The FBI says that in the U.S., one out of every 36 homes will be raided by thieves in any given year. Often, the burglars were able to get in due to the residents’ carelessness.
Unlike the movies, in which burglars are hiding in the shrubs at night waiting for the homeowner to return home, then jump out and press guns to their ribcages, ordering them inside, real life burglars often literally stroll right through an unlocked door and help themselves to all the goodies. There are many ways the home occupant can make it easy for burglars to get in unnoticed.
- Unlocked doors and windows.
- A sloppy yard. This makes a thief think nobody’s hardly ever home, and he’ll likely target the house for a break-in.
- Shrubs and bushes that obscure entryways. Burglars love it when they can conceal themselves in the dark with the help of plant growth around windows and doors.
- Posting travel plans on social media. Yes, burglars scout social media to see who’ll be away from the house.
- Indiscriminately answering the doorbell. Burglars may pose as utility workers and talk their way inside. Or, they may push past the occupant and ransack the place while an accomplice restrains the occupant.
- A chronically dark house. Don’t be a utility bill penny pincher. Enough lights should be on at night, including when you’re home, to make a burglar think there’s fully-awake people inside. Automatic timers that turn lights on and off will make the house look occupied, and will make it appear people are up in the middle of the night, when many break-ins occur.
- Newspapers accumulating in the drive or a package sitting on the front stoop, suggesting nobody’s been home for a while.
Beef up Your Home’s Security
- Get a security system for the house that has it all: motion detectors, surveillance cameras, smartphone connections. Even if money is tight, you can still fool many a burglar with a fake camera installed above the front door, and security company signs around the house—even though you don’t have a system. But really, these days, there are systems for all budgets.
- Dog owners should hire a dog sitter rather than kennel their pet; a dog’s barking usually scares off a would-be intruder.
- Put your paper and mail deliveries on a vacation hold.
Hackers know small companies are more vulnerable to data breaches due to limited resources. Cybersecurity should always be a high priority. But when a company’s IT staff consists of maybe 1-2 people who are provided limited budgets and are constantly solving other tech problems, the focus on security suffers. And hackers aren’t the only problem. One significantly overlooked part of the security process “cleaning” the IT infrastructure.
- Networked systems
- PC and mobile hardware
- Multiple device software
- Local and cloud data
The best way to manage the “cleaning” process is to keep a checklist and break the workload down into small bites. Complete the following tasks to clean up your business’s digital life and add layers of protection:
- Rule #1: Automatically back up your data before, after and always. No matter what you are doing to your devices, make sure they are backed up.
- Use automatically updated security tools including anti-virus, anti-spyware, and firewall software.
- Use a virtual private network for public Wi-Fi activity. Check to see if the VPN auto-updates.
- Take an inventory of your e-mail files. Depending on the nature of a business, it may be prudent to keep everything backed up for years. In other cases, consider deleting useless messages. Create folders for messages pertaining to certain topics. Delete old folders, etc.
- Go through all of your devices’ programs and uninstall the ones you’ll never use.
- Carefully sift through all of your files and get rid of useless ones.
- Separate out media so that there are files specifically for images, video, docs, etc.
- Integrate desktop icons that have a commonality. For instance you may have several related to a certain product or service you provide. Create a main folder and put all of these in it. Icon clutter may slow boot-up time and makes things look and feel, well, cluttered.
- Take a look at all your passwords. Replace the crackable ones with long and strong ones. An easily crackable password: contains real words or proper names; has keyboard sequences; has a limited variety of characters. If you have a ton of passwords, use a password manager.
- Have multiple backups for your data including on premise and cloud storage.
- Defragment your hard drive.
- Reinstall your operating system. Of course, first make sure all your data is backed up beforehand.
- Operating systems pick up temporary files over time, slowing the computer and making it vulnerable. The free CCleaner tool will clean up your system’s registry.
- Install program updates. Your OS should automatically do this, but check just to be safe.
- Review the privacy settings of social media accounts to make sure you’re not sharing information with more people than you’d like.
- Make sure your business is protected by a security alarm system that includes video surveillance. Hackers get the spotlight, but we can’t forget about the common burglar.
The prevention tactics above apply to businesses and really, everyone. Be sure to train your employees on proactive security and inform them about tricks that cyber thieves use. For more information visit: http://www.dhs.gov/national-cyber-security-awareness-month. If you’re looking for a secure backup solution, check out Carbonite. Sign up before the end of October and receive two free bonus months when you enter code “CYBERAWARE” at checkout.
#1 Best Selling Author Robert Siciliano CSP, CEO of IDTheftSecurity.com is a United States Coast Guard Auxiliary Flotilla Staff Officer of the U.S. Department of Homeland Security whose motto is Semper Paratus (Always Ready). He is a four time Boston Marathoner, Private Investigator and is fiercely committed to informing, educating, and empowering people so they can be protected from violence and crime in the physical and virtual worlds. As a Certified Speaking Professional his “tell it like it is” style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders. Disclosures.Filed Under: digital security
When you hear the dictum, “You should protect yourself from identity theft,” do you equate this with pushing a wheelbarrow loaded with rocks up a hill? It would actually be more accurate to picture slicing into a fresh apple pie, because identity theft protection is as easy as pie. Check out the following things you should do—without breaking any sweat:
- Examine your credit card statements once a month to catch any unauthorized charges. Even a tiny charge should not be blown off, since often, thieves will start out small to “test the waters.” Once they get away with this, they’ll be surfing the big waves if you don’t pounce on them quickly.
- Buy a shredder. Don’t rely on tearing up documents with your hands, especially unopened envelopes. A shredder will blitz them to fragments that a “dumpster diver” won’t be able to piece together. Until you get a shredder, use scissors and snip up anything that has sensitive information on it.
- Put the names and phone numbers of your credit/debit cards on hardcopy so you’ll have a quick way to contact them should any become stolen.
- There are three major credit report bureaus: TransUnion, Experian and Equifax. At least once a year review your credit reports with them, as they can reveal if, for instance, someone opened a credit card account in your name.
- If you ever lose your cell phone, anyone can obtain sensitive data you have stored in it—unless it’s password protected. And please, use a strong, long password, since the thief might be someone who knows you and is capable of sitting there trying all sorts of permutations with your beloved dog’s name, a la Duke1.
- Are a lot of your sensitive paperwork and documents in unlocked file cabinets that anyone can get into? The thief could be a visiting family member (yes, family members can be crooked), the cleaning lady, repairman, window guy, dishwasher installer, a visiting neighbor, you name it. A fireproof safe will protect these documents.
- All of your computers should have antivirus, antimalware and antispyware software, that’s regularly updated.
- Install a virtual private network to encrypt all free WiFi communications. Hostspot Shield is a good example.
- Put a freeze on your credit, at least if you don’t plan on applying for any credit lines or loans in the near future; you’ll be blocked until you unfreeze it, but so will thieves.
More on Credit Freezes
- Freezing is free for ID theft victims; there’s a small charge for non-victims ($15 per credit bureau, which may be for all time, depending on your state’s policies).
- “Thawing” the freeze (which takes five minutes) is free to victims and up to $5 for non-victims.
- It will not affect your credit score.
- It works because they block lenders from seeing your credit scores. So if someone gets your identity, they can’t open credit in your name because lenders need to see those scores.
- You won’t be able to see your credit reports unless you have a PIN to access them.
Identity theft doesn’t have to be a scary nightmare. As long as consumers follow these basic tips and guidelines they can prevent many forms if identity theft.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.Filed Under: Credit Freeze Identity Theft
If you want to be a pro at privacy, here’s a tip: When it’s time to go online, whether it’s at an airport lounge, coffee house, hotel, or any other public Wi-Fi spot, don’t log into any of your accounts unless you use a virtual private network (VPN).
A VPN is a technology that creates a secure connection over an unsecured network. It’s important to use because a hacker can potentially “see” your login information on an unsecured network. For instance, when you log in to your bank account, the hacker may be able to record your information, and even take money from your account.
Here are a few other important things to remember about unsecured networks:
- It’s possible for cyber snoops to see your transactions, including email.
- Snoopers and bad hackers can spy on the sites you visit and will know the passwords and usernames you use to access any account.
- A Wi-Fi spot itself can be malicious, in that it was set up by a cybercriminal.
- Even a reputable Wi-Fi spot, like that at a name-brand hotel, could be tainted. Hackers can use software to hijack Internet connections and trick users into using fake web addresses.
The good news is that you can subscribe to a VPN service for a low monthly fee. Now, if you have a VPN, you can feel at ease logging into any site on public Wi-Fi, because a VPN scrambles, or encrypts, all cyber transmissions. So to a snoop or hacker, your passwords, email messages and everything else will appear as unintelligible garble.
In addition to encrypting your transactions, most VPNs will conceal your device’s IP address. What you’re doing and which sites you are visiting will be under lock and key. This will stop companies from snatching users’ browsing habits and other data and sharing it with other online entities.
So, if your schedule doesn’t permit you the luxury of doing all your important Web surfing on your secure home Wi-Fi, and you often find yourself logging on to your bank’s site or other accounts while you’re away from home, remember that you really need a VPN. Because, when you are on an unsecured network, everything you do on your computer gets laid out on a silver platter for the cyberthugs.
Your information could be compromised, or your device could get infected and crash, wiping out all of your files.
A hacker might even threaten to wipe out your files if you don’t pay a ransom. The bottom line is that anything is possible when using public Wi-Fi, but VPNs can end all these concerns.
Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: wifi
The Internet helps us connect and share with people around the world, but there are some people with whom you definitely shouldn’t be sharing your information. Although it’s not pleasant to think about, it’s not just friends and family that can see your online posts, bad guys can too, including criminals and even sex offenders.
This is because every time you take a picture, technical data is created and stored along with the image. This is called “EXIF data”, or exchangeable image file format. When this data includes location information, such as the exact GPS coordinates of where the photo was taken, the image is then “geotagged.”
The good news is you can view the EXIF data, and remove it to prevent predators from getting your location information. EXIF data will always be added to the storage of every picture you take; there’s no way to prevent this. But you can delete it.
Here’s how to prevent strangers from seeing your location information:
- Select the image on your computer and right-hand click on it.
- Select “properties.” You’ll find all the data here.
- Go to the location, or EXIF data.
- At the end of all the information you’ll see “Remove Properties and Personal Information.” This will wipe out the coordinates.
- You should go through this process before posting photos online, because once they’re online, you can’t control who sees this information.
- However, it will still be worth your while to strip this data from photos already posted online. For all you know, tomorrow is the day that a bad guy reads your location information, so today is the day to delete it.
Some people’s social media pages have an endless scroll of personal photos, including pictures of their children and teens. Be very selective of what you post online, and always delete the EXIF data before posting.
Save the pictures you don’t post for a hardcopy photo album. That way you’ll dramatically cut down on the time spent eradicating your location information, while increasing your online security.
Here’s some more tips to use location services safely:
- Turn off the GPS function on your smartphone camera or digital camera. This is important if you are going to be sharing your images online. Instructions on how to turn off geotagging will vary, but we suggest referring to your phone or camera’s manual for further instructions on how to adjust this feature. You also might want to consider only letting certain apps (like maps) use your location data on your mobile device.
- Check your privacy settings on social networks and photo sharing sites. Make sure that you are only sharing information with friends and family. Also, make sure that you only accept people into your network that you know in real life.
- Be aware of the fact that the information you share on one social network may be linked to another.For instance, a photo you post to Twitter may automatically post to your Facebook profile. Because of this, it’s important that you check the privacy settings on all your accounts.
- Finally, be careful about what images you’re sharing and when you are sharing them.Rather than uploading a picture that reveals your location the moment you take it, wait until you get home to upload it.
Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: online safety online security privacy
You probably think you know what a “hacker” is, but the images portrayed in the media can be misleading. You may be thinking of a geeky-looking guy who causes peoples’ computers to get infected with viruses or cracks passwords to raid the accounts of big business. This is one kind of hacker, but in a broader sense a hacker is a person (male or female) who uses their programming skills and technical knowledge to create and modify computer software and hardware by finding their weaknesses and exploiting them.
Hackers can be motivated by a number of reasons, both positive and negative. For instance, criminal hackers can create malware to commit crimes, such as stealing information and money, while other hackers are benevolent. They may work for big companies or the government in the name of protecting them from bad hackers.
It helps to be familiar with these general categories of hackers:
Black hat hackers
This is a hacker who gains unauthorized access into a computer system or network with malicious intent. They may use computers to attack systems for profit, for fun, for political motivations, or as part of a social cause. Such penetration often involves modification and/or destruction of data, as well as distribution of computer viruses, Internet worms, and spam.
White hat hackers
Also known as “ethical hackers,” white hat hackers are computer security experts who specialize in penetration testing and other testing methodologies to ensure that a company’s information systems are secure. These security experts may utilize a variety of methods to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to evade security to gain entry into secured areas.
Gray hat hackers
These are skilled hackers who sometimes act legally, sometimes in good will and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
In addition to these definitions, the term “hacker” is currently used to refer to any individual who deliberately tries to compromise a computer system—regardless of objective.
It may also simply refer to someone who likes to tinker around with the innards of computer systems, and it may also mean a really smart person who can solve any computer problem.
So, while you may have generally thought of hackers as criminals, the term actually describes a range of people with different technical skills and motives. That’s why it would be more helpful if we used the term with descriptors, such as “white hat hacker” or “criminal hacker,” so we have a better idea to whom we are referring.
After all, hackers shouldn’t have a bad reputation overall. They are usually very talented people and we need more of the good variety: white hats.
Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: hackers
The U.S. Office of Personnel Management, an identity database, was attacked by hackers rather recently, and they hit the jackpot: More than 21 million federal workers are at risk of identity theft for perhaps the rest of their lives, reports an article on forbes.com.
That’s the problem with these centralized identity databases. It’s like all the loot is in one location, so that when the thieves strike, they get it all. And as the forbes.com article points out, not too many governments care to invest the money and energy in optimizing the security of these huge central databases. And it’s not just the U.S. with this problem. Other countries have also had either cyber attacks or big issues with their national ID systems.
On the security evolution clock of 24 hours, cybersecurity comes in in the last few seconds. Governments for eons have been very staunch about issuing security in the physical form, such as constructing walls and other barricades near borders.
But protecting a computer database from harm? It’s just not as prioritized as it should be. The forbes.com article notes that the cybersecurity of a country’s citizens makes up the whole of the nation’s security.
Seems like things will be getting way more out of hand before things start getting under control, if ever. In line with this trend is that hackers have, in their possession for all time, fingerprint data of more than one million U.S. security clearance holders.
Governments need to start focusing on protecting the cyber safety of all the millions and millions of ants that make up its nation, or else one day, the empire just might crumble.Filed Under: cybersecurity hackers
Twitter recently announced its new tool to help with management and monitoring of its users’ accounts: the Twitter data dashboard.
An article on lifehacker.com details what this new tool will offer. For instance, you will not need to use your real name on Twitter—and I have to admit, this is an odd way to promote the tool, because I’m sure that scads of Twitter users haven’t been using their real name for years. It’s not as though Twitter can tell that “Emily White” is really Sashea Fiopwieei.
Anyways, users will be happy that their privacy settings will let them control whether or not their tweets are kept public. You will be able to enable login verification to increase your account’s security.
The Twitter data dashboard can be accessed from the settings menu that users can find on twitter.com. It shows the user’s account activation details and recent login history. It also reveals any devices that have accessed the account.
This setup allows the user to review account activity in an expedient way and make sure that everything looks right.
Now suppose you notice login activity from an unfamiliar app. You can go to your settings and look for the apps tab and revoke the application’s access to your account.
The lifehacker.com article also points out that if you notice logins from unfamiliar locations, you can immediately change your password.
You also have the option for setting up login verification to add an extra layer of security to your account. Twitter’s new dashboard will let you manage your Twitter archive and control your address book contacts, among other items that you will have more jurisdiction over.Filed Under: hackers
September is almost over. This means National Preparedness Month is nearing its end. Nevertheless, you must be prepared all year long to stay safe. National Preparedness Month culminates September 30th with National PrepareAthon Day.
In the boxing ring, if you focus on the knockout punches too much, the quick sharp jabs are what may bring you down. This is how some businesses approach their security. They put too much emphasis on preventing that mountainous data breach, while smaller everyday threats sneak by.
Those smaller threats may be difficult to get at, and they can knock you out for good. A company may have all eyes on that Russian hacking ring, a fire or hurricane. But threats come in all flavors.
A business just can’t use all its artillery against the “big” threats, because this will create non-flexible tactics that unravel in the face of an unexpected threat.
Unless company leaders are psychic, they can’t anticipate every possible threat. But being narrowly focused is no good, either. Here are some tips on how to widen that focus and plan for disaster:
- Certainly, gear up for the “big” threats like natural disasters and brick-and-mortar crimes. This includes having insurance plans, conducting evacuation training, and implementing additional protection like smoke detectors and fire extinguishers.
- Create a list of as many possible threats you can think of. If you can conceive it, it probably can happen.
- Come up with a backup location should your primary office location be rendered inoperable.
- Create a core response team for any kind of disasters, and see to it that the members are easy to reach. Have a secondary team in place in case anyone in the primary core can’t function.
- Establish post-disaster communication plans for employees, customers/clients and vendors. Have a list of backup vendors.
- Create security plans that are flexible rather than rigid, and make sure they are regularly updated.
- Back up all data. Have an onsite data backup as well as cloud backup.
- Replace computers every 2-3 years. But don’t wait that long if the following symptoms of a croaking computer occur: odd noises during boot-up; things taking way too long; a blue screen.
The preparation and prevention tactics above apply to businesses and really, everyone. Employees should be rigorously trained on proactive security and tricks that cyber thieves use. To learn more about preparing your small business for disasters, download Carbonite’s e-book, “Five Things Small Businesses Need to Know about Disaster Recovery.”
#1 Best Selling Author Robert Siciliano CSP, CEO of IDTheftSecurity.com is a United States Coast Guard Auxiliary Flotilla Staff Officer of the U.S. Department of Homeland Security whose motto is Semper Paratus (Always Ready). He is a four time Boston Marathoner, Private Investigator and is fiercely committed to informing, educating, and empowering people so they can be protected from violence and crime in the physical and virtual worlds. As a Certified Speaking Professional his “tell it like it is” style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders. Disclosures.Filed Under: Data Security hackers online security
The biggest mistake that you can make to threaten your online safety is to treat the online world different—as far as your private information—than you would treat the physical world. In other words, if someone walked up to you and said, “Hi, can you please provide me with your name, address, birth date, home phone, cell phone, email, usernames, passowords all your friends names and all their contact info?” I think not.
What sane person would pass out cards with their Social Security number, birth date, full name, home address and bank account information to every stranger they walk past on the street? But essentially, that’s what many people do online.
Here are seven risky online behaviors:
- Posting photos. As innocent as this sounds, photos of children have been known to get stolen and posted on child porn sites. Right click, save image as, then save to desktop; that’s all it takes. Does this mean never post photos of your kids? No. But save the picture of your naked two-year-old girl in the bathtub for your desktop. And don’t post vacation photos until after you return home.
- Another thing about photos: Don’t post pictures of yourself engaging in activities that could come back to haunt you in some way. For example, you post a picture of yourself smoking while at a picnic. You apply for new health insurance and say you’re a nonsmoker. The insurance company might decide to view your social media pictures to catch you in the act.
- Sounds innocent: You let your kids use your computer. But even if there are parental controls in place, your kids can still unknowingly let in a virus. Then you sit down to do some online banking…and the hacker whose virus is in your computer will then have your login credentials and bank account numbers, plus everything else. Ideally, you use a designated computer only for conducting sensitive online transactions.
- A hacker sends (via bot) out 10,000 e-mails that are made to look like they’re from UPS. Out of 10,000 random recipients, chances are that a good number of them are waiting any day for a UPS shipment. This could be you. Will you open the e-mail and click on the link inside it? If you do, you’ll likely download a virus. This is a phishing scam. Contact the company by phone to verify the e-mail’s legitimacy. Better yet, just never click on the doggone links.
- Do you know your apps? They most certainly know you—way too much, too. Applications for your phone can do the following: read your phone’s ID, continuously track your location, run your other applications, know your SIM card number and know your account number. Before downloading an app, find out what it can find out about you.
- Don’t take silly online quizzes. Whoever’s behind them might just want to get as much information on you as possible with the idea of committing identity theft. Got some extra time? Read a book or do a crossword puzzle.
- Never conduct business transactions using free Wi-Fi unless you have a virtual private network. Otherwise, anyone can cyber-see what you’re doing.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.Filed Under: online safety online scams online security