Sponsor Robert Siciliano as he runs the Boston Marathon for Miles for Miracles, Children's Hospital Boston
ROBERT SICILIANO, CEO of www.IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

FREE EBOOK

Check here if you're human

Sponsors

Advisory Boards

5 Online Security Tips You need to know

0
Pin It

It’s up to the potential victim—the user—YOU—to make your computer or smartphone very difficult for Joe Hackster to infiltrate.

7WPasswords

  • Being that cyber crime has been a fixture of modern living for over a decade, you’d think that everyone and his brother would know to use strong, long passwords, and a different password for each account. But people—including those who’ve been around for a long time—continue using the same password and ridiculously weak passwords, like password1 and princess.
  • A very strong password will go a long way in preventing hacking incidents. It should be at least 12 characters and a mixed salad at that: different cases, numbers and symbols, and no words.
  • Every single account should have a different password.
  • Learn which accounts offer two-factor authentication, then activate it. This way, if someone gets your password they still can’t get into your account unless they have your smartphone.

The cloud is cool but not 100 percent secure

  • Sounds funky: “cloud storage.” But the vulnerabilities aren’t necessarily in the cloud service, but in your device security. If your device is vulnerable, if you don’t have security software or update your operating system, you become the criminals path to the cloud service.
  • Because the cloud is such a huge vault for holding all kinds of data, more things just simply can go wrong. The user must decide who’s better at protecting his data: a system with more resources (the cloud), or the user himself?

New doesn’t mean safe.

  • A brand-new computer or mobile device may come with preinstalled “back doors” for hackers. This is legal so that law enforcement can more easily track the bad guys in life. These back doors are vulnerabilities that can let in hackers. Do your research when making an investment in technology and install antivirus immediately.

No software is perfect.

  • Think of antivirus and antimalware as the “exterminator” who comes to your house to get rid of bugs. There’s a reason that pest control companies no longer refer to themselves as exterminators. This term implies they can kill every last bug and its eggs. They can’t. There will always be a bug somewhere, but the pest control technician can at least prevent infestations and swarms. Likewise, protective software is not 100 percent infallible, but it goes a long way in preventing computer infections.
  • So even though it’s not perfect, you absolutely must use protective software.

Mind the software update messages.

  • Don’t get annoyed by these; allow them to take place. Don’t hit “remind me later,” because chances are this will become a habit. You don’t want to delay the updates. They mean a security hole was detected, and now it can be patched. Don’t wait till later! Better yet, set all security software to automatically update.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. Disclosures.

Filed Under: online security

Town sees Big Spike in Burglaries

0
Pin It

Why are so many burglaries hounding the town of Los Altos in California? There were 79 reported in 2013, but 118 for 2014. This past January and February there were 36. At that rate, by Christmas 2015, it’s unthinkable what the total number of burglaries will be.

1HIn a report on mercurynews.com, the Los Altos police chief, Tuck Younis, is quoted as saying, “It sickens me, as the one who is responsible to keep the city safe, that’s occurring. It sickens every member of our department that’s occurring, especially at the volume that is occurring in our city.”

He spoke this to an assembly of over 200 town residents. Chief Younis added that the number of burglaries is “unprecedented.” In fact, the cities of Sunnyvale and Mountainview—neighbors to Los Altos—have also been stung. And not just by local thieves, but thieves from all over.

Chief Younis speculates that a prison realignment is responsible for the spike in burglaries; convicts are getting released sooner.

And these burglars are going after hard-to-trace loot like jewelry and cash, rather than iPhones and video games. And they’ve been hitting homes both during the day and in the middle of the night.

The police have reassured residents that they are doing everything possible to break this spike up, and that there’s even been some arrests. Nevertheless, residents were instructed to be extra alert and not to hold back from reporting any suspicious activity.

Residents should also beef up their home security as well as take non-techy measures to make their homes unappealing to burglars. Being aware of the little things will make a difference, such as not letting newspapers collect in the driveway because you haven’t felt like getting the paper for a few days and not letting the lawn become overgrown—signs to a burglar that nobody’s been home for a while.

Keeping windows and doors locked at all times, using a deadbolt on doors and Charlie bars on windows, and keeping lights on will also help repel burglars. You can even get semi-techy by installing a fake video camera above the front door that a thief won’t miss—this is a good deterrent to the bad guys.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home burglary

Paralyzed Home Invasion Victim speaks

0
Pin It

If a home invasion doesn’t leave you dead, it might leave you permanently paralyzed, like it did Richard Potorski, who was shot two years ago and can’t move from the chest down.

On January 8, 2013, Potorski went to his Maine home for lunch after work. Moments later he saw a gun pointing at him; it went off. He played dead—which wasn’t hard to do because his spinal cord had been severed—until his wife found him 90 minutes later.

Potorski says he doesn’t know the shooter, and even though he has a misdemeanor drug charge on his record, he was not involved with any drug deals with the shooter—Ronald Bauer, who received a 30-year prison sentence.

It’s a myth that most burglaries occur at night. Gee, night is when most people are home. Most people are gone during the day at work. Burglars know that. What if Potorski had had a security system on that fateful day? This isn’t a blame-the-victim mentality; it’s a very fair question.

Imagine Bauer trying to gain entrance and a screaming alarm sounds. He would have fled like a bat out of hell. Or suppose there was no alarm system, but the door had a top-of-the-line deadbolt and reinforcement system, and the locked windows all had Charlie bars and penetration-proof film. Bauer wanted to get in quick without attracting attention. Why would a burglar want to be seen spending 20 minutes trying to break into a house? Yep, it’s a very fair question.

Evaluate your lifestyle so that you can have an idea of what kind of security system will best suit you. For example, if you’re away a lot, or even only from 8:00 to 5:00, you’ll need a remote monitoring system.

Today’s systems are really cool in that you can even receive e-mails and texts about variables that the system detects. You can even see what’s going on with real-time surveillance transmitted to your phone.

Imagine that someone breaks in while you’re exiting your worksite to go home for lunch, and you get the alert on your phone. You connect and see some druggie trashing your place looking for cash. You won’t get shot by him. We live in a cruel world and need to be prepared.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home invasion

6 Ways to halt Online Tracking

0
Pin It

“On the Internet, you can be ANYBODY!”

1PNot quite. Remaining anonymous in cyber space isn’t as easy as it used to be. Your browsing habits can be tracked, leading to your true identity. But there are things you can do to remain as anonymous as possible.

  • Don’t feel you must use your full, real name when filling out forms or whatever, just because it’s asked or even a “required field.” Of course, you’ll want to use your real name when registering online with a bank, for instance, or making a purchase. But sometimes, the real name just isn’t necessary, such as when registering with a site so that you can post comments on its news articles, or registering with an online community so that you can participate in forums.
  • Stop “liking” things. Does your vote really matter in a sea of thousands anyways? But you can still be tracked even if you don’t hit “like” buttons, so always log off of social media sites when done. This means hit the “log out” button, not just close out the page.
  • Twitter has options to control how much it tracks you, so check those out.
  • Clear your browser cookies automatically every day.
  • Use a disposable e-mail address; these expire after a set time.
  • Firefox users get a browser add-on called NoScript to block JavaScript. JavaScript gets information on you, especially when you fill out a form. However, JavaScript has many other functions, so if you block it, this may impair ease of use of the websites you like to navigate.

Virtual Private Network

You may not think it’s a big deal that your browsing habits get tracked, but this can be used against you in a way that you cannot possibly imagine.

For example, you suffer whiplash injury in a car accident and want to sue the erroneous driver who caused it. However, your nephew asks your advice on weight lifting equipment, so you decide to visit some websites on weight lifting equipment since you know a lot about this.

The defendant’s attorney gets wind of this online search and can use it against you, claiming you don’t really have any whiplash injuries. How can you prove you were searching this information for your nephew?

A VPN will scramble your browsing activities so that you can freely roam the virtual world wherever you are without worrying you’re being tracked. Your IP address will be hidden. One such VPN service is Hotspot Shield, which can be used on iOS, Android, Mac and PC.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Filed Under: online safety online security

Lost your Master Password, do This

0
Pin It

You have a master password, from your password manager, for 28 accounts. Life has been so easy since!

5DBut then you lose this master password. First off, you can’t fix this like you would if you forgot your password for PayPal or your credit card’s site. Plus, each password manager service has a different solution.

Yet how do you lose a master password in the first place? If it’s impossible to remember,then it may not be a good master password, regardless it should be written down somewhere in a secret location.

Lifehacker.com explains the requirements for various password manager services if you actually lose your master password.

Dashlane

  • A lost master password with Dashlane is like, well…imagine your backpack falling into a dark crevasse—gone forever—even if you have applications for your smartphone for Dashlane.
  • You’ll need to create a new account or reset the existing account, but either way, you must start from scratch.

1Password

  • You’re out of luck if you lose your master password—gone with the wind; you must begin all over again, just like with Dashlane.

LastPass

  • Offers a one-time password, after which you must reset your password
  • Requires the computer you’ve already been using LastPass for
  • You’ll need the associated e-mail account. Otherwise, you must begin everything from ground zero.

KeePass

  • Lose your master password with this and you’re done. You must start from scratch.
  • Don’t even bother trying to crack it because KeePass does have built-in protection.

Roboform

  • It’s too bad here, too. Resetting your password means losing all of your data.

Of course, you don’t ever have to be in this hairy situation in the first place.

  • Write down your master password and store it in a secret location; do this several times, even, and make sure the locations are ones you won’t forget.
  • Write down the one-time password or backup code for your service (if it has these features). Write it down in more than one location, e.g., tape a stickie with it on the underside of your desk may not be the most secure, but an option.
  • See if the service allows you to export your password, then do so. Then save it on your computer and also print it out for a hardcopy duplicate. For better security don’t store it in your computer but instead in a USB drive (in addition to hardcopy).
  • See if the service provides a feature for emergency contacts, then set this feature up.
  • Back up all of your data as a general rule.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

Filed Under: passwords

What is a Virus?

0
Pin It

Have you ever had the chicken pox? This common childhood illness has another name—the varicella zoster virus. Like all viruses, varicella replicates itself, spreading though the body, and eventually appearing as itchy red blisters all over the body. But the virus doesn’t stop there; it can spread to other people through physical contact and through the air when an infected person coughs or sneezes. It’s not a very fun illness to have.

6DViruses don’t just affect humans; there are viruses that can affect your tech devices. A tech virus is a malicious program file that can also replicate itself and infect other devices through techniques like malicious links and sketchy downloads. But unlike the chicken pox where the virus eventually appears on your skin, a virus could be wreaking havoc on your device and you might not even know it!

Computer and mobile viruses can take many different form factors, but all are usually intended to do harm to your device, steal your personal info or money or both. Some examples of viruses include a Trojan Horse, which masquerades as something neutral or benevolent, but is programmed to infect the hard drive or even crash it. Spyware is a virus that observes your activities like logging into your bank account, collects this data (e.g., password, answer to secret question, username) and sends it to the hacker. And a worm, like other viruses, can corrupt files, steal sensitive information, or modify system settings to make your machine more vulnerable, but it’s different in that it can replicate and send copies of itself to other computers in a network without any human interaction.

There are several clues that could mean that your device has a virus. For example, if you notice your device is suddenly running at a snail’s pace. Another example is programs or apps opening and closing on their own. Or a major sign would be if you receive an email from a friend responding to a mass email you supposedly sent promoting some great deal on a pharmaceutical (that you never actually sent).

Just like there are things you can do to prevent the chicken pox, like wash your hands and stay away from infected people, there are ways to prevent a virus from getting on your device.

  • Be wary. Don’t open attachments from people you don’t know.
  • Think before you click. Don’t click blindly. Check the link URL to make sure you are being directed to a legitimate site.
  • Keep your OS and browser updated. Make sure that you install the latest updates for your operating system and browser as well as any hardware updates that are available for your device as these often close up security holes.
  • Install security software. Use comprehensive security software that protects all your devices, like McAfee LiveSafe™.

Here’s to keeping all your devices nice and healthy!

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Filed Under: viruses

Keyloggers log wirelessly

0
Pin It

Gee, it sounds like something out of one of those 1970s TV shows about government spies, but it’s reality: Plug this little thing into a wall socket and it records the keystrokes of a person nearby typing into a Microsoft wireless keyboard. The little gadget sends the information back to the gadget’s owner over the Internet.

1DThe device looks like a USB wall charger, and this “KeySweeper” can be created with instructions from Samy Kamkar, a hardware hacker and security researcher who developed the gadget.

An article on threatpost.com explains that KeySweeper can alert its operator when keystrokes spell out something that the thief-operator would be interested in, such as a bank’s website address. The device continues working even when removed from the wall socket.

As for making a KeySweeper, Kamkar says that it’s not wise for a person without strong knowledge of electrical things to attempt to construct one.

To remain as inconspicuous as possible, the KeySweeper relies upon low profile hardware and very low power. It can also be powered by a battery because it’s installed inside a USB wall charger. So if you unplug the device (and thus disconnect it from A/C power), KeySweeper is still going, relying on its battery inside.

And if you think that KeySweeper is difficult to detect, you’re correct. It could be sitting in someone’s lap one table over from you at the Internet cafe and recording your keystrokes.

Your only protection then would be to use a keyboard that requires an electrical cord, or, a wireless one that’s not from Microsoft. Kamkar’s device works only with Microsoft because of the technological compatibility that Microsoft’s wireless keyboards have with the gadget. It is likely however that devices such as this will become more common and will also work with other keyboards.

So how do you protect yourself? Seems difficult if not impossible. One way would be to reduce the amount of data that could be exposed. The most sensitive data is generally passwords and credit card data. A password manager will enter all this data for you and not require keystrokes. This is the most effective and secure “autofill” available that bypasses keystrokes.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.

Filed Under: online security

4 Tips for Spring Cleaning Your Digital Life

0
Pin It

Spring is in the air (if you’re in the northern hemisphere) and it’s traditionally a time to clean every nook and cranny and get rid of excess stuff in your house. But it’s also a good time to clean up your digital life. Just like your house, your digital life needs a good cleaning once in a while, but sometimes this can seem like a daunting task, so here’s some tips for you to get started.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294First, begin by emptying your trash or recycle bin on your computer and clearing your browser cache of temporary files and cookies, both of which will free up valuable space on your hard drive, then follow these tips for cleaning your digital presence.

  1. Clean up apps and files. Are some of your apps gathering dust? Do you have files from high school (and it’s been years since you graduated)? If you’re not using these items, think about deleting them. Clearing out old, outdated and unused apps, programs and files leaves more space and memory on devices to fill with things you use.
  2. Back up your data. Our devices are a treasure trove of family memories like pictures and videos and they also often include key documents like tax forms and other sensitive information. None of us would want to lose any of these items, which is why it’s important to back up your data, and often. Back it up to both a cloud storage service and an external hard drive—just in case
  3. Review privacy policies. Are your accounts as private as you want them to be? Take the time to review the privacy settings on your accounts and your apps so you understand how they use your data. This is important for your social media accounts so you can choose what you want or don’t want to share online. For a good resource on social media privacy, see this article. This is also critical for your apps as many apps access information they don’t need. In fact, McAfee Labs™ found that 80% of Android apps track you and collect personal info–most of the time without our knowledge.
  4. Change your passwords. It’s always a good to idea to change your passwords on a regular basis and there’s no better time during a digital spring cleaning. To help you deal with the hassle of managing a multitude of usernames and passwords required to manage your digital life, use True Key™ by Intel Security. The True Key app will create and remember complex passwords for each of your sites, make them available to you across all of your devices, ensure that only you can access them simply and securely using factors that are unique to you, and automatically logs you in when you revisit your sites and apps—so you don’t have to.

So before you consider yourself done with your spring cleaning, make sure you finish this last bit of spring cleaning with these tips, and you’ll be well on your way to cleaning up your digital life.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Filed Under: online security

It’s a Security System and More

0
Pin It

WARNING: Removing this video surveillance camera to kill evidence of your robbery will do you chickenfeed because the video of you is being stored in the cloud!

2WToday’s security systems are so much more evolved than they were 20 years ago, even 10 years ago.

We’ve all heard of the bright light that goes on over the garage when someone steps onto the driveway. That’s so old that some burglars aren’t miffed by this in the least. However…such a motion detection system can also trigger video surveillance and notify the police. And there’s so much more that today’s security technology can do:

  • Send an alert to your smartphone that something anomalous has been detected inside your house; you can then view the interior in real time where this detection occurred, even if you’re across the country. Don’t be surprised if in the future, the homeowner could—with a single tap of a smartphone key—activate a net from the ceiling to deploy and engulf an intruder, holding him till the cops come. I WANT THAT.
  • Even if you live in a virtually crime-free neighborhood and have no valuables…you can still be endangered by non-human threats like gas leaks, fires and trip-and-fall hazards in dark areas with triggered lighting. A home security system can protect you from these variables.
  • Burglars aren’t fooled by the constant light that’s on to make it seem like you’re home when you’re not. However, security systems can create a pattern of on-and-off light use when you’re away, simulating that someone’s actually home.
  • If you still have an old-fashioned wireful security system, it’s time to switch to wireless. Wireless eliminates the possibility of a burglar cutting the wires. Furthermore, a wireless system can include a small remote that can activate and deactivate the system, like when you want to go outside at night with the dog to do its business.

If you were to ask 1,000 home burglary and invasion victims, “Did you think the crime could ever happen to YOU?” What do you think they’d all say? Stop making excuses and get a home security system if you already don’t have one.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home security

Identity Theft Protection 101

0
Pin It

What’s it called if, for example, someone runs up your credit card line without your permission? Identity theft. ID theft isn’t necessarily someone going around impersonating you. But it is considered someone taking over your accounts.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Account takeover is also someone hacking into your computer and getting the password for your PayPal account, then sucking it dry. ID theft is an extremely common occurrence. The damage incurred by ID theft runs along a continuum, from light to heavy. At its worst it can:

  • Cost thousands of dollars to repair the fallout
  • Take months to fix this
  • Destroy reputation
  • Cause difficulty finding employment
  • Cause rejection of loan applications
  • Cause the victim to be arrested because the identity thief committed a crime in their name

There are tons of ways one can become a victim. It used to be that ID thieves would steal a wallet and gain information that way, or dig through your rubbish for bank statements. But these days, ID theft is prolifically committed in cyber space by thieves thousands of miles away.

For example, a thief halfway around the globe could trick you into giving your bank account information by sending an e-mail that looks like it’s from your bank, telling you that your online account has been compromised and that you need to supply your account information to repair the problem.

Or, clicking on a link that promises to show you a nude celebrity instead downloads a virus to your computer.

ID theft can also occur through no lapse in judgment of your own: when the retailer you buy things from with a credit card is hacked.

Protect Yourself

  • All of your computer devices should have software: antivirus, antimalware and a firewall, and always updated.
  • Educate yourself on recognizing scams. Some are ingenious and look legitimate. One way to drastically reduce the odds of being tricked by a ruse is to never, never, never click on any links in an e-mail. Never.
  • Make all of your passwords unique, over 10 characters and a mix of numbers, letters and symbols: gibberish rather than the name of your favorite rock band or sport.
  • View your credit report (it’s free) once a year from each of the three credit reporting agencies. Look for odd things like new accounts opened that you never opened and other false information.
  • If you’re sure you won’t be applying for a loan for a long time, freeze your credit.
  • Use only reputable merchants for online shopping when possible (we all know this rule doesn’t apply when you want to buy those big clumpy home-baked chocolate cookies from “Denise’s Gourmet Cookies”).
  • Missing snail mail bills? Report this to the associated companies because a thief may have changed your billing address.
  • Use a VPN. A virtual private network such as Hotspot Shield is one significant layer to protect your data and your identity by encrypting your information.

Consider it a red flag if you receive credit cards you didn’t apply for, especially if they have high interest rates.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Filed Under: Identity Theft
Xtreme School

Featured in

Anderson Cooper John Stossel Robert Siciliano Featured in
Browse by Month

Browse by Category