20 Home Security Tips

/in , /by

Angee, the new Kickstarter campaign that raised over $250,000 already, will revolutionize home security in more ways than one. Meanwhile, get going on these 20 home security tips: ANG3

  • Keep all doors and windows locked at all times. Yes, on hot summer days it’s tempting to keep windows open, but at least be very discriminate about this.
  • Keep the garage door closed at all times, even on hot days. But if you’re positive that leaving it slightly open cools the rest of the house, limit this to about four inches.
  • Reinforce doors with door jamb reinforcements.
  • All doors should have high grade deadbolts.
  • All first-story and basement windows should have Charlie bars, rods or gadgets that prevent horizontally-sliding windows from being slid open.
  • The address numbers for your house should be big and easy for first responders to see.
  • Though you may not care what your grass looks like when not cut, burglars do. That’s because a lawn that looks like it hasn’t been cared for in a while makes burglars think nobody’s been home for weeks…
  • And speaking of which, burglars also notice if paper delivery has been accumulating, or the house is always dark in the evenings. If you’re away a lot or don’t use much lighting when you’re home, use automatic lighting devices.
  • Never put a note on any door outside that says you’ll “be back in a few.”
  • Before you go out on errands, put the phone’s ringer on mute so that burglars don’t hear unanswered rings.
  • Before dusk approaches, close curtains and blinds. A favorite way burglars case houses is to look inside when it’s dark.
  • Never smoke when drowsy and always rinse butts before tossing them.
  • Never hide spare keys near your front door; a burglar will find them. Give to a trusted neighbour or other adult.
  • Put valuables in a safe—preferably a big one (small safes are often stolen without being picked open on the spot).
  • Doors should have peepholes. Never open the door if you can’t tell who’s there and are not expecting anyone.
  • Have a smoke alarm on each floor.
  • Devise a fire escape plan and then regularly drill the family in it.
  • Always turn off hot things like curling irons when you’re not using them.
  • Never leave anything burning while you’re outside the house.
  • Flammable items should be kept away from the house. This includes dried up leaves and brush.

Robert Siciliano, personal and home security specialist to Angee. Learn more about Angee in this Video. Support Angee on Kickstarter. See Disclosures.

Fake IDs are everywhere

/in /by

Okay, so you’re 18 or 19 and in college, and are stressed because you have to be 21 in order to gain entry to a night club or bar where you’d like to drink up a storm and mingle with a “more mature” crowd. Or really, you just want to meet someone.

8DLife sure is tough, isn’t it? You have to wait till you’re 21, but by then…you may be graduated from college (and a lot more mature, and thus, getting plastered would no longer have appeal). What a bummer, dude! The time to have fun is when you’re young and irresponsible!

Many U.S. college kids circumvent this age restriction with the fake ID. And over the years, it’s gotten easier to get the fake ID, thanks to the Internet. In fact, the Internet is replete with sellers of fake IDs to anonymous customers.

An article at businessinsider.com describes how the “subreddit” vendor site even provides threads where visitors could get information on how to use this site, which is encrypted (not surprising).

Nevertheless, college kids can still get fake IDs the old-fashioned way: by asking around. It won’t be long before they have contact information and simple instructions regarding payment and sending the supplier a photo.

Beware of the Consequences of Getting Caught with a Fake ID

  • Come on, is it really worth it? Do you know any grad students who go through their days haunted with agony because they never had a fake ID as undergrads?
  • Depending on what state you’re residing in if you get busted, you can get put in jail.
  • Some states yield only the misdemeanor charge, while other states will get you a felony charge.
  • Using an older person’s ID (e.g., Big Sis who looks like you) will not only mean trouble for you, but for Big Sis, too.
  • Don’t think for a second that getting caught means a little time facing a crabby judge and then going home like nothing ever happened.
  • Sending all your data to a criminal who makes fake IDs can facilitate your own identity stolen. There is no honor among thieves.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Surveillance Video captures Home Invasion

/in , , /by

A man was assaulted by three or four men when he arrived home, through his garage door at 5:40 a.m. It’s very apparent that the attackers knew he’d be arriving home at around this time and decided to wait for him, says a report at ksla.com.

2BThis recent home invasion occurred in the Dogwood South subdivision in Louisiana. Though video surveillance recorded the crime, it’s not clear who the assailants are, as they were masked. Detectives are working hard at getting some leads.

The man, along with his wife, were bound with duct-tape. The man suffered minor injuries. The couple’s two young children were not harmed. The assailants made off with money and jewelry.

Needless to say, neighbors are unraveled, and the victims do not want to appear on camera for a news interview. The presence of police that lingered around the victims’ house went anything but unnoticed, so a post went up on the sheriff’s department Facebook page.

Rumors had developed that there were more home invasions in Dogwood South, but the Facebook page straightened this out by reporting “This simply isn’t true.”In fact, it’s been a very long time since the last home invasion in this area.

Residents should not equate the vehicle burglaries in the area with the crime of home invasion.

The Facebook post is asking that people call in tips to 318-965-2203.

I guess the good news is that, unlike some home invaders, these crumbs spared their victims’ lives. But now the victims probably keep wondering if the assailants, who were armed, will return.

Could home invaders be waiting for you? You just never know. Certainly, the victim in this story never thought something like this could happen as he arrived home.

  • Have pepper spray in your home and car, ready to pull out.
  • Look carefully around before you exit your car in the dark.
  • Have the pepper spray in your hand.
  • Close the garage immediately; don’t let it linger open.
  • Make sure no obscuring shrubbery is growing near any entrances to your house or near any windows.
  • Before entering your car, even if it’s been in the garage, look in the back seat. You just never know if a dangerous person could have somehow gotten in and is waiting for you.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

5 In-Demand Cybersecurity Specialties

/in /by

There are numerous subspecialties within the booming cybersecurity field[i]. Here are some of the most in-demand professions:

Cybersecurity Engineer: This is the all-around, jack-of-all-trades, go-to guy or gal of cybersecurity. For all intents and purposes, a cybersecurity engineer is a hacker – but a good one. Using their advanced knowledge of malware, viruses, theft, DDoS attacks and other digital threats, cybersecurity engineers defend organizations against crime online. Personality traits required for this role include being flexible, nimble and a do-it-yourselfer. Candidates also must have:

  • A good background in penetration testing.
  • Experience with additional online security measures.
  • On-the-job experience, which is an absolute must for this position.

Malware Analyst: If you choose to specialize, working as a malware analyst is like being an oncologist fighting cancer. There’s research, removal or treatment, and it’s up to you to decide how to apply your training.

With millions of types of malware on PCs, Macs and even mobile devices there’s a significant shortage of experts in this highly in-demand field. Responsibilities include:

  • Identifying and fighting viruses, worms and Trojan attacks.
  • Educating companies about malicious software.
  • Analyzing malware inside and out.
  • Developing tactics to help prevent future attacks.

Application Security Administrator: Back in the days of desktop computing, the only means of compromising data were to insert a contaminated floppy disk into a PC or open an infected email attachment. We’ll call this the “anti-virus era.”

Next came the “network security era.” The need for cybersecurity evolved with the Internet as more companies developed internal and external networks.

Information security has evolved yet again. Today, we live in the “application security era.” The demand for application security administrators is nearly limitless. The job includes:

  • Performing application security reviews, looking for potential weaknesses.
  • Writing testing code for applications.
  • Ensuring a company’s applications comply with the minimum standards for security.
  • Ensuring that any applications that the company uses conform to the minimum standards for privacy.

Chief Information Security Officer (CISO): CISO is the top position managers in the field of cybersecurity work toward achieving. Prospective candidates should take a multifaceted approach to cyber education with courses in business fundamentals. Responsibilities might include:

  • Monitoring the efficacy of security operations.
  • Preparing a company to fight cyber attacks.
  • Designing strategies to oppose imminent threats as well as threats in their early stages.
  • Looking for cyber intrusions.
  • Analyzing the company for possible holes in its network.
  • Managing other security personnel.

Security Consultant: It’s tough to land a 9-5 job as a security consultant, but this is one of the most gratifying positions one can pursue when engaged in the diverse and rapidly changing world of cybersecurity.

Consultants come in two flavors: they have a knack for solving problems in a particular niche, or they have accumulated knowledge of multiple systems over the course of their career. Security consultants are expected to:

  • Work with companies to come up with security tactics that align with the company’s particular needs.
  • Possess knowledge about security standards, systems, etc.
  • Have superb communication and management skills, as the security consultant will need to interface with management and know the company’s corporate policies.
  • Test security measures that they’ve recommended.

When choosing a specialty keep a few things in mind. Try to choose one that can compliment another in the event you decide to make a change. Research how much training and education in time and money might be needed. Are there certifications that need to be re-qualified for and how often? Consider the dynamics of the specialty such as will you be working with individuals, teams, or by yourself. Will there be travel involved? Does it require overtime or is it a straight 40 hour a week job?

No matter what you choose, follow your heart.

I’m compensated by University of Phoenix for this blog. As always, all thoughts and opinions are my own.

[i]  http://www.bls.gov/opub/btn/volume-2/careers-in-growing-field-of-information-technology-services.htm

Sales Staff Targeted by Cyber Criminals

/in , , /by

Companies that cut corners by giving cybersecurity training only to their technical staff and the “big wigs” are throwing out the welcome mat to hackers. Cyber criminals know that the ripe fruit to pick is a company’s sales staff. Often, the sales personnel are clueless about the No. 1 way that hackers “get in”: the phishing e-mail. Salespeople are also vulnerable to falling for other lures generated by master hackers.

11DIn a recent study, Intel Security urges businesses to train non-technical (including sales) employees. Sales personnel are at highest risk of making that wrong click because they have such frequent contact in cyberspace with non-employees of their company.

Next in line for the riskiest positions are call center and customer service personnel. People tend to think that the company’s executives are at greatest risk, but look no further than sales, call center and customer service departments as the employees who are most prone to social engineering.

It’s not unheard of for businesses to overlook the training of sales employees and other non-technical staff in cybersecurity. Saving costs explains this in some cases, but so does the myth that non-technical employees don’t need much cybersecurity training.

Intel Security’s report says that the most common methods of hackers is the browser attack, stealth attack, SSL attack, network abuse and evasive technologies.

In particular, the stealth attack is a beast. Intel Security has uncovered 387 new such threats per minute. IT teams have their work cut out for them, struggling to keep pace with these minute-by-minute evolving threats. This doesn’t make it any easier to train non-technical staff in cybersecurity, but it makes it all the more crucial.

Training non-technical staff, particularly those who have frequent online correspondence and have the gift of cyber gab, is the meat and potatoes of company security.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Don’t Be Lazy With Your Passwords

/in , /by

It can be tough being a responsible adult sometimes, and managing these responsibilities isn’t always a chore that I want to deal with. Can you relate? Managing life takes focus and effort, and managing your online life is no different. Most of us are lazy with our online accounts, especially when it comes to our passwords. It is easy to use the same password for every account, but this also makes it very easy for hackers to access your passwords.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294You Need a Password Manager

Most of us have several online accounts that require different passwords. However, trying to remember all of these passwords is difficult, so it is no wonder that people choose to only use one password for every account. How can you avoid this? You should use a password manager.

  • Password managers will help a person not only create a password that is safe and secure, but all of the passwords you choose can be stored and managed by using a master password.
  • A master password allows you to get access to all of your accounts by using only one password.
  • When you have a password manager, you will no longer have to reset passwords, and your online accounts will be more secure than ever before.

Making Passwords Strong and Secure

There are a number of ways to make your passwords secure and strong. But don’t just take my word for it, according to Bill Carey, VP Marketing for the RoboForm Password Manager “The number one thing a user can do to protect themselves online is use a strong unique password for every website”

  • Passwords should be a minimum of eight characters long.
  • All passwords should also have letters, numbers and characters that do not spell another word.
  • Make sure to use different passwords for different accounts. This is especially the case for banking and other websites that contain sensitive information.
  • Passwords should be changed frequently to ensure safety and security.

Those who have weak passwords are more susceptible to hacks and scams. Make sure to take these tips to heart and protect your sensitive online information.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How Passwords Get Hacked

/in /by

If I wanted to crack one of your passwords, I could probably make a series of educated guesses and get pretty close. Why? Because people tend to stick with simple, easy to remember passwords, but these are the passwords that are easy to hack. According to Bill Carey, VP Marketing for the RoboForm Password Manager “Users need to take personal responsibility for their passwords and not assume that companies will keep them safe.”

4DHackers Have Many Ways to Get Into Your Accounts

There are many ways that a hacker can get into an online account.

  • A brute force attack is one of the simplest ways to gain access to information, and is generally done when a hacker writes a special code to log into a site using specific usernames and passwords.
  • A hacker usually focuses on websites that are not known for security, such as forums…and if you are like most people, the same password and username you use on your favorite gardening site is the same you use at your bank…or at least a version of it.
  • The hacker instructs the code to try thousands of different username and password combinations on the target site, such as your bank.
  • What makes this easier? Your computer stores cookies, which have information on your login credentials, in a neat, orderly unencrypted folder on the cache of your web browser. As soon as this is accessed, it can be used to get into online accounts.

How to Improve Your Passwords

There are a number of expert tips that will help to improve your passwords:

  • Substitute numbers for letters that look similar, such as @ for O, i.e. M@delTFord.
  • Throw in a random capital letter where it usually shouldn’t be, i.e. PaviLlion723.
  • Have a different username and password combination for every account.
  • Consider using a password manager to keep track of all of your account credentials. This way, you won’t have to worry about remembering all of the symbols and letters. These password managers also automatically fill passwords in on web pages or on devices.
  • Test your password strength with an online tester, but make sure it is from a reputable source, such as Microsoft or even beter use the experts over at password manager RoboForm – http://www.roboform.com/how-secure-is-my-password.

Don’t learn a hard lesson when it comes to your passwords. Take the steps today to update your log in credentials, and have a safer tomorrow.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.

How to prevent your Pics from being lifted: Part 2 of 2

/in , /by

There are many reasons someone might right-click on your image and “Save image as…”

Porn, Sex and Dating Sites

  • A woman might steal your blog headshot and use it for her dating site profile.
  • A perv might take the picture of your child off your Facebook page and put it on a porn site.
  • A person who runs a racy dating site might take your image and use it to advertise his service.

Scams

  • Someone might use, without your knowledge, a photo of your house for a rental scam.
  • Your motorcycle, jet ski, boat, puppy…you name it…could be used for scam for-classified sale ads.
  • Your avatar may be used for a phony Facebook account to then be posted in the comments section of news articles pitching some get-rich-quick scheme.

Fantasy Lives

  • Your image could be used by a lonely person to create a fictitious Facebook account.
  • A person with a real Facebook account may be so desperate for friends that they use your photo to create a fake account to then add as a friend.
  • Someone you know may steal your photo (such as an ex-lover) and create a social media account in your name, then post things on it that make you look really bad.

How can you protect your digital life?

  • For your social media accounts, make sure your privacy settings are on their highest so that the whole world can’t see your life.
  • Watermark your images so that they have less appeal to image thieves, but keep in mind that they’ll have less appeal to you too.
  • It’s one thing when an image of your house was stolen for a rental scam, but it’s a whole new animal if an image of your naked body or you engaged in a sex act was stolen. So don’t put racy images online. Never.
  • Explain to your kids about the risks of stolen images.
  • Make sure their social media privacy settings are high.
  • It’s possible your smartphone automatically stores pictures you take online. Turn off this feature.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing identity theft prevention.

Dept. of Homeland Security Computers Vulnerable

/in , /by

There’s a problem on the home front: security lapses in the computers of the Secret Service and Immigration and Customs Enforcement, says a report on townhall.com. These departments were recently audited, and weaknesses were revealed.

1DRecently, hackers got into the White House, State Department and the Office of Personnel Management, among other entities. And this has caused the public to wonder about just how strong cybersecurity is for the U.S. government. So thus, the audit was carried out.

The root of the problem may be inadequate training of the investigators and analysts for the Department of Homeland Security. This seems to have stemmed from Congress cutting corners with the training budget. The internal websites for the Secret Service and ICE were shown to be deficient.

How many employees are in the Department of Homeland Security? 240,000. That’s a lot of potential for inadequate training to result in the accidental opening of a back door for hackers.

The audit made nine recommendations to the DHS. The DHS has reported that it’s been making efforts to address these recommendations.

  • The Secret Service and ICE are responsible for coming down on financial fraud, money laundering, identity theft and fraud involving banks and credit cards.
  • The National Protection and Programs Directorate (NPPD) was also audited, and this entity is responsible for the security of government computers.
  • ICE, the Secret Service and the NPPD blame Congress for the security lapses. They point out that Congress has a stop-and-go style of funding for cybersecurity, because Congress will not authorize ongoing funding throughout the year.
  • In fact, an ICE analyst revealed that he had to pay out of pocket for cybersecurity training, and thanks to the limited budget for this, was not able to attend formal training in four years.

The report states that employees may not be able to perform assigned incident responses to a cyber attack, nor efficiently investigate such an incident, as long as training was come-and-go and only peppered throughout the DHS instead of being department-wide.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

How to Set Up a Password Manager

/in , /by

If you have made the decision to use a password manager for your personal cybersecurity, which I highly recommend, you will quickly find that you online world is safer, easier and more secure than ever before.

7WAccording to a recently concluded survey conducted by uSamp and sponsored by Siber Systems, creators of the RoboForm Password Manager, 63% of respondents reported forgetting a password, or had a password become compromised, in their professional life.  But it doesn’t need to be this difficult.

What Does a Password Manager Do?

Before choosing a password manager and setting up an account, you may be curious to see exactly what they do:

  • A password manager stores the passwords for your online accounts in one, easy to access place, as long as you have access to the master password.
  • The passwords are stored and encrypted by the password manager software, and the information is controlled by a master password.
  • The password manager will allow you to create a strong password for every account without the need to have to remember them.
  • Many password managers can sync across devices and platforms, as well as browsers, so you can use it with almost any online account you have.

Setting Up a Password Manager is Easier Than You Think

Setting up a password manager is typically easy, and the process begins by downloading the manager onto your device.

  • Setting up the account is no different than sitting up any other account. You will need a user ID, password, name and email address in most cases.
  • Each device you use should have the password manager installed onto it.
  • The data will automatically sync from device to device as it is updated according to information from RoboForm.com.
  • As long as the master password is kept safe, the data stored within the password manager is secure.
  • To start saving passwords to the password manager, log into websites as you normally do, and then the program will ask if you want to save the log in information. Once the information is saved, each time you go to the site and attempt to log into your account, the password manager will automatically enter your information.

As you can see, using a setting up a password manager is quite simple, and it is likely easier than you ever thought in the past. It can be done in minutes and will keep you safe for many years to come.

Robert Siciliano is a personal privacy, security and identity theft expert to RoboForm discussing identity theft prevention. Disclosures.