Posts

Steps to Manage a secure online backup

Cyber storage does not always = secure backup. Users of cloud storage have many potential tools at hand to beef up security. And just because cloud services have some loopholes doesn’t mean you should just throw in the towel, as the saying goes, and figure “What’s the point?”. Here are some ways to beef up cloud storage security and manage your online backup.1D

  • Take inventory of what’s stored in your cloud account. Evaluate how important each data item is. If the cloud service can access your data, you may want to make some adjustments, since some of your data might not be compatible with the service’s terms.
  • Consider encrypting your most sensitive data if you don’t want to remove it from the cloud and then back it up locally.
  • Don’t put all your data in one basket, either. Suppose all your data is stored in one cloud service, and that service gets hacked or something else happens and you lose your data—or it’s in the hands of thieves. If you use more than one cloud service, then at least if one gets hacked, you’re not totally screwed. Think of this as being like having your precious jewels locked in several small safes throughout your house, rather than in one giant safe. What are the odds that an intruder will find all the safes and get into all of them?
  • If your cloud account has any devices, services or applications linked, very carefully inspect and modify their settings to optimize security. Discard useless, old, unused connections so they don’t become portals to your data.
  • Use two-factor authentication on every cloud password when available. If the service doesn’t offer two-factor, consider dumping it.
  • Make your answers to security questions crazy-nutty, but also memorable.
  • Assess your cloud passwords. They should be very different from each other. If you can’t handle memorizing a bunch of long, convoluted passwords (which are the best kind), use a password manager.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Beware These College-Related Scams

The last group of college students has headed off to school for another semester of dorm rooms, late-night library sessions, and the occasional college party. For many students, college is the first time they’ve lived away from home. They are young, open to new things, and sometimes, naïve. These traits make them prime targets for scams.

9DHere are some of the most popular college scams:

  • Fake College Websites
    Here’s how this works. Scammers copy a college’s website but use a fictitious name on the site (in essence creating a spoofed site). They use this site to collect application fees and gather personal information. They even go so far as to send out rejection letters to applicants to try and “maintain” their credibility. But all this application will get you is financial loss and the potential to be victim for future phishing scams.
  • Diploma Mills
    These are unaccredited colleges or universities that provide illegal degrees and diplomas for money. Many spoofed college websites are also used as diploma mills. Though some diploma mills may require students to buy books, do homework and even take tests, the student will be passed no matter what. In some cases, users get a diploma simply by purchasing it. In any case, you’re out of money and have no valid diploma.
  • Fake Scholarships
    Let’s face it. College is not cheap. Therefore, many students look for scholarships to help ease the financial cost. Scammers profit on this need by creating fake scholarships, which require you to submit a fee when applying for the money. You never see a dime and you’ve lost that application fee as well as given up some of your personal info.
  • Wi-Fi Scams
    Computers are an essential part of the college experience and wi-fi connectivity is a necessity. So while you may not want to pay or can’t afford to pay for wi-fi connectivity, you need to be careful when using free wi-fi as hackers can easily intercept your communications.

So while college is a time to learn and experience new things, you also want to avoid getting scammed. So here’s some tips on how to make sure you don’t get taken by one of these scams:

  • To protect yourself, develop the habit of not giving personal information to strangers and double check the authenticity of the organization.
  • Before sending in any online application, double check the accreditation for any college or university. In the United States, you can do that on the Department of Education site.
  • Verify that a scholarship is valid, by checking with an organization like FinAid.org.
  • Avoid doing any sensitive transactions like shopping or banking when using free wi-fi connections.

Yes, there are plenty of scams out there. But with common sense and a willingness to double-check, students can avoid being lured in.

Have a great school year!

For more tips on how to stay safe online, follow McAfee on Twitter or like them on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Back to School Time Means Online Safety Time

It’s August which for parents (and kids) means it is back to school time. It can be easy to reminisce about your school days—passing notes to the cute girl or boy in class, late-night study sessions with friends, or playing tag on the playground.

4HBut your kids’ school experience is way different from when you were in school. Snapchat, Facebook, and text messaging have replaced those folded handwritten notes. Educational apps have replaced flash cards. A lot of your kids have their own smartphone or are probably asking for them.

Your kids are growing up as digital natives, with technology playing a part in almost every aspect of their lives. In a study conducted earlier this year, McAfee found that 54% of teens and tweens spend more than 10 hours online per week and over 60% use either Snapchat, YouTube or Instagram on a daily basis.

And while our kids may be digitally savvy, McAfee found that while 90% of tweens and teens believe their parents trust them to do what is right online, almost half (45%) would change their online behavior if they knew their parents were watching.  So it’s critical that we stay one step ahead of our kids.

With all this technology available, there comes new responsibilities for us as parents. It’s important that we take the time to teach our children how to safely navigate the digital world. Here’s some ways to protect your kids online:

  • Turn off GPS services. Encourage your child to disable this option to keep their location invisible to strangers.
  • Enable privacy settings. This is something we should all do and the McAfee study found that over 1/3 of youth did not use these on their social networking profiles.
  • Discuss the reality of cyberbullying. In the McAfee study, 87% of kids have witnessed cyberbullying and 24% said they would not know what to do if they were cyberbullied.
  • Teach them what is appropriate to share. 50% of tweens and teens share their email address, while 30% post their phone number and a whopping 14% posted their home address.

To help keep our kids safe online, McAfee and HP have teamed together to promote online safety during the Back to School season —and give you a chance to win prizes. To learn more, go to www.BTStips.com to enter to win!

For more tips, like McAfee on Facebook or follow them on Twitter.

Cheers to a safe, fun school year!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Beware of 5 Summertime Scams

The Better Business Bureau says beware of big summertime scams: five in particular.

9D“Wow, it’s a steal!” No, that’s not necessarily from the customer; it’s from the crook who entices the consumer with an irresistible deal involving airfare and room and board. If you see a deal that seems too good to be true, do an online search of the associated phone number and address, whatever it takes to confirm legitimacy.

Seasonal jobs. Con artists like to target high school and college students especially. Be careful about job ads stating that no experience is needed, though these can be legit. However, be extra cautious if the company requires you to pay for training or to pay for a background check.

Concert tickets. Con artists will attempt to resell the same ticket over and over, as the ticket can be printed out when a concert venue sells it directly from their website. Be suspicious of someone giving you a sob story for why they must sell their ticket. Be leery of those who will take only a cash payment.

Movers. Planning on moving this summer? Beware of whom you hire, and take a second look at a price that seems like an outrageously good deal. A cost that’s quoted online or over the phone isn’t always carved out in stone. Don’t just hire without first checking them out, even if they were recommended by friends or a service person you recently hired and were pleased with.

Door to door sales. Don’t be swayed by someone at your door. Get everything in writing before you hire someone, be it for landscaping or a security system. Never sign a contract that lacks a start and finish date.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

How to Prevent Summertime Scams

Summertime is here…and that means sunshine and vacations. Most people love summertime, including scammers! Hackers can use this time to take advantage while we are planning vacations or on vacation or just enjoying fun in the sun. Here are some key scams to watch out for this summer:9D

  • Family or Friend Requests Money
    You receive an email from a friend or family member. They tell you a sob story and say they need money. It sure seems like the right person. You even ask them for more details and they give them spot-on. Convinced they’re the real McCoy, you wire them money. But what you just did was wire money to an imposter who got all those personal details off social media. One way to prevent this it to establish a secret code that your friends and family promises not to post on social media (and the code should be a nonsensical sentence or something that isn’t easily guessed). If a person can’t type out this secret code, then you know it’s a scam. Another way to avoid this scam is to always speak live to the person asking for the money.
  • Home Improvement
    Summer is when homeowners are most gullible to people offering home repairs. In many of these cases, repairmen do only superficial repairs to make something look nicer or others take your deposit money and then disappear into thin air. To avoid this, make sure you check references and be leery of anyone appearing out of the blue offering home improvement services or those who are not insured.
  • Moving Scams
    As summer is a time when many people move homes, it’s also a time ripe for moving scams. You could experience something like the moving company suddenly charging you more if you want your belongings unloaded from the truck. To avoid moving scams, be careful when you choose a moving company, check references and make sure you use an accredited moving firm.
  • Vacation Rental Scams
    Vacations are something you want to enjoy and getting a great deal makes it even better. But not if it’s a sham. Scammers offer deals on vacation rentals and then you arrive to find that the keys don’t work or worse—the rental is an empty lot. Before you pay for a vacation rental, make sure that the rental address exists by using Google Earth search. And just like other things, get references and only rent from trusted sites like TripAdvisor.
  • Online Employment Ads
    If you’re job searching, you need to be aware. This scam is usually found on free job listing sites, but can be found in emails too. The red flag is when they want YOU to pay THEM (never mind how legitimate it sounds) or they ask you for a ton of personal information like your driver’s license or birthdate. Just don’t give out your information. Stick to well-known job sites when hunting online.

Summer is a time that we should all enjoy—both online and offline. Make sure you educate yourself on the latest scams and be wary of things that seem too good to be true. Remember, it’s better to be safe than sorry.

Stay safe this summer!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Spring Clean Your Online Reputation

Spring is fast approaching, which means that spring break and college graduation are not too far away. Things could get ugly if your friends take photos of you acting foolish and then post them online for everyone to see.

14DWhether you’re searching for your next career move or are on the verge of graduation and feverishly sending out your resume, like it or not, potential employers are going online and Googling you. (Yes, Googling is considered a verb now.) Every time they find something online that is appropriate, they print it out and attach it to your resume. While I can’t confirm whether or not people are pulling your past and laughing at your expense, let’s just say I’d put money on it.

When was the last time you cleaned up your online (especially on social media) profile so that prospective employers can’t discover “bad” things about you? McAfee conducted a study, and the results show that 13.7% of people ages 18-24 know someone who was given the pink slip, courtesy of online postings.

Job seekers and upcoming college graduates take note: Difficulty getting or keeping a job due to negative social media content is a reality. I assure you anything on your social media profile that makes you look less than desirable as an employee, even an innocuous comment such as, “I always have trouble being on time,” can kill your chances at getting that dream job.

Tips on how you (the job seeker) can make your online profile look good:

DON’T:

  • Don’t friend someone you don’t know, just so you can crank up that friend-total tally. (Wow, 8,000 friends! Really?)
  • Don’t let anyone photograph or video you holding alcohol, smoking, being promiscuous or aggressive, shirtless, using vulgar gestures, or even doing something perfectly legal but stupid looking like the seflie fishy face.
  • Don’t use offensive language online, even if your privacy settings are at the highest. If you really need to get your point across, use “fudge,” “freakin,” “effing,” etc.
  • Don’t log on when your judgment may be compromised by raging hormones or alcohol/drugs.
  • Don’t negatively comment online about any person in authority (your boss, former boss, parents, a political candidate). Exception: The object of your scathing remark is a puppy beater.

DO:

  • Make sure your social network privacy settings are on high, but remember that this doesn’t give you the green light to be inappropriate.
  • Look at the past year of what you’ve posted on social media profiles. Delete every photo, video and comment that is even remotely off color.
  • Google your name, address, phone number, email address and pseudonyms to see what’s out there about you. If it’s bad and it’s deleteable, then delete.
  • If it’s not deleteable, but under the control of someone else, see what your options are to have them remove it. Email, call, beg and plead if you must.
  • Once you’ve removed what you can then start the process of pushing out good stuff. This means propagating social and search with digital content that would make your mother actually proud she spawned you. The more good stuff that shows on the first few pages of search, the more the bad stuff will be pushed down into the abyss.

If you are saying “I’m not concerned, my life is an open book, if a potential employer doesn’t want to hire me because of who I am, then I don’t want that job anyway.” Fine. But when it comes time to pay the bills, you’ve been forewarned.

You may be a college grad with a 170 IQ or a businessman with 10 years of experience, but to a prospective employer, your fishy face selfie makes you look like a tool. Be careful what you do online!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

6 Tools to protect your Privacy Online

The more advanced that communications become, the more likely your personal information is getting leaked out—every time you search the Web, send texts or e-mails, etc. Your private data is literally “out there.” However, there are six software programs to protect your privacy online.

1PExpiration date tag. Files, photos and messages are tagged with an extinguish date, then erased from your smartphone. The iOS and Android application for this is Wickr and it’s free. The only content that passes the wire is encrypted. The user’s device will encrypt and decrypt.

Block the intrusion. Where you go on the Web is tracked so that advertisers know what to market to you, but this technology is intrusive. How would you like to return the favor? You can with the free Ghostery service, an extension for the main Web browsers. It records who’s tracking your online activity, providing you information on these entities. You can instruct Ghostery to block such activity.

Multi-prong privacy features. This free program produces disposable e-mail addresses; e-mails are forwarded to the user’s main address, but a detection of spam will shut off e-mails; a login and password manager will keep track of multiple passwords and also help generate strong new passwords.

These features come with an extension for the Firefox and Chrome browser and is called MaskMe. Additional masking features come for $5/month, such as a one-time credit card number.

Easy encryption setup. If that can ever be easy, GPG Suite has made it so. With this Mac-only software, you can set up public and private encryption keys. The encrypted message, which works with Apple’s Mail, is sent by clicking a lock. The GPG Keychain Access component searches for and stores another user’s public key, plus import and export keys. The suite is supported by donations.

Stay anonymous. Today’s technology can identify you simply based on your online search history. Your search terms are retained by search engines, but if this data gets in the wrong hands, it could spell big trouble, or more likely, just be plain embarrassing.

DuckDuckGo is the alternative, as it does not record your search terms or leave them with the site you visit. It doesn’t record your computer’s IP address or the browser’s user agent string.

 VPN Use a VPN to be protected from cookies that track where you’ve visited. Knowledge of where you’ve visited can be used against you by insurance companies and lawyers, to say the least; you just never know what can happen when something out there knows your every online move.

A VPN will encrypt your online sessions with an HTTPS security feature, protecting you from non-secure Wi-Fi such as at airports and hotels. VPN will mask your IP address from tracking cookies. Hotspot Shield is a VPN provider that’s compatible with Android, iOS, Mac and PC, running in the background once installed.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Beware of the One Ring Scam

“The Ring” means more than just a dead girl crawling out of a well; it can also mean the one ring that you get on your cell phone that’s designed to get you to call back to find out who the caller was—only you’ll end up getting a charge on your next bill instead.

9DThe official name of this scam is the “one ring,” and here is how it works:

Your cell phone rings once. You may not get to the device in time to answer, and you don’t recognize the number and are curious, so you call back. You’re then connected to some chat line or international adult entertainment service.

If you answer the device while it’s still in ring mode, the “caller” will hang up, but you can still get charged simply for answering, even if you don’t call back. ($19.95 fee for an international call, and/or a $9 per minute charge).

The scam works via a computer that randomly sends out thousands of calls to cell phone numbers. And your number may be that lucky number. The Better Business Bureau warns that if your mobile rings once, don’t call back.

Apparently, this scam, committed by crooks called crammers, originates from the Caribbean Islands. If you think you’ve been crammed, contact the BBB as well as your mobile carrier. Review your bill closely for any unauthorized charges.

What if you want to answer your phone the moment it rings? If you see the following area codes from the incoming call, do not answer (remember, simply answering the call can net you a charge): Jamaica (876), Dominican Republic (809), British Virgin Islands (284), Antigua (268) and Grenada (473).

There have been thousands of reviewed complaints about this crime, according to the Federal Trade Commission and the Federal Communications Commission. And the crime of cramming is expected to get bigger.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Meeting a Stranger: Safety Tips for Online and In-Person

A simple yet comprehensive guide to staying safe when meeting a stranger in person or dealing with one online.

1SDI have been involved in the security industry for years, and one of the most common questions I get is how to be safe when meeting a stranger online or in person.

Safety Tips for Online Stranger Encounters

  • When online, give out as little info as possible.
  • If possible, meet people on sites that scrutinize their users, though even an extensive profile can be convincingly faked. Do your homework on these sites.
  • Don’t rely only on profiles. Seek out their name online to see what comes up.
  • Use a disposable e-mail address (or phone number) service or app.
  • Speak on the phone first; it’s harder for a man to pretend he’s a woman this way.

In-Person Safety Tips with Strangers

  • Use your smartphone to share where you’ll be with family and friends. There are apps that will let trusted people view where you’re at.
  • Choose more than one meeting place (well-lit, very public). This is because you may want to go to a second location if it’s a date, or if it’s a buy-sell, the other person may get lost.
  • For a buy-sell, bring someone with you.
  • For dating or business, bring minimal cash, only the amount you expect to pay for an item. Keep extra cash (for haggling) separate and unseen by the stranger.
  • If the stranger must come to your home to view an item you’re selling, leave your front door open. Try to have someone with you.
  • Do a background check on anyone whose house you’re going to (such as to clean or babysit).

Safe Strategies with Strangers

  • Never get into a car with a stranger.
  • Arrange a nearby meeting place for you and trusted friends, after your blind date or business meeting. If it’s a blind date, your friends could be across the street having dinner; only one text message away.
  • Stick to your meeting place plans; don’t veer off-course.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

VPN for Online Security: Hotspot Shield

Online users need a VPN (virtual private network), a kind of service that gives you online security, and Hotspot Shield’s service has a free version. A VPN hides your device’s IP address and interferes with any company trying to track your browsing patterns.

7WMany online companies take peoples’ data without their authorization, and then share it with other entities—again without the user’s permission. A virtual private network will put a stop to this invasion.

Thanks to the fiasco with Edward Snowden and the political messes happening in Venezuela and other parts of the world, many people are turning to VPN services like Hotspot Shield. When you surf the ‘Net on a public network (including using social media), your personal information is up for grabs in the air by vultures.

Why is VPN online security important?

Your personal data is out there literally in the air, to get mopped up by Internet entities wanting your money—or oppressive governments just wanting to snoop or even block internet access to the rest of the world. If you use your device when traveling, you’re at particular risk for suffering some kind of data breach or device infection.

The unprotected public networks of hotel, airport and coffee house Wi-Fis mean open season for crooks and snoops hunting for unprotected data transmissions. The VPN protects these transmissions of data.

In fact, Hotspot Shield was used to escape the prying of government online censors during the Arab Spring uprisings. This VPN has been downloaded hundreds and hundreds of thousands of times.

This VPN service comes with periodic pop-up ads and some banner ads for the free version, but the $30 per year version is free of ads and has malware protection.

What else does a VPN like Hotspot Shield do?

Users are protected from cookies that track where the users visit online. If your online visits are getting tracked, this information can be used against you by lawyers and insurance companies. And who knows what else could happen when tech giants out there know your every cyber move.

More on Hotspot Shield’s VPN

  • Compresses bandwidths. All the traffic on the server side, before it’s sent to the user’s device, is compressed. This way users can stretch data plans.
  • Security. All of your online sessions are encrypted: HTTPS (note the “S”) is implemented for any site you visit including banking sites. You’re protected from those non-secure Wi-Fi networks and malware.
  • Access. Think of the protection as a steel tunnel through which you access the Internet.
  • Privacy. Your IP address is masked, and so is your identity, from tracking cookies.

Hotspot Shield is compatible with iOS, Android, Mac and PC. It runs in the background once it’s installed and guards all of your applications.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.