12 Days to a Safe Christmas: Day 11 – Is that Holiday Email Really a Lump of Coal?

Holiday Security Tips: On the eleventh day of Christmas, the experts gave to me, 11 private emails

During the holidays, we tend to spend more time online, searching for the perfect gift, swapping emails with friends, viewing festive holiday pictures, jokes and so on.  Cybercriminals know this and guess what?  They’re online more, too—looking for ways to lure you into scams to ruin your holidays and steal valuable information.   Here are just a few email scams to watch for:

Holiday e-card scams: Each year, more and more people are going the environmentally friendly and cost-effective route by sending holiday e-cards.  Cybercriminals, looking to install malicious software on your computer, may join in the fun and send you an e-card with an attachment to open.

Solution:  Resist your curiosity to see that adorable elf dance; only open attachments from trusted friends and family. If you don’t recognize the sender, don’t open the e-card. 

Holiday-related search term scams: We all like to be a bit more festive at the holidays, so we look for winter wonderland screensavers or our favorite carol for a ringtone.  However, these items may be disguised malware or spyware and you won’t feel so festive after it compromises and exposes the data on your computer.

Solution:  Make sure that you have protected your computer with automatically updated anti-virus software and operating system updates. As a rule of thumb, if you aren’t paying cash for a download, you might be paying by giving away your free information.

Fake invoice scams: Cybercriminals know that we tend to do a lot of holiday shopping online or through catalogs.  To try to trick you into giving credit card details or other valuable information, the criminals will send fake notices, either about delivery status or phony invoices that appear to be from legitimate companies (UPS, FedEx, USPS).  They might say they need to credit your account or you need to fill out a form in order to receive the package.  When you comply, your information and/or your computer may be compromised.

Solution:  Log onto the website of the company supposedly contacting you to track your packages or get a phone number to call and check on the action requested.

If you must peek inside a package, choose the shiny one underneath your Christmas tree.  Just don’t open those scary email links! On the twelfth day of Christmas…

To review our tips from previous days, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 10 – Beware the Phony Santa Claus Comin’ to Town

Holiday Security Tips: On the tenth day of Christmas, the experts gave to me, 10 trusted charities

Because you tend to be more giving throughout the holidays, scammers target you during this time of year. Whether they are asking for a donation to a charity, promising free iPads, claiming to be a friend in need, or are asking you to click on something outrageous or out of character, don’t fall for it.

Solution: Keep your eyes open for these common holiday scams

  • Phishing. Thieves, or hackers as they are more commonly known, will send emails that look like they are legitimately sent from a charitable organization when in real-life these are fake web sites that are designed to steal credit card information, donations and your identity. To donate, call or visit the website of a reputable charitable organization.
  • Click Jacking. Click Jacking is a type of social spam. After taking over a friend’s Facebook account, the spammer posts a message on your friend’s Facebook or Twitter page offering free gifts or recommending you donate. Since it looks like a friend has endorsed the post, it’s much easier to fall for the scam. If it’s not believable or out of character, don’t click, as it’s likely to install Malware on your system.
  • Charity or Friends-in-Distress Scams. Never send money (via check, cash or electronically) based solely on a wall post, email or phone call. Only donate to known charities and only when you have initiated the gift. Respond to wall posts, emails or phone calls for charity by contacting the charity on a reputable phone number or website.

The song tells you that you’d better not pout and better not cry; you won’t have to do either if you just watch out! On the eleventh day of Christmas…

To review our tips from previous days, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 9 – I’m getting Nuttin’ (But Scams) for Christmas

Holiday Security Tips: On the ninth day of Christmas, the experts gave to me, 9 protected packages

Thieves are on the lookout for the delivery of packages, especially around the holidays.  FedEx and UPS packages might sit outside for hours, often in plain view from the street, making a mighty tempting target.  Not only can thieves grab the precious contents inside, but also the shipping labels often contain personal information the thieves love to get their hands on.

 Solution: Ship packages to your work address, or a PO Box or require a signature 

If your employer doesn’t mind your receiving packages at work, have them shipped there since someone is generally available during the day (when shipments arrive).  If that doesn’t work, consider getting a PO Box at the post office during the holidays.  When all else fails, ask to have your packages shipped with signature required so that they aren’t dropped off unless someone is there to sign.

Even if you didn’t put a tack on your teacher’s chair or tie a knot in Susie’s hair, you might get nuttin’ for Christmas if you don’t outsmart the thieves.  On the tenth day of Christmas…

To review our tips from previous days, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 8 – What to Give the Person Who has Everything (and Wants to Keep it!)

Holiday Security Tips: On the eighth day of Christmas, the experts gave to me, 8 scam detectors

Most of us are too busy to monitor every form of identity that is at risk. Unfortunately, victims usually get hit when they take their eye off the ball.

 Solution: Purchase a comprehensive identity monitoring service

While a partridge in a pear tree may have been appreciated in 18th century England, it’s not a very coveted item these days!  Instead, help out the ones you love (and yourself!) by giving the gift of identity theft monitoring.

Traditional credit monitoring (which you can do for free at AnnualCreditReport.com) only detects a portion of identity theft. The remaining theft occurs as a by-product of non-credit loan activities (pay-day loans, etc), shared public records (court cases, real estate transactions, government filings, etc.), Internet trading sites (bought and sold on rogue websites), or in relation to medical or criminal records. It is important to monitor these forms of potential identity theft as well as your credit file. The key here is convenience; if you don’t have to do much to monitor a large portion of your identity, the work goes down while peace of mind increases. Make sure that your monitoring service has at least the following features:

  • 3-in-1 Credit Monitoring from each of the bureaus (Experian, Equifax, TransUnion)
  • Court & Public Record Monitoring
  • Non-credit loan monitoring like pay-day loans
  • Internet Surveillance for the buying and selling of your data
  • Sex Offender Reports to make sure crimes aren’t being committed in your name
  • Identity theft insurance to cover costs if you are affected
  • Identity theft restoration services to save you time

Forget the fruitcake; buy them something they’ll truly appreciate and remember long after the holidays! On the ninth day of Christmas…

To review our tips from previous days, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 6 – Don’t Let the Grinch Steal Your Party!

Holiday Security Tips: On the sixth day of Christmas, the experts gave to me, 6 safe celebrations

Isn’t it unfortunate that holiday parties, at home or at work, are a major source of data theft? Crafty thieves are searching for smartphones, iPads, financial documents, checkbooks, credit and debit cards, laptops, client lists, thumb drives, files, mail, purses, wallets and all other sources of identity. The data on digital devices is a veritable goldmine equal to making off with the Roast Beast.

Solution:  During parties, lock identity behind closed doors (and away from acquaintances)

Ignore the voice of denial (it sounds like Boris Karloff) insisting that your friends, family, co-workers, vendors, customers and colleagues wouldn’t possibly steal from you. Cindy Lou Who didn’t suspect the kindly “Santie Claus” either! I hear hundreds of stories every year after my speaking engagements with the same sad ending: the victim knows the thief! Don’t assume the worst about your guests; just don’t assume anything and protect yourself preventatively.

Just before a holiday gathering, centralize all sources of identity into one locked location (like an office or bedroom with a locking door).When a potential thief disappears upstairs, you don’t have to worry about it. When the high-traffic season is over, return your house to normal (unless you regularly use a cleaning service or allow outsiders into your home).

Remember that Christmas “doesn’t come from a store. Maybe Christmas, perhaps… means a little bit more!”  Eliminating the risk up front will help you enjoy your friends, family, and coworkers at all of those holiday parties! On the seventh day of Christmas…

To review our tips from previous days, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 5 – Don’t Tell Facebook You Won’t Be Home for the Holidays

Holiday Security Tips: On the fifth day of Christmas, the experts gave to me, 5 Facebook fixes

In general, we share too much information on social media sites. During the holidays, we are positively intoxicated with the giving spirit! Without thinking, we share our holiday travel plans, click on seemingly charitable links or post pictures of a fun night out. And when you share with friends on Facebook, you are sharing with their friends and ultimately, most of the literate world. The problem is, some of those people aren’t really friends and only want to separate you from your holiday dollars.

Solution:  Apply these five fixes to ALL of your social sharing (not just Facebook)

  1. Customize your privacy settings. Sixty percent of social network users are unaware that their default privacy settings let others into most of their personal information. Facebook does a decent job of explaining how to lock your privacy down(https://www.facebook.com/help/privacy) but you must spend at least 90 minutes going over the settings to properly protect yourself.
  2. Protect your passwords. Don’t let the bad guys take over your account and contact your friends as if they were you. Create a unique, strong, alpha-numeric-symbol password without using a dictionary word, birthdate, pet’s name or other personal identifier. Use this password only for a single site and don’t share it with anyone. Be careful of using your Facebook login for other sites, as those sites gain access to your private information.
  3. Log into Facebook only ONCE each session. If it looks like Facebook is asking you to log in a second time, skip the links and directly type www.facebook.com into your browser address bar. Phishing emails and social media posts will often send you to sites that look like Facebook but act like a data criminal. When in doubt, log out.
  4. Beware of free offers, big discounts and requests for charity (even if they come from your friends). If the offer in the post is too enticing, too good to be true or too bad to be real, don’t click. Chances are pretty good that your friend’s account has been hijacked and the hacker is serving you a warm dish of malware. If the post is out of character for that friend, email them and ask if it’s real.
  5. Don’t check in when you aren’t home and don’t post your travel plans. Based on social media feeds and locational check-in services alone (Foursquare), it is simple to map your whereabouts and signal thieves when you aren’t home. If you have to let friends know where you are during the holidays, send a group text or email.

No matter if you’re headin’ home for the holidays or off to Whoville, remember to post your pictures and tell those tales AFTER you’re safely home. On the sixth day of Christmas…

To review our tips from previous days, click here.


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 4 – Holiday Shopping Quiz – Is Credit or Debit Smarter?

Holiday Security Tips: On the fourth day of Christmas, the experts gave to me, 4 pay solutions!

True or False?

When you use a debit card, funds are more secure because they are drawn directly from your bank.

False.  While it’s true that funds are drawn directly from your bank, it actually makes it harder to get the money reimbursed while the issue is being resolved if fraud does occur.

 You can receive a reimbursement for debit card fraud up to a year later.

False.  Debit cards generally only reimburse fraudulent purchases if you catch them within 60 days.

 It is safer to use a credit card than a debit card.

True.  When you use a credit card, nothing is withdrawn from your bank account immediately. Pending transactions can take several days to clear. In addition, credit cards uniformly give you more protection than debit cards and your maximum liability is capped at $50.

All checks are created equal.

False.  If you have to pay by check, make sure you use high security checks. Security checks should include visible fibers, true watermarking, full-feature hologram (like on credit cards) and protection against multiple chemical alteration agents (not just fingernail polish remover).  This makes it much harder for identity thieves to “wash” your checks with acetone and put their own names in the “pay to” field. Also, sign your checks with a gel-based pen that cannot be easily dissolved.

If you failed this quiz, don’t worry, as long as you remember the answers when you’re shopping!  Wishing you straight A’s this holiday season! On the fifth day of Christmas…

To review our tips from previous days, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

12 Days to a Safe Christmas: Day 3 – Stopping Hackers When You’re Shopping on Wi-Fi

Holiday Security Tips: On the third day of Christmas, the experts gave to me, 3 stymied hackers!

Although you may trust the baristas at your local coffee shop to make that perfect Gingerbread Latte, you can’t always trust the person sitting next to you. Hackers can easily tap into Wi-Fi connections at public hot spots to steal your identity information, including credit card and bank account numbers. This can be especially dangerous during the holiday season when “hotspot sniffers” come out of the woodwork using free monitoring apps like Firesheep.

Solution: Stop shopping online using free Wi-Fi hotspots.

If you must shop online while out in public, take the following precautions:

  • Enable tethering on your smart phone. Tethering connects your computer to the Internet using a Smartphone (or Internet-enabled cell phone). It increases security because the mobile transmission between your cell phone and the cell tower is encrypted (scrambled) and hard to intercept. Therefore, when you use your Smartphone to surf the web, you are accessing a protected connection that probably can’t be sniffed. The connection might be slightly slower than a traditional Wi-Fi hotspot, but it is also much safer. Simply call your wireless provider and ask them if your Smartphone has tethering capabilities. You shouldn’t have to pay more than about $15 per month to put this solution into effect.
  • Make sure that you shop on reputable websites, not just those with the cheapest prices. Your only risk isn’t your internet connection, but the number of scamming sites that pop up during the holidays.
  • Before you hit the Buy button, make sure you’re using a secured site. Look for “https” (not just “http”) in the URL address bar.  Some browsers and websites also change the color of the URL bar (e.g., to green) and add a padlock symbol to indicate tighter security.

So take a break from the craziness to enjoy that java, but watch the Wi-Fi and spend securely! On the fourth day of Christmas…

To review our tips from previous days, click here.


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

 

12 Days to a Safe Christmas: Day 2 – It’s Beginning to Look a Lot Like Christmas- at the Mall!

Black Friday and Cyber Monday will be here before you can say “Man, I ate a lot of turkey!”  Malls, stores, restaurants and cafés are exceptionally busy places during the holidays. This breeds a perfect environment for data thieves to make off with your identity goodies while you shop, dine or relax. It only takes a second to steal a purse from a shopping cart, a briefcase from your car or a smartphone, iPad or laptop from an unattended café table.

Solution: Lighten your load and leave excess identity at home. 

  • Consider taking only your mobile phone, driver’s license and one or two credit cards with you shopping to minimize the number of identity storage devices you might misplace. If you can fit the items in your pockets, your security increases. If you must have a purse, use one that zips and hangs in front of you, or consider using a backpack that stays on you at all times.
  • As a last resort, hide your wallet, purse and digital devices in the trunk before you park at the mall, as thieves looking for valuables commonly monitor parking lots for potential victims placing valuables in their trunk.
  • Since you are still likely to take your technology with you (don’t worry, so do I), keep it in a pocket or secured bag at all times. In addition, log out of your online accounts when you are not actively shopping, and password-protect your smartphone, iPad and laptop in case they do go missing.
  • Finally, when shopping, be careful about giving out any personal information when it can be overheard, and cover the PIN pad when entering your number at checkout stands and ATMs.

Taking these two shopping tips (okay, you knew I couldn’t stop at two, so there are actually four), will save you a lot of holiday headaches and let you truly sing that carol within your heart! On the third day of Christmas…

To review our tips from Day 1, click here.

 


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

 

12 Days to a Safe Christmas: Day 1 – Prevent Holiday Identity Theft

Holiday Security Tips: On the first day of Christmas, my expert gave to me, the keys to secure my privacy.  

If I could give the world a gift this holiday season, it would be to make the world a safer place to trust. You deserve to know whether or not you can trust the politicians you elect, the advice you receive from your doctor and whether or not you can entrust your privacy to the websites and businesses you use every day.

Identity theft, cyber stalking, and “big data” surveillance—these byproducts of the information economy make it hard to rest easy. Every day in the news we hear about another scam, another breach of corporate data that victimizes more than 11 million Americans a year. But you don’t have to be a statistic!

 Solution: Give yourself a gift by paying attention to prevention.

Let me be totally clear: you do not need to fear information over-exposure if you protect yourself before you get hit. Here is the secret to making peace with the privacy of your sensitive information:

  • Adopt a preventative mindset and exercise before the information heart attack.
  • Re-accumulate privacy over time, changing habits one step at a time to regain what you’ve given away.
  • Make data privacy an attitude rather than a one-time checklist. Share with care, and only when totally necessary.

Over the next several weeks, Sileo.com will share 11 more tips on protecting your identity, your privacy and your hard-earned money during the holiday season. The 12 Days of Christmas will help you re-accumulate your privacy in time to be safe for whichever holiday you celebrate. Check back every few days for the next tip, or subscribe to the Sileo.com RSS feed.

In the meantime, happy shopping… and don’t stand under any pear trees (you can never trust those partridges)! On the second day of Christmas…


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.