Posts

Beware of those hackable Holiday Gifts

If you’re going to drone on and on about how you got hacked by a cyber thief, maybe it’s because you played with your new drone—you know, those rad little flying devices that hover via remote control over your street? Yes, they are hackable.

5WIf you don’t have a drone, don’t be surprised if you get one as a gift this season, as Americans are spending tens and tens of millions of dollars on them.

First off, if you spot a drone, before you go, “Wow, cool, there’s a drone! Kids, come look at this!” consider the possibility that it’s spying on you.

Drones can be connected to the Internet and also have a camera—two ways the cyber crook could spy on you. If something is connected through Wi-Fi, it can hacked, and this includes wireless Bluetooth.

So this means that your drone or your kids’ drone could get hacked into. To guard against this, you must continually keep its firmware updated, and use a password-protected Wi-Fi.

So even though the drone is your nine-year-old’s “toy,” it’s a potential gateway for hackers to slither their way into your bank account, medical records and online accounts. And since the drone can be the hacker’s portal, so can your child’s other remote controlled, Wi-Fi connected devices.

Every device, even a remote controlled car that’s connected to Wi-Fi, should at a minimum have the latest software updates or in some cases have security software to protect against viruses and other malware and also phishing scams.

And it’s not just thieves who want to hack into your personal affairs to get your money. A hacker may be a pedophile, seeking ways to find victims.

A hacker could get in even through an application you just downloaded. Before downloading anything, you should read what the app has access to. You may be unknowingly granting permission for the app to access e-mails or turn on cameras.

Anything that’s “smart” – not just the smartphone, smartdrone, Ebook or tablet – can be a portal to a cybercriminal. This means that smartwatches are on this list. So are those fitness trackers you put on your arm. A hacker could get into your phone via that device on your upper arm that’s tracking your heart rate.

So before you do the “cool!” thing, first do the “security!” thing. Be mindful of what you purchase and the measures you take to protect it.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to kick People off your Wi-Fi

If someone is “borrowing” your Wi-Fi service, there’s more to this than just the nerve of someone secretly mooching off of you.

2WTheir use of your service could interfere with bandwidth and mess up your connection. If they’re a bad guy hacker or even a skeevy child porn peddling pedophile and get caught, it can be traced to your connection—and you will have a lot of explaining to do to the authorities when they bang on your door at 4am with a battering ram.

How can you tell if someone’s riding on your signal?

  • Log into your router to see what’s connected.
  • For less techy people, use the free Wireless Network Watcher to get the list of connected devices.
  • Do all the devices on the list belong to you? Any that don’t? Ones that don’t are thieves. You will not know, of course, how often they mooch off you unless you bring up the list regularly.
  • Make a record of this device/gadget list (or take a screenshot).

How do you figure out whom the user is?

  • Their devices name may coincide with their real name, address or other identifying information.
  • But knowing who they are isn’t important. Just encrypt your Wi-Fi network, as this will usually stop the mooching.

Encryption is key.

  • Keep in mind a savvy Wi-Fi thief can get past WEP encryption. If this is the case, change your password and make sure you are at least on WPA encryption. Then recheck the device list.

Upgrade and update.

  • Unfortunately, many routers have security flaws and hackers can still sneak in through a backdoor in your router.
  • Make a backup of your settings, take screenshots if necessary. You will need to reset the router to factory settings, update all software and firmware, and then set things up all over again.
  • Bear in mind that changing the encryption password means you will have to update the password on every one of your devices.

What if there’s no intruder but your connection is still slow?

  • Evaluate your Internet speed: Do a search for “internet speed test” and see what you are supposed to be getting.
  • Check your “throughput”. Throughput is the measurement of data speeds within your home network. You can check your throughput with numerous online tools. This will show if your Wi-Fi speed is slower than the Internet speed.
  • Determine how many devices your router will support. Some routers bog down after 5-7 devices. Many homes may have as many as 10-20 devices connected and not realize it. If so, you may have too many devices in the household. Disconnect all but one, then check the speed. If this is the cause, then you need a new router that can handle multiple connections.
  • If you only have a few devices connected, however, then you may need a modem upgrade or router upgrade. Consumers already know their devices constantly need upgrading so shouldn’t be surprised that their modem and router need to be swapped out every couple three years.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Why use a VPN?

If you want to be a pro at privacy, here’s a tip: When it’s time to go online, whether it’s at an airport lounge, coffee house, hotel, or any other public Wi-Fi spot, don’t log into any of your accounts unless you use a virtual private network (VPN).

8DA VPN is a technology that creates a secure connection over an unsecured network. It’s important to use because a hacker can potentially “see” your login information on an unsecured network. For instance, when you log in to your bank account, the hacker may be able to record your information, and even take money from your account.

Here are a few other important things to remember about unsecured networks:

  • It’s possible for cyber snoops to see your transactions, including email.
  • Snoopers and bad hackers can spy on the sites you visit and will know the passwords and usernames you use to access any account.
  • A Wi-Fi spot itself can be malicious, in that it was set up by a cybercriminal.
  • Even a reputable Wi-Fi spot, like that at a name-brand hotel, could be tainted. Hackers can use software to hijack Internet connections and trick users into using fake web addresses.

The good news is that you can subscribe to a VPN service for a low monthly fee. Now, if you have a VPN, you can feel at ease logging into any site on public Wi-Fi, because a VPN scrambles, or encrypts, all cyber transmissions. So to a snoop or hacker, your passwords, email messages and everything else will appear as unintelligible garble.

In addition to encrypting your transactions, most VPNs will conceal your device’s IP address. What you’re doing and which sites you are visiting will be under lock and key. This will stop companies from snatching users’ browsing habits and other data and sharing it with other online entities.

So, if your schedule doesn’t permit you the luxury of doing all your important Web surfing on your secure home Wi-Fi, and you often find yourself logging on to your bank’s site or other accounts while you’re away from home, remember that you really need a VPN. Because, when you are on an unsecured network, everything you do on your computer gets laid out on a silver platter for the cyberthugs.

Your information could be compromised, or your device could get infected and crash, wiping out all of your files.

A hacker might even threaten to wipe out your files if you don’t pay a ransom. The bottom line is that anything is possible when using public Wi-Fi, but VPNs can end all these concerns.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Back to school Tech Security Tips for College Students

Some of us remember college dorm days, when students were envied if they had their own typewriter. These days, college students must have a personal laptop computer, and a smartphone, and their lives revolve around these connected devices.  Such dependency should be proactively protected from loss or theft.  Campus security now means more than just being beware of who might be hiding in the bushes at night.

1SWhen you send your college kid off into the world, you want them to be prepared for life’s curveballs, and unfortunately, the occasional criminal too. How prepared are they? How prepared are you? Do you or they know that if they leave their GPS service on, some creep could be “following” them? Are they aware of how to lock down their devices to prevent identity theft?

For cybersecurity and personal security, college students should:

How might students get hacked and how can they prevent it?

  • They can fall for a scam via a campus job board, the institution’s e-mail system, off-campus public Wi-Fi or on social media. Be aware of what you click on.
  • It’s easy for devices to be stolen; never leave devices alone whether it’s in the library or a café.
  • Shoulder surfing: Someone peers over their shoulder in the study lounge or outside on a bench to see what’s on their computer screen. A privacy filter will make shoulder surfing difficult.
  • Be careful when buying a used device (which can be infected) and simply taking it as is. Wipe it clean and start fresh with the installation of a new operating systems.
  • If you’re not using your devices, consider keeping them in a lockbox or a hidden place instead of exposed in a shared living space like a dorm.
  • All devices should have a password protected screen lock.
  • Data should be backed up every day. Imagine how you’d feel if you lost that term paper you’ve been slaving over!
  • Get a password manager, which will create strong, complex passwords unique to every account. And you won’t have to remember them.
  • Avoid jailbreaking your smartphone, as this increases its hackability.
  • Avoid using public Wi-Fi for transactions involving money or sensitive information, since hackers could easily snoop on the data transmissions. A virtual private network (VPN) will prevent snooping by encrypting transactions.

All devices should have security software that should be updated automatically. Virus scans should be done every day, or at least no less frequently than once a week.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Don’t’s and Do’s when using Public Wi-Fi

Curl up in a chair at your favorite coffee house, the aroma of premium coffee filling the air, take a few sips of your 700 calorie latte, and then enter cyberspace. Little do you know that you could have a stalker. Or two. Or 3,000. Because public Wi-Fi is there for the picking for hackers. Online transmissions can be intercepted. The credit card number that you enter onto that retailer’s site can be “seen.”

3WDon’t Do These at a Public Wi-Fi Site

  • Never leave your spot without your device on you—not even for a moment. You may come back and still see your computer where you left it…but a thief may have installed a keylogger into it to capture your keystrokes.
  • Do not e-mail messages of a sensitive or serious nature.
  • When your computer begins seeking out a network to connect to…do not let it just drift to the first one it wants; see if you can choose one.
  • Don’t leave on your file sharing.
  • If you’re not using your wireless card, then do not leave it on.
  • Don’t do banking or any other sensitive activities.
  • Don’t position your device so that someone nearby can see the screen.

Yes, Do These when at a Public Wi-Fi Spot

  • Look around before you settle into a nice spot.
  • Sit somewhere so that your back is facing a wall.
  • Assume all Wi-Fi links are suspicious—kind of like assuming all drivers are drunk whenever you go out driving. A wireless link may have been set up by a hacker.
  • See if you can confirm that a given Wi-Fi link is legitimate.
  • Assume that if the connection name is similar to the Wi-Fi spot, that this could mean that the hacker was clever. Inquire of the manager of the coffee shop, hotel, etc., for information about their Wi-Fi access point.
  • You should consider using your cell phone for sensitive activities such as online shopping.
  • But cell phone or not, see if you could avoid visiting sites that can make it easier for hackers to nab your data—sites such as banking, social media and any site where your credit card information is stored.

Use a VPN. This stands for virtual private network. What a VPN does is create an impervious tunnel through which your data travels. Hackers cannot penetrate this tunnel, nor can they “see” through it. Your data is safe. The tunnel encrypts all of your banking and other sensitive transactions, as well as sensitive e-mail communications, plus downloads, you name it. With a virtual private network, you will not have to worry about a thief or snoop intercepting your transmissions.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

How to prevent being tracked

You worry about being hacked, but what about being tracked? Yes, there are hackers and then there are trackers.

8DInternet tracking namely refers to the user’s browsing habits being followed. But there are ways to make the trackers harder to tag behind you.

  • Duhh, a fake name. What an innovative idea! It’s amazing how many people have their real name splashed all over cyberspace. Sure, you should use it for LinkedIn, and also Facebook if you want your childhood classmates to find you. But do you really need to use it for accounts like Disqus that allow you to post comments to articles? If you want to provide feedback to a site, must you use your real full name?
  • Use a virtual private network (VPN), as this will mask your IP address and others from tracking you. A VPN will encrypt your activities on open WiFi too. Hotspot Shield is a VPN provider; it’s compatible with iOS, Android, Mac and PC.
  • Now you may think, “What’s so bad about being tracked? So what if cookies know I keep clicking on all the Miley Cyrus articles?” Well true, so what.
  • But what if cookies also find that you’ve been clicking on an awful lot of articles about heavy weight training? You’ve been doing research for an article you want to write for your latest magazine assignment or maybe your son is interested in weightlifting. What if this timeline coincides with when you’re suing someone for smashing into your car while you were in it, causing back injury? The defendant’s attorney may uncover you’ve been researching heavy weight training, and this doesn’t look good for someone claiming a bad back.
  • Before you begin browsing, make sure you’re logged out of social networks. This means finding the “logout” or “sign-out” tab and clicking its options, rather than just closing out the site tab. Otherwise, more tracking.
  • Make sure your cookies are cleared before and after browsing.
  • If you use Twitter, go to the basic account settings to a box called “Tailor Twitter based on my recent website visits,” and make sure it’s unchecked.
  • Have JavaScript blocked when filling out forms. An extension called NoScript will block companies from using JavaScript for tracking you when you fill out their forms. However, think hard before you do this, because there are so many additional uses for JavaScript, and if you have a browser add-on that blocks it, it will probably slow loading times. Techy people will know how to set up the add-on so that it blocks JavaScript only for certain companies.
  • Disposable e-mail address. You can be tracked with your e-mail address—unless it’s a disposable one. Some services provide addresses that dissipate after a few minutes, while others provide addresses for longer use. Your e-mail carrier may also provide the option of creating additional e-mail addresses by adding characters to your name in the primary e-mail, so that these additional e-mails can be used and forwarded to the original.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

The High Performance Router for a Many-Device Home

You will love the Tri-Band WiFi technology; it can connect all of your devices at the same time. The only router capable of this is the Netgear Nighthawk X6 AC3200 Tri-Band Wi-Fi Router (a.k.a. Netgear R8000).

NETGEARThis router provides three connections and has six wing-like antennas. Another feature is the ReadyShare USB. The user who’d really be interested in the Netgear R8000 is the one who has all sorts of electronics like a complete entertainment system, desktop PCs, a few laptops, game consoles, smartphones, etc.

But even if you have just five devices in your house, you may still wish to consider this high performance router to smooth out all of your connections and eliminate any hiccups. All of the gadgets can be connected, something that regular routers can’t do.

This high performing router has Broadcom’s Xstream platform, which can prioritize incoming traffic and prevents slow traffic from impeding fast traffic.

Some Key Specifications

  • Selects the fastest Internet connection for every device
  • Memory: 128 MB Flash and 256 MB RAM
  • WiFi Protected Access (WPA/WPA2—PSK)
  • WiFi Technology: 802.11ac Tri-Band Gigabit
  • WiFi Performance: AC3200 (600 + 1300 + 1300 Mbps)
  • The WiFi range works for very large households.
  • WiFi Band: Simultaneous Tri-Band WiFi – Tx/Rx 3×3 (2.4GHz) + 3×3 (5GHz) + 3×3 (5GHz)
  • Ethernet Ports: Five (5) 10/100/1000 (1 WAN and 4 LAN) Gigabit ethernet ports
  • VPN support for secure remote access
  • Denial-of-service (DoS) attack prevention
  • Double firewall protection (SPI and NAT)
  • System requirements: Microsoft Windows 7, 8, Vista, 2000, Mac OS, UNIX or Linux
    Microsoft Internet Explorer 5.0, Safari 1.4, Firefox 2.0 or Google Chrome 11.0 browsers or higher

Ready to set up the Netgear R8000?

  • Follow the instructions in the manual.
  • The instructions are not complicated.
  • After setting it up, go to routerlogin.net. The default password is “password” and the default username is “admin.” The setup wizard will get it installed for Internet access.
  • Once your connection is established, you can figure out what you’d like in your network.
  • The advanced menu will allow you to configure more features. Play around with the advanced menu to see what you might like.
  • Use the latest firmware.
  • Go to netgear.com/home/discover/apps/genie.aspx to download the Netgear Genie, an application that will monitor and control your new router and network. The Genie offers additional features like parental controls.

The manufacturer’s suggested retail price is $299, and that comes with a limited one-year warranty. But look around; you may find a sale price.

The Tri-Band feature really sets the Netgear R8000 apart from other routers. The one challenge with this router is its horizontal, rather than vertical, expansion. But that’s really just a minor little issue when you consider all that this router can do, like take on multiple connections simultaneously—without any glitches. Other outstanding features:

  • Will enable multiple use of electronics in the household without anyone experiencing compromised loading times or any other sluggishness; no congestion. So while one person watches YouTube, another downloads files and a third watches a show while also using a smartphone, nobody’s online experiences will be hampered.
  • Is ideal for a household with a lot of devices.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Risks of Public WiFi

Wired internet or wireless WiFi, the warnings are out there: Don’t visit any websites that you have important accounts with when using a public computer (hotel, airport, café, etc.).

3WVisiting even a more trivial account, such as an online community for cheese lovers, could sink you—in that a cyber thief might get your username and password—which are the same ones you have for your bank account, PayPal and Facebook.

Why is public Wi-Fi such a bad thing for shopping and banking and other such activities?

Snooperama

  • As already touched on, a roving hacker could glean your username and password, or credit card number and its three-digit security code when you do online shopping, because the cyber communications of public Wi-Fi are not encrypted. They are not protected or scrambled up. The cybersnoop can thus see what everyone’s passwords, usernames and account information is.
  • Hackers can also see what sites you’re visiting and what you’re typing on those sites.

If you plan on using public Wi-Fi, make sure your device has full protective software including a firewall (and you should always have these anyways).

When connecting to public Wi-Fi, always choose the “public” network rather than the “home” or “work” options when using Windows. This will prevent Windows from sharing files.

If you absolutely must conduct work or personal business while on public Wi-Fi, then use a VPN: virtual private network; it scrambles communication into gibberish by encrypting it.

Malicious Locations for the Wi-Fi

Don’t assume that a hacker is far away when he snoops for something to steal. For instance, the “hotspot” to connect online may have been set up by a thief like a spider in a web waiting for flies. Additional ways a hotspot could be malicious:

  • HTTP connections can be hijacked by software called sslstrip. This software generates copycat links—a domain name that looks just like the authentic one, but appearances are deceiving because these imposter domain names use different characters.
  • Hackers can use the Wi-Fi Pineapple to set up the attacks mentioned above. The Pineapple is on the lookout for when a laptop is trying to connect to a network it recalls, barges in and claims the summoning. Pineapple is now in a position to perform additional attacks.

Hack Prevention

  • Avoid online activity using public Wi-Fi with important accounts. If their site has HTTPS with the padlock icon there is a degree of security here, however, the rule still stands: no public Wi-Fi for important accounts. The only exception to this hard rule is if you have the VPN.
  • Using a VPN will encrypt all of your online activities, freeing you to use public Wi-Fi for anything. Hotspot Shield is a VPN provider that’s compatible with iOS, Android, PC and Mac. It runs quietly in the background.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Things You should and shouldn’t do on Public Wi-Fi

Public Wi-Fi is the location where you can get online: airport, airplane, coffee house, hotel, motel and more. Many people don’t give this a second thought, unaware of how risky this really is.

4WPublic Wi-Fi is very non-secure, a goldmine for hackers who want to steal your identity and commit fraud, destroy your website, you name it. They can do this many ways, including intercepting your activity with an imposter website where you input login details—that the hacker then obtains.

But public Wi-Fi will always be risky as long as its proprietors, such as the coffee house, find that enabling security features hampers ease of use for patrons.

So even if you don’t do banking and shopping online, the wrong person can still see, word-for-word, your e-mail correspondence.

Do’s at a Public Wi-Fi

  • Make sure your devices are installed with antivirus, antimalware and a firewall, all updated.
  • Prior to when you anticipate using public Wi-Fi, consider the nature and amount of sensitive data on your device, maybe remove it (and back it up).
  • Make sure the hotspot is legitimate; speak to the proprietor. Cybercriminals could set up hotspots as “evil twins”.
  • Sit against a wall so that nobody can spy what’s on your screen.
  • If sitting against a wall is not possible, be aware of who’s around you. Cover your hand when typing in login information.
  • Use a privacy screen; this makes it impossible for a “shoulder surfer” to see what’s on your screen while they peak over your shoulder or from the side.
  • Use a VPN: virtual private network. It will encrypt all of your online transactions, making them impossible to decipher by cyber criminals, whether it’s login information, usernames, passwords or e-mail correspondence. Even your IP address will be concealed. Hotspot Shield is a VPN provider, and it’s compatible with Mac, PC, iOS and Android, quietly running in the background after it’s installed.

Don’t’s at a Public Wi-Fi

  • Don’t let your device connect with the first network that “takes.” Instead, select it.
  • Do not keep your wireless card on if you’re not using it.
  • Do not keep your file sharing on.
  • Can you not wait till you’re in a secure location to do banking and other business transactions? No matter how bored you are waiting at the airport or wherever, do not do banking and other sensitive activities.
  • Don’t engage in any serious or sensitive e-mail communications.
  • Never leave your devices unattended for a single second. Not only can someone walk off with them, but a thief can insert a keylogger that records keystrokes.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Beware of scary WiFi Virus

It’s called Chameleon—a computer virus—but maybe it should be called FrankenVirus. You wouldn’t believe what it can do: literally move through the air, as in airborne—like a biological pathogen.

2WAnd like some Franken-creation, it came from a laboratory, cultivated at the University of Liverpool’s School of Computer Science and Electrical Engineering and Electronics.

Chameleon leaps from one WiFi access point to another. And the more access points that are concentrated in a given area (think of them almost like receptor sites), the more this virus gets to hop around and spread infection.

The scientists behind this creation have discovered that the more dense a population, the more relevant is the connectivity between devices, as opposed to how easy it was for the virus to get into access points.

Access points are inherently vulnerable, and Chameleon had no problem locating weak visible access points from wherever it was at, and it also avoided detection.

“When Chameleon attacked an AP it didn’t affect how it worked, but was able to collect and report the credentials of all other WiFi users who connected to it,” explains Professor Alan Marshall in an article on Forbes.com. He added that this malware pursued other WiFi APs to connect to and infiltrate.

The scientists made this virus subsist only on the network—a realm where anti-virus and anti-malware systems typically do not scavenge for invaders. Protective software seeks out viruses on your device or online. Thus, Chameleon earns its name.

Think of this virus like the burglar who goes from house to house overnight, jiggling doorknobs to see which one is unlocked. WiFi connections are like unlocked doors, or locked doors with rudimentary locks.

Chameleon’s creators have come up with a virus that can attack WiFi networks and spread its evil fast. The researchers now want to come up with a way to tell when a network is at imminent risk.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.