Posts

Mobile Security Webinar: Defending Your Digital Devices (8/15/13)

,

Screen Shot 2013-08-14 at 11.07.21 AM

Mobile Security Webinar: Defending the Devices that Power Your Productivity

Admit it. You compute almost as much on mobile devices as you do on your main computer. You are hyper efficient because you are always connected. You read work emails on your iPhone or Droid, log in to sensitive Internet accounts via iPad and store mission critical files on your laptop. Thanks to the independence, flexibility and efficiency afforded by mobile gadgets, desktop computing is quickly becoming an outdated notion. To remain nimble and relevant, you must be able to connect, communicate and compute from anywhere.

Register Now

But along with the rewards of freedom, mobile computing also comes with risk. Small devices are easier to lose, simple to steal and targets for data theft. Here’s the good news: Deluxe can help you stay one step ahead of the hackers, competitors and criminals looking to use your data to drive their profits.

In this FREE Webinar, Mobile Security: Defending the Devices that Power Your Productivity, you will learn how to:This course, presented by John Sileo and sponsored by Deluxe, is a multipart, interactive Webinar series designed to provide simple, actionable tools to protect and enhance the efficiency with which you run your business.

  • Lock down your smartphone and tablet from thieves
  • Track your mobile device if it is stolen
  • Safely use free Wi-Fi hotspots in cafés, airports and hotels
  • Determine which Apps are safe and which aren’t
  • Evaluate cloud computing services that extend your computing power
  • Protect the Wi-Fi in your home or office from sniffing programs

John Sileo is a keynote speaker and the CEO of The Sileo Group, a boutique think tank that trains organizations to defend the data that powers their profits. Sileo’s clients include the Pentagon, Pfizer and Homeland Security as well as engagements with 60 Minutes, Fox Business and Andersen Cooper.

Mobile Apps Turn Smartphone Into Weapon

, ,

You and I have come to think of our Smartphones as indispensable tools. Flaws recently discovered in mobile apps for Facebook, Linkedin and Dropbox could turn our tools into weapons by exposing us to data theft at many levels, including personal identity theft and corporate data loss.

Taking  extra precautions now will protect not only your Smartphone but other devices, too, as the flaw may well be present in other mobile applications including many iOS games.

Apparently, Facebook’s iOS and Android apps don’t encrypt their users’ login credentials. These flaws expose users to identity theft by saving user authentication keys (usernames and passwords) in easily accessible, plain text files. These unencrypted files may be stolen, transferred to another device in a matter of minutes, and used to access the victim’s accounts without ever having to enter any user login credentials.

Security researcher Gareth Wright reported discovering the flaw in the mobile Facebook application for iOS late last week. Wright sent his Facebook .plist to an associate — Scoopz blogger Neil Cooper — who copied the file onto his own device, opened up the Facebook app, and had immediate, full access to Wright’s Facebook account.”

Facebook is working on closing the gap in security according to Wright  but the app developers must start encrypting the 60-day access token that Facebook supplies. Otherwise, there’s a world of private information just waiting to be tapped. Think of the chaos in trying to recover from identity theft of that magnitude.

In the meantime, here are some actions you can take to protect yourself:

  1. Don’t plug your Smartphone into a shared PC, public dock or charging station.
  2. If you do use a PC for charging, lock your device for the charge, and don’t unlock it until you remove it from the PC.
  3. Use strong passwords including letters, numbers, symbols, upper and lower case. Don’t rely on a four-digit password.
  4. Turn on the ‘Find My iPhone’ function.

The potential for criminals to exploit this flaw is enormous. You’ll be well served to take every precaution before you feel the nauseating pit of your stomach once you’ve been hacked. Further Resources on Mobile App Hacking.

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

ID Theft – Five Tips for Vacation Protection

, ,

Holiday travel brings various levels of challenge and stress. Don’t let identity theft risk add to your anxiety.

Here are five tips to help you to avoid becoming a victim while on vacation:

1. Stop your mail and newspaper. Avoid letting un-invited credit invitations sit in your mail box. You can stop your mail by phone or online at usps.com. Also, ask a trusted neighbor to watch for package & parcel deliveries and to hang on to them until you return. If you receive a daily newspaper, put your subscription on hold. A pile of un-retrieved newspapers in your driveway is a “Welcome” sign to thieves.

2. Don’t advertise that you’re on vacation. Make sure if you are going to post vacation updates on your e-mail, on social networking websites, or on your voice mail greeting, that you post generically, no specifics. Put a few lights on timers so that your home doesn’t look unoccupied for the entire time you’re gone. Replace the front porch light bulb.

3. Enroll in a protection product that safeguards your most valuable asset, your identity. You may think you have all your bases covered, but it can be harder than you think, especially once you need to recover from a theft. One way to make sure you’re protected is by using a product that monitors if you are vulnerable to having your identity stolen. A number of quality service providers offer alerts via text or email of potentially suspicious activity as well as resolution assistance to help you cut through the red tape should you need it.

4. Leave your checkbook & debit card at home. If you don’t want to use cash or credit cards, purchase traveler’s checks instead of bringing your checkbook or debit card. A stolen checkbook has your bank account number and routing number on the checks – valuable tools a thief can use to steal your identity or clean out your bank account. Traveler’s checks require a signature when you purchase them, and then another when you use them at a store or restaurant on your travels. And, usually a photo ID is required when you use them. A thief that steals them will find them much harder to use. A debit card is essentially an immediate cash transaction.

5. Give your credit card company a heads up. This is especially important if you are traveling internationally, because any activity that happens domestically will raise a red flag. If you don’t let them know, they may become concerned when they see overseas transactions and freeze your card, potentially ruining your holiday.

A good measure of common sense and basic precaution can go a long way to protect you and your family.  Taking some of these simple steps can give you the peace of mind you deserve during your hard-earned vacation. Travel safely (and securely)!

John Sileo is an award-winning author and speaks worldwide on the dark art of deception (identity theft, social media privacy, data breach) and it’s polar opposite, the powerful use of trust to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply results and increase positive impact by building a culture of deep trust. His satisfied clients include the Department of Defense, Pfizer, the FDIC, Homeland Security, Experian UK and Blue Cross. Contact him on 800.258.8076, follow him on Facebook and Twitter, or view his work on YouTube.

Are Mobile Banking Apps Safe and Secure? Not Yet | Sileo Group

A study produced by The Ponemon Institute and ThreatMetrix (Mobile Payments & Online Shopping – October 2011) states that only 29% of consumers use mobile banking apps on their smart phones and tablets. Of those that don’t participate, 51% cite security reasons for their lack of participation. In other words, consumers like you and I are not yet comfortable with mobile banking apps safety. And our instincts are correct! Why shouldn’t you be comfortable with mobile banking apps quite yet?

Top 7 Reasons Why Mobile Banking Apps Aren’t Safe (Yet)

  1. Because most app stores (e.g., Android Marketplace) don’t review apps for security, it is very easy for criminals to post malicious apps that steal information from your mobile device (like your bank account numbers).
  2. The average smartphone or tablet user has installed no security software on their mini-computer (that’s what smartphones and tablets are), meaning that they have only a fraction of the security of a laptop or desktop.
  3. Detected malware developed for the Android platform alone has increased by 400% in the past year.
  4. The technology that keeps apps separate on your smartphone or tablet doesn’t separate them out into private sandboxes, meaning that one app can read the juicy details stored in the other without much difficulty.
  5. Most smartphone and tablet users don’t even have a basic passcode set up on their device, giving anyone with access to it potential access to your bank account.
  6. The temptation to use free WiFi hotspots at cafes, airports and hotels lures people into banking over insecure networks (it’s easy to sniff (spy on) what you send over these free, unprotected networks.
  7. There is no clear legislation (that I have seen) governing your rights to receive a refund if your bank account is fraudulently emptied due to mobile bank app insecurity. Is the burden of proof on the user to protect their handset and software, or on the bank. Only precedent and real live court cases will answer this question over time.

Will mobile banking apps one day provide a secure, viable form of online banking? Absolutely. Are banking apps secure today? No way. Find out more about cyber data security from The Sileo Group.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Is Your Wireless Carrier Tracking Your Surfing Habits (Maybe)

,

Oh what your mobile phone carrier knows and tracks about you! A one-page document from the Justice Department‘s cybercrime division shows how cell phone companies record and retain your call and surfing activity (calls, text messages, web surfing and approximate location). Here’s a summary of how each company retains your information (full details in the image below):

  • Verizon Wireless – rolling one-year records of cell tower usage & what phone accessed what web site
  • AT&T / Cingular – ongoing records of cell tower usage since July of 2008
  • T-Mobile USA – doesn’t keep any data on Web browsing activity
  • Sprint Nextel’s Virgin Mobile – 3 month record of text content
  • Other than Virgin Mobile and Verizon, none of the carriers keep texts but they keep records of who visited a particular web site.
  • Verizon keeps some information for up to a year that can be used to ascertain if a particular phone visited a particular Web site
  • Sprint Nextel’s Virgin Mobile keeps the text content of text messages for three months. Verizon keeps it for three to five days. None of the other carriers keep texts at all, but they keep records of who texted who for more than a year.
  • AT&T keeps up to seven years of records of who texts who — and when, but not the message content. Virgin Mobile keeps that data for two to three months.

Readily available via a simple Internet search, this document shows how cellphone companies in the U.S. treat data about their subscribers’ cell phone use.

Bring privacy and security expert John Sileo in to scare the care into your next audience. Identity theft, data breach, social media exposure and human manipulation keynote training.