Don’t Get Juice Jacked at the Airport

Do you know those USB phone charging stations at the airport? Did you realize that they can be hijacked by hackers wanting to install malware on your device? Here’s how to stop them.

Want to know more about John’s video series and how you can use them in your client or employee communication? Give us a call at 303-777-3221

Don’t Let Data Thieves Spoil Your Vacation

Nothing… spoils a hard-earned vacation, or a critical business trip faster than fraud. Hotel theft, ATM skimming, pick pockets. Do you want to know how to be the safest, most relaxed traveler on the tour? Here are a handful of tips to protect yourself, and more importantly, to give you the peace of mind you deserve during your time away.

I’m John Sileo, and this is Sileo on Security onsite in Las Vegas, THE FINEST place in America to lose your money. But you should be able to choose how you lose it. Listen, you don’t want to spend your trip worrying about your laptop being stolen out of the hotel room, your debit card being skimmed by a dishonest waiter or by having your bank login intercepted over a free wifi hotspot. When we travel, we pack our wallet and gadgets to the gills, and in turn, our data is at risk. Identity thieves take advantage of how distracted we are getting on and off planes, in and out of cabs, and back and forth to the café for our coffee. So, here are the first few steps you need to take, whether you’re a road warrior or beach bum, to protect your assets.

This is going to sound old school, but pack some cash! Seriously, you have less overall exposure when you pay with cash or travelers checks and leave your credit card for when you run out of money. Hide your debit card in a zippered pocket or bag until you absolutely need it. When you do need it, make sure there isn’t a skimming device attached to the ATM by wiggling anything that sticks out of the machine. Look behind you for shoulder surfers capturing your PIN number on their cell phone camera and always shield your PIN from the telephoto lens on the grassy knoll behind you. And as I learned from my parents, never allow the friendly Frenchman at the ATM to help you with your ATM transaction.  It’s probably fraud.

Next. Cell phones, tablets and laptops can disappear so easily while on a trip, so either keep them with you, or in the safe in your hotel room. Now, someone working in that hotel has the code to that safe, so for additional protection, put the privacy sign on the door, call house keeping and tell them you don’t need service that day and keep all the good bits with you. If you can, leave the laptop at home, travel only with your smartphone and keep it in your front pocket protected by a passcode that’s not your kid’s birthdate!

Finally, I  recommend that you never use the hotel computers, or any public computer for that matter, including checking in for a flight. These computers often have key logging software that captures all of your information and sends it off to criminals, including the password to your mileage account. Whatever you do, don’t type anything sensitive, or log into your bank or your email account on a public computer. Instead, use technology to your advantage – check in on your smartphone with an airline app and get a digital boarding pass. It’s encrypted and way safer. Your smartphone, if well-protected, is your greatest tool on the road. By the way, those free WiFi hotspots are highly attractive places for thieves to eavesdrop and track your online activity. Stay away from them and surf on your smartphone data plan.

Here’s your One Minute Mission.  If you are getting ready to travel, especially if you are going overseas, I want you to call your mobile phone provider, boost your data plan and your international calling access.  This will increase your bill for the time that you are traveling, but it’s a heck of a lot cheaper than the fraud that comes from computing on someone else’s network.  That’s a small price to pay for the peace of mind that comes from staying in touch.

I hope you’ll take these easy tips, enjoy your upcoming trips and join me again for Sileo on Security.

Is Your Free Wi-Fi Hotspot Being Hacked?

Don’t you just love the convenience of free Wi-Fi hotspots? You can access your bank account, send emails, browse in a store and then buy it online for half price. Unfortunately, they’re called Hotspots because they attract hackers who want to BURN you by intercepting everything you send over these totally insecure networks. Free Wi-Fi is like using a bullhorn to have a private conversation. I’m going to show you three ways to Wi-Fi without the worries.

I’m John Sileo, and this is Sileo on Security. Free Wi-Fi is everywhere, and most of us are totally addicted to it because it gives us a faster connection and saves on our data plans. By joining free Wi-Fi hotspots, you enable hackers to “sniff” everything you send between your device and the Internet. We call these man-in-the-middle attacks because they are hijacking your data before it leaves the building.

Here are three simple ways to keep criminals out of your private computing:

First, Learn to Recognize Evil Twins! An Evil Twin is a malicious hotspot masquerading as the real thing. Data thieves name their evil twin something very close to the legitimate hotspot to lure unsuspecting surfers and then they run sniffing software that records everything sent, including usernames, passwords and account numbers. The only way to spot an evil twin is to ask the hotspot provider which network is the real one. Hotspots that require a username and password are even more secure and make it much harder to hack.

Second, Look for HTTPS in the address bar! If you HAVE to use free Wi-Fi and you’re sending something sensitive, check to make sure you’re surfing on an encrypted https:// connection. The “s” stands for Secure and encrypted means no one but you and the legitimate recipient can read it as it travels from point A to point B.

Finally, here’s the most powerful solution – Surf Using Your Smartphone. Cellular data connections are encrypted, making it exceptionally hard for a hacker to get in the middle of your transmission. Most of us pay for data by the gigabyte, which means you have to be wise about how you use your data plan. I wouldn’t recommend streaming Titanic over a cellular connection but I’d definitely use it to bank, buy online and email. If you need to go online from a larger device like a laptop or iPad, call your mobile phone company and ask about tethering. Creating personal Wi-Fi hotspots like this costs about $15 per month + data charges, but it’s a lot cheaper than having a cyber criminal cash out your investments because you surfed using an insecure connection.

Here’s your One Minute Mission: Call your cellular provider and ask them how much of your data package you use every month. If you’re maxing it out, upgrade your data plan, but only if you can afford it. Once you have some excess data, go into your settings, turn off Wi-Fi access and use your data plan whenever possible. If you’re streaming a movie temporarily turn Wi-Fi back on.

The next time you’re tempted to logon to a free Wi-Fi hotspot, ask yourself if what you’re about to send could be said over a bull horn in a public place. If not, take the steps we’ve talked about to keep your information private. Thanks for watching and I hope you’ll join me again for Sileo on Security.

Don’t Get Hooked by Phishing Scams

Have you ever wondered how cyber criminals install malware on your computer?  I’m going to show you and give you three tips to keep it from happening to you.  I’m John Sileo and this is Sileo on Security.

This particular hacking technique is called Phishing, and it’s where Cybercriminals send you fake emails that look like they’re from a legitimate business – your bank, PayPal or even a recently breached company like Anthem or Target.

Phishing has gotten a whole lot better over the years.  You can’t tell it from spelling mistakes, grammar, bad logos.  It’s much more exact; the emails look exactly like the legitimate emails. And phishing has morphed into spearfishing.  This is where criminals know a little something about you, maybe from a previous breach and they can highly target you for these really malicious attacks.

So here are three quick tips to keep phishing from infecting your computer and stealing your data.

  1. First of all, I want you to mistrust every link in an email unless you know who it is coming from and you were expecting that link.  Often times they’re collecting your personal information when you click on that link or downloading malware onto your system.  A lot of times there will be a link in the email that looks almost exactly like the legitimate link. So if the link takes you to a place where it’s asking for your money or for your information, just ignore it.
  2. The next thing you can do if you’re suspicious about a link in an email is type the URL directly into the address bar of your browser to make sure it takes you to the legitimate website.  This will keep you from landing on a phishing website where they’re going to try to siphon off your data or cash.
  3. Finally, I want to show you the hover technique.  This is an incredibly powerful way to see if you’re going to the real site or the site of the cyber criminals.   So in your email I want you to hover over the link and it’s going to pop up a window that shows you exactly where you’re actually going to.  When you look more closely at that link it looks like you’re going to the right place, but if you read from right to left instead of left to right (from the slash backward to the .ru or the .com) and your expectation of where you think you’re going doesn’t match where you’re actually going, that’s the first signal that you’re going to a malicious website.  It’s really important to know that when you hover over that link in that email it’s not going to pop up that window immediately.  You need to be patient and wait for it to bring that up.  Don’t click on the link in the meantime and it will show you if you’re going to the good website or the bad.

Here’s your One Minute Mission.  Head to your spam folder; it is full of phishing emails. I want you to hover over some of those links and I want you to start to detect the difference between the good ones and the bad ones.  By practicing the hover technique now you are getting in the habit of detecting those phishing emails when they don’t get caught by your spam software.

With these three tips, you have some basic knowledge of how hackers use emails to steal your private information.

For Sileo On Security, I’m John Sileo.  We’ll see you next time.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.



A Smarter Solution for Thief-Proof Passwords

Don’t you find it nearly impossible to remember all of those passwords you have to create for your online accounts? And a lot of times they’re not very strong. Well, I’m going to show you a great way to create long and strong passwords and not have to remember them.

Hi, I’m John Sileo and this is Sileo on Security. The answer here is password protection software. These password managers are software that live on your computers or your devices–an app that helps you create and remember really good passwords.

There are three basic advantages to password protection software.  The first reason is that password managers make it really simple to have these long and strong alphanumeric, symbol-based passwords. They make it really hard for the criminals to guess what your password is and therefore get into your account.

The second reason is that you’ll never have to remember those passwords again. Part of the problem here is because we have to remember all of these passwords we make them the same across websites and it’s really dangerous. Password protection software forces you to have a unique password for every site and it makes it easy.

The third advantage of password protection software is encryption. It protects your passwords behind lock and key so that the hackers can’t get to them. The number one way that we store passwords now is either in the contact app on our phone, in our wallet on a piece of paper, in an Excel file, or even because we use the same password over and over. That’s incredibly dangerous! They need to be hidden behind encryption. Encryption is the technology that locks your passcodes behind a key that is difficult even for the FBI to get into, meaning that it’s super safe. Nothing is 100% secure but it’s statistically better to have it behind encryption than it is to store it the way you’re storing it or to create passwords the way that you’re currently creating them.

So here’s today’s One Minute Mission. All of these password managers are slightly different depending on if you want it for yourself, your family or your business. So you need to research a couple of different versions and see what’s right for you. Things like – Dashlane, LastPass, 1password. Those are all good ones to research. Here’s what I want you to do. Google the words “password manager reviews” and look for a journal or a magazine that you trust (PC magazine for example) and take a look at the different features and functions of each one to choose which is right for you.

You’re going to feel so good about your security when you get a password manager that works on your devices and computers and locks it all behind that encryption. I look forward to seeing you next time on Sileo on Security.