In late 2016, a huge data breach occurred. More than 412 million accounts were affected when hackers got into FriendFinder Networks.
According to sources, approximately a million of those accounts had the password ‘123456,’ and approximately 100,000 has the password that was simply, ‘password.’ This, of course, is despite the efforts from pros about password management and the importance of a strong password.
Complex Passwords are Inconvenient
This data breach is just one of many, and it shows that using passwords alone are risky and have consequences. Additionally, complex passwords are inconvenient, and this means that people often avoid using them, or they write them down, or use them across multiple accounts, meaning there is a great chance that they can be stolen.
Keeping in mind, still, that passwords are flawed. This is not because they are often so easy to guess and easy to hack, it’s because they are quite expensive to maintain. Approximately 20 to 50 percent of calls to the help desk are due to password resets because people forget them.
All of this means that things have only gotten worse when it comes to the usability of passwords over the past few years. So, to keep the control that is necessary to ensure the data is safe in an organization, the IT team must use tools that will address these major security concerns. When you consider all of this, it is truly shocking that so many people are still using passwords such as ‘password’ and ‘123456.’
If you look at all of the data-breaches that have occurred in 2016 and consider the millions of people who have been caught up in these breaches, it’s absurd that people are picking passwords that are so easy to guess.
However, you also should keep in mind that it doesn’t matter what your password is, security experts and IT professionals keep hammering in the importance of changing passwords. Even if you are choosing passwords that are a bit more advanced than ‘123456,’ you should still change your password, often.
You also must consider this: it doesn’t matter how good your password is and how complex you make it; passwords are still vulnerable. What we need is a change in our thoughts about security and a revision of our concept of what a password is and does.
In some form or another, passwords have existed as a way to secure information for centuries. For most of this time, they have worked well. However, with technology changing the world, this old form of security needs to be refreshed to meet the needs of the time.
More Security is Necessary
To overcome all of the issues that are associated with passwords, companies should take time to look at different forms of security. All you are doing now is wasting time and money by changing passwords and making them stronger. On top of this, when your business experiences a data breach, you could be facing a fine and of course, embarrassing questions. Instead, it’s time to drop this concept of using passwords as the only means of security.
We need an approach that eliminates passwords altogether. Using, for instance, two factor or multi factor authentication or better, un-hackable security tokens is one way to ensure that no passwords are stored, created, or transmitted. This will help us all to remain safe.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.Filed Under: Password Manager passwords
It doesn’t matter who you are or where you live, your home is at risk of being burglarized. According to numerous studies, in the US alone, a burglary occurs about once every 18 seconds, which equates to about 5,000 a day.
Fortunately, you can secure your home or business against burglary, and it doesn’t have to cost you a fortune. Here are 5 ways that you can get peace of mind on the cheap:
- Repurpose Your Smartphone
If you are like most, you probably have an old smart phone hanging around just collecting dust in a drawer. For free or a small fee, you can download apps for both Android and iPhone devices that allow your smart phone to become a surveillance system with almost no effort on your part. Simply search “Surveillance app” in your devices app store.
- Speaking of Cameras…
Of course, you can always just buy a surveillance camera for your business or home. These are often network cams and are easy to use and affordable. These low cost security cameras are often motion-activated cameras that sends a live stream and alerts to the user’s smartphone via the cameras app. Some of the features to look for include:
- Night Vision
- Wide-angle lens
- Automatic detection of animals
You can buy the systems at major retailers, and it start as low as $50.00.
- Set Up Some Tripwires
Sometimes simple and traditional is best, and tripwires can really do a nice job of protecting your home or business, and you can get them for as little as $20. In fact, with a bit of ingenuity, you can even make your own. Some of them have a loud sound, too, similar to a gunshot, which will seriously scare anyone who is sneaking around where they shouldn’t be. These are low-tech and perfect for anyone wanting to beef up their other security systems, as a multi-layer approach to security is best. Search “trip wire alarm” on eBay or YouTube for all kinds of options.
- Get a Guard Dog
If the traditional approach appeals to you, consider a guard dog. People have been using guard dogs to protect their property since the time of Ancient Rome, and one of the most popular breeds for this type of work is the German Shepherd, Doberman or Belgian Malinois. These dogs are large, strong, and intimidating, and you definitely wouldn’t want to cross paths with one that was trained to keep you off its property. Just keep in mind, whatever breed you choose, that you must get a professional trainer for the best results.
- Make a Pact With Your Neighbors
One of the best ways to protect your property is to work with your neighbors and keep an eye on each other’s homes. For example, if you know your neighbor is going on vacation and you have more than one car, park one of them in their driveway. This way, it looks as if someone is home. You also should take their mail in because burglars know if there is a lot of mail in the box, the home or business owner likely isn’t around.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.Filed Under: burglary phone scams
A Massachusetts man is on trial. His crime? Stalking. But, it’s probably not what you think. The 48-year-old was chatting and sharing photos with a 16-year-old girl, and these chats and photos were “sexual in nature.” The pair met on social media, and when the girl asked to stop these exchanges, the man threatened to send the shared photos to her friends. This is a case of sextortion.
The Definition of Sextortion
Sextortion is a type of sexting that can have serious consequences. Sexting, of course, at a basic level, is the sharing of nude or sexually explicit photos and chat, usually from one cell phone to another or on social media. The practice is legal when done between consenting adults, but when those under 18 are involved, child pornography and sexual exploitation laws come into play.
Sextortion usually refers to the act of extorting someone by using digital photos that are sex-related. The party doing the extorting will usually demand something like property, money, sex, or another service from the victim. If the victim doesn’t meet the demands, the one doing the extorting threatens that they will share or distribute the sexually explicit photos.
What Can You Do If You are Being Sextorted?
If you believe that you are being sextorted, there are some things that you can do depending on the conditions. First, if you are under 18, you are protected by child pornography and child sexual exploitation laws will come into play. If you are over the age of 18, you might be protected by various laws including stalking, sexual harassment, extortion, or wiretapping.
For those who are under 18, the first thing to do is tell a parent or adult. However, keep in mind that some people are “mandated reporters,” such as teachers. This means that they are required by law to report any instance of sexual victimization of anyone under the age of 18. Keep in mind charges in some cases can be brought against anyone involved, even hypothetically, whether they are guilty of a crime, or not. I’ve seen cases where two 15 year olds consented to sending each other sexting pics and each of them were charged, and each were victims, even though they consented, but were under age. So, it’s better to work directly with a parent or other close adult.
Your Options for Sextortion Help
You have a number of options when seeking out help for sextortion:
- Contact a Crisis Hotline – There are crisis hotlines and chat services available that will allow you to remain anonymous during this process. Usually, these organizations will refer you to local people who can help.
- Contact a Victim Advocate – Many counties, police stations, and crisis centers have victim advocates and social workers available for these situations. These people can help you put together a plan and get a protection order against the person who is threatening you.
- Contact a Legal Aid Organization – Simply doing a Google search will help you to find a local legal aid organization. In this case, just search “legal assistance” or “legal aid.”
- Reach Out to a Lawyer – If you have a case and have gotten legal advice and evidence, you can contact a lawyer. They will help you to remove any photos that have been posted online.
- Contact the Police – File a report by contacting local law enforcement.
- Tell a School Counselor – You will get the wheels turning when telling a school counselor. Remember, they are required by law to report the incident.
Advice for the Parents of Victims
Many young people are reluctant to tell adults about sextortion and sexting for several reasons. They might believe they will make the situation worse or they might believe that they will be judged. Some might also believe that they will face criminal actions, too.
If your child does tell you about possible sextortion, make sure that they know you are there for them no matter what. With this type of loving and supportive communication, you will be able to deal with this situation as a team.
Ask your child to tell you their side of the story, and then take it from there. You might want to communicate with people you both have trust in. This way you can fill the gaps. You might also consider contacting any social media services where photos were shared, such as Facebook. They will usually help. It is also a good idea to contact a victim advocate, as they know what type of evidence to look for that can be used in court. Finally, make sure to report the person via social media, which will help to block the accused account.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.Filed Under: cybersecurity Sexting
This post isn’t exactly a “how to” but if your current employment isn’t bringing in the bacon, I’m sure your criminal mind can figure it out. In the biggest digital advertising fraud in the history of the U.S., it was recently found that a group of hackers is bringing in from $3 million to $5 million a day from media companies and brands. That’s some scratch!
White Ops, an online fraud-prevention firm, uncovered this campaign, which they have called “Methbot,” and the firm found that the campaign is generating more than 300 million video ad impressions each day.
AFT13, which is a cyber criminal gang, has worked to develop the Methbot browser, which spoofs all of the interactions that are necessary to initiate and carry out these ad transactions.
The hackers, which are allegedly Russia-based, have registered more than 250,000 distinct URLs and 6,000 domains, all of which impersonate US brand and companies, including Vogue, ESPN, Fox News, Huffington Post, and CBS Sports. They then take these sites and sell fake ad slots.
The cybercriminals that are behind Methbot are using their servers, which are hosted in Amsterdam and Texas, to give power to almost 600,000 bots. These have fake IP addresses, most of which belong to the US, and this makes it look like the ads are being viewed by visitors in the US. The criminals then get video-ad inventory, which they display on the fake media website that they have created. They get top dollar for this, and they trick the marketplace into believing that this content is being seen by legitimate visitors. In reality, however, these ads are being “viewed” by fake viewers thanks to an automated program that mimics a user watching an ad.
To make the bots look even more real, the group also uses methods such as fake clicks, mouse movements, and even social network login info. White Ops has also found that this fake army of viewers has amassed about 300 million ad views each day, and it has an average payout of about $13 per every 1000 views. If you multiply this by the compromised IP addresses out there, the money is rolling in.
White Ops believes that the Methbot empire has created from 200 to 300 million fake video ad impressions each day, which targets about 6,000 publishers. In a 24-hour period, this is generating somewhere between $3 and $5 million in each 24-hour period.
While the operation has its headquarters in Russia, White Ops can’t say for sure that Methbot has Russian origins. The good guys have been in contact with the FBI, and together, they have been working towards stopping this scam for several weeks.
It can be truly terrifying to fall through ice on a frozen lake, but if you remain calm, it can save your life. Most people don’t realize that you have more time than you think, according to experts. This is due to the concept of thermoregulation and how your body deals with the shocking cold that immediately encompasses the body.
As you first hit the freezing water, you will almost immediately gasp and start hyperventilating. It is important that you remember to get control of your breath and do not thrash around. It can help to remember something called the “1-10-1 principle.” This means that it takes about one minute to gain control of your breathing, and then you have 10 minutes to move before you get too cold. The final one is to remind you that it will take one hour before you become unconscious. Again:
- 1 minute to control your breath
- 10 minutes of meaningful movement
- 1 hour before unconsciousness sets in
Take that initial minute and fully focus on your breathing. Slow it down, and then look around to see if you can locate the thickest area of ice. Typically, this is in the direction of the way you were coming from, as the ice was thick enough, at least for a time, to hold your body weight. When you locate the ice, stretch your arms over the surface, and then begin to flutter-kick until your body becomes horizontal with the surface. Kick hard and use your arms and hands to pull yourself onto the ice. As soon as you are able, begin to roll away from the hole, and then crawl upon the ice until you can safely stand up. To learn more about this, and to see it in action, there are videos online that demonstrate this technique.
Keep in mind that once your body temperature falls below 95 degrees Fahrenheit, officially you are hypothermic. When it falls below 86 degrees, it is likely that you will be unconscious, but not actually lifeless. In fact, people have been revived from body temperatures as low as 56.7 degrees, which is when the body will show the clinical signs of death, such as not breathing and not having a pulse.
It is possible that you can live for several hours after passing out if you can get out of the frigid water. This, however, does require some planning. You only have about 10 minutes after falling in before your muscles and nerves become too cold to work. If you feel too weak to go on and you cannot get out, place your arms over the surface of the ice and just remain still. The point is to encourage your coat to freeze to the ice, so that if you lose consciousness, you will keep your head above water. Additionally, you will remain visible for rescue, even if you pass out.
Burglars love doors, because that’s their No. 1 way of gaining entry to a house. When thinking of ways to make your home safer, you should really home in on your doors.
- Solid wood door without a window (ideally with solid wood core)
- Top flight deadbolt (ideally two)
- Reinforced frame and doorjamb
The above elements would make it almost impossible for an MMA fighter to kick the door in. Yes, you should be thinking in terms of kick-proofing your door. By the time we’re 18, we’ve probably witnessed hundreds of door kick-ins on TV shows and in movies. No matter how many unrealistic things we’ve seen on film, one thing stands out as being very true to life: the ease of kicking in a door.
If the door has a window, we have a problem. A crook could smash through it and unlock the door. Here is where a second deadbolt, near floor level, comes in handy. If this can’t be done, then have decorative steel bars placed over the window.
A metal door is also doable for good security, as long as its interior is reinforced and it has a lockblock.
Keep in mind that even a steel door (the most secure type) can be kicked in if the lock’s screws are too short. You get what you pay for; do not cut corners when it comes to purchasing a deadbolt. They are not all the same. A good one extends deep into the doorframe.
I also recommend a one-sided keyless deadbolt for use when you’re home. As its name implies, it can’t be manipulated from the outside (which makes it impossible for an intruder to circumvent).
The doorjamb and frame should be as strong as possible. Don’t just rely on a good deadbolt. The strike plate’s screws should be three inches. Install door reinforcement technology. This beefs up the door jamb to prevent kick-ins. See Door Devil.
What about sliding doors?
- The glass should be reinforced or replaced with polycarbonate.
- The track should have a bar to prevent the door from being forced open.
- Track stoppers also come in the form of small devices that screw onto the track and block the door.
- The door should be equipped with a motion and vibration sensor that triggers an alarm.
Keep a covering over the windows as much as possible. I understand that you want your home to be bright and cheery, but find a happy medium by realizing that a burglar can get a really good look inside your house through uncovered sliding doors. For sure, keep the curtains drawn or the shades down when it’s dark out.Filed Under: home invasion home security home security tips
According to a recent study, online security for most people is too bothersome. The US National Institute of Standards and Technology published the study, which shows that most people who use the internet have just given up and don’t follow the advice given to them about online security.
The result of this is that consumers are engaging in risky online behavior, and according to one survey participant, if “something happens, it is going to happen” and “it is not the end of the world.”
This is concerning to many, including security experts and survey authors. During this survey, approximately 40 people were interviewed in order to understand how those without a technical background feel about computer security. Though this isn’t a total significant sample size, it is a surprising look at how people feel about the information that experts are giving them. Each interview ran from 45 minutes to an hour, and the goal of the researchers was to find out where the average person stands on online security.
The authors of the report were surprised by the resignation of the interviewees during the survey. Essentially, they saw that people just can’t keep up with security changes. The survey participants, overall, believe that online security is too complex, and these people don’t see the benefits of making any efforts.
Some of the people who took the survey seemed to be under the impression that they didn’t have any information that a hacker would want. For example, one person claimed that they don’t work in a government agency and they don’t send sensitive information over email, so if a hacker wants to take their blueberry muffin recipe, they can go ahead and take it.
What’s interesting is what the study’s authors found when comparing those who had experienced identity theft with those who hadn’t. Those who have had an incident with the theft of their identity were much more focused on their online security.
To help the survey participants better understand their risks and to change their minds about internet security, study authors advise that those involved in technology and security must work diligently to help the people using the internet understand the dangers of lax security. They also must work to make it easy for internet users to do the best they can when keeping their accounts safe. It’s important for people who use the internet to make it a habit to remain more secure.
If you have a cell phone, and you use it in any way associated with accessing online accounts (and many do), you are putting yourself at risk of getting hacked. With only a phone number and a bit of information, which is easy to get through social engineering, a hacker can break into your personal and financial accounts.
This works by getting information about you, such as your birthday, address, or even the last four digits of your Social Security number…information that is readily available…and then creating a plausible story to gain access to your phone account, phone and various online accounts. Once they have access to your accounts, they can change the phone number, get a new sim card and then change account passwords, and you will be unable to access the affected accounts. Below, you will find some tips to help you protect your phone number:
Use a Passcode
If you have the option to put an additional passcode on your phone account, do it. Though this isn’t foolproof, it will certainly help to give you some added protection.
Disable Online Access to Cell Phone Accounts
I’m not doing this, but some should. This might be frustrating, but it will further protect you. If you need to make a change, you can call or go into the store.
Consider Using Google Voice
Google Voice is a safer option for many, and you can even forward your existing number to Google Voice. This helps to mask the calls you make, which means no one would have access to your real number.
Use a Carrier-Specific Email to Access Your Mobile Phone Account
If you are like most people, your email address and phone number help you to access most of your internet-based accounts. Ideally, instead, you should have a minimum of three email addresses: your primary address, one for your mobile phone carrier only, and one for sensitive accounts, such as your bank and social media. This way, if your primary email is compromised, a hacker cannot access your sensitive accounts.
Ask Your Carrier for Account Changes
Finally, you can ask your carrier to only allow account changes in person with a photo ID. Though there is still a chance that a hacker could pose as you with a fake ID, the chances are much lower.
There are also some steps that you can take to protect all of your online accounts:
Create Complex Passwords
One way to protect your online account is to create complex passwords. It’s best to use a password manager that creates random, long passwords. If you don’t use a password manager, create your own password of random numbers, cases, and special characters. These might include “4F@ze3&htP” or “19hpR$3@&.” Try to make up a rule to help you remember them.
Don’t Tell the Truth
Another thing that you can do is to stop being truthful when answering security questions. For instance, if a security question asks what your mother’s maiden name is, make it up. Something like this is too easy to guess…just make sure you remember it!
Don’t Connect Your Phone Number to Sensitive Accounts
You also should make sure that you are not connecting your phone number to any sensitive accounts. Instead, create a Google Voice number and use this for your sensitive accounts.
Use Passcode Generators
Passwords are easily stolen via key loggers, which is software that records keystrokes. You can protect yourself from this by using a one-time passcode generator. This is part of the two factor or multi factor authentication process. These generators are wireless keyfobs that produce a new passcode with heavy frequency, and the only way to know the passcode is to have access to the device that created the passcode.
Use Physical Security Keys
You also might want to consider using physical security keys. To use these, people must enter their passwords into the computer, and then they must enter a physical device into the USB port, proving that they are the account owner. This means, in order to access an account, a hacker must not only know the password, they must have the physical device.
Finally, if you really want to protect your internet accounts, you should use biometrics. You can purchase biometric scanners, such as those that read your iris, fingerprint, or even recognize your voice. When using these, you will be unable to access your accounts unless you provide this biological information. There are a number of devices on the market that do this.
Though these steps might seem a bit time-consuming, they can be the difference between keeping your private and financial information safe and getting hacked.
Teenagers across the country are falling into drug dealing, theft, and prostitution in order to eat. This, according to a recent study, which found that poverty has been increasing throughout the U.S.
Researchers at the Urban Institute in Washington, D.C. have taken a close look at the current Census data, and this group estimates that more than 6.8 million Americans between the ages of 10 and 17 struggle to eat, including almost three million who currently have “very low food security.”
During this study, 20 different focus groups of teens were studied in 10 separate communities across the country. In eight out of the 10 communities, the study participants claimed that pre-teens and teens often participated in theft and drug dealing to make ends meet. In all 10 communities, teens claimed that they participated in prostitution. Additionally, in a couple of communities, teens intentionally committed petty crimes and went to jail in order to get a meal.
The stigma that surrounds hunger and poverty often stops many teens from reaching out for help. It’s true that some rely on friends, family, neighbors, or teachers, but too many face criminal acts to survive.
In the communities with the highest rates of poverty, these teens are often desperate and not only steal food for themselves, but also for their family. Teens in all of the studied communities, and in 13 out of the 20 focus groups, mentioned that several teens are “selling their body” or having “sex for money.” Mostly girls, the teens who are doing this are feeling pressed to the extreme to get the basic resources for their basic needs.
Many instances of having sex for money came in the form of girls regularly seeing a man, generally one who was much older, in exchange for food and other items. This, in turn, has opened these teens up to forms of sexual exploitation, with both men and boys harassing girls in the neighborhood. This includes everything from catcalls to stalking. Other girls gave sexual favors for cash or even stripped to make money to get food, and these acts took place in locations including flea markets and abandoned homes.
Looking at a case in Chicago, an 11-year-old girl dropped out of school to make money for her family in the sex industry. A group of boys in LA confirmed that the same thing happens there, and even claim that girls in middle school are sharing flyers in public to advertise their offerings.
Having food insecurity has had a significant effect on these teens, as they are at an extremely important stage in their physical and mental development. For those who do not have enough to eat, it undermines their emotional and physical growth, academic achievement, job performance, and stamina. This gets even worse when you look at the quality of the food that is available to them.
All of these actions including sex work, shoplifting, and drug dealing, severely affect the future of these teens. They risk dropping out of school, arrest, bodily harm, incarceration, and criminal records that might inhibit their future opportunities for employment.
There are a few solutions that could address this crisis, including offering more food from federal programs and more job opportunities for these teens. Counseling and informing the teens could also have a positive impact.
In the long run, making an investment in ending poverty is the only solution. This means that expanding housing assistance, creating more jobs, improving the access to existing jobs, and offering more cash assistance is necessary. To do this, however, will require some daring steps to make a big difference.
Fake news is a problem that is taking the internet by storm, and it ran rampant during the 2016 Presidential Election. In fact, many believe that fake news stories had a strong impact on the outcome of the election. In a survey following the election by the Pew Research Center, a whopping 64 percent of polled Americans said that fake news has given them a “great deal of confusion” about current events.
All of us have been fooled by fake news, and it doesn’t seem to be going anywhere, anytime soon. But, there are some lessons that we can learn from it: Here are five of those lessons:
Fear and the Unknown are Perfect for Fake News
One of the lessons that we can learn from fake news is that any event that causes fear or the unknown is the perfect breeding ground for fake stories. We live in a world where competition for attention is rampant, and headlines are written to make you click. Remember, anyone can write up a fake news story and make it look legitimate, and in many cases, these stories are based on fact. For instance, you might recall the stories of creepy clowns walking through neighborhoods earlier this year, which was actually real news. However, you might also recall that these clowns were going on murdering sprees. This is fake…it never happened, but because these stories appear on legitimate looking sites, people believe it.
Some Stories Fool Us All…
Another lesson to learn about fake news is that some stories are so good or so believable, that they fool us all. You might remember a meme that was shared stating that Donald Trump said that Republicans are the “dumbest group of voters in the country.” Due to the fact that Donald Trump doesn’t exactly keep his views silent and has made a habit of insulting people, most people took this for truth. It wasn’t. He never said it, but many believed it.
Most Fake Stories are Obviously Fake When You Actually Read Them
Most of us are tricked by fake news stories because we never actually read past the headlines. Writers of these stories make sure that these headlines are eye-catching and believable, in addition to viral. When we read a headline of a fake story, we often get the wrong impression of what the story is about. This is on purpose. If you actually click these stories and read them, you will often find that they have a lot of incorrect facts and are poorly written.
No One is Immune From Fake News
You will also find that no one is immune from fake news, and sometimes this news crosses over into the real world. Take the Pokemon Go phenomenon of this summer. There was a fake new story of a man who was stabbed while playing Pokemon Go in a bad neighborhood. However, a few days later, a man really WAS stabbed while playing the game.
There were also fake news stories that Hilary Clinton was given debate questions in advance. It was untrue. However, a few weeks later this actually happened.
Politics is a Huge Factor in Fake News
There is no question that politics are emotional, and this is not just the case in the U.S. It is also similar in Europe. Thus, the emotions of politics helps to make fake news extremely believable.
Many people simply do not trust the mainstream media, so they seek out other news sources. However, these news sources are extremely biased, highly believable, and generally fake.
You have probably noticed that many of these news stories over the past several months have focused on accusing the two Presidential candidates of crimes. There were also many stories about violence between supporters of the opposing parties. The vast majority of these stories were fake, and if you believed them, sorry to say, you were duped.
In our current climate of fear, anger, and hate, the facts are being clouded by emotions, and this is why we are so ready to believe the stories that fall in line with our beliefs. Facebook is not a trustworthy news site. Do your own research, go to trusted sites written by those who are fully researched. You will quickly see that fake stories become transparent once you have the facts.