization to release medical care information
  6. Durable healthcare POA
  7. Do-not-resuscitate (DNR) order
  8. Tax returns
  9. Housing, land and cemetery deeds
  10. Escrow mortgage accounts
  11. Proof of loans made and owed debts
  12. Titles for vehicles
  13. Stock certificates, savings bonds and brokerage accounts
  14. Partnerships and corporate operating agreements
  15. Life insurance policies
  16. IRAs
  17. 401ks
  18. Pension documents
  19. Annuity contracts
  20. Bank account list
  21. List of bank usernames and passwords
  22. Safe-deposit box list
  23. Will
  24. Letter of instruction for the will
  25. Trust documents
  26. Updated passwords document for all your critical accounts.

Do you have docs you think should be on this list? Please provide in the comments.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to Stop Sharing Your Location Information

The Internet helps us connect and share with people around the world, but there are some people with whom you definitely shouldn’t be sharing your information. Although it’s not pleasant to think about, it’s not just friends and family that can see your online posts, bad guys can too, including criminals and even sex offenders.

7WSo, when you take a photo of your kids in your backyard, know that if you post that picture on social media, a predator can potentially obtain the GPS coordinates of where that picture was shot.

This is because every time you take a picture, technical data is created and stored along with the image. This is called “EXIF data”, or exchangeable image file format. When this data includes location information, such as the exact GPS coordinates of where the photo was taken, the image is then “geotagged.”

The good news is you can view the EXIF data, and remove it to prevent predators from getting your location information. EXIF data will always be added to the storage of every picture you take; there’s no way to prevent this. But you can delete it.

Here’s how to prevent strangers from seeing your location information:

  • Select the image on your computer and right-hand click on it.
  • Select “properties.” You’ll find all the data here.
  • Go to the location, or EXIF data.
  • At the end of all the information you’ll see “Remove Properties and Personal Information.” This will wipe out the coordinates.
  • You should go through this process before posting photos online, because once they’re online, you can’t control who sees this information.
  • However, it will still be worth your while to strip this data from photos already posted online. For all you know, tomorrow is the day that a bad guy reads your location information, so today is the day to delete it.

Some people’s social media pages have an endless scroll of personal photos, including pictures of their children and teens. Be very selective of what you post online, and always delete the EXIF data before posting.

Save the pictures you don’t post for a hardcopy photo album. That way you’ll dramatically cut down on the time spent eradicating your location information, while increasing your online security.

Here’s some more tips to use location services safely:

  • Turn off the GPS function on your smartphone camera or digital camera. This is important if you are going to be sharing your images online. Instructions on how to turn off geotagging will vary, but we suggest referring to your phone or camera’s manual for further instructions on how to adjust this feature. You also might want to consider only letting certain apps (like maps) use your location data on your mobile device.
  • Check your privacy settings on social networks and photo sharing sites. Make sure that you are only sharing information with friends and family. Also, make sure that you only accept people into your network that you know in real life.
  • Be aware of the fact that the information you share on one social network may be linked to another.For instance, a photo you post to Twitter may automatically post to your Facebook profile. Because of this, it’s important that you check the privacy settings on all your accounts.
  • Finally, be careful about what images you’re sharing and when you are sharing them.Rather than uploading a picture that reveals your location the moment you take it, wait until you get home to upload it.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

10 Ways our Privacy is invaded

2POnce you become active online…and especially once you become “connected” with a smartphone…your privacy will be in sizzling hot demand—and in fact, you can bet that as you read this, it is already being invaded in ways that you couldn’t possibly imagine. Here are some of those ways, provided by wired.com:

  1. Someone could be collecting information on you via a keylogger: It’s a little tool that records your keystrokes, that someone secretly inserts into your computer. A keylogger, however, can also be deposited by malware that you unknowingly downloaded.
  2. Tracking technology that retailers use. You are in a large department store and must pass through several departments to get to the one you want. Your smartphone is connected during this time. The tracking technology scans your face (or maybe it doesn’t) and connects with your phone, identifying you as a potential customer for the goods that are in the departments you are passing through or near to. Next thing you know, you are getting hit with ads or e-mails for products that you have no interest in.
  3. Video surveillance. This is old as far as the technology timeline, but it is still a favorite among all sorts of people including those with twisted minds. Video cameras can even be hidden in your front lawn. They can also be found at ATMs, placed there by thieves, to record users’ PINs as they punch them in.
  4. E-mail monitoring. Your e-mails could be being monitored by a hacker who has remote viewing capabilities of your computer (because you unknowingly let in a virus).
  5. Personal drones—those small-enough-to-by-held-by-a-child aircraft that are remote controlled; they can be equipped with cameras to take pictures of you, and they can even follow you around.
  6. Public WiFi. Snoops and hackers can eavesdrop on your unsecured WiFi internet with the right hardware and software. Use Hotspot Shield to encrypt your data.
  7. And in addition to these ways your privacy could be invaded, a hacker could be spying on you through the little Webcam “hole” above your computer screen (a piece of masking tape over it will solve that problem).
  8. Peeping Tom. And of course, there is the old fashioned way of intruding upon someone’s privacy: stalking them (on foot or via car), or peering into their house’s windows.
  9. Reverse peephole. A person could tamper with a peephole on a house’s front door, apartment door or a hotel door, then be able to see what’s going on inside.
  10. Remote access technology can be malware installed on your device designed to extract all your sensitive data. Make sure to keep your devices security software updated.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.