Protect Your Company with This Social Media Security Advice

/0 Comments/in , /by

Social media is an excellent tool for small businesses, yet, the use of social media by small business staff can definitely put the company in danger. Many small business owners and managers don’t realize this.

Recently, I was talking to employees of a credit union about what to do in a robbery. Before this presentation, police officers had staged a robbery in the same credit union. The fake robbery was so real, some of the tellers were brought to tears, thinking they were really getting robbed.

After they were filled in on what was happening, everyone on the team discussed it. One of the most telling moments is when one of the tellers shared her story. During the mock robbery, one of the “robbers” handed a teller a note. It said this: “Your husband works at Pine Street Motors. We kidnapped him this morning. He is being held at another location. If you hit the alarm and notify police, he’s going to be killed.”

How did the bad guys know that her husband worked at Pine Street Motors? They simply looked online. They found the name of the bank, and then found out that the teller was listed as working at the bank on social media. Her social media account was connected to her husband’s, and his account said that he worked at Pine Street Motors.

Yes, it was that easy.

Here are some tips for social media that you might want to share with your staff:

Don’t Tell the Internet Where You Work

Tell employees that it’s not a good idea to share too many details about their work on social media pages. Though you can’t stop them from adding their employer on Facebook, you can tell them how this information can be used against them and the company. Make sure that they understand that this information could backfire and harm everyone involved.

Teach Your Staff How to Use Privacy Settings

You should also teach staff how to manage their social media privacy settings. Ideally, they should have maximum protection on every account. The default settings are lacking, and those put them at risk for hacking. You should also tell them that even the highest settings that social media sites have won’t keep everyone out. However, this level of protection is better than nothing.

Create a Workplace Policy for Social Media Use

Set up a policy in your workplace for social media use. Make sure this policy covers what employees associated with your company can say and what is totally prohibited.

Stop Banning the Use of Social Media in the Office

The moment you ban the use of social media at work, that’s the moment that someone will sneak around and do it anyway. This, of course, leads to dangerous things, as they can try getting around the firewall and other things that make your network vulnerable.

Train Your IT Team

Finally, make sure that your IT team is up to date on the latest ways to combat online-security issues. These teams must also know about the security risks that your business faces due to social media.

Additionally, the policy for employee social media use should be examined and updated quite regularly, and make sure to enforce it, too. Invest in anti-virus protection and make sure that all operating systems and browsers are always kept up to date when updates become available.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Mobile Phone Numbers Are as Sensitive as Your Social Security Number

/0 Comments/in , , /by

All of us have cell phones these days, and if you are like the vast majority of the population, you access everything from social media to banking information right from your mobile phone. However, if you do this, which everyone does, you are putting yourself in the position to get hacked. With only your mobile phone number and a couple other pieces of information, a hacker can get into these accounts and your life could drastically change.

How does this work? If a hacker already has your mobile phone number, they can get other information, such as you address, birthday, or even the last four digits of your Social Security number, through social engineering schemes via email or on social. Once they have this information, it’s like handing your phone over to them and letting them do as they please, including accessing your accounts.

The scam may not even begin with you, it may begin with the mobile phone companies themselves. There have been many incidents where the carriers are scammed into handing over troves of personal identifying information to scammers posing as the victim. In many cases the phone companies are even allowing the scammers to get phones with the actual victims phone number by transferring everything to a new phone the perpetrator charges to the victims account.

Here are some things that you can do to keep your mobile phone number safe:

Use Your Passcode – You can and should put a passcode on your phone, you should definitely do it. This isn’t totally foolproof, but does give you an extra level of protection.

Add a Passcode – Your mobile carriers online account should have an additional second passcode to make any changes to your account. This additional passcodes works with both the web and calling customer service. Nothing happens unless this additional passcode is presented.

Disable Online Access to Any Mobile Phone Account – This is frustrating, of course, but it certainly can protect you. If you need to change your account, you should go to the store or call your provider.

Use Google Voice – Google Voice is an excellent choice for many, and you can even forward your current number to your Google Voice number. This helps to mask any call you make, which means no one can have access to your real number.

Access Your Cell Phone Account with a Carrier-Specific Email Address – Most of us use our email addresses and phone numbers to access our online accounts. However, you should really have three separate emails. One should be your primary email address, one should be only for sensitive accounts, like your bank or social media accounts, and one for your mobile phone carrier. This means, even if your main email is hacked, the hackers cannot get into your other accounts.

Talk to Your Carrier – Consider asking your carrier to make a note in your account to require a photo ID and special passcode before any changes are made. Though it’s possible that a hacker could pose as you with a fake ID, the chances are quite low that this would happen.

Use Complex Passwords – One of the best ways to protect online accounts is to use complex passwords. Or at least a different password for every account. You should also use a password manager. If you don’t, make sure your passwords are very random and very difficult to guess like “58&hg#Sr4.”

Do Not Be Truthful – You also might want to lie when answering your security questions. These are easy to guess or discover. For instance, it’s probably easy to find out your mother’s maiden name. So, make it up…just make sure you remember it!

Don’t Use Your Phone Number for Important Accounts – Also, make sure that you aren’t using your phone number for any important account. Instead, use that Google Voice number. 

Use a Password Generator – This is part of two factor authentication. Protect yourself by using a one time password generator, as part of a two-factor authentication process. It may be your mobile or they look like keyfobs and produce a new password very frequently. The only way to get the password is to access the generator or your mobile.

Use a Physical Security Key – You should also think about using a physical security key. To use one, you must enter your password into the computer, and then enter a device into the computer’s USB port. This proves that you are the account owner. So, even if a hacker gets your password, they must also have the physical security key to access the account.

Think About Biometrics – Finally, to really protect your accounts, when available, use biometrics. You can buy biometric scanners that read your fingerprints, your iris, or even recognize your voice. When you use these, you cannot access any account until you scan your finger, eye, or speak.

Yes, it’s true that some of these seem time consuming, it is much more time consuming to have to deal with getting hacked or a stolen identity. So, take these steps to remain as safe as possible.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Self- Defense Options You Might Not Know About

/0 Comments/in /by

If you are like most people, you probably haven’t done a lot of thinking about what you would do in a situation involving physical assault. Why would you? I mean, it’s unpleasant and scary. Further, depending on your physical makeup, you may think you’d probably lose anyway. However, you don’t have to have an MMA fighter’s body to defend yourself.

Attackers often look for targets who are unsuspecting. One of attackers “tools of the trade” is the element of surprise. So, live like your heads on a swivel which means be aware and do things like park your car or walk only in areas that are well-lit. You should also avoid parking next to a large truck or van where an attacker might pull you in

When you are in a parking lot, keep your largest house or car key poking out between two of your fingers. This makes a good weapon. If a bad guy approaches you and asks for your purse or wallet, give it to them. Your life isn’t worth whatever is in your wallet or purse.

If the attacker grabs you, scream as loud as you can. Tell him to “Get the F— away” as loud and angrily as possible. Profanities are fundamentally offensive and color the way we are viewed by others. This is no time for niceties; you should sound like a thug. This will alert anyone around that you need help.

Running away to a safe place should be your first choice when possible. Otherwise if you are backed into a corner, Do what is necessary to escape. That may mean fight like an alley cat or a junk yard dog.

You should push him, bite, knee, poke, gouge and whatever is necessary to inflict not just pain, but debilitating pain and continue screaming. You should make sure it hurts, so go for the ears, neck, nose, eyes, legs, and of course, his groin.

Don’t move any closer to your attacker unless you have no choice. Try to aim at a place where you can hurt them, but don’t have to get close. For instance, kick him in the knee instead of stepping close to poke him in the eye. If aiming at the upper body, use your hands; the lower body, use your feet.

Here are some specific areas to focus on:

Eyes

  • Gouge, poke, dig, or stab the eyes with your fingers or nails. This is disabling for several moments, especially if you do it several times.

Nose

  • Use your palm, elbow, forearm to push the nose upward, and use all of your body weight.
  • If the attacker is behind you, use your elbows and aim for the nasal bone.

Neck

  • Try to focus on the side of the neck where the body’s major blood vessels are located. If you hit the side of the neck with your hand or elbow, you can even knock someone out.

Throat

  • Blunt force trauma to the larynx or digging into the trachea makes it very difficult for the attacker to breath.

Knee

  • Even the largest, most burley men can be brought down by kicking him in the knees. Try to drive the foot into the side of his knee, which forces him to lose his balance and possibly tear an ACL.

Groin

  • Try to hit the groin with anything you can. Your hands, knees, elbows, feet, or even your head. Do it as hard as you can and do it as often as you can.

Normal people aren’t interested in fighting, for any reason. But in the unlikely event you are confronted by what turns out to be a dangerous person, fight like your life, or the life of a loved one depends on it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

The Term “Identity Theft Protection” is Often a Lie

/0 Comments/in /by

If you are working for an IT security company, I have a message for you: the term “identity theft protection” is way overused and even abused as a marketing term. We know that this term is used to sell services and products, but does it really protect a user from being the victim of identity theft? No.

This is no different than labeling a food as “natural,” even though it is not actually “organic.” At best, this is incorrect information. At worst, it’s a total lie.

Every company with security solutions out there claims that they can protect identities. But, a firewall does nothing to protect a person from getting their identity stolen. The same goes with an encrypted thumb drive, antivirus software, or even phishing alerts.

Only true identity theft protection services monitor your identity. They do this by checking your credit report and scanning the internet for any sensitive personal info. It also looks for information such as the Social Security number, and if there is an issue, the service helps you solve the problem.

If you have identity theft protection right now, you might get an email like this each month:

We have been monitoring your credit reports from Equifax, Experian, and Trans Union, and we are pleased to inform you that we did not notice any new activity. As a user of our services, we will continue to check your credit report each day for your protection. We help to protect you from any financial losses and hassles that are associated with identity theft. You can log into our website and review your status at any time. Please click here and enter your username and password to get started. As always, our staff is standing by to assist if you notice any suspicious activity.

This is what you should get when you opt for identity theft protection. Don’t fall for the fancy marketing that security solutions companies throw at you.

At its basic level, this is what identity theft protection looks like:

  • Monitoring: continuous monitoring of your identity, privacy, and credit
  • Alerts: warning system rapidly notifying you when your personal information is at risk
  • Recovery: experts providing comprehensive, 24/7 recovery services taking care of paperwork, calls, and every detail to restore your identity

Do your research and don’t believe everything you see or read. Take the time to understand what you are spending your hard earned money on.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Do You Know How to Use a Knife for Survival?

/0 Comments/in /by

Using a knife in a survival situation is a skill that can mean the difference between life and death. But, you have to know how to use the knife. Here is some information:

Knife Safety:

  • Carry a fixed-blade knife if you are going outdoors. It is less likely to get broken
  • Always keep a knife in its sheath. If you trip, it could cut or stab you if it is not contained.
  • Practice pulling the knife from the sheath, so that you don’t get cut. You might need to draw it very quickly.
  • Drawing the knife is a two-step process: first, hold the handle with one hand to loosen the blade. While doing this, push against the knife’s sheath with the thumb. Next, wrap your thumb around the knife’s handle and pull the knife away from the body.
  • When handling a knife, always use slow movements.
  • When handing the knife over to someone, use your forehand grip. Rotate the knife between your thumb and your forefinger. The knife’s handle should face the person you are giving it to, and the edge should point up. Don’t release the knife until the other person is holding it securely.
  • A sharp blade is much safer than a dull one because it requires less force.

Gripping Your Knife 

  • For most uses, handle a knife with a forehand grip. The knife is inside of your fist with the edge of the blade facing the first finger.
  • When buying a knife, make sure that you can fully close your fist around the knife’s handle.
  • If cutting a cord, use a reverse grip. In this case, the edge of the knife is towards your thumb. When using the knife like this, pull with your torso or shoulder for the best result.
  • The chest lever grip is when you hold the blade with its edge pointed in the opposite direction of the forehand grip, which is up towards your hand’s knuckles.

The Uses of a Knife

  • Wood Chopping – Hold the knife in a forehand grip and use it against the wood. Use a wooden object to “hammer” the blade into the wood you want to cut.
  • Wood Splitting – With the forehand grip, place the blade of the knife over the wood. Then, use a baton to push it through the wood in the grain’s direction.
  • Slicing with a Knife – You have certainly sliced with a knife. In a survival situation, use a forehand grip to slice like you do at home.
  • Power Cutting – To power cut, use a chest lever grip. While doing this, hold the object you wish to cut. Using your back muscles, draw the blade through the object…HARD.
  • Controlled Cutting – Using the chest lever grip, work your way slowly around the object you wish to cut.
  • Drilling with a Knife – Place the knife’s tip onto the object, and then twist left and right. Don’t use too much force, as your hand can easily slip.

With all knife grips, make sure that there is no other body part in the path of the knife.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.