Posts tagged "Sileo"
Did Edward Snowden Actually Comment on the Dropbox Breach? No.
Almost as fast as every media source out there could jump on the “Yet Another Breach” bandwagon and report that Dropbox had been hacked, the company was denying it. So let’s play a little game of true or false to try to sort out fact from fiction:
Statement: Hackers were able to access logins and passwords of Dropbox users and then leaked 400 account passwords and usernames on to the site Pastebin.
Statement: The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the Internet, including Dropbox.
True. (In fact that is a direct quote from the Dropbox blog of October 13, 2014 in which they bluntly proclaim “Dropbox wasn’t hacked”.)
Home Depot Data Breach Exposes Our Growing Complacency
When Target suffered a data breach back in December of 2013, you couldn’t look at a news source without seeing a new story about it. Yet when the Home Depot data breach was revealed recently, it received almost a ho-hum reception in the news. This, even though, it was the biggest data breach in retailing history and has compromised 56 million of its customers’ credit cards! It seems we have come to expect these data breaches to the point where we have become almost complacent.
Consumers, like the companies that breach our data, have become apocalyptic zombies, staring unquestioningly forward as we are attacked from all sides.
Is Apple Pay going to be secure?
Apple has us ooing and ahhing about the iPhone 6, it’s big brother the 6+ and finally the Apple Watch. But the biggest announcement of all didn’t even have to do with gadgets. The most significant announcement was about a new service that will be built into those devices…
It is Apple Pay, Apple’s own version of a “mobile wallet” that will allow Apple users to pay for items with just a tap or wave of their device. That is if those items happen to be in stores that have agreed to install the technology necessary to allow near-field communication (NFC – no not the football conference, the radio-wave technology) to work. Of course, Apple has done the background work to ensure a lot of big names (MC, Visa, AMEX and retailers such as Target, Macy’s and McDonald’s to name a few) are already on board, which is a significant mark in their favor. And with the upcoming mandatory implementation of EMV technology, Apple may have just timed this perfectly.
Unless you’ve been living under a rock (or haven’t been on the internet in the past 24 hours), you most likely know that intimate photos of celebrities like Jennifer Lawrence and Kate Upton have been exposed (pardon the pun) to the public.
While it is not yet verified, Apple has said it is “actively investigating” the possibility that iCloud accounts have been hacked. The photos surfaced immediately after an Apple “Find My iPhone” exploit was revealed, so Apple’s own security is being questioned. As of now, Apple is saying that iCloud has not been systematically hacked, but that the breach of celebrity photos was a limited, targeted attack. Whether or not iCloud was exploited in any way for these pointed attacks hasn’t been determined.
When JP Morgan was recently asked about reported cyber attacks, their spokesperson replied that they were “closely safeguarding information and would notify anyone affected” and went on to add that companies of its size experience cyber attacks “nearly every day”. It seems a rather casual reply for an event that may have resulted in the theft of multiple gigabytes of sensitive data!
Yet that is the reality today. In fact, the financial industry, and most of the business world, has been described as being in a state of almost perpetual cybersiege. Cyber attacks have become so commonplace that most businesses have almost come to expect it.
Which is why we have stopped paying attention, because breach is so normal. And breach is so normal because corporations don’t train their employees correctly on how to avoid it.
One of the quickest identity theft prevention tips is to protect your purse or wallet from being stolen. Here are three tips from ID theft expert John Sileo on protecting wallet identity.
John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.
The so-called “Inheritance Scam” is resurfacing in Colorado, but it has a new look.
No longer do you simply receive an email claiming to be from the representative of a long-lost relative. The new format involves what security experts call the “Accomplice Ploy” in which the thieves attempt to engage you through a long series of queries (one method) reaching out to you as if they know who you might be.
We have developed five questions you should ask about any email or phone call you suspect might be a scam. They are called the 5 indicators of the inheritance scam:
Sileo’s Scam-Detection Questions
1. Were you expecting a windfall?
2. Is it too good to be true?
3. Are you being rushed/threatened?
4. Do they ask for secrecy?
5. Do they request more information?
Product Review on Password Manager Software
I’m often asked during my keynote addresses for specific, actionable items that will help keep personal and company data secure. I could reel off ideas for literally hours, but one of the easiest things anyone can do is utilize a password manager program. There are a lot to choose from but the one I personally recommend is the award-winning 1Password, which remembers and securely encrypts all of your passwords so you don’t have to. You merely come up with one secure master password and then train 1Password to log in to sites for you.
It often amazes me to find out how many people shy away from implementing ideas that they KNOW will make them safer. There are a multitude of reasons I know:
- Ignorance: “I didn’t know there was a helmet law in this state.”
Quite a while ago, not long after the Target data breach, I wrote a detailed blog about the importance of the United States catching up to more than 80 other countries who already employ EMV security measures for their credit and debit cards. (EMV refers to “Europay, Mastercard, and Visa” or “Chip and PIN” technology.) Why so important? This one statistic should answer that question: Almost half of the world’s credit card fraud now happens in the United States —even though only a quarter of all credit card transactions happen here.
As a consumer, you should be glad of the change because you will be much better protected than with traditional magnetic stripe technology we’ve clung to for so long. EMV authentication includes a cryptographic message that makes each transaction unique. Having a card that is difficult to hack or duplicate and requires something YOU know (a PIN) will provide extra layers of protection.