Business Killers: Identity Theft and Data Breach Protection FREE WEBINAR
Business Killers: Identity Theft and Data Breach Protection Webinar on November 10
On November 10, I will host an interactive webinar sponsored by Deluxe that will explore how small businesses can protect themselves from identity theft. As someone who lost more than $300,000 and my small business to identity theft, this is a topic I care about deeply. In addition to delivering keynote speeches at conferences, I also provide consulting and guidance to organizations like the Federal Trade Commission, Pfizer and the Department of Defense on how to best protect the sensitive data inside of their organizations.
Register now for tomorrow’s webinar.
During this multi-part webinar, I will provide simple, actionable tools and advice to help small businesses protect their data and retain information privacy. I’ll also explain how the information economy has shifted the competitive landscape and increased our data exposure. Attendees will learn the following:
- The new reality: information does not equal power
- How to think like a spy and apply critical thinking to the power equation
- Manipulation triggers thieves use against your employees and defense techniques
- Interrogation tools to uncover fraud before it erodes your profits and net worth
- Fraud hotspot best practices
- Trends in data theft
- Holiday identity theft prevention tips
Facebook Apps Leaking Your Information
A report was recently published claiming that nearly 100,000 Facebook apps have been leaking access codes belonging to millions of users’ profiles. Symantec released the report and said that an app security flaw may have given apps and other third parties access to users’ profiles. Facebook maintains that they have no evidence of this occurring.
In their report, Symantec wrote:
We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.
These “access tokens” help apps interact with your profile.They are most often used to post updates from the application to your wall. When you add the applications to your profile you, as the Facebook user, is giving the apps access to your information by accepting their conditions. According to the investigation, these tokens were included in URLs sent to the application host and were then sent to advertisers and analytics platforms. If the recipient recognized the codes (meaning they have to be qualified to read and write HTML code), they could gain access to the user’s wall’s and profile.
5 Steps to Avoid Facebook Destruction in Business
How should my business balance the risks of social media with the rewards of this increasingly dominant and highly profitable marketing medium? That’s the very insightful question that a CEO asked me during a presentation I gave on information leadership for a Vistage CEO conference.
Think of your move into social media (Facebook/Fan/Business Pages, LinkedIn, Twitter, YouTube, etc.) like you would approach the task of helping your fifteen-year-old daughter prepare to drive on her own. You love her more than anything on earth and would do anything for her (just like you will go to great lengths grow your business), but that doesn’t mean you just hand her the keys. Trying to forbid or ignore the movement into social marketing is like telling your teen that they can’t get their license. It isn’t going to happen, so you might consider putting down the denial and controlling those pieces of change that are within your power. The task is to maximize the positives of her newly bestowed freedom while minimizing any negatives; the same is true in social media.
Here’s a simple plan to follow that will help keep you safe and productive:
How to Change Your Facebook Password
A close friend of mine just had his Facebook account taken over and used for pretty nasty things, so… this is just a quick reminder to change your Facebook password frequently for added security. If you have been a member for years, like most people, and have not ever changed your password, I recommend you do so right now (don’t wait, you’ll never do it later).
On a site like Facebook that houses so much of your personal reputation and information, it is good to keep passwords new and difficult to hack. We see people’s Facebook profiles get hacked every day from clicking on malware and phishing schemes – and once they have your Facebook password, they probably have the same password you use on other accounts. Changing your password frequently, as simple as it sounds, is an easy way to avoid some of the privacy problems posed by Facebook. Once you are logged in, visit your Account Settings Page. On the first page next to Password click change.
Now that you are in your Account Settings, spend a minute clicking around to explore some of your other settings. While changing your password doesn’t solve all of your security issues, it will help you feel a bit safer on the social networking giant!
Facebook Safety: New HTTPS Facebook Settings
Facebook has announced that they will be rolling out a new security feature that will add full HTTPS support to the site. The new secure site uses the same underlying technology that banks use to keep your communications out of the reach of potential hackers. While many people don’t have this feature yet and mine just showed up today, eventually all users should have the capability.
To enable HTTPS, log into your Facebook account and at the top right go into Account -> Account Settings.
Once there, scroll all the way to the bottom and click “change” next to Account Security.
The following screen should pop up. Check the box under Secure Browsing. You can also check “send me an email” (or a text message to your cell phone, which I don’t advise giving to Facebook) so that if someone tries to log into your account from a new computer, Facebook will immediately alert you. This is a good way to find out fast if your account has been hacked.
Facebook rolled out these secure settings to make Facebook seem safer, but like many of their security changes, they are turned off by default. You must go in and manually change the feature to gain the added security.
Facebook Boiling the Privacy Frog (You)
Facebook is preparing to give away your phone number and address to app developers and advertisers.
The frog is officially beginning to boil. Just check out all of the articles swirling around on the internet about Facebook’s latest attempt to release more of your information without your consent. This time they want to give out your phone number and address. They were pretty clear that the reason they want this information is to pass it on to developers of apps such as Farmville and advertisers that want to bolster their profile on you. They released the post late Friday afternoon – so late in fact that many news outlets didn’t pick it up until Monday. Many are accusing Facebook of trying to bury the news.
Here is what was posted:
User Address and Mobile Phone Number
We are now making a user’s address and mobile phone number accessible as part of the User Graph object. Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions. These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.
Although users currently have to give applications permission to access their information, there is a slight addition above to the type of information being shared. Look for “Access my contact information”, with the subtitle “Current Address and Mobile Phone Number” (see image above). If Facebook were actually interested in making their data sharing strategy noticeable, at least they could have bolded the warning rather than the hey-don’t-pay-attention-to-me-faded-gray they used.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
