Latest Posts
Commonly Overlooked Sources of Identity Theft
You’ve heard it all before – conduct online business through secure Wi-Fi only, watch your incoming mail for erroneous credit invitations, check your statements and your credit reports, and set up strong passwords and alerts, yada yada! But here are a few additional times you’ll want to be vigilant, especially this holiday season!
- Car Loans. According to the Financial Crimes Enforcement Network, auto loan identity theft is twice as high as any other form. Most dealerships have you complete paperwork with identifying personal data (name, address, date of birth, phone number) up to and including a loan application, which likely includes your Social Security Number. How is this data handled? Unless you actually purchase the vehicle, and your paperwork becomes part of a permanent file, refuse to complete it. Most dealerships simply toss your paperwork after 30 days if you don’t make a purchase. Their trash receptacle then becomes a pre-qualified source for identity thieves.
- The Pharmacy. Pharmacy records contain your personal identifying information (name, address, date of birth, phone number, insurance plan information, employer and often, your Social Security number). Thieves look anywhere for taking basic information to build a new identity, or to re-fill prescriptions that they can then sell. Make sure your pharmacy asks for your ID, and request confirmation that they shred personal data.
Business Killers: Identity Theft and Data Breach Protection FREE WEBINAR
Business Killers: Identity Theft and Data Breach Protection Webinar on November 10
On November 10, I will host an interactive webinar sponsored by Deluxe that will explore how small businesses can protect themselves from identity theft. As someone who lost more than $300,000 and my small business to identity theft, this is a topic I care about deeply. In addition to delivering keynote speeches at conferences, I also provide consulting and guidance to organizations like the Federal Trade Commission, Pfizer and the Department of Defense on how to best protect the sensitive data inside of their organizations.
Register now for tomorrow’s webinar.
During this multi-part webinar, I will provide simple, actionable tools and advice to help small businesses protect their data and retain information privacy. I’ll also explain how the information economy has shifted the competitive landscape and increased our data exposure. Attendees will learn the following:
- The new reality: information does not equal power
- How to think like a spy and apply critical thinking to the power equation
- Manipulation triggers thieves use against your employees and defense techniques
- Interrogation tools to uncover fraud before it erodes your profits and net worth
- Fraud hotspot best practices
- Trends in data theft
- Holiday identity theft prevention tips
What Larussa’s Botched Bullpen Call Teaches About Trust
St. Louis Manager Tony La Russa changing course mid-stream (Dilip Vishwanat / Getty Images)
During Monday night’s World Series game, Tony La Russa, the coach of the St. Louis Cardinals, failed to warm up the right-handed relief pitcher he desperately needed to face the Texas Rangers red-hot right-handed batter, Mike Napoli. Napoli, with the games announcers in complete disbelief at the oversight, took advantage of the mistake, drilling the pitch into right center field for a double. The Texas Rangers went up 4-2 and won the game.
Directly following the game, La Russa blamed the dugout phone, the bullpen coach (indirectly) and the noisy crowd for his failure to warm up the right guy. Within minutes, you could almost hear the simultaneous guffaw of the entire sports world, “It’s the phone’s fault?”. Our collective BS meters went off because in some way, we sensed he was covering something up.
Suddenly, a coach with a glorious 30 year coaching reputation, a man known for his intricate patchwork of relief pitching to pry out of tough situations, had lessened his credibility. What actually happened to cause the mistake is immaterial; how La Russa addressed the blunder is what matters — his credibility was eroded more by his response and less by his mistake.
Look at the foundation of La Russa’s reputation:
Britain, America Unite Against Identity Theft Trends
London, UK (PRWEB) October 16, 2011
The world of identity theft is changing rapidly. Earlier this week Experian UK, a unit of one of the world’s largest credit-reporting agencies, hosted the 2011 Identity Theft & Fraud Forum at The Grove, a prestigious five-star resort located on the outskirts of London. The purpose of the Forum was to assemble a cross-cultural collection of thought leaders on identity theft prevention and to focus attention on Britain’s increasing financial battle with identity theft. Keynote presenters included highly regarded American identity theft expert John Sileo, Jairam Sridharan, Head of Retail Assets, Axis Bank of India and Jonathan Walsh, Head of Consulting and Analytics, Identity & Fraud at Experian.
During his afternoon presentation, Mr. Walsh revealed the results of a newly released study commissioned by Experian UK. The study found that cases of identity fraud have doubled in Britain over just the past six months and that the trend is likely to continue unless addressed.
“Britain is determined to identify the latest trends in identity theft and define leading-edge solutions to avert the costly eight ball we are behind here in the States,” says Sileo, who founded ThinkLikeASpy.com and has worked with organizations from the U.S. Department of Defense and Homeland Security to Pfizer, Blue Cross and the FDIC. “Experian UK helped all of us take a huge step in the right direction with the Forum.”
Top 7 Reasons Mobile Banking Apps Aren’t Safe (Yet)
A new study produced by The Ponemon Institute and ThreatMetrix (Mobile Payments & Online Shopping – October 2011) states that only 29% of consumers use mobile banking apps on their smart phones and tablets. Of those that don’t participate, 51% cite security reasons for their lack of participation. In other words, consumers like you and I are not yet comfortable with mobile banking. And our instincts are correct! Why shouldn’t you be comfortable with mobile banking appsquite yet?
Top 7 Reasons Why Mobile Banking Apps Aren’t Yet Safe
- Because most app stores (e.g., Android Marketplace) don’t review apps for security, it is very easy for criminals to post malicious apps that steal information from your mobile device (like your bank account numbers).
- The average smartphone or tablet user has installed no security software on their mini-computer (that’s what smartphones and tablets are), meaning that they have only a fraction of the security of a laptop or desktop.
- Detected malware developed for the Android platform alone has increased by 400% in the past year.
- The technology that keeps apps separate on your smartphone or tablet doesn’t separate them out into private sandboxes, meaning that one app can read the juicy details stored in the other without much difficulty.
Is Your Wireless Carrier Tracking Your Surfing Habits (Maybe)
Oh what your mobile phone carrier knows and tracks about you! A one-page document from the Justice Department‘s cybercrime division shows how cell phone companies record and retain your call and surfing activity (calls, text messages, web surfing and approximate location). Here’s a summary of how each company retains your information (full details in the image below):
- Verizon Wireless – rolling one-year records of cell tower usage & what phone accessed what web site
- AT&T / Cingular – ongoing records of cell tower usage since July of 2008
- T-Mobile USA – doesn’t keep any data on Web browsing activity
- Sprint Nextel’s Virgin Mobile – 3 month record of text content
- Other than Virgin Mobile and Verizon, none of the carriers keep texts but they keep records of who visited a particular web site.
- Verizon keeps some information for up to a year that can be used to ascertain if a particular phone visited a particular Web site
- Sprint Nextel’s Virgin Mobile keeps the text content of text messages for three months. Verizon keeps it for three to five days. None of the other carriers keep texts at all, but they keep records of who texted who for more than a year.
- AT&T keeps up to seven years of records of who texts who — and when, but not the message content. Virgin Mobile keeps that data for two to three months.
iPad Vampires: 7 Simple Security Settings to Stop Data Suckers
Information is the currency and lifeblood of the modern economy and, unlike the industrial revolution, data doesn’t shut down at dinnertime. As a result, the trend is towards hyper-mobile computing – smartphones and tablets – that connect us to the Internet and a limitless transfusion of information 24-7. It is an addiction that employers encourage because it inevitably means that we are working after hours (scanning emails in bed rather than catching up with our spouse).
In the work we do to change the culture of privacy inside of organizations, we have discovered a dilemma: iPads are not as secure as other forms of computing and are leaking significant amounts of organizational data to corporate spies, data thieves and even competing economies (China, for example, which would dearly love to pirate the recipe for your secret sauce). Do corporations, then, sacrifice security for the sake of efficiency, privacy for the powerful touch screens that offer a jugular of sensitive information?
Of course not! That’d be like driving a race car minus seat belts and air bags.
iPads provide a competitive advantage, and like generations of tools before it (the cotton gin, the PC), individuals and organizations alike will be forced to learn how to operate this equipment safely or risk the bite of intellectual property vampires. Here are 7 Simple Security Settings to help you lock down your iPad much like you would your laptop.
U.S. is Dumb About Smart Cards
The typical US consumer still swipes their card, credit or debit, with those same old black magnetic stripes. And, we hold our breath and hope they work, and don’t lead to erroneous (fraudulent) charges we have to defend. The rest of the world has switched to Smart cards, according to Peter Svensson, The Associated Press, in The Denver Post. “The problem with that black magnetic stripe on the back of your card is that it’s about as secure as writing your account information on a post-card”.
Svensson comments “Smart-cards (chip-based cards) can’t be copied, which greatly reduces the potential for fraud. Smart cards with built-in chips are the equivalent of a safe: They can hide information so it can be unlocked only with the right key”.
This begs the question, why is the US lagging in this technology? How do we re-vamp our system to promote smart-card transactions? Some experts maintain that it is a lack of demand by everyone from consumers and issuing banks to retail establishments. In essence, we don’t want the added security. This, of course, is just a smoke screen to obscure the underlying issue: no one wants to pay for it. Consumer don’t feel like they should pay for the technology (through higher card fees) even if it makes them safer (Haven’t we always been pretty safe?). Banks don’t want to pay to issue higher-cost cards with chip technology (they probably think it is cheaper to weather the costs of fraud – it is not). And retailers don’t want the added expense of new, more sophisticated equipment.
Certified Speaking Professional – Sileo Earns CSP from National Speakers Association
I love my job as a keynote speaker. To be honored as one of only 570 Certified Speaking Professionals on the planet this past month was icing on the cake, and confirmation that we’d finally made it through that which almost destroyed our family.
Just a few years ago I thought I might go to jail for crimes that someone else committed using my identity. I lost nearly everything, including my business, my reputation and lots of money. Who would have thought then that all of the pain we experienced as a family would be turned into a highly satisfying career as an author and professional keynote speaker? Every day I get to go to work with the enviable conviction of empowering people to protect their privacy from identity theft, social media exposure and human manipulation. I get to steer people and corporations away from making the significant mistakes I did. It is vastly fulfilling.
And now, after five hard years on the speaking circuit, to be awarded the CSP by such highly accomplished peers in NSA, the National Speakers Association, satisfies me beyond words. If you’ve heard the details of my story and know how much it cost my family (I was basically absent in their lives for two full years), you’ll especially love how elegantly everything has come full circle. Sophie (my daughter, and the person who woke me out of my victim-induced stupor to become an author and a speaker), whispered to my row of supporters just as I was walking across the stage, “everyone stand up when dad gets his award.”
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
