Security Breach Threatens Soldiers’ & Civilians’ Personal Information

/in /by

Robert Siciliano Identity Theft Expert

Burglars tend to go after high ticket items that can be immediately turned into cash. They may include electronics such as TVs, computers, game consoles or various kinds of stereo equipment. Jewelry has always been the favorite of the thief, and they know most women keep their jewelry box on their dresser or in the top or bottom drawer.

What many are beginning to realize is that the information on the computers or laptops that are stolen is worth much more than the hardware itself. The money today is in the data that is stolen that can be used to commit identity theft.

In the past few years, numerous data breaches have occurred simply because a laptop or PC was stolen from someone’s home. A Veterans Administration employees home was broken into and his work PC was stolen which had almost 26.5 million Social Security numbers of veterans and their families. That’s almost 10% of the US population on one computer! That PC cost the VA maybe $1000.00 to purchase, but the data loss cost hundreds of thousands of dollars to mitigate.


“CNN reports The personal records of thousands of soldiers, employees and their families were potentially exposed after a laptop computer containing the information was stolen over the Thanksgiving holiday weekend, the military says.

The security breach happened where the rental apartment of an employee was. The computer contained “names and personally identifiable information for slightly more than 42,000 records including names, Social Security number, home address, date of birth, encrypted credit card information, personal e-mail address, personal telephone numbers, and family member information.”


A theft of this kind in your own home, whether it is your company’s computer or your own can have a devastating effect. The key is to prevent it from happening in the first place.

1. Always lock your doors and windows no matter what time of the year it is.

2. Make sure all exterior ladders are locked up to prevent someone from accessing an upper level window.

3. Install a home security system that calls you and the local police when tripped.

4. Make sure your computers are locked down too.  For desktops, it is a good idea to cable them to a desk or wall. For laptops they should be put in a safe.

5. Install encryption software on all PCs that makes the data unreadable and useless to the thief.


Robert Siciliano personal security expert to Home Security Source discussing stolen laptops on the Today Show. Disclosure

Online Scam Targets Pet Lovers

/in /by

Robert Siciliano Identity Theft Expert

I love my dog, 60lb German Shepherd. Small for a GS, she was the runt. I’ve always rooted for the underdog. The underdog has more heart, more passion and they try harder. My GS is a perfect example.  She’s my second in 20 years. After the first one passed, another was in my house 4 months later. With a wife who was 4 months pregnant. That was a fought contest between man and wife that was won when the runt fell on the feet of the wife at the kennel. I had nothing to do with it!

My dog watches the house when I’m gone. She is me, but furrier. She hears and sees things like I do. Shes territorial and knows when something is OK, and when it isn’t. We both bark too. Some say I’m half Italian, half German Shepherd! I have to be careful about disciplining someone who might trespass into my yard in front of the dog. When I use a confrontational or stern voice to a stranger, the dog goes nuts, as she should.

It doesn’t matter how big or small a dog is. Most, but not all dogs have a territorial instinct. This is a good back up alarm, a good deterrent. And its not the size of the dog in the fight, it’s the size of the fight in the dog that matters most.

This story caught my eye” A warning for internet users: an online scam targeting pet-lovers is circulating the web, and it could cost you more than a new pet.

An ad posted to a local online classified website by a man who claimed he was living in Florida. The seller said he had recently moved to Miami, and couldn’t keep his dog due to his new living conditions. He was willing to give the Labrador Retriever puppy named Dely away for the cost of shipping, which was $220.

The couple sent a delivery service $220 by way of Western Union. The delivery service told the family to send another $820 or risk losing the dog. That’s when the couple realized they’d been scammed. They told the person on the other end of the phone the deal was off. But the caller kept calling, becoming more aggressive each time.

“He kept calling me saying the dogs here,” said the victim. “Making me feel like this poor dog is sitting somewhere unattended.” When the caller realized the couple wasn’t sending the extra $820 he threatened to turn them into authorities and charge them with animal abandonment. “We didn’t know if something was really going to happen to us. We didn’t know if we could get in trouble.” They said. That’s when they decided to call police. Authorities were at their home in less than an hour. They looked at the emails, the website, and tried to trace the phone calls. Officials determined the entire thing was a scam.

Scammers will say and do anything to get a person to part with their money. At first they had a sob story that sounded like a legitimate issue, new housing, cant have a pet. When posted in a classified ad, it looks legitimate. Then they involved a “shipping company” that was a front for the scam. Once the victims were asked to send money via Western Union, that should have been a red-flag.

Its best to always do business like this locally. Never automatically trust over the phone or via the internet. Unless the business is one that is well established online, don’t ever send money that you cant get back. Money orders and wiring money have less security than a credit card does. Anytime the transaction involves wiring money, that’s a dead giveaway. In any virtual transaction, I’d suggest using a credit card, but not without first checking the legitimacy of the business or the individual. A quick scan online of a company, individual, or even the nature of a transaction can often provide enough information to make an informed decision.

Robert Siciliano personal security expert to Home Security Source discussing advanced fee scams on the Mike and Juliet Show. Disclosures

Home Safety: Operation Storm Targets Burglars

/in /by

Robert Siciliano Identity Theft Expert

I travel a LOT. I spend lots of time on planes and in new and different communities. Traveling is often a bear, but the rewards of consuming different cultures and ways of living is well worth it. I often try to learn from others “way” to determine how it might work in my life.

Here is an interesting story about how law enforcement in the UK is dealing with criminals. They have a very different take on the issue than we do. But there is definitely something to learn here.

Police in the UK have launched a new blitz on burglars to bring down crime, increase the number of burglars convicted and provide a high profile presence on the streets. They arrested more than 600 burglars, robbers and thieves in four days this week in its first major clampdown of the New Year.

As part of Operation Storm, police will continue to target known and suspected burglars through home visits, stop checks, high profile policing and use of the automated number plate recognition system (ANPR) to reassure residents and deter offenders. High impact enforcement activity on all divisions across the Force has seen officers making almost 100 raids on properties of suspected criminals.

Action such as this shows offenders that they will be made to payback for the misery they cause to innocent people. There is no hiding place for them and we will make sure that they are caught.”

Why don’t we adopt this strategy here in the USA?? That’s such a great home safety strategy that puts known criminals on alert that they are being watched.

I see that as very proactive police work.  Most people understand that law enforcement can’t protect you around the clock. While they certainly patrol and have many proactive duties, we are pretty much on our own when it comes to protecting ourselves and families.

Taking responsibility for your personal security and home safety begins with understanding that a law enforcement officer generally isn’t there when you need one. Its just not cost effective to have one cop per household.

To protect yourself:

Always lock doors and windows when you are home and away. When I travel to different parts for the country speaking on security issues and ask “How many of you lock your doors?” I’m always amazed at how many people do not lock their doors. My doors are locked all day while I’m home.

Do not display high end expensive items in windows easily viewed from the street. If you have a big plasma TV facing the street and your shades are open at night, you are inadvertently sending a signal to a burglar.

No matter what time of the year, holidays or not, cut and put boxes for high ticket items and put them in black opaque trash bags when disposing.

Install a home security system complete with monitored alarm and surveillance cameras. Have the cameras monitor motion connected to a DVR. Set the alarm while you are home during the day, sleeping and when you are gone.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures

Burglaries Up; Many While People Are Home

/in /by

Robert Siciliano Identity Theft Expert

In Wichita, Kansas they are facing a huge up tick in burglaries. Generally, crimes of this nature rise when there is a financial crisis, unemployment, gangs and drug activity. Police there have recorded 2,839 burglaries last year, a 10.2 percent increase over the same period the year before.

Of the 2,839 burglaries, 384 — or 13.5 percent — occurred while residents were home. Many of these burglaries occurred as people slept in their homes. Home security conscious people cant even imagine that is possible, but I know it is. Too many people don’t think it can happen to them and don’t lock their doors or even have a home alarm system.

The article states The burglars had to have known that someone was home — there were cars in garages and driveways, and purses visible in the homes. The criminals came in anyway — a brazen, potentially dangerous risk that burglars rarely take, experts say.

The local police passed out a flier alerting residents that burglars hit two homes between midnight and 5 a.m. last Friday while families slept. You might ask if these people live in “Pleasantville” and have no idea that these things happen. But the “it cant happen to me” syndrome is a real issue.

“They didn’t even know until they got up,” said their Police Chief. Can you imagine that?!!.

The report states that burglars simply entered through unlocked doors. In one of the burglaries, a couple with small children woke up after being alerted by their growling dog. Dogs are great. But a home alarm in place would have alerted them first.

Many alarms are installed after the home is broken into. Once a home is burgled, people lose their sense of security and try to gain it back with the installation of an alarm. A home alarm certainly provides security, but people who are victimized in this way often face years of emotional after shocks.

The key to security is thinking proactively and doing things to secure your self and family before something bad happens. Don’t think “it can’t happen to me”, think “yes, there is a chance this can happen and I’m going to set an example and do something about it.”

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures

Police Warn of Potential “Alarm” Scam

/in /by

Robert Siciliano Identity Theft Expert

Call them con men, grifters, scammers, or thieves. Or simply call them liars. Lying is what they do best. They stare you in the eyes, do it via email or over the phone and lie through their teeth. They do it casually and with such conviction that we have no reason not to believe them.

A Police Department investigated a suspicious activity report after a resident contacted police about an “alarm company” calling and offering a free home security system for people in their neighborhood.

Someone representing “Maximum Security” said the company was giving away five home security systems.

The “representative” would ask if the resident had a security system in the home, at which point the resident said he was not comfortable discussing the home’s security system. Which or course is the appropriate response. In this case, after the resident made it a difficult sales call and the sales person hung up on him. This prompted a call to the police.

When the police investigated the caller ID number, they were met with busy signals and incomplete calls.

Ive been addressed in a similar way over the phone, at my front door and via email.

Whatever you tell them can be used against you. They can steal your identity. If they find out you don’t have an alarm they may break into your house. If you tell them who your home alarm is with they may call you at a later date posing as that alarm company and requesting “updated credit card numbers”.

This “request” is best resolved by not answering any questions at all, hanging up, deleting the email or telling the person at the front door (while you speak to them through the locked door) you are not interested. No matter what, never give them social security or credit card numbers, or tell them whether or not you have an alarm.

Robert Siciliano personal security expert to Home Security Source discussing cons and schemes on the Donny Deutsch Show. Disclosures

Protect Your Identity While Donating to Haiti

/in /by

Robert Siciliano Identity Theft Expert

The Haiti tragedy has people all over the world scrambling to donate money to help in the relief effort. It is no surprise that scammers have ramped up and are sending “phish” emails designed to extract your money to their own nefarious cause, “themselves.” Right now, there is 24 hours news reports focusing on the tragedy and people are understandably getting sucked into the drama of the events. This is a prime time to reach out to those same people who are enmeshed in the reports and get them to donate to fake organizations. The following tip will help prevent you from getting scammed and get your donation into the right hands.

Do not donate cash: Anyone asking to come to your home or office and pick up cash is a scammer. Any phone calls or emails received requesting cash or to wire money transfers is a scam.

Be suspect of all emails requesting donations: I would never click on a link in an email, especially short URL’s. Always manually enter the domain name into the address bar. The best thing is to go directly to the organization’s website.

Check with the Better business Bureau: The first thing you should always do prior to making a donation to any charity is to check their credibility with the BBB. Go online to http://www.bbb.org/us/Charity-Reviews/ and search out the charity.

Give only to charities, not individuals: Any communication from someone requesting money because of their hardship is an obvious scam. But some people are saps for an emotional sob story. While you may be savvy enough not to fall for these scams, someone in your life who may be naïve could.

Give now and consider giving to the Red Cross: The American Red Cross is the most known and credible organization on the planet for helping out those in despair. Give now and give as much as you can.

Robert Siciliano is a personal security and identity theft expert for Home Security Source discussing phishing emails on CBS Boston. (Disclosures)

Disclosures Term & Conditions

/43 Comments/in /by

Robert Siciliano CEO of
IDTheftSecurity.com Inc. Disclosure Policy

Robert Siciliano, CEO of IDTheftSecurity.com, generates income in the form of speaking, consulting, training, writing, blogging and serving as a spokesperson for products and services that align with our beliefs, values and morals.

We often cover issues pertaining to personal security—that is, fundamentally protecting oneself from harm—as it relates to violence and theft prevention in the physical and virtual world. Our continued goal is to inform and educate the public on their options in order for them to take responsibility for themselves and not rely on others to take action to protect them from harm.

We will always disclose business relationships with our readers whenever they are relevant to the content presented.

Our promise is to provide content that reflects what we believe to be balanced and unbiased based on our review of events, products, services and information, past and present. We understand that for readers to trust in our content and recommendations, we need to fully disclose any relationships we may have with these products or services.

We do not align ourselves with or make recommendations of any products or services that we do not fully believe to be a solution to a problem described in any blog post or article.

As a small business, we have relationships with numerous like-minded companies in which we believe and have a vested interest in their success. Every company with which we have arrangements have been fully vetted, including a process of determining their value to society and the benefits they provide. We will never associate with companies that we feel are doing harm to society. While we understand that all companies have “growing pains” and must learn from their errors, we will never compromise our integrity in order to generate revenue.

When the information contained in an article or blog post is not wholly owned or created by us, we will always link to and credit sources of information owned and copy-written by others.

Links to external websites sometimes, but do not always, mean we endorse or support a product, service or opinion.

If any content is ever found to be incorrect, inappropriate or unclear, we will always do what is appropriate to rectify and correct any errors.

Current/previous positions include;

  • Schlage
  • BestHomeSecurityCompanys.com
  • BestIDTheftCompanys.com
  • TheBestCompanys.com
  • Uni-ball Corp
  • McAfee
  • Intel Security
  • Intelius.com
  • Biometric Signature ID
  • Bank Fraud IT Security Report
  • Advanced Platform Solutions Inc.
  • SentrySafe
  • ZafeSoft
  • Knowem.com
  • ADT
  • RSA the Security Division of EMC
  • iovation
  • Gemalto
  • BillGuard
  • AnchorFree Hotspot Shield
  • SecurityOptions
  • GoodSync
  • DoorDevil
  • 3M
  • Piper home security
  • BeOn home security
  • Nexia Intellegence
  • Mastercard
  • Carbonite
  • Arise
  • MeetAngee
  • Roboform
  • Netgear
  • Cloudbric

Use of Website
These documents are provided for informational purposes only. The information contained in this document represents the current view of IDTheftSecurity.com Inc. on the issues discussed as of the date of publication. Because IDTheftSecurity.com Inc. must respond to changes in market conditions, it should not be interpreted to be a commitment on the part of and cannot guarantee the accuracy of any information presented after the date of publication.

INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT.

The user assumes the entire risk as to the accuracy and the use of this document. This document may be copied and distributed subject to the following conditions: 1) All text must be copied without modification and all pages must be included; 2) All copies must contain IDTheftSecurity.com Inc. copyright notice and any other notices provided therein; and 3) This document may not be distributed for profit. All trademarks acknowledged. Copyright IDTheftSecurity.com Inc. 1992-2013

IDTheftSecurity.com, P.O. Box 15145, Boston, MA 02215

PC Worlds Top 10 Security Nightmares of the Decade

/in /by

Robert Siciliano Identity Theft Expert

The last decade we have seen technological breakthroughs unlike any other. In response we have seen a tremendous rise in fraud.  The reason? The speed of the conveniences technology have far outpaced the security of technology.

PC World puts out their list:

Cyberwar: In February 2000, a Canadian teenager named Mafiaboy used automated floods of incomplete Internet traffic to cause several sites–including Amazon, CNN, Dell, eBay, and Yahoo–to grind to a halt, in what is called a distributed denial of attack.

Malware: Viruses and worms have always been around, but in the summer of 2001 one aggressive worm threatened to shut down the official White House Website.

MySpace, Facebook, and Twitter Attacks: At the beginning of the decade, security experts at businesses had to struggle with employees’ use of instant messaging from AOL, Webmail from Yahoo, and peer-to-peer networks. These applications poked holes in corporate firewalls, opening various ports that created new vectors for malware.

Organized Viruses and Organized Crime: After the Melissa virus struck in 1999, e-mail-borne viruses peaked the following year with ILOVEYOU, which clogged e-mail servers worldwide within 5 hours. (See “The World’s Worst Viruses” for more about a clutch of the decade’s early offenders.)

Botnets: With the financial backing of organized crime syndicates came widespread and clever innovations in malware.

Albert Gonzalez: It wasn’t organized crime but rather a confederacy of criminals that caused some of the largest data breaches over the last few years–attacks that victimized Dave & Busters, Hannaford Brothers, Heartland Payment Systems, and TJX, to name just a few.

Gone Phishing: More effective than spam, yet short of a full-blown data breach, is phishing. The idea here is that a creatively designed e-mail can lure you into visiting a believable-looking site designed solely to steal your personal information.

Old Protocol, New Problem: Behind the Internet are protocols, some of which today perform functions far beyond what they were originally designed to do. Perhaps the most well-known of the overextended protocols is the Domain Name System (DNS), which, as IOActive researcher Dan Kaminisky explained in 2008, could be vulnerable to various forms of attack, including DNS cache poisoning.

Microsoft Patch Tuesdays: A decade ago, Microsoft released its patches only as needed. Sometimes that was late on a Friday afternoon, which meant that bad guys had all weekend to reverse-engineer the patch and exploit the vulnerability before system administrators showed up for work on Monday.

Paid Vulnerability Disclosure: Independent researchers have debated for years whether to go public with a newly found flaw or to stay with the vendor until a patch is created.

Protect your identity. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano identity theft speaker discussing credit card fraud on CNBC

Beware Online Auction Fraud & Identity Theft

/in /by

Robert Siciliano Identity Theft Expert

Scammers often set up pages on auction sites during the holiday season. Consumers should be aware of deals that are obviously too good to be true. Most too good to be true online deals bite unsophisticated shoppers or “newbies” to the online auction world. The victim either gets goods that are inferior, counterfeit or they never get anything and still get charged.

My spouse needed some skin care products and went online to eBay to make a purchase. She’s a newbie at this and doesn’t have a lot of experience. She called me over to help complete the transaction and was all happy she found her products so cheap. She told me the other companies were charging almost double so she doubled her order because she was saving so much. I looked at the seller “feedback” that others are supposed to give and it seems my spouse was the first ever buyer.

I told her I didn’t feel comfortable with the purchase that she should wait a day to see what happens. She begrudgingly agreed with me. The next day she logged on to complete her purchase and she saw a message stating: “The eBayer has been suspended from eBay because our records indicate the account was involved in activities that violate our terms” or something like that.

If it seems like online fraud, it is.

Scams can happen inside or outside the auction’s website.eBay recommends being aware of “spoofed” emails.

Stay safe online by protecting yourself from spoof (fake) emails and Web sites. Spoof emails and Web sites can be a major problems for unsuspecting Internet users. Claiming to be sent by a well-known company, spoof emails direct users to Web sites asking for personal information such as a credit card number, Social Security number, or account password. Most “legit” websites will never ask you for such personal information when making a simple purchase. Because it’s so difficult to tell when an email or Web site is a spoof, eBay recommends that you:

1. Download and use eBay Toolbar with Account Guard, a feature that indicates whether you are on the real eBay or Paypal Web sites, or are on a potential spoof site.

2. Learn about spoof protection by taking eBay’s spoof tutorial.

3. Never enter sensitive personal information (such as your password or credit card, bank account, and Social Security numbers) in an email.

Avoid online scams and identity theft by looking for “Feedback” internally on eBays website

1. Buy with confidence by reviewing a seller’s eBay feedback.

2. Before you bid or buy on eBay, it’s important to know your seller. Always look at your seller’s feedback ratings, score and comments first to get an idea of their reputation within the eBay marketplace.

3. Each comment and rating – whether positive, neutral or negative – is an opportunity to understand the history and experience of a seller, a chance to form your own opinions, and a visual cue to help you make a smart buying decision.

Two men were recently arrested when they pocketed the buyer’s payment, then used the buyer’s credit card number and then made fraudulent charges. You can’t be too careful here.

In most cases I recommend using PayPal for online auctions to help prevent online identity theft. If you use your credit card, make sure to check your statements frequently and refute unauthorized charges immediately.

Online buying can help make life easier. Make sure you follow these tips when making online purchases to help protect your identity.

Robert Siciliano is a personal security and identity theft expert for HomeSecuritySource.com See him in action discussing holiday scams on Fox’s Mike and Juliet show. (Disclosures)

*Content expressed in Home Security Source does not represent the thoughts and opinions of ADT Security Services, Inc. unless explicitly indicated.1

The Feast of the 7 Phishes

/in /by

Robert Siciliano Identity Theft Expert

Being a “Siciliano” and having roots in Italy, namely Sicily, the little island at the bottom of the boot, we have a tradition where we celebrate “the vigil” (La Vigilia), with a Feast of the Seven Fishes (festa dei sette pesci).

It’s a day of cooking, eating and enjoying your favorite beverage in substantial quantity. I do the cooking and start serving at noon. I generally cook to order and serve lobster, mussels, little neck clams, scallops, squid, also known as calamari, a white fish, sword fish, and a small fish called “smelt”. Funny name, but tasty. Everything is prepared either fried, white sauce or red gravy. It’s a yummy day.

Tis also the season for scamming everyone and anyone who is duped into responding to a “phish” email. Phishing is when you receive an email that looks like it’s a legitimate communication from a bank, retailer, government agency or some other entity informing you that you’ve won something or stand to lose something if you don’t respond.

Around the holidays scammers are in full force and sending lots of emails that look like they are coming from legitimate retailers but are in fact fake and meant to lure you into entering your personal information.

Here are the 2009 7 Phishes to look out for, pulled directly from my inbox:

1. Great Holiday Deals!: “Find out some new facts about the original Swiss things! Leather wallets, authentic jewelry and Swiss watches – are the main details in your life.” Click the link and go to a fraud based retailer that sends you fake goods.
2. Official Viagra Reseller: “There’s no better time of the year to show your lover how much you care. Gift them a years subscription to Viagra!” OMG! They didn’t just say that! It’s a fake, don’t bother.
3. Give Credit Repair for Xmas and Have a prosperous New Year!: “Log in now and get your loved one an updated credit score and start 2010 off looking better financially than ever.” This also means giving some scammer your spouse’s social security number. Not a good idea.
4. Gift Yourself a Russian Bride for the Holidays: “Wide choice of fine Russian girls for any taste are available here.” They first ask you for a deposit to start the “searching for a bride”. Once you wire money anywhere overseas in response to an email kiss it goodbye.
5. Lose That Holiday Ham!: “I lost 17 pounds drinking coffee in time for New Years Eve! You can too!” Do I even need to explain?
6. Bankcard Account Suspention: “We have disabled your account to inactivity. If you plan to go shoping (typo) for your families you should contact us now.” Two typos and bad English. Need I say more?
7. Have a Happier New year with a new Job!: “Shipping managers needed now. Start your own home based business with no money and no inventory.” And become a shipping mule for organized criminals.

Robert Siciliano is a personal security and identity theft expert for HomeSecuritySource.com See him in action discussing holiday scams on Fox’s Mike and Juliet show. (Disclosures)

*Content expressed in Home Security Source does not represent the thoughts and opinions of ADT Security Services, Inc. unless explicitly indicated.