Posts

Here’s How You Can… Almost…Delete Yourself Off of the Internet

Whether you like it or not, companies like Facebook, Google, and Amazon all have a ton of data about you, including social connections, health information, and things you like or dislike. These companies usually use this information for advertising and marketing purposes, other companies out there also are collecting information on you to influence you politically, and you probably don’t want them to have it.

Here’s How You Can... Almost...Delete Yourself Off of the Internet

The bad news is, that it is next to impossible to totally delete yourself from the internet. Keep in mind that if your data has been hacked, such as usernames and passcodes on sites that were breached, that data will live on the dark web forever. Check if your email, as a username was compromised on my site here: https://protectnowllc.com/hacked-checker/ The good news, however, is that you can remove a lot of your data if you put a little time and effort into it. Here are some steps to follow:

Opt-Out When You Can

You probably wouldn’t be surprised to know that collecting and selling consumer data is a big industry. In 2019, Vermont passed a law that required any company doing business in the state and buying and selling third-party info to register. More than 120 companies went through the process, and they collect information such as names, DOBs, addresses, education level, buying habits, and yes…. even Social Security numbers.

Some of these companies might be familiar to you — Oracle, Equifax, Experian, Acxiom, and Epsilon are some of them. There are data brokers that allow people to opt-out of this type of data collection, but it can be difficult to figure out how to do it. You may have to fill out a form online, send them an email, or even send in other identifying information.

There is an organization that can help – it’s called the Privacy Rights Clearinghouse. Here, you can access a database of more than 200 different data brokers, and you can see information on whether or not you can opt-out. You can also take a look at YourDigitalRights to get opt-out forms for the top 10 biggest data brokers.

Ask Google to Remove Your Personal Info

Another thing that you can do is to ask Google to remove your personal contact info from search results. You can remove your home address, your phone number, and your email address.

You can get started with this by going to this Google Support site to begin the process. Here, you can submit up to 1,000 URL’s that include information about you, and it will be removed from Google search results.

This doesn’t happen automatically. The company will review the request, and then contact you if more information was necessary. Once everything is in place, Google will let you know if it will approve the request. Some things, like public record or news articles, will not be removed, and people can still find this information by searching a name.

Also, keep in mind that just because your information is removed from Google, there are other search engines out there.

Get Rid of Old Accounts 

If you really want to minimize your online presence, deleting any accounts that you no longer use can be a real help. Did you have an account on MySpace? Try to delete it. Did you blog on Tumblr during high school? Scrap it.

Though it’s easy to delete a lot of these old accounts, it’s also pretty time-consuming. Start by making a list of any old accounts you can remember, and then go through them one by one. You will have to go to each site, and then figure out how to log in and then delete the account. To make things easier, you can use a site called Justdelete.me, which will point you to the page where you can start the process.

You also might want to search for your name, email address, or other information to see what comes up. If you see posts that come up, you may be able to contact the site administrator to remove the information.

Clean Up Your Online History 

If you don’t want to delete old accounts, that’s totally fine. However, you can still clean up some of the old data that may be stored online. For instance, your Twitter or Facebook timelines may have old messages on them that you don’t want to get out in public. You can also do similar with your email account.

Data that is posted publicly, like text or photos, is much more easily found than other information, but make sure prior to deleting, that you are backing these things up if you may want to ever access it. Almost all social media platforms have a backup option in settings that you can use to do this.

For those who want to get rid of old tweets in bulk, Twitter doesn’t let you do that. However, other programs like TweetDelete and Tweet Deleter will get rid of it. It’s not free, however, but once you do it once, at $5.99 a month for Tweet Deleter, you can cancel after that first month. Also, remember, that when you give third-party service access to your account, they can access information that is within those accounts, like direct messages. Alternatively, if you don’t use your Twitter account, just delete it.

Facebook posts are a bit different. Google, for instance, won’t post information from individual Facebook posts online, but if you want to do the most possible to remove your history, you can go into your account and delete them. You can make it a bit easier by checking out the Activity Log, and then choosing what you want to delete. Alternatively, if you no longer use your Facebook account, you can delete it.

Pay Someone to Do It 

Of course, there is a market for anything, and if you don’t want to spend the time to do all of this yourself, you can definitely hire a company to do it for you. These third-party data removal companies will do the time-consuming job of removing your data from the internet. Some, like DeleteMe, can attempt to remove the data from brokers who are selling your info. Others, like Jumbo, can give you an alert when there are data breaches that your accounts might be a part of, or it can be set to delete social media posts after a certain period of time.

Preparing for the Future 

As you can see, it’s probably possible to remove some of your information, but once a lot of it is out there, it’s nearly impossible to remove it all. However, the future is yet to be written, so there are some things that you can do to protect yourself in the years to come.

First, consider what type of information you really want to put online. When you sign up for a new account, consider what type of information you are comfortable sharing, and if you can, consider using a burner email account. This is an account that you can use to sign up for new accounts that are different from your actual email account. That way, when you start getting all of the spam, it goes to this account, and not your main account. Additionally, if this account gets compromised, it’s not a huge deal, assuming there is no identifying information kept in it.

You also might consider not using the “big guys” for your online browsing. For instance, you can choose a web browser that is not Chrome or Safari-like Brave, or a search engine that isn’t Google, like Duck Duck Go. You also should truly understand what type of information is shared by the apps or programs you are using.

Finally, you need to talk to your family and friends. If you really want to be invisible online, then you should make sure everyone knows. Most people will be considerate of your request. It’s a respect issue these days, and there could be many reasons why you don’t want your current location or photos of yourself posted to social media sites. Tagging you in things should also be avoided.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Protecting Yourself from Gift Card Scams

It doesn’t matter what the occasion is, gift cards are a popular gift. However, if you are giving them, or getting them, you could be part of a scam. There are more gift card scams out there than you might think, and it includes both digital and physical cards.

gift cardIt doesn’t matter where you get the card, here are two ways that scammers use them to make money:

The “Assistant Gift Card Scam”

Small businesses are often the target of the assistant gift card scam. We see this a lot in the financial services industry, or really any other industry where you have a service professional who has assistant that manages administrative tasks.

The scam works like this: the scammer scopes out the service professionals website, he might make a phone call or send an email seeking out a secretary or assistant, and then reaches out to that assistant usually via email or even text, spoofing the communication medium and posing as the service professional.

In that communication, the criminal posing as the service professional requests the administrator go out and buy five gift cards for clients and to send pictures of the gift cards with the activation codes on the back scratched off.

Once the criminal receives the photos with the codes, he immediately cashes them in.

The best way to prevent this, is always by getting on the telephone and calling your boss to make sure that the request for gift cards is a legitimate one.

Using a Gift Card to Transform it to Cash

If you get a $200 gift card to a store, and then it’s stolen, it’s like you have lost money. It’s essentially the same as if someone stole $200 from your pocket. You might be wondering how a scammer can turn a gift card into cash. Here’s how it works:

  • The thief takes a gift card out of your gym locker.
  • Instead of using it it at the store, he puts an ad online offering it at a $50 discount saying he’s in a rough spot and needs cash.
  • Someone takes him up on the offer and sends him $150 via Venmo.
  • The thief then goes and uses the gift card at the store. He takes the item he bought and sells it on eBay….and never ships the card to the person who bought it.
  • So now, he has the $150 plus the cash he got from selling the item he bought.

Infiltrating Gift Card Accounts Online

Another way that a thief can scam people by using gift cards is by taking advantage of software. They use a botnet which is also a robot network of computers design to hack, to gain access to an online gift card account. Here’s how it works:

  • You log into your gift card account.
  • The botnet also tries to log into your account. They randomly keep trying until they guess the password/code.
  • Though it’s not guaranteed, the botnet could guess the password/code for your gift card, and if it does, you can say goodbye to the balance.

Protecting Yourself from Gift Card Scams

  • Don’t believe everything you read online. If a deal is too good to be true, it probably is.
  • Anytime a service professional requests a straighter buy a bunch of gift cards, get on the phone and talk to that person directly to confirm the legitimacy of the request.
  • Buy a gift card straight from the source, not from a random Facebook ad.
  • Don’t buy any gift cards at a high traffic location as it’s easy for scammers to hide their scam.
  • Change the security code of the card if you can.
  • If you have access to an online account, change your password and username.
  • As soon as you suspect something fraudulent is going on, report it.
  • Spend the money on the card as quickly as possible.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Election Civil Unrest: Plan Ahead for Turbulent Times

We all know that the election could lead to turbulent times, and there are going to be risks out there. What can you do if you come across some type of violence or protesting? Let’s start with some general tips to keep yourself safe:

  • Don’t wear candidate-specific clothing. You are only bringing attention to yourself.
  • Stay away from areas where there are demonstrations
  • Check out the situation before you head out
  • Things can change very quickly so have a plan to get out of violent situations.
  • Keep up with local news
  • Don’t go near large gatherings
  • Stay home if you hear about demonstrations in your area
  • If you come upon a protest, leave the area as quickly as possible.
  • If you have to go where there are protests, bring a friend and stay together.
  • If you see police trying to settle a situation, leave.

Protests and Demonstrations – Safety Tips

If you want to participate in a protest or demonstration, here are some tips:

  • Don’t get involved if civil unrest breaks out. You could get jailed, hurt, or even killed.
  • Don’t take videos or photos. Law enforcement might see it as threatening.
  • Leave if things get violent.

Unexpected Civil Unrest – Safety Tips

If you find yourself in the middle of unexpected civil unrest, here are some tips:

  • If things get violent, do your best to get out quickly. Try to find a safe, public place like a museum, hospital, church, or hotel.
  • Plan a few routes out of the area. Keep in mind that roads could be closed.
  • Curfews might be imposed, and it’s best to follow them.
  • Try to get to the edge of the crowd, and as soon as you can get away, you should.
  • Walk and try not to run. Running can bring unwanted attention
  • If you get arrested, don’t resist, even if you are totally innocent. You can work it out later.
  • Stay away from glass windows and try to move with the flow of the crowd.
  • Avoid banks, fast food places, government buildings and police stations, as they are often targets during uprisings.
  • If you get into a tight spot, grab your wrists and push your elbows out. This will give you a bit of air.
  • If you are pushed or fall to the ground, try to get close to a wall and roll into a ball. Cover your head.
  • If shots ring out, drop to the ground and cover your neck and head.
  • Don’t try to drive a car through a crowd.
  • If you do end up in a crowd while driving, turn down the nearest side street, turn around, or reverse.
  • If you can’t move, park, lock it, and leave the car. If you can’t get out, turn off the engine and lock the doors.

Stuck in a Hotel or Your Home – Safety Tips

If you are home or in a hotel when violence occurs, here are some tips:

  • Stay inside and don’t leave
  • Reach out to your family and police to let them know where you are.
  • Stay away from windows, draw the blinds, and lock all windows and doors.
  • Find a place to sleep in the center of the home or hotel room.

Following Civil Unrest – Safety Tips

Once things have settled down, keep the following in mind:

  • Stay where you are safe until you know it’s okay to leave.
  • If you are hurt, get medical attention
  • Report damage to police
  • Reach out to family to let them know where you are
  • Report damage to your insurance company

Shut Downs – Tips

Shut downs can happen during times of unrest. Keep the following on hand:

  • Cash
  • Water
  • Food
  • Medication
  • First aid kits
  • Baby and pet supplies
  • Radios and batteries
  • Flash lights
  • Gas in your vehicle
  • Phones, laptops, and chargers
  • A bag with a couple of days of clothes for everyone in your family
  • Essential documents
  • Emergency contacts

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Disinformation From Russian Troll Farms to Sway 2020 Election

The Russian trolls are at it again, and they are trying to influence the American people in this year’s upcoming election cycle. This time, however, they have learned some lessons, and they are getting more difficult to track and identify.

One huge part of avoiding scams and fraud is to recognize well, scams and fraud. And that also means recognizing disinformation campaign’s.

Disinformation i.e. Dezinformatsiya

Disinformation, fundamentally, is lying. Disinformation used to be spread by the spoken word only.  But with the invention of the printed word and the press, disinformation was spread using pamphlets, leaflets, books, magazines, political cartoons, and in planted clandestine newspaper articles. Agents of influence, political spies, and journalists can all be used to spread disinformation. Digitally, social media spreads disinformation like the proverbial wildfire.

The birth of the word “disinformation” comes from the Russian word (dez-inform-ahhT-see-ahh) dezinformatsiya. Joseph Stalin coined the term in 1923 derived from the title of the KGB black propaganda “special disinformation office” department. Disinformation was formally defined in the Great Soviet Encyclopedia in 1952 as “false information with the intention to deceive public opinion”.

Disinformation is meant to instill fear and confuse its intended target by blurring the lines between fact and fiction. Disinformation’s primary purpose is to spread conspiracy theories that isolate readers and viewers from alternative viewpoints to create a cloud of confusion and paranoia.

In 2016, the operation was fairly simply. Most of the trolls were coming from a big office in St. Petersburg, Russia, but now…they are getting help from scammers in Nigeria and Ghana.

These trolls have almost totally focused on racial issues in the US, and they promote things like the empowerment of African Americans and pushing anger on white Americans. The goal is to divide the American public and promote unrest in society. Which unfortunately isn’t all that difficult.

There have been hundreds of accounts created by trolls in Ghana, and it is very possible that the content on these accounts has reached millions. But Twitter and Facebook have been looking into suspicious accounts, and they are removing accounts that are not legitimate. Facebook has said that almost 300,000 people were following these accounts on Facebook and Instagram, and about 65% of these people are in the US. Twitter has removed accounts, too, and notes that so far, these accounts had almost 70,000 followers. Most of these accounts are posting in English and alluding that they are in the US, specifically in Florida, New Orleans, and Brooklyn.

These posts are focusing on things like police brutality, the Black Lives Matter groups, shootings, and general racism.

What is interesting is that the US is not the only place these trolls are targeting. Lately, Russia has begun to show more interest in some other African countries, as it is believed that they want to exploit the resources that are present in Africa, including things like diamonds and gold. This has occurred in places like Sudan, Libya, and Mozambique. Politics are also on the table.

Divide and Conquer via Disinformation

The desired outcome of disinformation by its author is to divide and conquer or rule the persons who are manipulated by it. The Oxford definition of “divide and conquer” is the policy of “maintaining control over one’s subordinates or subjects by encouraging dissent between them”. In other words, from the perspective and motivation of the conman, “don’t trust them, trust me.”

Who is behind this? It is thought that all of these campaigns have some type of association with a Russian financier and close friend to Vladimir Putin.

This interest in Africa and the US is troubling, as it is showing how much control these people have on the public viewpoints of these countries. In other words, these groups are working hard to manipulate and divide us.

These groups are also not going away anytime soon. As soon as one of these accounts are discovered, a new one is quickly added.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Florida City Pays Hackers $600,000 after Scam

Riviera Beach, a city in Florida, has agreed to pay a $600,000 ransom to hackers who attacked its network.

This week, the City Council voted to pay the demands after coming up with no other option to meet the demands of the hackers. It seems that the hackers got access to the system when a staff member clicked on a link in an email, which uploaded malware to the network. The malware disabled the city’s email system, direct deposit payroll system and 911 dispatch system.

According to Rose Anne Brown, the city’s spokesperson, they had been working with independent security consultants who recommended that they pay the ransom. The payment is being covered by the city’s insurance. Brown said that they are relying on the advice of the consultants, even though the stance of the FBI is to not pay off the hackers.

There are many businesses and government agencies that have been hit in the US and across the world in recent years. The city of Baltimore, for instance, was asked to pay $76,000 in ransom just last month, but that city refused to pay. Atlanta and Newark were also hit with demands.

Just last year, the US government accused a programmer from North Korea of creating and attacking banks, governments, hospitals, and factories with a malware attack known as “WannaCry.” This malware affected entities in over 150 countries and the loses totaled more than $81 million.

The FBI hasn’t commented on the attack in Riviera Beach, but it did say that almost 1,500 ransomware attacks were reported in 2018, and the victims paid about $3.6 million to the hackers.

Hackers often target areas of computer systems that are vulnerable, and any organization should consistently check its systems for flaws. Additionally, it’s important to train staff about how hackers lure victims by using emails. You must teach them, for instance, not to click on any email links or open emails that look suspicious. It is also imperative that the system and its data, and even individual computers, are backed up regularly.

Most of these attacks come from foreign entities, which make them difficult to track and prosecute. Many victims just end up paying the hacker because the data is precious to them. They also might work with some type of negotiator to bring the ransom down. In almost all cases, the attackers will do what they say and allow the victims to access their data, but not all of them do. So, realize that if you are going to pay that you still might not get access to the data. Ransomware simply should not happen to your network. If all your hardware and software is up to date and you have all the necessary components and software that your specific network requires based on its size and the data you house then your defenses become a tougher target. Additionally, proper security awareness training will prevent the criminals from bypassing all those security controls and keep your network secure as it needs to be.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Beware of Conference Invitation Scams

Conference invitation scams are those that involve a scammer sending invitations out to events with the intention of scamming the invitees. These might be real events or fake events, and the scammers target people including business professionals, lecturers, CEOs, researchers, philanthropists, and more. The goal here is to steal the identities of these people, and eventually get money by taking advantage of their victims.

Spotting a Scam

There are usually some pretty clear signs that you could be dealing with a scam involving a conference invitation. Here are some things to look for:

  • The invitation has typos or bad grammar
  • The invitation seems very random or out of no where
  • The conference name sounds like a conference you might be family with, such as Tech Crunch, but it’s spelled differently, like TekCrunch
  • The invitation asks that you pay a premium price to attend, which includes accommodation and transportation
  • Payment options don’t include credit cards
  • The invitation is overly flattering
  • There is a sense of urgency pushing you to send personal information
  • The greeting on the invitation is questionable, i.e. “Salutations.”
  • The invitation asks for sensitive information in return for “covering” your conference cost, accommodations, and transportation.
  • The conference is held in a different country, i.e. Asia or the Middle East
  • The landing page doesn’t have a physical address or landline number
  • The invitation sounds too good to be true

How Do These Scams Work?

In general, the scammer begins the scam by sending an email to a target victim and invited them to attend or speak at a conference. The scammer usually uses the victim’s social media pages to get information about them, which helps them to create a more personalized email.

The victim is told to register for the conference, which involves giving personal information. Additionally, they could be asked to pay a fee to attend, which could be over $1,000, depending on how long the conference is said to last. Usually, this is where the sense of urgency comes into play, as the scammer will say the conference is filling up or they need to know if they can count on the victim to speak. If not, of course, they must find another speaker, so the victim must confirm as soon as possible.

If the targeted victim complies with this and sends their information, the scammer may have enough information to steal the victim’s identity. Additionally, the scammer can use the name of the victim to promote the conference, especially if it is someone well-known in the industry.

If the victim goes through with all of this, they will quickly find out that they have been scammed. A scammer might also try scamming people who are actually going to a legitimate conference. They claim that they are part of the organization running the conference, and they need information and to collect fees. Of course, since the victim already signed up for the conference, it is easy to believe this scam without giving it a second thought.

Protecting Yourself from Invitation Scams

Here are some tips and tricks that you can use to protect yourself from these types of scams:

  • If you get an email similar to ones described here, don’t respond.
  • You should investigate any invitation that you are not sure of.
  • Do not agree to send money, and only pay with a credit card.
  • Don’t agree to give any personal information; a conference organizer doesn’t need to know your Social Security Number
  • Research the event and try to match up the information that you were given in the invitation email.
  • Copy and paste some of the email into Google to see if others have reported that this is a scam.

What to Do if You are a Victim If you have become a victim of a conference invitation scam, there are steps you should take immediately. First, get in touch with your financial institutions, like banks and credit card companies, and make them aware of this. Next, you should contact the location police and authorities in the area where the conference is allegedly supposed to be held. You should also get in touch with the Better Business Bureau about the company, and you can report the scam online via the BBB’s Scam Tracker or the Federal Trade Commission’s Online Complaint Assistant.  Finally, you can also report the scam to the FBI through its Internet Crime Complaint Center.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

WARNING: You or Your Members Could be Targets of List Scams

There are scammers out there targeting conference exhibitors and attendee. What are they looking for? Credit card numbers, money wires and personal information that they can use to steal identities. One of the ways that scammers get this information is by using invitation or list scams. Basically, if you are registered for a conference, speaking at a conference, a conference vendor or just “in the business”, you might get an email…or several emails…that invite you to a conference or offer to sell you a list of attendees, and their contact information, which may be beneficial to you…but is it too good to be true? Definitely.

Robert Siciliano, CSP, SAFR.ME

These Lists are Lies

Along with conference invitation scams, many associations are targets of list scams. A quick search of “Attendee List Sales Scam” pulls up numerous associations whose members and anyone interested in marketing to these members are being targeted by criminals to purchase non-existent lists.

Though it might sound great to get a list of all attendees of a conference, including their contact information, you might be surprised to know that these lists are lies. On top of that, getting this information might not even be legal.

Think about it for a second. When you signed up for a conference, did you choose to opt-in to have your personal information shared with others? Probably not, and that also means that most of the other attendees did not do this either.

To find out if the list is possibly legit, take a look at the show’s policies. Do they give information to third parties? Do they rent or sell lists of attendees? Is the name of the company that contacted you on the list of their third-party vendors? If this checks out, the list could be legitimate. If not, it’s probably a lie.

If you think you are dealing with a liar, the first thing you should do is plug the company that contacted you into the Better Business Bureau’s website. If it is a scam, you should certainly see information proving that. If not, but you aren’t interested, just unsubscribe. If you think that you are dealing with a scammer, don’t reply or even unsubscribe. Instead, just delete the email and don’t take any action. Many of these scammers are simply looking for active email addresses.

More Conference Invitation Scams

Another scam involves telling attendees about exhibitors that don’t even exist. This can push you into wanting to sign up for the conference, but in reality, the conference, itself, might not even exist, and in this case, you could just be giving your hard-earned money to a scammer.

So, if you find yourself in this situation, the first thing you want to do is research. One step is to look up the person who contacted you online, such as on LinkedIn, and see if they are who they say they are. Another thing to do is to contact the conference venue and ask if the event is being held there. You can also check the contract for refund or cancellation information. You also should do some research about the reputation of the contactor company. Finally, always make sure that you pay for any conference with a credit card. This way, with zero liability policy’s, you can get your money back, and every legitimate conference company is happy to accept credit cards. 

But Wait…There’s More

Another scam associated with trade shows and conferences is to contact attendees about hotel reservations, but once you pay…it’s all a scam. Usually, these scammers will contact the attendees and say that they represent the hotel for the conference. They will tell you that rates are significantly rising or that it is sold out, so you must act immediately…however, they will say that they need the full amount up front.

When in doubt about this type of scam, you should always contact the trade show organizers yourself, and then ask who the booking rep is. You should also give them the name of the company that you believe is scamming you so they can advise others of the scam.

Know Your Options

  • It is very important when you are signed up to present or attend a conference that you only engage with the company that is running the conference
  • If in doubt, confirm with the company that the offers from third-party claims are correct.
  • You can also get an official exhibitor list of official vendors.
  • Keep in mind that these legitimate companies might have your personal information, but they would not release your personal contact information with third-parties.
  • Some exhibitors might get the mailing address of attendees, which you can opt out of. Most of this is harmless, of course, but that doesn’t mean that all of these lists are.

Wi-Fi Hacks

Finally, you want to watch out for wi-fi hacking. This is a common scam for conference goers. When you attend a conference or trade show, you probably just expect that you will get free wi-fi, right? This allows you to take care of business and ensure that your booth runs smoothly. Hackers know this, of course, so they set up nearby and create fake networks. Once you connect to these networks, they can come into your device, take your information, and even watch everything you are doing online.

Keep in mind that these fake networks look remarkably similar to the legitimate networks set up by the conference. So, always double check before connecting, and if you are ever in doubt, make sure to ask one of the conference or trade show organizers. They can confirm that you are on the right network. There are always going to be scammers out there, especially when you are attending a trade show or conference. There are just too many opportunities for scams, and they can’t say no. Fortunately, by following the advice above and by reporting any suspicious activity, you can not only make sure that you, yourself aren’t falling for these scams, but also help others to not fall for this type of nefarious scheme.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How To Determine a Fake Website

There are a lot of scammers out there, and one of the things they do is create fake websites to try to trick you into giving them personal information. Here are some ways that you can determine if a website is fake or not:

How Did I Get Here?

Ask yourself how you got to the site. Did you click a link in an email? Email is the most effective ways scammers direct their victims to fake sites. Same thing goes with links from social media sites, Danger Will Robinson! Don’t click these links. Instead, go to websites via a search through Google or use your bookmarks, or go old school and type it in.

Are There Grammar or Spelling Issues?

Many fake sites are created by foreign entities using “scammer grammar”. So their English is usually broken, and they often make grammar and spelling mistakes. And when they use a translating software, it may not translate two vs too or their vs there etc.

Are There Endorsements?

Endorsements are often seen as safe, but just because you see them on a site doesn’t mean they are real. A fake website might say that the product was featured by multiple news outlets, for instance, but that doesn’t mean it really was. The same goes for trust or authenticating badges. Click on these badges. Most valid ones lead to a legitimate site explaining what the badge means.

Look at the Website Address

A common scam is to come up with a relatively similar website URL to legitimate sites. Ths also known as typosquatting or cybersquatting. For instance, you might want to shop at https://www.Coach.com for a new purse. That is the real site for Coach purses. However, a scammer might create a website like //www.C0ach.com, or //www.coachpurse.com.  Both of these are fake. Also, look for secure sites that have HTTPS, not HTTP. You can also go to Google and search “is www.C0ach.com legit”, which may pull up sites debunking the legitimacy of the URL.

Can You Buy With a Credit Card? 

Most valid websites take credit cards. Credit cards give you some protection, too. If they don’t take plastic, and only want a check, or a wire transfer, be suspect, or really don’t bother.

Are the Prices Amazing?

Is it too good to be true? If the cost of the items on a particular page seem much lower than you have found elsewhere, it’s probably a scam. For instance, if you are still looking for a Coach purse and find the one you want for $100 less than you have seen on other valid sites, you probably shouldn’t buy it.

Check Consumer Reviews

Finally, check out consumer reviews. Also, take a look at the Better Business Bureau listing for the company. The BBB has a scam tracker, too, that you can use if you think something seems amiss. Also, consider options like SiteJabber.com, which is a site that collects online reviews for websites. Just keep in mind that some reviews might be fake, so you really have to take a broad view when determining if a site is legit or one to quit.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

10 Ways to Prevent Holiday Shopping Scams

The winter holidays: a time for festivities and … fraud-tivities.

Gift Card Grab

Never, ever enter your credit card or other sensitive information to claim a gift card that comes via email.

Never Buy Over Public WiFi

Shopping over public WiFi means your credit card, bank account or login data could get picked up by a cyber thief. Use a VPN.

Coupon Cautious

If a coupon deal seems too good to be true, then assume it is. End of story. Next.

Password Housekeeping

  • Change the passwords for all your sensitive accounts.
  • No two passwords should be the same.
  • Passwords should be a random salad of upper and lower case letters, numbers and symbols – at least 12 total.
  • A password manager can ease the hassle.

Two Step Verification

  • A login attempt will send a one-time numerical code to the user’s phone.
  • The user must type that code into the account login field to gain access.
  • Prevents unauthorized logins unless the unauthorized user has your phone AND login credentials.

Think Before You Click

  • Never click links that arrive in your in-box that supposedly linking to a reputable retailer’s site announcing a fantastic sale.
  • Kohl’s, Macy’s, Walmart and other giant retailers don’t do this. And if they do, ignore them.
  • So who does this? Scammers. They hope you’ll click the link because it’ll download a virus.
  • The other tactic is that the link will take you to a mock spoofed site of the retailer, lure you into making a purchase, and then a thief will steal your credit card data.

Bank and Credit Card Security

  • Find out what kind of security measures your bank has and then use them such as caps on charges or push notifications.
  • Consider using a virtual credit card number that allows a one-time purchase. It temporarily replaces your actual credit card number and is worthless to a thief.

Job Scams

Forget the online ad that promises $50/hour or $100 for completing a survey. If you really need money then get a real job.

Monthly Self-Exam

For financial health: Every month review all your financial statements to see if there is any suspicious activity. Even an unknown charge for $1.89 is suspicious, because sometimes, crooks make tiny purchases to gage the account holder’s suspicion index. Report these immediately.

Https vs. http

  • The “s” at the end means the site is secure.
  • Do all your shopping off of https sites.
  • In line with this, update your browser as well.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Google Alert Scams

If you want to know the latest on “any topic”, just sign up for Google Alerts. Google will e-mail you notifications of new information coming online. I have Google Alerts for “Home Invasion” “Identity Theft” “Burglary” “Computer Security” and many more.

So what could be so harmful about receiving alerts about topics or people who are famous for being famous or your favorite presidential candidate?

  • A scamster creates a website and inserts popular search terms such as “Kate Middleton” or “Donald Trump.”
  • If you signed up for Donald Trump, you’ll not only receive legitimate alerts from Google, but also links originating from the scammer’s site. You won’t know which is which.
  • These fraudsters have figured out a way to circumvent Google’s security.
  • Clicking on these links could download malware into your computer.

In another example Intel Security’s McAfee does the “Most Dangerous Celebrity” survey based on malicious search results. They then determine which searched celebrity sites produce the most malware.

What can you do?

  • A tell-tale clue of a scam is that when you hover over the link inside your e-mail, the URL doesn’t correlate to the alleged source of the news. If it doesn’t match up, skip it. A scammer’s URL isn’t going to have what appears to be a legitimate news outlet address.
  • Narrow your search down. So if you want the latest in Trump’s polls, type “Donald Trump polls” in the Google Alert field. Otherwise, just leaving it as “Donald Trump” will not only flood your in-box, but it will be much more likely that some of those “alerts” will be fraudulent.
  • Another way to narrow the parameters is to set the alerts for “news,” “blogs,” “best results” and “United States.”
  • Be very suspicious of URLs that do not end in a dot-com, net, org or other familiar suffix. Often, scammy URLs come from foreign countries where the suffix is different, such as “fr” for France or .ru for Russia or .cn for China.
  • If a link appears to be fraudulent, report it to Google.com/alerts.

If you’re signed up for Google Alerts for numerous topics, consider cancelling some of these, especially if it’s a hot topic that makes headlines nearly every day, such as the presidential race—which you’re bound to see anyway simply by visiting a reputable news site.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.