Are you Scam Aware or a Sitting Duck?

You might have heard about all of the scams out there, and think that you are pretty scam savvy. But, the truth is, most of us aren’t, and even a simple phone call could get you caught up in a big scam.

One such scam occurs when criminals call random phone numbers and ask questions, such as “Can you hear me?” When you say “yes,” they record it. They then bill you for a service or product, and when you try to fight it, they say…but you said ‘Yes.’ Not only does this happen with private numbers, it also happens with businesses. So, you have to ask…are you aware of the possibility of scams, or are you a sitting duck just waiting to be targeted? HOWEVER, this scam is unproven. Meaning I don’t think it’s a scam at all. And the scam is that this is not a scam!

Do You and Your Staff Know What To Avoid?

Do you think your staff, or even yourself, knows what to avoid when it comes to scams?

  • It’s always a good idea to have some type of awareness program in place to teach your staff what they should avoid to avoid becoming a statistic. Phishing training and social engineering information should be a part of this.
  • Do you think you or your staff would know if they fell for a scam? To teach them, make sure to give them a general, broad view of various scams and avoid being too specific. Instead, broaden the perception they have of various attacks.
  • If someone on your team was the victim of an attack, would they even know what to do in that instance? It is important to have a “scam response plan” in place.

Reporting Scam Attacks

It is essential that your team understands how to report a scam. Whether that scam is a physical security scam, such as someone wearing a fake badge and gaining access to the facility or a cybersecurity incident.

It’s also important for you to realize that some people might not even want to report these incidents. They might not feel as if it’s a legitimate concern, or they might even feel stupid that they fell for it, so they hold the information back. Others might feel as if they are being paranoid, or feel as if it’s not a valid concern. Make sure your team realizes that we all make mistakes and you want to hear about it, no matter what.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Half of American Adults on FBIs Biometric Database

Here’s a bit of a shock for you: about half of all adult Americans have a photograph stored in the FBI facial recognition database. What’s even more shocking, it is that these photos are being stored without the consent of the individuals. Approximately 80 percent of the photos the FBI has are of non-criminals, and might take the form of passport or driver’s license photos. Furthermore, there is a 15 percent rate of inaccuracy when matching photos to individuals, and black people are more likely to be misidentified than white people.

You can’t deny that this technology is very powerful for law enforcement, but it can also be used for things like stalking or harassment. There is also the fact that this technology allows almost anyone to scan anyone else. There are no laws controlling it, either.

If you think that’s scary, consider this: The technology to do this has been used since around 2010, and the FBI never informed the public, nor did they file a privacy impact assessment, which is required, for five years. Where is the FBI getting this information? From the states.

Basically, the FBI made arrangements with 18 different states, which gives them access to driver’s license photos. People are not made aware that the FBI has this access, nor are they informed that law enforcement from across the country can access this information.

Just last year, the GAO, which is the US government accountability office, took a look how the FBI is using facial recognition and found that it was lacking accuracy, accountability, and oversight. They also found that there was no test for a false positive nor racial bias.

What’s even more interesting is that several companies that develop this technology admit that it should be more tightly controlled and regulated. For instance, one such company, and the CEO, has said that he is “not comfortable” with this lack of regulation, and that the algorithms that are used commercially are much more accurate than what the FBI has. But, many of these companies are not willing to work with the government. Why? Because they have concerns about using it for biometric surveillance.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Getting Owned or Pwned SUCKS!

A well done New York Times article recently re-introduced this topic to the masses. Being “owned” isn’t new, but the term is not becoming part of popular culture. If you use the internet or are often on social media, odds are good that you have been OWNED. Whether you are called out for a misspelling on your latest Facebook post, or you were proven wrong after sharing a “fact” or post from another site…you have probably been owned.

The word “owned” comes from the hacker world, and real “ownage” is not just about proving you wrong. You might also see it as “pwned,” which is pronounced “poned.” It is actually about stealing your private information, and then shaming you or diminishing your worth as a person. The best at “owning” can actually control your virtual presence.

Take a look at the email hacking scandal that Hillary Clinton went through during the 2016 presidential campaign. Though there was nothing of consequence found in those emails, the act of being hacked, or owned, alone, could have been the reason she lost the election.

Take a look at President Trump, too. You have surely noticed that he is doing his best to own as many people and even foreign governments as he can. Owning is a form of “one upping” and it can get nasty.

Getting owned is nothing new. In fact, Aristotle even talked about similar acts. Today, we just do it virtually.

In the case of hacking, when a hacker owns someone, they are showing that they have superior abilities. The word is also used in the gaming community to describe the act of mastering game play or besting opponents. Of course, we also use the word owned in the real world, when we drop a well-timed joke or have the opportunity to prove another person wrong. You might have even owned someone yourself.

Ownage equals power, and the concept of ownage is constantly evolving. The most successful owns are those that target the know-it-all; people who think they know more than they actually do. However, if you start owning, you simply set yourself up to be owned…and that really SUCKS.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Smart and Easy Ways to Protect Your Digital Life

Even if you don’t realize it, your identity is all over the internet. Whether you posted to an internet forum in 1996 or you ever had a MySpace page, this information is still out there, and you have to protect it. Here are some simple and easy ways that you can protect your digital life:

  1. Change Passwords – The first thing you should do is make sure you are regularly changing passwords. Make your passwords difficult to guess, and a mixture of letters, numbers, and symbols. Also, make sure that you are protecting your account when resetting passwords. For instance, you should have to answer “knowledge based authentication questions” before making a change.
  2. Take a Look at Account Activity – Many companies allow users to check out their recent activity. Google, Facebook, and Twitter are three examples. If something seems out of place, report it, immediately.
  3. Close Accounts You Don’t Use – Do you have an old MySpace page? Did you start a Blogger and never use it? If so, go and delete those accounts before they get hacked.
  4. Don’t Share Too Much – What do you share online? Are you getting too personal? Hackers can use personal information, such as your birthday, or even favorite sports team, to get into your accounts. This is especially the case if you choose to use this information in your passwords or in your password reset or knowledge based authentication questions.
  5. Use a VPN – With all of the talk about internet security making headlines, the safest way to access public Wi-Fi is through a VPN. A VPN, or virtual private network, encrypts your information.
  6. Don’t share account passwords – STOP THE MADNESS! Though you might think it’s cute to share a social media account with your spouse, it’s also dangerous. The more people who have access to your accounts, the higher the chances of getting hacked.
  7. Choose Trusted Contacts – Make sure to choose a couple of friends or family members as trusted contacts. That way, if you get kicked out of your social media accounts, they (meaning their email or mobile#) can help you get back in.
  8. Update All of Your Software – Finally, make sure that you are updating all of your software such as your OS, apps, or even Office docs when prompted. Don’t let those updates wait. Many of them contain important security updates, too.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Busting Down the Door: 12 Ways to Stop Burglars from Entering Your Home

There is no such thing as a home that is fully burglar-proof, but there is also no such thing as burglars who have the skills of Ethan Hunt from Mission Impossible. With the right security in place, you can get your home almost burglar-proof.

When most people think of security, they only think of a few devices, and though they are great to have, they don’t protect you fully. Yes, you might have fake looking cameras that deter thieves, but what about those who try to get in anyway. Kicking the door in, which is an easy way a criminal gets into a locked home, can still be done. The only thing separating a burglar from getting in through a locked door is half inch pine molding. A 12 year old boy can kick in a door easy enough. You need to beef up your doors.

Here are some door reinforcement devices that can help:

  • Deadbolt/door knob wraps – these strengthen the immediate area around the lock
  • Door bar jammer – fits snuggly under the doorknob
  • Door brace – device that makes it more difficult to kick a door down
  • Door frame reinforcement – installed on the door jamb and made of steel

You can also use commercial kits like the Door Devil. This is a kit that contains a device made of heavy steel. It is installed over the door jamb, and is screwed directly into the frame. The system is easy to install, and it will add another level of protection to your home. When you combine this with other types of security, such as motion detection lights, surveillance cameras, and a security system, it will be very difficult for burglars to enter.

Here are some more general tips to keep your home more secure than ever before:

  1. Always keep your doors locked. Keep them locked when you are home and even during the day.
  2. Always keep your windows locked. This includes those on the second floor. A burglar can certainly climb.
  3. Keep the blinds and curtains closed. This helps to ensure that no one can look into your home to check out your valuables.
  4. Use top-flight locks and door reinforcements.
  5. Install security films on your windows. These will help to give the panes strength and will prevent penetrating objects from coming in, such as crow bars and baseball bats.
  6. Collect your mail and newspapers as soon as possible when they arrive.
  7. Give your home that ‘lived-in’ look with a system for home automation turning lights on and off.
  8. Place men’s work boots at the front or back door and make sure they look worn and scuffed. If you park your car out in the drive, place men’s gloves on the dash. If burglars see this, they will think twice as they will believe there is a large man in the home.
  9. Place a large dog bowl by the door, and make sure to make it look realistic. Add chewed up dog toys or a leash to the area, too.
  10. Make sure to trim shrubs that are hiding home entry points.
  11. Go to Google News. Type in your city and state along with the phrase “door kicked in.” You will likely be shocked by what you find. This will be more motivation to protect yourself.
  12. Make the investment into a beefy home security system. The best systems offer full alarm and police station monitoring along with cameras providing a clear view of what is happening in your home when you aren’t there. You can watch right on your mobile device.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video