Why you should change your Verizon PIN right now – The Washington Post

Although Verizon said that the PINs alone can’t help access online accounts, Hemu Nigam, a cybersecurity analyst at SSP Blue, said he would still advise customers to change their PINs because they could give people access to other accounts they use. “The unfortunate part is if you use that PIN, you’re probably using a similar PIN for other situations, so once I have that I can test that PIN on other things,” he said. “Verizon’s relationship with the customer is not at risk, but the customer is now at risk

Source: Why you should change your Verizon PIN right now – The Washington Post

Britain reopens privacy debate after attack, presses tech firms | Reuters

Bottom Line — Should companies like Facebook be allowed to create end to end encryption communication apps?  Does this become a tool for terrorist to avoid detection as they plan their next attack?

Source: Britain reopens privacy debate after attack, presses tech firms | Reuters

Cyber Monday: 6 Tips to Avoid Getting Hacked or Scammed

Cyber Monday — which for many stores begins Sunday — is almost upon us. That means that more than any other time of year, we’ll be bombarded with sales and deals and notices and ads. One study found 84 percent of retailers saying they would email consumers about holiday-shopping deals.

Your email inbox will be stuffed like a Thanksgiving turkey with all sorts of offers. Many will be legitimate. An ever-rising number will be scams targeting your identity and money.

Facebook may need you to click in the link in an email so they can verify your login information. UPS may send you an email saying you need to view the attachment to get details about a long-lost package. Your bank may send you an alert that your recent transaction was declined and they need your information immediately to correct the error. And a Nigerian Prince may notify you urgently that you’re about to receive $5,000,000…if you can just send him $500 to get the money out of a closed account.

If you think the only scam is the Nigerian Prince, you’re terribly mistaken. And this mistake can be costly.

According to Javelin Strategy & Research’s 2011 Identity Fraud Survey Report, 40 percent of all identity theft victims had their information stolen while making an online purchase.

Viruses and scams are becoming intertwined these days, and they are more cunning than ever. The latest trend in cyber infections is the active virus — a virus that cons you into taking some action.

Hackers and attackers are sending emails impersonating well-known and commonly used services like Facebook, UPS and your local bank in order to steal your information. They are very good at it. The emails look and sound legitimate even though they are designed to infect your computer or steal your personal and financial information.

How do hackers impersonate something like Facebook? Usually they fill an email with company graphics and links, which are easy enough to find via a Google image search. Often the hackers will go so far as to give you a warning reminding you to “be careful of scammers out there.” They even put privacy information on the bottom to make the email look official.

Among the “good,” legitimate-looking links in the email, there will be a note asking you to click a link to “verify” your login information. The link will take you to a site that’s dressed up to look like Facebook or a UPS page, for example, or it will open an attachment or drop a virus.

Once you’ve entered your identifying information — thinking you’re being smart and keeping up with privacy — the hackers steal your identity and money. Other emails might ask you to download a simple attachment that will actually launch a virus designed to give the hacker access to your computer and everything in it.

How can you avoid falling prey to these scams?

  • Check addresses carefully. Hackers send you messages from addresses that look legitimate and don’t raise alarms. But if the email address is “facebooksupport@aol.com,” you can be sure that it’s not from Facebook. So don’t click the link in it. If it’s an official email, it will come from an official, company address.
  • Check the address again! Sometimes hackers even use technical tricks to make the address the email came from end with a legitimate, well-known domain. An example might be “help-hr178367459@facebook.com.” Emails like these often contain infected attachments.
  • Research and use online security tools and services. Some of them are free — a good example is BillGuard, which scans your credit card bills for questionable charges. BillGuard says it has saved consumers more than $500 million in fraudulent charges consumers might otherwise not have noticed
  • Avoid attachments. Unless you personally know the sender of an attachment or email, do NOT download or open the attachment. If you are tempted, at least run the latest anti-virus, anti-phishing and anti-spyware software on your system.
  • Do your research. Most scams are talked about on the Internet somewhere. Google the type or wording of the scam and see what comes up. A site called www.snopes.com offers lots of information about new and old scams. Also, call the company from which the email is allegedly coming. If you’ve gotten an email from a bank and you call the bank but they have no record of your transactions, the email is a scam or a virus.
  • Go with your gut. If an email seems fishy (or “phishy”), it probably is. Use the common sense you use in the real world — it may seem obvious, but for whatever reason many people often suspend their common sense in the online world.

The holidays are all about giving — but not to scammers and hackers.

When a Child Goes Missing, an iPhone App Can Help

According to a survey released by the National Center for Missing and Exploited Children not enough parents in the United States know vital statistics about their children: height, hair color, eye color, weight, etc.  Young children change in physical appearance so rapidly that it can be a challenge to keep up with this information.  And in a time of crisis, it can be even harder for a panicked parent to accurately recall and disseminate this vital information to law enforcement.

For law enforcement, the first few hours in the case of any missing child are the most crucial in successfully finding a child alive.  Having an accurate description of your child and a recent picture can make the difference between a search and rescue effort to a search and recover effort.  For years, parents have been getting ID cards for children that have everything from vital stats to DNA.  Usually, the child carries one and the parents keep one.

This is a great idea, and the Federal Bureau Investigation (FBI) has just taken it one step further by making an admirable leap in to the digital age with its release of an iPhone app called Child ID.

This is the first-ever mobile app released by the FBI.  Not only can parents input and store information about their child’s appearance using this app, but they can also send information directly from the app to law enforcement during a crisis.

Kudos to the FBI.  It would be great if the FBI added two additional features to this app – password protection and fingerprint storing capability.  A lost or stolen iPhone could put lots of personal info about your child in the wrong hands.  A simple password protection would take care of that.  Second, a fingerprint storage area in the application could be of great use to authorities.  While iPhones do not, as yet, have the technology to accept or process fingerprints, it would be easy enough for a parent to scan a fingerprint and store it as an image that can then be loaded to the app.  Tech-savvy parents can probably figure that out now, but adding a simple walk through into the app would take care of all the parents out there who will use Child ID.

The FBI has done a tremendous service to parents and children by releasing this app.  It is now up to us to use it.

Alert: Camp Counselor Enters Digital Age

Here's a hypothetical story. Johnny, a shy local boy of about 12, attended a sleep-away camp. His counselor helped Johnny make friends with the other kids, who seemed intimidating to Johnny. Johnny was proud to gain confidence, and his parents were grateful to the counselor for helping Johnny grow.

This would be a great story if it weren't for the fact that after Johnny got back from camp, he started to disengage from his family. He spoke less at the table and was constantly on his laptop or smartphone. After several weeks, the shy, sad kid returned, and no one could get through to him. He even ignored his favorite teachers and the baseball coach he used to admire.

Finally, his parents hacked into his laptop and smartphone and found months of illicit email and chat conversations between Johnny and the counselor. They also found inappropriate pictures and plans for a secret rendezvous. The parents were horrified and immediately got the police and a psychologist involved.

Actually, this is more than a hypothetical. This is based on something that happened to the child of a friend of mine. I helped my friend navigate the complicated aspects of dealing with the police and prosecutors, and the emotional strain on the entire family.

We are left to ask: How on earth could something like this happen? Unfortunately, the answer is simple: access. We adults may remember carefree summers spent at camp with gaggles of new friends and maybe a fun counselor or two. When we left camp, we left camp. Camp counselors had very limited access to campers after camp ended. If a counselor wanted to communicate with a camper, he would have to call his or her home phone or write a letter, both of which would have to go through a parent, reducing the chances of ill-intentioned activity.

But all that has changed in today's ever-connected device-dependent world with social media, IMs, texts, chat and cell and smartphones. (See “Summer's Coming – Be More Than Just a Parent.”)

A counselor can now connect to your child even when your child is in the safe haven of your house. The counselor might suggest they keep in touch so the camper can let him or her know about their school year or the rest of their summer. So, the camper accepts a friend request from the counselor on Facebook or a similar site. They begin to exchange messages, and the counselor starts “grooming” the camper. (See “Trust and the Despicable Art of Grooming.”)

Grooming is a seemingly innocuous process by which an online predator — in this case, the counselor — finds an “in” with the child, slowly coaxing her away from family and friends, claiming to be the only one who really understands her. The counselor might suggest that he has something important to tell the camper and needs to do it by phone or text. Not knowing the danger she is walking into, the camper agrees and gives out her cell. Now the counselor has anytime-anywhere access to the child. It's not a big step to a meeting in person, where irreparable harm can take place.

Is there a way you could know if this was happening to your child? First, it is important to understand the method by which the counselor can get access to your child and how the grooming process begins. After camp, with your child having more private time and chances for private conversations, watch her actions carefully after camp. See if her behavior changes, especially if she reduces her time with friends and family. If you are concerned that something is happening, it might be time to use monitoring tools like Mobile Watchdog, a service that allows you to read someone's smartphone chat sessions.

To minimize the chance of getting into this position in the first place, before camp or any other away-from-home experience begins, talk to your children about making wise decisions with online and real-ife friends. If they are already in the habit of talking to you about everyone in their lives, extend that conversation into their online lives. Children don't always know they are being groomed, so we need to warn them.

We also need to discriminate when selecting camps. Many camps are now carefully vetting each counselor they hire, perhaps even running background checks against state sex offender registries. Be aware that these checks are limited to the state where the counselor lives, and would-be predators could have perfect records. Ask the camp about their process for selecting counselors. Finally, do your own research about the camp. Use Google and your own network of friends and family to find information. Check out what other parenting sites are saying about the camps you are considering.

Thousands of children have a great time at camp every summer. The keys to ensuring a carefree summer for both you and your child are communication, preparation and vigilance. With these keys in place, camp can be a great and safe experience.

For more info on Hemu’s role as a Web Avenger for ABC News 20/20 new special We Find Them, check out this site, and check out the show’s promo.

Lucky in Love Meets Cautious Online

As if looking for love weren't intimidating enough, online dating can have shattering consequences. Take Carole Markin, a TV producer in Hollywood who recently sued a dating website claiming she was brutally attacked at her home by a man she met online who, she later discovered, was a convicted sex offender. Thankfully, Markin's experience is not the norm, but it contains lessons for online daters.

Meeting someone in cyberspace is significantly different from meeting someone in person. In the real world, your dating “site” is made up of friends, co-workers, family and acquaintances. While this network of “real” people doesn't ensure that you'll never have a bad date, having that personal and human connection is vitally important.

Seeing the whites of their eyes might be a cliche, but it's a cliche because it remains relevant. It gives you a sense of the person. Because we don't have the benefit of that personal contact online, there are some extra safety measures that need to be taken.

In the real world, you might meet potential dates at parties or bars, and often go out on group or double dates. You are in the unfortunate position online of not having enough information to determine whether you should trust the information you have. Can you trust that the picture really is of that person, that the person is even real to begin with and that all the person's information and communications are legitimate?

A safe encounter can often depend on a safe dating website. Not all sites are created equal. Here are some questions to ask to help find a site that is right for you:

Does the site screen-vet candidates?

How does the site lower the chances of abuse?

How does the site handle abuse if it happens?

Do the terms of service allow explicit content?

Does the site review webcams, chats and videos?

Does the site provide users with tips on how to safely and successfully navigate the site to avoid predators and scammers?

Does the site provide an emergency phone number?

Does the site run all users through a registered sex offender database such as SSP Blue's RSO SAFE?

It's comforting to think that everyone on dating sites is just as earnest as you are: looking for love and hoping to find a soul mate. Sadly, even the online dating world has scammers.

One of the more common scams involves a lovely woman with a gorgeous photo looking for a new love in America. Her story is a poignant one: no family to speak of, a big heart, a desire to see men she meets online. Eventually, this woman asks for money, perhaps to help with a ticket or because she has been detained trying to leave her home country.

The man wires her money, and then she disappears. This is disheartening, heartbreaking and all too frequent. This is one of many scams. Learn more here.

If you wind up making an online connection and want to meet in person, meet in a public place, preferably well-lit, familiar to you and in an area with which you are comfortable. While these suggestions apply strongly to women, men would do well to take note as well. Predators and scammers are not all men.

Engaging in safe dating online, in some ways, is no different from dating safely in person. But because you can't see the whites of his or her eyes online, your own eyes and ears need to exercise extra precaution.

For more info on Hemu’s role as a Web Avenger for ABC News 20/20 new special We Find Them, check out this site.

The Emergence of Blue…

SSP Blue is a personal endeavor.  Safety, security, and privacy online are issues that I care about.  As a father, I find comfort in knowing my family is safe online.  As a businessman, I find comfort in knowing transactions, plans, and communications are secure.  And, as an Internet user, I find comfort in knowing that my personal information is protected and my privacy is intact.  As a society, these are necessary comforts we all care about.

I started SSP Blue to provide strategic business counsel to companies who recognize the value of these necessary comforts and to raise awareness amongst all of us about how to navigate safely and securely online.

So, where does “SSP Blue” come from?

Often safety, security, and privacy are treated as mutually exclusive, when in fact they are mutually inclusive.  “SSP” – Safety, Security, Privacy – must work together hand in hand for us to be able to navigate successfully online.  Thus, putting “SSP” into the name expresses our core mission.   And “Blue” signifies the holistic strategies and tactics that must be implemented in order to reach the proper balance of SSP.  Companies and citizens alike need blue-prints for action.

Much like the name, the logo with intersecting petals of similar blue tones integrated into a soothing image has its own story as well.  Online safety, security, and privacy are often tough issues to grasp and deal with.  When visiting the site or working with us, we want you to feel a sense of calmness and comfort while recognizing the intersection amongst SSP.  SSP Blue can help provide the comfort that comes from knowing that we’re providing solutions that protect us online.  As much as SSP can branch out into different directions, at the core they are really shades of each other originating from the same place – a necessary comfort for all of us.

Why would so much thought go in to one name and one logo? Mostly because that is how much thought goes into everything we do at SSP Blue.

SSP Blue, your blueprint for safety, security, and privacy.