Tag Archive for: “Identity Theft

How to Protect Your College Student from Identity Theft on Campus

Five tips for better data and device  security habits at college

This fall, roughly 19.9 million college students will attend colleges and universities in the United States, and about 12.5 million of them will be under the age of 25. 

For many young adults, college isn’t just a transition to higher education, it’s a transition to living on their own and taking responsibility for their own finances, digital identity, credit score and banking information — all of which are critically important components of future success and security. 

As I wrote about back in 2010, College-Bound Students Are Vulnerable as Identity Theft Targets. So, parents, as you perform the ritual of shopping for dorm room supplies and stocking up on merch at the college bookstore, you should also be guiding your child through some key processes of establishing credit and safeguarding against identity theft on campus. I say guide because it’s tempting for parents to do the work themselves, but now is the time to step away from the snowplow and let your child learn to shovel their own road. In fact, it’s a good idea to start the process while your child is in high school.

Establish Credit

Educate your kids about starting to establish credit so they have it when they go to rent an apartment or buy a car. One of the simpler ways to do this is to have them apply for and use a student credit card with a small amount of credit. During this process (and any process like it), there are a series of security and privacy decisions that come into play. 

  • A great deal of personal information is collected, analyzed and sold by companies that prey upon naive college students. Make sure that, when applying, your child opts out of all information sharing possible. The minute or two spent changing the default settings (reading and unchecking the marketing and privacy boxes) will save the proliferation of their data down the road. 
  • Teach them to create a long and strong password (preferably with a password manager) that is unique on every website. 
  • Register for automatic account alerts when a sizeable amount of money is transferred, deposited or due so they have a daily view of their balances and activity. 
  • Have them turn on two-factor authentication to eliminate a majority of account takeover by cyber criminals. 
  • Teach them to monitor and reconcile their accounts monthly. 

Freeze Credit

Once your student has opened a credit card account, they should freeze their credit with the three primary credit bureaus: Equifax, Experian and TransUnion. This simple and free step is one of the greatest ways to protect their data and their future buying and credit power. 

Be Street Smart

Aside from protecting their cyber identity, students need to take precautions to protect their physical identity and important documents. 

  • Have sensitive physical documents (bank, legal, personal, FAFSA, applications, etc.) sent to a permanent address (e.g., parents’ home).
  • Leave your Social Security card, passport and other documents in a permanent, off-campus location (e.g., parents’ home in a fireproof and waterproof box or a bank safe deposit box).
  • Shred any important financial documents that come in the mail and never leave sensitive mail lying out.
  • Always lock your dorm room door and don’t leave devices unlocked or unattended in a gym locker, the library or a classroom.
  • Check for unusual devices added to ATMs that might be skimming card info.
  • Always cover the keypad with your hand when entering your PIN, whether at an ATM or a retail store.

Secure Devices

Make sure your student has long and strong passwords on their phones, tablets and laptops and that they don’t share them unless absolutely necessary. There are more than 100 privacy and security settings on the average phone; students need to take the time to customize them and lock down their data. 

Watch this video on How to Bulletproof Against a Stolen Smartphone

Here’s a detailed list of how to secure devices at college.

  • Don’t leave your laptop in an unattended car or in a public place (library, dining room, classroom).
  • Register your laptop with campus security if possible.
  • Install laptop tracking software (e.g., Find My iPhone, Lojak) and enable Find My iPhone on the device.
  • Spend time locking down the privacy and security settings on your smartphone — you won’t believe what you’re giving away for free and how damaging it can be.
  • Don’t store personal information (SSN, passwords, etc.) in unencrypted files or insecurely in the cloud.
  • Securely back up your files on a remote hard drive or a trusted cloud provider (iDrive, iCloud, Carbonite) in case your data is lost or frozen by ransomware.
  • Lock your phone screen with at least a 6-digit passcode — the longer, the safer.
  • Be mindful of malware and ransomware “updates” from untrusted sources.
  • Be suspicious of communal workstations in dorms, libraries, etc. Never log in to websites with usernames and passwords unless you’re certain the computer is secure and won’t save your information.
  • Turn on automatic computer operating systems, software and mobile app updates.
  • Encrypt your laptop (Apple: FileVault, Windows: BitLocker) and smartphone (by using a strong password).
  • Don’t take or store sensitive or embarrassing photos on your devices, as they are commonly exposed by hackers, friends or former girlfriends and boyfriends.
  • Invest in strong security software with anti-virus, spyware and ransomware protection, even if you own an Apple.
  • Don’t discard or sell old devices without professionally wiping them of all data and removing or erasing all SIM cards.
  • Don’t insert strange storage devices (i.e., USB drives) and only insert such devices from friends or administration after scanning them for viruses.

Be Social Media Smart

According to Pew Research, in 2018, 90% of adults between 18 and 24 used the YouTube app, 76% used Facebook and 75% used Instagram. Our kids are spending a lot of time on social media, and all those platforms are collecting data — and selling it to advertisers. Unfortunately, cyber criminals are also accessing that data and using it to commit crimes or simply selling it on the dark web.

The default setting on social media platforms is to share everything, so students should start by un-defaulting their privacy settings. This one action will put them in the top 1% of savvy social media users. This blog post from last year explains the 6 Ways Your Facebook Privacy Is Compromised. Beyond that, teach your child to be careful about who they friend and what they share on social media. 

You can find more tips on how you and your student can lock down social media accounts, as well as how to protect student data and devices on campus, in The Data Privacy & Security Checklist for College Students  (PDF).

As you send your child off to college this fall, arm them with the knowledge and power to keep their identity safe — in both the real world and online. Most importantly, let them know that it’s okay to ask for help from you, the university or a trusted advisor.


About Cybersecurity Keynote Speaker John Sileo

John Sileo is an award-winning author and keynote speaker on cybersecurity, identity theft and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

[elfsight_social_share_buttons id=”1″]

BREACHED! Customer Data from Quest Diagnostics & Lab Corp

Within just a few days of each other, both Quest Diagnostics and Lab Corp, two of the largest blood testing providers in the nation, warned that millions of their customers might have had information breached. In both cases, customers may have had personal, financial and medical information breached due to an issue with the American Medical Collection Agency (AMCA), a billing collections service provider used by both companies.

Between August 1, 2018, and March 30, 2019, someone had unauthorized access to the systems of AMCA. Quest reported that the affected system stored information on roughly 11.9 million of its patients. In addition, LabCorp numbers could be up to 7.7 million customers.

“(The) Information on AMCA’s affected system included financial information (e.g., credit card numbers and bank account information), medical information and other personal information (e.g., Social Security Numbers),” Quest said in a filing with securities regulators. AMCA did not have access to actual lab test results.

Change Your Behavior After the Breach

If you, like pretty much EVERYONE I know, have used either of these services, follow the steps below to protect yourself against future attacks.

  1. Assume that your identity has been compromised. If you have been a customer of either company, don’t take a chance that you are one of the very few customers that aren’t affected. It’s not time to panic; it’s time to act.
  2. Read the explanation of benefits statement from health insurers to confirm that your charges are correct.
  3. I recommend placing a verbal password on all of your bank accounts and credit cards so that criminals can’t use the information they have from the breach to socially engineer their way into your accounts. Call your banks and credit card companies and request to place a “call-in” password on your account.
  4. Begin monitoring your bank, credit card, and credit accounts regularly.
  5. Visit AnnualCreditReport.com to get your credit report from the three credit reporting bureaus to see if there are any newly established, fraudulent accounts set up. DON’T ONLY CHECK EQUIFAX, AS THE CRIMINALS HAVE ENOUGH OF YOUR DATA TO ABUSE YOUR CREDIT THROUGH ALL THREE BUREAUS.

Take Action on Your Accounts

  1. Change your passwords. We hear all the time about stupid things people do when it comes to creating passwords; the most commonly used passwords in the United States for the past several years include “123456”, “password” and some variation like “password1234”. The bottom line is it is nearly impossible to effectively create and remember all the passwords we need to function in our daily lives. It seems there are two ways people handle this. They continue to use the same (usually poor) passwords over and over, or they do what I highly recommend and use a password manager program.
  2. Enable two-step logins. Two-step logins are when two separate passcodes are required to log in to one of your online accounts. One of the most common and popular forms is called text verification, and I’m sure you’ve already experienced it. That’s where you log in to your online account with your regular username and password, and then a secondary passcode is sent to your phone by text or even better, through an App like Google Authenticator. Without that second passcode, no one gets into the account.
  3. Set up account alerts. To monitor accounts quickly and conveniently, sign up for automatic account alerts when any transaction occurs on your account. As a result, if you spend even a dollar at a store, you receive an email or text notifying you of the purchase. If you receive an email for an amount you didn’t spend – bingo – you’re probably a victim of fraud.
  4. MOST IMPORTANTLY, FREEZE YOUR CREDIT. Some websites and cybersecurity experts will tell you to place a fraud alert on your three credit profiles. I am telling you that this isn’t strong enough to protect your credit. Freezing your credit puts a password on your credit profile so that criminals can’t apply for credit in your name (unless they steal your password too). Here are the credit freeze websites and phone numbers for each bureau. Learn more about freezing your credit by watching the video here.

Contact Credit Companies

Equifax Credit Freeze
P.O. Box 105788 Atlanta, Georgia 30348
Toll-Free: 1.800.685.1111

TransUnion Credit Freeze
Fraud Victim Assistance Department P.O. Box 6790 Fullerton, CA 92834
Toll-Free: 1.888.909.8872

Experian Credit Freeze
P.O. Box 9554 Allen, TX 75013
Toll-Free: 1.888.397.3742


John Sileo loves his role as an “energizer” for cyber security at conferences, corporate trainings, and industry events. He specializes in making security fun so that it sticks. His clients include the Pentagon, Schwab and many organizations so small (and security conscious) that you won’t have even heard of them. John has been featured on 60 Minutes, recently cooked meatballs with Rachel Ray and got started in cyber security when he lost everything, including his $2 million software business, to cybercrime. Call if you would like to bring John to speak to your members – 303.777.3221.

Beware Disaster Scams in the Wake of Hurricane Harvey

Identity thieves prey on those who are most vulnerable. You may be in the process of cleaning up your lives, but predators running disaster scams may want to clean up on you by stealing your valuable private information.

As we learned from Hurricane Katrina and Superstorm Sandy, one of the most despicable side effects of a natural disaster is the massive increase in reported cases of identity theft in the affected areas. Thieves take advantage of those who are vulnerable, and those who have suffered flooding, wind damage and the effects of the storm are more vulnerable than ever. Imagine how devastating it would it be to apply for a line of credit to help your family recover from the storm only to find out that your entire net worth now belongs to a thief.

Here are some of the highest priority actions for victims of Hurricane Harvey to take once they have taken care of their immediate safety needs.

Secure your personal information immediately.  Clean-up crews will be heading to the area. MOST are good-hearted volunteers, but some are coming with the intent of looking for physical clues to help them steal identities.  In your distress, you may not even know what to think of.  Be sure you’ve accounted for:

  • Social Security cards, statements or related documents
  • Birth certificates, passports and drivers licenses
  • Wallets, purses, checkbooks and boxes of extra checks
  • All financial records, including bank, brokerage, mortgage, credit card, and insurance
  • All digital devices containing sensitive information, including laptops, computers, smartphones, iPads, etc.

Beware of people offering “help” falsely using recognized names like FEMA or Red Cross.  Organizations like this will never contact you; the only time they ask for money or any personal information is after you have contacted them.  The key here is to be skeptical if anyone is asking for your personal information, even as part of emergency relief. Ask enough questions that you can verify who they are, their intentions and their credibility. Do not just give away information in exchange for a promise (e.g., “This is how you will get a reimbursement from the government”). Make sure they are who they say they are.

As a side note, for those of you who are not disaster victims but want to help, the same rule applies: you should contact the agencies.  Don’t fall for phone solicitations or pleas via email that may lead you to fraudulent websites. One key to look for is “.org” that most non-profits use rather than “.com” in the address.

Beware of fly-by-night contractors offering cheap or quick repairs.  To protect yourself, check on the business.  Make sure they have a permanent business address, carry insurance, and have been in operation for more than a year.  Very importantly, get a written contract before you give out any money!

Place a Fraud Alert on Your Credit File. Immediately place a Fraud Alert with all three credit-reporting bureaus (listed below). This is only a temporary solution, but a necessary step. Once the water has receded, consider freezing your credit.

Order & Monitor Your Credit History. By law, you are entitled to one free report from each agency once a year. The easiest way to get a report is to visit AnnualCreditReport.com or call 1-877-322-8228. You can also request your first report when you are placing a Fraud Alert on your account in Step 1, above. Review your credit report for signs of theft or fraud. If you discover irregularities (accounts you never opened, loans that aren’t yours, credit cards you don’t recognize), contact the credit bureau immediately to report fraud, as well as the company listed in the credit report.

Monitor Your Statements Online. Half of the battle in minimizing identity theft is catching it quickly after it happens. Online bank, credit card and brokerage statements will allow those with Internet access to monitor and detect suspicious transactions on a daily basis. If you have access to the Internet, check your bank, credit card and investment statements to make sure that you recognize every transaction.

Resist the temptation to click on photos from questionable sites.  We are a society that thrives on sensationalized images.  However, some of those dramatic photos we want to know more about are infected with malware.  Stick to legitimate news sites and be especially wary of links on social media sites.

Remember to make safety a priority in every area of your life as you work your way through this trying time.  Our hearts are with you.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

5 Steps to Stop Lost Wallet Identity Theft

[vimeo 92971105 w=640&h=360]

How to Protect Your Lost Wallet or Purse against Identity Theft

In a panic that your lost wallet or stolen purse might lead to identity theft?  Take a deep breath and then take the First 5 Steps to Stop ID theft. First, you need to understand that a lost wallet or purse is one of the most concentrated sources of identifying documents. For now, assume that your lost or stolen wallet or purse will be used to exploit your identity. Sometimes, even when your missing item shows up unexpectedly, the damage has already been done by a clever thief who is simply returning your valuables so that you don’t suspect further theft and shut down your accounts. Don’t take any changes. Instead, take these first five steps (adapted from my Identity Theft Recovery Guide):

1. Inventory Your Lost Wallet or Stolen Purse from Memory

Want us to walk you through the entire recovery process with quick videos, easy forms and expert advice as you go? Click on the Recovery Guide and get started before your wealth evaporates.

The first step is to identify exactly what was in your purse or wallet.  If you haven’t photocopied everything, start making a list and add to it over the next few days as you remember more.  Here are some of the highest risk items:

Checks/checkbook*, Cell phone or smartphone, Keys, garage openers, Credit cards, debit cards, ATM cards, Drivers license, Student ID cards, Military ID cards, Medical ID cards, Auto insurance, Social Security card*, Loyalty cards, Bills to pay, Passport*, Library cards, Birth Certificates, Receipts, Passwords, PINs*, Child/Parent InfoWork ID…

* You should NEVER carry these items with you unless absolutely necessary for a certain occasion.

2. Make Immediate Calls & Log Conversations

The next step is to make calls regarding missing items and keep a log of all correspondence. The sooner you properly shut down these accounts, the less you will lose. (See Video or Identity Theft Recovery Guide)

3. Protect the Sensitive Data on Your Mobile Devices 

If you have taken any preventive steps to protect your mobile device, such as remote tracking and wiping, don’t hesitate to remotely erase your mobile device. It is a digital treasure trove of personal identifying information. If you haven’t already implemented remote tracking and wiping on your cellphone, do so now. (Step 4)

4. Change Passwords on Affected Online Accounts

If you carried any information regarding your online accounts in your lost wallet or bag (especially on a smartphone or tablet that was stolen too), immediately change passwords on all relevant online accounts. A single mobile phone can have multiple logins for banks, investment brokers and numerous financial institutions. I highly recommend utilizing a password protection software to encrypt and protect your numerous passwords.(Step 5)

5. File a Police Report

In order to draw a line in the sand (any crimes committed in your name or money taken out of your accounts that happens after the police report are easier to defend, should it be required.) As discussed in the Guide, filing a police report can be difficult, so attempt to submit it online before trying in person. (Step 8)

In total, there are 31 unique steps for you to consider during the recovery process, including filing victim and police reports, locking criminals out of your credit, taxes and medical benefits, as well as defending your online accounts, children’s identity and safeguarding your financial investments.

John Sileo is the award-winning author of four books on identity theft, including The Identity Theft Recovery Guide. John delivers keynote speeches to conferences and companies that don’t want to end up as the next data breach headline. His clients included the Department of Defense, Pfizer, Visa and Homeland Security. Watch John keynotingon Rachael Rayor through the eyes of his clients.

 

Latest Tax Scams "Target" Data Breach Victims

It’s no surprise that identity theft once again tops the “Dirty Dozen” tax scams put forth by the IRS for 2014.  They warn that if an identity thief has access to your personal information, such as your name, Social Security number or other identifying information, he or she may use it to fraudulently file a tax return and claim a refund in your name.  Think of the implications for the 110 million victims of the recent Target data breach as well as victims of the hundreds of other breaches at other retailers, universities, healthcare providers, government agencies and so on.

KrebsOnSecurity reports that the information from the Target breach alone has reportedly flooded underground black markets and cards are being sold from around $20 to more than $100 each.  This data is being sold in hundreds of online “stores” advertised in cybercrime forums.  A fraud analyst at a major bank was able to buy a portion of the bank’s accounts from such a store.

The twist this year is that telephone scams are being linked to the breaches as well.  There are many variations, but most involve criminals contacting a victim saying they are from the IRS and that money is owed.  They know the victim’s personal information such as Social Security numbers (from the stolen breach data), so it is very convincing.  They may demand payment be sent immediately, threatening anything from arrest to driver’s license revocation if non-compliant.

Then here’s the kicker, there is often a follow up call supposedly from the local police department or the state motor vehicle department (with realistic numbers on the caller ID using a “spoofing” technique) to scare the victim into action even more.  So far victims in nearly every state have fallen prey to this scheme to the cost of more than $1 million.

To read more about the characteristics of these scams and how to avoid them or get help if you think you’ve been a victim of this hoax, visit the IRS website.  In the mean time, remember what IRS Acting Commissioner Danny Werfel said in a press release: “Rest assured, we do not and will not ask for credit card numbers over the phone, nor request a pre-paid debit card or wire transfer.”

Also remember to guard well your personal information.  This tax scheme is just one example of how obtaining your personal information from one source makes it easier to socially engineer you in another way.  Be wary to be on the safe side!

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

How Do I Stop Obamacare Identity Theft? [Burning Questions Ep. 3]

Today marks the start of the Affordable Care Act (aka Obamacare). As with any new, massive, government-sponsored program, scammers and identity thieves will try to take advantage of the public’s confusion and unfamiliarity with the new Health Exchanges (which we’re calling Obamacare Identity Theft).

Read more

Higher Education Features Cyber Security Expert John Sileo

Universities perfect learning environment for data security

Higher Ed Organizations are among the highest risk groups to become victims of identity theft and data breach. Because students are relative “beginners” when it comes to personal finances, because university environments are predicated on trust and credibility, and because of the recent progress towards a mobile-centric, social-networking-dominated campus, higher education’s digital footprint is constantly exposed to manipulation.

"The most engaging speaker I've ever heard - period"

“The most engaging speaker I’ve ever heard – period.”  Debbie Bumpous, NSU Chief Information Technology Officer speaking about John Sileo

“John Sileo was the secret sauce in launching our cyber security awareness program” – University of Massachusetts Director of IT

Universities are 357X more likely to be affected by data breach than the average organization. High profile cases, some of which ended in class action lawsuits against the breached university include the University of Nebraska (650,000 breached records at an estimated cost of $92 million), UCLA, Auburn, Delaware, and Texas. Data theft is bad for students, time consuming for the administration and a public relations nightmare for the university. John Sileo knows their pain first hand, as he is generally the person contacted by universities after they have been breached. 

Video: watch John help a university prevent data theft before it happens

[youtube http://www.youtube.com/watch?v=0eveXtEku9M&rel=0]

Universities Have a Distinct Advantage in the Fight for Data Privacy

There is genuinely optimistic news amidst the gloom and doom. Because of their teaching facilities, their communication channels and their understanding of pedagogy, universities small and large are uniquely equipped to train campus wide on the simple steps to keep private data secure before it is breached. But it takes the right speaker to introduce security in such a way that it connects with a mixed audience–student and faculty, young and wise, technologically-oriented and digitally-challenged.

John Sileo sets the standard for presentations that get students, faculty and administrators to emotionally connect to the critical nature of privacy, security and identity protection. Using his own personal story of identity theft, John interacts with your audience to gain “buy in” to the increasing importance of securing identity in a mobile-driven, social-media-dominated world.

“If the presentation is boring or overly technical, the campus won’t listen, won’t learn. John is anything but boring…”

Video: Hear what university leaders have to say about John’s ability to make it personal

[youtube http://www.youtube.com/watch?v=eByEVFdF5pY&rel=0]

John has spoken extensively for other universities to increase awareness on privacy, security and identity. Unfortunately, he’s usually brought in AFTER THE BREACH and asked to sign confidentiality agreements that don’t allow him to disclose his work with the university. And if there is someone that respects his client’s right to privacy and confidentiality when requested, John is it. We can say that John has worked with top ranked universities in California, Colorado, Connecticut, Massachusetts, Maryland, South Dakota, Nebraska, Florida, New York, Pennsylvania , Washington D.C., Utah, Wyoming and Virginia. We hope that your university/fraternity/organization chooses to proactively address the problem like those public references listed below:

Listen to what Universities have to say about John’s presentations

Wellesley College“Your presentation had the audience engaged from the first moment you started speaking. Data security is so often such a dry topic that it can be very challenging to get our users to listen to anything we have to say (let alone to show up). Your personal stories were both heart wrenching and thought provoking, and they provided an important backdrop for the lessons you were teaching. And you did all of this with humility, and a wonderful sense of humor, that caputred the audience’s attention. When people were leaving the event, many told me it was the best presentation they had ever seen and it was unanimous that was time well spent.”

— Donna Volpe Strouse, Information Security Officer, Wellesley College


 

UMASS“John’s presentation was excellent. He has a unique and skilled way of connecting with the audience and relating personal security to university security initiatives.”

“Felt like a knowledgeable friend grabbed me by the shoulders, slowed me down and saved me from getting into trouble.”

Engaging and entertaining delivery of what is typically a dry topic – it makes the message stick.”

“Compelling, persuasive, intelligent, common sense and passionate presentation that opens your eyes. Funny too!”

— Various CIO Coordinators and Attendees at the Six University of Massachusetts Campuses


 

Seal_of_Northern_State_UniversityThe most engaging speaker I’ve ever heard – period. As part of a campus-wide cyber-security awareness program, Northern State University hosted John Sileo on our campus. John’s presentation was the culmination of a month-long awareness campaign for faculty, staff and students and part of the National Cyber-Security Awareness Month. The presentation itself was of the highest caliber. John personally catered the content of his presentation to our unique and diverse audience members. John is an incredibly motivational presenter that can speak directly to any audience, of any age. Throughout his presentation, he actively engaged members of the audience, capturing and holding their attention. This engagement brought a personal touch to the presentation and underscored the importance of his message. I would highly recommend John Sileo as a presenter or guest speaker. His expertise, friendliness, and professionalism are exemplary.”

— Debbi Bumpous, Chief Information Technology Officer, Northern State University


 

Foundation_LogoThe Delta Gamma Foundation is the heart of the Delta Gamma Fraternity… One of the most successful programs we offer our collegiate and alumnae members is our Lectureship in Values and Ethics. Now present on 15 campuses throughout the United States (with 4 more Delta Gamma chapters in the process of completing their lectureship), our lectureship series has featured such nationally acclaimed speakers as Colin Powell, Queen Noir, Maya Angelou, Barbara Bush, Gerald Ford, Jeff Probst and many more.

On June 18, 2010, at our 64th biennial Convention in Denver, CO, the Delta Gamma Foundation sponsored our Convention Lectureship in Values and Ethics. This lectureship is very special because it is presented to the entire Convention body. Our guest speaker was John D. Sileo who spoke on identity theft prevention… John captivated an audience of 900 ranging in age from 19 to 90 telling his personal story of theft identity and educating all of us to intellectually understand the importance of one’s privacy. John is a story teller who tells a compelling story with humor, intrigue and ongoing audience interaction. The presentation was outstanding.

Delta Gamma continues to receive positive feedback on John’s presentation and performance. On behalf of the Delta Gamma Foundation, we would strongly recommend John for any audience of any age. His story needs to be told and shared.

— Roxanne LaMuth, Delta Gamma Foundation


 

CSC Wordmark 208- 2006John Sileo is the real deal. He speaks because he has something to say, but also because he is interested in his audience! If you host speakers, do yourself a favor and hire John… he will remind you of all that is good about offering a speaker to an audience.

Loree MacNeill, Chadron State College

 

 

Online reputation site must defend itself after losing customer data

Online reputation services have a special responsibility to keep clients safe. How can you protect yourself when the very company you rely on is breached?

Would you trust a site with your personal information after it suffered a breach? What if that site’s sole purpose is to protect your reputation?

Reputation.com helps its members maintain a reputable online profile, but the site’s own profile was damaged by a recent data breach that led to the exposure of customer information. Although no Social Security numbers or financial information was lost, names, email addresses, and physical addresses were exposed. It’s been reported that some dates of birth, phone numbers, and occupational information were also lost. A “small minority” of customer accounts had hashed and salted passwords stolen. 
 
Hashing’ passwords is the process of using algorithms to change customers’ passwords to a unique data string. The ‘salt’ adds more characters to produce a unique data fingerprint. The company has notified all customers of the breach and reset passwords to protect them. But Reputation.com is not alone in being hacked recently. LivingSocial, a daily-deal website, was breached, affecting 50 million customers.
Maintaining our online reputation is important to us and the internet, social media and mobile technology are great tools that give us a competitive advantage. However, we cannot ever take our online privacy for granted. Three tips to keep you ahead of identity theft are:
  • Use a password protection program that makes it easy to use highly-encrypted passwords
  • Change passwords on sensitive accounts monthly
  • Maintain strict privacy and security settings in your browser preferences

John Sileo is an online reputation expert and in-demand speaker on data security, social media safety and identity theft. His clients have included the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Stop Check Fraud with Security Checks

How to Stop Check Fraud and Check Washing

Check washing, a highly common form of check fraud, is the practice of removing legitimate check information, especially the “Pay To” name and the amount, and replacing it with data beneficial to the criminal (his own name or a larger amount) through chemical or electronic means.  One of the many ways to protect yourself against check fraud is so important that it deserves its very own article.

A foolproof way to protect your checks from being altered, whether by washing or by electronic means, is to use security checks offered by most companies.

Here are some of the features to look for when you’re purchasing High Security Checks.  These features will safeguard you not only against check washing, but other high tech forms of check fraud as well:

  • Safety security paper (visible and invisible fluorescent fibers, chemical-sensitive)
  • Foil hologram (cannot be reproduced by copiers or scanners)
  • High resolution border elements (intricate design is difficult to reproduce)
  • True watermark (cannot be reproduced by copiers or scanners)
  • Toner adhesion  (damage is visible if toner is lifted or scraped)
  • Void element (the word void appears if photocopied or chemically altered)
  • False positive test area (instant authenticity test with black light or counterfeit pen)
  • Complex pantograph background pattern and high-security colors
  • Thermochromatic ink (reacts to heat to deter copying)
  • Original document backing (deters cut and paste alteration attempts)
  • Chemical wash detection area (shows chemical alteration attempts)
  • Security warning box (becomes visible when photocopied)
  • Padlock icon (signifies that checks meet industry standards)

One more vital tip to foil the check washers: use a dark ink, gel-based pen, preferably one that states it is a security pen. Take a look at the video to the left to see how easy it is to wash a check if you are not using a high security gel-based pen. 

Yes, you may spend a few extra dollars for security checks and pens, but compared to the staggering cost of recovering from check-washing schemes (small businesses lose more than 7%  of their annual revenue to check fraud  – over $600 billion), it’s a drop in the bucket!  Your peace of mind and saved recovery time are worth it.

Checks Unlimited provides personal Securiguard checks with 7 advanced security features including chemical protective paper, microprint signature lines, and a 2 dimensional holographic foil that is irreproducible on copiers or scanners.  Their Security Center also offers fraud prevention tips and security products!

John Sileo is CEO of The Sileo Group, and a  keynote speaker on cyber security, identity theft and business fraud prevention. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

 

Darwin Awards: identity thief thinks she looks more like victim than victim does

Identity Thief Bloopers

When a waitress says, “Hi, I’m Brianna and I’ll be taking care of you today,” you don’t expect the customer to be thinking, “What a coincidence, my fake name is Brianna.” And you certainly don’t expect said customer to be so bold, or idiotic, as to buy a drink using a fake ID belonging to the very same Brianna she’d stolen it from a week before.

As they say at Applebee’s, welcome to the neighborhood – at least the identity theft neighborhood.

According to a recent 9News story, Brianna Priddy, an Applebee’s waitress in Lakewood, CO was out with friends when her wallet was stolen. Enter the crime-challenged suspect who stole Priddy’s wallet containing cash, credit cards and her driver’s license. The suspect then used the license to cash hundreds of dollars of fraudulent checks, creating a financial and administrative nightmare for Priddy.

But the America’s Most Wanted Gods were smiling on Priddy when the suspect showed up at the Applebee’s where Priddy worked to buy drinks…with her new fake ID. This is like robbing a bank and then returning to scene of the crime to get change for the $100 bills you just stole. The technique is not likely to land you in the Crime Achievers Hall of Fame but more likely to land you in a different hall with steel bars.

Luckily, Priddy was quick thinking when the identity thief presented her with her own ID. She promptly called the police who immediately arrested the identity thief… making it once again a beautiful day in the Applebee’s neighborhood.

The ultimate irony? The suspect was 26 years old and could have bought drinks using her own ID, proving once again that crime doesn’t pay. And if it did, these criminals are not using the funds for higher education.

So what have we learned about how not to become a victim of identity theft?

  • First, be careful with your passport, license, or other forms of identification. In the wrong hands, these documents can drain your bank account, damage your credit, or make you look bad if used by someone uglier than you.
  • Second, report the loss of your ID immediately to the police so your bases are covered when someone commits crimes in your name.
  • Third, set up alerts on your credit cards and bank accounts so that you know when someone else is spending your money. This can also come in handy if your spouse tends to be a spender.

Lastly, if you are an identity thief, avoid Applebees. For extra credit, keep good records on whom you steal ID’s from. And then cross check those records and the photo on the ID when presenting it as your own. It’s just less awkward that way.

John Sileo is the CEO of the information economy think tank, The Sileo Group. He often shares humorous stories in his keynote presentations to help his audience emotionally connect to protecting the data that defines them. His clients include the Pentagon, Visa, Homeland Security and Pfizer.