Archive for the ‘Computer safety’ Category

Man’s Stolen MacBook Phones Home

Thursday, June 2nd, 2011

As summertime travel approaches, now is a great time for me to remind you to mind your personal electronic portables. According to Gartner, one in six people now have access to a high-tech mobile device, and odds are high that someone has their eyes on your stuff.

A creepy laptop thief hoping to snag some free electronic swag, got way more than he bargained for recently.

The Associated Press reported this week that an Oakland, California man had his apartment burglarized and his MacBook stolen. The good news is that he got it back thanks to an online, viral, one-man crusade. Local police were swamped and unable to assist, so Joshua Kaufman took matters into his own hands. After posting photos of the stranger on Twitter and creating a blog titled “This Guy Has My MacBook”, sweet justice got served.

Kaufman stated: “People who followed me on Twitter retweeted it. It got picked up by social media and the press. It went super viral,” he said. On the same day that he posted his website on Twitter, police came calling.

WVEC in Norfolk, Virginia published a report on their site:

“Kaufman’s case is the latest example of people, not police, using technological tools to help find their own stolen property such as cars, cell phones and digital cameras. Kaufman had just moved to a new apartment in Oakland when a burglar broke in, taking the laptop, a bag, an electronic book reader, and a bottle of gin on March 21. He activated theft-tracking software he had installed, which began sending photos taken by the computer’s built-in camera of the unauthorized user three days later.”

Luckily for Kaufman, the security software he had installed but never tested, began sending grainy photos from the device’s camera to his inbox. The victim observed the thief, posted his photo on the web and voila! After the photos went viral and caught the attention of the media, law enforcement went to work on the case and nabbed the thief.

Many devices equipped with mobile web and geo-tagging technology are literally equipped to “phone home” when properly outfitted with security software.

One of my kids recently went on vacation and left an iPhone in the hotel room upon check-out. A land line call to the hotel got the usual response: “We’re sorry, but your room has been cleaned and no iPhone was turned in.”  From this point the conversation went something like this: “Really? My phone’s tracking locator says the phone is still there, I can see it online!”

Three minutes later, the hotel called back (they never call back) with the good news that the phone had just been located. How do you put a value on that sort of electronic sleuthing capability? ET phoned home alright. Truth is sometimes stranger than science-fiction.


 

Posted in Computer safety, Data security, GPS Tracking | No Comments »

Tis’ The Season For Ruthless Online Fraud

Tuesday, December 7th, 2010

The most troubling aspect about the newest WikiLeaks breach is the grim realization that our nation’s most sensitive information can be so vulnerable, easily accessed and leaked to the world.

You can’t help but wonder, if the U.S. Defense Department can be hacked and attacked from the inside-out,  just how safe is the personal data belonging to the average U.S. citizen?

Here are 10 tips from the Better Business Bureau to help keep you safe online not just during the holidays, but all year long.

The BBB offers this advice:

1. Protect your computer – A computer should always have the most recent updates installed for spam filters, anti-virus and anti-spyware software and a secure firewall.

2. Shop on trustworthy websites – Shoppers should start with BBB to check on the seller’s reputation and record for customer satisfaction. Always look for the BBB seal and other widely-recognized “trustmarks” on retailer websites and click on the seals to confirm that they are valid.

3. Protect your personal information – BBB recommends taking the time to read the site’s privacy policy and understand what personal information is being requested and how it will be used. If there isn’t one posted, it should be taken as a red flag that personal information may be sold to others without permission.

4. Beware of deals that sound too good to be true – Offers on websites and in unsolicited e-mails can often sound too good to be true, especially extremely low prices on hard-to-get items. Consumers should always go with their instincts and not be afraid to pass up a “deal” that might cost them dearly in the end.

5. Beware of phishing – Legitimate businesses do not send e-mails claiming problems with an order or an account to lure the “buyer” into revealing financial information. If a consumer receives such an e-mail, BBB recommends picking up the phone and calling the contact number on the website where the purchase was made to confirm that there really is a problem with the transaction.

6. Confirm your online purchase is secure – Shoppers should always look in the address box for the “s” in https:// and in the lower-right corner for the “lock” symbol before paying. If there are any doubts about a site, BBB recommends right-clicking anywhere on the page and select “Properties.” This will let you see the real URL (website address) and the dialog box will reveal if the site is not encrypted.

7. Pay with a credit card – It’s best to use a credit card, because under federal law, the shopper can dispute the charges if he or she doesn’t receive the item. Shoppers also have dispute rights if there are unauthorized charges on their credit card, and many card issuers have “zero liability” policies under which the card holder pays nothing if someone steals the credit card number and uses it. Never wire money and only shop locally on sites like Craigslist.

8. Keep documentation of your order – After completing the online order process, there may be a final confirmation page or the shopper might receive confirmation by e-mail – BBB recommends saving a copy of the Web page and any e-mails for future reference and as a record of the purchase.

9. Check your credit card statements often – Don’t wait for paper statements; BBB recommends consumers check their credit card statements for suspicious activity by either calling credit card companies or by checking statements online regularly.

10. Know your rights – Federal law requires that orders made by mail, phone or online be shipped by the date promised or, if no delivery time was stated, within 30 days. If the goods aren’t shipped on time, the shopper can cancel and demand a refund. There is no general three-day cancellation right, but consumers do have the right to reject merchandise if it’s defective or was misrepresented. Otherwise, it’s the company’s policies that determine if the shopper can cancel the purchase and receive a refund or credit.

From our family at Penn and Associates to yours,  enjoy this Christmas holiday season. Expect bigger things from this blog in 2011 !

Tags: , , ,
Posted in Computer safety, Cyberwar, Federal Government, Financial Security, Internet | No Comments »

ID Theft Is Lurking In Your Computer

Monday, June 7th, 2010

Personal computing guru Steve Bass recently shared some rather eye-opening statistics in his value-packed newsletter,  Techbite.

Security vendor PC Pitstop Research analyzed just over 50, 000 computers for evidence of security threats, vulnerabilities, viruses and protection tools. Immediately, some interesting results emerged.

Can you guess what percentage of computer users have absolutely no security software installed on their machines? The answer is that a shocking 23% of us are flying through cyberspace as naked as  jay birds!

The PC Pitstop  study was looking for evidence of threats which we should all be on the lookout for such as Spyware, Malware / Rogueware and Keyloggers.

For clarity, the article defined its terms,  so there would be  no confusion about the nature or intent of each of these threats.

According to the report:

” We define spyware as the software that is unintentionally installed on the target computer. … A new growing segment of malware is rogue or phony security software.… Keyloggers are a category of software that is intended to monitor the activity of a target computer. This is a rather dangerous category since this form of malware can be used for identity theft, stalking and other ugly criminal activity.”

The good news is that Symantec, Trend Micro, Kaspersky and other leading providers are very effective in their own areas of strength,  at delivering protection from many of the most common  threats:

  • Kaspersky was rated best against rogue software
  • Symantec was best in the fight against spyware
  • Trend Micro was best against keyloggers
  • Kaspersky was best against viruses

One of the takeaways here is that not all threats can be stopped with just one form of security. Redundancy in various computer security software programs is the best way to keep the multiplying strains of threats at bay.

The underlying theme from this study is that ” no one security provider is good at protecting against all aspects of security. As the analysis suggests, each vendor has some strengths and weaknesses.”

The reality that a given threat could progress  from mischievous to menacing to malicious, is a real possibility in our data-rich daily lives.

Protect your data and assets accordingly.

Posted in Anti-virus software, Computer safety, Data security, Personal privacy | No Comments »

Looming Cyber-Threat Has Fed's Attention

Thursday, January 22nd, 2009

Outgoing National Intelligence Director Michael McConnell reported last week that Cyber-threats are among his greatest concerns, second only to Iran’s continuing development of nuclear weapons.

MSNBC and the Associated Press reported:

“…Iran producing a nuclear weapon and a cyber attack on critical government or private computer networks top the list of concerns nagging at National Intelligence Director Michael McConnell as he prepares to leave office.”

There are many well intentioned observers who seem to think that cyber-crime in general is on the decline inside the United States. Although there is statistically no need for mass panic, it is foolish to assume that our computer infrastructure isn’t the greatest information target in the world. As a practical matter, I think we are all better off with “someone on the gate” to guard our repositories of personal, commercial,  educational, financial and military data.

The truth is that many potentially damaging breaches go undetected and are often intentionally unreported. Back in 2005, the Department of Homeland Security constructed a worst-case-scenario type cyber-attack and concluded that over 20 million credit cards might be affected over a period as short as just one week. The Department concluded that an event like this could undermine faith in the entire U.S. financial system.

We all pray that President Obama’s team remains watchful and vigilant on the cyber-front during these desperate times. The Obama Administration has already declared our nation’s cyber-infrastructure a “strategic asset” and has pledged to protect “America’s competitive advantage”.

Great start Mr. President.

Posted in Computer safety, Cyberwar, Data Breaches, Federal Government | No Comments »

Relentless Fraudsters Begin The Assault

Saturday, January 17th, 2009

The New Year’s barrage arrives just days before President Obama is sworn in.

Today was unlike most days when I open my email, yawn and shrug my shoulders. This evening, my KEEN eye caught three names of email senders that I didn’t recognize. That generally means “junk or spam email, but today was different due to the sheer volume and ridiculously (laughable) transparency of these scammers.

These emails were online scams, so phony looking that anyone with “half-a-brain” could spot them a mile away. Three in one day! I had to look in a mirror to make sure the word “sucka” wasn’t pinned to my back.

Not only did the senders promise OUTRAGEOUS sums of money for my help, the spelllinngg was so bad that I actually laughed out loud.

Phishing scams come in many varieties including lottery scams, bill collector scams, fraud investigation scams, employment application scams, overseas bank transfer scams, credit card or banking verification scams and many  others.

According to the Yahoo Security Center:

“If you receive an email (or instant message) from someone you don’t know directing you to sign in to a web site, be careful! You may have received a phishing email with links to a phishing web site. A phishing web site (sometimes called a “spoofed” site) tries to steal your account password or other confidential information by tricking you into believing you’re on a legitimate web site. You can even land on a phishing site by mistyping a URL (web address).

Is that web site legitimate? Don’t be fooled by a site that looks real. It’s easy for phishers to create web sites that look like the genuine article, complete with the logos and other graphics of a trusted web site.”

Unfortunately, the current economic downturn is expected to cause a dramatic increase in the number and frequency of these fraudulent attempts to separate the uninformed from their personal data.

The good news is that these crimes are getting harder and harder to pull off, due to greater consumer awareness and more advanced spam filtering technologies.

Despite the almost comical transparency of the three scams that entered my email box today, the potential for harm and the growing frequency of these annoying ploys is really no laughing matter.

Posted in Computer safety, Cyberwar, Financial Scams | No Comments »

Universities Pummeled by Data Thefts

Friday, April 25th, 2008

Massive data spill leaves thousands of students out in the cold.

The combined number of people victimized in two separate incidents at the Universities of Virginia and Miami totals over 50,000.

Nearly every imaginable piece of private information was stolen; including names, addresses, credit card data and highly- prized social security numbers.

These giant leaks aren’t supposed to occur, but the fact is that the portability of laptops and backup tapes makes the crime more common than casual observers may notice.

In the Florida case, the records were being shipped off to a private off site storage facility. This practice is usually designed to safeguard the data off campus, but this time the stagecoach was robbed.

This isn’t the first time the University of Virginia has dealt with this crime. Last year the F.B.I. was called in to investigate the theft of data belonging to 5735 University faculty members.

Techweb Media reported this story last week and also disclosed new research from analysts at AMI Partners. The research indicates that a staggering 86 percent of mid-sized U.S. business reported some sort of security breach or data loss in the last 12 months!

What can you do to ward off the grim IDENTITY GRIM REAPER?

1. Back up your data. A backup allows you to restore missing, corrupted or stolen files quickly. A backup will also allow you to continue your work while your computer is being located, repaired or restored.

2. Download updates to your OS and software regularly. Security patches and “bug fixes” can help you keep your privacy armor polished.

3. Be on guard for viruses and worms. Fight these cyber-security threats by installing a good anti-virus software program.

4. Fight off malicious Ad-ware and Spy-ware. Everyone using the web, instant messaging or file-sharing is vulnerable. Install protective software to fight off malicious mal-ware and update it regularly.

5. What do you mean you don’t have a firewall? Install one immediately to protect your computer from intrusion. Purchase a firewall “box” or get the software version from a company like Norton or McAfee.

6. Use stronger-longer passwords. The longer and stranger looking they are, the better. Recent studies indicate that most computer users utilize the same password for everything. Create long and unusual alpha-numeric passwords that don’t contain easy clues like your dog’s name or the street you grew up on.

7. Lock your computer down! The trunk of your car doesn’t count. Visit a local retailer to purchase a computer locking cable device. Turning your back on your computer for even a moment at home, at the library or at Starbucks is just asking for trouble with a capital T.

Posted in Anti-virus software, Computer safety, Data Breaches, Data security, Personal privacy | No Comments »

The Next Wave of Attacks

Tuesday, March 18th, 2008

If the gatekeepers are concerned, we should be too!

If you haven’t seen reports of  the latest Identity Theft attacks plaguing our country, you haven’t been reading much news lately. Where have you been?

Even the U.S. Air Force has waged an ad campaign designed to capture the imagination of a new crop of tech savvy young recruits to help fight the current “cyber-war”. This war is not imagined or “virtual”, it is very real indeed.  

The battle is raging on many fronts. In addition to the constant daily threat from foreign governments, bored adolescent hackers and low level organized criminals, there is a new enemy emerging.

Symantec Corporation is losing sleep due to concerns about the next virulent strain of Trojan horse programs.  According to the April 2008 issue of PC Magazine, the Trojan.Silentbanker program can perform “man in the middle” attacks between users and more than 400 banks.

This Trojan monitors usage patterns on the web, while looking for bank data that it can manipulate. This program can actually re-route the account destination of banking customer transfers. Apparently, the Trojan.Silentbanker can even overcome the “safeguard” of two -factor authentication.

The article correctly distinguishes between a single bank target like those that are cloned by realistic looking “phishing” sites and the multiple bank sites susceptible to this Trojan program.

Symantec’s well known suite of anti-virus and personal firewall products are designed to protect from these threats. If you are not in the habit of updating yours, you are headed for a hard fall someday. PC Magazine also reminds never to run executables we get from strangers.

Thank goodness for warriors like our Air Force and Symantec who “sit on the wall” for us and fight evil at every turn, keeping us from losing more than just our shirts.

Posted in Anti-virus software, Computer safety, Cyberwar, Data security | No Comments »