John Sileo Cybersecurity Expert Top Tips

I get asked at almost every keynote speech how the audience members can protect themselves, their families and their wealth personally. So I put together a series of videos to take you through some of the first steps. I hope this gets you started, and that I am lucky enough to meet you in person at a future speech!

Freeze Your Credit

A freeze is simply an agreement you make with the three main credit reporting bureaus (Experian, Equifax and TransUnion – listed below) that they won’t allow new accounts (credit card, banking, brokerage, loans, rental agreements, etc.) to be attached to your name/social security number unless you contact the credit bureau, give them a password and allow them to unfreeze or thaw your account for a short period of time.

Equifax Credit Freeze
P.O. Box 105788 Atlanta, Georgia 30348
Toll-Free: 1.800.685.1111

TransUnion Credit Freeze
Fraud Victim Assistance Department P.O. Box 6790 Fullerton, CA 92834
Toll-Free: 1.888.909.8872

Experian Credit Freeze
P.O. Box 9554 Allen, TX 75013
Toll-Free: 1.888.397.3742

Two-Step Logins

There are three basic ways to find out whether or not your provider makes two-step logins available:

  • Call them directly and ask them how to set it up. I especially like this method when working with financial institutions, as you want to make sure that you set it up correctly and they should be more than happy to help (as it protects them, too).
  • Visit the provider’s website (e.g. Amazon.com) and type in the words “two-factor authentication” or “multi-factor authentication” or “security tokens”.
  • Google the name of the website (e.g., Schwab.com) along with the words “two-factor authentication” or “multi-factor authentication” or “security tokens”.
  • Visit this helpful listing (https://twofactorauth.org/) to see if your desired website appears on the list of two-factor providers.

Online Backups (for Ransomware)

You need to have an offsite backup like in the cloud or elsewhere that is well-protected that happens daily on your data. That way, if ransomware is installed on your system, you have a copy from which to restore your good data. You have the ransomware cleaned off before it enacts and you’re back up and running. Make sure it:

  1. Is updated whenever a change is made or a new file is added.
  2. Is stored somewhere different than your computer.
  3. Actually works when you try to restore a file.

My personal recommendation and the one I use is iDrive online backup (iDrive.com).  I recommend buying twice the hard disk space of the data you need to back up.

Personal VPNs

A Virtual Private Network (VPN) extends access to a private network across a public network, so a user can send and receive data across a public network as if their personal device was directly connected to the private network. In layman’s terms, it’s like having a private tunnel between your device and your destination. If you haven’t already, research the term “VPN Reviews” to get the latest research and then install a VPN on every device to cyber secure your virtual office and smartphone.

Free Credit Reports

Go to annualcreditreport.com to see your three credit reports from the three credit reporting bureaus.  Periodically request a report from one of the bureaus and cycle through each of them every three months or so.

Identity Monitoring

Ask four questions as you research your options:

  1. Does the service have a simple dashboard and a mobile app that graphically alert you to the highest risk items?
  2. Does it include robust recovery services? (How long does it take to reach a live human being in the restoration department?)
  3. Does the service monitor your credit profile with all three credit reporting bureaus?
  4. Do you have faith this company be in business three years from now?

Password Managers

A password manager is a software application that helps a user store and organize passwords. Password managers store passwords encrypted, requiring the user to create a master password; a single, ideally very strong password that grants the user access to their entire password database.

Research Password Management services such as Dashlane, LastPass, or the one I personally use, 1Password. Google the term “Password Manager Reviews” and look for articles in a magazine you trust to find the one right for you.

Junk Mail

To opt out of pre-approved credit offers with the three main credit reporting bureaus, call 888-5-OPT-OUT (888-567-8688) or visit www.OptOutPreScreen.com.

Phone Scams

If you receive a call that triggers your scam alert reflex, HANG UP!  If you receive a call from someone supposedly from a financial institution, utility company or a government agency and they ask for personal information like your Social Security number, HANG UP! Or if someone calls from “Apple” or “Microsoft” promising to help with a computer issue, HANG UP!  You get the idea.  If you think it is a legitimate call, tell them you will call them back from a published number.  If they start making excuses, HANG UP!!!

Google Maps

  1. Go to www.google.com/maps
  2. Locate your house by typing its address into the search box and pressing Enter.
  3. Click on the small picture of your house that says Street View.
  4. Adjust Google Maps Street View by clicking the left and right arrows on the Street View image until you see your house.
  5. Click the Report a Problem link at the bottom-right corner of the Street View image or, depending on the device you are using, click on the three dots in the upper right-hand corner.
  6.  It will take you to a page to Report Inappropriate Street View.  Here you can ask to have any number of things blurred, including the picture of your house.
  7.  You will need to provide your email address and submit a CAPTCHA.

Smart Speakers

Ask yourself how comfortable you are having a corporation like Amazon or Google eventually hearing, analyzing and sharing your private conversations. Many people will say they don’t care, and this really is their choice. We are all allowed to make our own choices when it comes to privacy. But the vitally important distinction here is that you make a choice, an educated, informed choice, and intentionally invite Alexa or Google into your private conversations.

Account Alerts

To monitor accounts quickly and conveniently, sign up for automatic account alerts when any transaction occurs on your account. If you spend even a dollar at a store, you receive an email or text notifying you of the purchase.

  1. Go to the bank or credit card company website.
  2. Search for “Account Alerts” in their search window.
  3. Set up your alerts for a dollar threshold that makes sense for you.

Internet of Things

  1. Understand your exposure.  What do you currently connect to the internet?
  2. Make a list of the devices you have that connect to apps on your smart device.
  3. At a minimum, make sure you have CHANGED THE DEFAULT PASSWORD!!!
  4. Also consider disabling location services, muting any microphones and blocking any webcams.
  5. Finally, update the firmware regularly.

Tax Return Scams

If you suspect tax fraud, call 877-438-4338 or go to consumer.ftc.gov to alert them.  (They will not EVER call you or reach out via text or email!)

If you had a fraudulent deposit made directly to a bank account, contact your bank’s automated clearing house department to have it returned.  And close that bank account and open a new one while you are at it!

Safe Online Shopping Habits – Episodes 1, 2 & 3

  1. Stick to websites you know and trust. Beware of imposter websites that have a URL nearly identical to the one you mean to use.
  2. Always look for the lock icon in the browser and and “https” in the URL.
  3. Use long strong passwords.
  4. Never shop with a debit card online. It’s even better to use a dedicated credit card just for online purchases.
  5. Set up automatic account alerts on your bank account.
  6. Request a new credit card number once a year (after the busy shopping season).
  7. Set up two-factor authentication on your bank, credit card and retail accounts.
  8. Use a Personal Virtual Private Network (VPN).
  9. Download the apps for your favorite retail sites onto your smart devices and shop directly from them using your cellular connection.  This will assure you are not on a fraudulent site, you are protected by at least two passwords and your internet connection is encrypted.

Phishing Scams

  1. Mistrust every link in an email unless you know who it is coming from and you were expecting that link.
  2. If you’re suspicious about a link in an email, type the URL directly into the address bar of your browser to make sure it takes you to the legitimate website.
  3. Use the hover technique to see if you’re going to the real site or the site of the cyber criminals.

John Sileo, cybersecurity expert and identity theft speaker, has appeared for the Pentagon, Amazon and on shows like 60 Minutes and Anderson Cooper. Contact us for more details on 303.777.3221 or using our contact form.