Posts

Safe Online Shopping on Cyber Monday

It’s almost Cyber Monday, so tell me something – why do you shop online? Because it’s super convenient! Or because you get better pricing? Maybe it’s because you’re allergic to hand-to-hand combat on Black Friday? I’m a huge fan of shopping online to save time, money and brain cells. But if you have bad surfing hygiene, you’re just asking identity thieves to go on a shopping spree with your money. And it’s so easy to avoid if you know how. Which you’re about to.

Thanks for joining me here on Sileo on Security, where we believe there’s no need to fear online shopping if you surf wisely. I want to share nine habits with you over the next three episodes that will keep your digital shopping cart safer than the real thing.

The first habit is just common sense. Please, stick to reputable websites with a proven track record. If you haven’t used the site in the past or if it isn’t a recognizable brand like Amazon, research before you buy! If you shop there in person, you’re probably safe online. When you buy only based on price, you generally get what you pay for. Cheap products, shipping charges, MALWARE! Also be careful about imposter websites with URLs that look almost exactly like the real one.

Next, always LOOK for the LOCK. If your browser doesn’t show a padlock in the URL bar and doesn’t start with the address HTTPS://, don’t fill out ANY forms or send ANY information via that website. The S in the address stands for secure, and everything else is just faking it! [No “S”, No $]

Third – you may get sick of hearing me say this one, but it’s so important to use strong passwords on all of your internet accounts. The easiest way for a hacker to spend your money is to crack your account because your password is your dog’s name, a word in the dictionary or something thieves can find on your MySpace profile. You don’t still have a MySpace profile?

Your One-Minute Mission today is quick and easy. Log in to the ecommerce websites you shop on most often – so for me, in order, I’d go to Amazon, Zappos, DaintyCandles.com, PayPal – you know, the usual suspects. Once you login, make your password longer and stronger than it already is. Just doing this, occasionally changing your passwords, makes thieves work a whole lot harder for those candles.

And then, as you always do, make sure that you tune in for the next episode of SOS, where I’ll give you intermediate steps to protect your online identity.

All of us at The Sileo Group wish you a happy and healthy holiday season!

Data security breach attacks intensify as banks’ websites are struck

Several major American banks saw hackers take over their websites recently. We’re not talking covert fraud or spying here, but an explicit data security breach disabling official websites. It’s debilitating, it’s devastating-and it’s becoming more prevalent.

American Express and JP Morgan have been the targets of sophisticated strikes that resulted in their websites being disastrously compromised. Even if the effects were only temporary, the fact that hackers were able to accomplish such a significant breach should serve as a major warning to corporations and government officials alike.

A data security breach is always an alarming state of affairs, but this current rash of criminal activity seems to focus more on aggressive tactics than is usually the case. And these data security breaches may be the result of nationally sponsored efforts. According to the New York Times, one group, known as “Izz ad-Din al-Qassam Cyber Fighters” seems to have come forward in relation to these attacks. The U.S. isn’t the only one to be the subject of such nasty attention: South Korea lost access to thousands of computers last month, and the European web protection group known as Spamhaus has been the target of an attack of staggering proportions.

It is a critical time for those concerned about online security. The amount and intensity of threats in the digital world have never been more apparent. While it’s refreshing that government agencies are taking increased notice of these instances, it will take more than awareness to prevent important information from falling into the hands of outside forces: the fact that these events have occurred so close to each other is not exactly encouraging. For now, it’s worth remembering that a data security breach can have a wide range of effects, and leave your business and your identity in shambles.

John Sileo is a cyber security expert and keynote speaker on data security, privacy and identity theft. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Tired of Being Tracked by Websites? Do Not Track is Here.

In response to the growing demands for more privacy on the internet, Mozilla implements a Do Not Track option in Firefox 4.

The most recent version of Mozilla Firefox, which was rolled out this February, offers users the option to opt-out of website tracking. Once enabled, the user’s preference to not be tracked is automatically sent to the website. That doesn’t mean that the website has to do anything about it, but there will probably be a bit of a stink about those sites that don’t respect user’s privacy preferences (it would be the equivalent of someone making a sales call to you after you join the Do Not Call list). Unfortunately, most users will never know which websites are participating in the opt-out Do Not Track function.

Learn more about Firefox’s Do Not Track Technology and about the Big Brother issues posed by companies tracking your every move on the internet.

In my opinion, beginning to solve the surfer privacy issues at the browser level is the right direction to take. It is the most universal gate through which all surfers pass – no one visits a website without touching a browser. If consumers get behind the technology now and let the companies they do business with know that they expect them to honor Firefox’s Do Not Track technology, there will be no option but to acquiesce.

Mozilla Firefox version 4.0 is still in beta while they make sure they get any glitches fixed. So don’t install it unless you are comfortable with using beta (often glitchy) software. It has been out for many weeks now, and most of the glitches are probably resolved at this point.

To add the Do Not Track functionality, download and install the latest version of Firefox 4, and then go to Firefox -> Options  -> Advanced. Check the “Do Not Track” box and save your settings.

When this option is selected, a header will be sent signaling to websites that you wish to opt-out of online behavioral tracking.  You will not notice any difference in your browsing experience until sites and advertisers start responding to the header. I recommend that users go in and try this out. This is the best way to give them feedback so they can make our browsing experience as safe as possible.

John Sileo’s motivational keynote speeches train organizations to play aggressive information offense before the attack, whether that is identity theft, data breach, cyber crime, social networking exposure or human fraud. Learn more at www.ThinkLikeASpy.com or call him directly on 800.258.8076.