Tag Archive for: John Sileo

Business Identity Theft Radio Interview, Part I

John recently did a radio interview on business identity theft for New Construction Strategies hosted by Ted Garrison. The construction industry, like most industries, battles with data theft on a daily basis. Insider theft, cyber crimes, social networking exposure – these are just a few of the areas that businesses need to defend against in the information economy. Listen to the interview to learn more.

“DODGING THE HIT FROM IDENTITY THEFT: WHY YOU SHOULD CARE”
John Sileo with Ted Garrison

Data breach, identify theft, and corporate espionage can cause huge damage if you don’t stop them upfront because the impact goes right to your bottom line. Listen to John Sileo, author of Stolen Lives, describe the horrors of not protecting yourself as well as what you must do to protect yourself.

LISTEN NOW

 

Facebook Status Update Leads to Robbery

When you are ‘friends’ with people on Facebook that you are not actually friends with, how do you know whether they have good intentions?

A recent segment on CNN discusses the risks that you may be taking while updating your Facebook status. You don’t know who is looking at your private information because it’s truly not private – it’s public. Keri McMullen found this out the hard way after she posted a simple status message that she was going to see a band with her fiancé. It only took the burglars calling the venue to find out what time the show was to let them know when they could break into her home. The burglars showed up 35 minutes after the McMullens left for the concert.

It is that simple. You post a casual message to your “friends” that could turn into a nightmare where, like Keri, you lose upwards of $11,000 in personal property. They were lucky that they had cameras installed in the home and were able to catch the perpetrators on film. After posting pictures of them on her Facebook page (a good use of social networking), another friend recognized the intruders as Keri’s high school classmates.

Keri’s experience shows other Facebook users that, even though you may have known an individual at one time, if you do not interact with them and know their character now, then how can you trust them? Remember you don’t have to be Facebook friends with everyone you have ever spoken to. By keeping your ‘friends’ limited, you are lessening your risk of becoming a victim. No matter what privacy setting you have on your Facebook profile, your posts are public, permanent and exploitable.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

[youtube https://www.youtube.com/watch?v=VgwQPhpRPd0&rel=0]

Nigerian Scam Takes a New Form

Nigerian scams happen everyday to thousands of victims in various ways: email, snail mail, fax, Facebook and for the first time in our experience, the “Contact Us” page on our website. This is significant because it shows the the technology of the Nigerian crime rings has advanced enough to foil the Captcha device on our website.

Nigerian scams (more accurately known as advanced-fee fraud) have been around for ages and were named because they originated in Nigeria. To create the scam, criminals generally claim that there is a large sum of money that can only be released to a relative of some deceased member of royalty.  Victims are asked to provide a bank account into which the money can be transferred and are promised a large percentage of the money for performing the service. In some cases, victims may also be asked to pay a fee or a series of fees for the release of the money.  Once the victim has provided account information, the criminals will often drain their bank accounts, and occasionally use that information to open new, fraudulent accounts.

If you have never seen one before I highly recommend you read this. They change frequently and recently have been taking more complex forms, but the intention is always the same: to steal your money in exchange for the prospect of wealth that never materializes.  After seeing how they try to lure you into helping them with a compelling story,  you will be able to spot them with ease and protect yourself form becoming a victim.

From: refugee camp (helise)
Date: July 24, 2010 4:11:08 AM MDT
To: john@192.241.219.145
Subject: Contact Submission [ThinkLikeASpy.com]

===================================================================
Below is a contact request from ThinkLikeASpy.com
===================================================================

Name: helise
Email: refugee camp
Phone:
Company:
Location:


Comments:
Dear friend,
My nane (sic) is Miss Helise Mambo Robert.I am constrained to contact you because of the maltreatment I was receiving from my uncle since the death of my parents. She has taken away all my late father’s treasury and properties from me since the unexpected death of my beloved parents. Meanwhile I wanted to escape to the Europe but he hides away my international passport and other valuable traveling documents. Luckily, He did not discover where I kept my father’s file which contained important documents. So, I decided to run to the refugee camp where I’m in a the Refugee now.
My late father of blessed memory deposited the sum of Fifteen Million five hundred thousand US Dollars.(US$15.5M)some where with my name as the “next of kin”.The money was inherited from my father who was the Chairman of the Zimbabwe Gold Mining Corporation before he was assassinated by the country’s president, Robert Mugabe. However, I shall forward you with the necessary documents on confirmation of your acceptance to assist me receive the fund in your country for further investments on my behalf. As you will help me in an investment, and I will like to complete my studies when I will come over to your country as I was in my 1st year in the university when the crisis started.This is the reason why I decided to contact you.
The money has been lodged with a company, since 2008. I now want to move this money abroad and invest it in Profitable ventures, as the time is now ripe for such move.I was in the school when my father and mother were assasinated (sic) by the president.Our houses and other properties were distroyed (sic).The group pretended to be rebels but we knew that it is the president that sent them because he has disagrement (sic)with him on the issue of killing the white people who are farmers in my country.My father opposed the killing and my father told him that he will expose him if he goes ahead in killing the with farmers.

WHAT I ASK YOU TO DO:

1.Firstly to assist me move this money to any stable country abroad.
2.To assist me invest the money in profitable ventures in your country or any other suitable country where you have good connections.
3. To help me re-locate me to the suggested country.
4. To manage the money in a profitable manner, preferably a joint venture deals with you. It is risk free.
Immediately I hear from you I will detail you on the procedure of moving the money to your country.

For your assistance you will get 30% (Thirty Percent) of the total amount.
You can contact me through my e-mail above for more details.
Sincere regards

Miss Helise Mambo Robert
===================================================================

John Sileo became America’s top Identity Theft Speaker after he lost his business and more than $300,000 to identity theft and data breach. His newest Book Privacy Means Profit:Prevent Identity Theft and Secure You and Your Bottom Line is available now. His clients include the Department of Defense, the FTC, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Online Privacy: 5 Good Habits

People will do something—including changing their behavior—only if it can be demonstrated that doing so is in their own best interests as defined by their own values.
—Marshall Goldsmith, What Got You Here Won’t Get You There

People don’t change bad habits until they have a compelling reason. Too often that compelling reason is the result of a habit’s negative outcome; but the promise of positive rewards resulting from the establishment of good habits can be a strong motivator. In the workplace, aligning responsible information stewardship with personal and professional gain can set the stage for good privacy habits.

Here are 5 steps you can take towards perfecting your own Privacy Habits:

  1. Tighten up online passwords. Use a password management software like 1Password, Dashlane, LastPass or Keeper to create, protect and share long, strong, alpha-numeric-symbol passwords.
  2. Use Two-Step Logins. Watch this video about two-factor authentication for one of the best tools to protect your online accounts.
  3. Secure your Facebook. Tighten up the privacy settings and make your profile only available to your friends. We do a lot of posts on Facebook Privacy Settings because they have a tendency to change frequently. Watch the site and subscribe to our newsletter to stay current on how to protect yourself and your profile on Facebook.
  4. Opt-Out. Take the time to call 1-888-567-8688 or visit www.OptOutPreScreen.com
    to stop financial junk mail from ending up at your house and inevitably – your trash. Those mailers give thieves an easy way to set up credit card accounts in your name without your consent. They spend money on the card and default on the balance, leaving you with the mess of proving that you didn’t make the purchases.
  5. Order your free credit report. By law, you are entitled to one free report from each agency once a year. The easiest way to get a report is to visit www.annualcreditreport.com or call 1-877-322-8228. Make sure that you request your free annual credit report from one credit agency only, as you can order the other two reports throughout the remainder of the year. By spreading the reports out over time, you will be monitoring your files consistently and frequently.

 

Are Your Kids Safe Online?

As a parent you are often worried about what your kids are being exposed to on the Internet. Apparently so are Facebook and the PTA. They have teamed up to teach parents and children about responsible Internet use. They plan to cover cyber-bullying, internet safety and security and “citizenship online,” according to a news release.

“Nothing is more important to us than the well-being of the people, especially the many teenagers, who use Facebook,” said Sheryl Sandberg, Facebook’s chief operating officer.

Facebook is the number one social media site with over 500 million users and a minimum age requirement of 13. Even that requirement can be easily fudged because Facebook has no way of verifying a user’s age besides asking for their birth date when they register. Parents are having trouble deciding whether to let their children join Facebook prematurely and what they should be cautious of if they do so.

Learn more on Protecting Your Children Online.

It is important to be educated when dealing with any form of social media or social networking website. Social networking is immensely powerful and is here for the long run, but we must learn to harness and control it. You should know the ins and outs, pros and cons, risks and rewards to using these online tools. Because teens and children don’t necessarily have the life experiences to recognize the risks, parents must educate themselves and pass that knowledge on with open and honest discussions on Facebook and Online Safety.

John Sileo became one of America’s leading Social Networking Speakers & sought after Identity Theft Experts after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

5 Business Survival Lessons from Google’s Spying

A few months ago, Google got caught sniffing unencrypted wireless transmissions as its Street View photography vehicles drove around neighborhoods and businesses. It had been “accidentally” listening in on transmissions for more than 3 years – potentially viewing what websites you visit, reading your emails, and browsing the documents you edit and save in the cloud.

Public opinion blames Google, because Google is big and rich and and scarily omnipotent in the world of information domination. It’s fashionable to blame Google. What Google did was, to me, unethical, and they should eliminate both the collection practice and their archive of sniffed data.

But the greater responsibility lies with the businesses and homes that plugged in a wireless network and did nothing to protect it. Don’t tell me that you don’t know better. When you beam unencrypted data outside of your building, it’s no different than putting unshredded trash on your curb – YOU NO LONGER OWN IT. In fact, when you take no steps to protect the data that flies out of your airwaves and into the public domain, you really have no claim against someone taking it. It’s like finding a $100 bill on an abandoned sidewalk – you can claim it or the next lucky person will. Tom Bradley of PC World agrees:

The lesson for businesses and IT administrators is that you have to put forth some effort to at least give the appearance that you intend for the information to be private in order for there to be any inherent expectation of privacy. The burden should not be on Google, or the general public to have to determine whether the data you let freely fly about unencrypted is meant to be shared or is intended for a specific audience.

The Google story illuminates 5 Business Survival Lessons:

  1. This, like so many other business issues, is not a technology problem. The technology to keep out unwanted eyes exists (unless a government wants to tap you) and is accessible and affordable. The problem is human — someone has decided to ignore what they know should be done (especially having read this article)
  2. Private information that you fail to protect is no longer your private information (pragmatically and probably even legally).
  3. In the marketplace of data, just like in business, it is your responsibility to control what you can. Not everything is in your power, but safe wireless transmissions are. Whether it’s trash in a dumpster, posts on Facebook or wireless signals, the responsibility is yours and your business’s, not just Google’s, Facebook’s and corporate America’s. You must do your part.
  4. If you don’t employ at least WPA2 encryption currently on your wireless networks, I can nearly guarantee your data is being watched. And the expense of upgrading is minor compared to the prospect of breach, so lose that excuse.
  5. Prevention isn’t sexy, but it’s profitable. Whether your are preventing data leakage, budget shortfalls, or a heart attack, the key is to do the hard work before it happens.

John Sileo is the award-winning author of Stolen Lives and Privacy Means Profit (Wiley, August 2010), a professional Financial Speaker and America’s leading identity theft expert. His clients include the Department of Defense, FTC, FDIC and Pfizer; his recent media appearances include 60 Minutes. Contact him on 800.258.8076.

Facebook Announces New Privacy Settings

Last week we announced that Facebook was changing their privacy settings – again! Well the new changes have arrived and should be active on your Facebook the next time you log in. The Instructions that will lead you through the new settings will be posted at the top of your mini-feed.

By clicking on the Learn More button you will be directed to the Controlling How You Share Page.

This page will contain a long list of descriptions of your privacy settings, what you can control and what is made public and out of your control.  Click Edit your privacy settings to make the appropriate changes to protect your information and what you want to share on Facebook.

Take the time to make sure you go step by step. Missing one option or click could mean sharing more information than you would like. Make sure you visit your Applications and Websites, Block Lists (if there is a specific person you are hiding your page from), and your Basic Directory Information.

Keep in mind, while the ability to understand your privacy settings has been made simpler, the settings themselves have not changed. You are still sharing information with businesses and advertisers with every “like” you click. Your interests are still linked and by choosing friends of friends you are still basically allowing everyone to view your profile.

Also, one of the main gripes about the recent Facebook Changes was the new “Instant Personalization” feature, which provides information about you to Yelp, Pandora, and a new Microsoft service called Docs.com to help them customize your experience. The main issue was that it was turned on by default – and it still is! If you don’t want to share this information, make sure you visit the Privacy Settings for Instant Personalization and turn it off.

Although these settings will help you keep your Facebook Profile protected, it isn’t foolproof. We offer a Facebook Safety Survival Guide that can help you protect yourself and your children online.  The best way to protect yourself while on social networking sites is to limit what you post and use your common sense.

John Sileo helps businesses tackle social networking privacy concerns. His clients include the Department of Defense, the FTC, Pfizer and the FDIC. John also wrote the Facebook Safety Survival Guide. To learn more about having him speak at your next meeting or conference or working directly with your business, contact him by email or on 800.258.8076

Medical Identity Theft Increasing

Medical records are one-stop shopping for identity thieves. There is no need to slowly gather bits and pieces of someone’s personal information – it’s all packaged together: Social Security number, name, address, phone number, even payment accounts. Crooks have received everything from medication to a liver transplant using a stolen identity. And that’s only the tip of the iceberg! More than just medical treatment is at stake. Once a thief’s medical information is entered into your records, it’s extremely difficult to get rid of that information. It’s conceivable, for example, that at a later date, you’ll need a Type A blood transfusion but be given the thief’s Type B with dire consequences.

Identity theft of medical records has more than doubled since 2008, as stated in Javelin’s 2010 Identity Fraud Survey Report. It’s not difficult to imagine the misery that a million Americans have suffered during the past two years when their identities were stolen. And the Poneman Institute, in their National Study on Medical Identity Theft, states that another half million people loaned their insurance cards to uninsured family members and friends. The unsavvy lenders have incurred huge medical bills in this “friendly fraud”.

Larry Ponemon says that, on average, it costs $20,000 to resolve a medical identity theft case. Unlike credit card companies,where the banks incur the losses, the victims often have to pay for the fraudulent care and sometimes lose their health insurance or have to pay higher premiums to restore their accounts. Even though there are HIPAA laws to protect your privacy, not all health care organizations have strict safeguards in place.

The risk goes even further: if someone is treated using your identity, your medical records will more than likely be altered and could compromise your treatment and ability to get service.  According to Larry Ponemon, “stolen medical records offer a complete dossier to get a passport in a victim’s name that could be used for terrorism.”

Ways to Protect Yourself:

  • When you receive an Explanation of Benefits from insurers, read it carefully and save – don’t throw it away even when it says “this is not a bill”! If a treatment date or doctor’s name is not familiar to you, call the insurer and the billing physician to resolve.
  • If your wallet is stolen, contact your insurance company just as you would your credit card company. Don’t carry your Medicare card in your wallet. Carry a photocopy and black out the last four digits of the SS#.
  • Urge your health care providers to ask patients for photo ID’s.
  • Ask your doctors for copies of everything in your medical files, even if you have to pay for them.
  • Monitor your credit report at www.AnnualCreditReport.com. If you see medical billing errors, contact your insurer and the three credit bureaus, TransUnion, Experian, and Equifax.
  • Avoid Internet and storefront offers of free treatment and supplies.
  • Ask for a list of benefits paid in your name and an “accounting of disclosures” which shows who got your records.

John Sileo became one of America’s leading Information Control Speakers & sought after Identity Theft Experts after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Social Engineering Expert Quoted in CSO Article

Quoted from the original CSO Online story:

Social engineering stories: The sequel

Two more social engineering scenarios demonstrate how hackers still use basic techniques to gain unauthorized access, and what you can do to stop them

By Joan Goodchild, Senior Editor
May 27, 2010 —

John Sileo, an identity theft expert who trains on repelling social engineering, knows from first-hand experience what it’s like to be a victim. Sileo has had his identity stolen—twice. And both instances resulted in catastrophic consequences.

The first crime took place when Sileo’s information was obtained from someone who had gained access to it out of the trash (yes, dumpster diving still works). She bought a house using his financial information and eventually declared bankruptcy.

“That was mild,” said Sileo, who then got hit again when his business partner used his information to embezzle money from clients. Sileo spent several years, and was bankrupt, fighting criminal charges.

Now that he has come out of it all innocent, he spends his time assisting organizations train employees on what social engineering and identity theft techniques look like.

ow that he has come out of it all innocent, he spends his time assisting organizations train employees on what social engineering and identity theft techniques look like.

“I’m trying to inspire employees to care about privacy,” he said. “If they don’t care about it at a human level, they are not going to care about the company’s privacy policy or IT security. You’ve got to get it at a primal personal level.”

Sileo ran through some memorable social engineering scenarios he’s heard during his years as a security lecturer. The first is taken from his upcoming book

Continue Reading Social engineering stories: The sequel

If you are serious about training your staff on social engineering scams, fraud detection and protecting your business from a costly data breach, start with the items above and then bring a professional social engineering expert to your next meeting or conference. Email us for more information or contact one of us directly on 800.258.8076.

Spokeo: Scary Bad & How to Opt Out

I found out a way to get yourself off spokeo.com!

Go to the website and look yourself up, then click on your name… once you have done that copy the URL in your web browser. Now, go to the bottom of the page. In small faded blue text, click privacy (third from the left). At the bottom of this page, you will find an “Opt Out form” link. Select that and then paste the URL link you copied from the page you found yourself on and enter your email and the “I’m not a robot” box. This is a case where I would use a second email account (your designated junk-email account), not your main email to avoid the build up of possible spam emails that follow. It will then send you an email confirmation where you must click the URL to confirm removal.  Voila! You have been removed.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him regarding speaking opportunities directly on 800.258.8076.