What is Social Spam?

Nothing more than junk posts on your social media sites luring you to click on links that download malicious software onto your computer or mobile device.

Social media (especially Facebook and Twitter) are under assault by social spam. Even Facebook cautions that the social spam volume is growing more rapidly than their user base. The spam-fighting teams at both Facebook and Twitter are growing rapidly. The previous handful of special engineers has seen the inclusion of lawyers, user-operations managers, risk analysts, spam-science programmers and account-abuse specialists. Spammers are following the growing market share, exploiting our web of social relationships. Most of us are ill-prepared to defend against such spam attacks. Here’s how social spam tends to work:

1. Malware infects your friend’s computer, smartphone or tablet, allowing the spammer to access their Facebook or Twitter account exactly as if the spammer were your friend.
2. The spammer posts a message on your friend’s Facebook or Twitter page offering a free iPad, amazing coupons or a video you can’t ignore.
3. You click on the link, photo, Like button (see Like-jacking below) or video and are taken to a website that requires you to click a second time to receive the coupon, video, etc. It’s this second click that kills you, as this is when you authorize the rogue site to download malware onto your computer (not a coupon or video).
4. The malware infects your computer just like it has your friend’s and starts the process all over again using your contacts, your wall and your profile to continue the fraud.
5. Eventually, the spammer has collected a massive database of information including email addresses, login information and valuable social relationship data that they can exploit in many ways. In the process, the malware may have given them access to other data on your computer like bank logins, personal information or sensitive files. In a highly disturbing growth of criminal activity, social malware can actually impersonate users, initiating one-on-one Facebook chat sessions without your consent.

“Like-jacking” involves convincing Facebook users to click on an image or a link that looks as if a friend has clicked the “Like” button, thereby recommending that you follow suit. If our friends Like it, why shouldn’t we. So we click and download in an almost automated response. The key is to interrupt this automatic reflex before we get stung.

Fighting social spam requires immense investments of time, which can mean lost productivity (and money). Gratefully, various company site-integrity teams watch trends in user activity to spot spam. Every day, Facebook says it blocks 200 million malicious actions, such as messages linking to malware. The company can’t prevent spam, but it’s diligently working to make it harder to create and use fake profiles.

But never count on someone else to protect what is yours. You must Own Up to your responsibility. Follow these 5 Steps to Minimize the Risks of Social Spam:

1. If the offer in the post is too enticing, too good to be true or too bad to be real, Don’t Click.
2. If you do click and aren’t taken directly to what you expected, make sure you Don’t Click a 2nd Time. This gives the spammer the ability to download malware to your system.
3. Don’t let hackers gain access to your account in the first place – use strong alpha-numberic-upper-lower case passwords that are different for every site and that you change frequently.
4. Remember, in a world where your friend’s accounts are pretty easily taken over, not all friends are who they say they are. Be judicious. If something they post is out of character, it might not be them writing the post. Call them and verify.
5. Don’t befriend strangers. Your ego wins, but you loose.
6. Make sure you have updated computer security: operating system patches, robust passwords, file encryption, security software, firewall and protected Wi-Fi connection.

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and it’s polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation (he shares how he lost $300,000, 2 years and his business to data breach) or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

Related posts:

1. Twitter Security Loophole Exposes Your Direct Messages
2. Has Twitter Peaked? Is Privacy Back?
3. Facebook Safety: New HTTPS Facebook Settings

And then hackers break in to a server in Kentucky this past weekend and steal private information on 24 million Zappos customers, including (if you are a customer) your name, email address, physical address, phone number, the last four digits of your credit card number and an encrypted version (thank goodness) of your password. Consequently, your junk email folder is overflowing (your email has been illicitly sold to marketing companies), you receive the doom-and-gloom breach notification from Zappos (just like I did), and suddenly, you don’t have quite the same confidence in this best-in-practice business any more. Your shaken confidence in Zappos costs them a fortune. For the foreseeable future, you will pause before using their website again.

“We’ve spent over 12 years building our reputation, brand, and trust with our customers,” Zappos CEO Tony Hsieh said in a note to employees Sunday. “It’s painful to see us take so many steps back due to a single incident.”

In a smart move, Zappos reset the passwords for all affected accounts and notified victims on how to create a new one. But their efforts to recover customer trust are just beginning. Here are 5 Core Concepts of Trust that Zappos leadership should weave into their breach recovery process:

1. Ownership. Leadership at the company should take complete responsibility for the loss of data and not make excuses as to how it was someone else’s fault (remember the BP oil spill finger pointing?). The last thing victims need is to become more victimized by a corporate spin cycle that further erodes trust. Authentically respecting their customer base (which they do), even when it costs a few extra dollars to maintain, is a sound investment strategy.
2. Transparency.  Zappos customers have the right to know exactly what was stolen and how it might be used. They deserve to know what the company knows and what law enforcement knows. Sharing their failure (as opposed to covering it up in any way, which they don’t seem to be doing) is a painful process with high short-term costs, but it is the first step in taking responsibility.
3. Expectation.  Zappos needs to set customer and marketplace expectations early and often about how they will make it better. Forcing users to change passwords does little to ease fears that it will happen again. What tangible steps will they take to repay customers for the trouble they have caused and what measures will they implement to better protect users in the future?
4. Delivery. Zappos must deliver on the expectations they set with the victims, with the media and with the marketplace. False promises (pretending to implement better security but underfunding the budget) are cheap Band-Aids but only further infect the inflicted wounds when nothing actually changes. To regain trust, Zappos must set impressive expectations and deliver on them flawlessly
5. Competence. Zappos is not in the business of recovering from identity theft or data breach. They need to aid their legal department by bringing in breach mitigation and recovery experts. Saving a few dollars up front keeping the efforts in house will raise downstream recovery by multiples.

In the meantime, if you are a victim of the Zappos’ breach, begin with these steps:

• Immediately change your password according to Zappos emailed instructions.
• Use an alpha-numeric-upper-lower-case password that has nothing to do with your personal life and can’t be found in a social networking profile or dictionary
• If you use the same password on other sites (webmail, financial), change those as well
• Implement identity theft monitoring services like those provided by CSID.com.
• Monitor your credit profile for suspicious activity at AnnualCreditReport.com
• Don’t click the links in that email. Zappos is sending every one of its affected customers a warning e-mail. However, more often than not such “official” e-mails are from hackers (for example, “We’ve had a security problem. Please change your password.”). These fraudulent e-mails can be virtually indistinguishable from legitimate communications, including identical graphics, logos, and authentic looking return e-mail addresses. Instead of clicking, type the URL (in this case Zappos.com) directly into your address bar. If there’s an important notice on your account, you’ll find it there.

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and it’s polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation (he shares how he lost $300,000, 2 years and his business to data breach) or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

Related posts:

1. 7 Steps to Secure Profitable Business Data (Part I)
2. 5 Steps to Avoid Facebook Destruction in Business
3. 7 Steps to Secure Profitable Business Data (Part II)

Anderson Cooper’s 1st show of the year brought a panel of experts to discuss New Year’s resolutions, why we make them and how we can better keep them. Identity theft expert John Sileo closed out the show with 3 Tips for Avoiding Scams in the new year. Click on the video to the left to view the segment. Anderson and John discuss smartphone stupidity, passwords and social networking privacy.

Identity Theft Expert John Sileo Appears on the Anderson Cooper New Year’s Resolution Special.

John Sileo is an award-winning author and speaks internationally on the dark art of deception (identity theft, data privacy, social media manipulation) and it’s polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply results and increase performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his keynote or media appearances on Anderson Cooper, 60 Minutes or Fox Business. Contact him on 800.258.8076.

Related posts:

1. Business Killers: Identity Theft and Data Breach Protection FREE WEBINAR
2. IRS Overwhelmed by Tax Related Identity Theft
3. Britain, America Unite Against Identity Theft Trends

If you received an iPad for the holidays (or already have one), you own the most powerful productivity tool invented in the last 20 years – it’s like command central for your life and work. I use the iPad as a step-by-step, centralized way to keep tabs on everything related to my business. Over a cup of coffee, I consume highly-relevant information (no Angry Birds at this point in the day) in a low-stress way simply by clicking through my iPad apps in a consciously prioritized order. I’m not actually taking action on anything at this point, just getting an overview of the appointments, current events, and communications that will make me more effective. That way, when I get down to work,  I know exactly what should get my attention. The routine is always the same, so I never have to remember what I need to do except to open my iPad before I officially start the day. The process takes me about 20 minutes, and by the time I get to work, my brain has sorted most of the information and knows where to start. Here’s how I consciously prioritize my apps (see screen shot):

1. Calendar (iCal). I look at my calendar first to remind myself of appointments taking place that day.
2. Project Planner (OmniFocus). I use OmniFocus to organize larger projects. It is a great way to do a brain dump of all of the little tasks that clutter my creative thinking. These project lists are shared with my team and give us a centralized way to track and prioritize our business.
3. Event Management (eSpeakers and SalesForce). Because I speak professionally as my main source of revenue, I utilize an industry specific app called eSpeakers that tracks every aspect of my speaking engagements. In 30 seconds, I have a quick view of what speeches are on the horizon and what tasks need to be completed. Since this is a revenue center of my business, I want to keep very close tabs on what is taking place. SalesForce is for leads, accounts and contact management.
4.  News (local paper, USA Today, Zite, Instapaper, NPR). Once I have a view of the day ahead, I skim the news (general and industry specific) to determine if there are any stories I need to pay closer attention to. This isn’t a complete reading, just to put it on my radar.
5. Note Taking (Evernote). I use Evernote as a clearing house for all of the notes I take, whether it’s an article, random thoughts, etc. By keeping my note taking app close to the news apps, I record anything highly relevant.
6. Social Networking (HootSuite). I use HootSuite to monitor my Facebook Fan Page, Twitter Feed and LinkedIn Profile. I might quickly post an interesting piece of current news in my field or an upcoming event or media appearance. I do NO personal updates at this point in the day. Business only.
7. Email. Email always seems like the most important task, but I find it to be distracting. I leave it until last and simply read through all emails and flag them for later work. If they require more than a three word answer, I don’t use my iPad to communicate. I do this once I am sitting at my computer; in the meantime, my subconscious has generally come up with the necessary responses.

7 Simple Security Settings for Your iPad

1. Turn On Passcode Lock. Your iPad is just as powerful as your laptop or desktop, protect it like one. Your iPad is only encrypted when you enable the passcode feature. (Settings/General)
2. Turn Simple Passcode to Off. Why use only an easy to crack 4-digit passcode when you can implement a full-fledged alphanumeric password? If you can tap out short emails, why not spend 5 seconds on a proper password.
3. Require Passcode Immediately. It is slightly inconvenient and considerably more secure to have your iPad automatically lock up into passcode mode anytime you leave it alone for a few minutes.
4. Set Auto Lock to 2 Minutes. Why give the table thief at your favorite café more time to modify your settings to his advantage (to keep it from locking) as he walks out the door with your bank logins, emails and kid pictures.
5. Turn Erase Data after 10 Tries to On. Even the most sophisticated passcode-cracking software can’t get it done in 10 tries or less. This setting wipes out your data after too many failed attempts. Just make sure your kids don’t accidentally wipe out your iPad (forcing you to restore from your latest iTunes backup).
6. Use a Password Manager. Your passwords are only as affective as your ability to use them wisely (they need to be long and different for every site). Keeping your passwords in an unencrypted keychain or document is a recipe for complete financial disaster. Download a reputable password-protection app to manage and protect any sensitive passwords, credit card numbers, software licenses, etc. Not only is it safe, it’s incredibly convenient and efficient.
7. Avoid Untrustworthy Apps. Not all applications are friendly. Despite Apple’s well-designed vetting process, there are still malicious apps that slip through the cracks to siphon data out of your device. If the app hasn’t been around for a while and if you haven’t read about it in a reputable journal (Macworld, Wall Street Journal, New York Times, etc.), don’t load it onto your system. 

It will only take a minute to implement these steps and will encourage thieves to move on to the next victim.

John Sileo is an award-winning author and speaks worldwide on the dark art of deception (identity theft, data privacy, social media manipulation) and it’s polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply results and increase performance. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Contact him on 800.258.8076 or learn more at ThinkLikeASpy.com.

Related posts:

1. iPad Vampires: 7 Simple Security Settings to Stop Data Suckers
2. iPad & Tablet Users Asking for Identity Theft
3. 7 Steps to Secure Profitable Business Data (Part I)

Identity theft increases a great deal when you are on the road. Start protecting yourself with these Top 5 Identity Theft Tips while traveling:

1. Travel Data Light. If you don’t have to take it with you, increase your safety and leave it at home. This includes checkbooks, debit cards, excess credit cards, Social Security cards and any excess digital gadgets. Simplicity is Security!
2. Guard Your Devices. Smartphones and tablets are as powerful as laptops. Turn on the auto-lock passcode to keep others out of your information.
3. Surf Protected. Stop using the free WiFi hotspots in cafes, airports and hotels, as they are constantly sniffed by cyber criminals. Instead, setup tethering between your mobile phone and tablet or laptop so that you are surfing safely.
4. Privacy Please! Instead of leaving loads of data unprotected in your hotel room (a major source of theft), hang your privacy sign on the door and let house cleaning know that you do not want to be disturbed. Lowering traffic lowers risk.
5. Mind the Lions at the Watering Hole. Take a minute to watch the video to the left to understand how increasing your awareness in airports, hotels, conferences and restaurants can save you tons of time and money.

Related posts:

1. Data Breach Expert Sileo Talks to Fox Business
2. iPad Vampires: 7 Simple Security Settings to Stop Data Suckers
3. Business Killers: Identity Theft and Data Breach Protection FREE WEBINAR

Cyber security expert John Sileo made the front page of the USA Today digital version, and the Money section of the print edition.

Excerpts from the full USA Today Article, Travelers at High Risk of Identity Theft, Experts Say:

“Data theft goes through the roof on the road,” says Sileo, a spokesman for CSID, an identity-protection provider . . .  Two key challenges for travelers involve the use of unsecured wireless networks at hotels, airports and other public venues and the infiltration of smartphones through Bluetooth technology . . .

When booking airline tickets, hotels or other arrangements, use a credit card rather than a debit card, because it decreases your liability. And never announce on social networks that you’re leaving town, if only to keep someone from breaking into your home . . .

Hackers also can easily get into computers. One method is a man-in-the-middle attack in which special software inserts a rogue user between the legitimate one and the unsecured wireless network. Experts recommend having updated anti-virus software, encrypting sensitive data and never typing in passwords or credit card numbers over an unsecured wireless network. Even fax and copier machines should be used judiciously, because they can store information, experts say.

John Sileo speaks and writes on defending against the dark art of deception (identity theft, social engineering, fraud) and leveraging the powerful use of trust (influence and power). His clients include the Department of Defense, Pfizer, FDIC, Homeland Security, Experian UK and Blue Cross, as well as individual leaders committed to building power and influence in a foundation of trust. Learn more about his keynote speeches or contact him directly on 800.258.8076.

Related posts:

1. Mobile Security Webinar: Defending SmartPhones, iPads, Laptops Against Cyber Attacks
2. Don’t Get Cyber-Scrooged on Cyber Monday!
3. Data Breach Expert Sileo Talks to Fox Business

Your instincts are dead on. Facebook has been saying one thing to our faces and doing another behind our backs. Facebook is in pre-IPO mode and has the propaganda machine running overtime like Big Brother at an Animal Farm.

Enter the Federal Trade Commission (FTC). The FTC just released a formal complaint identifying eight counts against Facebook for violating the Federal Trade Commission Act. The FTC confirmed what we’ve always known: Facebook tells us what they think we want to hear, not necessarily the truth. Here are the details of Facebook’s dishonesty:

• Under the guise of increasing user privacy, Facebook has consistently provided their advertisers with ever-expanding access to sensitive user information, not less.
• Contrary to Facebook’s marketing machine, user profiles are assigned a unique User ID that allows applications (e.g. Farmville) to track us as individuals, not as anonymous, aggregated members of a group.
• Even if you restrict all applications’ access to your data, your friends can install applications that allow Facebook to expose your personal information without your consent or knowledge.
• When a user deletes their account, Facebook will remove the user’s profile, but they do not remove the private data associated with the profile upon deletion. It remains stored on Facebook-managed servers, forever available to vendors, advertisers and applications.
• Worst of all, the FTC confirms that anytime Facebook makes updates to the website, a user’s personal security settings are lost and must be re-set because prior settings have been “overridden” by the updates. In other words, all of the time and work you put into customizing your privacy and security settings are lost anytime Facebook adds or tweaks a feature.
• Within every count in the complaint about Facebook’s business practices, the FTC used one or more of the following “qualifiers”: False or misleading representation, Deceptive act or practice, Unfair act or practice, Contrary to the statements made…

But Facebook hasn’t just violated a law imposed by the FTC, they have violated the trust of their profit-makers, all of us, the users. At the most basic level, Facebook has failed 6-7 clear litmus tests of trust leadership. Here are three of their biggest violations:

1. Transparency – the right of those on the outside (users) to know what those on the inside (Facebook, application developers, law enforcement) know about us. Users know nothing, and in fact, it often seems that Facebook employees don’t know how the ‘engine on the inside’ works.
2. Expectation – the reasonable assumption that Facebook honestly tells us how our data is being collected, aggregated, used and sold. As shown by the FTC complaint, they are doing no such thing.
3. Respect – the most basic component of customer service, which says that users should be treated as stakeholders in the company, not as naive profit-centers who donate their data, for free, as endless inventory to be packaged and sold to multiple bidders.

The FTC reveals an arrogant Facebook, an organization that has systematically exempted itself from the rules, because of it’s size, it’s wunderkind story and our obsession with comparing our lives to others’. With an IPO expected early next year, it’s feared Facebook will tell the FTC what they think it wants to hear, once again, protecting their bottom-line at any cost.

Ultimately, if Facebook continues to ignore the elephant in the room, all stakeholders (including stock holders) will divest their investment and delete their profiles and we will start to speak of Facebook like we do MySpace. Of course, Facebook is too successful right now to fathom that outcome.

John Sileo is a leadership speaker on deception and trust, including: social media privacy, trust leadership and identity theft. His clients include the Department of Defense, Experian, Homeland Security Pfizer and the FDIC. Contact him on 800.258.8076. 

Related posts:

1. Facebook Privacy Breach – Eventually, We’ll Lose our Trust
2. What Larussa’s Botched Bullpen Call Teaches About Trust
3. Trust and Betrayal Online and Offline

Why fight parking-lot-road-rage, UFC-sanctioned-psycho-shoppers and 12 a.m.-midnight-start-times on Black Friday

Online shopping during the holidays is a convenient, green, inexpensive way to celebrate the season with less stress. In fact, it’s such an efficient way to buy gifts that cyber shoppers will spend close to $2 Billion this coming Monday. If you are one of them, take a few steps to add peace-of-mind to your peaceful holidays.

How to Protect Your Private Data Online on Cyber Monday

• Never Shop on a Public Wi-Fi Connection - Although you may trust the baristas at your local coffee shop, you can’t always trust the person sitting next to you. Hackers can easily tap into Wi-Fi connections at public hot spots to steal your identity information. This can be especially dangerous when you are making purchases with your credit card on unsecured connections. Options: surf at home or set up Internet Tethering between your smartphone and laptop or tablet so that you are always surfing on an encrypted connection. Unlike most hot-spot transmissions, your mobile phone communications are encrypted and will give you Internet access from anywhere you can make a call.
• Never use a debit card online - If your card information is compromised, funds can be withdrawn from your bank account without your knowledge. Federal law states that your bank can take up to 2 weeks to investigate fraudulent activity before returning the funds to your account, which means you have nothing to spend in the meantime.  In fact, if you don’t report the missing funds quickly, you could potentially lose all the money on deposit with your bank.
• Monitor Your Accounts - While you are doing a lot of shopping – online and in the store – it is good to keep an eye on your bank and credit card accounts. Match your receipts up to your statement to make sure that they are correct and there are no fraudulent charges. Keep an eye out for small charges, sometimes that is how crooks test to make sure they have a good card. For convenience, set up credit card account alerts that automatically email or text you every time you make a purchase. It makes detecting fraud a snap.
• Consider using a virtual or single-use credit card - Some card issuers offer virtual credit cards or single-use card numbers that can be used online. Virtual credit cards use a randomly generated substitute account number in place of your actual credit card number.
• Never “recycle” a password - Most online shopping sites encourage you to establish a user name and password. Password-protected sites are becoming more vulnerable because people regularly use the same user names and passwords on multiple websites. But do you really want an online retailer to know the password to your online bank account?  If you are using the same password across many sites and your password for one site is breached, everything else is at risk. If you do decide to create a user name and password, make sure it is adequately strong. To assist the creation and safe storage of different passwords, use a password protection software like 1Password.
• Protect your passwords and personal data – Do not share your passwords with anyone and never provide your social security number, birth date or mother’s maiden name in an email.
• Only Shop on Trusted Websites - Don’t just let the search engine pick the site for you, make sure you are using a trusted and well-known website. Type in the direct web address for the stores you are familiar with, and don’t shop on price alone.
• Look for Signs They are Protecting Your Data - On the Web page where you enter your credit card or other personal information, look for an “s” after http in the Web address of that page and a secured padlock (as shown below). Encryption is a security measure that scrambles data as it travels through the Internet. 
• Make sure all of your security software is up-to-date before you shop online - That includes anti-virus software, anti-spyware and firewalls.

Take a break on Black Friday. Who knows, maybe you’ll start to think of it as White Friday.

Related posts:

1. Cyber Theft on Cyber Monday
2. Identity Theft Statistics: Online Shopping & Cyber-Intrusion
3. Cyber Security Expert Sileo in USA Today

1. Car Loans. According to the Financial Crimes Enforcement Network, auto loan identity theft is twice as high as any other form. Most dealerships have you complete paperwork with identifying personal data (name, address, date of birth, phone number) up to and including a loan application, which likely includes your Social Security Number. How is this data handled? Unless you actually purchase the vehicle, and your paperwork becomes part of a permanent file, refuse to complete it. Most dealerships simply toss your paperwork after 30 days if you don’t make a purchase. Their trash receptacle then becomes a pre-qualified source for identity thieves.
2. The Pharmacy. Pharmacy records contain your personal identifying information (name, address, date of birth, phone number, insurance plan information, employer and often, your Social Security number). Thieves look anywhere for taking basic information to build a new identity, or to re-fill prescriptions that they can then sell. Make sure your pharmacy asks for your ID, and request confirmation that they shred personal data.
3. Doctor’s Office. This can be very serious, especially if a thief has manipulated your medical history through stealing your identity. When you fill out the requested forms at a physician’s office, do not put your Social Security number on the form. There is no reason the office needs this unless you are requesting some type of “loan” from them. Much of today’s information is sent via the Internet. Ask them what protections they have in place to safeguard your information. Many have installed firewalls, and other software, to help insure patient information safety, but many have not. If any medical facility or physician that you don’t recognize calls you asking for personal or medical information, question them. Ask who they are, why they need the information, what doctor referred them and if they have a number where you can call them back with this information. Verify their credentials. If you access your medical information online, read the facility’s privacy policy, as they are all required to have one posted. Read what information they collect, who they share their files with, ensure they have an encrypted site, and be very careful if you are accessing those files from a Wi-Fi location where your computer may be vulnerable to hacking.
4. Mortgage ID Theft. The house you’re living in may not be yours. An identity thief will obtain your personal information and use it to obtain a home loan, or an equity loan, without your knowledge. An equity loan gives the criminal quick cash. Using the value of a home is one of the easiest ways to secure cash. There have been cases where the thieves have actually sold the victim’s home while they were still living in it, and were unaware they’d been victimized. Second homes and vacation homes are especially vulnerable to this type of identity theft, as it allows the thieves a longer period of time to get cash out of the property, or sell it before the real owner is aware there is a problem. All homeowners should routinely check with their county record’s office to ensure that their information is correct. If you receive any paperwork regarding your mortgage, a transfer of your mortgage or lender, don’t toss it out, pay attention because it may be the only warning you get until a new owner is knocking at your door.
5. Cyber Greeting Cards. As we head into the holiday season, a new method of hacking into your computer is lurking in those adorable greeting cards sitting in your e-mail. It blinks at you saying you’ve been sent a greeting from a “friend.”

You open it and are directed to a site where malware will invade your computer, or you will be asked to “install” software to “play” the card. When this happens, malware, that could potentially destroy your computer or allow an identity thief access to your personal data, is unleashed. Unless the name of a real person that you know is attached to the greeting card, do not open it.

The Bottom Line

There is no way to protect your identity 100% of the time. Often, what happens to your personal information is completely out of your control. The only option you have is to be constantly diligent in tracking your information, protecting your information and asking where that information is going. You have the right to ask, you have the right to know and you have the right to withdraw that information if you feel uncomfortable.

Original story – 5 Overlooked Places Where Your Identity Can Be Stolen

Related posts:

1. Britain, America Unite Against Identity Theft Trends
2. IRS Overwhelmed by Tax Related Identity Theft
3. Top Tips to Stop Travel Identity Theft – Sileo on Fox Business

The FTC (Federal Trade Commission) is about to hold Facebook to stronger safeguards regarding user privacy, but in the end, it won’t matter very much because they are leaving Facebook with lots of wiggle room.

Rumor has it that Facebook will soon have to acquire users’ consent before making changes to privacy policies that affect current user data. That is a total contrast to what they’ve done in the past, which is to rewrite their privacy policies to be less protective without so much as giving users a whiff of the changes to their privacy.

It looks like Facebook, much like happened recently with Google, may have to submit to independent privacy audits annually over the next 20 years. At issue is the fact that the settlement will prohibit Facebook from making information that’s already on the site available to  a wider audience without user consent.

Here’s the rub: the ruling doesn’t affect any new features that Facebook adds to their service in the future. It’s likely going to be a retroactive slap on the wrist for rolling back user privacy in 2009.

Privacy is paramount. Dozens of privacy bills have been submitted to Congress this year alone. The Obama administration has called for a “privacy bill of rights” and the FTC last year called for the development of a “do not track” system that would make it easier for Internet users to protect their browsing habits.

Privacy settings and unannounced changes have challenged the reputation of Facebook. It’s not entirely clear if these privacy-settings guidelines are being implemented in the best interest of the end-user, or if Facebook is trying to bolster their privacy concerns, and user reception, in preparation for a pending IPO in April 2012.

John Sileo speaks on social media exposure and corporate risk. Learn more at www.ThinkLikeASpy.com.

Related posts:

1. Facebook Reveals the End of Privacy
2. Facebook Privacy: Hide from Google
3. Will Facebook Make Privacy Policy Understandable?