Posts

Gadgets Attract Thieves at Starbucks – Privacy Project Episode #01

On this episode of Privacy Project, John confronts a coffee drinker about leaving their laptop totally alone as they talked outside on the phone at Starbucks.

America’s top Privacy & Identity Theft Speaker John Sileo has appeared on 60 Minutes, Anderson Cooper, Fox & in front of audiences including the Department of Defense, Pfizer, Homeland Security and hundreds of corporations and associations of all sizes. His high-content, humorous, audience-interactive style delivers all of the expertise with lots of entertainment. Come ready to laugh and learn about this mission-critical, bottom-line enhancing topic.

John Sileo is an award-winning author and keynote speaker on the dark art of deception (identity theft, fraud training, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust.

Mobile Apps Turn Smartphone Into Weapon

You and I have come to think of our Smartphones as indispensable tools. Flaws recently discovered in mobile apps for Facebook, Linkedin and Dropbox could turn our tools into weapons by exposing us to data theft at many levels, including personal identity theft and corporate data loss.

Taking  extra precautions now will protect not only your Smartphone but other devices, too, as the flaw may well be present in other mobile applications including many iOS games.

Apparently, Facebook’s iOS and Android apps don’t encrypt their users’ login credentials. These flaws expose users to identity theft by saving user authentication keys (usernames and passwords) in easily accessible, plain text files. These unencrypted files may be stolen, transferred to another device in a matter of minutes, and used to access the victim’s accounts without ever having to enter any user login credentials.

Security researcher Gareth Wright reported discovering the flaw in the mobile Facebook application for iOS late last week. Wright sent his Facebook .plist to an associate — Scoopz blogger Neil Cooper — who copied the file onto his own device, opened up the Facebook app, and had immediate, full access to Wright’s Facebook account.”

Facebook is working on closing the gap in security according to Wright  but the app developers must start encrypting the 60-day access token that Facebook supplies. Otherwise, there’s a world of private information just waiting to be tapped. Think of the chaos in trying to recover from identity theft of that magnitude.

In the meantime, here are some actions you can take to protect yourself:

  1. Don’t plug your Smartphone into a shared PC, public dock or charging station.
  2. If you do use a PC for charging, lock your device for the charge, and don’t unlock it until you remove it from the PC.
  3. Use strong passwords including letters, numbers, symbols, upper and lower case. Don’t rely on a four-digit password.
  4. Turn on the ‘Find My iPhone’ function.

The potential for criminals to exploit this flaw is enormous. You’ll be well served to take every precaution before you feel the nauseating pit of your stomach once you’ve been hacked. Further Resources on Mobile App Hacking.

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

WiFi Security Flaw in Smartphones Threatens Your Wallet

Recent information available in Britain has shown that popular hotspots can be easily mimicked by thieves, which leaves consumers vulnerable to identity theft.

Tests conducted showed that security experts were able to obtain usernames, passwords and messages from phones using WiFi in public places. The tests all used volunteers so that no actual breach occurred. In cases where the iphone 4 was targeted, the information could be taken and stored without the user even knowing.

This issue is a huge problem for the UK’s nearly 5 million BT hotspots located in train stations, coffee shops, hotels, and airports. While the smartphone service providers have knows about these WiFI security flaws for some time, they have still not done anything about it.

Using inexpensive communication equipment and free software that you can download from the internet, thieves can set up bogus hotspots to start sniffing your personal information. Once you have established a connection with one of these impersonators, whether on a phone or laptop, they can start decrypting your sensitive data.

While this is a huge issue,  identity theft experts have found that a bigger problem is when these fake WiFi hotspots ask you to pay for the service and then gain access to your credit card number. Thieves state that once they have your personal logins and your credit card number, they can do almost anything, including buying gifts, purchasing gift cards for any amount, wire transferring funds to themselves, in addition to other methods for turning your privacy into profits.

Free WiFi comes with a huge price – your privacy.

 

Are You Begging to Get Fired?

We’ve all done it before – left the table to get a coffee refill or go to the bathroom and left our laptop, iPad, smartphone or purse sitting on the table. We justify it by telling ourselves that we are in a friendly place and will only be gone a second. Our tendency is to blame technology for information theft, but the heart of the problem is almost always a human error, like leaving our devices unattended. Realizing that carelessness is the source of most laptop theft makes it a fairly easy problem to solve.

My office is directly above a Starbucks, so I spend way too much time there. And EVERY time I’m there, I watch someone head off to the restroom (see video) or refill their coffee and leave their laptop, iPad, iPhone, briefcase, purse, client files and just about everything else lying around on their table like a self-service gadget buffet for criminals and opportunists alike.

I trust deeply in the honesty and integrity of the people I know well, but if you are trusting your Starbucks crowd with this amazingly valuable data, you are going to get a steaming hot lap full of trouble. Data thieves target places like this because it is an upscale, trusting clientele. Just ask Ben Bernake, Chairman of the Federal Reserve, whose wife got taken at a Starbucks.

Just about 50% of major corporate data breaches are caused by the theft of a laptop computer. They don’t want the computer, they want the data on it, and it can cost your business millions. The average breach recovery cost, according to the highly respected Ponemon Institute, is $6.75 million dollars.

It’s one thing if you leave a personal computer and it gets stolen – you aren’t harming anyone other than you and your family. But when it’s a company computer, or has work files on it, you are putting your employer at risk for lawsuits, government compliance fines, reputation damage and months of headaches.

The answer is simple: train your employees first on personal responsibility with their data-bearing gadgets. If they understand the selfish reasons not to abandon their laptop or iPad in a cafe (the data on it is worth a mint, they could lose their job, etc.), the chances of them applying what they have learned strengthens. Additional points of training can include:

  • Proper usage guidelines including what data can be loaded to the laptop and what cannot.
  • Good password habits and a strong login password that is shared with no one.
  • Proper use of WiFi (not the free hotspots at the cafe, airport or hotel)
  • Tethering, remote tracking and remote wiping techniques to minimize risk.
  • Encryption, especially simple PDF password encryption to email private files.
  • Proper physical security while traveling with the laptop.

If you are going to expose yourself and your company while getting another cup of coffee, you might as well apply for a job as a Barista while you are there. Don’t endanger the health of your company (or the safety of your own personal data) for the sake of convenience. Next time, you might be the one caught on video.

Award-winning author and identity theft keynote speaker John Sileo trains executives and employees to respect and protect the data that makes their company profitable. His clients included the Department of Defense, Homeland Security, FDIC, Pfizer, Blue Cross and organizations of all sizes. Contact him directly on 800.258.8076 or watch him deliver an Identity Theft Speech.

Smartphone Survival Guide Now Available For The Kindle!

Identity Theft Expert John Sileo has partnered with Amazon.com for a limited time to offer the Smartphone Survival Guide for Kindle at 1/4 of the retail price.

Click Here to Order Today!

The Smartphone Survival Guide: 10 Critical Tips in 10 Minutes

Smartphones are the next wave of data hijacking. Let this Survival Guide help you defend yourself before it’s too late.

Smartphones are quickly becoming the fashionable (and simplest) way for thieves to steal private data. Case in point: Google was recently forced to remove 21 popular Android apps from its official application website, Android Market, because the applications were built to look like useful software but acted like electronic wiretaps. At first glance, apps like Chess appear to be legitimate, but when installed, turn into a data-hijacking machine that siphons private information back to the developer.

The Smartphone Survival Guide gives you extensive background knowledge on many of the safety and privacy issues that plague Smartphones, including iPhone, BlackBerry, Android and Windows Phone. Mobile computing is an indispensable tool in the modern world of constant connectivity, but you must protect these powerful tools. Mobile access to the web is here to stay, but we must learn to harness and control it. So whether you are reading this to help protect your own personal Smartphone, or valuable corporate assets, the Smartphone Survival Guide will start you in the right direction.

John Sileo’s Smartphone Survival Guide was recently mentioned in the New York Times.

John Sileo is the President of The Sileo Group and the award winning author of four books, including his latest workbook, The Smartphone Survival Guide. He speaks around the world on identity theft, online reputation and influence. His clients include the Department of Defense, Pfizer and Homeland Security. Learn more at www.ThinkLikeASpy.com.