Comprehensive Opt Out List for Marketing Databases

Major data breaches like the recent Epsilon Breach occur frequently, even if you don’t hear about all of them. With all the publicity surrounding this particular breach, people have been asking how to remove themselves from some of those marketing lists that are frequently compromised.

Opting our of marketing databases is one way to lower your risk of becoming a data breach victim.

So, how do I get out of marketing data bases?

Most databases allow you to opt out of having them share and sell your information, you just need to find out how.  Many sites make it tricky to get this done, but most sites that are selling or harvesting your information allow you to do so one way or another.

The Privacy Rights Clearing House lists 135 marketing data brokers who are selling your private information, and tells you whether or not they have opt-out policies. If they do, you have to go to the brokers’ websites and suppress your name yourself. Most of the sites have hard-to-find opt out pages, but you can generally track them down by visiting the Privacy Policy which frequently appears as a link in small print at the bottom of the home page.

Even if you opt out, unfortunately, most of these sites still retain your information in their databases, meaning that you are still at risk of a breach. But until we have stronger consumer rights governing our private and personal information, opting out is the best you can do.

 

Facebook Can Use Your Photos in Their Ads Without Permission

Did you know that Facebook can use photos you post on the site in advertisements targeted on the right (advertising) side of your contact’s profile?

Unless you customize your privacy settings, Facebook can share just about anything you post with just about everyone. Using your intellectual property for their financial gain is not a new Facebook issue, but one that should be revisited due to recent Facebook Privacy changes. Here’s the funny part: you gave Facebook the right to use any of your content in any way they see fit when you signed up for your account and didn’t read the user agreement. If you visit the Facebook Statement of Rights page you will see the following:

You own all of the content and information you post on Facebook, and you can control how it is shared through your privacy and application settings. In addition:

  1. For content that is covered by intellectual property rights, like photos and videos (“IP content”), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (“IP License”). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it.
  2. When you delete IP content, it is deleted in a manner similar to emptying the recycle bin on a computer. However, you understand that removed content may persist in backup copies for a reasonable period of time (but will not be available to others).
  3. When you use an application, your content and information is shared with the application.  We require applications to respect your privacy, and your agreement with that application will control how the application can use, store, and transfer that content and information.  (To learn more about Platform, read our Privacy Policy and Platform Page.)
  4. When you publish content or information using the “everyone” setting, it means that you are allowing everyone, including people off of Facebook, to access and use that information, and to associate it with you (i.e., your name and profile picture).
  5. We always appreciate your feedback or other suggestions about Facebook, but you understand that we may use them without any obligation to compensate you for them (just as you have no obligation to offer them).

Make sure you customize your privacy settings so that you are sharing your data at a level comfortable to you. One place you may not realize you need to check is Facebook Ads. When you visit your Account Settings page the last tab on the right is Facebook Ads. By clicking on it you can adjust your settings  — after you read their pop up on not selling your information. Where is says “Allow ads on platform pages to show my information to” and “Show my social actions in Facebook Ads to” Check No One. This gives you just a bit more control over what Facebook can share about you and your profile.

As it states above,  information you delete from your Facebook may not be permanently deleted. Just know that once something hits the internet it is there for good. Posts, pictures, videos and comments on social networking site are public, permanent and exploitable.

How to Opt Out of Data Miners and Online Directories

Whether you like it or not, your information is available publicly to everyone through online directories. Businesses and advertisers have the ability to easily find this information and then market their products to you. This means that you have never actually “opted-in” to receive these ads. Fortunately, there are ways for you to “opt-out” of widespread information sharing (see the list of more than 120 ways below).

The Top 4 Opt-Out Opportunities:

  1. www.OptOutPreScreen.com. Remove yourself from the marketing lists sold by the three major credit reporting bureaus, Equifax, Experian and TransUnion. There is not cost for this list.
  2. www.DMAchoice.org. This puts you on a Do Not Mail list for the Direct Marketing Association. The cost is $1, but it is well worth the instant trip down in your mail.
  3. White Pages. That’s right, your old-fashioned printed phone directory is the source for most of the online contact info databases. Remove your directory listing (you will likely have to the phone company every month to have your info NOT shared – I know, it’s asinine) or otherwise opt out.
  4. www.Spokeo.com. To opt out, read this blog post about [intlink id=”1752″ type=”post”]removing your info from Spokeo[/intlink]. This is one of the more utilized sites by identity thieves, stalkers and scammers.

There is a slower and more tedious process of opting out of online directories (i.e., you have to visit every one. Some (Spokeo.com)  are more important than others (Whitepages.com) because of the information that they collect. Sites such as Spokeo.com can have as much information as your physical address and pictures of your home, while others may just house your phone number. These sites spend hours upon hours scouring public records such as marriage licenses, birth certificates, and real estate purchases for this type of information.

Since most online directories typically offer a way to opt out of their listings you would think they would make it easy. Not so. They tend to hide this option deep within the site, as they don’t actually want you to leave. Luckily, The Privacy Rights Clearing House has done most of the legwork in their Comprehensive Opt Out List. I suggest starting with a few main sites, 123people.com, spokeo.com, etc. and continuously adding to it over time. Opt out of one a week if you like, and eventually your data will be less exposed. Protecting your privacy and identity is a layering process. It is easy for people to get overwhelmed, especially when it comes to online directories.

John Sileo speaks on information control, identity theft prevention and data breach avoidance. His clients include the Department of Defense, Pfizer and the FDIC. To learn more, contact him directly on 800.258.8076.

Tired of Being Tracked by Websites? Do Not Track is Here.

In response to the growing demands for more privacy on the internet, Mozilla implements a Do Not Track option in Firefox 4.

The most recent version of Mozilla Firefox, which was rolled out this February, offers users the option to opt-out of website tracking. Once enabled, the user’s preference to not be tracked is automatically sent to the website. That doesn’t mean that the website has to do anything about it, but there will probably be a bit of a stink about those sites that don’t respect user’s privacy preferences (it would be the equivalent of someone making a sales call to you after you join the Do Not Call list). Unfortunately, most users will never know which websites are participating in the opt-out Do Not Track function.

Learn more about Firefox’s Do Not Track Technology and about the Big Brother issues posed by companies tracking your every move on the internet.

In my opinion, beginning to solve the surfer privacy issues at the browser level is the right direction to take. It is the most universal gate through which all surfers pass – no one visits a website without touching a browser. If consumers get behind the technology now and let the companies they do business with know that they expect them to honor Firefox’s Do Not Track technology, there will be no option but to acquiesce.

Mozilla Firefox version 4.0 is still in beta while they make sure they get any glitches fixed. So don’t install it unless you are comfortable with using beta (often glitchy) software. It has been out for many weeks now, and most of the glitches are probably resolved at this point.

To add the Do Not Track functionality, download and install the latest version of Firefox 4, and then go to Firefox -> Options  -> Advanced. Check the “Do Not Track” box and save your settings.

When this option is selected, a header will be sent signaling to websites that you wish to opt-out of online behavioral tracking.  You will not notice any difference in your browsing experience until sites and advertisers start responding to the header. I recommend that users go in and try this out. This is the best way to give them feedback so they can make our browsing experience as safe as possible.

John Sileo’s motivational keynote speeches train organizations to play aggressive information offense before the attack, whether that is identity theft, data breach, cyber crime, social networking exposure or human fraud. Learn more at www.ThinkLikeASpy.com or call him directly on 800.258.8076.

Don’t Have a Fraudulent Valentine’s Day

Romance is in the air, but so is fraud.

I hate it when scammers take advantage of you on holidays. In fact, I don’t much like being the person responsible for telling you that fraud goes way up during holidays like Christmas and Valentine’s Day. But it’s my job, and it’s important to me, and you have nothing to worry about if you are using common sense. In case your common sense is lacking due to all of the chocolate, here are some thoughts on Valentines Scams.

In happy and/or busy moments, people tend to let their guard down. Consumers are happier, more trusting, generous and hopeful around Valentine’s Day. This is a good thing. We want people to be happy, in love and celebrating each other.

I just don’t want you to be so distracted that it gives an identity thief an opening to take advantage of you. Around this time there is a rise of online scams, especially where thieves send out malicious links that direct you to a site where you are tricked into giving personal information.

The problem with malicious links is that they appear to be sent by someone you trust, especially when they come from a friend on Facebook or another social netowork. Most people click on them because they look like they are from a friend, legitimate company, bank, or other business that you have dealt with in the past. Also, around Valentines day, the message might appear to be from a  flower, candy or gift company that is giving you some amazing offer, and all you have to do is click!

While these malicious links can be sent by email most people don’t realize you can get them via Facebook, Twitter, IM, or even text message. Scammers have gotten more sneaky and creative with their methods of attack. With Valentines Day right around the corner they will be disguised as friends or businesses tapping into your romantic, loving, and trusting side.

Watch out for companies offering you 50% off on 1-800-flowers if you purchase them from their (phony) site. Maybe it’s a free offer from Match.com or link a “friend” has sent to check out the best Valentine’s Day gifts this year. In other words, just be extra careful about anything you click on that has to do with the holiday. You are better off typing the URL of where you want to go (flower store, chocolates, etc.) in the address bar.

Here are a few ways that criminals hid Malicious links so that you have a harder time spotting them:

  • A slight misspelled version of a trusted URL
  • Using a URL shortener (Tiny, bit.ly) to hide the actual URL
  • Use simple HTML formatting to hide the real URL. This is very common and hard to spot because while you are clicking on www.firstbank.com it is actually a dangerous link in disguise that takes you to a malicious site.

Here are a few ways that you can protect yourself for being duped this Valentine’s Day.,

  1. Always type the website you wish to visit directly into the browser. Do not click on a link and just assume that it is safe.
  2. Don’t click on anything that has been sent from someone you don’t know or from someone you do know but seems out of character.
  3. Don’t click on anything that said it was sent by your bank or any other bank. Call the bank up directly to verify the email and type their web address into your browser.
  4. Don’t click on a link that says it is an urgent situation. Many times, scammers will try to scare you into thinking you have to click now or something bad will happen. That is never the case. Call the company directly on their known phone number to handle the situation.
  5. And most importantly, unlike true love, if something seems too good to be true, it probably is. Research it further.

On this Valentines Day, make sure that you don’t get swept up in the moment and taken advantage of by a scammer. No matter what the holiday is, always make sure that you are thinking with your head and not just with your heart when protecting your most important asset… your identity.

John Sileo loves Valentine’s Day because he gets to celebrate with his wife, whom he has had a crush on since he was 8. He is the author of Privacy Means Profit and earns his keep delivering highly motivational identity theft speeches.

Information Offense – How Google Plays

Google recently offered $20,000 to the first person who could hack their web browser, Chrome. Without question, a hacker will crack it and prove that their browser isn’t as mighty as they might think.

So why waste the money?

In that question, ‘why waste the money?’ lies one of the root causes of all data theft inside of organizations. Google’s $20,000 investment is far from a waste of money. Consider:

  1. The average breach inside of an organization costs $6.75 million in recover costs (Ponemon Study). $20,000 up front to define weak points is a minuscule investment.
  2. Chrome is at the center of Google’s strategic initiatives in search, cloud computing, Google Docs, Gmail, displacing Microsoft IE and mobile OS platforms – in other words, it is a very valuable asset, so Google is putting their money where their money is (protecting their profits).
  3. By offering up $20,000 to have it hacked IN ADVANCE of successful malicious attacks (which are certain to come), Google is spending very little to have the entire hacker community beta test the security of their product.

I would bet that there will be tens or hundreds of successful hacks into their browser, all of which will be fixed by the next time they commission a hack.

Anticipating the inevitable attacks and investing in advance to minimize the chances and resulting costs of a breach is a perfect example of Information Offense. Instead of waiting for your data to be compromised (defense), you take far less costly steps up front to deflate the risk. Only the most enlightened leaders I work with inside of corporations understand the value of spending a little bit on security now to reap huge benefits (in the form of avoided losses) down the road.

Too many leaders are so focused on the revenue side of the model (most of them are from a sales background) that they lack the depth of seeing the entire picture – the long-term health and profitability of the company. You know the saying… an ounce of prevention being worth a pound of cure. Just think of the ounce being loose change and the pound being solid gold.

Marshall Goldsmith, the executive coach, nails the behavior behind this phenomenon in his book, What Got You Here Won’t Get You There,

Avoiding mistakes is one of those unseen, unheralded achievements that are not allowed to take up our time and thought. And yet… many times, avoiding a bad deal can affect the bottom line more significantly than scoring a big sale… That’s the funny thing about stopping some behavior. It gets no attention, but it can be as crucial as everything else we do combined.”

Listen to Google and Mr. Goldsmith, and avoid the mistakes before you make them by asking yourself this simple question: How can I refocus my efforts and resources on playing offense rather than defense?

John Sileo’s motivational keynote speeches train organizations to play aggressive information offense before the attack, whether that is identity theft, data breach, cyber crime, social networking exposure or human fraud. Learn more at www.ThinkLikeASpy.com or call him directly on 800.258.8076.

Avoid Super Bowl Scam

With any big sporting event comes the opportunity for thieves to take advantage of desperate fans. This rings true with the upcoming Super Bowl match between the Packers and the Steelers (appropriately named, but incorrectly spelled for this post on theft). Whether you watch the game for the fun commercials or to root for your new favorite team (sorry, Broncos), we can all agree that Super Bowl Sunday is almost a national holiday. With any holiday comes predators looking to take advantage of distracted and unsuspecting fans.

Here are a few Super Bowl themed scams that you should be aware of:

Fake Tickets. According to the NFL, in recent years, between 100 and 250 football fans have shown up to Super Bowl games with bogus tickets. Before booking a hotel room and hopping on a plane to Dallas make sure that you have legitimate tickets to the big game.

Michelle Reinen, director of the Bureau of Consumer Protection says, “Actual Super Bowl tickets are printed on thick, heavy paper with bar-codes, holograms and raised ink. In addition, the NFL says the tickets include heat sensitive logos that disappear with the touch of a thumb.”

Phony Sweepstakes. Avoid clicking on Super Bowl sweepstakes offers, which may feature trips to the big game or other related prizes. These e-mails could be part of a larger scam to get you to fork over funds for a chance at tickets, or scammers could be enticing you to click on a link that will download malware or other viruses onto your computer.

Treat these emails as you would any suspicious email and delete it from your inbox. Never click on unknown links.

Travel Scams. Looking to score big on a Super Bowl travel package? Be careful, because scam artists love to dream up new tricks for major sporting events. People traveling to Dallas for the game should book their travel accommodations carefully. When big games are in the works, people will often find offers that charge hidden fees for items, like tickets, that they thought were included. They may also not be booking you into the exact hotel you think you are getting. Instead of staying at the Lowes Arlington, you find yourself at their sister property in Amarillo. Book hotels directly through the hotel, or if you go through Hotels.com, Travelocity, Hotwire or Expedia, call the hotel after the reservation is made to verify what you are getting.

My biggest tip to avoid becoming the victim of a scam is to Be Skeptical. If an offer seems to good to be true, it probably is. Question everything and get verification to make sure that your Super Bowl Plans go as smooth as possible.

John Sileo is the award-winning author of the fraud prevention book Privacy Means Profit and speaks on information offense, identity theft prevention and data breach avoidance. His clients include the Department of Defense, Pfizer and the FDIC. To learn more, contact him directly on 800.258.8076.

How To Control Your Privacy Online

Identity theft is all about control. Who has control over your personal and financial information? Is it you, or the criminal on the other end of your computer using your information to apply for a credit card?  Losing control of your personal information can be all too easy online. But by taking some precautions, you can maintain privacy while safely surfing the internet.

Here are 5 tips to protect your privacy online:

1. Adjust social-network privacy settings

Facebook has been working to simplify their privacy settings, but they can still be confusing to the average users. Spend about 10 minutes a month making sure that your privacy settings are what they should be and are actually protecting your privacy.

To get there, log in to Facebook, in the top right of your screen it should say “Account” when you scroll over or click on that tab you can see you Privacy Settings. Click here for a step by step process of how to adjust your privacy settings.

Twitter, another popular social network, also lets you lock your account from public view. In settings, there’s a feature called “protect my tweets.” They have had breaches before, so it is always good to take every precaution you can to protect your information.

2. Frequently Change Passwords

It is good to rotate passwords on sites you use often. Especially sites that hold your financial information. Every 6 months or so you should change your passwords just in case someone has access to your online profile. A good way to keep track of these passwords is with a password keeper such as 1password. This way you can store your passwords to all sites in one place and use a master password to gain access.

3. Opt-out of ad tracking

Online ad networks often install a small file on the computers of people who visit certain websites. These so-called cookies can log your surfing habits, allowing advertisers to tailor ads to your interests.

If you are trying to keep some online privacy then you should opt out. In the settings panel of your web browser make sure that disable cookies from third party websites. Most advertising companies use this information to directly target you with ads of products that you use. They know what items you purchase because they see where you go on line and keep a record.

4. Use a secure Internet Connection

Don’t browse private sites and look at personal or financial information while on a public wifi connection. Never shop online at your local coffee shop because you never know who may be spying on you with that very same open internet connection. If you are making an online purchase, looking at your online banking, emailing a personal story or photo, ONLY do so on a secure password protected internet connection.

5. Think before you post

While this may seem like an obvious suggestion, many people don’t do it. Posting that you are at your local watering hole at 3pm on a Thursday after you called in sick could get you in more trouble than you planned on. Uploading an embarrassing photo of yourself may cost you a future job. I know of a company that didn’t hire a candidate for a position because when they checked out her Facebook profile her status was “I just need a job – ANY Job!”. That made her less appealing to hire than other candidates that were less vocal on their pages.

Use your brain. Posts are public, permanent and exploitable.

To learn more and begin to build your own good privacy habits order your copy of my latest book Privacy Means Profit Today!

Wiley & Sons has just announced my latest book, Privacy Means Profit, will be available in stores and online August 9, 2010.  This book builds a bridge between good personal privacy habits (protect your wallet, online banking, trash, etc.) with the skills and motivation to protect workplace data (bulletproof your laptop, server, hiring policies, etc.).

Click Here for More Information

Opening Pandora's Privacy Box

I am a huge fan and frequent user of Pandora, the internet radio station that plays songs based on learned music preferences (if you like the Avett Brothers, it knows you will probably also like Dave Matthews, etc.). Pandora is an overwhelmingly popular online radio network app for computers, smart phones and the iTouch. It provides listeners with an informed collection of songs and play-lists based on a comprehensive analysis of over 400 qualities of a song that make it specifically appealing to you. While the financial cost to users appears at first site to be nothing (if you don’t mind the occasional ad), the privacy cost can be exponentially high with Pandora selling your web-surfing habits to advertisers.

Pandora clearly states in its FAQ that they are sharing information such as your age and gender with advertisers.

“…the free version of Pandora is mostly supported by advertisements, and we want to be able to show the most relevant ads to our listeners… Since this means that you’re more likely to see an ad that’s relevant to you, we hope it’s a good thing for our listeners as well as for our advertisers, and therefore also for Pandora as a whole.”

So are they sharing more sensitive identity information? While Pandora admits that they share your age and gender, a recent Wall Street Journal Article says they are sharing more. They state that Pandora shares age, gender, location, and phone ID information with marketing firms on both its iPhone and Android mobile versions. So while advertisers won’t have your name and email address, they’ll get their hands on a lot of info about your mobile phone behavior.

Just remember when you log into Pandora and stream your free music play list, there is a cost. When you are getting something for “FREE”, there is always a cost, and it’s often your personal information. While you may not be able to immediately understand the financial impact of this, just know that your privacy is slowly flowing out of your control – one song at a time.

To increase your privacy on Pandora, visit www.pandora.com/privacysettings and restrict access as much as possible.

Is your organization trying to stem the flow of information leakage via identity theft, corporate espionage, data breach and social networking exposure? Contact keynote speaker John Sileo to inspire your audience to change their poor privacy habits from the inside out.

Facebook Reveals the End of Your Privacy | Sileo

The many changes that Facebook has been making recently have users nervous. Nervous because they are lacking the control that they once had over their privacy on the social networking site. While Facebook has never been the mecca of privacy, the recent and swift changes they are making has created more of an issue for users. One by one they are voicing their concerns with the new features and why they feel Facebook is slowly revealing the end of your privacy.

Facebook and privacy issues go hand in hand.

Here are a few of the new features; although they are snazzy, they have many users concerned.

User IDs 

With only your email address on hand, data miners can easily match it with the new user ID that has been issued to you. Basically, the ID provides your name and profile picture no matter how your privacy settings are set. This can also include your hometown, photos, friends, and more depending on how strict your settings are. This gives companies the ability to advertise to you. If you are a young female living in Austin, Texas, there are literally thousands of products that can be marketed to you just using that information alone.

Face Match or Tag Suggestions

When you are uploading photos to Facebook (as shown above), they will make “tag suggestions” of who should be tagged in your photo album. In other words, Facebook has the ability to know what you look like. This feature will be gradually rolled out over the next few weeks. In order to disable your “tagability”, you need to adjust your privacy settings. Just click ‘Customize Settings’ and de-select ‘Suggest photos of me to friends.’ Your name will no longer be suggested in photo tags, though friends can still tag you manually.

Switch Account

In a recent and unintentional Facebook leak, many users reported seeing a switch account tab. This feature gives you the ability to go back and forth between different accounts without having to log in and out. While this is easy for people who are administrators for certain pages, it is a privacy issue for users who want to have many pages in order to play out a scam.

Facebook Privacy Concerns

Facebook was built on the idea that users connect and share personal information with each other. It is up to the users to decide how much and to whom. The more you share, the stronger Facebook becomes and the easier it is to share that information with friends, strangers and advertisers.

While Facebook is consistently rolling out more features, users are having to update their privacy settings.  With so much personal information sharing, the real cost to our privacy is still unknown.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

[youtube https://www.youtube.com/watch?v=VgwQPhpRPd0&rel=0]