Tag Archive for: John Sileo

10 Times NOT To Use Your Debit Cards this Holiday Season!

As you head into the holiday season, one of the best steps you can take to protect your bank account is to eliminate the use of your debit card. While delivering a keynote speech in Washington DC last week, someone asked me if I could name ten times when you should NOT use a debit card.  I replied, “It’s a trick question because the answer is NEVER!” I seriously do feel that way, but I know there are people who either need to or prefer to use a debit card rather than a credit card or cash, so I want you to be informed about how to use it wisely.

First, make sure you understand the difference between a credit and debit card.  While they appear identical and can often be used interchangeably, remember that a debit card is a direct line to your bank account.  If a thief gets ahold of your debit card information, they essentially have access to your account.  One of the biggest differences comes to light when fraud occurs.  Credit card users can simply decline the charges and not pay the bill.  Debit card fraud comes straight out of your bank account and is much harder to fight or reclaim the money that as been debited. In the meantime, while you prove it was fraud, you’re out the cash.

Here is a Top Ten List of times to choose credit over debit.

10. Booking future travel

If you book your travel with a debit card, they debit your account immediately,. So if you’re buying travel or making a reservation that you won’t use for several months, you’ll be out the money immediately.  Also consider that many large hotels have suffered data breaches.

9. Hotels

Many hotels follow the practice of using your debit card to place a hold on your money (sometimes hundreds of dollars) to make sure you don’t run up a long distance bill, empty the mini bar or trash the room. The practice is almost unnoticeable if you’re using credit, but can be problematic if you’re using a debit card and have just enough in the account to cover what you need.  Be sure to ask about their “holding” policy if you are using a debit card.

8. Expensive purchases

This one is simple.  If something goes wrong with the merchandise or the purchase, a credit card offers rights to dispute and stop payments much easier than a debit card. You have a much shorter window for reporting and resolving an issue and may even be responsible for all charges if you wait too long.

7. Rental or security deposits.

Say you want to rent a car or borrow a Bobcat from your local home improvement store.  Remember that when you use a debit card to put down a deposit, that money is temporarily unavailable to you.  Of course, you’ll get the money back when you return the car or equipment, so this is no big deal if you have the money to spare until that time. But with a credit card, the money is just “frozen” and not actually charged so you won’t ever notice it’s gone.

6. Regular/recurring payments

You’ve heard about someone who quit a gym or discontinued a magazine subscription only to find that they kept getting billed. If you used a debit card for those payments, they’ll just keep coming right out of your bank account.  (Using a credit card is also a good way to ensure you don’t forget to make that monthly debit in your check register!)

5. Wi-Fi hot spots

Never use your debit card for an online purchase while at a coffee shop or other business that offers free wi-fi access.  Many of those businesses have unsecured wireless connections, so it’s much easier for hackers and scammers to log on and steal your data.

4. Restaurants

Anytime the card leaves your sight, you should NOT use your debit card. The waiter coming to your table has alone time with your card, giving them the opportunity to copy your card information.

This also applies to ordering food for delivery.  Restaurants that deliver tend to keep customer payment information on file in order to make future orders more convenient.

Another problem with using a debit card at restaurants is that some establishments will approve the card for more than your purchase amount because, presumably, you intend to leave a tip. So the amount of money frozen for the transaction could be quite a bit more than the amount of your tab. And it could be a few days before you get the cash back in your account.

3. Outdoor ATMs

Outdoor ATM machines provide the perfect opportunity for thieves to skim users’ debit cards.  Skimming is the practice of capturing a bank customer’s card information by running it through a machine that reads the card’s magnetic strip. Criminals place these machines over the real card slots at ATMs and other card terminals.  If the public has access to it, so do data criminals.  Use the ATM just inside the bank where it is under constant surveillance. And no matter what, look for devices or cameras on the ATM machine that aren’t normally there.

2. Gas stations

Every gas pump asks, “Credit or Debit?” these days.  Don’t choose the debit option!  Go inside and pay cash if you choose not to use your credit card!  There are three reasons.  One, it’s fairly easy for a thief to insert a skimmer and then sit nearby with a laptop accessing your information.  Even if the thief doesn’t manage to get your debit card personal identification number, or PIN, from such a device, he still may be able to duplicate the card’s magnetic strip and use it for “sign and swipe” Visa or MasterCard transactions.

Thieves can also sit nearby using small cameras to capture footage of debit card users entering their PINs. Finally, similar to the hotel example above, your debit card may be used to place a hold for an amount larger than your actual purchase.   So, even though you only bought $10 in gas, you could have a temporary bank hold for $50 to $100, says Susan Tiffany, director of consumer periodicals for the Credit Union National Association.

1. Online

Using you debit card online is like asking for your bank account to be emptied. There is just way too much potential for hacking at many different points in a transaction.  It could occur due to malware on the computer, someone could be “eavesdropping” via a wireless network, or it could happen once in the hands of the merchant due to a data breach.  If you have a problem with the purchase or your debit card number is stolen, it’s a huge hassle to get the money restored to your account and make your card number safe and secure again.

Keep it simple and just always use a credit card. I realize that it is easier to spend more money when it’s not coming directly out of your account, but it’s better to resist the temptation to spend for the added security provided. 

John Sileo is an author and highly engaging keynote speaker on internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Elder Fraud Expert Answers: How do I prevent & resolve it?

The past two blogs have outlined why seniors are targeted, what signs to watch for, and some common schemes.  Now for the truly important info: How to prevent elder fraud from happening and what to do if it does happen!

  • Report actual or attempted elder fraud (or any type of fraud) via Fraud.org’s Online Complaint Form.
  • Change the phone number if a senior is receiving excessive sales calls.
  • Change the bank account or credit card numbers if they have fallen into the hands of thieves.
  • Avoid getting on sucker lists. Don’t fill out contest entry forms at fairs or malls—they are a common source of “leads” for con artists. Ask companies you do business with not to share your personal information with other marketers.
  • Know your “Do-Not-Call” rights. Under federal law, you can tell a telemarketer not to call you again and you can file a complaint on the Do Not Call website.
  • Make sure you know the company you are dealing with. If it’s an unfamiliar company or charity, check it out with your state or local consumer protection agency and the Better Business Bureau.
  • Screen your calls. Use an answering machine, Caller ID, or other services that may be available from your phone company to help you determine who you want to talk to and who you want to avoid.
  • Never sign blank insurance claim forms.
  • Never give blanket authorization to a medical provider to bill for services rendered.
  • Ask your medical providers what they will charge and what you will be expected to pay out-of-pocket.  Get it in writing.
  • Carefully review your insurer’s explanation of the benefits statement. Get an annual “Benefits Request Checkup” from your insurance provider to see a list of all benefits and services paid in your name.  Call your insurer and provider if you have questions.
  • Do not do business with door-to-door or telephone salespeople who tell you that services of medical equipment are free.
  • Give your insurance/Medicare identification only to those who have provided you with medical services.
  • Keep accurate records of all health care appointments.
  • Use caution when purchasing drugs on the Internet. Do not purchase medications from unlicensed online distributors or those who sell medications without a prescription. Reputable online pharmacies will have a seal of approval called the Verified Internet Pharmacy Practice Site (VIPPS), provided by the Association of Boards of Pharmacy in the United States.
  • Always ask for and wait until you receive written material about any offer or charity. If you get brochures about costly investments, ask someone whose financial advice you trust to review them.  Remember, even a classy brochure can be a hoax!
  • Always take your time making a decision. Legitimate companies won’t pressure you to make a snap decision.
  • Don’t pay for a “free prize.” If a caller tells you the payment is for taxes or shipping fees, he or she is violating federal law.
  • Never send money or give out personal information such as credit card numbers and expiration dates, bank account numbers, dates of birth, or social security numbers to unfamiliar companies or unknown persons.
  • Get a second opinion!  When filling out important forms or making a big financial decision, ask someone you trust to look it over and talk it over before giving away any personal information.
  • Get help when using the internet, especially concerning financial transactions.  NEVER give out personal information such as SS numbers or credit card information. Remember that older grandkids make great resources when it comes to using the Internet because they are true digital natives.

Remember, you’ve worked hard to reach a point where you can enjoy your golden years.  Don’t let someone else enjoy the fruits of your labor.  Be vigilant and be protected!

John Sileo is an author and highly engaging speaker on business fraud, internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Elder Fraud Expert Answers: What are the Most Common Schemes?

In our previous blog we talked about why senior citizens have become such a target for con artists and even unscrupulous relatives to commit elder fraud and take their hard-earned money.   We also talked about signs that they may be being duped.  Today, we want to make you aware of the variety of schemes that are out there.  This is by no means a complete list, but will give you a pretty good idea of what to watch for.

Common schemes:

  • The “Grandparents Scam”: someone phones or e-mails and pretends to be a grandchild in trouble. The elderly person, who may not have much contact with their grandchild, might be convinced and may wire money or send a prepaid debit card to help.
  • Offers of “freebies”: the Better Business Bureau of eastern Michigan reports that scammers now are offering seniors $3,000 in “free groceries savings certificates” along with a free medical alert bracelet. The scam may lure people to give away bank account information.
  • Enticing links on websites lure inexperienced seniors into divulging personal information.
  • Con artists may attend the funeral service of a stranger claiming that the deceased had an outstanding debt with them.
  • Reverse mortgage scams: the FBI reports that victims are offered free homes, investment opportunities and foreclosure or refinance assistance.
  • Thieves steal personal information and contact the Social Security Administration to change the payment routing information to the thieves’ own bank accounts or prepaid debit cards.
  • Fake lottery/sweepstakes: seniors are enticed into buying inexpensive knick-knacks or magazine subscriptions (which they do receive) in order to be entered into a contest.  Another variety is they receive an official looking check saying they’ve won a foreign lottery.  In both cases, they are asked to give up personal information to proceed.
  • The discount prescription scam: seniors are offered prescription drugs at a significant discount, but are required to pay a $200 membership fee or give up their credit card information.
  • The “credit card company” calls:  a polite caller says he’s from the senior’s credit card company and is investigating a possible fraudulent purchase. He even IDs the last four digits of the charge card as proof. When the senior denies making the purchase, the caller offers to reverse it immediately, but asks for the verification code on the back of the credit card.
  • Door-to-door solicitors ask for donations on behalf of charitable organizations.
  • Telemarketing fraud: according to the National Consumers League, nearly a third of all victims are age 60 or older. Studies by AARP show that most older telemarketing fraud victims don’t realize that the voice on the phone could belong to someone who is trying to steal their money.
  • Medical Equipment Fraud: equipment manufacturers offer “free” products, such as wheelchairs or oxygen tanks, to individuals. Insurers are then charged for products that were not needed and/or may not have been delivered.
  • “Rolling Lab” Schemes: unnecessary and sometimes fake tests are given to individuals at health clubs, retirement homes, or shopping malls and billed to insurance companies or Medicare.
  • Services Not Performed: Customers or providers bill insurers for services never rendered by changing bills or submitting fake ones.

This list truly only scratches the surface of what is out there, but it gives you a good idea of just how vigilant seniors and their caretakers need to be.  In our next blog, we will provide a list of what seniors need to do to prevent becoming a victim of scams and what to do if it does happen to them.

John Sileo is an author and highly engaging speaker on fraud, internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Elder Fraud Expert Answers: Why Are Senior Citizens Targeted?

 

Imagine spending your whole life working hard, saving wisely and spending conscientiously—only to have your comfy “nest egg” taken away by unscrupulous scammers or even your own greedy relatives in your golden years.  Sad to say, this is a scenario that is far too common; up to 80% of scam victims are over 65, according to the U.S. Federal Trade Commission. A 2009 study by MetLife’s Mature Market Institute estimates that seniors lose approximately $2.6 billion per year to elder fraud, or what they call financial abuse, meaning fraud by outside scammers or theft by family members and acquaintances.

And this issue will take on even more importance in the years to come as the senior population in America grows.  According to the U.S. Census Bureau, there were 37.3 million people 65 and older in the United States as of 2006.  This group is expected to double in size within the next 25 years. By 2030, almost 1-out-of-5 Americans – some 72 million people- will be 65 years or older.

A scan of recent alerts from the Senior Journal shows a wide variety of areas that require constant vigilance:

By definition, Elder Fraud targets seniors, but why?

  • Senior citizens are most likely to have significant savings, to own their home and/or to have excellent credit—all very desirable to criminals.
  • People who grew up in the 1930s, 1940s, and 1950s were generally raised to be polite and trusting.  They are less likely to be suspicious of a nice salesperson, say no or hang up on pushy telemarketers.  There is even a study showing that we get more trusting as we age.  Through MRI testing, researchers at  the University of California, Los Angeles found that the area known as the anterior insula, which is associated with “gut feelings,” became more active in the younger subjects at the sight of an untrustworthy face. Older subjects, however, showed little to no activation in this area.
  • Seniors can be less comfortable with technology and inadvertently share information online or click on links that makes them vulnerable.
  • Criminals know that seniors are less likely to report a fraud.  This could be either because they don’t know who to report it to, are too ashamed at having been scammed, or don’t even know they have been scammed. Many are afraid to appear as if they have lost the ability to make sound decisions to their relatives, so they just keep it to themselves.
  • If an elderly victim does report the crime, scammers know that they often make poor witnesses.   The effect of age on memory combined with the amount of time that often passes between the crime, the realization, and actually acting on it makes it difficult for elderly victims to supply enough detailed information to investigators.
  • Senior citizens are more interested in and susceptible to products promising all sorts of wonderful results, from anti-aging creams to improved memory to medical cures.  In a world full of the miracles they’ve witnessed in their lifetimes, nothing seems too good to be true.  And if they can get a bargain on it, so much the better!

Elder Fraud Warning Signs:

  • You notice an excess amount of ATM or bank account withdrawals, perhaps even exceeding the daily maximum allowed on that account.
  • The senior is bouncing checks, which might indicate an unexpected loss of money.
  • There are debit transactions that don’t seem to make sense for an older adult.  Also, there may be debits that the person can’t remember or explain.
  • The older adult may be suddenly wiring large sums of money or writing large checks.
  • He or she may close a certificate of deposit, even though a large penalty would be paid for early withdrawal before that CD matured.
  • The bank is unable to speak directly with the older adult, despite repeated attempts to contact him or her.
  • A “new friend” suddenly begins handling the money for a senior.
  • The senior receives excessive amounts of junk mail.  (Once a senior takes the bait for one scam, thieves sell the person’s name, address and telephone number, and fake mailings proliferate.)
  • The phone rings excessively with sales calls.
  • He or she may be having difficulty buying groceries and paying bills.
  • They seem to receive lots of cheap items such as costume jewelry, beauty products, water filters, and knick-knacks that they bought to win something or received as prizes.

Tomorrow, we will outline common schemes that are used to prey on senior citizens.

John Sileo is an author and highly engaging speaker on fraud, internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Digital Footprint: Exposing Your Secrets, Eroding Your Privacy

Does your digital footprint expose your secrets to the wrong people? 

National Public Radio and the Center for Investigative Reporting recently presented a four part series about privacy (online and off) called, Your Digital Trail. To get the gist of how little privacy you have as a result of the social media, credit cards and mobile technology you use, watch this accurate and eye-opening explanation of how you are constantly being tracked. 
[youtube https://www.youtube.com/watch?v=bqWuioPHhz0]Marketers, data aggregators, advertisers, the government and even criminals have access to a vivid picture of who you are. NPR calls it your digital trail; for years, I’ve referred to it as your digital footprint. Let’s take quick look of what makes up your digital footprint.

What is your digital footprint? 

Just like a car leaving exhaust as it runs, you leave digital traces of who you are without even knowing it. Here is a partial list of the ways that you are tracked daily: cookies on your computer, apps on your smartphone or tablet, your IP address, internet-enabled devices, search engine terms, mobile phone geo-location, license-plate scanners, email and phone record sniffing, facial recognition systems, online dating profiles, social networking profiles, posts, likes, and shares, mass-transit smart cards, credit card usage, loyalty cards, medical records, music preferences and talk shows you listen to on smartphone apps, ATM withdrawals, wire transfers and the ever-present, always rolling surveillance cameras that tell what subway you rode, what store you shopped in, what street you crossed and at what time. Is there anything, you might ask, that others don’t know about you? Not much.

What happens to your data that is tracked? 

According to NPR, a remarkable amount of your digital trail is available to local law enforcement officers, IRS investigators, the FBI and private attorneys. And in some cases, it can be used against you.

For example, many people don’t know their medical records are available to investigators and private attorneys. According to the NPR story, “Many Americans are under the impression that their medical records are protected by privacy laws, but investigators and private attorneys enjoy special access there.”  In some cases, they don’t even need a search warrant, just a subpoena. In fact, some states consider private attorneys to be officers of the court, so lawyers can issue subpoenas for your phone texts, credit card records, even your digital medical files, despite the HIPAA law.

Kevin Bankston, senior attorney with the nonpartisan Center for Democracy and Technology, explains that the laws that regulate the government regarding privacy were written back in the analog age, so the government often doesn’t have many legal restraints. When the Fourth Amendment guaranteeing our rights to certain privacies was written, our Founding Fathers weren’t thinking about computers and smartphones!

Specifically, the Fourth Amendment states, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”  In the “old days” police would have had to obtain a search warrant (showing probable cause) and search your home for evidence of criminal activity.

But since the 1960’s and 1970’s, the Supreme Court and other courts have consistently ruled that if you have already shared some piece of information with somebody else, a warrant is no longer needed.  So now when you buy something with a credit card (letting your credit card company know what you’ve purchased), or drive through an intersection with license plate scanners (telling law enforcement where you’ve been) or Like something on Facebook (letting the social network and everyone else know your preferences), you have, in essence, given the government (as well as corporations and criminals) the right to gather information about you, whether you are guilty of anything or not.  So much for probable cause.

In this age of cloud computing, the issue becomes even more, well, clouded.  Take the case of a protester arrested during an Occupy Wall Street Demonstration in New York City.  The New York DA subpoenaed all of his tweets over a three and a half month period.  Of course, his lawyer objected, but the judge in the case ruled that the proprietary interests of the tweets belonged to Twitter, Inc., not the defendant!

How can we defend our digital footprint against privacy violations? 

My takeaway from the NPR piece? We are so overwhelmed by the tsunami of privacy erosion going on, by the collection, use and abuse of our digital footprints, that the surveillance economy we have created will only be resolved by broad-stroke, legislative action. Until that happens, corporations, criminals and even our government will consume all of the data we allow them to. And so will we.

John Sileo is an expert on digital footprint and a highly engaging speaker on internet privacy, identity theft and technology. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Can Medical Identity Theft Really Kill You? [Burning Questions Ep. 2]

There has been a great deal in the news about medical identity theft leading to death. Is it possible? Yes. Is it likely? Less likely than dying of a heart attack because you eat too much bacon. But let’s explore the possibility of death by medical identity theft (below, in this article), and why the threat gets sensationalized (in the video).

Read more

Baby Cam Hacked: What You Can Do To Protect Yourself and Your Children

The story about the Texas parents who were terrified when their child’s video baby monitor was hacked struck me at first as a minor incident when viewed in the whole scheme of the world of hackers.  After all, it is a rare event, no one was hurt, no threats were overtly made, and the child herself even slept through the event.  But when I read more about it, I became increasingly bothered by the fact that I was not initially bothered by it!  I mean, is that the creepiest of all feelings, to know that a stranger is watching your kids?

Here’s the summary for those who missed the story.  Marc and Lauren Gilbert were in another room when they heard strange sounds coming from their daughter’s monitor.  When they went into her room to investigate, they realized it was a strange man’s voice coming through the monitor and saying disturbing things, even using the child’s name, which could be seen above her bed.  The child, who was born deaf and had her cochlear implants turned off, slept through the entire incident.  Gilbert immediately disconnected the device, which was hooked up to the home’s wireless Internet system.

It is believed the webcam system, Foscam wireless camera, was compromised.  In April, a study was released revealing potential vulnerabilities; in it the researchers said the camera would be susceptible to “remote Internet monitoring from anywhere in the world” and that thousands of Foscam cameras in the U.S. were vulnerable.  A glaring flaw (which has since been “fixed” by a firmware update in June) is that users were not encouraged to have strong passwords and were not prompted to change from the default admin password.  Gilbert said he did take basic security precautions, including passwords for his router and the IP cam, as well as having a firewall enabled.

For an interview with Fox and Friends, they asked me to consider the following questions.  I’d like to share my answers with you in case you missed it.

How easy is it to hack a baby monitor?

It’s probably an apt cliché to say it’s as easy as taking candy from a baby. Just like with any device, an iPhone, laptop, home Wi-Fi, it’s only as secure as you make it. If you’ve taken no steps, it’s relatively easy to hack. You don’t make the problem go away by ignoring it.

Why would someone do this?

Some do it for the challenge, some for the thrill of controlling other people’s lives, and unfortunately, others do it because they are sick individuals that want to watch what you do in the privacy of your home.

Is this one of the more scary cases of hacking a household device you’ve seen?

This one hits close to home because it takes advantage of our kids, but I’ve seen pacemakers turned off, blood pumps shut down, brakes applied in cars, and all of it done remotely by outsiders who are never even seen. If the device is connected to a network, I guarantee you it can be hacked, and in most cases, you never know the bad guys are in control.

How can we avoid this type of hacking of our personal devices, whether it’s a video baby monitor, an iPhone or a pacemaker?  

The good news is that’s it’s the same steps you probably already take on your other devices, like laptops, smartphones and iPads:

  1. Buy Digital. Only buy a digital monitor that is password protected, not an analog version that operates on an open radio frequency.
  2. Change Default Passwords. During setup, change the factory defaults on the monitor so that the password is long, strong and device specific. This case we are talking about probably had a default password in place, making it easy to hack.
  3. Firewall Your Privacy. Install a firewall between your Internet connection and ALL devices to keep the peeping Toms out. Hire a professional to set it up properly.
  4. Lock Down Wi-Fi. Make sure your Wi-Fi network is locked down properly with WPA2+ encryption and SSID masking so it can’t be hacked.
  5. Turn Devices Off. If you are not using the device, turn it off, as hackers can more easily crack devices that are up 24/7.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Gladys Kravitz is Sniffing FREE WiFi Hotspots for Your Secrets

The free WiFi hotspot ritual is habitual. You head to your favorite café to get some work done “away from the office”. Justifying your $4 cup of 50 cent coffee with a Starbucks-approved rationalization (“I work so much more efficiently at my 3rd spot!”), you flip open your laptop, link to the free WiFi and get down to business. The caffeine primes your creativity, the  bustling noise provides a canvass backdrop for your artful work and the hyper-convenient Internet access makes it easy for someone else (think organized criminal) to intercept everything you send through the air.

At the table next to you, drinking a free glass of water (these guys are too smart to pay that price for a cuppa joe), sits a hacker running a piece of software that sniffs the data you send over the free (unprotected) WiFi. They watch your private data like Gladys Kravitz stalking the very bewitching and often nose-wriggling Samantha. When you log in to your webmail account, they record your username (usually your email address) and password. Since you use the same password for many different websites, they run an automated computer program that attempts to log into every bank in the world using that username and password. When it fails, the program automatically increments your email password in every way possible until it eventually cracks your banking code.

By the time you head for a latte refill, you can no longer afford it. (This is one effective way to break the Starbucks habit). Most of us have been well trained to unthinkingly connect to the FREE WiFi hotspot at cafés, airports and hotels. Wireless technology is both useful and powerful, but operating it without protection is like skydiving with a parachute that you never deploy (it’s a fun ride while it lasts…). If you connect to any WiFi hotspot without first having to log in with a unique username and password, there is nothing that masks your data as it travels through the air. (Watch the 9News Investigation Video with Jeremy Jojola for a sample).

How to use a free WiFi hotspot without crash landing

Like our previously mentioned skydiver, you want not only to put on your parachute before you jump, but to pull the cord before you taste dirt. Here are some simple steps you can take, along with a “How To” video, before you jump on your next free WiFi hotspot:

  1. HTTPS Surfing. If you absolutely must use the free WiFi hotspot, only exchange information over websites with encrypted connections. What’s an encrypted connection and how can you tell? Watch this short video to learn how to tell if you are on a safe, https internet connection. If you are, all of the data that goes between your device and the WiFi hotspot (and eventually onto the Internet), is scrambled and protected by a passcode (the encryption part) that makes it much harder to intercept. Banks (see video), Gmail and even Facebook (see video) offer HTTPS connections. Sometimes all you have to do on a website is to change your security defaults! If your connection is regular old http (no “s” at the end), just know that your data can be free for all to see (if they have the right tools).
  2. Tethering. Also known as a personal WiFi hotspot, tethering is the act of using your smartphone’s encrypted cellular connection to the Internet to surf securely from your mobile device. Tethering works for laptops, tablets and iPods and is relatively simple and inexpensive to use. To tether your computing device to your smartphone, simply contact your mobile provider (Verizon, AT&T, Sprint, T-Mobile, etc.) and let them know that you want to be able to connect your computing device to your smartphone (you want to tether). They will let you know that it costs about $15 per month (well worth the protection), will turn it on and will walk you through setting up both your smartphone and device so that they communicate with the Internet in a well-protected manner. Note: Many tablets, like the iPad, now come with cellular data access built into the device. So, for example, if you have an iPad with Wireless + Cellular capability, you can almost always connect via your cellular connection (just like your phone connects) and never even have to utilize free WiFi (though it’s still safe to use the secure Wifi in your home and office). You can do the same thing by accessing the Internet via your smartphone that is NOT connected to WiFi. Cellular surfing can be a bit slower, but it is considerably more private.
  3. VPN Software. Using a VPN (or virtual private network software), is a safer way to surf on free WiFi. Think of it like this: it takes the same protections you get when using an https connection and applies them to all of the URLs you visit. VPNs are standard gear for business users, but individuals need them just as much as corporations. One of the more popular VPNs for consumer use is Hotspot Shield VPN (this is not an educated endorsement of the product, just an example). The good part about a VPN is that it protects your data transmissions over the internet at all times, not just when using free WiFi.

Better yet, utilize all three solutions and find yourself 100% safer than the Frappuccino lover over at the next table. Mobile computing will increase your productivity, your connectivity and your flexibility. But to do it without a bit of security preparation is to court digital suicide.

John Sileo not only uses free WiFi hotspots (wisely), he is an internationally recognized keynote speaker on how to keep your employees from making poor data security decisions regarding identity, privacy and reputation protection. His happy clients included the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.  Tyler Tobin, the CEO and Chief Hacker for Tobin & Associates LLC, is a world renowned Professional White Hat Hacker. His firm specializes in performing compliance, GLBA and full-blown security assessments. His customer base is both regional and global. Assessments include social engineering, external and internal vulnerability and penetration testing and compliance examinations (SEC, SOX, SSAE and GLBA).

Check washing & check fraud can dirty your spring cleaning

Check washing is so simple, you must learn to prevent check fraud

Are check fraud and check washing still relevant in the age of digital payments? If you’re like the average person, chances are you don’t write too many checks anymore. With the convenience of online payment options, nearly universal acceptance of credit and debit cards, and the proliferation of ATMs offering you easy access to money at every turn, why resort to the archaic, labor-intensive method of writing a check?

The simple answer—sometimes we have no other choice!  Some places still don’t accept credit cards (Costco if you don’t have an American Express), or they charge an extra fee for them.  Some retailers don’t offer online payment options.  And frankly, sometimes it’s just an old habit and we haven’t made the effort to find a safer option because we’re stuck in the mindset of “it’s never happened to me” when thinking about check fraud.

Yet, according to a recent AFP Payments Fraud and Control Survey, checks remain the payment type most vulnerable to fraud attacks. In an American Bankers Association Deposit Account Fraud Survey, 73% of banks reported check fraud losses totaling approximately $893 million. And perhaps scariest of all, the imprisonment rate for check fraud is only 2% according to a statement made by the Department of Justice.  So although it’s not as glamorous or high tech as some other forms of fraud, check fraud is very tempting to criminals. It’s often as easy as taking an afternoon stroll down a street looking for vulnerable mailboxes, and then doing a little bit of “laundry”.

Check Washing Check Fraud

One form of check fraud that hits home for businesses and individuals alike is check washing.  It is the practice of removing legitimate check information, especially the “Pay To” name and the amount, and replacing it with data beneficial to the criminal (his own name or a larger amount) through chemical or electronic means. We conducted our own experiment to see just how easy it is to alter a check.  Take a look at our results in the video above.

What can you do to prevent this form of check fraud from happening to you?  There are many steps you can take:

  • Always use high security checks with multiple check fraud and check washing countermeasures
  • Use security gel-based pens with dark ink 
  • Don’t leave mail containing checks in an unattended or unlocked mailbox  (i.e. w/ red flag up)
  • Buy a locking mailbox (one large enough for a postal carrier to put mail through, but not large enough for a hand)
  • Shred voided checks
  • Check your bank statements regularly and immediately when you receive them.  You have a limited time in which to report check fraud.
  • Put clear tape over important fields when mailing a check
  • Do not leave blank spaces on payee or amount lines
  • Have new checks delivered to your bank if possible so they are not sitting in your unattended mailbox

Businesses are highly susceptible to massive check fraud via check washing, because the balances in their accounts tend to be higher and more vulnerable. This simple change from regular checks to high security checks can drastically reduce your risk of check washing and check fraud.

John Sileo is CEO of The Sileo Group, and a  keynote speaker on cyber security, identity theft and business fraud prevention. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.