IT’S HOW MANY DAYS UNTIL CHRISTMAS? HAVE YOU DONE YOUR ONLINE GIFT SHOPPING YET?

By Ben Halpert, Founder Savvy Cyber Kids, an EarthLink partner

savvylogo

The holiday season is just around the corner. Many of us already rely on online shopping for our everyday needs, likely from known retailers we return to on a regular basis. While you may feel comfortable making online purchases, be careful – the season of giving brings with it an increasingly vigorous volume of online sales activities. Unique gifts, specialty items and terrific deals are appearing in your inbox. Sought after items or something you had your eye on are advertised across social media channels.  No doubt, you have heard many times before the tips to staying safe while shopping online. But a lot of good sense gets lost in this busy time of year. After all, there is so much to be done before you can settle in with a hot toddy, a warm fire and to unwrapping a few gifts for yourself. Don’t get lost in the flurry of seasonal cheer and forget to stay safe online. Shopping from the convenience of your couch, commuter train or local coffee shop, using phones, tablets and other mobile devices, might be the easy choice, just not necessarily the safe choice. Unlike gift certificates, your data doesn’t expire and you could unknowingly be shopping for friends and relatives near and dear to someone – just not you.

SHOP FROM KNOWN RETAILERS: By shopping on familiar sites, you are less likely to get any surprises. Beware of misspellings or domain names using “.net” instead of “.com” as that is one of the common ways scammers trick consumers.

BE SURE THE SITE IS SECURE: A secure website starts with https:// instead of http://. Secure sites will also have a small lock icon in the lower-right corner of the screen.

PAY WISELY: Use a credit card instead of a debit card. If your credit card data is used falsely, it’s easier to resolve issues with a credit card company than with your bank. Making purchases by providing your credit card number through email is never, ever wise.

BE WARY: Avoid shopping websites that offer prices that seem too good to be true. A common tactic by cyber criminals is using extremely low prices on popular items, such as electronics, to lure in potential victims. Buy from an unfamiliar website with a great deal and run the risk never seeing the merchandise (or the website) again. Worse yet, it could be a “phishing” scheme, where shoppers who click through are led to a false site developed to steal their data. If the deal is too good to pass up, enter the website name by hand into your browser.

GIVE THE LEAST AMOUNT OF INFORMATION POSSIBLE: Keep your personal information private. Don’t provide to anyone your social security number or your birthday. This information, combined with your credit card number, can result in identity theft.

REVIEW YOUR STATEMENTS: You should already be regularly checking statements for credit and debit cards as well as checking accounts regularly. In January and February, it’s especially important. Even small charges you don’t remember making can be a sign of fraud. Notify your bank or credit card issuer immediately to report unknown charges.

SHOP FROM HOME: There’s no place like home…for a secure network. Public Wi-Fi can be easily hacked, exposing your passwords, billing information and other sensitive data. When on a public Wi-Fi, limit yourself to window-shopping and price comparing, rather than buying. Do your holiday shopping from the safety of your home – not on your phone in a restaurant or store. If you want to shop on the go, make sure you use a VPN.

LOCK IT UP:  On the go? Make sure your computers and devices are locked with a password. Otherwise, your personal information may find its way to prying eyes.

HIDE IT: Sometimes we just need the joy of walking into a store and if that’s the case, make sure all your valuables are out of sight – especially your phones, tablets and computers.  Put them in the trunk so your tech works only for you.

ACCESS IDENTITY THEFT PROTECTION SERVICE: Inconvenience is your friend when it means taking the time to verify purchases against fraud activity. Take advantage of the alert features on your credit cards. These alerts can warn you of abnormal account activity, which are helpful any time during the year but are especially useful during the busy holiday shopping season.

UPDATE, UPDATE, UPDATE: Make sure that your computer and your devices have the most current security software patches installed. Once a security patch is available, cyber criminals have all the information they need to attack devices that have not been updated. Read more about this here.

Bottom line, resist attacks and secure pretty much everything. Make sure your antivirus software is up-to-date and that you shop with reputable retailers. Monitor your credit card statements. By being vigilant, you can help to ensure that your online shopping brings you cheer in the New Year.

 

__________________________________________________________________

Savvy Cyber Kids educates and empowers digital citizens, from parents and grandparents, to teachers and students. Sign up for their free resources to help you navigate today’s digital world with cyber ethics.

TOP TEN CYBER TIPS

By Ben Halpert, Founder Savvy Cyber Kids, an EarthLink partner

savvylogo

In the Digital Age we are spending an increasing proportion of our day in cyberspace and less time IRL (in real life). From shopping, dating and sharing, to learning, buying and teaching, our interactions with the virtual world are having a greater and greater influence on how we and others see ourselves, how we think and how we see the world and our place in it. Regrettably, there is not a virtual justice system ensuring that those who use the Internet for good are rewarded and that those who do otherwise face appropriate consequences.

As parents, we need to help our children grow up understanding that, as Thomas Friedman of the New York Times put it, “the internet is an open sewer of untreated, unfiltered information, where they need to bring skepticism and critical thinking to everything they read and basic civic decency to everything they write.” Friedman cited a Stanford Graduate School of Education study published in November 2016 that found “a dismaying inability by students to reason about information they see on the internet.

So, what’s a parent to do?

Savvy Cyber Kids, a nonprofit organization whose mission is to enable youth, families and school communities to be powered by technology, recognizes that children may be ‘Digital Natives’ but they are also ‘Digital Naives,’ who, without intervention, completely lack an understanding of the implications of their digital actions. Founded in 2007 by Internet security expert, noted speaker and author Ben Halpert, Savvy Cyber Kids provides cyber ethics resources for parents and teachers to educate children as they grow up in a world surrounded by technology.

Here are Ben’s Top Ten Parent Tips for Cyber Safety:

#1 BE INVOLVED

Do you know your child’s favorite game, app, or social media community (and it changes often!)? If not, ask them! Children love talking about what they do with technology. Now that you know their favorite app, game or social media community, ask your child who they interact with in those digital spaces. Just as you ask about who your child plays with at school, you should ask who your children’s friends are online.

#2 HAVE THE “TECH TALK”

Much like the “sex talk,” the first time you introduce the “tech talk” is an important parenting hallmark. Since giving your child access to an Internet-enabled device is like taking the front door off your house and inviting in strangers, children need to understand that the virtual world can be a dangerous place and that they need to take steps to keep themselves safe. Help your child learn to distinguish between the physical world and the virtual world. Explain to your children that the physical world includes their home, friends they play with in their neighborhood, at school and on sports teams they play on. Teach your children to see strangers as strangers. As your children get older, the “tech talk” continues to evolve and delves into greater detail the inherent dangers of cyberspace. Start the talk — and don’t stop talking.

#3 BE A SAFE RESOURCE FOR YOUR CHILD

Let your children know they can approach you if something upsets them online, if they realize that they made a mistake, and that you are always available for them to help them understand what they are experiencing. Ask your child if they had ever seen anything online or in a game that made them feel uncomfortable or strange. Or if anyone has said anything strange to them in an app or a game. Ask them if anything online has made them feel funny, hurt their feelings or confused them. If they make a mistake, resist the urge to have a merely punitive approach. Help them to make better choices and sustain their willingness to communicate with you.

#4 ENCOURAGE YOUR CHILDREN TO STOP. THINK. CONNECT. TM

Encourage your children to use critical thinking skills and pause when they are about update social media or take any action on one—then think about what they are about to do, before potentially posting or forwarding something mean or suggestive. As a rule of thumb, have them answer a question like: What would my mother think about this? Help your children to understand why authorship, sources and sponsorship can influence the truthfulness of what they see on the Internet. Challenge them to not believe everything they see and to search for proof before accepting information.

#5 TEACH THAT STRANGERS ARE FOREVER.

To your children, anyone that reaches out to them via an app, game, or social media community seems like a good person just wanting to chat. Yet anyone that your child meets online is a stranger, FOREVER. You can’t definitively know who this person is, if they are misrepresenting themselves or if they are safe to engage with. Ask your children if they have ever received a message from someone in a game or an app that they don’t know in the physical world. Talk to your children about the concept of privacy and how they should not share personal information like names, addresses or phone numbers, if their parents are home, family schedules, or what school they attend. Make sure your children understand that they should NEVER meet someone they met online, through an app, game or social media community in the physical world. NOT EVER.

#6 UPDATE EVERYTHING.

It is important for you and your children to update all devices and software on a regular basis and when notified by the manufacturer or creator. Anytime an update (often called a patch) is available, a fix was made to a known problem with that device or software. Perhaps there is a way for someone to remove all the information off a computer or device. Maybe there’s a way for someone to remotely turn on the video camera on your device and take inappropriate videos. In addition to keeping up with the latest patches, install (and keep updated) an antivirus product. Antivirus products can protect you from certain attacks. And yes, even Mac computers should have antivirus software too.

#7 UNDERSTAND TECHNOLOGY.

Read the privacy policy for each device, app, game, or social media community that your grandchild is using to learn exactly what information about your grandchildren is been collected by the company providing the service and what they can do with that information. Next, look for the available parental controls for each. Some apps, games, and social platforms offer options that can limit who your grandchildren can talk to you, as well as who can contact your grandchild. If there is an option to create private profiles, direct them to do so and talk to your children about not allowing people they do not know in the physical world to connect with them.

#8 SET SECURITY FREEZES FOR THE ENTIRE FAMILY.

The reality is that credit monitoring services are not enough. Someone can still open an account in your name and ruin your credit history. Encourage all of your family members to contact each of the three credit reporting agency’s (TransUnion, Equifax and Experian) and place a security freeze on your credit files. With the security freeze on your credit file, no one can open a new account (take out a mortgage, a car loan or other financial commitment on your behalf) unless they have your secret pin.

#9 ENABLE 2-STEP VERIFICATION.

Every account you and your grandchildren use is secured by user ID, such as a nickname or email address, and the password. This is done to prove that you are the person that is supposed to be accessing the account you were attempting to log into. Due to the increasing number security breaches, encourage your family members to take an additional step, beyond a complex password. Enable 2-step verification, a security measure that typically involves a text message being sent to your phone, a one-time code sent to your email, a call to your phone and/or the use of a verification app (sometimes called an authenticator app).

#10 CREATE A PARTNERSHIP WITH YOUR SCHOOLS

Encourage your children’s schools to support your digital parenting by merging cyber ethics lessons across all learning disciplines and offering age-appropriate cyber ethics programming for students, parents and educators.

__________________________________________________________________

Savvy Cyber Kids educates and empowers digital citizens, from parents and grandparents, to teachers and students. Sign up for their free resources to help you navigate today’s digital world with cyber ethics.

Security Alert: Wi-Fi Connections at Risk

As your Internet Service provider, EarthLink is committed to keeping you informed of important cyber security events being observed globally. Below our partner Symantec shares information regarding a recent vulnerability that impacts Wi-Fi networks and how you can protect yourself.

Security researchers1 have discovered a major vulnerability in Wi-Fi Protected Access 2 (WPA2). WPA2 is a type of encryption used to secure the vast majority of Wi-Fi networks. A WPA2 network provides unique encryption keys for each wireless client that connects to it.

The vulnerability, dubbed “KRACKs” (Key Reinstallation AttaCKs), is actually a group of multiple vulnerabilities that when successfully exploited, could allow attackers to intercept and steal data transmitted across a Wi-Fi network. Digital personal information that is transmitted over the Internet or stored on connected devices — such as driver’s license number, Social Security number, credit card numbers, and more — could be vulnerable. All of this personal information can be used toward committing identity theft, such as accessing bank or investment accounts without the users knowledge.

In some instances, attackers could also have the ability to manipulate web pages, turning them into fake websites to collect information or to install malware on user’s devices.

 What should you do?

Wi-Fi users should immediately update Wi-Fi-enabled devices as soon as a software update is made available. Wi-Fi enabled devices include anything that connects to the Internet — from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.

 Should you change your Wi-Fi password?

No. This vulnerability does not affect the password to your router’s Wi-Fi network. Regardless of if your Wi-Fi network is password protected, this new vulnerability still puts your data at risk because it affects the devices and the Wi-Fi itself, not your home router, which is what the password protects.

Are hackers already exploiting this vulnerability?

Not yet. But as with many newly discovered vulnerabilities, it is only a matter of time before hackers find ways to exploit this weakness to their advantage.

 What else can you do to help protect you connected devices while waiting for a software update?

Keep in mind that it may take some time for the manufacturer of your devices to come up with a security patch. In the meantime, there are extra steps you can take to help secure your devices.

We strongly recommend that you install and use a reputable VPN such as Norton WiFi Privacy on all your mobile devices and computers before connecting to any Wi-Fi network. By using a secure virtual private network (VPN) on your smartphones and computers, your web traffic will be encrypted and your data will be safe from interception by a hacker.  A VPN creates a “secure tunnel” where information sent over a Wi-Fi connection is encrypted, making data sent to and from your device more secure.

Norton WiFi Privacy uses the same encryption technologies that leading banks deploy, so you can rest assured that your information stays secure and private. You can also browse anonymously and protect your privacy with Norton WiFi Privacy. You can mask your online activities and location with this no-log VPN that encrypts your personal information but never stores your online activity or location.

Additionally, only using HTTPS-enabled websites means your web traffic will also be encrypted by SSL and may be safer from this vulnerability. HTTPS browsing adds an extra layer of security by using encryption via the website you are visiting.

To Learn More go to: http://www.earthlink.net/software/staysafe.html?tab=wifiprivacy or call 1.866.610.0862

_______________________________________________________________

Symantec is an EarthLink partner. @2017 Symantec Corporation. All rights reserved.

 

1 https://www.krackattacks.com

Identity Theft Prevention & Identity Theft Response

By Ben Halpert, Founder Savvy Cyber Kids, an EarthLink partner

savvylogo

Technology and convenience go hand-in-hand, right? It’s true. We can now conduct our personal and professional business activities online in ways that hardly could have been imagined even just a few years ago. But, like with everything else, there is a price to pay for added convenience. And in this case, there are very real threats to security when putting your private information online…a necessary step to accessing technology conveniences.

Unfortunately, identity theft — where personal information such as your full name or social security number is stolen to commit fraud — is more common than we like to admit. Your identity allows a criminal to fraudulently apply for credit, file taxes, get your tax refund or get medical services, resulting in your credit status being negatively affected. You will spend both a painfully significant amount of time and money trying to restore your good name, with your ability to manage your finances severely hampered in the meantime.

When you imagine these crimes committed against you or your loved one, you realize the seriousness, beyond inconvenience and closer to life-changing consequences, of identity theft. If you – and who could blame you – have adopted technology conveniences, it’s time to also pay attention to what you should be doing to prevent identity theft.

  • Order your credit report once a year and review to be certain that it doesn’t include accounts that you have not opened. Check it more frequently if you suspect someone has gained access to your account information.
  • Keep your social security number (SSN) secure. Don’t carry your social security card in your wallet or write your number on your checks. Only give out your SSN when necessary. In reality, there are few situations when you must share this information. Just because you are being asked to provide your social security number does not mean that you NEED to provide it!
  • Don’t respond to unsolicited requests for personal information (your name, birthdate, social security number, or bank account number) by phone, mail, or online. Again, just because someone is asking does not mean you need to answer. In fact, if someone is asking for these kinds of personal information, that is a red flag. Use a critical eye and stop to ask yourself what is really going on.
  • Keep your private information just that, PRIVATE! Shred receipts, credit offers, account statements, and expired cards. Store personal information in a safe place at home and at work. Make sure others cannot see you typing your passwords on computers and at ATMs.
  • Keep your personal mail safe. Collect mail promptly. Ask the post office to put your mail on hold when you are away from home for several days. Consider getting a locking mailbox.
  • Take the time to pay attention to financial transaction details. Be aware of your billing cycles. If bills or financial statements are late, contact the sender. Review your receipts and compare receipts with account statements, looking out for unauthorized transactions. You can also consider switching to electronic statements.
  • Get tech savvy by installing security protection software on your home computer.
  • Create complex passwords that identity thieves cannot guess easily. Enable 2-factor verification on your password-protected online accounts. Change your passwords with regularity, and when a company that you do business with has a breach of its databases
  • Prevent medical identity theft by guarding your social security, Medicare, and health insurance identification numbers. Only give your number to your physician or other approved health care providers – and only when they absolutely require it! Review your explanation of benefits to make sure that the claims match the services you received. Request and carefully review a copy of your medical records for inaccuracies and conditions that you don’t have.

The worst part is that you may not know that you are the victim of ID theft until you experience a catastrophic financial consequence, like unexplained significant bills, aggressive collections or denied loans when you are depending on additional credit. Suddenly, technology will be not so convenient anymore! Identity theft is a faceless crime. You will have no idea who is doing this to you and they will, no doubt, give you little thought as they rampage your life. Yet the consequences of this crime are scars that will mark its victim for years to come.

This is no more true than in the case of Child Identity Theft, where a child’s identity is stolen and might go undetected for many years, resulting in incredible damage by adulthood. This is why I recommend setting security freezes for the entire family. The reality is that credit monitoring services are not enough. Someone can still open an account in your name and ruin your credit history. Encourage all of your family members to contact each of the three credit reporting agency’s (TransUnion, Equifax and Experian) and place a security freeze on your credit files. With the security freeze on your credit file, no one can open a new account (take out a mortgage, a car loan or other financial commitment on your behalf) unless they have your secret pin.

If you are a victim of identity (ID) theft, report it immediately to the FTC, online or by phone at 1-877-438-4338. Visit https://www.identitytheft.gov/Steps to report it and get a personalized recovery plan. This is a terrific user-friendly site that will walk you through the steps of recovering your identity. Once you file the ID theft with the FTC, you will have an ID theft affidavit. Print and take the ID theft affidavit with you to file the crime with the local police. The ID affidavit and your police report are your identity theft report. Your identity theft report will be very important as you resolve the problem with creditors, banks, and any other companies where fraudulent accounts were set up in your name.

You may also report specific types of identity theft to other agencies:

  • Tax Identity Theft – Your social security number is used to falsely file tax return, typically to get a tax refund or a job. Be aware, the IRS DOES NOT initiate contact with a taxpayer by sending an email, text, or social message requesting personal or financial information. Should you get an email that claims to be from the IRS, do not reply or click on any links. Your fear of this crime can be used against you via email scams that falsely alert you to a crime and seek your personal information that will later be used to steal from you. Instead, you should report it to the IRS and your state’s Department of Taxation or Revenue. File a report with the Federal Trade Commission (FTC). You can also call the FTC Identity Theft Hotline at 1-877-438-4338 or TTY 1-866-653-4261. Respond immediately to any IRS notice; call the number provided. If instructed, go to the Identity Verification Service. Complete IRS Form 14039, Identity Theft Affidavit; print, then mail or fax according to instructions. Continue to pay your taxes and file your tax return, even if you must do so by paper.
  • Medical Identity Theft – Your Medicare ID or health insurance member number is used to get medical services, or to issue fraudulent billing to your health insurance provider. If you believe you have been a victim of medical identity theft, call the Federal Trade Commission at 1-877-438-4338 (TTY: 1-866-653-4261) and your health insurance company’s fraud department. You can create a complaint form with the details of your experience at IdentityTheft.gov to share with them and with law enforcement. If you suspect that you have been the victim of Medicare fraud, contact the U.S. Department of Health and Human Services’ Inspector General at 1-800-447-8477.

In addition to federal government agencies, you should also report the theft to other organizations, such as:

  • Credit Reporting Agencies – Contact the three major credit reporting agencies to place fraud alerts (or freezes on your accounts if you have not done this important preventative step so that no one can apply for credit with your name or social security number). Get copies of your credit reports, to be sure that no one has already tried to get unauthorized credit accounts with your personal information.
  • Financial Institutions – Contact the fraud department at your bank, credit card issuers and any other places where you have accounts. You may need your ID theft reports from the police and Federal Trade Commission in order to report the fraud.
  • Retailers and Other Companies – You will also need to report the fraud to companies where the identity thief created accounts, opened credit accounts, or even applied for jobs in order to clear your name.
  • State Consumer Protection Offices or Attorney General – Your state may offer resources to help you contact creditors, dispute errors and other helpful resources.

If you need more help — and I hope you take the steps to ensure this never happens to you — the Federal Trade Commission offers a publication, Taking Charge – What to do if Your Identity is Stolen that shares detailed tips, checklists, along with sample letters.

___________________________________________________________________

Savvy Cyber Kids educates and empowers digital citizens, from parents and grandparents, to teachers and students. Sign up for their free resources to help you navigate today’s digital world with cyber ethics.