Posts

Here’s How You Can… Almost…Delete Yourself Off of the Internet

Whether you like it or not, companies like Facebook, Google, and Amazon all have a ton of data about you, including social connections, health information, and things you like or dislike. These companies usually use this information for advertising and marketing purposes, other companies out there also are collecting information on you to influence you politically, and you probably don’t want them to have it.

Here’s How You Can... Almost...Delete Yourself Off of the Internet

The bad news is, that it is next to impossible to totally delete yourself from the internet. Keep in mind that if your data has been hacked, such as usernames and passcodes on sites that were breached, that data will live on the dark web forever. Check if your email, as a username was compromised on my site here: https://protectnowllc.com/hacked-checker/ The good news, however, is that you can remove a lot of your data if you put a little time and effort into it. Here are some steps to follow:

Opt-Out When You Can

You probably wouldn’t be surprised to know that collecting and selling consumer data is a big industry. In 2019, Vermont passed a law that required any company doing business in the state and buying and selling third-party info to register. More than 120 companies went through the process, and they collect information such as names, DOBs, addresses, education level, buying habits, and yes…. even Social Security numbers.

Some of these companies might be familiar to you — Oracle, Equifax, Experian, Acxiom, and Epsilon are some of them. There are data brokers that allow people to opt-out of this type of data collection, but it can be difficult to figure out how to do it. You may have to fill out a form online, send them an email, or even send in other identifying information.

There is an organization that can help – it’s called the Privacy Rights Clearinghouse. Here, you can access a database of more than 200 different data brokers, and you can see information on whether or not you can opt-out. You can also take a look at YourDigitalRights to get opt-out forms for the top 10 biggest data brokers.

Ask Google to Remove Your Personal Info

Another thing that you can do is to ask Google to remove your personal contact info from search results. You can remove your home address, your phone number, and your email address.

You can get started with this by going to this Google Support site to begin the process. Here, you can submit up to 1,000 URL’s that include information about you, and it will be removed from Google search results.

This doesn’t happen automatically. The company will review the request, and then contact you if more information was necessary. Once everything is in place, Google will let you know if it will approve the request. Some things, like public record or news articles, will not be removed, and people can still find this information by searching a name.

Also, keep in mind that just because your information is removed from Google, there are other search engines out there.

Get Rid of Old Accounts 

If you really want to minimize your online presence, deleting any accounts that you no longer use can be a real help. Did you have an account on MySpace? Try to delete it. Did you blog on Tumblr during high school? Scrap it.

Though it’s easy to delete a lot of these old accounts, it’s also pretty time-consuming. Start by making a list of any old accounts you can remember, and then go through them one by one. You will have to go to each site, and then figure out how to log in and then delete the account. To make things easier, you can use a site called Justdelete.me, which will point you to the page where you can start the process.

You also might want to search for your name, email address, or other information to see what comes up. If you see posts that come up, you may be able to contact the site administrator to remove the information.

Clean Up Your Online History 

If you don’t want to delete old accounts, that’s totally fine. However, you can still clean up some of the old data that may be stored online. For instance, your Twitter or Facebook timelines may have old messages on them that you don’t want to get out in public. You can also do similar with your email account.

Data that is posted publicly, like text or photos, is much more easily found than other information, but make sure prior to deleting, that you are backing these things up if you may want to ever access it. Almost all social media platforms have a backup option in settings that you can use to do this.

For those who want to get rid of old tweets in bulk, Twitter doesn’t let you do that. However, other programs like TweetDelete and Tweet Deleter will get rid of it. It’s not free, however, but once you do it once, at $5.99 a month for Tweet Deleter, you can cancel after that first month. Also, remember, that when you give third-party service access to your account, they can access information that is within those accounts, like direct messages. Alternatively, if you don’t use your Twitter account, just delete it.

Facebook posts are a bit different. Google, for instance, won’t post information from individual Facebook posts online, but if you want to do the most possible to remove your history, you can go into your account and delete them. You can make it a bit easier by checking out the Activity Log, and then choosing what you want to delete. Alternatively, if you no longer use your Facebook account, you can delete it.

Pay Someone to Do It 

Of course, there is a market for anything, and if you don’t want to spend the time to do all of this yourself, you can definitely hire a company to do it for you. These third-party data removal companies will do the time-consuming job of removing your data from the internet. Some, like DeleteMe, can attempt to remove the data from brokers who are selling your info. Others, like Jumbo, can give you an alert when there are data breaches that your accounts might be a part of, or it can be set to delete social media posts after a certain period of time.

Preparing for the Future 

As you can see, it’s probably possible to remove some of your information, but once a lot of it is out there, it’s nearly impossible to remove it all. However, the future is yet to be written, so there are some things that you can do to protect yourself in the years to come.

First, consider what type of information you really want to put online. When you sign up for a new account, consider what type of information you are comfortable sharing, and if you can, consider using a burner email account. This is an account that you can use to sign up for new accounts that are different from your actual email account. That way, when you start getting all of the spam, it goes to this account, and not your main account. Additionally, if this account gets compromised, it’s not a huge deal, assuming there is no identifying information kept in it.

You also might consider not using the “big guys” for your online browsing. For instance, you can choose a web browser that is not Chrome or Safari-like Brave, or a search engine that isn’t Google, like Duck Duck Go. You also should truly understand what type of information is shared by the apps or programs you are using.

Finally, you need to talk to your family and friends. If you really want to be invisible online, then you should make sure everyone knows. Most people will be considerate of your request. It’s a respect issue these days, and there could be many reasons why you don’t want your current location or photos of yourself posted to social media sites. Tagging you in things should also be avoided.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Keep Your Parents’ Computer Secure: Remotely

If you are like many, you are more technically inclined than your parents. So, they might want to rely on you when they have computer issues. But you can alleviate many of these issues by keeping their device running smoothly, and you can do this all remotely. Here’re some tips:

Teach Them to Fish

Digital literacy might be one of the single most underappreciated aspects of technology. And the more digital literate you and your parents are, the easier your digital life and even your physical life will be. As they say, “Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime”.

So whether you are working on their computer remotely or on site, require them to watch. But be patient, because you can’t expect him to embrace tech the way you do. Nobody is wired the same.

Install Tools Remotely

  • Use a program like Teamviewer, which allows you to connect to your parents’ computer remotely.
  • You can do the work yourself and stop having to give them direction over the phone.

Back Up the Data and Schedule Future Backups

  • It’s best to create more than one backup. In fact, create three.
  • Put these backups in different forms. Save one in a flash drive, one in DropBox or other cloud-based back up. PolarBackup is a very cost effective option. And one on an external hard drive. A Western Digital one terabyte drive is very inexpensive on Amazon
  • Set future backups to occur automatically once a day using a syncing software such as “Goodsync” google it.

Update Operating Systems

  • Set up an automatic update for the operating system. Set this for the middle of the night.
  • Do all updates, even if you think you won’t need them.

Ensure the Computer has Antivirus Software

  • Every device should have antivirus software.
  • Update this software regularly.
  • Run a system scan when you update the software.
  • Free software isn’t great. Pay a little to ensure absolute safety.

Uninstall Any Program They Don’t Need

  • What programs don’t your parents need or use? Uninstall them to speed up the computer.
  • You can download programs like Decrap for Windows, which will remove “crapware” that you don’t need.
  • You can also download Revo Uninstaller if they use Windows or AppCleaner if they use a Mac. They will get any residual things out that Decrap didn’t get. CCCleaner works pretty good, too.

Update All Extensions and Browsers

  • Modern browsers automatically update, so it’s better to make sure there is a good, updated browser on your parents’ computer. Chrome is a good option that automatically updates. Brave is good too, but it sometimes gets hung up on certain websites. Which can be frustrating.
  • Delete any plug-ins or extensions that are not necessary. Make sure that the ones you leave are legitimate. If they are old or outdated, update all of these extensions.

Automate Anything You Can

  • If you can automate something on your parents’ computer, you should.
  • You can automate backups, so do it.
  • You can automate a lot of things, so look into as much as you can.

Improve Speed

  • Run a bandwidth test online at SpeedTest.net
  • This will give you a good idea of what the baseline speed is, which is good to know in case Dad calls and says his computer is running slow.

The best thing to do is to do all of this on your own computer first. It’s even better when your parents devices are running the same operating system as yours. It just makes things more familiar to you and easier.  Have all your backup software on a thumb drive. This way, you have the software readily available, and you know how to do it when you go to do these things on your parents’ computer. You can also set up a Google doc with all of the software keys and passwords. All of this can help you, too, and by taking these steps, you can help to keep yourself and your parents safe from ID theft.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Are Your Devices Spying on You? Here’s How to Stop It

Though you might not realize it, your electronic devices are probably spying on you. These things, like your cell phone, know everything from what you are reading to where you are at any given time. How do they know it? Well, many times, you actually give the device and its apps permission to collect the information. . And while some of the following instructions are somewhat “limited”, setting up privacy requires a little bit of digging. So, dig in ! Here’s how to stop it:

Stop Your Laptop from Spying

Windows

Do you use Windows? If you do, you can limit what you share by going to “Settings” and clicking “Privacy.” Here, you can enable or disable settings for the apps you have on your laptop. You have to do this each time you install a new app.

Macs

Are you using a Mac? If so, you can definitely limit how much information you send to Apple by clicking on the Apple menu, choosing System Preferences, and then Security & Privacy. In the “Privacy” tab, you can see information on what apps can share. When you click “Analytics,” you can see more. Keep in mind that if you install a new app, you need to do this again.

Chromebook

Google is well known for its love of collecting data, so if you have a Chromebook, you should really pay attention. Go to “My Activity,” and then delete anything you want. You can also stop some of the devices data collection by choosing “Manage Your Google Activity,” and then clicking “Go to Activity Controls.”

Phones

As with laptops, you can do the same with a cell phone.

Android

If you own an Android phone, choose “Google,” and then choose “Personal Info & Privacy.” Then choose “Activity Controls.” There, you can choose what to share. As with the laptops, you have to update this each time you install a new app.

iOS

If you own an iPhone, you can find a Privacy setting when you look at the Settings menu. Open this, and then click on “Analytics.” This allows you to see what you are sharing with Apple. You can easily toggle it all off if you like. For every app, you can go back to the “Privacy” settings, and then check these settings for every app you have on your phone.

Fitness Trackers

You might be surprised to know that your fitness tracker could also be spying on you. Apps like FitBit and Strava are controlled through the Privacy and Settings options on your phone, but there is more you can do, too.

FitBit

On the FitBit app, you can tap on your profile, and then the account name. Tap on “Personal Stats,” and then “Settings” and “Privacy.”

Strava

On the Strava app, click on “Menu” or “More,” depending on what type of device you have. Then, choose “Settings” followed by “Privacy Controls.”

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Security Appreciation: Cyber Security

Awareness; knowledge or perception of a situation or fact.

Appreciation; a full understanding of a situation.

Cyber Security Appreciation

“My business has been hacked. Now what?” Here are the steps you should employ immediately.

Hire a Professional – When a business is hacked, it is entirely possible they were compromised because they did not employ technicians to prevent it in the first place. Therefore 3rd parties that specialize is security and breach mitigation should be contacted immediately. These IT security professionals specialize in prevention and containment. Their role proactively is to seek out vulnerabilities by utilizing vulnerability scanning software to seek out points of entry and patch those vulnerabilities prior to an intrusion.

Change and Reset Passwords – Many hacks begin with compromised passwords. Easy to guess/easy to hack/easy to crack passwords make the hackers job, well, EASY. Never using the same password twice, and utilizing upper case, lowercase and characters along with using a password manager ensures password security.

Update All Software – Begin by scanning all hardware and software with anti-virus programs and removing viruses. Vulnerabilities are often due to outdated software or operating systems riddled with flaws. Updating with critical patches eliminates these threats. Maintain redundant networked hardware systems in place, backed up data, contingency plans to put duplicate systems online immediately following a breach.

Update Your Companies Hardware – Old outdated hardware simply can’t keep up with the requirements of newer robust software or the security software required to keep networks secure.

Back Up All of Your Data – You have to make sure that you are regularly backing up data to a secure location. This data should also be encrypted.

Manage All Identities – Make sure that you are managing identities and access to accounts. You must do this across the board, as just one account being accessed could make you or your network extremely vulnerable.

Utilize Multi-Factor Authentication – You can use multi-factor authentication to keep accounts protected, too. This means every time a device or an online account is accessed, an additional text message must be sent with a one-time pass code or a one-time pass code sent to a key fob. There are hardware devices available that are also forms of second factor or multi factor authentication.

Security Awareness Training – Assuming employees know what to do and more importantly, what not do, is risky. Providing effecting ongoing security awareness, and in the authors opinion “security appreciation training” is partnering with employees to protect the network.

Patching – Set up a system so that you can always ensure that your hardware and software is always patched and updated on a regular basis. This helps to keep your data safe.

Align Your IT Security with Other Business Security – Those who are in the IT industry often feel as if they are struggling to keep up with changing technology, including security tech. The success of a business is based on keeping it secure, and keeping all types of security in mind including IT security, has a direct impact on revenue.

Recognize Social Engineering Scams – Every time the phone rings, every time an email comes in, every time an employee opens up a US postal letter, be suspect. Criminals contacting you or employees will try to bamboozle them with gift card scams, utility bills scams, invoices for products and services, you name it. There are thousands of scams designed to fleece consumers and small businesses.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Avoiding Online Dating Romance Scams

Not too long ago, I heard from a friend, and he told me his mom was scammed. I was immediately intrigued. He goes on to tell me that since his dad died last year, his mom had signed up for online dating. My friend told his mom that online dating can be dangerous, but she blew it off. Soon, she met a man. He was a Sergeant in the US military and stationed in Afghanistan. They exchanged a lot of messages, and soon became close. One day, she got a message from him saying that he had found a large sum of money and he needed help getting it back to the US…and in only three months, he scammed her out of $242,000. Then…he disappeared.

Online DatingThis is only one of the thousands of stories out there. Scammers know that people looking for love, especially women, can be more vulnerable than others. Another guy I know of was meeting women on social media. He was charming them after sending them messages via their inbox, and ultimately tricking them into giving up their personal info. With this, the guy was able to open new lines of credit in the names of his victims.

Preventing Romance Scams

 Here are some tips to stay safe if you are going to date online:

  • Be suspicious of anyone who tries to impress you with romantic or statements that seem cliché.
  • Once they start talking love and marriage and achy breaky hearts and wanting to be with you and I love you this and I love you that, chances are it’s a scammer.
  • Remember, women can be scammers, too.
  • Be wary if the guy you met online keeps showering you with too many complements. He’s trying to be charming but might not have the best of intentions.
  • If you meet someone on a dating site, and they immediately want to exchange numbers after the first message, be cautious.
  • If someone you are newly dating asks for money, run.
  • If they want to come visit you, but then ask you to pay, it’s probably a scam.
  • Don’t talk about how much money you make or have. If he or she keeps asking, tell them you are on a very tight budget.

Who are these scammers?

Well, they might be part of scamming rings, or they might be working on their own. They are probably from a foreign country, and they almost always portray that they have some type of prestigious or exotic job, and in some way, this job is often connected to the scam. If the person says that they have a normal job, don’t get too comfortable. They still could be a scammer. They then will make up an illness or an injury and tell you that they need money.

Protecting Yourself

 Now that you have read this, you should know how to protect yourself from these types of scams. If you don’t, read this article again. Finally, here is one more trick. Right click on the person’s photo, and then click “Search Google for this Image.” If you see the image on another person’s Facebook profile, or if it’s a stock image, you should run for the hills.

None of this is difficult to understand, and it’s all common sense. But, as stated before, common sense can go right out the window when romance is concerned. So, try to have some smarts as you begin a relationship with anyone. Ask questions, don’t take anything at face value, and most of all, share this post to help other people become aware of these scams.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Keeping Your SMB Bring-Your-Own-Devices Secure

If you have a small or medium sized business, it is likely that you have staff who are bringing their tablets, phones, iPads, and laptops to work every day. However, all of this puts your business to risk as they can also bring malware into your network.

On top of this, any of these devices can be lost, misplaced, or stolen. Since its extremely likely that your staff are using these devices for their work, think about all of the information that could be on there about your company…and it happens because Joe in accounting left his cell phone on the counter at a local coffee shop, and a hacker picked it up.

Also, think about this: depending on how successful your company is, there also might be a list of clients found on the devices, or at least a few. Now, someone has access to your clients, and what is stopping them from contacting your competitors and sharing your sensitive company information…for a price, of course.

Hacking also often involves the act of phishing where an employee will open up an email and then click on a link or open an attachment. When this happens, malware is unleashed, and the device and network is at risk.

Here are some tips to keep devices secure that you can share with your staff:

  • Only use apps that have been purchased from a reliable source like iTunes or Google Play.
  • Do not reuse passwords and use a different password for each login that you have.
  • Keep all apps and operating systems updated. Any update that comes in should be downloaded and installed immediately. Don’t choose to update later, as this is a great opportunity for hackers to get into a vulnerable app.
  • Start using anti-virus software. These apps can be found in iTunes or in the Google Play store.
  • Be cautious when installing anything with a “free download.” Sometimes viruses and malware can be found there, and they can get out onto your network before you know it.
  • Choose the feature where device passwords are protected and wiped clean after a certain number of log-in attempts.
  • Make sure that all staff understands that free Wi-Fi spots are not secure. So, they should be using a VPN anytime they are trying to connect to a free Wi-Fi network.
  • Phishing scams are becoming more common than ever before, so make sure that your staff knows how to recognize scams like this.
  • Don’t trust email addresses that you don’t know and don’t trust any email that claims it is coming from the CEO or Board of Directors unless it’s an email that you can verify.
  • Do not use any device that is jailbroken. This opens it up to too many viruses.

Understanding MDM

Mobile device management software, or MDM, should be used. This software helps to protect devices, and it is a safety net for any type of business or personal device. For instance, if a mobile device is lost and the person who finds it tries to enter the passcode a certain number of times, the device will lock out the person doing it. You can also set it so that the entire device is erased if there are too many login attempts. MDM also offers firewall protection, encryption, and antivirus capabilities. Additionally, it can monitor the system to add another level of security. There should be a policy in place that every employee must use this software on their device, or they can’t use it.

Utilize Additional Experts

“Do it yourself” information security for small business in theory might seem to save a few bucks. But in the long run it might cost your small business a lot more. Engaging experts such as Managed Security Service Providers, or for smaller businesses, also known as a Virtual CISO’s (chief information security officer), can run the most comprehensive vulnerability scanning software among other ethical hacking tools, will make sure bad guy hackers can’t get in and make a mess of all you have worked for.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Understanding Familiar Fraud

Have you heard the saying “familiar fraud?” If not, you should. This is a crime that is as old as they come; essentially, it’s a crime where someone is taken advantage of by someone they know. For instance, a woman named Axton Betz-Hamilton had her entire savings account drained and the person responsible was unknown…that is until Axton’s mother passed away, and it was discovered that it was her, Axton’s own mother, who had drained the account.

credit fraudIt’s believed that familiar fraud is not often reported, likely because victims of these crimes think that police won’t take them seriously, or that it will negatively affect their relationship with their family. There is also the fact that, in many cases, these crimes go undetected because people just can’t believe a member of their family would do something like this.

As you might imagine, the fallout of familiar fraud can run deep. Think, for a minute, how it would feel to find out that your best friend of 30 years has stolen your identity. Something similar happened to a man named Thomas Nitzsche. He hired his cousin to remodel his bathroom, and he gave his cousin his credit card. What did Thomas’ cousin do? He took the card, bought a bunch of merchandise, and then he sold the merch on the streets.

Even when this happens, it’s common for people who learn that they are a victim of familiar fraud to want to naturally protect their loved ones. This might be due to protecting relationships or to avoid backlash from others. There is also the fact that your family might not believe you when you tell them your sister or your father has been stealing from you.

What Should You Do?

 If you think that you are the victim of familiar fraud, you should do the following:

  • Do your best to keep your emotions out of it.
  • Keep an eye on your credit report. You should also place a fraud alert or better, get a credit freeze on your credit file.
  • Think about resolving things without police intervention if it is pretty minor.
  • If not, you might want to contact the cops, but think about the pros and cons of this.
  • If you do report this, expect some turmoil within the family, but also realize that you are protecting your credit.

If you file a police report, you will also be able to get an extended fraud statement, which can last for seven years. This may or may not mean you won’t be responsible for any charges. Lenders sometimes look at familiar fraud as an approved purchase and will not negotiate forgiveness.

Other Safety Measures 

  • Each month review your credit card statements.
  • If you see changes, even small ones, you should report it immediately
  • Don’t give out your debit or credit card to your friends or relatives. If you want to give them money, give them cash.
  • Set up push notifications or push alerts so you are aware of charges in real time.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

What the Equifax Data Breach Can Teach Us About Security Fatigue

If you buy anything, anywhere, you are at risk of a cyber threat. Though you probably know that cyber threats exist, if you are like most of us, you don’t’ know what to do when it comes to being safe online, and if you become a victim, you really don’t know what to do. This is all important as we prepare for the next big breach like the one that happened with Equifax. If you use credit, you are a potential victim here.

According to Equifax, more than 147 million people were affected by the breach, and most of us had or have no idea what we can do about it, or how it might affect us in the future. On top of this, when we look at statistics, we can see that almost 27 billion…not million, but billion…additional records were exposed due to data breaches in 2020, and things are only going to get worse.

The issue is that people are frustrated, scared, and confused, and because these cyber-attacks are so common now, people are just getting apathetic about it. Of course, this is very dangerous. Additionally, there are other issues, too, specifically “security fatigue.”

What does this mean? It means that people just want nothing to do with worrying about computer security at all, and they get annoyed when they hear all of the rhetoric that comes from security experts like “keep an eye out for blah, blah, blah.”

Cyber Attacks are More Common Now Than Ever in the Past

It should be no surprise that cyber attacks are more common today than they were in the past. That also means that the chances of becoming a victim of identity theft are higher. Internet fraud is playing a big role in this, but it’s not just human error and bad passwords that are causing this. Instead, it’s the lack of people doing anything to stop it. And here’s the thing…if you think it can’t happen to you, you are wrong.

Tips for Protecting Yourself Online

It is not difficult to protect yourself online. Here are seven tips to keep yourself safe:

  • Download a program for your browser that tells you if a site you are going to go to is dangerous. These can be seen right from your browser, and if a site is safe, you will immediately know. A full suite of antivirus should include a browser plug-in to serve this purpose.
  • Keep your passwords safe with a password manager. It is very important to use a different password for every account.
  • Get some type of ID theft coverage through your employer, your bank, or other business. It’s not easy to 100% fully protect your identity, but using something like this can make things much, much easier.
  • Set up two-factor authentication and text alerts for sensitive accounts like bank accounts, email, and social media.
  • Freeze your credit. This way, a scammer can’t open any new accounts in your name.
  • Learn more about common internet scams. You should understand what ransomware is, phishing, scareware, and more.

One of the biggest things you should take away from this is to understand that if you become a victim of something like this, it doesn’t just affect you; it also can affect your family, friends, co-workers, and more. Yes, it might be annoying to some to have to take these steps, but it could be the difference between staying safe and becoming a victim.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Is Your Privacy a Concern with Biometrics?

When people started using biometric identifiers, many believed that it was all of the security that we needed. However, that was around 15 years ago, and we are still having security and privacy issues. As biometrics become even more common, the chances of hacks are becoming even more common!

Years ago, biometrics was used primarily to fingerprint criminals. Government agencies then started using biometrics to identify federal and state employees, and corporations soon followed. Now, everywhere we look, we can see the use of biometrics in action.

One of the ways that we commonly use biometrics is to access electronic devices, and many of us use biometrics to clock in at work. With all of this use, however, do we have something to worry about?

How Biometrics Have Grown

We are definitely expecting the use of biometrics to skyrocket over the next decade. In fact, estimates are that we could see more than 500 million new scanners being installed. Everywhere we look, there is some type of camera or scanner, but most consumers don’t seem concerned. In fact, a recent survey shows that around 80% of people are more confident in biometrics than they are with passwords…but this is a false sense of security that could pose a big problem.

You Are Not as Secure as You Might Think

 Think about this for a minute; if your password gets stolen, you get a notification that you need to change it. This can be done over and over again with a new password. However, with biometrics, if a hacker accesses your information, there is nothing you can do. They have it forever, and you can’t change your eye scan nor your fingerprint.

Attacks are Here

 Hackers are continuing to get smarter, and they are finding more ways to steal your info. There are more and more attacks that include biometric information, too. Just a couple of years ago, a report from the Office of Personnel Management showed something quite frightening.It reported that millions of government employees had their fingerprint scans stolen. I was actually a victim of that crime as a member of the US Coast Guard Auxiliary.  It is believed that the Chinese government was behind this, and it wasn’t a simple little attack. Many of these people had all 10 of their scans taken, and all of them are still vulnerable, today. Remember; you can’t just change your fingerprints! With this type of a hack, identity theft protection will not help here. But, it’s still good to have that type of protection.

How to Fight Back

Though there are plenty of people who don’t feel very secure with this, it is very important for those who choose to use a biometric scan to know that companies and government agencies must be held responsible with their biometric information. These organizations must do all they can to ensure that these scans remain secure.

Let’s look at Touch ID from Apple. Most people think that the image of your fingerprint is actually stored on your phone. This isn’t the case, though. Instead, it only stores a mathematical representation of your fingerprint. This means that it is totally impossible for someone to create a copy of your fingerprint from this representation. On top of this, there is a chip in these devices that include Secure Enclave, which is an advanced security concept, which protects fingerprint data and passcodes.

This is what companies and the government needs to do when using biometrics, too.

When there is any technology that requires biometrics, consumers must be sure that they are insisting that their information and scans are safe. You don’t have to be afraid, but you do need to be safe, just like you would be if you were doing online banking.

Now that you know all of this, do your loved ones a favor and share it with them. The more people who know, the more we, as a population, are educated and prepared.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Wire Fraud: How Criminal Prey on the Real Estate, Construction, Manufacturing and Art Industries

In any industry where money is transferred or large bills are paid,the door is open for hacks. In manufacturing they pay large vendors for all materials and sometimes overseas. In construction developers pay contractors huge sums of money for labor and materials. You might be buying a home or an expensive piece of art, and either way, these transactions are typically not done in cash. You might think that in well-established industries such as the real estate industry, construction and manufacturing, there are checks and balances, but this isn’t totally the case. The same goes for the art industry.

Most of us won’t be buying multi-million-dollar pieces of art imported from Italy, but many people reading this will buy a home.

As we look at the home buying process and scams, the information is pretty frightening. The Internet Crime Complaint Center, which is part of the FBI, released a report that showed email fraud in the real estate industry rose more than 1,110% from 2015 to 2017. The amount of money lost in real estate fraud rose approximately 2,200%. What does this mean? It means scammers are more efficient than ever before. In 2020 that number jumped another 13%. Recently in a real estate transaction a psychology professor at UC Berkeley, wired $921,235.10 to scammers.

In 2017, almost 10,000 people reported that they were a victim of fraud and identity theft during real estate transactions, and in total, the money lost topped $56 million. Only recently has the real estate community been paying attention to this, but it’s just not enough. Again, the same thing can be said about the art world. Both of these industries are having big issues with fraud.

The Story You Have to Hear

 Every once in a while, I meet someone in my travels who seem to have the perfect life…or at least I would consider it to be pretty great. These people are smart, they have made the right choices, they have worked hard, and they have reaped some amazing awards. A couple of years ago I met a married couple who had this perfect life. The guy was literally into money. His job was to not just handle investments for companies, but for actual countries. He brought in huge commissions for this work, and the pair could literally buy anything that they wanted. However, this also made them a target for scammer.

With all of the money they had, the couple soon got into a new hobby: collecting fine art. Though I don’t know a ton about art, I can tell you that their collection was pretty amazing. They primarily collected at type of art called hyperrealism. Essentially, artists who work in hyperrealism create paintings that look like photographs. Look it up…it’s very cool.

Long story short, the guy decided that he wanted to buy a new painting. It had a price tag of $200,000, and he did this via email. Now typically, this is where alarm bells might go off, but the guy didn’t think this was weird, as he had done it like this several times before. This time, though, things were different.

You see, as he was emailing with the gallery he purchased the paintings from, a hacker was able to intercept the emails because the gallery got hacked. Instead of wiring the $200,000 to the gallery, he wired it directly to the hacker.

Keep in mind, this guy was in finance, and people in this industry are specifically conditioned to know about risk. After talking about it later, he said that there were a couple of things in the emails that could be a sign that something was wrong, but again, doing transactions via email is pretty standard in the art industry as it is in real estate.

Thankfully, his bank noticed the transaction because the account that he wired to was brand new, and the system his bank used was set up to flag any transactions that go to a new account, especially with that amount of money.

Once his bank got in contact with him, he immediately contacted the gallery and they confirmed that they had not gotten the money, and instead, it was probably a fraud. Of course he panicked, and thought his $200,000 was about to vanish. He called anyone and everyone he could think of to stop the transaction.

Finally, he realized that his company had a connection to someone higher up at the bank. He was able to get a personal call in, and they were able to stop the wire from completing. He was very lucky, but not everyone is.

Understanding How the Hack Works

 Though scammers have options at their fingertips, they do tend to like this hack, and they use it to target collectors, art galleries, manufacturers, construction companies, developers, and of course real estate companies, and more. So, if you work in these industries, or you interact with people in these industries, make sure you keep your eyes open.

Essentially, these hackers get information from data breaches, which give them email addresses and passwords from millions of people. So, when the art gallery sends an invoice to the art collector via email, the hacker realizes it, and they will step in.

The hacker takes on the persona of the dealer, the real estate agent, the developers bookkeeper, or the construction companies accountant, and comes up with a story that the client might believe, such as they need to issue a new invoice because there was a typo on it, or they need to change the instructions that the client must follow. They do this so that they can justify a change in the wiring and might even say that they can offer a small discount for the inconvenience. Usually, the buyer or the admin is happy to do this, and once the money is sent, the hacker collects it and disappears.

Victims of These Scams

 When we look at these scams, both the buyer and the seller, and all the companies involved are victims here. They are all left in the dark, and the hacker hijacks the communication. In other words, they control the emails, and they play both of the parts. In the art industry, for instance, when the gallery sends an email to its customer, the hacker intercepts the email and pretends to be the customer. The same thing happens when the customer sends an email to the gallery.

Since the hacker does this, there is plenty of time to cover their tracks and disappear. In the meantime, time and money is lost, and in some cases, the art gallery has even had to shut down for good.

Tips to Keep You Safe

If you work in any of these industries, keep these tips in mind:

  • Email account passwords should be very strong and unique. Don’t ever use the same password for more than one account. When creating a password, use uppercase and lowercase letters, and mix them with characters and numbers…and change them frequently.
  • Use password manager software and have a different password for every account.
  • Set up two-step authentication for your email account. When you log in, you will get a one-time password to your mobile phone, which means someone would need your password and your phone to get into your account.
  • Use an escrow service if you are sending large sums of cash.
  • Pick up the phone and call to confirm every step of the transaction.
  • Keep your anti-virus software updated.
  • When you send an invoice through email, text or call the recipient to check that they got it and that the account number is correct.
  • Talk to your staff about the importance of security, and make sure they understand what phishing scams are. Also, teach them not to click on any attachments or links in an email unless they have confirmed and verified the link or attachment by phone.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.