Why LifeLock might not be the identity theft monitoring service for you

Do you trust LifeLock to help protect your identity? The answer to that question can be just as crucial as the measures you take to monitor your identity on your own. 

With online theft as active as it is, many are trying to cash in by offering protection against hackers. But you’ve got to have a keen eye to pick the ones that are actually going to help you out. LifeLock is one of the most widely-seen internet security companies in the country – but then again, LifeLock has a record that makes its viability somewhat questionable.

Oakland news station KTVU recently reported the local story of a woman whose identity was stolen after signing up with LifeLock. An outside source managed to apply for a loan in her name without so much as an alert going to the woman in question. I’m sure that person is going to be more cautious with the identity theft monitoring service they choose next time.

But it’s not that surprising this happened, given that the company has what you may call “a checkered past.” Several years ago, LifeLock’s CEO Todd Davis infamously began a shocking ad campaign that made his Social Security number public. The idea was that LifeLock’s system was so secure that there was nothing anyone would be able to do with it and the information would be “useless to a criminal.” There was also a $1 million dollar “guarantee” that clients would be safe.

Want to guess what happened?

Davis was jabbed a reported total of 13 times by thieves who had a field day, opening new accounts left and right. On top of that, the company was fined by the Federal Trade Commission for $12 million dollars in 2010 for false advertising.

The lesson is pretty clear. Don’t trust big promises: look for real know-how instead.  Visit my identity theft monitoring service review here.

John Sileo is an identity theft expert and keynote speaker on privacy, identity and reputation protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Spotlight: When will we wake up and recognize threats to online security?

Cyber attacks are a danger we face on a grand scale, not just as individuals, but as a country.

The past few years, America has been quietly (and not-so quietly) hit by one wave after another of devastating hacks. Last week, as this blog discussed, the government gave a long-overdue response to the matter of cyber-security. During his State of the Union address, President Obama announced that he had signed an executive order taking action against digital security breaches.  

The President went on to identify key areas of our infrastructure that might come under attack, saying, "our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems."

If it still sounds far-fetched, consider that just this past year has seen an astounding number of attacks on oil, natural gas and electricity structures in the U.S. Hackers raided these systems for information, and the number of strikes was up more than 50 percent higher than what it was in 2011, according to the Department of Homeland Security (DHS).  

Having spent the last eight years speaking around the world on how mission critical information is exposed through technology and human carelessness, I've learned one disturbing rule of thumb: In the world of prevention, change only happens in the wake of disaster. 

We are so desperately in love with the convenience of the internet and addictive connectivity that we don't even consider the risks until we have been struck across the face by them. We don't watch our cholesterol until after the first heart attack. We don't allow a substantive conversation on gun control until after Sandy Hook (and Columbine and Aurora and Virginia Tech and dozens of others). And we won't take the threat of cyber terrorism, extortion, warfare or even personal online privacy seriously until an equivalent disaster wakes us from our dreamy affair with our iPad. 

You may be wondering, "Why hasn't something been done about this already?" Well, ask Senator John McCain. There were efforts made last year to pass legislation that would allow the DHS to put security standards into effect, but in November, McCain and other Senate Republicans defeated the bill. This undoubtedly was part of the reason the President took it upon himself to spotlight this issue.

Again, businesses won't see that this type of protection is actually in their long-term interests until after they have lost billions of dollars due to a data security breach. I bet the Wall Street Journal and New York Times understand those costs now much better than they did a month ago. But are they acting on that change in cyber-view?

We are like teenagers who refuse to wear seat belts because "if we crash, we'll die anyway." We use the excuse that our best efforts won't be enough to justify doing nothing. To be realistic, here's how legislative change will have to happen:

1. The U.S. will experience the digital equivalent of a terrorist catastrophe (imagine hackers shutting down air traffic control over NYC for a day).

2. Powerful non-technical influencers (movie stars, billionaires, unsullied politicians, beloved media figures) will take up the cause and demand change (imagine Justin Bieber organizing a Cyber Awareness Concert after his Facebook Profile is taken over – I'm not really kidding here)

3. Technical cyber professionals and privacy experts will already have a 10-point implementation plan designed and ready to implement to take advantage of America's 140character attention span and 

4. Popular opinion will pressure Congress and the President to take concrete steps to begin protecting our vital infrastructure. 

 A devastating cyber attack will occur, but will the post-event campaign be ready on the day after? America is looking for a clear, resonant voice who can make that happen.

John Sileo is a data security expert and keynote speaker on social media privacy, identity theft and fraud. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent work on 60 Minutes, Anderson Cooper and Fox Business.