Avoiding the Cyber Crime Holiday

Price Waterhouse Coopers just released a report finding that cyber crime against businesses has soared in 2011.  While Cyber Monday might be over, the online shopping discounts will continue to get better and better as Christmas approaches.  In essence, the holiday ad bombardment won’t stop until the New Year bells have tolled.

The press gives a great deal of attention to consumer protection over the holidays.  I even wrote an article for ABC News on this just this week.  And for good reason.  This year 40% of consumers will have their information misused.

But given the just as staggering figures for online crimes against businesses, what are these companies supposed to do? Are there good practices that businesses should adhere to this holiday season? The short answer is yes.

For any business, consumers are your most important asset.  If your customers don’t trust you, you won’t be in business long. Just as a manufacturers takes steps to ensure that the products they make are safe for consumers, businesses that engage in online sales must give cyber security the same level of importance.  Hackers will check how easy it is to break into a site, so put up the online security locks and force them to go elsewhere.  Note that the bigger you are, the more of a target you become.  Hackers love to make headlines, so be on the ready if you are popular site.

And follow these security tips to get started on the right path to putting your consumer first:

Cyber security basics: Make sure your system is secure by encrypting usernames, passwords, and valuable personal information that belongs to your consumer.  Also, break up personal information, for example, store username separate from full names and addresses.

“Red Team” your site – bring in a team of white hat hackers (a service SSP Blue provides, for example) to do a security assessment – they can find security holes and help you fix them before the bad guys exploit them.

“Red Team” your site again – anytime you change anything on the site – add a feature, for example – make sure it goes through the Red Team process again before going live.  A new feature can sometimes break something else.

Teach secure coding – the best engineers still need training on how to write ‘secure code’.  If you outsource your engineering, demand the outsourced company do the same.

Insert ‘Teachable Moments’ throughout your site – teach your users how to be cautious online and how to navigate safely – so they make it part of their daily routine and trust you more in the process.

Staying alert, engaged, and secure this holiday season isn’t just for consumers.  Businesses need to be on guard as much as consumers do.

A few cyber security steps can make the difference between a prosperous holiday season and a lousy lonely one.

Cyber Monday: 6 Tips to Avoid Getting Hacked or Scammed

Cyber Monday — which for many stores begins Sunday — is almost upon us. That means that more than any other time of year, we’ll be bombarded with sales and deals and notices and ads. One study found 84 percent of retailers saying they would email consumers about holiday-shopping deals.

Your email inbox will be stuffed like a Thanksgiving turkey with all sorts of offers. Many will be legitimate. An ever-rising number will be scams targeting your identity and money.

Facebook may need you to click in the link in an email so they can verify your login information. UPS may send you an email saying you need to view the attachment to get details about a long-lost package. Your bank may send you an alert that your recent transaction was declined and they need your information immediately to correct the error. And a Nigerian Prince may notify you urgently that you’re about to receive $5,000,000…if you can just send him $500 to get the money out of a closed account.

If you think the only scam is the Nigerian Prince, you’re terribly mistaken. And this mistake can be costly.

According to Javelin Strategy & Research’s 2011 Identity Fraud Survey Report, 40 percent of all identity theft victims had their information stolen while making an online purchase.

Viruses and scams are becoming intertwined these days, and they are more cunning than ever. The latest trend in cyber infections is the active virus — a virus that cons you into taking some action.

Hackers and attackers are sending emails impersonating well-known and commonly used services like Facebook, UPS and your local bank in order to steal your information. They are very good at it. The emails look and sound legitimate even though they are designed to infect your computer or steal your personal and financial information.

How do hackers impersonate something like Facebook? Usually they fill an email with company graphics and links, which are easy enough to find via a Google image search. Often the hackers will go so far as to give you a warning reminding you to “be careful of scammers out there.” They even put privacy information on the bottom to make the email look official.

Among the “good,” legitimate-looking links in the email, there will be a note asking you to click a link to “verify” your login information. The link will take you to a site that’s dressed up to look like Facebook or a UPS page, for example, or it will open an attachment or drop a virus.

Once you’ve entered your identifying information — thinking you’re being smart and keeping up with privacy — the hackers steal your identity and money. Other emails might ask you to download a simple attachment that will actually launch a virus designed to give the hacker access to your computer and everything in it.

How can you avoid falling prey to these scams?

  • Check addresses carefully. Hackers send you messages from addresses that look legitimate and don’t raise alarms. But if the email address is “facebooksupport@aol.com,” you can be sure that it’s not from Facebook. So don’t click the link in it. If it’s an official email, it will come from an official, company address.
  • Check the address again! Sometimes hackers even use technical tricks to make the address the email came from end with a legitimate, well-known domain. An example might be “help-hr178367459@facebook.com.” Emails like these often contain infected attachments.
  • Research and use online security tools and services. Some of them are free — a good example is BillGuard, which scans your credit card bills for questionable charges. BillGuard says it has saved consumers more than $500 million in fraudulent charges consumers might otherwise not have noticed
  • Avoid attachments. Unless you personally know the sender of an attachment or email, do NOT download or open the attachment. If you are tempted, at least run the latest anti-virus, anti-phishing and anti-spyware software on your system.
  • Do your research. Most scams are talked about on the Internet somewhere. Google the type or wording of the scam and see what comes up. A site called www.snopes.com offers lots of information about new and old scams. Also, call the company from which the email is allegedly coming. If you’ve gotten an email from a bank and you call the bank but they have no record of your transactions, the email is a scam or a virus.
  • Go with your gut. If an email seems fishy (or “phishy”), it probably is. Use the common sense you use in the real world — it may seem obvious, but for whatever reason many people often suspend their common sense in the online world.

The holidays are all about giving — but not to scammers and hackers.

The Facebook Revolt

We talk a lot about the impact of social media on commerce and human connections.  The social media platform has the ability to transfer news and ideas faster than news and ideas can even be generated.  Since the start of what the media is calling the ‘Arab Spring’, social media has literally become something quite revolutionary.

Last spring, the conflicts in Bahrain and Egypt showcased the true power of the Internet, particularly of Facebook.  Before the proliferation of the Internet, protestors spread the word of an upcoming rally or demonstration through posters on city center walls and word of mouth.  Sitting governments would try to quell these movements by forbidding posters, declaring curfews, and outright banning demonstrations.

And then, along came the Internet and along came social media sites like Facebook.  Against all odds, Facebook has become one of the most powerful tools for the promotion of freedom.  It has made spreading the word to organize for a cause easier to do, faster to execute, and more far-reaching.  And yet, the best solution to stopping such an upheaval in today’s times is the same as it has been for hundreds of years – silence the protestor’s ability to speak and organize.  For a government, this means removing the newest weapon from the hands of the people, and that weapon is the Internet.

For many of the protests we’ve seen in the last year, the ultimate goal has been to overthrow the oppressive policies and actions of a government through massive civilian uprisings.  Historically, anti-government citizens achieved their goal by various means – organizing peaceful protests, seeking help from international organizations, taking up arms, and sometimes engaging in violent attacks against the government and military.  All of this remains true today, with the added power of the Internet.  For the protestor, the Internet is a powerful tool for increasing strength, gaining greater and broader support, and reaching out to family and friends.

It’s shocking to a great number of people that Facebook would become instrumental in the overthrow of long standing dictatorships or brutal regimes. People of Egypt used it. People of Tunisia used it. People of Bahrain used it.  When the war ‘ended’ and the NATO participation in Libya finally came, it was announced on Facebook.  It seems as if there is no end to the reach of the Internet, social media, and the concomitant power of Facebook.

The importance of the Internet in a revolution goes beyond the individual.  Foreign nation-states play significant roles during an uprising, and the Internet is one of many tools at their disposal. In many cases, providing Internet support and continued access to the Internet has become much like providing artillery support.

At end of the day, the Internet has become one of the most powerful tools for promoting freedom.  Amazingly, a platform that started as a means by which people share photos has evolved to help topple brutal dictators. There’s no telling where all of this could lead civilization.

The Amazing Race: Confucius Meets Twitter

The Amazing Race came back with yet another exciting season premier this weekend.  From the start we saw a lack of preparation by ‘the showgirls’ that almost landed them a trophy for the shortest lived contestants on The Amazing Race.  It all started when Kaylani didn’t secure her passport, dropping it at a gas station less than an hour after the race began.  Luckily, a passerby Tweeted that he had found a passport belonging to an Amazing Race contestant and got convinced by his followers to hand deliver it to LAX.  Strangely, this was a harbinger of the upcoming challenge in which contestants played a game of ‘telephone’ at the Taipei Confucius Temple where they had to listen to a recorded saying by Confucius and then repeat it precisely for their next clue.

Confucius said, “In all things success depends on previous preparation.  And without such previous preparation, there is sure to be failure.”

Even though Confucius spoke nearly 2,500 years ago, his words are as applicable in this digital century as they were when he first spoke them.

In this week’s episode, we saw firsthand what can happen if a team fails to prepare.  But for the kindness of strangers connected to Twitter, Kaylani and Lisa would have been sure to fail.  And therein lies the amazing facets we find in the season premier of The Amazing Race.  Every aspect of our life is interconnected through and into the digital world.  Every step we take online has some type of impact on our footprints in the real world.  With each step we must ask ourselves, “Are we preparing for future success when acting in the present moment?”

When you post a photo on Facebook, can it affect how a future employer might perceive you to be resulting in a lost job opportunity?  When you get a security update, do you hit Remind Me Later, leaving all your personal bank information at the mercy of a hacker?  When you sign into Facebook, Twitter, or Gmail, do you use the same password, setting yourself up for a major phishing attack?  When you register for a new site, do you skip the privacy set-up process, letting others you would never share with see all your personal thoughts.  When you store your private photos, do you put them in a folder clearly marked private, making them highly visible and desirable for others to open?

Every act we take online impacts our safety, security, and privacy.   Take a moment to consider how your actions today will impact your future success.  This was true when Confucius lived in a world without an Internet just as much as it is true today in a world than can’t survive without an Internet.

For more information about online safety, check back here every week or visit my website.

Don’t Remind Me Later

Imagine a bunch of scammers and hackers sitting around in a dark room together. They’ve just created brand new viruses that will invade your life by invading your computer to steal your banking information, take all your passwords, send threatening emails to all your friends, make all your personal photos public, and….. And, they’ve devised a simple and yet genius way to get it into your laptop or smartphone that’s always connected to the Internet using some of the hundreds of software pieces that run on your computer.

Amazingly, software providers have also just figured out a way to block these viruses. But the only way this will work is if you update your laptop or smartphone with the latest security updates they have just sent you. And out of sheer courtesy, they are asking you if you want to update now or “Remind Me Later.”

What are you going to do? What do you do nearly every time you see that nice “Remind Me Later” button looking so sweetly at you while you’re busy updating your Facebook or sending an IM or working on a work email? We all do it. We all tell our friends who are trying to protect us to come back another time. You’re OK leaving all the doors and windows wide open for the bad guys to break into your life. You’re OK with giving your life away to some stranger in a dark room on the other side of the world.

This scenario might sound dramatic, but, it’s really not. The “Remind Me Later” button is not your friend. In fact, it is probably the most dangerous ‘button’ you can push.

Let’s put this in perspective. If robbers had figured out how to turn off your home alarms or break into your house, would you fix it right away or put a note in your calendar to “Remind Me Later?” Similarly, we don’t ask someone to remind us to lock our car later if we know we have left it unlocked. The same is true for every security measure we take in our real lives.

And yet, we hit that “Remind Me Later” button as quickly as we can, like we’re playing whack a mole at an arcade.

Some people complain that security updates take too long, are too cumbersome, and bog down their computers. That was true…about 10 years ago. With today’s high speed systems, security updates can run quietly in the background. Kind of like the locksmith who can do his thing, while you’re busy doing yours in the house.

Hackers are literally creating and launching new viruses every day. That means that these invaluable updates are needed frequently. Every time a software provider figures out a way to block the bad guys, they send out an update. They have effectively put a new lock in an existing door, ensuring the safety of your personal life.

So, next time the dialogue box appears asking if you want to run a security update now, just remember the “Remind Me Later” button is not your friend.

When Hackers Attack, Earthquakes Follow

Hackers of the world have gone wild, infiltrating a variety of sites such as those of the CIA, PBS, and just the other day, NBC.  Supposedly “secure” servers of companies as notable as JP Morgan Chase and Sony have been hacked to get credit card or customer information.

In fact, hacking has had such a substantial effect on the business world that Rupert Murdoch was recently forced to close an English tabloid as a result of the paper’s hacking of celebrity phones. Stories of massive and embarrassing hackings are popping up everywhere letting us know that these hackers mean business.

And if you’re a business, being ready means more than having an IT emergency response plan.  In today’s hacker environment, a company’s response plan must be holistic in nature, agile in execution, and grounded in reality.  The right response must include technical, legal, educational, and public affairs components.  Each area has a significant role to play and one that if executed incorrectly can make the difference between disaster and recovery.  And we’re talking just security.  The problems compound when you throw in safety and privacy as well since the three are interconnected and not mutually exclusive.

Having been at the forefront of safety, security, and privacy (SSP) crises many times over in my previous roles in corporate America, and now as the founder of an online security consulting company, I can tell you that many company executives often think of the public relations (PR) aspect of responding to a hacker crisis as ‘fluff’ or coming from the ‘group that spins’.

In fact, PR is at the epicenter of this type of crisis and how it is handled can make the difference between minor aftershocks or more devastating quakes.

The right PR team will have to navigate with agility, acumen, and diplomacy while still grounded in relevant experience with safety, security, and privacy.  The challenges presented are far ranging and come in multiple forms.  Questions abound such as:

-who should be the spokesperson

-what is better, a reactive or proactive media strategy

-when should the affected consumers be informed

-where is the place to release information

-how should employees be informed about what is happening

-when should a safety, security, and privacy crisis plan be implemented

-who makes the final call on what goes out

Given the sudden onslaught of hackers, traditional PR firms are facing quite the challenge in helping clients respond.  The problem – many of these firms aren’t yet equipped or experienced to handle the unique challenges SSP PR brings even if they have handled other types of crisis in the past.

If your company is at risk of falling victim to a SSP PR nightmare, begin internal discussions ASAP to see if you are equipped to handle such an event holistically.

The more you read about the pain and suffering other companies have gone through, the more daunting the problem may appear.  But, it is one that can be overcome with the right kind of planning, team, and program in place.  Having worked closely with several clients to put in place SSP PR strategic plans, we have seen the positives that come from doing it right the first time.

If there is one thing to keep in mind it is this – hackers don’t follow traditional fault lines.  At any time, you can be the flashing red dot marking the epicenter of a major SSP earthquake.

So Many Kid Sites, So Little Time

Saying that there are a ton of sites for kids on the Internet is like saying there’s a lot of sand on the beach.  Sifting through all the sites out there to find the good and avoid the bad can be quite the daunting task especially with all the new sites popping up.  Should my kids play games online? Is there a safe place for them to explore the web? How secure are the sites that my kids are visiting?  There are so many questions and so many sites.

We decided to take stab are looking at some of the many sites out there to help you out.  Below are some of the sites we found that cater to kids between the ages of 4 and 13 or so and are worth taking a look at for a variety of reasons.

Togetherville.com: A social networking site for children that is monitored by parents.

  • Parents set up an account and “monitor” their children’s activities, including being in charge of who gets approved for a child’s neighborhood.
  • Lots of interactive games for kids of all skill levels, fun music.
  • Educational videos that are also entertaining.

ePals.com: Educational community bringing together learners from all over the planet.

  • Special areas for parents, families, students and teacher allow for dedicated and well-directed information.
  • Site has projects for classrooms and families, generating learning and a sense of global community.

ClubPenguin.com: Virtual world site that promotes global consciousness, charitable living and sharing.

  • Membership is limited and monitored, allowing for children to roam safely within the penguin world.
  • Interactions between members are promoted, especially in a socially conscious way that encourages children to share, learn to give, and be responsible.

Kids.NationalGeographic.com: Award winning site with vast resources that combine education and entertainment.

  • Specialized content ensures that kids get material that will work for them.
  • Videos, reading, pictures in an easy to navigate space.
  • Collection of fun activities to foster a child’s creativity and enhance their understanding of science.

Askkids.com: Search engine for children.

  • Provides a safe and entertaining way for children to surf the net.
  • All sites being searched by Ask Kids are acceptable for children of most ages.

PBSkids.org: Online version of PBS station for children.

  • Variety of interactive games and interesting videos for kids of various ages.
  • No external ads for kids to click on.

Nickjr.com: Online destination for fans of Nick Jr.

  • Colorful, bright and imaginative content from kids’ favorite characters.
  • Games and interactive areas for music, dance, parties and more.
  • Interactive “craft” area for kids allows them to create online works for art.

Girlscouts.org/forgirls: Branch of the Girl Scouts’ main site that provide age appropriate interactive material.

  • Girls only content increases self-esteem and community involvement
  • Interactive area that allows for girls to create their own works of art or color on pages already provided.

Kidscom.com:  Site for kids that offers safe chatting, safe networking, games, videos and more.

  • Parent monitored area for children to engage in chat rooms and social networking.
  • Exclusive interactive games with various themes and methods.

Thekidzpage.com: Free website with hundreds of resources for children

  • Online and printable coloring pages
  • Information about and activities for holidays and vacations

Disney.go.com: Games site from Disney

  • Kids get to play games based on their favorite Disney characters.
  • Trusted Disney name ensures safety and security for children browsing the site

Seussville.com: Site based on the venerated children’s books by Dr Seuss.

  • Creative and fun content.
  • Videos, books, story telling, game…all tested and kid safe.

Jumpstart.com: Online world with games and interactive action.

  • Children must login, thereby maintaining a safer environment
  • Parental controls and names given by the games make sure that personal information for kids isn’t getting out on the web.

Zoeysroom.com: Interactive website helping girls to learn about technology

  • Content developed especially for girls aged 10-14, helping them to learn math, science and technology.
  • Variety of videos and activities.

Of course, every child is different and not every site will work for every situation. Take the time to visit these sites with your kids using this list as an easy starting point.

For more information on safety, security, and privacy in the online world, check back here weekly or visit my blog.

Protecting Your Memories by Protecting Your Devices

Losing certain objects is like losing certain parts of our personal lives.   We can set stuff down and forget to pick it up, or get our entire bag stolen at a coffee shop or airport.  It seems like we had it one second and the next it’s gone.  Whether it happens through villainy or absentmindedness, one lost bag and we’re out a phone, a laptop, an iPad, a camera…and that’s just the beginning.

We store far more information in things like our phones and laptops than we think we do.  Whether we lose these mobile devices at a football game or have them stolen from a table at a coffee shop, we can also lose vast amounts of personal information stored inside them.

Here are some ideas on how to prevent loss and to get it back.

 

LAPTOPS AND TABLETS:

The amount of information stored on our laptops can be staggering.  Losing one can mean the loss of thousands of photos, documents, songs, and invaluable memories.

Some ways to prevent theft:

  • Grab a lock:  Laptop locks prevent theft by literally locking it down using and are available for most all laptops.  Tech companies are also coming out with locks for tablets such as this one for an iPad.
  • Don’t leave a computer or tablet anywhere, even to get up to use the restroom quickly at a local coffee shop or library.
  • Don’t leave your computer or tablet in a visible place in your car, backpack, or handbag.

What to do if it is stolen:

  • Applications like MobileMe and LocateMyLaptop.com can provide information about the exact location of your laptop if it is stolen.
  • Remote deletion: Intel Anti-Theft Technology is software that disables a laptop if stolen so information cannot be accessed.  Once recovered, the laptop can be enabled again.

CELL PHONES:

For most of us, our cell phones are like a lifeline.  Losing a phone isn’t just losing a device.  Often, it means that entire stores of contacts, texts, and photos will be lost with the phone.

Some ways to prevent theft:

  • Don’t loan your phone to strangers, or even friends. No one watches out for your devices like you do.
  • Have a phone case that you always use so you’re less likely to set it down absent-mindedly.
  • Password protect your phone so a thief won’t want it.

What to do if it is stolen:

  • Applications like iTag for Android (MobileMe for Mac) allow users to disable a phone if stolen so information cannot be accessed.
  • MobileMe also has a “Find My Phone” area and can be accessed from any computer.
  • If you installed an add-ons or apps that allows a stolen or misplaced phone to be found, check that.
  • Call the police (and area pawnshops) with the IMEI, SIM or MEID number (indentifying number for your phone, like a VIN number for your car) so the phone can be returned to you if found, sold, or nabbed in an arrest.
  • If your service providers offers this feature, log-in to their website and immediately limit calls and text allowed

CAMERAS:

Our digital cameras can store thousands of photos of life’s most precious memories.  Losing a camera is like losing an invaluable part of your special moments.

Some ways to prevent theft:

  • Consider keeping your camera tied around your wrist.
    • Do not ask a stranger to take a picture of you or your group especially in high tourist areas where thieves lurk.
    • Never leave your camera alone in a public place.

What to do if it is stolen:

  • StolenCameraFinder.com, GadgetTrak.com/camerasearch:  sites that help people reclaim a lost or stolen camera by scouring Internet photo sites for photos posted by stolen cameras using serial numbers imbedded in photos to locate the thief and camera.
  • While traveling, keep indentifying information like serial number in a location away from the camera and notify authorities with those numbers

SOME GENERAL TIPS:

  • Password-protect your devices by changing factory default passwords to something stronger and more secure.
  • Password-protect sensitive information and valuable applications.
  • Turn of “auto-fill” on your browsers so that people can’t immediately find information.
  • Have a secured password program that stores passwords for software and websites instead of keeping them in a word or text file.
  • Put name and email address (even carefully etching it) on the bottom of your device.
  • Backup to the cloud: online storage sites like Mozy.com allow for information to be backed up in a virtual space and downloaded back to a new device if yours is stolen or lost.
  • Backup to hard drive: back-up regularly all information, photos, music, docs, etc. on a computer by using programs like Time Machine that back-up to a separate hard drive.
  • Take a picture of yourself holding a sign with your email address so someone can let you know if they find a lost camera
  • Download pictures onto an external device often so a stolen camera doesn’t mean a stolen memory.

So the next time you put your bag down, just remember your life could be walking away from you unless you’ve secured it.

When a Child Goes Missing, an iPhone App Can Help

According to a survey released by the National Center for Missing and Exploited Children not enough parents in the United States know vital statistics about their children: height, hair color, eye color, weight, etc.  Young children change in physical appearance so rapidly that it can be a challenge to keep up with this information.  And in a time of crisis, it can be even harder for a panicked parent to accurately recall and disseminate this vital information to law enforcement.

For law enforcement, the first few hours in the case of any missing child are the most crucial in successfully finding a child alive.  Having an accurate description of your child and a recent picture can make the difference between a search and rescue effort to a search and recover effort.  For years, parents have been getting ID cards for children that have everything from vital stats to DNA.  Usually, the child carries one and the parents keep one.

This is a great idea, and the Federal Bureau Investigation (FBI) has just taken it one step further by making an admirable leap in to the digital age with its release of an iPhone app called Child ID.

This is the first-ever mobile app released by the FBI.  Not only can parents input and store information about their child’s appearance using this app, but they can also send information directly from the app to law enforcement during a crisis.

Kudos to the FBI.  It would be great if the FBI added two additional features to this app – password protection and fingerprint storing capability.  A lost or stolen iPhone could put lots of personal info about your child in the wrong hands.  A simple password protection would take care of that.  Second, a fingerprint storage area in the application could be of great use to authorities.  While iPhones do not, as yet, have the technology to accept or process fingerprints, it would be easy enough for a parent to scan a fingerprint and store it as an image that can then be loaded to the app.  Tech-savvy parents can probably figure that out now, but adding a simple walk through into the app would take care of all the parents out there who will use Child ID.

The FBI has done a tremendous service to parents and children by releasing this app.  It is now up to us to use it.

Nightmare Renters from Airbnb

Until recently, the name Airbnb was not something tossed around in the average news cycle or dinner party.  However, since a story recently broke about malicious use of rented property and Airbnb’s apparent woeful management of the crisis, the name is everywhere…and not in a good way.

Airbnb describes itself as a company engaged in “unlocking unique spaces worldwide.”  Through its web portal, the company allows people the world over to exchange housing, essentially turning private residences into mini-hotels, renting out their homes and finding residences to for short-term rental.  The service has proved useful for thousands of successful exchanges but truly atrocious stories are emerging about how this can go wrong.

Here’s the short version of what happened.  A host (EJ) rented her home to people who contacted her via Airbnb. When she returned, there seemed to be no end to the damage she encountered.  There were holes in doors and walls, items from shoes to an iPod were stolen, and her whole home was covered in powdered bleach.  They even, allegedly, stole her identity.  Soon after, another victim came forward and told his story of horror.  While these stories are truly awful, they should serve as a strong reminder for companies and users. (Note that the CEO of Airbnb provided this response to these stories.)

Online, we can get lulled in to a false sense of security.  We start to think that, because someone signed into a site or setup an account, they must be honest and reputable.  This is why it’s critical to always exercise extreme caution when engaging in person with someone you have only met online.  In the real world, we would never hand over the keys to our house without some serious ID and references and assurances.  The same should be true online.

Here are just a few other ways to help you keep yourself and your home safe and secure if you’re using rental sites like Airbnb:

  • Secure people:  Look for ways that security initiatives have been engaged on the site. Does the site offer background checks for renters, in the same way that SitterCity offers them for caregivers? Does the site separate out those who have been vetted from those who have not?
  • Assurances:  Look for ways the site plans to handle ‘security breaches.’    Does the site have a process for compensation in the event of damage?  Does the site offer or suggest short-term insurance options to cover loss?
  • Organization history:  Tech start- ups can have a brilliant idea, but don’t always build-in crisis response mechanisms to help a customer.    Does the site you’re considering have clearly delineated departments for helping users? Is there a helpdesk that responds to your inquiry? Does the site provide an emergency contact number that is available 24/7?
  • Check networks:  It is ideal if you know the person you are renting to and great if you have mutual contacts who can be references.   Since this may not always be possible, does the site provide other mechanisms to allow community vetting?

Like so many other online services, rental sites can offer us convenience and help.  As consumers, we must ask the right questions so that sites also proactively embrace safety and security.