12 things you can do to keep your child safer online
By karen | July 31, 2009
A quick checklist to get you started on the road to Internet safety.
1. Buy all the safety software you need and use good filtering tools.
Keep them current and use them unfailingly—as automatically as locking your door when you leave the house.
2. Discuss online safety with your family and friends.
Decide together how you will help protect each other online and set rules that reflect your personal and family values. Decide what activities are okay and what information it’s fine to give out and to whom.
3. Be selective about who you interact with online and what information you make public.
The risks are relatively low when you stick with people you know—your family and friends. Going into public chat rooms or opening your blog up to the general public, for example, significantly increases your risk. Think before you post online information that can personally identify you, a family member, or friend in public place. (That means in a public blog, in online white pages, on job hunt sites, or in any other place anyone on the Internet can see.) Sensitive information includes birth date, gender, town, e-mail address, school name—even photos. This information can be used to help someone find you or steal your identity.
4. Pay attention to the risks of e-mail.
Think twice before you open attachments or click links in e-mail—even if you know the sender—as these can be used to transmit spam and viruses to your computer. Never respond to e-mail asking you to provide personal information, especially your account number or password, even if it seems to be from a business you trust. Reputable businesses will not ask you for this information in e-mail.
5. Put your family computer and Internet-connected game consoles in a central location.
A family room or kitchen makes a good place where you can watch over your children’s online activity.
6. Never, ever meet in person someone you’ve met online without taking somebody else along.
Remember, people are not always who they say they are.
7. Review the features on your children’s cell phones.
Can they download images from the Internet, use instant messaging, or access services that allow others to pinpoint their location? All of these features could be a cause for concern, depending on your child’s maturity and situation.
8. Find out how and where to report abuse.
Create an environment that encourages your kids to report abuse to you. Acting as a responsible Internet citizen can help stop the illegal activity, harassment, and predatory behavior of online criminals.
9. Don’t trade personal information for “freebies.”
(Good advice for kids, too.) Just as in the physical world, if it sounds too good to be true, it probably is. Unwanted software like spyware and viruses often piggybacks on software that’s “free.”
10. Check out the safeguards on computers your child uses outside the home…
At his or her school, the public library, and the homes of your child’s friends.
11. Choose a safe online name.
Use e-mail addresses, IM names, chat nicknames, and other such names that don’t give away too much personal information. Pick a name that doesn’t help identify you (your age, for example) or locate you. Avoid flirtatious or provocative names that may cause unwanted attention.
12. Sit down with your child regularly to review Internet contacts and activity…
Buddies, blogs, browser history, image files, music downloads, and so on. Let them know you’ll do this periodically. Explain that this is not to violate their privacy, but to protect them and the family from risks.
Visit Oprah.com to Help Pass The Adam Walsh Act
Topics: Helpful Resources, blog home, karen lodrick's blog | 2 Comments »
One technique for producing the prefect password
By karen | July 26, 2009
Everyone knows it’s bad to use the same password for different sites. People do it anyway because remembering different passwords is annoying. Remembering different difficult passwords is even more annoying.
Here is a foolproof technique for creating passwords, that are hard to crack and easy to remember. Plus, it takes just minutes to learn.
Step 1:
Start with an original but memorable phrase. For this exercise, let’s use these two sentences: I like to eat bagels at the airport and my first Cadillac was a real lemon so I bought a Toyota —just make sure it’s something you can remember without having to write it down. That’s the key!
Step 2:
Turn your phrase into an acronym. Be sure to use some numbers and symbols and capital letters, too.
I like to eat bagels at the airport = Ilteb@ta
My first Cadillac was a real lemon so I bought a Toyota = M1stCwarlsIbaT.
A sentence like: It’s 20 degrees in February, so I use Gmail, lets you set a new Gmail password every month and still never forget it: i90diSsIuG for September, i30diMsIuG for March, etc. (These aren’t realistic temperatures; they’re the month-number multiplied by 10.)
That’s it—you’re done.
Important to remember:
You should use different passwords for each of your social networking accounts—someone can do real damage by breaking into your Facebook or Twitter, so you want to keep them distinct. Reserve strong, most distinct passwords for the few very important accounts—your online banking, your computer, your online bills, and your e-mail accounts, which often contains the keys to everything else in your life.
You don’t have to keep unique passwords for every single site you visit—it’s perfectly OK to repeat passwords on sites that don’t need to be kept very secure. For instance, the New York Times, The New Yorker, and other online magazines, because it won’t hurt too much if someone breaks into those.
Topics: Helpful Resources, blog home, karen lodrick's blog | No Comments »
Carding, how individual hackers get paid for stealing information
By karen | July 26, 2009
“There is a bustling trade in credit card information and personal details among hackers, phishers and other online criminals. This is called “carding”, and is generally how individual technical hackers get paid by organized crime for stealing information. Occasionally spreadsheets, databases, and other lists of personal information end up in public places on the web and get spidered by Google.” –Alex Stamos, ISEC Partners.
Click here to read the story; a woman finds her personal and credit card information online.
Topics: blog home, karen lodrick's blog | No Comments »
Anti-malware expert and CEO, Eugene Kaspersky, talks about cybercrime
By karen | July 17, 2009
During the 10th Annual Kaspersky Lab Virus Analyst Summit, I had the chance to sit down with CEO Eugene Kaspersky who offered his theory for stopping cybercrime. But first, I learned about his company, Kaspersky Lab which specializes in anti-malware technology.
It started out of passion; and now is quickly becoming a household name worldwide.
I found Eugene very down to earth with a good sense of humor. He begins the interview by explaining the details of his job; a lot of plane travel, many interviews, conferences, exhibitions, and then continues on to the next town or country. He’s busy traveling the globe with his message to get users and their computers safe. And it is clear he loves his work.
Topics: Messages From Others, blog home, karen lodrick's blog | No Comments »
Koobface worms attacking social networks
By karen | July 8, 2009
As social networks become a mainstay, attacks targeting them continue to gain momentum.
The Koobface worms (over 575 new variants identified):
• Net-Worm.Win32.Koobface.a
• Net-Worm.Win32.Koobface.b
• Net-Worm.Win32.Koobface.c
• Etc
Targeted social networking websites (detected):
• Facebook
• MySpace
• Hi5
• Bebo
• Tagged
• Netlog
• Twitter
The Koobface worms come through social networks and transform victims’ machines into zombie computers to form botnets.
It spreads through the legitimate user’s account to their friends. Comments and messages sent by the worm contain a link to a fake YouTube style website which invites users to download a “new version of Flash Player”. The worm, rather than the Flash Player, is then downloaded to the victim’s machine. Once a user is infected, he or she will start spreading such messages to his or her friends.
The worms are designed to upload additional malicious modules via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes, such as gathering personal information then taping into bank accounts or committing fraud.
Kaspersky Lab discovered the worm and detected these threats on July 31, 2008. “At the beginning of 2008 we predicted that we’d see an increase in cyber-criminals exploiting MySpace, Facebook and similar sites, and we’re now seeing evidence of this. I’m sure that this is simply the first step, and that virus writers will continue to target these resources with increased intensity,” says Alexander Gostev, Senior Virus Analyst at Kaspersky Lab.
Tips for Users:
- Be cautious when opening links coming through suspicious messages, even if the sender is one of your trusted Facebook friends.
- Use either Internet Explorer 8 running in protected mode or Firefox with NoScript installed.
- Divulge as little personal information as possible. Do not give out your home address, phone number or other private details.
- Keep your antivirus software updated to prevent new versions of malware from attacking your computer.
Topics: Helpful Resources, blog home, karen lodrick's blog | No Comments »
President Obama’s cybersecurity
By karen | May 28, 2009
It seems that everything relies on computers and the internet now — Cyber security involves protecting that online information by preventing, detecting, and responding to attacks. Some attacks are more serious than others. Among these attacks are viruses erasing entire computer systems, someone breaking into a system and altering files, or someone breaking in and stealing personal information and committing fraud or identity theft.
During Obama’s presidential campaign, he pledged to bump up the issue of cybersecurity to “top priority” and appoint a national cybersecurity adviser. And it seems he is gearing up to honor that promise. The commitment was to establish the proper structure within the government to ensure cybersecurity issues continue to receive top-level attention and enhanced coordination.
This new official would develop a strategy to protect the nation’s government-run and private computer networks. The idea is have a senior official who can contact the president, directly. READ MORE>
Topics: blog home, karen lodrick's blog | No Comments »
Education and awareness are major tools to protect against cyber crime
By karen | May 26, 2009
From January to December of 2008, the Internet Crime Complaint Center (IC3) website received 275,284 complaint submissions. This is a 33% increase compared to 2007. These complaints were composed of many different fraud types such as auction fraud, non-delivery, and credit/debit card fraud as well as non-fraudulent complaints such as computer intrusions, spam/unsolicited e-mail, and child pornography.
The total dollar loss was $264.6 million with the median dollar loss of $931.00 per complaint. This is up from $239.1 million in total reported losses in 2007. E-mail (74.0%) and web pages (28.9%) were the two primary mechanisms by which the fraudulent contact took place.
Education and awareness are the major tools to protect ourselves. READ MORE>
Topics: Announcements, Helpful Resources, blog home, karen lodrick's blog | No Comments »
Tips for working with your bank, if you’re an identity theft victim
By karen | May 16, 2009
In 2006, my bank provided an identity thief posing as me, debit card approval through an unauthorized phone number. Within a few days, the thief wiped out my checking account, stealing $8,000.00 before I realized what happened. For six months, the identity thief continued to victimize me. I lost $22,000.00, before I managed to catch the thief and stop the rampage. Yet, my bank was accusing me of forging my own identity.
It’s dreadful enough when you find out you are a victim of identity theft, but it adds insult to injury when your bank treats you like a criminal.
Did you know that many of the largest banks in the United States are frequently targeted by identity thieves? (Fig. 1) Fortunately, what I learned during my personal experience dealing with my bank after becoming a victim of identity theft may assist you if you’re ever a victim.
Figure 1: Courtesy of Chris Hoofnagle and the Berkeley Center for Law and Technology
Tips for working with your bank if you’re an identity theft victim:
TIP #1 - IMMEDIATELY CLOSE ALL COMPROMISED ACCOUNTS
If your bank doesn’t automatically provide you with a new account number, insist that they do so. In order to get any money reimbursed, you will need an account number that has not been compromised.
TIP #2 - GET PROTECTION ON ALL ACCOUNTS
Insist that your bank place an “Identity Theft Warning” message and password protection on all your accounts. I found it easy to do this for phone inquiries, but difficult for in-person inquiries. So when I thought I was safe because I had a new password-protected bank account, the identity thief managed to withdraw money in person from different bank branches. Through perseverance, I was able to locate a bank manager who was able to place a universal warning on all my accounts. I believe this helped me eventually track down my identity thief.
TIP #3 - ASK QUESTIONS
Knowledge is power. If you don’t understand the bank’s identity theft protocol, ask questions about it. It’s important to know what the bank is requesting of you. Understanding the bank’s procedures will help you deal with this crime. If you don’t understand the bank’s procedure or don’t think the procedure is useful in your particular circumstance, ask further questions and/or request additional assistance. I was able to get a new protocol put into place for my accounts (see Tip #2).
TIP #4 - KEEP RECORDS AND A JOURNAL
Create a file for your identity theft documents. Log all your conversations and transactions. Make sure to get full names of the people you talk to, keep track of all dates and times (noting how much time you spent dealing with each issue), and be sure to keep track of the amount of money lost or stolen including your time spent to recover. Creating these records will help you recall what happened, should you need to at a later date. Most importantly, if you ever go to court because your identity was stolen, you will have a clear record. Plus, you may be able to claim the loss on your taxes.
TIP #5 - MONITOR YOUR ACCOUNTS REGULARLY
Keep an eye on your bank accounts. Call your bank immediately if you notice a discrepancy, no matter how small as you may have a limited period of time to file a complaint. I regularly review my bank activity online. It saves a time and, if your mail has been stolen or redirected by an identity thief, you may not get your bank statements in time. Remember to be smart when banking online. Always log in using your bank’s official URL and never log-in by clicking on a link provided in an email or advertisement. Always log out when finished and close the browser window. Empty cookies from your computer system regularly and never allow the browser to remember your password (type in your password every time).
TIP #6 - KEEP PERSONAL INFORMATION OFF YOUR CHECKS
All you need are your first initials and last name on your checks. Your full name, address, Social Security number and phone number are not necessary. The bank knows how to handle your checks. The less your personal information is out there for a thief, the better. If a crook can’t match an exact name to a bank account, he/she will be less likely to use it.
As an identity theft victim, dealing with your bank may be a challenge. You may have to repeat the facts of your case to several different bank officials until the bank has a grasp of your specific circumstances. This can be frustrating. If possible, find one person that can handle your claim as quickly as possible. Ask to speak to a supervisor if you feel you are not getting the help you need or if someone treats you poorly. And trust that your situation will eventually get resolved.
Topics: Announcements, Helpful Resources, Uncategorized, blog home, karen lodrick's blog | No Comments »
Banks + Fraud = the Economic Crisis
By karen | April 7, 2009
Worth a LISTEN. Bill Moyers interviews William K. Black, the former senior regulator who cracked down on banks during the savings and loan crisis of the 1980s.
The financial industry recently brought the economy to its knees. Black offers his analysis of what went wrong and his critique of the bailout. How will identity theft ever be taken seriously when our banks/financial institutions are part of the scams?
Part 1 of 3
Part 2 of 3
Part 3 of 3
Topics: Books and Movies, blog home, karen lodrick's blog | No Comments »
Cyber-crooks targeting social-networking Web sites
By karen | March 5, 2009
Facebook has become prime hunting ground for tricksters and malicious software spreaders because it is the leading social-networking community, with more than 175 million people sharing personal information.
The bad guys know how to see all the things you post. You may be revealing personal information that is extremely valuable to them.
Even seemingly innocent information posted on profile pages can sometimes provide opportunities for criminals. For example, names of grandparents or pets in posted pictures can tip hackers off to answers for typical challenge questions asked before providing information about “forgotten passwords” to online accounts.
WATCH FOR:
1) Fraudulent applications sent warnings that the Web site was shutting down or that they had been reported for violating terms of service which was followed by instruction for correcting the issue.
If people followed the instructions in the bogus messages, software was installed on their computers that stole information and sent similar bogus messages to their friends on the site.
2) Messages claiming to be from Facebook friends wanting to share digital video. Clicking on the link results in a prompt to download viewing software that is actually a computer worm called KOOBFACE.
Then it steals your cookies (store identifying information such as user names and passwords) on your desktop; not just for Facebook but for a half-dozen social networking Web sites including MySpace.
Then, your account is compromised at that point. Using the hijacked cookie, it tries to log in as you, goes through your address book and starts posting messages and comments.
People can reduce the odds of becoming victims by being selective about friends at social networking websites and not clicking on links that take them outside the walls of their online communities.
Computer users are also wise to use unique complex passwords for each online account so if hackers get hold of one virtual key it won’t open other locks.
Topics: blog home, karen lodrick's blog | No Comments »
« Previous Entries Next Entries »