How To Control Your Privacy Online

Identity theft is all about control. Who has control over your personal and financial information? Is it you, or the criminal on the other end of your computer using your information to apply for a credit card?  Losing control of your personal information can be all too easy online. But by taking some precautions, you can maintain privacy while safely surfing the internet.

Here are 5 tips to protect your privacy online:

1. Adjust social-network privacy settings

Facebook has been working to simplify their privacy settings, but they can still be confusing to the average users. Spend about 10 minutes a month making sure that your privacy settings are what they should be and are actually protecting your privacy.

To get there, log in to Facebook, in the top right of your screen it should say “Account” when you scroll over or click on that tab you can see you Privacy Settings. Click here for a step by step process of how to adjust your privacy settings.

Twitter, another popular social network, also lets you lock your account from public view. In settings, there’s a feature called “protect my tweets.” They have had breaches before, so it is always good to take every precaution you can to protect your information.

2. Frequently Change Passwords

It is good to rotate passwords on sites you use often. Especially sites that hold your financial information. Every 6 months or so you should change your passwords just in case someone has access to your online profile. A good way to keep track of these passwords is with a password keeper such as 1password. This way you can store your passwords to all sites in one place and use a master password to gain access.

3. Opt-out of ad tracking

Online ad networks often install a small file on the computers of people who visit certain websites. These so-called cookies can log your surfing habits, allowing advertisers to tailor ads to your interests.

If you are trying to keep some online privacy then you should opt out. In the settings panel of your web browser make sure that disable cookies from third party websites. Most advertising companies use this information to directly target you with ads of products that you use. They know what items you purchase because they see where you go on line and keep a record.

4. Use a secure Internet Connection

Don’t browse private sites and look at personal or financial information while on a public wifi connection. Never shop online at your local coffee shop because you never know who may be spying on you with that very same open internet connection. If you are making an online purchase, looking at your online banking, emailing a personal story or photo, ONLY do so on a secure password protected internet connection.

5. Think before you post

While this may seem like an obvious suggestion, many people don’t do it. Posting that you are at your local watering hole at 3pm on a Thursday after you called in sick could get you in more trouble than you planned on. Uploading an embarrassing photo of yourself may cost you a future job. I know of a company that didn’t hire a candidate for a position because when they checked out her Facebook profile her status was “I just need a job – ANY Job!”. That made her less appealing to hire than other candidates that were less vocal on their pages.

Use your brain. Posts are public, permanent and exploitable.

To learn more and begin to build your own good privacy habits order your copy of my latest book Privacy Means Profit Today!

Wiley & Sons has just announced my latest book, Privacy Means Profit, will be available in stores and online August 9, 2010.  This book builds a bridge between good personal privacy habits (protect your wallet, online banking, trash, etc.) with the skills and motivation to protect workplace data (bulletproof your laptop, server, hiring policies, etc.).

Click Here for More Information

Identity Theft Speaker Endorsed by Fort Bragg

I had the privilege of speaking at Fort Bragg this summer! Here is what they had to say:

I saw John Sileo’s presentation at a conference recently and I was thoroughly impressed. He really interacted so well with the audience that I actually wanted to bring him to Ft Bragg to help us celebrate our Consumer Awareness Month. It took several months of coordination, but we finally all got it together and John came down and did an excellent presentation to help us out with teaching our community all about identity theft. His presentation was interactive, dynamic, the audience was really pleased and after the presentation they held him there for an hour asking great questions! We were thoroughly pleased with John and we really enjoyed his presentation.

John Sileo is an identity theft and information security expert that speaks professionally to organizations that want to protect their profits against identity theft, social media exposure and corporate espionage. His recent clients include the Department of Defense, FDIC, FTC and Pfizer. Pcik up a copy of John’s latest book Privacy Means Profit – Prevent Identity Theft and Secure You and Your Bottom Line.

Identity Theft for Businesses: Mobile Data Breach

Mobile Data Theft

Technology is the focal point of data breach and workplace identity theft because corporations create, transmit, and store so many pieces of information digitally that it becomes a highly attractive target. This book is not intended to address the complex maze that larger organizations face in protecting their technological and digital assets. Rather, the purpose of this book is to begin to familiarize business employees, executives, and vendors with the various security issues facing them.
The task, then, is to develop a capable team (internal and external) to address these issues. In my experience, the following technology-related issues pose the greatest data-loss threats inside organizations:

  • Laptop Theft: According to the Ponemon Institute, 36 percent of reported breaches are due to a lost or stolen laptop.
  • Mobile Data Theft: Thumb drives, CDs, DVDs, tape backups, smart phones
  • Malware: Software that infects corporate systems, allowing criminals inside these networks
  • Hacking: Breaking into your computer system from the outside, using networks, wireless connections, remote access, and your Internet pipeline
  • Wireless Theft: Wireless connections to the Internet in airports, hotels, cafes, and conferences
  • Insider Theft: When someone in the IT department (or elsewhere) decides to make extra money by selling your data

According to the Ponemon Institute, ‘‘Thirty-six percent of all cases in this year’s study involved lost or stolen laptop computers or other mobile data-bearing devices. Data breaches concerning lost, missing, or stolen laptop computers are more expensive than other incidents. Specifically, in this year’s study, the per-victim cost for a data breach involving a lost or stolen laptop was just under $225, over $30 more than if a laptop or mobile device was not involved.’’ Continue Reading….

The post above is an excerpt from John’s latest book Privacy Means Profit. To learn more and to purchase the book, visit our website

Privacy Means Profit

Prevent Identity Theft and Secure You and Your Bottom Line

This book builds a bridge between good personal privacy habits (protect your wallet, online banking, trash, etc.) with the skills and motivation to protect workplace data (bulletproof your laptop, server, hiring policies, etc.).

In Privacy Means Profit, John Sileo demonstrates how to keep data theft from destroying your bottom line, both personally and professionally. In addition to sharing his gripping tale of losing $300,000 and his business to data breach, John writes about the risks posed by social media, travel theft, workplace identity theft, and how to keep it from happening to you and your business.

Workplace Identity Theft: Shredding

The following is an excerpt from John’s latest book Privacy Means Profit. To learn more and to purchase the book, visit our website

For businesses, shredding is low-hanging fruit (one of the easiest sources of data breach to eliminate). But businesses are so often focused on electronic forms of data breach that they fail to heed the following statistics highlighted in a recent Ponemon Institute study conducted for the Alliance for Secure Business Information:

  • More than 50 percent of sensitive business data is still stored on paper documents.
  • Forty-nine percent of data breaches reported in the survey were the result of paper documents.
  • Sixty percent of businesses admitted that they didn’t provide the proper tools (e.g., shredders) to safely discard documents that were no longer needed.
  • The average data breach recovery cost according to this survey was $6.3 million.

If you own a business, make sure to destroy sensitive documents prior to discarding them, to decrease your legal liability. Businesses are required to destroy all consumer information before discarding it in the trash. The Fair & Accurate Credit Transaction Act (FACTA) Disposal Rule states that ‘‘any person who maintains or otherwise possesses consumer information for a business purpose’’ must properly destroy the information prior to disposal. FACTA further states that every person and/or business must take ‘‘reasonable measures’’ to protect against unauthorized access to the use of the information in connection with its disposal… Click Here to Continue.


Privacy Means Profit

Prevent Identity Theft and Secure You and Your Bottom Line

This book builds a bridge between good personal privacy habits (protect your wallet, online banking, trash, etc.) with the skills and motivation to protect workplace data (bulletproof your laptop, server, hiring policies, etc.).

In Privacy Means Profit, John Sileo demonstrates how to keep data theft from destroying your bottom line, both personally and professionally. In addition to sharing his gripping tale of losing $300,000 and his business to data breach, John writes about the risks posed by social media, travel theft, workplace identity theft, and how to keep it from happening to you and your business.

Privacy Calendar

In the Privacy Calendar, the action items that are important to take to protect your identity are listed by priority rather than mind-set. The order was determined according to three criteria:

  1. Which steps need to be taken first to make the process simple?
  2. Which actions are most effective at preventing identity theft?
  3. Which items are you most likely to complete given time and resource constraints?

The detailed information for taking each of the steps is contained in the individual mind-set chapters of Privacy Means Profit, which are shown in italics and enclosed in parentheses following the steps, for easy identification. I strongly recommend that you refer back to each chapter for in depth explanations of each step.
I also highly recommend that you set up a schedule for yourself and complete the items phase by phase. Take 10 minutes a day, one hour per week, or one weekend a month and schedule time to ‘‘accumulate privacy.’’ If you have to wait on one of the action items—for example, you order your credit report but it will be 10 days before you receive it—move on to another of the items further down the list and return to the item you skipped when you receive the report.

I’ve said it before, but it bears repeating: There is no silver bullet in the world of fraud or identity theft prevention. If someone tells you there is, he or she is probably trying to sell you something. Rather, the layered approach enumerated here will provide you with a base level of privacy, which you can add to over time. Click on the links provided below to begin implementing these phases today.

Phase 1: Credit

  1. Order and monitor your free credit report, and set up regular calendar reminders every four months to review your updated report. This can be completed online at or by calling 1–877–322–8228. This step is not necessary if you take step 2 and subscribe to an identity monitoring service, which has the added benefit of providing convenient, consistent surveillance delivered directly to your e-mail box. (Monitor)
  2. Sign up for a reputable identity monitoring service with 3-in-1 credit monitoring, cybertracking, theft restoration services, and recovery insurance. To learn more about specific surveillance products, visit (Monitor)
  3. Freeze your credit with Equifax, Experian, and TransUnion. This step, while the most important for protecting your credit, makes it more difficult to take the two previous steps, which is why it is listed third. Visit to begin the process. If you do not wish to place a security freeze on your credit, at least place an extended fraud alert on your file. (Eliminate)

Set up online account alerts for all of your banking, credit card, mortgage, and investment accounts. At the same time, reduce at risk mail and switch to online statements, which allow you to easily and consistently monitor your accounts for signs of fraud. Begin using online bill pay instead of sending checks through the mail. (Monitor)

Phase 2: Wallet

  1. Protect your wallet or purse by keeping it with you or locked up at all times and by removing the following items (Eliminate):
  2. Sign your credit cards and include Photo ID Required on both the back and front. (Eliminate)
  3. Photocopy every piece of identity in your wallet and store the copies safely, in case the wallet is stolen and you need to shut down accounts quickly. (Eliminate)

Phase 3: Databases

  1. Opt out of information sharing, telemarketing, and junk mail by visiting or calling 1–888–5–OPT–OUT. (Eliminate)
  2. Place your name on the National Do Not Call Registry by visiting (Eliminate)
  3. Place your name on the Direct Marketing Association’s Do Not Mail list by visiting (Eliminate)

Phase 4: Computers

  1. Physically lock your computer in a secure place when in transit or when you are not using it. (Secure)
  2. Protect your desktop, laptop, or server computer with software security tools (preferably by hiring a professional to help you implement them) (Secure)
  3. Have your computer or cell phone digitally shredded or low-level formatted before selling, donating, or passing it on to someone else. (Destroy)
  4. Visit Product Reviews to learn more about the best tools to implement.

Phase 5: Mobile Computing

  1. Define what is at risk on your mobile data devices. (Protect)
  2. Verify acceptable use of your mobile data devices with your company. (Protect)
  3. Control exposure and eliminate unnecessary transport of your mobile data devices. (Protect)
  4. Encrypt individual data files, as well as your hard drive, SIM card, and SD memory card. (Protect)
  5. Utilize a secure wireless Internet connection. (Protect)
  6. Utilize SSL-encrypted e-mail, and e-mail sensitive data only when absolutely necessary. (Protect)
  7. Use a backpack or other carrying case to keep your mobile devices physically on you. (Protect)
  8. Consider adding a locking or alarm device to your laptop and mobile computing devices. (Protect)
  9. When going through security at the airport, don’t put your laptop on the X-ray belt until you are ready to walk through the metal detector; keep an eye on it until you reach the other side. (Protect)
  10. Utilize a LoJack-type software program to track your laptop if it is stolen. (Protect)
  11. Password-protect your cell phone and PDA with a sophisticated alphanumeric/symbol login. (Eliminate)
  12. Destroy any sensitive files that you store electronically after you are done using them. (Protect)

Phase 6: Physical Documents

  1. Purchase a high-quality, cross-cut document shredder and shred every document, disk, and credit card that you no longer need. Place the shredders conveniently, for easy access. (Destroy)
  2. Create a safe room, or purchase a fire safe or fire-rated filing cabinet and have it secured to the foundation of your home or office. Lock your essential documents according to the chart. (Lock)
  3. Lock your mail and mailbox against theft. (Lock)

Phase 7: Online

  1. Research your online identity. Google your name, phone number, address, e-mail address, and any other information you would like to verify. (Defend)
  2. Withhold or mask identity information when building your social networking profile, including: date of birth, address, phone number(s), and any password reminders that you use (high school, city born, pet’s name, etc.). (Defend)
  3. Read and understand your privacy settings on Facebook, Twitter, LinkedIn, MySpace, and other social networking sites; adjust them to protect your identity information. (Defend)
  4. Vary online passwords and make them more sophisticated by using alphanumeric/symbol passwords. (Secure)
  5. Be alert and wary of ‘‘friends in distress’’ scams, posted links, and other social engineering scams. (Defend)
  6. Only ‘‘friend’’ your actual friends, and understand both the benefits and drawbacks of responding to quizzes and surveys, and utilizing widgets, groups, and third-party applications, before you add them. (Defend)
  7. Don’t forget: posts are permanent, public, and exploitable. (Defend)
  8. Protect your e-mail (Defend)
  9. Become knowledgeable about information collection performed by search engines, cookies, and tool bars. (Defend)
  10. Read, understand, and adjust your application privacy settings in Google, Google Docs, Gmail, Hotmail, Yahoo!, or other online accounts. (Defend)
  11. Be aware and recognize phishing scams. (Secure)
  12. Shop securely online, patronizing only reputable, recognizable companies. (Secure)

Phase 8: Travel

  1. Travel light; simplify and minimize what you take with you. (Travel)
  2. Take precautions to protect your home and office while away. (Travel)
  3. Travel with a copy of your identity documents and give a second copy to a trusted friend. (Travel)
  4. While traveling, securely lock up client files, laptops, cell phones, and passports and other identity documents. (Travel)
  5. Carry a travel pouch, use a backpack, and watch your credit cards while out of your hands when traveling. (Travel)
  6. Don’t announce to strangers on social networking sites when you will be traveling. (Travel)
  7. Bank safely, using only well-lit ATMs in banks or credit union buildings. (Travel)
  8. When you return home, monitor your bank accounts and possibly rotate your account numbers. If possible and safe to do so, monitor your accounts while traveling. (Travel)
  9. Pick up your mail as soon as possible after you return; likewise retrieve any copies of identity documents that you left with friends. (Travel)

Phase 9: Social Engineering

  1. Learn to observe what is going on around you by slowing down. (Evaluate)
  2. React to requests for identity of any type with healthy skepticism. (Evaluate)
  3. Think ‘‘Hogwash!’’ when anyone tries to access your data. (Evaluate)
  4. Look for signs of manipulation (fear, rushing, bribery, flattery, trust, security). (Evaluate)
  5. Stop, look, and listen when your hogwash reflex triggers. (Evaluate)
  6. When in doubt, interrogate the enemy. (Evaluate)
  7. Implement the four phases of interrogation (Interrogate)
  8. Don’t be afraid to say no. (Interrogate)

Phase 10: Extras

  1. Create a dossier, complete with photocopies and logs of all crucial identity documents, for future reference. (Monitor)
  2. Use an electronic calendar (like Microsoft Outlook) to track your bill- ing cycles. (Monitor)
  3. Guard against shoulder surfing (someone peering over your shoulder or recording you on a cell phone video camera) to steal your PIN while at an ATM or retail checkout. (Evaluate)
  4. Monitor your annual Social Security statement. (Monitor)
  5. Eliminate or lock up all identity documents in your car. (Eliminate)
  6. Remove your name from other physical and online directories. (Eliminate)
  7. Scratch out all but the last four digits of any unmasked credit card numbers on the merchant’s copy of your credit card receipt. (Destroy)
  8. Implement all safeguards for your spouse or partner. (Secure)

For more ways to protect you and your organization from Identity Theft pick up a copy of my new book: Privacy Means Profit– in stores August 9, 2010.