Sponsor Robert Siciliano as he runs the Boston Marathon for Miles for Miracles, Children's Hospital Boston
ROBERT SICILIANO, CEO of www.IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

FREE EBOOK

Check here if you're human

Sponsors

World’s dumbest Rapist: Tells Victim to call Boyfriend

0
Pin It

What’s sicker than raping a woman? Ordering her to phone her boyfriend so he could listen to the rape. But that was a good thing for a woman who was kidnapped last year. Her abductor drove her to the parking lot of an adult entertainment store in Georgia with the intent of raping her, reports WSB-TV.

1SDBut the abductor, Robert Giles, first ordered her to call her boyfriend so he could listen in. Smart move, dude: The victim called 911 instead. However, she pretended the man on the other end of the call was her boyfriend.

The victim explained the circumstance to her “boyfriend,” who quickly realized what was actually happening. And the 911 operator, Deonte Smith, went along with it, posing as her boyfriend, all the while gathering data to locate Giles.

Soon, the police nabbed Giles on the spot.

What can we learn about this event?

  • If you’re abducted, keep your cool and think hard. Do not be afraid to be strategic.
  • Of course, you want to prevent ending up in such a situation in the first place. A man doesn’t just randomly abduct a woman. He observes them first, to see who seems like they’d put up the least resistance.
  • If you are ever abducted, holler as loud as you can, “Fire! Fire!” People are more likely to come bolting out of the woodwork to help out when they hear “Fire!” rather than hearing just screaming. Even if you yell “Rape!” there’s bound to be a few listeners who will think this is a prank. Yelling “Fire!” is not associated with pranks.
  • If you notice a man following you, throw a curve ball. Predators are easily stunned by curve balls and paralyzed with confusion and trepidation. For example, if he sees you spit on the ground as he’s walking behind you, this will likely make him hesitant to grab you.
  • Always be aware of your surroundings. Never text while walking in public! Take out the earbuds and keep your ears on high alert.
  • Sign up for martial arts/self-defense lessons. Yes, they really work when taught by a highly qualified instructor.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft preventionvideo.

Filed Under: security security issues sex offender

What is the Signaling System No. 7 Network?

0
Pin It

The iPhone has a vulnerability called the Signaling System 7 (SS7) that allows crooks to hack into the device.

4WThis was demonstrated on a recent “60 Minutes” episode in which a U.S. congressman (with his permission) had his iPhone hacked by German cybersecurity experts. The white-hat hackers got his phone number and eavesdropped on the conversation.

Penetration of the flawed SS7 makes it possible to listen in on conversations, intercept texts and track the victim’s movements. The congressman subsequently called for an investigation into the vulnerability.

The vulnerability was initially unearthed in 2014 at a German hacking conference. This SS7 flaw is not just a U.S. phone carrier problem, either. Mobile device carriers around the world are affected by this as well. A global attack on this vulnerability is very much warranted.

The criminals who carry out these attacks have a strong preference for targets who are not the regular Joe or Jane, but people of political significance or who represent major organizations.

So regardless of how “important” you are, what can you do?

  • Your mobile device should be fully equipped with security software.
  • Make sure that this software is always updated. Do not ignore update alerts.
  • You should not rely on just a single layer of security, no matter how strong.
  • Also keep in mind that skilled hackers can figure out ways to circumvent a layer of security. The more layers that your iPhone has, the less likely a crook will be able to penetrate it.
  • Load up on the layers of protection, which include a passcode and biometrics such as a fingerprint scanner. Go for depth.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: online safety online security

Mobile SIMs Hacks Cause Concern

0
Pin It

A crook can steal your identity by taking control of your wireless phone account—by pretending to be you in person at the mobile store. The villain can then buy pricey mobiles and sell them—and guess who gets the bill but not the profit.

4DSymptoms of Hijacked Account

  • Suddenly losing service
  • Your carrier says you went to a store, upgraded a few phones, then shut down your old device.
  • Or, the rep will straight-out ask if the problem is with your new iPhone—even though you never purchased one.
  • You were never at the store and never authorized any account changes.

If this happens to you, says an article at nbc-2.com, you’ll need to visit the carrier’s local store, show your ID and get new SIM cards. The carrier absorbs the costs of the stolen new phones.

But it’s not as simple as it sounds. What if in the interim, you need to use your phone—like during an emergency or while conducting business? Or your phone goes dead just as your teen calls and says she’s in trouble?

The thief, with a fake ID, waltzes into a store that does not have tight owner-verification protocols, and gets away with changing the victim’s account and buying expensive phones.

The nbc-2.com report says that this crime is on the increase and is affecting all four of the major mobile carriers: AT&T, T-Mobile, Verizon and Sprint.

Here’s another thing to consider: The thief may keep the new phone, which still has your number, to gain access to your online accounts via the two-factor authentication process—which works by sending a one-time numerical text or voice message to the accountholder’s phone.

The thief, who already has your online account’s password, will receive this code and be able to log into the account. So as innocuous as stolen phones may seem, this can be a gateway to cleaning out your bank account. The thief can also go on a shopping spree with mobile phone based shopping.

We’re all anxiously waiting for mobile carriers to upgrade their store security so that people just can’t strut in and get away with pretending to be an accountholder. Biometrics come to mind. Photo IDs are worthless.

In the meantime, accountholders can create a PIN or password that’s required prior to changing anything on the account.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: hackers mobile phone security passwords

How to digitally detox on Vacation

0
Pin It

Many years ago when you were on vacation, before Facebook, Instagram and Twitter were invented (assuming you were an adult then), you had a great time, right? You weren’t “connected,” because there was no social media to be connected with.

2DIf today you can’t imagine being disconnected from social media while on vacation, ask yourself how this can be, if years ago, you never missed what had not yet been invented.

And what about constantly checking e-mail while on vacation? Or constantly perusing various websites with your mobile while at the beach?

Intel did a recent study:

  • 55% of Americans can’t disconnect while vacationing.
  • Two-thirds actually wanted to disconnect (detox), but less than half actually did so.
  • But when they did disconnect, 88% reported feeling okay about it and connecting better with travel mates.

Motivation to Detox

  • Know that cybercrooks are banking that vacationers do not disconnect.
  • Vacationers are especially vulnerable when they use public Wi-Fi, as cyberthieves can “snoop” on login entries and steal login information (such as to your bank, or get your credit card number when you online shop at the coffee house).
  • Can’t stay away from your e-mail when vacationing? Cybercrooks can gain access here, too.
  • Though installation of a virtual private network will prevent cyber snooping, it won’t prevent shoulder surfing, or thieves using high powered cameras to capture what you’re doing across the coffee house.
  • Of course, your devices should have security software that’s always updated.
  • Your devices should be password-protected as well.
  • Before embarking on your vacation (and not a few days before, but a few weeks before), practice disconnecting for 24 hours. If you must check your e-mail daily for business purposes, at least practice disconnecting from social media for 24, even 48 hours. Can you do it?
  • Can you stay off your mobile device while waiting at the dentist’s office or at the motor vehicle agency?
  • These “home” practice sessions can help you overcome withdrawal symptoms of not checking Twitter, Facebook or e-mail every 10 minutes.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: online security

Predators use Emojis to target Kids

0
Pin It

Who’d ever think those silly little yellow circular faces and other such cyber symbols would become such a worldwide smash? I’m talking about emoticons, also known as emojis. Five years ago Apple put an emoji keyboard on its mobile devices. Six billion of these doggone things are sent every day.

12DBut a story at kdvr.com says this isn’t as innocent as it seems.

The story mentions Sheila Allison and her 12-year-old who regularly communicate via emojis. For instance, Allison’s job means she’s not home when her daughter is going to bed, so she sends emojis for zzzz’s, kisses and princess. (There’s an emoji for everything, and not all of them are faces; some are animals, fruits and other symbols.)

So expansive is the emoji language that a person may be considered fluent in it, knowing the hidden meanings of these icons.

Mike Harris hunts down pedophiles for a living, says the article. He’s fluent in emoji, knowing over 1,200 of the icons. He points out that one emoji may have three or four different meanings.

There’s even a Speak Emoji app that translates “emojiese.” The symbols can be used to bully and threaten. They can be used to communicate any number of messages, such as, “Got any crack?”

There are emojis with very concrete meanings, such as bomb, gun and knife symbols. Others are a bit more cryptic, though sending the emoji of a frog to someone you recently called “ugly” should have an obvious interpretation.

More Meanings

  • Dog (even cute) emoji = b–ch.
  • Pile of poop = sh*t.
  • Harris explains that the sequence of a running-man emoji and a bowling ball emoji means “I’m going to hit you.”
  • Guess what a scared face, knife and shower means.
  • Harris adds that a peach can mean erotic. So can raindrops.
  • Context is important; two people discussing the weather and sending raindrop emojis are meaning rain, nothing more.
  • Anyone whose head is in the gutter will use the banana emoji.
  • Meanings can be invented spur of the moment: sending the pig emoji to an overweight person or when discussing cops. An emoji of a shark (I’m sure there’s one) can refer to a lawyer.
  • But a very non-contextual emoji is footprints; this can mean beer.

Sorry, don’t shoot the messenger! Just giving all those over 30 a heads up!

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: online security

Another Successful Ransomware Attack

0
Pin It

Ransomware thieves sure know how to pick their victims—institutions that store loads of highly critical data that they need on a daily basis, that without—even just 24 hours without—can have crippling effects. This form of cybercrime is growing by leaps and bounds.

11DRecently a ransomware attacker struck the network of the University of Calgary. An article at arstechnica.com says that the institution’s IT experts have made some headway in isolating the ransomware infection and making some restoration progress.

Why not just pay the thief and get the “key” back to the scrambled data? Because there is never any guarantee that these thieves will provide the cyber key after they are paid the ransom. And even when they do provide this key, there’s no guarantee it will release all of the hijacked data, but only some of it.

“Ransomware attacks and the payment of ransoms are becoming increasingly common around the world,” says a statement out of the arstechnica.com report. Decrypting the scrambled data “is time-consuming and must be performed with care,” continues the report. “A great deal of work is still required by IT to ensure all affected systems are operational again,” and this process requires patience.

The University of Calgary is a research institution that absolutely cannot afford to lose its data, points out the university’s vice president, Linda Dalgetty, in an article from The Globe. She explains, “We are conducting world class research daily and we don’t know what we don’t know in terms of who’s been impacted and the last thing we want to do is lose someone’s life’s work.”

Ransomware crimes have become so commonplace that some thieves have set up call centers for victims who don’t know how to navigate their data hostage situations, such as how to pay in bitcoins—the highly preferred payment methods by the criminals.

Often, the thief imposes a deadline for the payment, and if it’s not met by that deadline, the payment escalates.

This is actually really stupid. Meaning, if the last thing anyone wants to do is lose someone’s life’s work, then BACK IT UP. That’s “Data 101”.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: Ransomware

You need Two-Factor Verification for your Amazon Account

0
Pin It

If you have a strong password for your Amazon account, you may still want to consider beefing up the security with two-factor verification (or authentication), which will prevent a thief from accessing your account (which is possible if he gets ahold of your password and username somehow).

2D

  • Log onto your Amazon account.
  • Have your mobile phone with you.
  • Click “Your Account.”
  • Scroll down where it says “Settings—Password, Prime & E-mail.”
  • Click “Login & Security Settings.”
  • Go to “Change Account Settings” and at the bottom is “Advanced Security Settings.” Hit “Edit” there.
  • You are now on the page for setting up two-step verification. Hit “Get Started.”
  • You will see two options. For ease of setting up the two-factor, choose the text message option.
  • Follow the instructions and wait for the texted code.
  • Enter the code and click the “continue” button.
  • You will now be on a page for adding a backup number—which is required.
  • You cannot use the same phone number you just did for your initial setup. If you do not have a landline for the backup number, and your only phone is a “dumbphone,” you will not be able to use the two-factor service from Amazon.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: authentication

How to protect your Mobile Phone from Hackers and Thieves

0
Pin It

Let’s cut to the chase:

  • Regularly back up the phone’s data! If this is done every day, you won’t have to worry much about losing important information if something happens to the phone—such as a ransomware attack.
  • Keep the phone’s software and applications updated.
  • Delete apps you no longer use, as these can reveal your GPS coordinates and garner data about you.
  • Never post about your vacation while you’re on vacation.

6WBut there’s more:

  • Employ the device’s password-protect function (which may even be a biometric like a fingerprint).
  • If the phone has more than one type of protection, use both.  You just never know if the phone will get lost or stolen.

Public Wi-Fi

  • Never use public Wi-Fi, such as at airports and coffee houses, to make financial transactions.
  • Though public Wi-Fi is cheaper than a cellular connection, it comes with risks; hackers can barge in and “see” what you’re doing and snatch sensitive information about you.
  • If you absolutely must conduct sensitive transactions on public Wi-Fi, use a virtual private network or a cellular data network.

And yet there’s more:

  • Switch off the Wi-Fi and Bluetooth when not in use. Otherwise, your physical location can be tracked because the Wi-Fi and Bluetooth are constantly seeking out networks to connect to.
  • Make sure that any feature that can reveal your location is turned off. Apps do collect location information on the user.
  • What are the privacy settings of your social media accounts set to? Make sure they’re set to prevent the whole world from figuring out your physical location. This is not paranoia. As long as you’re not hearing voices coming from your heating vents, you’re doing fine.
  • Are you familiar with the remote wipe feature of your mobile device? This allows you to wipe out its contents/files without the phone being in your hand—in the event it’s lost or stolen. Enable it immediately.
  • And also enable the “find my phone” feature. You may have lost it inside your car’s crevasses somewhere.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: hackers mobile phone security phone scams

Fake Realtor scams Children and their Parents

0
Pin It

Ever peruse Craigslist for a new home? Nothing against Craigslist for doing that, but that’s where Coty Houston and David Yost happened to find a very alluring four-bed home for sale; looked perfect for their five young kids.

12DThen they all got squashed by a bomb: The man who sold it to them was not a licensed Realtor. Matthew Boros, however, used to be a real estate agent, but he never renewed his license. But this time, he had climbed through the house’s window (after placing an ad for it on Craigslist) and pretended to be the owner, with the plan of bilking the couple out of $5,000.

The couple was fooled by Boros’s charm. They had no idea that this kindly man, who had met their children several times, had been busted in the past for renting the same house out. They gave him a down payment and an additional $4,000, that day—in the name of expediting the sales transaction.

Yost remodeled houses for a living, so he had no problem starting the remodeling on this particular house, which definitely needed some repair and cleanup. He even replaced its electrical wiring.

Not long after, while he was working on the house, a man arrived asking why he was there. The vacant house had a real Realtor, who told Yost he was going to contact the police to report him for breaking and entering.

Next day, Yost found the house’s locks to be changed, his equipment still inside.

Houston visited the Second District Headquarters, armed with the payment and contract records from Boros. She and Yost then demanded their money back from Boros. Boros, though, told them he could prove with additional paperwork that the transaction was legal.

They met, and Boros refused to give a refund, but the police were waiting nearby and arrested the slug.

The couple is out $5,000, but may get their money back pending the judge’s decision. Boros pleaded not guilty. His lawyer claims to not have had sufficient time to study the case.

The ending is not all that bitter for the parents of five, however. They bought the house for real this time, with a reduced down payment.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: craigslist

Beware of these 4Scams

0
Pin It

IRS

  • The e-mail (or phone call) says you owe money; if you don’t pay it immediately, you’ll be put in jail or fined.The scammer may know the last four digits of the victim’s Social Security number.
  • Caller ID will be spoofed to look like the call is from the IRS.9D
  • The e-mail will include an IRS logo and other nuances to make it look official.
  • The scammer may also have an accomplice call the victim pretending to be a police officer.
  • The victim is scared into sending the “owed” money—which goes to the thief. Or, the thief gets the victim to reveal credit card information.
  • Another version is that the IRS owes the victim. The victim is tricked into revealing bank account information to receive the refund.
  • Know that the IRS will never contact you via e-mail or phone; will never threaten jail time, a fine or other threats like a driver’s license revocation.
  • If you owe, the IRS will send you snail mail, certified.
  • The IRS will never threaten to have you arrested.
  • If the subject line of an e-mail appears to be from the IRS, delete it.
  • If a phone call appears to be from the IRS, hang up.

Bereavement

  • Scammers scan obituaries for prey.
  • They then contact someone related to the deceased and claim something against the estate or that they’ll reveal a family secret scandal unless they’re paid.
  • If one of these scams comes your way, request written documentation of the claim.
  • Tell the sender you’ll send this documentation to the executor.
  • If you’re blackmailed, contact a lawyer.
  • Never arrange to meet the sender.

Computer Hijack

  • This may come as a phone call: A person claiming to be a Microsoft rep informs you that your computer has been hacked and he’ll fix it—or you’ll lose everything.
  • He wants to convince you to let him have remote control or “sharing” of your computer…and from there he’ll try to get your credit card number…

Investment Scam

  • Someone halfway around the world has chosen YOU to handle a large amount of money, and you’ll be paid richly for this.
  • The sender often has a foreign sounding name, but even common names are used.
  • Often, there’s some smaltzy message in the e-mail subject line like “God bless you” or “Need your help.”
  • Delete e-mails with any subject lines relating to investments, inheritances, mentions of money, princes, barristers or other nonsense.
  • If you feel compelled to open one, don’t be surprised if there are typos or that it’s poorly written. Do NOT click any links!

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Filed Under: IRS scammers scams
Xtreme School

Featured in

Anderson Cooper John Stossel Robert Siciliano Featured in
Browse by Month

Browse by Category