Many everyday objects can lead to identity theft. They often get overlooked because people focus on their computers and cloud accounts. It’s important to have strong passwords and use antivirus on your PC. But you also need to be wary of other ways that hackers and thieves can get to your personal data.

Here are six common things that criminals can use to steal your information.

Old Smart Phones

People replace their smartphones about every two and a half years. That’s a lot of old phones laying around containing personal data.

Just think of all the information our mobile phones hold. We have synced connections with cloud services. Phones also hold banking apps, business apps, and personal health apps. These are all nicely stored on one small device.

As chip technology has advanced, smartphones have been able to hold more “stuff.” This means documents and spreadsheets can now be easily stored on them. Along with reams of photos and videos.

A cybercriminal could easily strike data theft gold by finding an old smartphone. They often end up at charity shops or in the trash. Make sure that you properly clean any old phones by erasing all data. You should also dispose of them properly. You shouldn’t just throw electronics away like normal garbage.

Wireless Printers

Most printers are wireless these days. This means they are part of your home or work network. Printing from another room is convenient. But the fact that your printer connects to the internet can leave your data at risk.

Printers can store sensitive documents, such as tax paperwork or contracts. Most people don’t think about printers when putting data security protections in place. This leaves them open to a hack. When this happens, a hacker can get data from the printer. They could also leverage it to breach other devices on the same network.

Protect printers by ensuring that features like Wifi Direct are turned off. Printer firmware should be kept up to date as far as possible.

USB Sticks

Did you ever run across a USB stick laying around? Perhaps you thought you scored a free removable storage device. Or you are a good Samaritan and want to try to return it to the rightful owner. But first, you need to see what’s on it to find them.

You should never plug a USB device of unknown origin into your computer. This is an old trick in the hacker’s book. They plant malware on these sticks and then leave them around as bait. As soon as you plug it into your device, it can infect it.

Old Hard Drives

When you are disposing of an old computer or old removable drive, make sure it’s clean. Just deleting your files isn’t enough. Computer hard drives can have other personal data stored in system and program files.

Plus, if you’re still logged into a browser, a lot of your personal data could be at risk. Browsers store passwords, credit cards, visit history, and more.

It’s best to get help from an IT professional to properly erase your computer drive. This will make it safe for disposal, donation, or reuse. At Computers plus we offer a secure destruction service for hard disks for your peace of mind.

Trash Can

Identity theft criminals aren’t only online. They can also be trolling the neighborhood on trash day. Be careful what you throw out in your trash.

It’s not unusual for garbage to enable identity theft. It can include pre-approved credit card offers that you considered “junk mail.” Your trash can also hold voided checks, old bank statements, and insurance paperwork. Any of these items could have the information thieves need to commit fraud or pose as you.

A shredder can be your best friend in this case. You should shred any documents that contain personal information. Do this before you throw them out. This extra step could save you from a costly incident.

Children’s IoT Devices

Electronic bears, smart kid watches, Wi-Fi-connected Barbies… all toys that hackers love. Mattel’s Hello Barbie was found to enable the theft of personal information. A hacker could also use its microphone to spy on families.

These futuristic toys are often what kids want. Parents might think they’re cool, but don’t consider their data security. After all, these are children’s toys. But that often means they can be easier to hack. Cybercriminals also zero in on these IoT toys, knowing they aren’t going to be as hard to breach.

You should be wary of any new internet-connected devices you bring into your home. That includes toys! Install all firmware updates. Additionally, do your homework to see if a data breach has involved the toy.

—
Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Approximately 73% of people around the world use some form of online banking at least once a month. People have never had such convenient account access. But that convenience can come at a cost.

In 2021, account takeover fraud increased by 90%. New account fraud jumped a whopping 109%. As the ease of online banking has increased, so has banking-related cybercrime.

If someone breaches your Facebook account, it can be a real pain. But, if a hacker breaches your bank account, it can be devastating. It can mean significant losses. Losses that you may not be able to recoup from your financial institution.

In this article, we’ll take a look at the mistakes people make that leave their accounts at risk. Then, we’ll go over some important tips on how to keep your bank account better protected.

Mistakes That Allow Criminals to Access Your Account

Not Enabling Two-factor Authentication

Two-factor authentication (2FA) is a simple process that packs a big punch. When you enable this setting in an online account, it requires an extra step to gain access. That step usually consists of receiving a one-time passcode (OTP) by SMS and entering that at login.

Many people make the mistake of leaving this disabled. They either don’t know it’s there or they think it’s too inconvenient. But leaving this setting off makes it much easier for a bad actor to breach your account.

Falling for a Phishing Scam

There are several types of phishing scams that target online banking. Cyber criminals send emails that look like they come from your bank. They’ll even promise incredibly low rates on credit cards.

Other scams can involve warning you of unauthorized account activity. But when you click the link to log in, you’re actually on a fake page. One designed to look just like your normal bank website.

These are just a few ways that scammers can get your online banking login details. Once they have them, they’ll act immediately to get whatever they can.

Using Easy-to-Guess Passwords

If your account password is easy to remember, it’s also often easy to guess. Using weak passwords is a common mistake that enables many cyber criminals.

Some best practices for passwords include:

• Make them at least 10 characters long
• Include at least one number
• Include at least one symbol
• Include at least one upper-case letter
• Don’t make them personal (e.g., don’t use your birthdate, etc.)

Downloading Unsafe Mobile Apps

Banking trojans are often hidden in malicious mobile apps. These apps can look like something as innocent as a task manager. But, once installed, banking trojans seek out any details they can find. They are looking for banking and wallet apps.

Logging Into Online Banking While on Public Wi-Fi

One surefire way to give away your online banking password is to log in while on public Wi-Fi. Hackers hang out on public hot spots and spy on the activity of others. You should never type in a password or other sensitive details when connected to public Wi-Fi.

Tips for Improving Online Banking Security

Turn On Two-Factor Authentication

Enable two-factor authentication in your online banking account. This is also known as multi-factor authentication or two-step verification. According to Microsoft, it can block 99.9% of fraudulent account login attempts.

Set Up Banking Alerts

Time is of the essence when an intruder breaches your account. The faster you can notify your bank of the breach, the better. You could reduce the impact on you by having your account locked down immediately.

Set up banking alerts through your online banking. These can include things like low-balance alerts and login alerts.

Install an Antivirus & DNS Filtering On Your PC & Mobile Device

It’s important to have reliable antivirus software on your PC and mobile device. Many people don’t think about protecting their phones in this way. Yet, they shop online and bank via mobile devices.

It’s also good to use a DNS filter. This is a filter that protects you from going to dangerous phishing sites by blocking them.

Take Phishing Training Classes

Do you know how to identify phishing? Are you up on all the newest scams? You can make yourself less vulnerable by taking some phishing awareness classes. There are many of these for free online. You can also contact us for more personalized training options.

Knowing how to spot phishing via text, email, and phone can help you avoid becoming a scam victim.

Get Help Protecting Your Family from Scams

There are some key digital solutions we can put in place to keep your family safer from online threats. Give us a call today to schedule a chat about online security.

—
Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Travel smarter and more securely by doing several checks before you go. Use our handy tech travel checklist. It can save you from suffering from lost devices, missing chargers, or a data breach.

1. Check Your Apps

Have you ever sat at an airport gate wondering why it looked so empty? You then found out that your gate had changed, and you had no idea. You go rushing to the other end of the concourse, hoping you’re not too late.

How did everyone else know about the gate change? They most likely had the app for the airline and received a notification.

Before you leave for a trip, make sure to download any apps you may need. It’s better to download them when you’re at home on your own Wi-Fi. If you wait until you’re at the airport, reception may be an issue.

Some of the apps you may want to grab or update before your trip are:

• Airline app
• Train app
• Hotel app
• Theme park app
• Camping ground app
• Weather app
• City tourism app

2. Check Your Cords & Adapters

People leave behind countless chargers and adapters every day. They litter airports, restaurants, and train stations around the world. Make sure to bring a backup charger for your laptop, tablet, or phone. Otherwise, you may find yourself paying a premium for a new charger in a gift shop. Your device could also go black if you lose its charger and can’t quickly get a new one.

3. Check Your Power

A great way to ensure you have the power you need is to buy a small charging battery. You can find these in most major retailers or online. They are small “blocks” that hold a charge and can power up a cell phone in a pinch.

Having this extra backup also helps you avoid potential juice-jacking ports. These are fake or compromised public USB charging ports. Hackers use them to steal your data when you plug in.

4. Check Your Mobile Plan

If you’re traveling out of the country, you’ll want to check your mobile plan. If you don’t have the ability to call internationally, then you may not be able to text or call home.

Carriers can add an international capability to your plan, but ask about pricing. It can get expensive if you’re on long calls or using mobile data. An alternative is to set up a VoIP app you can use with your office, friends, or family while you’re traveling. These enable both calls and SMS, but you do need an internet connection.

5. Check or Add a VPN

Free Wi-Fi may be a welcome site when you’re on the road, but it can also be dangerous. You don’t know who else is using that Wi-Fi. A hacker hanging out on the connection can easily steal your data if you’re not protected.

It’s better to use either your mobile carrier connection or a virtual private network (VPN) app. VPN plans are inexpensive and will keep your data encrypted, even if you’re on public Wi-Fi.

6. Check Your Backup

Unfortunately, mishaps occur when traveling. You may leave your phone behind on a boat, have your luggage lost, or get your device stolen while in a crowded area.

10% of all laptop thefts happen in airports.

Don’t lose all your data with the device! Back up your devices to the cloud or local storage before you travel. This ensures that you won’t lose the valuable information on your device. You also won’t need to think twice about enacting a remote “wipe my device” command if necessary.

7. Check Your Device Security

Make your devices as secure as possible before you hit the road. When we’re traveling, our minds are occupied by other things. So, you may not think to check your antivirus or avoid suspicious phishing links.

Protect your devices before you go using:

• Antivirus/anti-malware
• DNS filtering
• Screen lock with passcode
• Sharing features turned off
• VPN application
• Find-My-Device feature turned on

8. Check Your Double-Checks

What do we mean by checking your double-checks? Use the buddy system as a backup. When the family is getting off a plane, each should check with the other that they have all their devices.

If you’re traveling alone, have a friend or family member check up by text. Did you grab your charger? Is your VPN turned on?

Those little reminders can go a long way toward avoiding digital travel nightmares.

Improve the Security of Your Devices Now

Don’t leave your devices unprotected. This could mean a breach of your banking app or personal data. Contact us for device security solutions to reduce your risk.

—
Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Watching your front door from afar has never been so easy. With cloud-based video streams, homeowners can view any part of their home. But as with all technology, there can be downsides.

Sharing doorbell camera shots on neighborhood social media groups is now common. These home security systems also provide peace of mind at a reasonable cost.

But don’t let the ease of setup fool you. Home security cameras can open your family up to risks if you don’t take precautions. Often, people are so excited to see what they can do, they don’t stop to think about device security.

There are horror stories online about hacked video cameras. This includes strangers saying disturbing things through those cameras to children.

Additionally, in 2019, Ring suffered a data breach. That breach exposed the personal data of over 3,000 Ring users. This included usernames and passwords. Recently other security system providers have been banned from the US and some high profile breaches of poorly secured camera systems have occurred.

It’s enough to make you reconsider your decision to add extra security. But don’t let those incidents scare you off. You can properly secure a home video camera system to ensure it’s not breached.

Here are some of the things you should do for a safe home security setup.

Make Sure Your Router is Secure

You access an IP security camera via the internet. Any commands going to the system or footage coming from it go through your router. So, you need to make sure that your router is properly secured.

Hackers breach routers so they can get to the devices connected to that network. Ensure your router security protocol is no lower than WPA2. The next generation, WPA3, is even better. These protocols govern the protection of data transmitted through the wireless network. Ideally, change the default router administration login to a different name ( eg, instead of the default user “admin” change it to <<yourfamilyname>admin and create a strong password

Give the router a strong password that is at least 12 characters long. Software can crack a password of only 8 standard characters instantly. But a 12-character password with at least one upper case letter, number, and symbol takes 34,000 years.

As always when you create userids and passwords make sure they are documented somewhere safe so you can get access to the router when you need to.

Change the Default Username & Password

You also need a strong password for your security system’s admin account. You should also change the default device and username. Hackers have lists of all these device defaults and use them to break into these systems.

Changing the default username and password for the device should be one of the first things you do. Otherwise, it could be mere minutes after you connect to the internet that you’re hacked.

Ensure the System Uses SSL/TLS Or Other Encryption

You don’t want the footage from your cameras transmitted for anyone to grab and watch. Make sure the security system you choose uses SSL/TLS at least.

This ensures that the data cannot be intercepted and accessed. SSL is short for Secure Sockets Layer, and TLS is short for Transport Layer Security. Without a form of encryption, a hacker can easily breach your device.

Keep the Software Updated

If your security system has an automatic update feature, turn that on. Unfortunately, many users don’t think about updating their device software. This leaves it more vulnerable to a hack over time.

Updates often include important security fixes for found vulnerabilities. You want to make sure updates install promptly. That’s why automating this is best.

Consider Access Levels for Multiple Users

Do you have several family members accessing your cloud-based security device? If so, set up some access levels. Not everyone needs to be at an administrator level.

Hackers love it when they can breach the login of an admin user for an account. This gives them more privileges, like changing settings. Giving lower-level privileges, such as “view only,” to most family members improves security.

Enable Camera Security Features

There will be various security features that are available with your system. Manufacturers often do not enable all security settings by default. The user must turn all or some of them on.

If you’re unsure of what settings should be on or off, we’ll be happy to help. Some home security systems have generous sharing options. This can be an invitation for hackers. You want to restrict these as much as possible.

Make Sure Your Mobile Device is Secure

Most people access their security cam through their smartphone. Make sure that you secure yours and keep it updated with the latest operating system. Hackers can gain access to a security system through a device with weak safeguards.

Add things like:

• Mobile anti-malware
• DNS filtering
• Screen lock
• Automated updating

Looking for Help Protecting Your Cloud Security System?

Give us a call and schedule a visit. We’ll be happy to help you ensure your security system is set up with best practices.

—
Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

The information they hold is more personal than even that which is in your wallet. It’s because of all your digital footprints. It’s often not the device that is the biggest concern. It’s the data on the device and access the device has to cloud accounts and websites. The thought of that being in the hands of a criminal is quite scary.

There are approximately 40 lost or stolen lost smartphones every day in New Zealand. The owners only recover a small percentage of them. The office is where the majority of stolen devices go missing.

The Minutes After the Loss of Your Device Are Critical

The things you do in the minutes after missing a device are critical. This is the case whether it’s a personal or business device. The faster you act, the less chance there is for exposure to sensitive data.

What Types of Information Does Your Device Hold?

When a criminal gets their hands on a smartphone, tablet, or laptop, they have access to a treasure trove. This includes:

• Documents
• Photos & videos
• Access to any logged-in app accounts on the device
• Passwords stored in a browser
• Cloud storage access through a syncing account
• Emails
• Text messages
• Multi-factor authentication prompts that come via SMS
• And more

Steps to Take Immediately After Missing Your Device

As we mentioned, time is of the essence when it comes to a lost mobile device. The faster you act, the more risk you mitigate for a breach of personal or business information.

Here are steps you should take immediately after the device is missing.

Activate a “Lock My Device” Feature

Most mobile devices and laptops will include a “lock my device” feature. It allows for remote activation if you have enabled it. You will also need to enable “location services.” While good thieves may be able to crack a passcode, turning that on immediately can slow them down.

What about “find my device?”

There is usually also a “find my device” feature available in the same setting area. Only use this to try to locate your device if you feel it’s misplaced, but not stolen. You don’t want to end up face to face with criminals!

Report the Missing Device to your bank

Its wise to inform the bank that your device has been lost. Attackers may use the device to impersonate you and get access to your bank accounts. Get the bank to put a temporary lock on the account until you are sure everything is safe.

Report the Device Missing to Your Company If It’s Used for Work

If you use the device for business, notify your company immediately. Even if all you do is get work email on a personal smartphone, it still counts. Many companies use an endpoint device manager. In this case, access to the company network can be immediately revoked.

Reporting your device missing immediately can allow your company to act fast. This can often mitigate the risk of a data breach.

Log Out & Revoke Access to Cloud Software

Most mobile devices have persistent logins to tools such as Microsoft 365, Google Workspace and other web applications like Trademe, Salesforce etc.

Use another device to log into your account through a web application. Then go to the authorized device area of your account settings. Locate the device that’s missing, and log it out of the service. Then, revoke access, if this is an option.

This disconnects the device from your account so the thief can’t gain access.

Log Out & Revoke Access to Cloud Storage

It’s very important to include cloud storage applications when you revoke access. Is your missing device syncing with a cloud storage platform? Cloud storage includes Apple iCloud, Microsoft OneDrive, Dropbox and many others. If your missing device uses these services, the criminal can exploit that connection.

They could upload a malware file that infects the entire storage system and your other devices. They could also reset your device to resell it, and in the process delete files from cloud storage.

Activate the “Wipe My Device” Feature

Hopefully, you are backing up all your devices! This ensures you have a copy of all your files in the case of a lost device.

Does it look like the device is not simply misplaced, but rather stolen or lost for good? If so, then you should use a remote “wipe my device” feature if it has been set up. This will wipe all data from the device

Concerned about your Mobile Device Security?

Feel free to call us if you have concerns with your mobile device – we can help secure it, or check it out for scams.

—
Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses. They use AI-based tactics to make targeted phishing more efficient, for example.

If phishing didn’t continue working, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked. They open malicious file attachments, click on dangerous links, and reveal passwords.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Studies show that as soon as 6 months after training, phishing detection skills wane. Employees begin forgetting what they’ve learned, and cybersecurity suffers as a result.

Want to give employees a “hook” they can use for memory retention? Introduce the SLAM method of phishing identification.

What is the SLAM Method for Phishing Identification?

One of the mnemonic devices known to help people remember information is the use of an acronym. SLAM is an acronym for four key areas of an email message to check before trusting it.

These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to use, it’s quicker for them to check suspicious email. This device helps them avoid missing something important. All they need to do use the cues in the acronym.

Check the Sender

It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike. People often mistake a spoofed address for the real thing.

In this phishing email below, the email address domain is “@emcom.bankofamerica.com.” The scammer is impersonating Bank of America. This is one way that scammers try to trick you, by putting the real company’s URL inside their fake one.

You can see that the email is very convincing. It has likely fooled many people into divulging their personal details. People applying for a credit card provide a Social Security Number, income, and more.

Doing a quick search on the email address, quickly reveals it to be a scam. And a trap used in both email and SMS phishing attacks.

It only takes a few seconds to type an email address into Google. This allows you to see if any scam warnings come up indicating a phishing email.

Hover Over Links Without Clicking

Hyperlinks are popular to use in emails. They can often get past antivirus/anti-malware filters. Those filters are looking for file attachments that contain malware. But a link to a malicious site doesn’t contain any dangerous code. Instead, it links to a site that does.

Links can be in the form of hyperlinked words, images, and buttons in an email. When on a computer, it’s important to hover over links without clicking on them to reveal the true URL. This often can immediately call out a fake email scam.

When looking at email on a mobile device, it can be trickier to see the URL without clicking on it. There is no mouse like there is with a PC. In this case, it’s best not to click the URL at all. Instead go to the purported site to check the validity of the message.

Never Open Unexpected or Strange File Attachments

File attachments are still widely used in phishing emails. Messages may have them attached, promising a large sale order. The recipient might see a familiar word document and open it without thinking.

It’s getting harder to know what file formats to avoid opening. Cybercriminals have become savvier about infecting all types of documents with malware. There have even been PDFs with malware embedded.

Never open strange or unexpected file attachments. Use an antivirus/anti-malware application to scan all attachments before opening.

Read the Message Carefully

We’ve gotten great at scanning through text as technology has progressed. It helps us quickly process a lot of incoming information each day. But if you rush through a phishing email, you can miss some telltale signs that it’s a fake.

Look at the phishing example posted above in the “Links” section. There is a small error in grammar in the second sentence. Did you spot it?

It says, “We confirmation that your item has shipped,” instead of “We confirm that your item has shipped.” These types of errors can be hard to spot but are a big red flag that the email is not legitimate.

Get Help Combatting Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.

—
Featured Image Credit

This Article has been Republished with Permission from The Technology Press.