Sponsor Robert Siciliano as he runs the Boston Marathon for Miles for Miracles, Children's Hospital Boston
ROBERT SICILIANO, CEO of www.IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

FREE EBOOK

Check here if you're human

Sponsors

How Glass Break Sensors work

0
Pin It

Your home should have multiple layers of protection. You’ve certainly heard that before. Motion detection is a critical layer of protection, and this is comprised of the simple act of unauthorized movement sensed as the result of breaking and entry. Glass break is similar in concept. One detects movement the other detects sound. 3B

  • Motion: The sensor detects when someone is moving about inside the house.
  • Entry: The sensor detects when a door or window is opened.
  • Breaking into: The glass break sensor detects when a burglar smashes through a window with a crowbar.

Many people don’t know that the sensor for breaking into exists. This special kind of sensor detects the unique sound (in terms of frequency) of window glass being hit and then shattering. The sensor then sets off the alarm.

So in other words, the sensor doesn’t wait for the glass to shatter. The detection starts when the crowbar or baseball bat makes heavy contact with the glass. This initial detection can be thought of as phase one. And phase two, the actual breaking of the glass, occurs just milliseconds later, setting off the alarm.

In a house full of windows, one sensor per room may be sufficient, covering three or more windows and even glass doors. And fortunately, it’s not necessary to have your kid hit a baseball into a window to test out the sensor.

The device has a “test mode.” You should produce a clapping sound (preferably with your hands). At the bottom of the sensor, a small light will blink, in response to the sound of the clapping, which simulates the sound of a window being struck.

Now if you don’t see the light blinking, the sound wasn’t detected. Make sure the sensitivity setting is on “high” in the device, and also check your windows; are they blocked by heavy curtains or furniture? If your hand clapping is weak, do you have a few wooden boards to smack together?

After you make the necessary adjustments, create the clapping sound again. If the unit is correctly installed, the light should blink.

If your child thinks he could trip the alarm by banging cymbals or dropping a glass on the kitchen floor, tell him don’t even think about it. The break-into sensor system has already taken false alarms into account. So if a glass or china plate crashes to the floor, or the sound of windows breaking is coming from the TV, these noises will not trip the alarm.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home invasion home security home security alarms

Sorry, stop posing Kids’ Photos online

0
Pin It

Frankly, naked babies shouldn’t be a big deal. If you don’t have naked baby pictures of your kids in the kitchen sink then you aren’t human. BUT….the world has changed. If you compare posting your children’s photos online with whipping out a wallet photo of your toddler daughter in the bathtub to your dinner party guests, I will have a bird.

This is because people just love to post images of their partially or completely naked toddlers and preschoolers online: in bathtubs, those inner tube swimming pools, on beaches or wherever.

Awww, ain’t they purty little young’uns! Well, here’re the problems:

  • One particular image snatches the attention of a roaming pedophile, and he becomes hell-bent on getting his hands on that child—who’s yours.
  • Years after the image goes up, your child is suddenly being ridiculed in school over it.
  • Your child, when older, feels humiliated over the scads of revealing or even gross images (fingers shiny from a thick coat of saliva because they’re halfway in the toddler’s mouth; food smeared all over the mouth; slimy drool hanging from the mouth—yes some parents think this is adorable).

It’s not only not safe to become a post-a-holic of your child’s images, but it’s not smart. Isn’t the whipping out of the print photo at the dinner party or at the workplace break room enough? Must the images go online, where they’ll stay forever, for the entire planet to see?

Many parents don’t bother with Facebook’s privacy settings. And why? Hell if I know. These same parents would never run up to every single person at the grocery store and shove in their face the latest photo of little Mikey in the bathtub. So why share it with the whole world including Mikey’s future classmates?

Would you ever approach the seedy looking man on the street corner and show him a photo of half-naked little Maddelynn on the beach? I didn’t think so. Yet pedophiles really DO peruse Facebook for revealing images, and depending on what else you have up there including the image’s GPS data, the perv can get your home address.

  • Learn Facebook’s privacy settings and set them at their highest.
  • Find out whom your “sharing” images with. Do all of these people meet your approval? Do you know whom they’re sharing them with?
  • It’s not a crime to build old-fashioned photo albums—stored safely on a living room shelf that only visitors to your house can view.

When in doubt, don’t post it. Once it’s up, it’s there forever.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Filed Under: child identity theft child internet safety

Protect from Personal Loan Scam

0
Pin It

Are you thinking of getting a personal loan? Hopefully you have a high credit score, as this will give you a better chance of getting the loan through a legitimate company. But even if your credit is excellent, you need to be aware of the personal loan scams out there.

2DNot Respecting Your Limit

  • You don’t want to do business with a lender that pressures you into borrowing more than you can handle

Upfront Payment

  • You should never have to pay any fees for the application process. If you’re requested to do this, move on.

Pumped up Interest Rate

  • Know what the going interest rate is. A good lender will quote you near this average rate.
  • A bad lender will recognize the desperation of the applicant with bad credit and try to sock them with an abnormally high interest rate.

Us and Only Us

  • Be suspicious of lenders that don’t like the idea of you shopping around for better rates.
  • This is a red flag that they have questionable loan practices.

Location, Location

  • An honest, legitimate lender or bank has a verifiable physical address. Get this confirmed with Google maps.
  • If you can’t, move on. But know that even a predatory lender may have a very solid physical address.

Solicitations

  • As in ones you didn’t request. Watch out for banks that send you unsolicited invitations for a personal loan application.

 

Don’t Be Intimidated

  • Because a seedy outfit may want to scare you into closing on their loan. But they can’t do anything to you, even if they use the term “legal action.”
  • If you want to reject their loan offer, then do so.

SSN

  • Does the lender want your Social Security number? This is fine if they’re wanting to do a credit check.
  • If they’re not doing a credit check but want your SSN, move on.

Signing Empty Documents

  • Do not sign anything that does not have the interest rate, terms, loan amount, monthly payment and other crucial information.
  • Before signing anything, make sure there are no blank areas that can be filled in later.
  • Run if the lender wants you to sign something that’s missing information.

Guaranteed!

  • Is a bank guaranteeing your personal loan? Sounds great, right?
  • Not so fast. They cannot do this if they have not verified your financial history or credit history.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Filed Under: bank fraud scams

2016 Information Security Predictions

0
Pin It

No bones about it, 2016 is sure to see some spectacular, news-chomping data breaches, predicts many in infosec. If you thought 2015 was interesting, get your seatbelt and helmet on and prepare for lift off…

4WWearable Devices

Cyber crooks don’t care what kind of data is in that little device strapped around your upper arm while you exercise, but they’ll want to target it as a passageway to your smartphone. Think of wearables as conduits to your personal life.

Firmware/Hardware

No doubt, assaults on firmware and hardware are sure to happen.

Ransomware

Not only will this kind of attack continue, but an offshoot of it—“I will infect someone’s device with ransomware for you for a reasonable price”—will likely expand.

The Cloud

Let’s not forget about cloud services, which are protected by security structures that cyber thieves will want to attack. The result could mean wide-scale disruption for a business.

The Weak Links

A company’s weakest links are often their employees when it comes to cybersecurity. Companies will try harder than ever to put in place the best security systems and hire the best security personnel in their never-ending quest for fending off attacks—but the weak links will remain, and cyber crooks know this. You can bet that many attacks will be driven towards employees’ home systems as portals to the company’s network.

Linked Stolen Data

The black market for stolen data will be even more inviting to crooks because the data will be in sets linked together.

Cars, et al

Let’s hope that 2016 (or any year, actually) won’t be the year that a cyber punk deliberately crashes an Internet connected van carrying a junior high school’s soccer team. Security experts, working with automakers, will crack down on protection strategies to keep cyber attacks at bay.

Threat Intelligence Sharing

Businesses and security vendors will do more sharing of threat intelligence. In time, it may be feasible for the government to get involved with sharing this intelligence. Best practices will need hardcore revisions.

Transaction Interception

It’s possible: Your paycheck, that’s been directly deposited into your bank for years, suddenly starts getting deposited into a different account—that belonging to a cyber thief. Snatching control of a transaction (“integrity attack”) means that the thief will be able to steal your money or a big business’s money.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Filed Under: computer security cybersecurity Data Security internet security online security

11 Ways to Mitigate Insider Security Threats

0
Pin It

Companies are constantly attacked by hackers, but what if those attacks come from the inside? More companies than ever before are dealing with insider security threats.Here are 11 steps that all organizations should take to mitigate these threats and protect important company data:11D

  1. Always encrypt your data If you want to minimize the impact of an insider threat, always encrypt data. Not all employees need access to all data and encryption adds another layer of protection.
  2. Know the different types of insider threatsThere are different types of insider threats. Some are malicious, and some are simply due to negligence. Malicious threats may be identified by employee behavior, such as attempting to hoard data. In this case, additional security controls can be an effective solution.
  3. Do background checks before hiringBefore you hire a new employee, make sure you are doing background checks. Not only will this show any suspicious history, it can stop you from hiring any criminals or those associated with your competitors. Personality tests can also red flag the propensity for malicious behavior.
  4. Educate your staffEducating your staff on best practices for network security is imperative. It is much easier for employees to use this information if they are aware of the consequences of negligent behavior.
  5. Use monitoring solutionsThere are monitoring solutions that you can use, such as application, identity and device data, which can be an invaluable resource for tracking down the source of any insider attack.
  6. Use proper termination practicesJust as you want to be careful when hiring new employees, when terminating employees, you also must use proper practices. This includes revoking access to networks and paying attention to employee actions on the network in the days before they leave.
  7. Go beyond the IT departmentThough your IT department is a valuable resource, it cannot be your only defense against insider threats. Make sure you are using a number of programs and several departments to form a team against the possibility of threats.
  8. Consider access controlsAccess controls may help to deter both malicious and negligent threats. This also makes it more difficult to access data.
  9. Have checks and balances for all staff and systemsIt is also important to ensure there are checks and balances in place, i.e. having more than one person with access to a system, tracking that usage and banning shared usernames and passwords.
  10. Analyze network logsYou should collect, store and regularly analyze all of your network logs, and make sure it’s known that you do this. This will show the staff that you are watching what they are doing, making them less likely to attempt an insider attack.
  11. Back up your data Employees may be malicious or more likely they make big mistakes. And when they do, you’d sleep better at night knowing you have redundant, secure cloud based backup to keep your business up and running.

Robert Siciliano is an expert in personal privacy, security and identity theft. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses. See him discussing identity theft prevention.Disclosures.

Filed Under: Data Security internet security online safety online security

Everything You need to know about Door Security

0
Pin It

“I don’t need to lock my doors all the time; this neighborhood is very safe.” And I have some land in the Caribbean I’d like to sell you.

1BBurglars know that every “safe neighborhood” has a certain percentage of fools who think they’re immune to break-ins. And thieves would rather intrude upon a home with lots of nice things—and these homes are usually in “nice neighborhoods.” Hello?

Big mistakes:

  • Leaving doors unlocked
  • Keeping doors locked—but the lock system sucks

I hope you don’t fall into either of the above categories.

What you see on TV is true: Locked doors CAN be kicked open. Builders of homes don’t have the future resident’s security in mind. They cut corners whenever possible. You can bet a new home has a crappy door lock. And an old home, for that matter. Any determined thief could get past these doors even when they’re locked.

But there’s hope. Lots of it. First of all, keep your doors locked. Even if the lock isn’t too great. After all, many times a thief will give up after learning the door is locked. Many burglars are very impatient and want a quick, quiet job. But since you can’t read the mind of the next crook who prowls your neighborhood, it’s best that you get optimal door security.

 First-Line Door Security

  • The door frame on the lock and hinge sides should be reinforced.
  • Think “door reinforcement” Metal plates reinforcing the door jam is fundamental to door security See Door Devil.
  • Wood doors should be solid hardwood all around.
  • Getting a peephole.
  • Don’t answer the door. Don’t feel you must answer the door every time someone’s there. It’s not a crime to ignore the visitor. If you’re not expecting anyone, it’s safest to just ignore them. It’s extremely unlikely that they’re about to die from dehydration or hemorrhaging; assume whatever they want is not a matter of life and death.
  • If you have a door that’s not visible to people passing by, this door especially needs optimal security.
  • A steel-clad door should have 24-guage steel and a wood lockblock core.
  • Hardened steel deadbolts are a must and should have a five-pin tumbler. Associated screws should be as long as they come for deadbolts. Deadbolts should have wrap-arounds.
  • Consider a vertical deadbolt or multi-lock deadbolt for maximal security.
  • Another layer of maximal security is the grade of door hardware, whereas grade 1 is the highest; grade 2 is moderate; and grade 3 is so-so.
  • Beware of flimsy screws!

Adjuncts to Door Security

  • Use a door brace (metallic pole that has one end fitting under doorknob and the other end securely on the floor, out at an angle, to prevent the door from opening).
  • A door stop or wedge will probably not stop a brute-force push-in, but a door stop can be equipped with an alarm that will trip if someone tries to push their way in.
  • Don’t bother with the door chains that you so often see on TV. We’ve all seen it: The bad guy is on the other side of the door while the apprehensive woman is speaking to him through that small opening. He then pushes on the door and breaks the chain. This can really happen!

Robert Siciliano is a home and personal security expert to DoorDevil.com discussing Anti-Kick door reinforcement on YouTube. Disclosures.

Filed Under: home security home security ideas

Pay attention to your IoT Device Security

0
Pin It

Wow cool! A device that lets you know, via Internet, when your milk is beginning to sour! And a connected thermostat—turning the heat up remotely an hour before you get home to save money…and “smart” fitness monitors, baby monitors, watches…

6DSlow down. Don’t buy a single smart device until you ask yourself these 10 questions. And frankly, there’s a lot of effort in some of these questions. But, security isn’t always easy. Check it out.

  • Was the company ever hacked? Google this to find out.
  • If so, did the company try to hide it from their customers?
  • Review the privacy policies and ask the company to clarify anything—and of course, if they don’t or are reluctant…hmmm…not good. Don’t buy a device that collects data from vendors that fail to explain data security and privacy.
  • Does the product have excellent customer support?
  • Is it hard to get a live person? Is there no phone contact, only some blank e-mail form? Easily accessible customer support is very important and very telling of the product’s security level.
  • Does the product have vulnerabilities that can make it easy for a hacker to get into? You’ll need to do a little digging for this information on industry and government websites.
  • Does the product get cues for regular updates? The manufacturer can answer this. Consider not buying the device if there are no automatic updates.
  • Does the product’s firmware also automatically update? If not, not good.
  • Is the Wi-Fi, that the device will be connected to, secure? Ideally it should be WPA2 and have a virtual private network for encryption.
  • Will you be able to control access to the product? Can others access it? If you can’t control access and/or its default settings can’t be changed…then be very leery.
  • What data does the device collect, and why?
  • Can data on the device traverse to another device?
  • Ask the gadget’s maker how many open ports it has. Fewer open ports means a lower chance of malware slithering in.
  • Is stored data encrypted (scrambled)? If the maker can’t or won’t answer this, that’s a bad sign.
  • Ask the manufacturer how the device lets you know its batteries are low.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Filed Under: device reputation management digital security

How to Remove Fraudulent Lines of Credit

0
Pin It

You just learned you have a new credit card account by checking your credit or because a bill collector called you. Problem is that you don’t remember ever applying for it. You must find out what’s behind this new account and how it got there.

  • Call the corresponding phone number listed with the account seen on your credit report.
  • Begin the process for disputing the entire account.
  • Get the name (and employee ID number) of every person you speak to and a transaction or reference number for every phone call.
  • Speak to the fraud specialist for the issuer of this new account.
  • Maybe you did apply for it. If you didn’t, find out if there are any charges on it.
  • If the issue isn’t cleared up with one phone call, see what your options are to put a freeze on the account while things are being checked into.
  • Get your free credit reports from TransUnion, Equifax and Experian to see how this new account appears.
  • If you’re still in a quandary over this, put a fraud alert and security freeze on all three reports.

Taking Matters Further

  • If it’s fraud, file an ID theft complaint with the Federal Trade Commission. You’ll get an identity theft affidavit online; immediately print it because it can be viewed only once through the FTC’s system.
  • Next, bring the ID affidavit form to the police, plus other documents relevant to your case, and file a report. Don’t assume your problem is too trivial.

What if the credit card issuer is not helpful?

  • Send a certified letter requesting they freeze or even close the account.
  • Include with that letter a copy (not the originals) of the FTC affidavit and police report.
  • The letter should request written proof of the authorization for opening this account.
  • Another request: written statement absolving you from any responsibility towards charges on this mysterious account.
  • Did you know that the creditor has 30 days or less to send you a written summary of its investigation?

If you’ve been assured that the account will be removed, don’t just take their word; follow up to make sure this was done.

You should not be responsible for any debts incurred by this fraudulent account. Any negative notes on your credit report, related to this account, should be wiped clean.

What if after all that, the account still remains open and you feel the case was not handled properly? File a complaint with the Consumer Financial Protection Bureau. Hopefully you won’t have to hire an attorney, though that’s also a next step.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Filed Under: Credit Card Fraud Credit Freeze credit monitoring

How to recycle Old Devices

0
Pin It

When it comes to tossing into the rubbish your old computer device, out of sight means out of mind, right? Well yeah, maybe to the user. But let’s tack something onto that well-known mantra: Out of site, out of mind, into criminal’s hands.

7WYour discarded smartphone, laptop or what-have-you contains a goldmine for thieves—because the device’s memory card and hard drive contain valuable information about you.

Maybe your Social Security number is in there somewhere, along with credit card information, checking account numbers, passwords…the whole kit and caboodle. And thieves know how to extract this sensitive data.

Even if you sell your device, don’t assume that the information stored on it will get wiped. The buyer may use it for fraudulent purposes, or, he may resell to a fraudster.

Only 25 states have e-waste recycling laws. And only some e-waste recyclers protect customer data. And this gets cut down further when you consider that the device goes to a recycling plant at all vs. a trash can. Thieves pan for gold in dumpsters, seeking out that discarded device.

Few people, including those who are very aware of phishing scams and other online tricks by hackers, actually realize the gravity of discarding or reselling devices without wiping them of their data. The delete key and in some cases the “factory reset” setting is worthless.

To verify this widespread lack of insight, I collected 30 used devices like smartphones, laptops and desktops, getting them off of Craigslist and eBay. They came with assurance they were cleared of the previous user’s data.

I then gave them to a friend who’s skilled in data forensics, and he uncovered a boatload of personal data from the previous users of 17 of these devices. It was enough data to create identity theft. I’m talking Social Security numbers, passwords, usernames, home addresses, the works. People don’t know what “clear data” really means.

The delete button makes a file disappear and go into the recycle bin, where you can delete it again. Out of sight, out of mind…but not out of existence.

What to Do

  • If you want to resell, then wipe the data off the hard drive—and make sure you know how to do this right. There are a few ways of accomplishing this:

Search the name of your device and terms such as “factory reset”, “completely wipe data”, reinstall operating system” etc and look for various device specific tutorials and in some cases 3rd party software to accomplish this.

  • If you want to junk it, then you must physically destroy it. Remove the drive, thate are numerous online tutorials here too. Get some safety glasses, put a hammer to it or find an industrial shredder.
  • Or send it to a reputable recycling service for purging.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Filed Under: laptop security online safety online scams online security phishing emails phishing scams scams security

How to Rock the Room as a Professional Speaker

0
Pin It

For those of you who want to knock your presentations out of the park and be the speaker everyone raves about, Victoria LaBalme is leading an unbelievably unique workshop titled Rock the Room LIVE.

If you create and deliver keynotes, trainings, breakouts, podcasts, videos, webinars or teleseminars, this event will completely catapult you from being “good” to being “amazing.”

In the winter of 2015, I was given the opportunity to present a 5 minute, timed “TED” type presentation at the NSA’s 2015 national conference in Washington DC. I accepted the challenge determined to present a packed presentation. Up to that point, I’d never presented a memorized program, so I practiced over 100 times, and as I got closer to getting onto the main stage, I started to stress out that I wouldn’t be able to remember the presentation word for word.

On the main stage, there was an actual nerve racking digital clock counting down, second by second. That same day, I received my CSP, which is the National Speakers Associations earned designation for Certified Speaking Professional. When I got up on stage, I was a bundle of nerves and was spooked that I wasn’t going to remember my presentation word for word. I stammered through the first minute, and then froze.

Speaking in front of your colleagues apparently is a lot harder than it looks, and even as a CSP, I didn’t deliver. Most people would have left the conference, and I thought about it, too, but I kept my head high and stuck around.

It was then that Victoria Labalme approached me. She gave me a few pointers, told me I’d be fine, and she offered to help any time. Seeing an opportunity for redemption, I approached the conferences leadership and petitioned for a “do-over” before the end of the event. After some heart to heart negotiations, I got a second chance and Victoria cleared her schedule and provided 3 days of intense consulting. The rest is a Cinderella story. Frankly, I was a dead man walking, but Victoria Labalme saved me.

Here it is: See the before and after.

For those who don’t know her, Victoria Labalme (CPAE), is a rock star speaker and coach…and she changed my career. Her clients include NSA’s top brass, TED speakers, Oscar winning directors, experts creating PBS specials, and the C-suite executives at Starbucks, Microsoft, PayPal, New York Life Insurance, etc.

Victoria is the real deal.

Captivate your audience. Create killer content. Tell stories like a pro using Hollywood secrets. Cut your prep time in half. Use humor in unforgettable ways. And take your audience on a journey they will never forget.

You’ll get texts from people saying, “You nailed it!” People will whisper to you that you were the “best” speaker. And you’ll earn more bookings, greater invitations and coveted speaking opportunities.

Click here to read more: http://www.rocktheroomlive.com

This isn’t like any other event you’ve experienced. In fact, she’s rented out the Los Angeles Theater Center. And she’s got some special surprises planned. So if you can make it, GO!!! You get the online course, too and some whopper bonuses. And she has a special running through Dec 31 (and you will save a ton of $$) and you’ll get a FREE upgrade to VIP status (which includes lunches and reception…)

I know Victoria doesn’t do anything half way. This event is going to be very special and the people attending are world class.

Here’s the link for all the info you’ll need…and to secure your spot:

http://www.rocktheroomlive.com

Filed Under: identity theft expert
Xtreme School

Featured in

Anderson Cooper John Stossel Robert Siciliano Featured in
Browse by Month

Browse by Category