Law enforcement agencies detect data breaches before businesses do because the former seeks evidence of the cyber crime, reports a networkworld.com article.
Unlike law enforcement agencies, businesses don’t go undercover in hacker forums. Nor do they get court permission to bust into enclaves of cyber thieves. Businesses don’t have moles. It continues: Law enforcement agencies interview imprisoned cyber crooks. The FBI does a lot of undercover work.
Law enforcement may then approach a company and say, “You’re being victimized; we have the evidence.” But often, the company may be skeptical of such a claim. Admittance means facing government response and upset customers
The law is always buffing up on its skills at fighting cybercrime to keep up with its evolution, such as a drastic decrease in solitary criminals and an increase in complex crime rings. These rings have all sorts of technical tricks up their sleeves, including hosting their own servers and changing up their communication methods to vex law enforcement. It doesn’t help that some foreign countries don’t place an emphasis on fighting cybercrime.
The evidence that the law presents to the business when that time comes is rock solid, though again, the company may lack aggression in its immediate response. The company’s legal counsel is commonly the first person to get the forensics report. Upper management usually gets involved before the IT department does. This is all part of keeping legal control over potentially harmful situation.
Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.Filed Under: cyber crime
If you feel like you are starting to get the flu, going to the doctor’s office can get you some medicine and get you on the road to recovery. But, there’s no pill or surgery that can protect you from medical identity theft—which can kill you. Literally. The thief who steals your identity doesn’t mean to kill you; he just wants to obtain free medical care on your dime.
If a thief has access to your personal information, he can pose as you and see doctors and have procedures done—for free or for a nominal copay. The crook uses fake IDs and phony insurance cards to pull off this scam.
The problem really starts kicking in when the imposter’s medical situation gets tacked onto your medical record—since they are posing as you. This can result in a number of harmful outcomes for you. Not only can it potentially cause misdiagnoses, you could be issued a prescription to a drug that you have a fatal reaction to.
Just think about it for a moment: Someone else’s medical condition getting integrated with yours. This can cause a lot of problems. You could be denied medical coverage or lose your current coverage because of false information in your medical records. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) protects your right of access to your medical records. If someone else is pretending to be you and accessing your records, you might not be able to access your own records. That’s a scary thought.
But even you are lucky enough not to suffer any negative consequences to your health as a result of the medical identity theft, cleaning up the mess can be enough to give anyone a heart attack.
So how can you prevent becoming a victim of medical identity theft?
- Protect your mail: Install a locking mailbox so no one can access your mail.
- Keep medical documents secure: Keep all of your hard copy medical documents in a file that locks. If it’s in cyberspace, make sure the files are encrypted and not in folder on your desktop that says “Medical.”
- Shred all medical documents: Make sure to properly dispose of your medical documents so you don’t become a victim to dumpster-diving thieves. This includes digital files as well.McAfee LiveSafe (put tm in here and links this) service comes with a digital shredder that uses higher than government standard file shredding—don’t rely on simply putting something in the “trash bin” on your computer and then emptying it.
- Leave medical cards at home: Only take them when you are visiting the doctor. If you’re worried you might need them in the event you have an accident and need immediate medical treatment, memorize your health ID number. If you’re unconscious upon arriving at an ER, you’ll get treated anyways—it’s the law. Simply provide your medical card after the fact. Don’t carry identity cards either: Identification cards or Social Security number cards should also be left at home in a safe place. Since many medical systems use these numbers as your identifier on the policy, you don’t want them falling into the wrong hands. And with access to these cards, a thief could easily create the fake credentials needed to commit medical identity theft.
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: Identity Theft
It’s a bird! It’s a plane! It’s Superman! Yes, this superhero might be the epitome of courage, justice, and strength, but he might also be the biggest threat to you online.
We’ve entered a new age of superheroes. No longer are they just pictures in a comic book. They are now accessible on computers, game console devices, and mobile devices. Superheroes like Captain America, Thor, and Spiderman star on the silver screen. The Green Arrow and The Flash have their own television shows. Videos like Batkid and the Spiderman dad went viral on YouTube (and consequently, melted our hearts).
This is great news to comic publishers like Marvel and DC Comics. Unfortunately, it’s also good news to hackers and scammers too. Cybercriminals know that search engines (like Google, Yahoo! and Bing) can also be used for criminal means. Therefore, they use popular search terms to draw victims in like celebrity gossip, holidays, viral hits, and…you guessed it…superheroes.
McAfee just released a study on the Most Toxic Superheroes that analyzed what superhero search led to the most risky websites using McAfee® SiteAdvisor® site ratings. And the Man of Steel topped the list. The study determined that searching “Superman,” “Superman and free torrent download,” “Superman and watch,” “Superman and free app,” and “Superman and online,” yields a 16.5% chance of landing on a website that has tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware.
This year the Most Toxic Superheroes are:
Here are some things you can do to protect yourself:
- Be suspicious: If a search turns up a link to free content or too-good-to-be-true offers, be wary
- Double-check the web address: Look for misspellings or other clues that the site you are going to may not be safe (for more on this, read my blog on typosquatting)
- Search safely: Use a web safety advisor, such as McAfee SiteAdvisor that displays a red, yellow, or green ratings in search results, alerting you to potential risky sites before you click on them
- Protect yourself: Use comprehensive security software on all your devices, like McAfee LiveSafe™ service, to protect yourself against the latest threats
Want to know more? Join the discussion on Twitter using hashtag #toxicsuperhero.
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: scammers
How low can scammers go? The latest is phony Facebook profiles that use identities of deceased victims of Malaysia Airlines Flight MH17—claiming their credit cards were stolen from the crash debris.
“Death hunters,” says Ukrainian MP Anton Gerashchenko on his Facebook page, are collecting jewels, cash and credit cards off of the victims. His post urges victims’ relatives to “freeze their credit cards, so that they won’t lose their assets to terrorists!”
The Dutch Banking Association assured next-of-kin that they’d be compensated for the fallout of credit card theft.
Journalist Phil Williams was at the crash site and pointed out that it was obvious that wallets and handbags had been stolen. Just about all the handbags had been opened, he reports. Looting is apparent, he says.
Mark Rutte, the Dutch Prime Minister, used the term “utterly disgusting” to describe how the rebels had treated the corpses.
But beyond the site is even more alarming activity: fake Facebook accounts. At least five phony FB accounts have been set up in the names of deceased Australians—including three kids. Facebook has since shut down the pages.
The pages provided a link to a video claiming to reveal footage of the airliner’s crash. However, users instead were directed to a website full of pop-up ads for fishy-looking services. The lure to this site was a malicious link tagline: “Video Camera Caught the moment plane MH17 Crashed over Ukraine. Watch here the video of Crash.”
You can imagine how many people—not necessarily next-of-kin, took the bait and made the click. Though these particular fraudulent pages were closed down, this doesn’t mean more won’t appear.
Is this common after a disaster?
It seems to be more common, as criminals are capitalizing on current events to perpetrate scams generally within a 24-48 hour period.
Tips for spotting these scams for consumers in general:
Thinking before you click, doing research and not being so impulsive will keep consumers from being baited by scammy links, titles and stories.
Tips for family members of the deceased:
They should cancel credit cards, create fraud alerts through their country’s credit bureaus, and once death certificates are obtained they need to submit them to the credit bureaus. Otherwise set up Google alerts with the decedents’’ names to monitor any chatter on social sites that may turn up their likeness in a stolen social media identity theft case.Filed Under: Facebook scams
Does the profession of real estate sales turn someone into a burglar, or, does a burglar one day realize, “Hey, I can make off like a bandit if I sell homes!”?
His sob story was that he hadn’t sold any homes in a year and pawned stolen jewelry to support himself. He even apologized to the victims who showed up at his trial.
If that’s not entertaining enough, there’s the case where a real estate agent, 60-year-old Stephen Brumme, stole women’s clothes from a house for sale, prior to a showing, while the occupants were out of town. The crime was caught on video. Police believe that such crimes occur more often than people realize.
How can you prevent crimes like these?
- Install a video surveillance system. Though fake cameras are effective deterrents to break-ins once they’re spotted by the would-be thief, should a brazen thief bust in anyways, a fake camera won’t catch anything. A real camera at least will catch the crime on tape, which you’ll need for evidence.
- Security cameras can also set off sounds and lighting, plus also alert the homeowner with a text message or phone call.
- Technology (such as Dropcam) is available that allows you to view just what’s happening inside and outside your house, and in real time.
- The investment in a surveillance system will go beyond protection and evidence. It will add value to your home. Some insurance plans even give discounts if your home has a good security system.
Whom better than a burglar knows what a great way to find a victim is? Edith Cowan University in Australia interviewed 69 burglars. One of their favorite methods of finding a target is to search social media for vacation updates.
Don’t buy the biggest house on the block. The biggest, fanciest house on the block really gets a burglar’s attention. Skip it when home shopping.
Home security systems
The vast majority of burglars will not bother with a home that has an alarm. Put the alarm company’s stickers on your windows and their sign in your yard.
Use services like Total Connect by Honeywell to control your home from wherever you are. Get video updates of any activity on your front door or cars. You can unlock and disarm your system all from your phone.
Use a safe for pricey items. Put jewelry in a plastic bag from Walmart, then put it on your vanity. What thief will look inside, thinking it’s new hairspray or a pack of bobby pins?
Close your curtains
It’s a myth that closed curtains in broad daylight are an invitation to burglars. Thieves don’t just break into any home. They want to make sure their efforts are worth it. How can they know this if they can’t see into your house?
But if you want the curtains/shades open for light to come in or to expose a nice view, at least close them when it begins getting dusky. A burglar cases possible targets by looking inside, and it’s very easy for them to see through a bare window at night when your lights are on. Not only can they see what’s worth breaking in for, but they’ll be able to see if the residents can be easily overpowered.
Looks are everything
Accumulations of mail and newspapers will get a burglar’s attention. So will unmowed lawns and a perpetually barren driveway. Put a delivery stop on mail and newspapers, and ask neighbors to park their cars in your lot. Use automatic timers for indoors that set off lights and TVs. Mute the ringer volume on your phone.
Lock your front door!
A 2008 State Farm Insurance study revealed that under 50 percent of 1,000 respondents locked their front doors. It takes the average thief 60 seconds to break in, but only a few seconds for you to lock each portal to your home. Burglars don’t like hard work. Add extra security with a deadbolt.
The Bureau of Justice Statistics, interestingly, says that 40 percent of home burgles are not forced entries. Burglars are literally waltzing right into homes via an unlocked door or window. Lock up, even when you’re home, even during the day. Many burglaries occur during the day.
Keep the garage door closed
Even when you’re home. Install a device that will automatically close the garage door after a specific amount of time open. Prior to traveling, disable the door’s opener or lock the door if it rolls up.
Don’t leave the boxes that expensive items came in, visible on your curb for trash pickup. Disassemble as much as possible and conceal.
Don’t aid burglars
Keep plant growth away from entry points so that burglars can’t conceal themselves when they’re trying to break in. If you absolutely must have shrubbery near entry points due to aesthetic appeal, then choose thorny plants to repel a thief.
Know your neighbors
Not many burglars will get past a Mrs. Kravitz-type neighbor. A stranger will stand out to neighbors who know each other. Get a Neighborhood Watch program going.
Get a dog
A dog’s incessant barking will drive many burglars away.Filed Under: burglary home security
The more technological advanced we become, the higher the degree the potential exists for an invasion of our privacy. Imagine how difficult it must have been for people’s personal information to get stolen—10,000 years ago.
Our right to privacy is just as strong now as it ever was, despite the ease at which criminals and snoops can get your personal data.
Famed attorney and associate justice on the U.S. Supreme Court Louis Brandeis was a champion of a person’s right to privacy, and defined the right of a person “to be let alone” as “the most comprehensive of rights, and the right most valued by civilized men.”
To keep up with the increasing ease of stealing a person’s data, legal remedies and privacy enabling software have been developed.
The Internet is infested with spammers, scammers, and hackers. Do you know that these spammers and hackers can easily monitor your online activities and steal your personal data like credit card information and passwords?
Even your Internet Service Provider (ISP) spies on you! They monitor, track, and keep a record of all your web activities. The websites you visit, the software you download, your online purchases, and everything else are recorded and saved by your ISP.
If this bothers you, you now have options available to protect your privacy and identity. Just download and use Hotspot Shield software. It acts as an IP hider to mask or change your IP address and protect your privacy, while securing your Web browsing session at the same time.
“THE RIGHT TO PRIVACY,” by Samuel D. Warren and Louis D. Brandeis, appeared in the Harvard Law Review in December of 1890.
From that are derived six applicable limitations:
1. “The right to privacy does not prohibit any publication of matter which is of public or general interest.” Warren and Brandeis give elaboration on this exception to the right to privacy by stating:
In general, then, the matters of which the publication should be repressed may be described as those which concern the private life, habits, acts, and relations of an individual, and have no legitimate connection with his fitness for a public office which he seeks or for which he is suggested, . . . and have no legitimate relation to or bearing upon any act done by him in a public or quasi public capacity.
2. The right to privacy does not prohibit the communication of any matter, though in its nature private, when the publication is made under circumstances which would render it a privileged communication according to the law of slander and libel.
3. The law would probably not grant any redress for the invasion of privacy by oral publication in the absence of special damage.
4. The right to privacy ceases upon the publication of the facts by the individual, or with his consent.
5. The truth of the matter published does not afford a defense. Obviously this branch of the law should have no concern with the truth or falsehood or the matters published.
6. The absence of “malice” in the publisher does not afford a defense.
With regard to remedies, a plaintiff may institute an action for tort damages as compensation for injury or, alternatively, request an injunction.
A closing point to make is that Warren and Brandeis recommend that criminal penalties be imposed for violations of the right to privacy, but they decline to elaborate further on the matter, deferring rather to the authority of the legislature.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.Filed Under: privacy
Summertime is here…and that means sunshine and vacations. Most people love summertime, including scammers! Hackers can use this time to take advantage while we are planning vacations or on vacation or just enjoying fun in the sun. Here are some key scams to watch out for this summer:
- Family or Friend Requests Money
You receive an email from a friend or family member. They tell you a sob story and say they need money. It sure seems like the right person. You even ask them for more details and they give them spot-on. Convinced they’re the real McCoy, you wire them money. But what you just did was wire money to an imposter who got all those personal details off social media. One way to prevent this it to establish a secret code that your friends and family promises not to post on social media (and the code should be a nonsensical sentence or something that isn’t easily guessed). If a person can’t type out this secret code, then you know it’s a scam. Another way to avoid this scam is to always speak live to the person asking for the money.
- Home Improvement
Summer is when homeowners are most gullible to people offering home repairs. In many of these cases, repairmen do only superficial repairs to make something look nicer or others take your deposit money and then disappear into thin air. To avoid this, make sure you check references and be leery of anyone appearing out of the blue offering home improvement services or those who are not insured.
- Moving Scams
As summer is a time when many people move homes, it’s also a time ripe for moving scams. You could experience something like the moving company suddenly charging you more if you want your belongings unloaded from the truck. To avoid moving scams, be careful when you choose a moving company, check references and make sure you use an accredited moving firm.
- Vacation Rental Scams
Vacations are something you want to enjoy and getting a great deal makes it even better. But not if it’s a sham. Scammers offer deals on vacation rentals and then you arrive to find that the keys don’t work or worse—the rental is an empty lot. Before you pay for a vacation rental, make sure that the rental address exists by using Google Earth search. And just like other things, get references and only rent from trusted sites like TripAdvisor.
- Online Employment Ads
If you’re job searching, you need to be aware. This scam is usually found on free job listing sites, but can be found in emails too. The red flag is when they want YOU to pay THEM (never mind how legitimate it sounds) or they ask you for a ton of personal information like your driver’s license or birthdate. Just don’t give out your information. Stick to well-known job sites when hunting online.
Summer is a time that we should all enjoy—both online and offline. Make sure you educate yourself on the latest scams and be wary of things that seem too good to be true. Remember, it’s better to be safe than sorry.
Stay safe this summer!
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.Filed Under: scams summertime scams
How many times have you heard someone say, “I don’t have to worry about crime; I live in a gated community”? Yeah, the electronically-locked gate may stop criminals from driving in, but not from walking in!
That stylish gate is more of an ornament than a crime deterrent. It may very well be a lure to thieves, since it suggests that there’s a lot of valuables in those houses. The gate may even suggest complacence with tougher security measures among the homeowners.
The big iron gate may even encourage residents to leave entries to their houses unlocked or windows to their child’s first floor bedroom open overnight. Any reason a pedophile can’t slip through the gate while it opens for a resident? And that assumes the perp isn’t bright enough to just walk into the premises.
The giant gate may as well have a neon sign overhead that says, “Welcome! We Have Lots of Valuables in Our Homes!”
Might a burglar assume that every home has an alarm system? No. He’ll avoid those that have signs of an alarm system, but he’ll continue poking around till he finds evidence of an unlocked house. An alarm system is worthless if it’s turned off and a door is unlocked. This risk-reward calculation is too juicy for a thief to pass up.
And here’s another formula to consider:
Gated community = more money = more empty homes while residents are on yet another vacation.
Still think that gate protects your community? How often have you forgotten your code or the keypad malfunctioned, and you waited for the next resident to open the gates, and you slipped in right after them? How easy was that?
How often has the gate mechanically been broken and you zipped right on through? Even a gateman who buzzes people in may not be on the ball. And even if he is, you should assume that many service technicians are given entry codes. It’s not an issue of how or if a thief can get in, but who.Filed Under: alarm systems
It’s as easy for hackers to phish out your personal data as it is to sit in a canoe on a still pond, cast the bait and wait for the fish to bite.
A type of phishing scam is to lure the user onto a malicious website. ZeuS (Zbot) is such an example, planted on websites; visit that site and it will download a virus to your device that will steal your online banking information, then forward it to a remote server, where the thief will obtain it. Very clever.
But that ingenuity is contingent on someone being gullible enough to open a phishing e-mail, and then taking that gullibility one step further by clicking on the link to the malicious site.
10 Phishing Alerts
- An unfamiliar e-mail or sender. If it’s earth-shaking news, you’ll probably be notified in person or via a voice phone call.
- An e-mail that requests personal information, particularly financial. If the message contains the name and logo of the business’s bank, phone the bank and inquire about the e-mail.
- An e-mail requesting credit card information, a password, username, etc.
- A subject line that’s of an urgent nature, particularly if it concludes with an exclamation point.
- Keep the computer browser up-to-date.
- If a form inside an e-mail requests personal information, enter “delete” to chuck the e-mail.
- The most up-to-date versions of Chrome, IE and Firefox offer optional anti-phishing protection.
- Check out special toolbars that can be installed in a web browser to help guard the user from malicious sites; this toolbar provides fast alerts when it detects a fraudulent site.