Three Federal Agencies Warn of Business Email Compromise (BEC) Scams

Business Email Compromise (BEC) scams netted $2.4 billion in losses during 2021, with 19,954 complaints reported to the United States government. A joint advisory from the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI) and the U.S. Department of Agriculture (USDA) urges businesses in the agricultural and food sectors to beware of scams stealing physical goods, not money.

New BEC scams targeting food producers use phony emails and websites to order or reroute goods, such as powdered milk, sugar or whole milk. In some cases, fake emails were used to reroute existing shipments to criminals, while in others fake orders were placed by criminals pretending to be existing clients.

How Business Email Compromise Scams Work

BEC scams combine elements of social engineering and phishing. Criminals learn the names of senior executives at companies likely to order large quantities of ingredients or other goods. They then send phony emails or place fake online orders using spoofed assets and email addresses. In some cases, they will communicate directly with senior staff and place orders or ask for shipments to be rerouted. Because the emails look legitimate and generate real responses from humans, employees may accept the phony orders or reroute shipments, leading to hundreds of thousands of dollars in lost product.

Among the scams reported by the Federal government–

  • One group of criminals forged the identity of a U.S. company and placed orders for ingredients from June through August of 2022 with multiple suppliers. The scam netted at least $200,000 in stolen goods.
  • Criminals used a fake email to get a line of credit and $100,000 in milk powder by posing as a food company.
  • Four fake companies targeted a single food manufacturer, ordering nearly $600,000 in whole milk powder and non-fat dry milk.

How to Spot BEC Scams

In nearly every case outlined by U,S, government agencies, there was a small change in an email address that revealed the fraud. In some cases, an extra letter was added. In other cases, the number “1” was substituted for a lower-case “L.” Email addresses may also point to incorrect domains, such as a .org or .net instead of a .gov or .com.

Business Email Compromise scams can slip by employees, even those who have had cyber security training, because they appear professional and do not directly ask for money. They appear to be professional enquiries, often include recognizable names and company logos and present business opportunities. It is only after the order has shipped that companies realize they have been scammed.

As with most scams, awareness and verification stop the criminals and the attacks.

  1. Make all employees who handle orders and shipments aware of Business Email Compromise scams.
  2. Put a second set of eyes on any order over a certain amount, regardless of where it appears to come from.
  3. Do not respond directly to emails that appear suspicious. Study return addresses carefully and, if anything appears off, call the alleged client directly.
  4. Verify any large order or order change by calling the client directly and asking for confirmation.
  5. Ask for advance payment before delivering goods to any new client.
  6. Use Dark Web Monitoring to find out what information about your company has been circulating online. Names of staff could be used for social engineering and phishing attacks. Names of executives and company assets can be used by scammers to create phony emails and websites.

In the most insidious versions of a Business Email Compromise scam, criminals gain access to a company’s legitimate email server, then create fake accounts that they use to communicate with their victims. This can be remedied by reviewing all company email accounts regularly and by immediately closing the accounts of former employees.

As the government warning illustrates, cyber threats come in many forms and through many channels. This scam is a prime example of the kind of attack that many existing cyber training programs miss.

Movers and Shakers: Watch Out for These Scammy Conference Invitation Traps

Finally we are back to booking a ton of live-in-person security awareness training at conferences! It’s about time! Business is getting back to pre-Covid days here in the States and any non-in-person training is being supplemented with live-online and e-learning. It’s all good! However, we are also seeing more of one of the weirdest scams out there: Conference Invitation Scams.

Conference Invitation Scams are on the rise

This is when a scammer sends out invitations to an event, like a conference, with the sole intention of scamming the people they are inviting to attend or to speak at that event. These events might be real, or they could be totally made up. The targets of these scams include CEOs, business owners, lecturers, philanthropists, researchers, and more. The goal of these scammers is to steal the identities of their targets and ultimately get Credit card numbers, checks or money wire transfers by scamming the victims.

And that’s not all, these same scams are usually piggybacked with “conference attendee lists for sale” scams. That means companies that might exhibit or market their products and services to attendees of specific conferences are targeted to buy lists that are either lame or simply don’t exist. Conference managers have their backs up against the wall fielding communications from victims who accuse the legitimate conference hosts of bad service and of course worse, fraud.

Identifying a Scam

There are a few signs that you should look out for when you get an invitation to a conference or an event. They include:

  • The invitation is random or a surprise
  • The invitation is filled with bad grammar or typos
  • The invitation asks that you pay a premium price to attend, which includes both transportation and accommodations
  • The name of the conference sounds like one that is real, such as Tech Crunch, but spelled like TecKrunch
  • You cannot pay by credit card, they might require a check, wire transfer, peer to peer payment, or cryptocurrency.
  • The invitation is extremely flattering
  • The greeting on the invitation sounds strange, like “Salutations”
  • The invitation creates a sense of urgency about getting your personal information
  • The conference is in a different country
  • The invitation seems too good to be true
  • The invitation asks for personal information and covers your accommodation, transportation, or conference cost
  • The landing page of the site doesn’t have a phone number or address listed
  • Or none of the above. The invitation or list for sale email is perfect. There are the absolutely nothing wrong with it.

Beware of the Conference Invitation Scam targeting speakers

Generally, the scam works like this: the scammer starts the scam by sending an email to the victim, which invites them to speak or attend a conference. The scammer often uses the victims’ social media pages in order to get info about them. This helps the invitation seem more personalized.

The victim is then asked to register for the conference, which gives the scammer even more personal information. On top of this, the scammer could ask the victim to pay a fee in order to attend the conference, and pay it fast, because they also create a sense of urgency to attend the conference, such as saying “spots are limited.”

If the victim that is targeted falls for the scam and sends their info, the scammer could have enough to steal the person’s identity. To add more, the scammer can even add the name of the victim, if they are well-known in the industry, to promote the conference.

When the victim goes through all of this, they will soon find that they have been the victim of a scammer. You even have to be careful when attending a conference that is legitimate, because a scammer will send out fake invites to real conferences, too. Since a victim knows about these conferences already, they are usually more willing to give up their information.

How to Protect Yourself from a Conference Invitation Scams

There are a few tricks and tips that you can start using if you commonly attend conferences. The include:

It’s entirely likely your email address as a username, has been part of not just one, but multiple data breaches. And because of this, you are likely

  • to be targeted in scams related to that organizations product or service. Right now, check if your email address has been part of any specific breaches by utilizing our “Hacked email Checker” and then change your password for those accounts.
  • Do your research about the event and try to match up the information you find with the invitation you received.
  • Contact the event organizers directly. While a website can be created from scratch or spoofed, there is still value to looking up the event and the contact info of the organizer, report your findings and find out if it’s legit.
  • If you see an email that is similar to what is described above, don’t even respond.
  • If you get an invitation that seems strange, look into it more.
  • Don’t give any personal info, including your Social Security Number. There is no reason a conference organizer would need that.
  • Copy and paste the full email into Google to see if others have reported it as a scam. You are likely not the only person to be solicited in this way.

If You are a Victim, What Should You Do?

Do you think you have become a victim of a conference invitation scam? If yes, there are some steps that you should take right now.

  • First, get contact with your credit card companies and banks, and make sure they know about it. Refute the fraudulent charges.
  • Next, you should contact your local police and file a report which might be needed to get your money back.
  • Consider contacting the police in the area where the conference was supposed to be held.
  • If you are inclined to do so, you may want to get in touch with the Better Business Bureau and report it.
  • You can also report this online by using the BBB Scam Tracker on the BBB website, to the FBI at the Internet Crime Complaint Center, or the FTC’s Online Complaint Assistant.

The most important thing is to pay attention. We’ve never seen more scams or more variations on existing scams in our entire lives. It’s funny to us, we here experts saying “criminal hackers are more sophisticated than ever” and they are not. What they are, is organized, more than ever. Scammers treat fraud as a business, they have a hierarchy, they punch a clock, they have employees, and it is that “structure” that results in a sophisticated profitable business that leads to huge profits.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Are Password Managers Safe? Should You Use One?

Do you think password managers are safe? You probably do, or at least hope they are if you are using them. Keep in mind, there is no such thing as 100% safe or 100% secure. Password managers, the companies that create host and deploy them, have one job and that is to keep your passwords secure.

From my experience, they’ve done a pretty good job of that thus far. To this day I am unaware of a password manager that has been breached in such a way where all of the user data was unencrypted and exposed. In general, these companies engage in full on application security and have bank level or military grade encryption. What is so bizzare to me is last I read, less than 10% of computer users use a password manager. I think a password manager is the best use of my time and money in regards to computer security.

If a password manager was to get hacked, the path of least resistance would be targeting an individual user, compromising their device, and logging into their password manager itself.

Although researchers had shown that they might not be as safe as you think they are. Before we go further, though, just know that I’m not too worried about this.

First, let’s take a look at this study. Generally, it looked at how often passwords were leaking from host computers, and then focused on if the password managers that were installed were leaving passwords on the memory of the computers.

What the study found was that all of the password managers did a good job at keeping passwords safe when it was “not running.” So, it means that a hacker wouldn’t be able to force the software into giving away a password. However, it also found that all of the password managers that were tested made an attempt to remove the password from the memory of the computer…but in a couple of cases, the passwords were still found.

Some of the software tested, left the master password and the secret key on the computer. What this means is that it could be possible now for a hacker to access information from the program. But, you have to realize that these programs are trying to remove the information…but due to situational incidents, it isn’t always possible.

Another software that was tested, caused some concerns with the researchers. Essentially, the program takes passwords when the user types them, and scrambles them, but they are decrypted when put into the computer’s memory.

Yet another password manager was examined. Here, the software removed the master password from the memory of the computer, and it was not able to be found.

Is this something to worry about? It depends. How a password manager behaves on a device and whether or not it stores entered password in memory etc. shouldn’t be that big of a deal. In reality, if the device has spyware on it, or a malware that allows for full recording of every keystroke, then that device in that user is essentially screwed.

Since researchers had pointed out these issues, all of the programs had been updated and changed. That’s why I’m not worried. Plus, the real issue doesn’t have much to do with the password managers’ security in regards to its memory or cloud access or its application security, but with the security of the devices that they are on.


In every security awareness training I do, I expound upon the benefits of using a password manager. Inevitably, in every discussion, the question comes up “what if the password manager gets hacked?” The pure naïveté of that question comes from most computer users belief that hacking or penetrating hardware software or networks etc. is as easy as snapping one’s fingers. It is not. There are generally a number of scenarios that need to come together in order for a device to be compromised.

But there is one single solitary scenario that makes data on a device vulnerable and that is “password re-use” leading to credential stuffing. Credential stuffing is such a weird term. Anyways, OWASP defines Credential stuffing as “the automated injection of stolen username and password pairs (“credentials”) in to website login forms, in order to fraudulently gain access to user accounts. Since many users will re-use the same password and username/email, when those credentials are exposed (by a database breach or phishing attack, for example) submitting those sets of stolen credentials into dozens or hundreds of other sites can allow an attacker to compromise those accounts too.”

When you look at the danger of using one password over and over again, you are much safer when using a password manager. Meanwhile head over to my

website homepage and scroll down until you see our Password Checker and click “Check if your password has been breached”. Don’t worry about entering your password on the site. We don’t store anything and what can we possibly do with the password? It’s just a password. How can we possibly track that back to any specific account? At a minimum we would need an additional user name. If you’re so concerned, do it from a private browser and or use VPN. It just doesn’t matter. Relax. Just get a password manager.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Security Appreciation: Cyber Security

Awareness; knowledge or perception of a situation or fact.

Appreciation; a full understanding of a situation.

Cyber Security Appreciation

“My business has been hacked. Now what?” Here are the steps you should employ immediately.

Hire a Professional – When a business is hacked, it is entirely possible they were compromised because they did not employ technicians to prevent it in the first place. Therefore 3rd parties that specialize is security and breach mitigation should be contacted immediately. These IT security professionals specialize in prevention and containment. Their role proactively is to seek out vulnerabilities by utilizing vulnerability scanning software to seek out points of entry and patch those vulnerabilities prior to an intrusion.

Change and Reset Passwords – Many hacks begin with compromised passwords. Easy to guess/easy to hack/easy to crack passwords make the hackers job, well, EASY. Never using the same password twice, and utilizing upper case, lowercase and characters along with using a password manager ensures password security.

Update All Software – Begin by scanning all hardware and software with anti-virus programs and removing viruses. Vulnerabilities are often due to outdated software or operating systems riddled with flaws. Updating with critical patches eliminates these threats. Maintain redundant networked hardware systems in place, backed up data, contingency plans to put duplicate systems online immediately following a breach.

Update Your Companies Hardware – Old outdated hardware simply can’t keep up with the requirements of newer robust software or the security software required to keep networks secure.

Back Up All of Your Data – You have to make sure that you are regularly backing up data to a secure location. This data should also be encrypted.

Manage All Identities – Make sure that you are managing identities and access to accounts. You must do this across the board, as just one account being accessed could make you or your network extremely vulnerable.

Utilize Multi-Factor Authentication – You can use multi-factor authentication to keep accounts protected, too. This means every time a device or an online account is accessed, an additional text message must be sent with a one-time pass code or a one-time pass code sent to a key fob. There are hardware devices available that are also forms of second factor or multi factor authentication.

Security Awareness Training – Assuming employees know what to do and more importantly, what not do, is risky. Providing effecting ongoing security awareness, and in the authors opinion “security appreciation training” is partnering with employees to protect the network.

Patching – Set up a system so that you can always ensure that your hardware and software is always patched and updated on a regular basis. This helps to keep your data safe.

Align Your IT Security with Other Business Security – Those who are in the IT industry often feel as if they are struggling to keep up with changing technology, including security tech. The success of a business is based on keeping it secure, and keeping all types of security in mind including IT security, has a direct impact on revenue.

Recognize Social Engineering Scams – Every time the phone rings, every time an email comes in, every time an employee opens up a US postal letter, be suspect. Criminals contacting you or employees will try to bamboozle them with gift card scams, utility bills scams, invoices for products and services, you name it. There are thousands of scams designed to fleece consumers and small businesses.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Is Your Spouse Cheating? Your Kids Lying? They Might Use a Vault Application

If you have a child who has a smartphone or a spouse who is acting suspicious, they might be hiding things on their mobile devices. How are they doing this? By using a vault application.

Basically, these apps offer a place where people can hide things like videos, photos, and other files, and you would probably never realize it by looking at their phones.

vault application

Vault application – how does it work?

A vault application is basically little storage app where people can store things they want to hide. Some of them are called “Calculator Vault,” “Ky-Calc,” and “Calculator Percent.” Unsurprisingly, if you were to open these apps, they simply look like a calculator.

In fact, you can use them as a calculator. But, if a secret code is put into the app, you can store things. For example, “Ky-Calc” allows users to store images, keep a separate contact list, and it even has a hidden internet browser.

If you are like most people you probably don’t want your kids to hide things from you, but at the end of the day, the real danger is hiding in the vault application. Yes, apps like these are commonly found on the phones of sneaky kids and spouses, they also are popular for predators. These are people who begin to engage with your kids online, and then ask your kids to download these apps… and then, they can communicate with them without you realizing it.

Here are some things that you should know about vault applications:

  • Vault apps are not very safe. Though they might seem safe, people can easily take a screen shot, and then share it with someone else.
  • These apps look just like other apps. Typically, they are calculators, and they even work like calculators, but they are accessed with a secret code.
  • If you look at a person’s phone and they have two or more calculator apps on the phone, there is probably something weird happening. All smart phones have a calculator on them, so why would you need another?
  • Vault apps are usually free, and they are quite easy to find in the App Store or the Google Play Store. People find them by searching for “hidden apps,” “photo vault,” or even “ghost apps.”
  • You may also be shocked to learn that teens often have competitions with their friends to see what type of content they can hide on these apps without getting caught.
  • Most people who use a mobile phone know what a vault application is, and even kids as young as 12-years old or younger use them.

If you are a parent, or even if you think your spouse is acting strange, you should start looking into the mobile devices of those in your family. There should be an open and honest discussion about this, and it shouldn’t be a taboo subject, especially when it comes to a loved one.

Quite frankly, your kids shouldn’t expect total privacy until they are 18 years old. With a spouse, it’s respect for each other. If you don’t have trust with your kids or spouse, there is an issue.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Digital Literacy: A Smart Parent’s Guide

Do you have a child, tween, or teen who uses the internet? If you want to be a Smart Parent, you should be aware of the following facts:

Smart Parent Guide to Digital Literacy

  • Teens largely believe that the internet is, for the most part, pretty private
  • Teens think that they are mature enough to make decisions for their life online
  • Teens think that they are safe when on the internet and that people don’t typically hide their identity or pretend to be someone else
  • Teens don’t generally feel “friending” a stranger can be dangerous
  • Teens think that since they are “better” with technology, that they can make better decisions than their parents about what are the best online practices

These are very obviously pretty naive views that most teens have, and if you, as a smart parent, don’t step in and explain why these are not correct, and could be dangerous, you could be putting your kids into a bad situation. And, if you as an adult share the same beliefs as teens, you are sorely mistaken.

Make sure that you are always in communication with your kids about their use of the internet. Explain the risks involved and share stories with them about other teens who have gotten into trouble online.

A study done by McAfee Antivirus concluded that more than one in 12 tweens who would befriend a stranger online would them meet that stranger in public. The reality is, “17-year-old Eddie” could easily be “47-year-old Bill”.

Online Rules That Every Smart Parent Should Consider

Experts recommend that parents have a set of rules for their kids when it comes to using the internet. Here are some that you might want to consider:

  • You should know how to get into every account your kid has, including social media accounts. You should also check their accounts periodically.
  • This might sound ridiculous, and maybe even the impossible, don’t allow your kids to use social media, chat online, or (unless it is schoolwork related) text their friends until they are in 9th or 10th grade, and even then, never let them use any app or site that allows for anonymous communication.
  • Your 13-year old won’t “die” if they don’t have a TikTok or Snapchat account. Nothing good will come out of letting them have one. My kids don’t.
  • Let your kids use the internet but put a time limit on it. And it should be primarily used for school.
  • Don’t let your kids reply to messages from strangers and don’t allow them to add people online that they don’t know.
  • Don’t give out any personal info online, including phone numbers and addresses.
  • Make sure your kids know that kindness and respect are extremely important, and bullying others online is never acceptable.
  • Don’t give your kids your personal passwords for your accounts.
  • Don’t let your kids have access to devices any time they want. Have a “screen-free” family night where you go for a walk, go get ice cream, or have a family game night, instead.
  • Don’t allow digital devices to babysit your child.
  • Don’t allow mobile devices in the bedroom, and don’t let laptops into the bedroom unless your kids are using them for homework.
  • You shouldn’t let your kids post photos of themselves online without your permission.
  • Always look at chat logs, texts, and other online communications your kids are sending. Make sure they know that there will be consequences if you find out they are deleting messages.
  • Don’t let your kids download software or apps without permission.

Watch for These Mistakes

  • Don’t allow your kid to have a traditional smart phone before they are in the 9th You can give them a feature-phone, however, that you monitor.
  • Don’t let your kid use the internet when you aren’t watching what they are doing.
  • Don’t let your kids use the internet in areas where you can’t see what they are doing or behind closed doors.
  • Don’t let your kids play games online with chat enabled, as these are common magnets for sex predators.

Finally, lead by example. Just because other parents are letting their kids do some of these things, it doesn’t mean that you need to.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Election Civil Unrest: Plan Ahead for Turbulent Times

We all know that the election could lead to turbulent times, and there are going to be risks out there. What can you do if you come across some type of violence or protesting? Let’s start with some general tips to keep yourself safe:

  • Don’t wear candidate-specific clothing. You are only bringing attention to yourself.
  • Stay away from areas where there are demonstrations
  • Check out the situation before you head out
  • Things can change very quickly so have a plan to get out of violent situations.
  • Keep up with local news
  • Don’t go near large gatherings
  • Stay home if you hear about demonstrations in your area
  • If you come upon a protest, leave the area as quickly as possible.
  • If you have to go where there are protests, bring a friend and stay together.
  • If you see police trying to settle a situation, leave.

Protests and Demonstrations – Safety Tips

If you want to participate in a protest or demonstration, here are some tips:

  • Don’t get involved if civil unrest breaks out. You could get jailed, hurt, or even killed.
  • Don’t take videos or photos. Law enforcement might see it as threatening.
  • Leave if things get violent.

Unexpected Civil Unrest – Safety Tips

If you find yourself in the middle of unexpected civil unrest, here are some tips:

  • If things get violent, do your best to get out quickly. Try to find a safe, public place like a museum, hospital, church, or hotel.
  • Plan a few routes out of the area. Keep in mind that roads could be closed.
  • Curfews might be imposed, and it’s best to follow them.
  • Try to get to the edge of the crowd, and as soon as you can get away, you should.
  • Walk and try not to run. Running can bring unwanted attention
  • If you get arrested, don’t resist, even if you are totally innocent. You can work it out later.
  • Stay away from glass windows and try to move with the flow of the crowd.
  • Avoid banks, fast food places, government buildings and police stations, as they are often targets during uprisings.
  • If you get into a tight spot, grab your wrists and push your elbows out. This will give you a bit of air.
  • If you are pushed or fall to the ground, try to get close to a wall and roll into a ball. Cover your head.
  • If shots ring out, drop to the ground and cover your neck and head.
  • Don’t try to drive a car through a crowd.
  • If you do end up in a crowd while driving, turn down the nearest side street, turn around, or reverse.
  • If you can’t move, park, lock it, and leave the car. If you can’t get out, turn off the engine and lock the doors.

Stuck in a Hotel or Your Home – Safety Tips

If you are home or in a hotel when violence occurs, here are some tips:

  • Stay inside and don’t leave
  • Reach out to your family and police to let them know where you are.
  • Stay away from windows, draw the blinds, and lock all windows and doors.
  • Find a place to sleep in the center of the home or hotel room.

Following Civil Unrest – Safety Tips

Once things have settled down, keep the following in mind:

  • Stay where you are safe until you know it’s okay to leave.
  • If you are hurt, get medical attention
  • Report damage to police
  • Reach out to family to let them know where you are
  • Report damage to your insurance company

Shut Downs – Tips

Shut downs can happen during times of unrest. Keep the following on hand:

  • Cash
  • Water
  • Food
  • Medication
  • First aid kits
  • Baby and pet supplies
  • Radios and batteries
  • Flash lights
  • Gas in your vehicle
  • Phones, laptops, and chargers
  • A bag with a couple of days of clothes for everyone in your family
  • Essential documents
  • Emergency contacts

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

This is Why We are Irrational In Times Like These

Though we, as humans, are supposed to be pretty smart, we do a lot of things that might not seem rational.

For example, we do things like text and drive, we don’t get flu shots that can stop us from getting sick, and we hoard things like toilet paper…Dan Ariely, a professor from Duke University, has some reasons for this.

Ariely has released a book called “Predictable Irrational,” and it takes a look at why we do these irrational things…especially in a time of crisis. One of the most mind-boggling things is why we have all become such toilet paper hoarders and why, when we see empty shelves, we start to panic.

According to Ariely, when we are in these situations, you are saying to yourself “This must be something I need to get very quickly and let me get a lot of it so I don’t run out.” But, in general, our responses to things like this are flawed.

On top of this, we don’t do a good job at thinking ahead. Ariely says, “We don’t pay much attention to things that will happen in the future, even if the future is two weeks from now.” He also says that we “don’t pay attention to things that are invisible like viruses.”

All of this is compounded even more as COVID-19 started to spread, and this led to a slow government response and the population’s collective apathy to the threat. Another thing that compounds it is that we, at our core, are also pretty selfish.

“We do what is selfishly good for us and not what’s good for other people,” Ariely says. This means that people who should be staying home because they are sick, go out anyway, and then they contaminate others. This is a normal impulse to defy the stay-at-home orders that many of us are under. And wearing a mask is NOT a sign of weakness, it’s a sign of caring for others than yourself.

Ariely says, “What’s interesting about public goods problems is, as long as everybody participates, everybody gets a lot of benefits, and when people start defecting or betraying the public good, lots of bad things happen. And in a situation like a pandemic, it’s enough that a small percentage of people don’t adhere to the rules and they can hurt everybody.”

Now, we also have the issue of some government officials and health experts being at odds with themselves. President Trump is pushing governors to open their states back up quickly, while public health experts are warning that doing this could quickly cause a huge uptick in cases.

What does Ariely say about this? He says, “The sad reality is that we’ve always had a tradeoff between money and saving lives. This is not something new.”

He also adds that the best thing we can do right now is make the best of our quarantine:

“It’s an opportunity to start new habits, new routines like exercise, eat better, spend time with your family,” he says. “It’s also an opportunity to start worse habits, like not exercising, overeating and developing addiction to social media and the news.”

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Raising a Boy to Be a Man, not a Sex Predator

If you looked at a photo of a baby boy, could you ever predict that he would grow up to become a sexual predator? Probably not. However, a study shows that men who commit sexual crimes are more likely to have something called an “anxious attachment” to their mothers due to feeling rejected as children when wanting attention. As adults, this makes those men unable to create a healthy attachment to women. Research also shows that men who talk to other men known to harass women are even more likely to engage in this behavior.

safr.meThe big question here is how to prevent our young sons from growing up an becoming predatory men. Psychology tells us that the core of all painful behaviors are two feelings: not feeling worthy and feeling shameful. So, to stop creating predators, we must eliminate these feelings. Here are some things that we can do to start raising boys to be men and not sexual predators:

Change the Meaning of Power

Living in a society where “power” means being better than another person only leads to humiliation and judgement. When we are humiliated, we feel shamed, and that, in turn, raises the odds that a child would become a sexual predator.

Stop Associating Sex and Power

Both men and women are raised, in most cases, to believe that they can stop feeling shame if they are attractive. Women tend to do this with making themselves skinny, often with eating disorders. Men overcome shame by feeling attractive too, but also by being successful. Both genders find affirmation of this through sex, but if a person already feels humiliated, sex can make them feel even less worthy.

Celebrate our Differences

A cultural shift to celebrate our differences, including those between men and women, men and men, women and women, and those who identify as them, their, they would certainly help, too. Many men began to wonder how they could cause their maleness to be appreciated, too. However, we have to learn that we are different in regards to certain things, and to understand that it is totally possible to express differences of tolerance while still celebrating our differences.

Learn to Really Love

We also have to teach children that real empowerment comes from unconditional love. This is love that is given with joy and given without necessarily getting love in return.

Push an Evolution of Society

Research shows that when we live with an attitude of love and compassion, we feel less fear. So, we have to change the way we look at life and connect with our core ability to be loving and compassionate.

OK, so will all of the above solve our sex predator problem? NO. But, there’s definitely something to being more loving, compassionate, and mindful to others. So as my wife always says to me “Just be nice”.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

You Know Tom Might Kill You So Why Do You Stay with Tom?

“Tom” can also be “Alicia.”

Nevertheless, it happens often enough to come up every so often in a crime documentary aired on the Investigation Discovery channel.

The premise is as follows:

  • A person is SO convinced that their spouse or soon-to-be ex-spouse is going to kill them, that they actually tell friends something like, “If anything ever happens to me, Tom did it,” or, “If anything bad ever happens to me, have the cops question Alicia.”
  • There was one case in which a woman spoke from the grave. Detectives discovered a note she had hidden inside a piece of furniture explaining that if she was ever murdered, her husband was responsible.
  • Yet these men and women continue living with the person they think is capable of murdering them.

These aren’t cases in which the future killer warns their future victim, “If you move out I’ll kill your parents and your dog and boil your bunny.”

The irony is that there’s often no threat given to the future victim of any devastating consequences if they move out.

Another thing about many of these cases is that there aren’t young children living with them who could provide the future victim an excuse for continuing to live with the man (or woman) they’ve told friends might kill them.

So this begs the question: Why would anyone want to continue living under the same roof with someone whom is so threatening, that the future victim has actually told friends or other family members, “If something happens to me…it was Alicia”?

One might think, “Well, maybe these individuals don’t have any other place to go.” Yet in the documentaries, friends or extended family members are speaking lovingly of them and are very distraught over what ultimately had happened. Certainly, they would have taken in the person they cared about.

But this element is never explored. Thus, the assumption is that a place to stay was offered but declined.

There are many reasons people stay in destructive relationships. Fear and uncertainty play a huge role. Bad judgment might be another. But one things for sure, the victim in these situations isn’t to be blamed. They are no more “at fault’ than someone who is walking down the street and gets bit by a dog. And Tom just plain sucks.   

Why stay?

#1 Self-esteem might be so damaged through emotional abuse the victim simply can’t make a move.

#2 Abusive behavior seems “normal” in a society that is abusive towards each other.

#3 Leaving can be very dangerous. Its not unlikely for their abuser to act on his feelings of violence when feeling abandoned.

#4 Abuse is all about control of the mind and body. A victim’s decisions are often not their own.

#5 Abusers are skilled at making the victim think everything’s their fault.

#6 The victim might think they can change the abuser. They cannot.

#7 Embarrassment, being judged by others and shame often keeps the victim from leaving.

#8 Family. Having kids together is huge and the victim might stay “for the sake of the kids”.

The worst-case scenario is living in a mission, a safe house or even on the street – which would be a lot safer than living in the same house as someone you’re convinced might kill you.

Would you spend even ONE NIGHT in a house if you knew that somewhere in that house, a 20-foot python was loose? Of course not. If you were told you had a choice of a nice warm bed and bath facilities – in a house with that roaming snake – or…a homeless shelter…which would you choose? This however is easier said than done.

If you’re compelled to hide a “from the grave” note or inform a friend, “Tom did it,” then GET OUT NOW. If you or someone you know is in danger call the National Domestic Violence Hotline at 1−800−799−7233

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video