Sponsor Robert Siciliano as he runs the Boston Marathon for Miles for Miracles, Children's Hospital Boston
ROBERT SICILIANO, CEO of www.IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

FREE EBOOK

Check here if you're human

Sponsors

Advisory Boards

10 most dangerous Facebook Scams

0
Pin It

Twenty percent of the world’s population is “on” Facebook—that’s well over a billion people.

14DTop 10 Most Popular Facebook Scams

  1. Profile visitor stats. It’s all about vanity. It doesn’t take long for any new Facebook user to see an ad offering to reveal how many people are viewing your profile. You can even find out who’s viewing. It must make a lot of FB users feel validated to know how many people are viewing them and just whom, because this scam comes in at the top.

    Is it really that important to know how many people are viewing your profile? Even if your self-worth depends on this information, Facebook can’t provide it. These ads are scams by hackers.

  2. Rihanna sex tape. What a sorry life someone must be leading to be lured into clicking a link that promises a video of a recording star having sex. Don’t click on any Rihanna sex tape link, because the only intimacy you’ll ultimately witness is a hacker getting into your computer.
  3. Change your profile color. Don’t click on anything that relates to changing your FB profile color. Facebook is blue. Get over it. You’ll never get red, purple, pink, black, grey, white, red, orange or brownish-magenta. Forget it. Deal. If you see this offering in your news feed, ignore it. It’s a scam.
  4. Free Facebook tee shirt. Though this offering seems quite innocuous, anyone who never rushes to click things will realize that this can’t possibly be legitimate. Do you realize how much a billion tee shirts cost? Even if you don’t know that one-fifth the world’s population uses Facebook, you should know that an enormous number of people use it and they aren’t getting a t-shirt.
    1. Where would Facebook get the money to 1) produce all those tee shirts (even if one-tenth of FB users wanted one, that’s still a LOT of money), and 2) mail the shirts out, and 3) pay reams of people to package the shirts and address the packages? People, THINK before you click!
  5. See your top 10 Facebook stalkers. This is just so funny, how can anyone take it seriously and be lured into clicking it?
  6. Free giveaways. It’s cliché time: Nothing’s free in this world—certainly not on Facebook. End of story.
  7. See if a friend has deleted you. This, too, sounds suspicious. And besides, is it really that important if a “friend” has deleted you? Do you even personally know every individual who has ever friended you? This feature does not exist. You’re better off pretending that nobody would ever want to delete you because you’re so special! But actually, there are plug-ins available that perform this function, but still, stay away.
  8. Find out who viewed your profile. Again, here’s a scam that works well on people who have too much time on their hands. This function doesn’t exist on Facebook.
  9. Just changed my Facebook theme and it’s rad! Ignore this at all costs.
  10. Tragedy of the day. Whenever there is something horrific going on such as Mother Nature getting all murderous or some manmade disaster or even a celebrity dying, you can be sure Facebook scammers are on top of the breaking news with a “video” or “photo” that simply isn’t. Just don’t click it.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Filed Under: Facebook scams

How to revive Someone who blacks out

0
Pin It

Fainting, or “blacking out,” has numerous causes. Sometimes the person “comes to” quickly (e.g., the cause is prolonged standing in heat), or the person won’t respond (illness), and this kind of cause can be life threatening.

1MSigns someone’s about to faint include frequent yawning, chest tightness, teetering, heart palpitations, nausea, a slow pulse, dizziness, lightheadedness, and sweaty, cool and/or pale skin.

At the onset of these signs, one should lie or sit, then place head between legs to increase blood flow to the brain. This should remedy the problem in many cases. But if someone faints and doesn’t regain consciousness, it could mean a serious condition like heart attack, head injury, diabetic complication or a drug or alcohol overdose. Seek help for them in such cases.

Move the person to a cooler place if you suspect excessive heat. Lay them on their back, with legs elevated 8-12 inches. With a cool moist cloth, wipe their forehead. Loosen clothes and if possible, give them water with a teaspoon of salt, or a sports drink.

Tilt the head back and lift the chin to help air get through. Make sure they’re breathing. If they aren’t, call 9-1-1 and begin CPR. Roll victim on their side if they vomit. Check for injuries if the victim has fallen.

What never to do:

  • Never try to get an unconscious person to swallow fluids.
  • Never leave an unconscious person alone.
  • Don’t splash water on the victim; don’t shake or slap.
  • Don’t put a pillow under their head.
  • Don’t move the victim unless it’s absolutely necessary.

Call 9-1-1 for a fainted person if:

  • There’s no breathing
  • They have diabetes
  • They’re bleeding or injured
  • There’s chest symptoms or a pounding or irregular pulse
  • They’re pregnant
  • They’re 50-plus
  • There are stroke symptoms: slurred speech, numbness, paralysis, one-sided weakness, visual disturbances
  • They haven’t come to after two minutes

In the meantime, make sure the victim’s airway is open, that they’re breathing and have circulation (heartbeat). Check their body for medical information such as a bracelet.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home security

Is private NSA proof E-mail possible?

0
Pin It

You can buy encryption tools to prevent people from reading the contents of your e-mails should they intercept them. But what about those who have NSA-caliber resources and skills?

7WThe problem is that encryption services usually leave wide open the e-mail’s metadata: e.g., sender, recipient, subject line and timestamp.

But a new service, ShazzleMail, delivers e-mail straight from sender to recipient without any metadata.

ShazzleMail software is downloaded, then encrypts e-mails, but your device must be switched on so that the recipient could download the e-mail.

If the recipient doesn’t have ShazzleMail, they’ll get a message headline, “Secure Message from Jack Jones,” plus a message text: “Jack Jones has sent you a secure, encrypted e-mail via ShazzleMail. Click to View.” ShazzleMail is free, though there’s an enterprise version for a monthly fee of $5.

Can a hacker defeat ShazzleMail? Well, without any metadata, how can a hacker track the message’s path? There’s no middleman; the messages go straight from sender to recipient. ShazzleMail says, however, that it’s not fool-proof against the NSA if the NSA wants to really go at it. Nevertheless, ShazzleMail puts a lot more barbed wire on that fence.

And then there’s Enlocked, which offers “military-grade e-mail security” for professionals by encrypting e-mails before they’re sent. However, the metadata is visible. This is a big problem if the mere communication between two parties is significant, or the timeline or whom the parties are is very telling.

Another option is Raellic Systems, which has software that lets users select from three levels of privacy.

Hushmail is another contender. They state: Hushmail can protect you against eavesdropping, government surveillance, unauthorized content analysis, identity theft and email forgery. When you are using Hushmail, the connection between your computer and the Hushmail server is protected by encryption. That means that if someone is eavesdropping on your Internet connection, they will not be able to read the traffic that you send to the Hushmail website. This is especially important if you are using your computer on a public or office network, or if you are using a wireless connection that is not encrypted.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Filed Under: online security

Malware and Phishing Warnings in Chrome Browser to be changed by Google

0
Pin It

Google normally displays a malware and phishing warning in the Chrome browser. There are plans, though, to alter the display. Currently it’s a white warning against a red background. The new display will be an entirely red page, with a big X at the display’s top. These warnings tell the user that the site they’re about to visit may try to install malware or con you into giving up personal information.

13DThe new warning, like the current one, gives users the option to skip it and go to the website, but they must first acknowledge what they’re about to do.

Though a date for the changes hasn’t been set, they can be viewed on the Dev and Canary builds of Chrome.

The changes are designed to better indicate to users that an attack might happen, rather than make them think that one already has happened. After all, a malware warning should not scare you away, but instead, inform. Nevertheless, many malware warnings get ignored anyways.

A study showed that people were twice as likely to bypass a warning if the website was already part of their browsing history. This indicates that users are not so likely to believe that a previously visited, and especially popular, site could be threatening.

The study recommends that warnings should be formulated to let people know that even “high-reputation websites” can be malicious, poised to download a virus or deceive you into giving out your Social Security number.

The malware and phishing warnings on Chrome will perhaps always be in a state of further development.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Filed Under: malware

Know your Options for Self-Defense

0
Pin It

Most people don’t give good hard thinking to their capabilities in a physical assault situation. You need not be built like an MMA fighter to know effective self-defense.

1SDAn ounce of prevention is worth a pound of safety.

Attackers look for unsuspecting targets. Walk and park only in well-lit areas. Never park right beside a van. In the parking lot, always keep your biggest key poking out between two fingers; it makes a great weapon.

If a thug demands your wallet or purse, hand it over. Your life isn’t worth that designer handbag. But what if it’s a situation where you must fight for your life?

The second he touches you or you can’t get away, holler in your most primal, pissed-off voice, “Get the F— Out of Here!” Sound like thug, not a lady. Push at the offender. The vocal noise alerts nearby people, and it, and the shoving, tell the offender you’re not easy game.

You have only a few seconds to scare off the attacker. You must inflict pain on the attacker, or be hurt by him or her. So go for the eyes, ears, nose, neck, knee, leg and of course, groin.

Strike a vulnerable body part from where you’re at, rather than moving in closer; kick a knee rather then stepping in to pull the ears. Upper body strikes are done with the hand: its outer edge, a palm, a knuckle hit or a tightly clenched fist. Don’t think for a single second that scratching the attacker’s cheeks will scare him off, use those fingers to poke an eye.

Eyes

  • Poke, gouge, stab or dig long nails into. Ever got accidentally hit in the eye? It’s disabling for several moments. Imagine what full-out, angry poking or gouging would do.

Nose

  • Drive a palm upward into their nose. Put all your body weight into it.
  • Do the same with your elbow if the attacker is behind you; go for the nasal bones.

Neck

  • Aim for the sides, where major blood vessels are. A knife-hand (outside ridge) at the side of the neck will stun him long enough to let you escape. An elbow strike, with body weight behind it, to the neck can knock him out cold.

Knee

  • Even the biggest guy can be brought tumbling down with a strong kick to the knee. Drive your foot into the side of the knee, which is more vulnerable as far as losing balance.

Groin

  • Hit it with your hand open or closed. Use your knew or elbow. Kick it with your feet or even your head. Just hit it hard and often.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home security

Identity proofing proves who You are

0
Pin It

Identity proofing is proof of whom you are. Proving one’s identity starts with that person answering questions that only they themselves can answer (even if the answers are fictitious), such as their favorite movie, mother’s maiden name or name of their high school. Since most people provide real answers (that can be found online) rather than “Pointy Ear Vulcan Science Academy” as the name of their high school, this technique is on its way to the dogs.

8DMichael Chertoff, the former chief of the Department of Homeland Security, stated, “I’m going to submit to you that in the 21st Century, the most important asset that we have to protect as individuals and as part of our nation is the control of our identity, who we are, how we identify ourselves, whether other people are permitted to masquerade and pretend to be us, and thereby damage our livelihood, damage our assets, damage our reputation, damage our standing in our community.”

New Jersey suffered one of the biggest unemployment frauds, and to date, has identified over 300,000 people who attempted to fraudulently collect benefits via ID theft, among other improper schemes but also honest errors. However, New Jersey is turning things around.

It’s the only state that’s used identity proofing to fight unemployment benefit fraud, which mandates that job applicants verify a number of personal details through a quiz on New Jersey’s labor department’s website.

The use of billions of public records, collected by LexisNexis, verifies the details, to filter out imposters seeking unemployment benefits. The idea is for honest people to provide answers to questions: information that crooks can’t extract from googling.

This approach has rewarded New Jersey well, with nearly 650 cases of potential ID theft prevented. The state has also saved $65 million since May 2012 after blocking foreign IP addresses from gaining access to its unemployment system. Other states are following suit.

Improper payments (including for jobless benefits) have been occurring for years. Over $176 million in grants, to stop this problem, was issued by Washington in 2013 to 40 states. The errors in unemployment benefits payments on a national level have been about 10 percent for the past 10 years.

Businesses and government frequently must take the brunt of the fraud and waste despite an unemployment insurance system in place.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Filed Under: Identity Theft

6 Ways to Secure Your Email Account

0
Pin It

On August 30th, 1982, a copyright for a Computer Program for Electronic Mail System was issued to Shiva Ayvadurai. Thus, email was born. 32 years later, email has become an essential part of our lives. Emails are a must-have item,
allowing us to connect and share information with friends, teachers, and co-workers.

emailTo celebrate email’s birthday, here are 6 ways to secure your email account.

  1. Think twice before opening unfamiliar emails. Do you open your front door to just anyone? Of course not. Don’t open strange emails or any email that you’re not completely confident in.
  2. Be cautious about email links and attachments. Hackers use links and attachments to download nasty malware onto your computer. If an email seems suspicious, don’t click or download anything.
  3. Use 2-step verification. Email services like Gmail allow you to enable two-step verification because it adds more security to your account. After you enter a password and username, you enter a code sent by the email service to your phone when you sign in.
  4. Beware of public computers. Never use a public computer to log into your email accounts, not even your cousin’s or best friend’s computer—you don’t know if they’ve been infected.
  5. Use strong, unique passwords. If your password is “password”, you might want to change it to something more unique. I recommend a password with 8 or more characters with a mix of upper-case letters, lower-case letters, and numbers.
  6. Use comprehensive security software. McAfee LiveSafe™ service can make protecting your email even easier with a strong firewall to block hackers, viruses, and worms and a password manager to help you remember all of your logins.

Happy Birthday email!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Filed Under: hackers

6 Ways to Protect your Internet of Things from Hackers

0
Pin It

Everything seems like it is connected to the Internet, just about, including TVs, home thermostats, sprinkler controls, door locks, egg trays (yes, there’s an app for that), tooth brushes (cray cray), and more.

11DA study by HP shows that 70 percent of devices have vulnerabilities. Researchers have revealed that most of the devices in their study, plus the devices’ mobile and cloud applications, had a welcome mat for hackers.

Most of these devices had weak passwords (like qwerty) or weakly protected credentials (unencrypted): beacons for hackers. Seventy percent of the devices lacked encryption. Sixty percent had insecure software updates.

The Open Web Application Security Project notes that vulnerabilities include poor physical security of devices. Gartner, an industry analysis firm, predicts that over 26 billion items, by 2020, will be connected to the Internet. And this includes all sorts of stuff in your home.

All these “smart” devices are a little too dumb and need even smarter protection. The more connected you and all the things in your home are, the more vulnerable you truly are.

Just think of how much of your personal information gets all over cyberspace when you’re so connected, including where your person is at any moment and medical details. Its these “peripheral” devices that connect to your wired or wireless network that in some way connect to your desktop, laptop, tablet or smartphone that criminals are after. Once they hack, say your thermostat, that may give them a backdoor to your data.

Device makers are not bound by any policies to regulate safety/security, making the instruments highly prone to cyber criminals. Worse, most people don’t know how to spot attacks or reverse the damage.

So how do you create a “smarthome”?

  1. First, do your homework. Before you purchase that smarthome device, take a good hard look at the company’s security policy. How easy can this device be updated? Don’t make the purchase if you have any doubts. Take the time to contact the manufacturer and get your questions answered. Know exactly what you’re about to sink your teeth into.
  2. Your device, new or old, should be protected with a password. Don’t keep saying, “I’ll get around to it.” Get it done now. If you’ve had a password already, maybe it’s time to change it; update them from time to time and use two-step verification whenever available. If you recently created a new password for security purposes, change it if it’s not long, strong and unique. A brand new password of 0987poi is weak (sequential keyboard characters). Criminals are aware of these kinds of passwords in whats called a “dictionary attack” of known passwords.
  3. Make sure that your software/firmware is updated on a regular basis. If you see an update offered, run it, rather than getting annoyed by it and clicking “later” or cancelling it. The updated version may contain patches to seal up recently detected security threats.
  4. Cautiously browse the Internet. Don’t be click-happy. Make sure whenever using a wireless connection, especially those that are free public WiFi use Hotspot Shield to encrypt your data in transit.
  5. Don’t feel you must click on every offer or ad that comes your way, or on links just because they’re inside e-mails. Don’t click on offers that seem too good to be true.
  6. Your mobile devices should be protected. This doesn’t just mean your smartphone, but the smart gadgets that your smartphone or tablets control, like that egg tray that can alert you when you’re running low on eggs.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Filed Under: hackers

How hackable is my Home Security System?

0
Pin It

In a few words, there are some issues. But, really, don’t worry about it. But be aware of whats going on. So are your home’s Internet-connected smart gadgets smart enough to ward off hackers? A research team found that they’re pretty dumb in this area.

4DA house was filled with smart gadgets in an experiment to see if researchers could hack into their security systems.

Baby monitors and Wi-Fi cameras bombed. One camera even granted access after the default login and password were entered. These gadgets use web server software to post online images, and that’s where the loophole exists—in over five million gadgets already online.

The researchers were able to take control of other gadgets as well. There’s a widely used networking system by the gadgets, called UPnP. This allowed the researchers to gain control. The gadgets use UPnP to reach servers that are out on the wider network, and this can expose them to hackers. When a password is built-in and can’t be changed, this makes the situation even worse.

A rather unnerving part of the experiment involved a microphone on a smart TV. The team was able to bug a living room through this. So if you’re sitting there with no shirt on enjoying a movie on that smart TV…someone could be sitting a thousand miles away—or down the street—enjoying watching YOU.

With the way cyber crime is evolving, the risks of having smart gadgets will likely grow bigger and bigger.

The prognosis from the research: Looks like smart gadgets will be easy prey for cyber predators in the near future. Manufacturers need to improve their ability to secure their products. And there’s no simple method for updating the flimsy firmware on the smart gadgets in the first place.

And would it be cost-effective to improve products? One researcher says yes for many products. Would “hardening” the products compromise their usability? For the most part, no. A balance can be struck. But right now, compromised usability is the least of the problems out there. There’s actually a lot of room to fix the flaws without hampering the user’s experience.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Filed Under: home security

Use Door Reinforcement to beef up your Home Security

0
Pin It

Though there’s no such thing as a 100 percent burglar-proof home, there’s also no such thing as a burglar who has the skills of Mission Impossible’s Ethan Hunt, Spiderman or the Hulk, either. With enough security measures, you can almost make your home burglar-proof.

DDWhen homeowners think of security, often only a limited range of devices comes into mind. For example, how many people even know that shatter proof glass exists? How many people would think to install fake (but real looking) surveillance cameras at all entry points where anyone can easily see them?

Have you ever even wondered just how much you can do with your front door to deter a break-in? First off, doors can be kicked in (three-quarter inch pine), even if they have a good lock (one-half inch screws and a stock strike plate). So when you see Detective Olivia Benson on “Law & Order: SVU” kicking down doors, that’s not unrealistic.

Door Reinforcement Devices

  • Door knob/deadbolt wrap. Installed on the door, these strengthen the area around the locks.
  • Door brace. These can be vertical or floor mounted, making it harder to kick down a door.
  • Door bar jammer. This bar device snuggly fits under a doorknob and is angled 45 degrees to the floor.
  • Strike plate. The thicker version is about three or four inches long.
  • Door frame reinforcement. Typically made of steel, this device can be up to four feet long and is installed on the door jamb center, over the existing strike plates. Braces come in different styles.

Kicking down a door—a common scene in cops-and-robbers TV shows and movies, is actually the No. 1 way criminals get into locked houses. They know where to kick; a door has a weak area and the frame can easily be kicked down.

A standard door security consists of two to four little screws that go through one or two small strike plates, that are attached to a thin door frame that consists of 1/2” to 3/4” pine with a ½” thick molding. A 6 year old can karate chop ½” pine. No wonder it’s so easy to blow apart the frame with a foot.

That’s where The Door Devil Anti Kick Door Jamb Security Kit comes in. It’s a one-sixteenth inch heavy steel, four feet long bar, installed on the door jamb center—over the existing strike plates. It makes all that thin wood obsolete because it screws directly into the doors frame.

The Kit includes:

  • 48 inch steel door jamb reinforcement to replace the three-inch brass strike plate
  • Four feet of the door frame absorbs force.
  • The 3.5 inch screws are heavy and three and a half inches, driven into 2×4 studs behind the frame.
  • The three inch screws reinforce the hinges.

Once this system is installed, you’re done. The only additional work is when you lock and unlock the door.

Door reinforcement is just one layer of security that should be complemented with other forms of security like surveillance cameras, motion detection lights and a home security system.

Most burglars aren’t MMA fighters. If the first few kicks fail to rattle a door, they will give up and move on to the next target.

Robert Siciliano is a home and personal security expert to DoorDevil.com discussing Anti-Kick door reinforcement on YouTube. Disclosures.

Filed Under: home security
Xtreme School

Featured in

Anderson Cooper John Stossel Robert Siciliano Featured in
Browse by Month

Browse by Category