Robert Siciliano on FOX Nation

I recently had the opportunity to join a panel discussion on FOX Nation. We talked about the grid, and how cyber threats could be the next medium for global warfare. I was able to share opinions with fellow experts on privacy, information security and cybersecurity. Please watch and learn why it is so important to take control of your own security, and ultimately your life.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

FTC Brings Office Depot Fines and a Strong Warning to Other Companies

The Federal Trade Commission (FTC) announced that Office Depot, along with a tech support firm, must come up with $35 million to settle a lawsuit over claims that both organizations were part of a computer repair service scam, which involved a fake malware scan.

In the FTC complaint, it was stated that Office Depot, OfficeMax, and Support.com ran a program called PC Health Check. This program is designed to search for malware on a customer’s computer. However, it actually doesn’t quite do that. Instead, it gives the customer a questionnaire, and then it uses the answers given by the respondent to flag some malware…even though malware might not have even been on the computer.

Some of the questions asked by the PC Health Check program included asking if the computer was slow, if it had a lot of pop-up ads, or if it crashed a lot. When the person clicked “yes,” to these questions, the software prompted them to buy fixes for the issues, which could cost hundreds of dollars.

Additionally, the complaint alleges that Office Depot and OfficeMax told their store employees to run PC Health Check on every computer that was brought into the store. In total, it is estimated that there were tens of millions of dollars lost in this scam.

On top of this, it is alleged that this scheme went on from 2009 until late 2016. It was only stopped when KIRO 7, a CBS-affiliate, began looking into it after viewers started reporting complaints about the program. Employees were also upset, and the FTC shared an incident from 2012 in its report. It said that an employee complained to upper management and said that they could not keep “lying to a customer” or be subject to being “tricked into lying” just so their store could “make a few extra dollars.”

If all of this wasn’t enough, the complaint also alleges that Office Depot advised its stores to never run a PC Health Check on any computer that had been repaired, because the program would still report malware, even though there was none on the machine. In other words, Office Depot knew that the program would flag malware even if there wasn’t malware on the computer.

Because of this scam, Office Depot will have to pay $25 million and Support.com must pay $10 million to settle with the FTC. The agency says that it will use the money to repay people who were victims of this scheme. Joe Simons, FTC Chairman, said in a statement that this should “send a strong message” to any other companies that might be considering this type of deception to trick people into buying services that they might not really need.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

“Troncast” Podcast with Tron Jordheim

I recently had the opportunity to join Tron Jordheim on his podcast hosted on stitcher.com. We talked about digital security and how to watch out for yourself in our digital landscape. I was able to share advice on privacy, information security and why it is so important to take control of your own security, and ultimately your life. Thanks again to Tron, stitcher.com and the sponsors of this “Troncast!”

Exclusive Coaching Call Webinar Recording

My interview with CNN has been trending all over the internet, and that makes me so happy because we talked about a very important topic–personal security. I’m so passionate about this subject that I wanted to provide some followup commentary. Use this link to view my most recent discussion, but this is not for the faint of heart…

What it Means to be S.A.F.E. Certified

“A S.A.F.E. Certified Agent can help you decrease susceptibility to crime and ensure you are working with a trained, concerned professional. If your real estate professional holds the S.A.F.E. designation, you can trust that they will provide the skills necessary for a safe and secure transaction.”

If YOU know someone who should get S.A.F.E. certified, show them this: https://safr.me/education/realestate/

How To Determine a Fake Website

There are a lot of scammers out there, and one of the things they do is create fake websites to try to trick you into giving them personal information. Here are some ways that you can determine if a website is fake or not:

How Did I Get Here?

Ask yourself how you got to the site. Did you click a link in an email? Email is the most effective ways scammers direct their victims to fake sites. Same thing goes with links from social media sites, Danger Will Robinson! Don’t click these links. Instead, go to websites via a search through Google or use your bookmarks, or go old school and type it in.

Are There Grammar or Spelling Issues?

Many fake sites are created by foreign entities using “scammer grammar”. So their English is usually broken, and they often make grammar and spelling mistakes. And when they use a translating software, it may not translate two vs too or their vs there etc.

Are There Endorsements?

Endorsements are often seen as safe, but just because you see them on a site doesn’t mean they are real. A fake website might say that the product was featured by multiple news outlets, for instance, but that doesn’t mean it really was. The same goes for trust or authenticating badges. Click on these badges. Most valid ones lead to a legitimate site explaining what the badge means.

Look at the Website Address

A common scam is to come up with a relatively similar website URL to legitimate sites. Ths also known as typosquatting or cybersquatting. For instance, you might want to shop at https://www.Coach.com for a new purse. That is the real site for Coach purses. However, a scammer might create a website like //www.C0ach.com, or //www.coachpurse.com.  Both of these are fake. Also, look for secure sites that have HTTPS, not HTTP. You can also go to Google and search “is www.C0ach.com legit”, which may pull up sites debunking the legitimacy of the URL.

Can You Buy With a Credit Card? 

Most valid websites take credit cards. Credit cards give you some protection, too. If they don’t take plastic, and only want a check, or a wire transfer, be suspect, or really don’t bother.

Are the Prices Amazing?

Is it too good to be true? If the cost of the items on a particular page seem much lower than you have found elsewhere, it’s probably a scam. For instance, if you are still looking for a Coach purse and find the one you want for $100 less than you have seen on other valid sites, you probably shouldn’t buy it.

Check Consumer Reviews

Finally, check out consumer reviews. Also, take a look at the Better Business Bureau listing for the company. The BBB has a scam tracker, too, that you can use if you think something seems amiss. Also, consider options like SiteJabber.com, which is a site that collects online reviews for websites. Just keep in mind that some reviews might be fake, so you really have to take a broad view when determining if a site is legit or one to quit.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Murder is a Reminder for Real Estate Agent Safety

911 calls are always chilling, but the one that came from a model home in Maryland recently was extremely distressing.

Instead of the caller speaking into the phone, all the 911 operator heard was heavy breathing. The operator asked what was wrong but got no response…then, a far-off voice said, “Where is the money? Who are you talking to?” This call, which was just made public, lead police to a man who was shot to death and, eventually, to the man accused of his murder.

The body of Steven B. Wilson, a real estate professional, was found in the home, and the suspect, 18-year-old Dillon Augustyniak, was charged with several crimes including murder, theft, armed robbery and the use of a firearm in a violent crime.

Steven B. Wilson Safr.me Maryland Agent Death

Steven Wilson, washingtonpost.com

At this time, Timothy J. Altomare, the Anne Arundel Police Chief, says that he believes robbery was the motive and that the suspect had taken the victim’s laptop and cell phone. Though it is not known how Augustyniak entered the model home, police also said that he only lived about a half mile from the scene.

Local authorities believe that Wilson was placed the 911 call after being shot by teenager Dillon Nicholas Augustyniak. When the operator heard the voice from the background, presumably Augustyniak’s, police and an ambulance were dispatched. There was security footage from the scene that shows the suspect holding a long gun. It was also revealed that Augustyniak had not only stolen Wilson’s cellphone but had given it to another person.

Witnesses also say that Augustyniak was trying to sell his gun, which they believe is the same one that he used to shoot Wilson.

Dillon Nicholas Augustyniak, safr.me

Dillon Augustyniak, wmar2news.com

Police later found an identical firearm in Augustyniak’s home. They also found Wilson’s laptop and cellphone. Augustyniak was taken into custody and is now off the streets, but this does open the opportunity for discussion about real estate agent safety.

It is imperative that agents remain vigilant at all times although there are no specific threats towards them. Though this crime might have been a crime of opportunity, it is certainly not uncommon for criminals to target open houses and other real estate events.

For agents out there, you might want to start thinking seriously about your surroundings when showing houses, and come up with a plan to protect yourself if necessary. This type of crime isn’t extremely common, but it does happen; since most real estate agents work alone, it is important to know what you are up against.

More information here on protection as a real estate agent.

Don’t Let a Pedophile Larry Nassar Happen to Your Kid

A very recent blog I published titled “15 Year Old’s Naked Photos Spread Like Wild Fire” is now of on the most clicked blogs on my site. It has significantly increased my websites traffic. But, scarily, for all the wrong reasons. The “15 year old naked pictures” part of the title is attracting skeevy pedophiles to my blog. Hi there pedophiles! Go jump off a bridge, your sucking up too much air!

You know Larry Nassar; the sick creep who worked as the doctor for USA Gymnastics. With up to or more than 156 victims, he was convicted of 10 counts of first-degree criminal sexual conduct, and he was ultimately sentenced to 40 to 150 years in prison. 150 years isn’t enough. I hope prison is as horrible as him.

One study says as many as 1 in 35 men could be pedophiles. Some studies suggest that the prevalence of pedophilia may be between 3% and 5% in the general population. That’s the WORLDS population. What this means is pedophilia, while horrible and not right, is “normal” in the sense that it’s an inherent human behavior that people are born with. It always has been, is, and always will be a human trait.

Nassar began working with gymnasts more than 40 years ago when he was an athletic trainer as a student. He graduation from the University of Michigan with a kinesiology degree, and in 1986, he joined USA Gymnastics. He went on and received a degree in osteopathic medicine from Michigan State, and by 1997, he was the team physician for USA Gymnastics and became an assistant professor. He kept both jobs until his evil crimes were revealed.

How can you keep your kids safe from the Larry Nassar’s of the world? Here’s some tips:

Believe them When They Try to Tell You About Abuse

Many parents were told that Nassar was being abusive to their children, but they didn’t believe them at first. Some people still don’t believe that Nassar is guilty, too. People like Nassar are often charming and manipulative and are great at making people believe they are innocent.

Anyone Can Abuse

To most people, Nassar was always caring and kind, and this is what he showed the community and the parents of his victims. Don’t believe it.

Abusers Do Their Best to Win the Trust of Their Victims

Nassar did all that he could to make his victims and their parents trust him. He saw them socially, and even went to their homes.

Reach Out to Police Immediately

If something does happen to your child, reach out to your local police department as soon as you find out. Don’t let this continue happening. The police, unfortunately, don’t always take children seriously, so make sure that you don’t let them push your accusations aside.

Reach Out to Journalists

Consider reaching out to journalists about the case. The first reports of any abuse done by Nassar was actually posted in the Indianapolis Star in 2016. Not only does this help other abused kids from speaking up, it also helps to have the skills of an investigative journalist on your side. If the media hadn’t heard whispers of Nassar’s crimes, he might still be out there abusing kids.

Teach Your Kids to Speak Up

Most kids are taught that they need to treat adults with respect and not to question them. However, when an adult does something bad, it’s important that you also teach your kids to speak up and tell you when something seems weird.

Good and Bad Touches

Finally, but most importantly, teach your kids good and bad touches. I know most parents don’t even begin to know how to start this conversation. But the fact is, there are people in all our lives who seek opportunities with kids. Have uncomfortable conversations that tread lightly on the topic and gradually increase the frequency of this dialog so you know your kids understand. A quick search on Youtube for “Good and Bad Touches will provide you with excellent examples you can use to inform both you and your kids. The nonprofit Barbara Sinatra Children’s Center Foundation in conjunction with Wonder Media has developed a national campaign on a child abuse awareness and prevention. Check them out.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

The Equifax 2017 Exposed: What Half of America Needs to Do Right Now

Equifax has been hacked. As one of the three major credit bureaus in the United States, this is seriously bad. It is considered by many to be the worst security breach in the history of the internet. The extent (about 143 million Americans) and the sensitivity of the data is a rude awakening in a year when cyber has been in the center of the news.

What does this mean for you? It means that your Social Security number, and possibly even your driver’s license information, could be in the hands of hackers. Some are already calling this the worst breach of data in history.   

How Did This Happen?

On September 7th, Equifax announced that a security breach occurred that could impact as many as 143 million people. Though this isn’t the largest breach to occur, it could be the most devastating. The data that was accessed included Social Security numbers, address, birth dates, and driver’s license numbers. All of these can be used for identity theft.

Equifax also announced that the credit card numbers of more than 200,000 people were accessed, as were documents containing personal identifying information for more than 180,000 people. With this information, the hackers can commit credit card fraud. This isn’t as bad as identity theft, as credit card fraud is usually simple to fix, but these thieves could still open new credit card accounts in your name with your Social.

According to Equifax, the company discovered the data breach on July 29. Apparently, the hackers accessed the files from around mid-May all the way through July.

Richard F. Smith, the chairman and CEO of Equifax, admits that this is a “disappointing event” and that it “strikes at the heart” of the goals of the company. He also apologized to customers who work with Equifax and consumers. Boo hoo. I cry for you.

Why Did It Take So Long to Announce This?

You might be wondering why it took so long to announce that there was a data breach at Equifax. After all, the company discovered it on July 29, and didn’t announce it until September 7. Their Director of Social Media, has an answer. She said that as soon as the company discovered the breach, they stopped the intrusion. The company also hired a cybersecurity firm, which did a full investigation. This investigation was time consuming, and they wanted to have all of the information available before informing the public. Makes sense.

But Wait…There’s More

To add to this story, Bloomberg News announced that three executives from Equifax sold shares worth about $1.8 million. What’s shocking is that they did this AFTER the company discovered the breach. This will come back to bite them.

You can check to see if you are affected by the breach by using an online tool that Equifax has set up. FYI, I checked out my info, I’m a victim.

You should go there, enter your last name and the last six digits of your Social Security number, and the system will tell you if your information has been compromised. If it has, Equifax is offering a complimentary enrollment into the TrustedID program. However, there is language in the terms of service that may restrict your ability to have your day in court if you were to join a class action and the NY Attorney General is pissed. According to USA Today, a class action lawsuit has already been filed against Equifax. This class action suit seeks to secure all records associated with the breach and fair compensation for those who were affected.

Read the NYT.

You don’t have to have done any type of business with Equifax to be affected by this. If you have ever applied for a mortgage, loan, or credit card, the company likely has your information. The TrustedID program is going to be free for an entire year for anyone affected. It gives consumers the ability to lock and unlock their credit reports. They also get internet scans for their Social Security numbers and identity-theft insurance. You can also call Equifax at 866-447-7559.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.