CYBERSECURITY RESOLUTIONS

As 2018 comes to an end, I am putting together my recommended list of Cybersecurity Resolutions for 2019. Although the number of data breaches went down in 2018, the actual number of individuals affected by those breaches dramatically increased.  So, you must continue to remain ever vigilant if you want to protect yourself.

Cybersecurity Resolutions to head off Cyber disasters
Head Off Pending Disasters

Here are some important Cybersecurity Resolutions you should adhere to.

  1. I WILL USE STRONG, LONG, STEALTH PASSWORDS that are unique for each different website. A good password is one that uses a combination of upper and lower case letters, numbers and special characters. Don’t use the same password for different websites. Be creative and don’t use obvious things like your Mother’s Maiden name, your date of birth, street address, your pet’s names, etc. Your social media page will give any scammer clues of what you might use to create a password. So, don’t make it so easy for them to crack it.
  2. I WILL KEEP MY SOFTWARE UPDATED as soon as I am notified that an update is available. If you do so, in a timely manner, then you won’t have to worry about your devices getting compromised. Set your programs to perform updates automatically.
  3. I WILL BACK UP MY FILES REGULARLY. Backing up your files has become an essential security continuity practice. If you are a victim of Ransomware, a Malware infection or even Mother Nature, you’ll be glad you backed up your data to a separate hard drive or thumb drive. Always remove the backup device from your computer after doing the routine backup.
  4. I WILL USE 2 FACTOR AUTHENTICATION WHENEVER POSSIBLE. Also known as 2FAs, it adds a second layer of security onto your account access, by confirming that you are who you claim you are. It also protects you from those who unlawfully attempt to access your account. Not all businesses and online accounts offer this extra security, but take advantage of the companies that do.
  5. I WILL ONLY VISIT SITES THAT BEGIN WITH HTTPS. Not every website, even some popular ones, begin their web address with the more secure HTTPS. It is not safe to enter any of your personal information on a website that begins with HTTP instead of HTTPS. The “S” stands for secure. Security must go hand-in-hand with privacy. There are extensions that you can install to your browser that will only connect automatically to HTTPS versions of websites. For example, try installing “HTTPS Everywhere” on your google browser. It’s what I use.
  6. I WILL HANDLE MY EMAILS CAREFULLY. Repeat after me: I will never click on links or open up attachments in any email unless I am 150% sure that the email is legitimate. Emails are the easiest way a criminal can gain access to your system. Ask yourself, does the email seem fishy? Is the grammar and spelling correct? Does it sound too good to be true? OR does the email contain an urgent message that you must click on in order to solve a problem? These are all telltale signs of a phishing email. If you click on that link, or open that attachment, you will surely infect your computer. Hover your mouse over the sender’s email address and see if it appears legitimate. My advice is to go onto the business’ website by typing in the URL yourself rather than the provided link in the email. Don’t hesitate to call the business to verify that the email is legit. Most companies will never ask you for your personal information.  You’ve been warned!!!
  7. I WILL BE CAREFUL AND THINK BEFORE I POST. Privacy is dead. Whatever you post is open season for anyone who wants to exploit that information. Sharing details of a personal nature can be dangerous. Criminals can and will use your information against you. The information you so freely give away online, can be used to access your accounts or steal your identity. Tone down the stuff you post about yourself or people close to you.
  8. I WILL KEEP ABREAST OF THE LATEST CYBERSECURITY THREATS AND SCAMS. Knowledge is power! The more you know the more you’ll be able to protect yourself and your loved ones.
Cybersecurity Resolutions to help lprotect your data
Everyone is after your data! You must protect it.

So, there you have it.  If you follow these Cybersecurity Resolutions, you’ll be a whole lot safer from scammers, crooks and fraudsters in 2019.  Stay safe out there and Happy New Year to all.

VACATION SECURITY CHECKLIST

VACATION SECURITY CHECKLIST

According to the FBI, a burglary happens every 20 seconds in the U.S. However, vacation season brings out burglars looking for empty houses. Use this vacation security checklist as a way to ensure that you find your home just the way you left it, once you return.

Vacation Security Checklist
Travel is good for the soul!

 

MAIL: Put a hold on your mail via the post office or submit a change of address if necessary. An overloaded mailbox is a sure sign that nobody’s home. Contact your Post Office 30 days in advance.

CANCEL: Place a hold or cancel newspapers, magazine subscriptions and other deliveries. Or ask a neighbor to remove such items promptly from your property.

DRIVEWAY:  Ask a neighbor to park their vehicle in your driveway periodically. You want to maintain the illusion that someone is around.

OUTSIDE: Hire a landscaper to keep your property trimmed and looking lived-in. Set your watering schedule to provide enough water for the current weather. Secure or store your outside valuables like your bar-b-que, bicycles and patio furniture.

LIGHTING: Use motion sensitive light fixtures in front and back. Set your indoor lights and even a radio or TV with a timer to automatically turn on or off at set intervals. Or use smart technology that can remotely control fixtures.

KEYS: Never leave a spare key hidden outside your home. Burglars know exactly where to poke around to find them. Instead give your spare key to a trusted neighbor for emergencies. A friend or family member should also have an extra key to your residence.

SET: Set your thermostat at a reasonable temperature. Set your hot water heater to vacation mode.

UNPLUG: Unplug appliances including your refrigerator, washer/dryer, dishwasher, toaster, coffeemaker, TV’s and computers. You may also want to shut off your gas or water.

VALUABLES: Lock your valuables and sensitive information in a safe or hide them well. Alternatively, you can place them temporarily in a safe deposit box.

LOCK: Be sure all windows and doors are locked, including a doggie door. Lay a broom stick in the track of your sliding glass door and/or something in your window tracks. Arm your security system if you have one. Disengage garage door opener an manually lock garage door.

NOTIFY: Your bank and credit card companies should be notified of where you will be – especially if you intend to use an ATM or your credit/debit cards.  (This avoids them ‘flagging’ your account for unusual spending activity). Provide them with more than one contact number, just in case.

LUGGAGE: Write down just your phone number on all your luggage – instead of your address. If your luggage is lost/stolen, then burglars won’t know where you live.

EMERGENCIES: A neighbor and/or trusted friend or family member should be designated as your emergency contact person. They should be given authority to make decisions on your behalf should an emergency arise. Your home security company should also have a way to contact you in case of a burglary, fire or other emergency.

SOCIAL MEDIA: Limit what your share about your vacation on social media websites. Never mention when you’re leaving, where you’re going and how long you’ll be gone.

Happy Vacation
Happiness is being on Vacation!

Travel is good for the soul. So, before you leave for your dream get-a-way, be sure to use this vacation security checklist. Then, you can relax and enjoy.

Here is a good website source for home safety tips

DETER TAX ID THEFT- FILE TAXES EARLY

Tax ID Theft is the most common form of identity theft reported to the Federal Trade Commission (FTC) for the past five years. The FTC and its partners announced they are hosting a Tax Identity Theft Awareness Week from January 29th to February 2, 2018. They will be hosting a series of free events, including webinars and Twitter chats.

Tax ID theft occurs when someone uses your stolen Social Security number to file a fraudulent tax return in order to claim a fraudulent refund.

There has been 1293 data breaches as of 12/20/17. These data breaches provide hackers with a slew of sensitive information. The Equifax breach alone exposed the names, addresses, social security numbers and birthdates of 145.5 million records. Criminals will attempt to file fraudulent tax returns using this stolen information. The big refunds that are claimed on these fraudulent returns are either sent to phony addresses or deposited into bogus bank accounts controlled by these criminals.

Tax ID Theft
IRS Tax ID Theft is Billions of Dollars a year!

The best thing you can do to protect yourself from Tax ID Theft is to file your return as early as possible to make sure your return is filed prior to that of an identity thief.  That way, you beat a would-be criminal from filing a return before you do.

 

PREVENTION TIPS TO AVOID TAX ID THEFT

  • Know your Tax Preparer – check their credentials on the IRS website
  • Beware of Preparers promising big refunds or base their fee on your refund
  • If you cannot file early, then file an extension using IRS Form 4868
  • Never carry your social security card or any document with your SSN on it
  • If mailing your return, be sure to mail it directly from the Post Office
  • If E-Filing your return, use a reputable program and a secure non-public computer
  • If you move, file a Change of Address as soon as possible – Use IRS Form-8822
  • Store copies of your returns in a secure place or save it on an external hard drive
  • Shred drafts, tax forms and all documents that contain any sensitive information
  • NEVER respond to calls, texts or emails appearing to be from the IRS. Don’t respond to threats or arrest. The IRS always initiates contact with you via a letter, sent by snail mail.

 

If you do become a victim of tax ID theft, file a police report immediately. Then, file a “paper” return with the IRS with an attached Form 14039 Identity Theft Affidavit together with a copy of the police report. This will hasten the process. You should also call the IRS specialized assistant toll-free number 800-908-4490. You can visit the IRS website for more info here: www.irs.gov/Individuals/Identity-Protection

To find out how to lessen your risk of becoming a Tax ID Theft victim during the FTC’s Tax Identity Theft Awareness Week – go here:   https://www.consumer.ftc.gov/features/feature-0029-tax-identity-theft-awareness-week

Credit FREEZE vs. a Credit LOCK

Consumers Union is recommending consumers place a Credit FREEZE vs. a Credit LOCK.  Here’s Why…

A credit LOCK is simply a contractual business agreement between you and the Credit Bureau. 

Having a contractual agreement is not nearly as strong as having protections under the law. A contractual agreement with a company is subject to change, or may be unclear. It may include provisions that you may be better off NOT agreeing to – such as binding arbitration. With LOCKS, it’s also not clear who would be liable for financial losses.

A Credit FREEZE is the better option, because a credit freeze offers stiffer legal protections.

Its promise to guard your credit accounts is guaranteed by law! If something goes wrong, and your credit accounts are fraudulently accessed, consumers are protected from financial liability.

Credit Freeze vs. a Credit Lock
A Credit Freeze is better than a Credit Lock

BUT – In response to the stampede of people attempting to place a Credit Freeze, after the massive Equifax breach, the 3 Credit Bureaus are pushing consumers to “LOCK” their credit files instead of placing a Credit “FREEZE”.

Just To Be Clear: The best way to protect yourself from an identity thief opening a credit account in your name, is still by placing a credit freeze at all three credit bureaus.

Consumers should be wary of this push towards Credit “Locks”. Equifax and the other two credit bureaus fought for years against our right to freeze our credit reports – and then demanded fees to do so.

Equifax has said it will be offering a new type of credit “LOCK” FREE – for life. This raises questions and concerns about their motives! Credit Bureaus make huge sums of money by selling your information and allowing access to your credit file.  A credit FREEZE will greatly limit their ability to do so.

So if you are offered a choice between a Credit Freeze vs a Credit Lock, don’t let the Credit Bureaus try to fool you. A Credit Freeze has always been the best way to keep the bad guys from getting credit in your good name. A credit LOCK is designed to work in the best interest of the Credit Bureaus – NOT YOU!

“We are still trying to figure out why they are pushing this newer thing they call a credit “lock” says Mike Litt at U.S. PIRG (Public Interest Research Group). “It may allow credit bureaus to market to consumers more aggressively for products that they may not need and/or shouldn’t pay for”.

It’s time for Congress to provide free Credit Freezes. To learn more go here: http://www.uspirg.org/news/usp/interactive-map-shows-consumers-42-states-have-no-access-free-credit-freezes 

You can also read one of my previous articles about the Equifax Data Breach

 

SONIC Breach- 5 Million Debit & Credit Card Info Stolen

The recent Sonic Breach reported by the fast food chain was a breach of their card processing system. The Sonic Breach resulted in the theft of 5 million credit and debit card information. The chain has more than 3,500 locations in 44 states. At the time of this writing, Sonic did not disclose the number of its restaurants that were potentially affected.

The stolen card data included the zip codes of the card holders!

The fact that zip codes were included as part of the stolen information, makes the resale of this information more valuable.

The zip codes allow a criminal to know exactly which geographical area the card originated from. This in turn, helps the criminal avoid making their purchases look suspicious; by only using the card to make purchases in the cardholder’s local geographical area.

Sonic Breach of Card Info

The information from the Sonic breach is already being sold on the Dark Web, which is the part of the Internet where criminals go to purchase stolen data. The card data will fetch a price of about $25 to $50 each, depending on the type of card (debit or credit) and the card limits available.

It seems like almost every week we hear news of another data breach. Your personal information is only as safe as the companies entrusted to protect it.

The Sonic Breach could have been totally avoided had Sonic updated their processing equipment to accept the more secure EMV chip cards. Instead, they’re still using the old style magnetic-strip for their card processing.

WHAT CAN YOU DO TO PROTECT YOURSELF
  • Avoid making purchases at retailers who have not yet switched to the new EMV system.
  • If you used a credit or a debit card at a Sonic restaurant in the last 6 months, be sure to carefully monitor your accounts for any sign of fraudulent purchases.
  • If you discover any fraudulent purchases on your credit card bill, notify your credit card company. In the case of a DEBIT card, be sure to notify your bank immediately, to prevent the money in your checking account from getting completely wiped out.
  • Debit cards do NOT have the same consumer protections as credit cards. Therefore, in the future, refrain from using your debit card except at an ATM. If your debit card gets stolen or skimmed, you could lose all the money in your checking account if it is not timely reported to your bank. Also, the funds in your checking account will be frozen while the bank investigates, denying you access to your account during the process.

Until all businesses switch to the newer and safer EMV chip cards, we will unfortunately see more and more breaches like this one.

It is up to you to remain ever vigilant!