Nearly two-thirds of the American public have heard, read or seen something about online safety and security issues recently. However, most of what the news they remember is negative: identity theft, privacy loss, and increased frequency of attacks. Just take a look at http://www.privacyrights.org and you’ll see we’ve all lost our identity at least 3 times in the USA, with over 930 million records breached, lost or stolen to hackers and cyber criminals. In a recent survey at http://stopthinkconnect.org/research-surveys/research-findings/ , when asked why they don’t always do all the things they can or should do to stay safer online, Americans said they simply lacked the information or knowledge.
So if you want to enjoy Black Friday, CyberMonday and the Christmas Shopping experience without losing your privacy and identity or putting your children’s safety at risk, here’s the information you need.
Here are my Ten Tips you should follow to Halting Hackers on the Holidays:
1. First, assume you’ve already been compromised. Whether it’s your baby monitor, or your SmartTV or your Webcam on your laptop or your Smartphone or Tablet. Your antivirus is not good enough and it’s time to take the privacy behaviors and privacy policies of these apps more seriously.
2. Change your passwords – all of them. Now. And do it as frequently as you can tolerate. Also, if you don’t want to change it often, then use any unique characters you can think of like a dollar sign $ or an exclamation mark ! or replace an “oh” with a “zero” 0. This goes along way in preventing brute force attacks against your password.
3. Protect your smartphones and tablets by turning off WiFi, Bluetooth, NFC and GPS, except when you need them. That way, if you are at a local coffee shop or in a shopping mall, no one can spy on you using nearby (proximity) hacking attacks and they can’t track where you were and where you are going on your GPS.
4. Assume most of your smartphone or tablet apps are creepware – malware that spies on you and your online behavior. Do you really need them? Delete all of the apps you aren’t using that often. Replace those apps that take advantage of too many of your privacy settings like GPS, phone & sms logs, personal identity information, with similar apps that don’t.
5. Opt-out of every advertising network that you can. Visit the National Do Not Call Registry and register your smartphone and home phone numbers at https://www.donotcall.gov/. If you use a google email account and have an Android phone, you’d be surprised that even with your GPS off, it’s tracking your every move. You can login to https://maps.google.com/locationhistory/b/0 and see for yourself. You have to go into your smartphone or tablet settings and turn this feature off. It is possible to turn this off. In your Android phone, go to Settings, then Location, select Google Location Reporting and set Location History to off. The same holds true for the Apple iPhone, iPad and iTunes. You need to find the location and privacy settings and turn off access under Settings, then Privacy then Location.
6. Your browser is a ‘double-agent’ spying on you for advertisers, unless you block and remove cookies and delete the cache frequently. Go into your web browser settings and delete your history, all cookies and passwords and the cache. You should do this frequently so you don’t leave personal information sitting around on your computer, smartphone or tablet.
8. Only shop on websites you know and trust. If you don’t know where the merchant is located, don’t shop online there. If they don’t have a corporate address or are located in another country, it could be risky for you to ever see the goods you think you purchased. Also, if their shopping cart experience is not an HTTPS browser session, then everything you type in, your name, address and credit card information is going over the internet unencrypted, in plain view.
9. Twitter and Instagram as well as your iPhone will give away your location. Most people don’t realize Twitter and Instagram both use geotagging for everything you send out. Geotagging is storing your latitude and longitude of your tweet or image. Pictures you take on an iPhone usually store geotagging information, as well. The less information you give out about where you are located, the safer you are.
10. You have three choices when shopping – use cash, use a credit card or use a debit card. If you have to choose between all three, believe it or not, the best option is a credit card. First, you travel with less cash and if you are purchasing something online, it’s also safer to give your credit card than your debit card. The same holds true when you visit your local shopping mall or retail outlet. The reason is, if you experience identity theft, the credit card laws allow you to keep all of your credit immediately, with no responsibility during an identity theft or fraud investigation. However, with a debit card, the policy of your local bank can be to tie up your hard earned money in the amount of the fraudulent transactions for up to thirty days and some have been known to take up to 60 days to resolve the issue in your favor and give you your money back into your account. You still should not spend more than you can afford. Just use this security feature of your credit card to protect your hard earned savings.
WHAT TO DO IF YOU THINK YOU ARE A VICTIM
If you think your computer or personal information has been compromised, you can file a complaint about Internet-related frauds, scams, and suspicious activity with the following organizations:
- The Federal Trade Commission – The Federal Trade Commission is the nation’s consumer protection agency and collects complaints about fraudulent, deceptive, and unfair business practices. If you think you may be a victim of fraud, file a complaint with the FTC.
- [email protected] – If you receive an email that you think may be a scam, forward it to the FTC and it will be stored in a database that law enforcement agencies use to generate legal cases.
- Your State Attorney General – In addition to the FTC, you can also file a complaint with your state Attorney General’s office if you think you may be a victim of fraud. Your state Attorney General’s office handles a wide range of complaints related to consumer protection.
- The Internet Crime Complaint Center – The IC3 is a partnership between the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance, whose mission is to serve as a vehicle to receive, develop, and refer criminal complaints related to cyber crime.
- [email protected] – In addition to forwarding spam to [email protected], you can also forward spam to [email protected]. The Anti-Phishing Working Group is a consortium of ISPs, security vendors, financial institutions and law enforcement agencies that use this email to fight phishing.
- www.bbb.org – The Better Business Bureau accepts complaints from consumers against businesses or services, and is dedicated to fostering an ethical business environment.
- National Crime Prevention Council – The mission of the NCPC is to be the nation’s leader in helping people keep themselves, their families, and their communities safe from crime. To achieve this, the NCPC produces tools that communities can use to learn crime prevention strategies – including a podcast series for children and adults on the facts of cyber bullying, how to prevent it and manage it.
- National Center for Missing and Exploited Children – This non-profit organization has a Congressionally-mandated CyberTipline as a means for reporting crimes against children. Reports may be made 24-hours a day, 7 days a week online at www.cybertipline.com or by calling 1-800-843-5678.
- Department of Justice – The DOJ’s Computer Crime & Intellectual Property Section tells you where to go to report hacking, password trafficking, spam, child exploitation and other Internet harassment.
- USA.gov: Reporting Internet Fraud – A list of official government resources to help you report, prevent, and learn about Internet fraud.
Sources: teentips.snoopwall.com, privacyrights.org and stopthinkconnect.org
SnoopWall’s Cybersecurity Expert
Gary S. Miliefsky is the CEO of SnoopWall and the sole inventor of the company’s new technology. He has been extremely active in the INFOSEC arena, most recently as the Editor of Cyber Defense Magazine and the cover story author and regular contributor to Hakin9 Magazine. He also founded NetClarity, Inc., an internal intrusion defense company, based on a patented technology he invented. He is a member of ISC2.org, CISSP® and Advisory Board of the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. He also advised the National Infrastructure Advisory Council (NIAC) which operates within the U.S. Department of Homeland Security, in their development of The National Strategy to Secure Cyberspace. Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), serves on the advisory board of MITRE on the CVE Program (http://CVE.mitre.org) and is a founding Board member of the National Information Security Group (http://www.NAISG.org). Email him at: [email protected]
AS SEEN ON