Hackers are hell-bent on busting into the network of their targets. They are persistent—never giving up. When you build your defense against cyber criminals, it must be done with the idea that they WILL succeed. When you operate on this assumption rather than thinking that your anti this and anti that are all you need, you’ll have the best cyber security in place.
Another mistake is to assume that hackers hound only small businesses or weak networks. The cyber criminal doesn’t care so much about vulnerabilities; he wants the goods. It’s like a burglar wanting a million dollars worth of jewels that he knows is stashed inside a mansion surrounded by a moat filled with crocodiles. This won’t stop him. It will only determine the dynamics of how he penetrates.
Yes, less sophisticated hackers will target more vulnerable networks, but there’s a lot of hefty hackers out there who aren’t intimidated by persistence. If cyber thieves want a goal badly enough, they’ll get into every nook and cranny to achieve their mission.
Hackers also determine ahead of time how the victim might respond to an attack. The crime ring will invest time in this, going well-beyond the intended target’s IT tactics. They’ll go as far as learning employees’ after-hour leisure activities. To make it harder for hackers to mine all this information, a company should keep things unpredictable like work routines and not embrace social media.
The hacker creeps around quietly, going undetected while spreading damage. To catch below-the-radar cyber invasions, a business should employ a system that can spot and stamp out these murmurs.
Finally, cyber criminals usually launch a secondary attack as a distraction while the major attack gets underway—kind of like that newsworthy operation of some years ago involving pairs of thieves: One would approach a woman with a baby and tell her the baby was ugly. This distracted her so much that she had no idea that the accomplice was slipping off her purse and scrambling away with it. You must anticipate decoy operations.
Remember, install layers of protection:
- Antivirus, antispyware, antiphishing, firewall
- Set up encryption on your wireless router
- Use a VPN when on free wireless
- Keep your devices software, apps, browser and OS updated
You’d think that servicemen and women would be better protected than civilians from identity theft, but their risk is higher, since their Social Security numbers are used so often and also abroad. In Iraq, it’s painted on their laundry bags!
When a military individual has damaged credit and accumulated debt, they are subjected to disciplinary action. ID theft can delay or cancel a military person’s deployment and lead to revocation of security clearances.
The FTC says that ID theft among service individuals is on the rise. Last year, 22,000 filed complaints of ID theft. In Ohio, this crime jumped 20 percent between 2012 and 2013.
The proposed Ohio bill would raise the penalties for ID theft against active-duty members and their spouses. The bill would also allow the victims to file civil actions against the thieves.
New Jersey is also considering a bill that would increase the penalty for ID theft of veterans. New York and Illinois have already passed stronger penalties. North Carolina bans the release of military discharge documents.
All along, the SSN was printed on a service member’s military ID card, which was used all over the place. In 2008, the Department of Defense began removing the numbers. In 2012, they implemented removal of the SSNs from the card barcodes. These changes won’t be completed till 2017.
What can military personnel do to protect against ID theft?
Two things that service members can do is get active duty alerts and security freezes, but it would be simpler to use these tools one at a time.
The active duty alert, which is free, is done one year at a time after contacting one credit bureau. You can remove this at any time.
The security freeze, once in place, is indefinite unless you decide to remove it. It requires contacting three credit bureaus and is free online to North Carolina residents.Filed Under: Identity Theft
“When it’s your time, it’s your time.” NOT. Most accidents, including freak, are avoidable. Here’s a compilation from popularmechanics.com.
Wild animals. Never run from wildlife, as this will trigger its chase instinct—chase and kill, that is. Every year in the U.S., three to five people die from wild animal attacks, mostly bears and sharks. Avoid shark infested waters. Carry “bear spray” when hiking/camping. Wear bells and make noise when hiking.
Vicious vending machines. Between 1978 and 1995, vending machines killed 37 people who weren’t quick enough to get out of the way when the machine—after it was aggressively handled by the customers—toppled over and crushed them. Solution: You’re not Fonzie; don’t hit vending machines.
Dam it. The dam appears to be a plane of water as the boater approaches going downstream. However a spinning vortex is created by water rushing over the dam, and can trap the boater. If you get trapped after being capsized, curl up, then drop to the bottom, them move downstream.
Electric shock drowning. Even if you swim like Flipper, you can be electrocuted to death if the water contains cords, that are plugged into a dock outlet. If a dock is wired, don’t swim within 100 yards. If you’re not sure, stay on the dock.
ATV accidents. One-third of ATV fatalities occur on paved roads because the tires, which are designed for traction on unstable ground, produce too much traction, making the vehicle flip. If you must take an ATV on pavement, go in a straight line in first gear.
One wrong move. Ladder falls kill over 700 people a year. Half of ladder accidents involve people carrying something while climbing. To carry things use work-belt hooks.
Shallow-water blackout. How many times have you taken a few big breaths, gulped in a lot of air, then went underwater? This can result in a fatal shallow-water blackout, drowning you.
Straight landing. Have your landing spot decided from 100 to 1,000 feet up to avoid swerving to connect with it. The swerve can interfere with the parachute.
Ford ev’ry stream…with much caution. Shallow streams can pack a force that knocks you and all your heavy gear down, potentially incapacitating you, leading to fatal hypothermia. Test the current by tossing a stick into it. If it moves faster than walking pace, don’t go in. Otherwise, cross at a wide, straight portion of water.Filed Under: personal safety
Tags: identity fraud, identity proofing, identity protection, Identity Theft, password, password manager, password security
For anyone who goes online, it’s impossible to hack-proof yourself, but not impossible to make a hacker’s job extremely difficult. Here are three things to almost hack-proof yourself.
Two-factor authentication. Imagine a hacker, who has your password, trying to get into your account upon learning he must enter a unique code that’s sent to your smartphone. He doesn’t have your smartphone. So he’s at a dead-end.
The two-factor authentication means you’ll get a text message containing a six-digit number that’s required to log into your account from someplace in public or elsewhere. This will surely make a hacker quickly give up. You should use banks and e-mail providers that offer two-factor. Two factor in various forms is available on Gmail, iCloud, PayPal, Twitter, Facebook and many other sites.
Don’t recycle passwords. If the service for one of your accounts gets hacked, the exposed passwords will end up in the hands of hackers, who will invariably try those passwords on other sites. If you use this same password for your banker, medical health plan and Facebook…that’s three more places your private information will be invaded.
And in line with this concept of never reusing passwords, don’t make your multiple passwords sound schemed (e.g., Corrie1979, Corry1979, Corree1979) for your various accounts, because a hacker’s penetration tools may figure them out.
Use a password manager. With a password manager, you’ll no longer be able to claim not being able to remember passwords or “figure out” how to create a strong password as excuses for having weak, highly crackable passwords. You’ll only need to know the master password. All of your other passwords will be encrypted, penetrable only with the master password.
A password manager will generate strong passwords for you as well as conduct an audit of your existing passwords.Filed Under: Identity Theft
Selling your house can spell a lot of trouble whether you do it yourself or hire a real estate agent. Agents have little training on safety and security and home owners even less so. Here are safety tips.
- Prior to a showing, get information on the potential buyer. Google their names to see what comes up. They can also complete a buyer’s questionnaire, seek one online, and you can chat with them on the phone.
- Find out if the buyer is bringing along young children. Kids get into everything and are hazard to themselves. See if arrangements can be made otherwise. If this is not possible, try to arrange to have a friend or family member keep an eye on the kids during the showing.
- Make sure the path to your front door is clear of any debris, yard equipment, toys, etc., that can be a tripping hazard. Also make sure that no rugs inside are bunched up, and that the floors and all the steps are clear of any objects that the buyer can trip over. Warn the buyer of any sharp edges, like that from cocktail tables, that they might walk into. Make sure there’s no moisture or slick areas on the floors.
- If you have a dog, keep it locked in a crate during the showing. Don’t wait for the buyer to come over to do this; put the dog in the crate ahead of time, since the buyer might arrive early.
- Show your property only during the daylight.
- Use the buddy system, bring a friend or relative over to assist. Arrange to have someone present in the home during the showing, and visible to the buyer, perhaps a friend in the living room reading.
- Make sure that the door is closed and locked once the buyer enters your home. But at the same time, be closest to the exit in case something goes wrong.
- If another family member is in the home during the showing, and especially if you don’t know where in the house they are at any given moment, knock on any closed doors before entering as you don’t want to startle the other resident by just opening up the door.
- Put away in a safe or completely remove all valuables. If you see someone steal something, do not confront them. Leave quickly (yes, leave your own house with someone still in it) and call the police.
Imagine it. You sit down at your computer about to do your daily perusal of Buzzfeed or check out The Financial Times but your homepage is now some weird search engine you’ve never seen before. Guess what? You’ve been hijacked.
Browser hijacking is when your Internet browser (eg. Chrome, FireFox, Internet Explorer) settings are modified. Your default home or search page might get changed or you might get a lot of advertisements popping up on your computer. This is done through malicious software (malware) called hijackware. A browser hijacker is usually installed as a part of freeware, but it can also be installed on your computer if you click on an attachment in an email, visit an infected site (also known as a drive-by download), or download something from a file-sharing site.
Once your browser has been hijacked, the cybercriminal can do a lot of damage. The program can change your home page to a malicious website, crash your browser, or install spyware. Browser hijackers impede your ability to surf the web as you please.
Why do criminals use browser hijackers?
Like other malware and scams, hijacked browsers can bring in a good chunk of money for the hacker. For example, one browser hijacker, CoolWebSearch, redirects your homepage to their search page and the search results go to links that the hijacker wants you to see. As you click on these links, the cybercriminal gets paid. They can also use information on your browsing habits to sell to third parties for marketing purposes.
Browser hijackers are annoying and sometimes they can be tough to get rid of. Here are some ways to prevent your browser from getting hijacked:
- Carefully read end user license agreement (EULA)documents when installing software. Often times, mentions of browser hijackware are hidden in the EULA, so when you accept the user agreements, you might be unknowingly accepting malware.
- Be cautious if you download software from free sites. As the old saying goes, free is not always free—you may be getting additional items with your free download.
- Keep your browser software up-to-date.
- Use comprehensive security software, like the McAfee LiveSafe™ service, to keep all your devices protected.
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: hackers
Tags: Facebook privacy, facebook safety tips, facebook scam, kids online safety
Lock this guy up for good. That’s a most fitting motto for Brandon McIntyre, 22, who pretended he was “Katie Thompson” on Facebook and threatened to kill a girl’s family if she refused to go on trips with him.
This New Jersey nutcase made another ridiculous threat (ridiculous, because, how could he think that even young victims could take him seriously?) to a 12-year-old, telling her he was a cop who’d have her expelled from school and sent to state prison for failing to obey a police officer. The “order” was to send him explicit photos of herself.
Posing as a police officer, he even told a woman via texting he’d have her daughter taken away if she refused to go on a date with him. He could get 30 years in federal prison and fines totaling half a million dollars.
The next predator was a bit more convincing, using Facebook to talk a boy into ducking out of his home in the middle of the night to meet him. Adam Brown, 21, was caught by the victim’s mother. Brown got the boy’s confidence first by posting videos of himself and telling jokes. The boy’s mother worked nights and his grandmother watched him and his siblings.
One night she returned to find their dog acting strange; she discovered the boy wasn’t in his bed. She contacted him via cell and he said he was just out walking. She drove out and picked him up, took away his phone and computer, and demanded his passwords. She then gained access to the cyber dialogue between him and Brown. In the dialogue, Brown told the boy that the boy was cute. And the dialogue got worse. The boy actually met Brown, who had threatened suicide if he refused.
His mother told Brown, after contacting him, to cease contact with her son, but he contacted him again and made creepy comments.
- Get full access to your kids social accounts.
- Monitor their device activity without notice.
- Have in-depth detailed conversations about how predators lure kids.
- Read every news report about these issues and discuss with your kid.
- Turn off all wireless and wired internet at night so kids can’t have access.
Tags: cybercrime, cybersafety, email and web security, intel, internet security, malware, mobile security, online safety, protecting kids online, social networking
The recent celebrity photo hacks are an unfortunate reminder of how devastating or embarrassing it can be to have your data compromised. But celebrities are not the only ones getting hacked. Cybercriminals aren’t choosy—they’ll send malicious texts, emails, and website links to Jennifer Lawrence and your grandma. And while the celebrity hacks are more publicized, the fact is, every day, hundreds of ordinary people are falling prey to phishing scams.
So how can you protect yourself from these cybercriminals? The best defense is actually you.
Many of these scams involve a similar thing—the click. So if you learn how to click wisely, 95% of cybercrime techniques—including phishing, bad URLs, fake text messages, infected pdfs, and more—are eliminated.
And that’s the idea behind Intel Security’s new campaign, #ClickSmart. Intel Security wants to empower you with the skills and sense to avoid those dastardly scams.
Here are some tips to get you started
- Check URLs for misspellings or interesting suffixes. For example, if you see www.faceboook.ru, don’t click it.
- Only open texts and emails from people you know. But even if you do know the sender, be wary for any suspicious subject lines or links. Hackers can try to lure you through your friends and family.
- Beware of emails, texts, and search results offering anything for free. If it sounds too good to be true, then it probably isn’t true.
Are you ready to take the #ClickSmart challenge? If so, go to digitalsecurity.intel.com/clicksmart and see if you’re a Click head or a Click wizard.
To learn more on how to #ClickSmart, join @IntelSecurity, @McAfeeConsumer, @cyber, @GetCyberSafe, @STOPTHNKCONNECT for Twitter chat on October 14th at 12 PM PT. Use #ChatSTC to join in on the conversation. Click here for more information.
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: cyber crime
Hacking isn’t just about weak passwords and single-factor authentication. A lot of it occurs because people can be so easily tricked into giving up personal information: the craft of social engineering. Example: “Download this video of Kim K fully naked!” How many men would be lured into clicking this gateway to a viral infection? We are a sad species.
The victim isn’t always a goofball like this. They can be a tech support agent tricked into resetting a password and handing it over. Often, the victims don’t even know they were targeted until well after the fact, if ever.
- Just say no—to giving out personal information. Social engineering can occur over the phone: someone pretending to be your bank, asking for your private information. Always contact any institution for verification they want your private data before blindly giving it out.
- Be scrupulous with security questions. Don’t answer ones that a hacker can easily get the answer to, such as “City you were born.” Choose the most obscure questions from the list. If all seem rather basic, though, then give answers that make no sense, such as “Planet Neptune” for the city you were born in. If you fear being unable to remember these answers, put the answers in an encrypted file or password manager.
- Do you get e-mails about password resets? Be careful. Contact the service provider to see if the e-mail is legitimate.
- You’ve probably heard this before, but here it is again: Never use the same password for multiple accounts! In the same vein, don’t use the same security questions, even though the list of security questions from one service provider to the next is usually the same list of questions. Do your best to use as much of a variety of questions as possible, and don’t forget, you can always give crazy answers to the same question for different accounts.
- Keep an eye on your accounts and their activity. Account providers such as Gmail have dashboards that show where you’re logged in and what tools or apps are connected. This includes financial and social media accounts.
- Beware of emails coming from anyone, for any reason that require you to click links for any reason. Social engineering via email is one of the true successful ways to con someone. Just be ridiculously aware.
A chain is only as strong as its weakest link. This common phrase can be applied to almost anything. In the security industry we call this a “vulnerability” or the “path of least resistance”. In your home, in regards to home security, this weak link is often your front or back door. If you take a close look at your existing door and frame, you will see the door jamb, where the lock and deadbolt enter, is made of half inch to three quarter inch pine wood in most residential doors. And if you’ve even seen 10 year olds in karate class demonstrate chopping three quarter pine with their bare hands, then you know how vulnerable this jamb is if a 200 pound man either kicks your door or shoulders it.
Door reinforcement products were created to due to necessity because an overwhelming number of home burglaries and invasions happen because of that weak link (door jamb) in your door. There are a few variations of door reinforcement technology and here we discuss “door frame reinforcement”. Typically made of steel, this device can be up to four feet long and is installed on the door jamb center, over the existing strike plates. Braces come in different styles.
When I bought my existing home, I knew right away I needed to reinforce my doors. I did some searching online and found the “Door Devil”. After installing, I reached out to the engineers who created this simple but effective device and here’s what they had to say:
So, what is the “Door Devil Kit?” It’s doorway reinforcement component device.
Who needs the DDK?
A deadbolt is held in place by less than one measly inch of soft wood in most American doorframes. Just about any determined hoodlum could kick through it.
Explain the origins of the Door Devil.
There was a rash of burglaries several years ago, even though most of the houses had alarm systems. But the intruders were gone before the cops arrived—kick down the door, ransack, then flee.
The solution was to reinforce the doors, which could be done with two metal strips attached to the doorframe. But just several weeks later, a burglar kicked down one of these doors. We had the right idea but the wrong application.
Okay then, what about Spiderman who can scale a house and get in through a window?
A very determined thief may find a way into one’s house no matter what. But kicking a door is very common because crooks know that a window alarm will immediately go off. Plus, they know neighbors could hear a window shattering. A burglar may also avoid windows due to the threat of broken glass.
I have a gun and I won’t hesitate to use it.
What if you’re not home? And if you’re home…can you get to your gun before the intruder could get his hands around your throat? And if you can fight back, what if he’s in and out before you can get to him, like, say…you’re in the bathroom when he busts in?
Got it. How well does the Door Devil work?
It’s fabulous. Though there are two verified instances in which cops used a ram to dismantle a door after several attempts. But the doorframe and hardware remained intact, thanks to the Door Devil.
Does the Door Devil replace a monitored alarm system?
Never. The Door Devil is one more layer of protection. Alarm systems go a long way at preventing burglaries, but homes with alarms do get targeted. After all, a burglar has a little time to disarm the alarm, but few intruders are skilled at and not intimidated by this. Sometimes the thief doesn’t consider the possibility of an alarm. Sometimes the intruder doesn’t care if there’s an alarm and just wants money for his next drug fix. But a smarter, more experienced burglar knows that a house with an alarm probably has more valuables. So as you can see, the alarm isn’t the be-all end-all. You need layers.
Who should get a Door Devil?
Really, anyone who is aware enough that well over a million home are broken into every year, most resulting is financial and sentimental losses, and others in tragic deaths. Remember, we are all about layers. Alarms, window locks and films to beef up windows, cameras, dogs, signage and door reinforcement. For $60 to $80, the Door Devil is great for those who can’t afford an alarm system too. It’s also perfect for damaged doorframes, and of course, for doors that can be kicked through. It can be installed in 30-45 minutes on a typical U.S. doorframe—a 98 percent chance of fitting.
Otherwise, the product can be recessed. To find out, pinch two dimes together. That’s the thickness of the Door Devil. It just makes so much sense to add this to a home that’s already got an alarm system. I mean, how many burglars enter through the chimney, and I already explained why most don’t choose windows.Filed Under: home security